Unsolved
This post is more than 5 years old
114 Posts
4
14805
Isilon API with curl
I could not find any examples of how to connect to and use the platform API and I thought this may be usefull. I'm using curl from the command line. I'd love to see other ways to use the API and how the json outputs can be parsed.
Create a file to be used for the the initial authentication (auth.json) with the following text:
{
"username": "root",
"password": "password",
"services": ["platform","namespace"]
}
POST the content of auth.json file to create a session and save authorization cookie in file cookiefile:
curl -k --header "Content-Type: application/json" \
-c cookiefile -X POST -d @auth.json https://10.250.25.239:8080/session/1/session
Use the cookiefile to list the session and to confirm that you're authenticated
curl -k -b @cookiefile https://10.250.25.239:8080/session/1/session?isisessid
output :
{"services":["platform","namespace"],"timeout_absolute":14400,"timeout_inactive":900,"username":"root"}
Use the cookiefile for all methods from now on (curl -k -b @cookiefile .. )
For example GET to list a resource or a collection (in this case all NFS exports)
curl -k -b @cookiefile https://10.250.25.239:8080/platform/1/protocols/nfs/exports/
output truncated :
{"exports":[{"all_dirs":true,"block_size":8192,"can_set_time":true,"clients": ... }
Creating a resource (NFS export) : create a file (create_export_test4.json ) to use with POST
{
"clients": ["hostname.un.org"],
"description": "testing API Creation",
"paths": ["/ifs/test4","/ifs/test5"]
}
POST it to the appropriate resource path:
curl -k --header "Content-Type: application/json" -b cookiefile \
-X POST -d @create_export_test4.json -X POST https://10.250.25.239:8080/platform/1/protocols/nfs/exports
on success returns the ID of the created export:
{"id":3}
GET the export resource that was just created (ID 3) :
curl -k -b @cookiefile https://10.250.25.239:8080/platform/1/protocols/nfs/exports/3
output truncated :
{"exports":[{"all_dirs":false,"block_size":8192,"can_set_time":true,"clients" ..... :,"write_unstable_reply":"UNSTABLE"}]}
DELETE resource (export with ID 3 that we just created)
curl -k -b @cookiefile -X DELETE https://10.250.25.239:8080/platform/1/protocols/nfs/exports/3
soetingr
40 Posts
0
February 8th, 2013 04:00
I played around with python to work with the API.
Reason of choosing python was that ultimate goal is a binary.
Biggest problem I had was getting the authentication with cookies working.
Options I have working view, create and delete.
What I need to get working is (like you) output parsing.
As soon as I have something working and cleaned up the code, I will post some examples.
Robert
AndrewChung
132 Posts
0
February 8th, 2013 09:00
Here is some Python code that I use to create, maintain and close out a session. This will run on the cluster since I am not using any Python libraries that are not shipped with OneFS. Just call PAPI_Connect before any PAPI call and call PAPI_Disconnect at the end.
import urllib
import urllib2
import time
import json
import string
LastAuthTimestamp = 0
LastActionTimestamp = 0
IdleTimeout = 0
ABSTimeout = 0
SessionCookie = ''
TEMPLATES = {
'PAPI_SESSION_AUTH': '{{"username":"{user}","password":"{password}","services":["platform"]}}',
}
DEFAULT_SERVER = "https://127.0.0.1:8080"
DEFAULT_USER = 'root'
DEFAULT_PASSWORD = 'a'
MIME_JSON = "application/json"
HDR_CONTENT_TYPE = "Content-Type"
HDR_COOKIE = "Cookie"
IDLE_TIMEOUT_FACTOR = 0.9
TIMEOUT_FACTOR = 0.75
def PAPI_TSUpdate():
global LastActionTimestamp
LastActionTimestamp = time.time()
def PAPI_Connect(svr_url=DEFAULT_SERVER,
papi_user=DEFAULT_USER,
papi_user_password=DEFAULT_PASSWORD):
global LastAuthTimestamp
global LastActionTimestamp
global IdleTimeout
global ABSTimeout
global SessionCookie
now = time.time()
if (now > (LastActionTimestamp + IdleTimeout) or now > (LastActionTimestamp + ABSTimeout)):
try:
post_data = TEMPLATES['PAPI_SESSION_AUTH'].format(user=papi_user, password=papi_user_password)
request = urllib2.Request(svr_url+PAPI_Cmd('session', 'create'), data=post_data)
request.add_header(HDR_CONTENT_TYPE, MIME_JSON)
response = urllib2.urlopen(request)
# Save authentication values
# Pull out the absolute timeout and the inactivity timeout values
json_resp = json.loads(response.read())
# Setup all our timeout values
IdleTimeout = json_resp['timeout_inactive']*IDLE_TIMEOUT_FACTOR
