Use confd api with python

Hello,

I try to use wazo_provd_client and wazo-confd-client but I find myself annoyed because I only have a self-signed certificate and the client has no option to skip the ssl verification.

Do you plan to add an option to bypass the ssl verification?

What are the other alternative?

Hello, there is option to do that. Set verify_certificate to false.

Indeed, I had missed that, thank you.

Now Iā€™m blocking on confd authentication, an idea?

>>> from wazo_auth_client import Client
>>> c = Client('localhost', username='wazo-auth-cli', password='2gZ6e4Zy7k9yFiaI3rly', verify_certificate=False)
>>> token_data = c.token.new('wazo_user', expiration=3600, session_type='mobile')
True
>>> print(token_data['token'])
4edb8108-3950-4b6e-a8e5-4066dbbd753a
>>> from wazo_confd_client import Client
>>> c = Client('localhost', port=9486, https=True, token=token_data['token'],verify_certificate=False)
>>> users = c.users.list(search='be')
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/python2.7/dist-packages/wazo_confd_client/crud.py", line 71, in list
response = self.session.get(url, headers=headers, params=kwargs)
  File "/usr/lib/python2.7/dist-packages/wazo_confd_client/session.py", line 58, in get
self.check_response(response, check_response)
  File "/usr/lib/python2.7/dist-packages/wazo_confd_client/session.py", line 36, in check_response
response.raise_for_status()
  File "/usr/lib/python2.7/dist-packages/requests/models.py", line 940, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 401 Client Error: 4edb8108-3950-4b6e-a8e5-4066dbbd753a for url: https://localhost:9486/1.1/users?search=be&recurse=False

The username/password that you have used are for the wazo-auth-cli tool. This user does not have the necessary permission to list confd users.

You can use a user with the administrator rights or create a new one with more limited permissions.

to create a user myuser with password foobar
wazo-auth-cli user create --password foobar myuser

The add the admin policy to that user
wazo-auth-cli user add --policy wazo_default_admin_policy myuser

That should get you started with the authentication.

For your search you will want to add the tenant_uuid=<tenant_uuid> or recurse=True otherwise you will list only users from the master tenant which contains only system related resources.

1 Like

I managed to make it work thank you !

# create user: run just once
wazo-auth-cli user create --password superpass test
wazo-auth-cli user add --policy wazo_default_admin_policy test

python

# create tocken
from wazo_auth_client import Client
c = Client('localhost', username='test', password='superpass', verify_certificate=False)
token_data = c.token.new('wazo_user', expiration=3600, session_type='mobile')
print(token_data['token'])

# list all user
from wazo_confd_client import Client
c = Client('localhost', port=9486, https=True, token=token_data['token'],verify_certificate=False)
users = c.users.list(recurse=True)
print(users)