Trying to redirect to the WebUI and provide a default username and password as part of the url, shortening the url because I have limited real estate to display it

(Peter Michael Gits) #1

I am trying to encode the stackstorm web ui link (shorten it [without using the st2-api-key] with the stackstorm id sending it to a proxy where it will populate the default observer username and password and automatically go directly to the history of the stackstormId, however, that is proving to be harder than I thought. How can I accomplish this. Here is what I am using as a proxy that passes the stackstormId in, but I am unable to get the login to accept this, what am I missing? I have a default user and password for the observer…

doing this in php + curl


$username = "devOps-obs***r";
$password = "*******";

        $stackstormId = escapeshellcmd($_GET['stackstormId']);
        $secretpage = "https://******$stackstormId";
        $secretpage = "https://******";
                $ch = curl_init();
                curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
                curl_setopt($ch, CURLOPT_URL, $secretpage);
                curl_setopt($ch, CURLOPT_STDERR, $verbose);
                curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
                curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
                curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
                curl_setopt($ch, CURLOPT_MAXREDIRS, 4);
                curl_setopt($ch, CURLOPT_USERPWD, "$username:$password");
                curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                curl_setopt($ch, CURLOPT_HTTPHEADER, array(
                                        'Accept-Encoding: gzip, deflate',
                                        'Accept: */*',
                                        'User-Agent: python-requests/2.11.1',
                                        'Connection: keep-alive',
                                        'content-type: application/json'
                $curl_result = curl_exec($ch);
                // $output contains the output string
                $output = curl_exec($ch);
                echo $output;
                // close curl resource to free up system resources

Any help would be greatly appreciated.

(Lindsay Hill) #2

The authentication mechanism doesn’t work that way - it’s not just a basic auth. You need to authenticate against the /auth service, get a token, then use that.

See the curl calls here: Authentication — StackStorm 2.9.1 documentation

Those return a token, which is then used for further connections.