ABSTimeout = json_resp['timeout_absolute']*TIMEOUT_FACTOR
LastAuthTimestamp = time.time()
PAPI_TSUpdate()
# Get and save the session cookie
cookie_crumbs = string.split(response.info()['set-cookie'], ';')
SessionCookie = cookie_crumbs[0].strip()
except urllib2.URLError as url_err:
print("Exception trying to create session: %s"%url_err)
print("===Code===\n%s"%url_err.code)
print("===Headers===\n%s"%url_err.info())
print("===Data===\n%s"%url_err.read())
raise
else:
#print("Using session cookie for authentication")
pass
def PAPI_Disconnect(svr_url=DEFAULT_SERVER):
global SessionCookie
try:
request = urllib2.Request(svr_url+PAPI_Cmd('session', 'delete', options={'sessionid': SessionCookie}))
request.add_header(HDR_CONTENT_TYPE, MIME_JSON)
request.add_header(HDR_COOKIE, SessionCookie)
request.get_method = lambda: 'DELETE'
response = urllib2.urlopen(request)
# Reset authentication values
LastAuthTimestamp = 0
LastActionTimestamp = 0
IdleTimeout = 0
ABSTimeout = 0
SessionCookie = ''
except urllib2.URLError as url_err:
print("Exception trying to delete session: %s"%url_err)
print("===Code===\n%s"%url_err.code)
print("===Headers===\n%s"%url_err.info())
print("===Data===\n%s"%url_err.read())
sskinnider
1 Message
0
October 30th, 2014 08:00
Here is some PHP using cURL
Authorization - This creates a session cookie
$site = '10.250.25.223:8080';
}
$varusername = $_POST["username"];
$varpassword = $_POST["password"];
$curlurl = "https://" . $site . "/session/1/session";
$ch = curl_init();
curl_setopt($ch, CURLOPT_FAIL sprintf("{ \"username\": \"$varusername\",\"password\": \"$varpassword\",\"services\":[\"platform\",\"namespace\"] }");
curl_setopt($ch, CURLOPT_POSTFIELDS, $user_string);
curl_setopt($ch, CURLOPT_POST, 1);
$resulta = curl_exec($ch);
if (curl_errno($ch)) {
print curl_error($ch) . "
";
} else {
curl_close($ch);
}
?>
List Exports
$tmpfname = '/tmp/cookie.txt';
$site = '10.250.40.223:8080';
$curlurl = "https://" . $site . "/platform/1/protocols/nfs/exports";
$ch = curl_init();
curl_setopt($ch,CURLOPT_FAIL"font-size: 10pt; line-">
$resulta = curl_exec($ch);
if (curl_errno($ch)) {
print curl_error($ch) . "
";
} else {
$jobj = json_decode($resulta,true);
echo "
foreach($jobj['exports'] as $export) {
if ($export['description'] == ''){
$description = " ";
} else {
$description = $export['description'];
}
echo "
echo "
// echo "
echo "
echo "
}
echo "
curl_close($ch);
}
?>
Add NFS Export
$site = '10.250.25.223:8080';
$curlbody = '{"clients":["10.246.10.222","10.246.10.78"],
"root_clients":["10.246.10.222","10.246.10.78"],
"description":"zzz PHP Test with cURL",
"paths":["/ifs/test/ssbg"]
}';
$curlurl = "https://" . $site . "/platform/1/protocols/nfs/exports";
echo $curlurl;
$ch = curl_init();
curl_setopt($ch, CURLOPT_FAIL curl_exec($ch);
if (curl_errno($ch)) {
print curl_error($ch) . "
";
} else {
curl_close($ch);
}
?>
Listing the ifs tree and adding new tree nodes is much the same as listing and adding NFS exports but much easier.
Scott
samwyse
25 Posts
0
February 22nd, 2018 15:00
I spent most of a week figuring out why PAPI_Connect kept giving me 404 errors, when Basic Authentication worked just fine. As it turns out, I was using a Windows userid of the form DOMAIN\username, and the back-slash needed to be escaped in the JSON value. The moral of the story is to *only* generate JSON using a real JSON encoder, not a templating engine. Instead of this:
post_data = TEMPLATES['PAPI_SESSION_AUTH'].format(user=papi_user, password=papi_user_password)
use this:
post_data = json.dumps({"username":papi_user,"password":papi_user_password,"services":["platform"]})
AkshayK.umar2
7 Posts
0
February 23rd, 2018 02:00
Try putting your "papi_user" as username@domain. Ex : usera@testdomain.local
samwyse
25 Posts
0
February 23rd, 2018 07:00
I've verified that both domain\user and user@domain work. Thanks!
Does anyone know if it's possible to use NTLM authentication or something similar? My users will be using AD credentials to log into their desktop Windows systems, and it would be handy if they didn't need to enter their passwords. Many of them don't even have passwords, as the environment enforces the use of smart card certificates. Users with a need for passwords need approval from their managers, which needs to be renewed every so often, which is annoying for everyone. (I've worked with NTLM before and am familiar with the challenges.)