Skip to main content
Hello,I want to use http collection to query the Redhat Ansible Automation Platform API.To authenticate, I first need to retrieve the cookies from this request:

[root@107501lctm collection-config]# curl -c - https://console.aap-organismes.hp.cnp.ramage/api/login/ -v

*   Trying 55.245.223.47...

* TCP_NODELAY set

* Connected to console.aap-organismes.hp.cnp.ramage (55.245.223.47) port 443 (#0)

* ALPN, offering h2

* ALPN, offering http/1.1

* successfully set certificate verify locations:

*   CAfile: /etc/pki/tls/certs/ca-bundle.crt

  CApath: none

* TLSv1.3 (OUT), TLS handshake, Client hello (1):

* TLSv1.3 (IN), TLS handshake, Server hello (2):

* TLSv1.3 (IN), TLS handshake, ano content] (0):

* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):

* TLSv1.3 (IN), TLS handshake, ano content] (0):

* TLSv1.3 (IN), TLS handshake, Certificate (11):

* TLSv1.3 (IN), TLS handshake, ano content] (0):

* TLSv1.3 (IN), TLS handshake, CERT verify (15):

* TLSv1.3 (IN), TLS handshake, ano content] (0):

* TLSv1.3 (IN), TLS handshake, Finished (20):

* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):

* TLSv1.3 (OUT), TLS handshake, ano content] (0):

* TLSv1.3 (OUT), TLS handshake, Finished (20):

* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256

* ALPN, server did not agree to a protocol

* Server certificate:

*  subject: C=FR; O=CNAM; OU=180035024; CN=console.aap-organismes.hp.cnp.ramage

*  start date: Apr  9 15:00:14 2024 GMT

*  expire date: Apr  9 15:00:14 2027 GMT

*  subjectAltName: host "console.aap-organismes.hp.cnp.ramage" matched cert's "console.aap-organismes.hp.cnp.ramage"

*  issuer: C=FR; O=CNAM; OU=180035024; CN=AC CNAM SERVICES G2

*  SSL certificate verify ok.

* TLSv1.3 (OUT), TLS app data, Lno content] (0):

> GET /api/login/ HTTP/1.1

> Host: console.aap-organismes.hp.cnp.ramage

> User-Agent: curl/7.61.1

> Accept: */*

>

* TLSv1.3 (IN), TLS app data, Lno content] (0):

< HTTP/1.1 200 OK

< Server: nginx

< Date: Mon, 14 Apr 2025 08:21:25 GMT

< Content-Type: text/html; charset=utf-8

< Content-Length: 5759

< Connection: keep-alive

< Expires: Mon, 14 Apr 2025 08:21:25 GMT

< Cache-Control: max-age=0, no-cache, no-store, must-revalidate, private

< Vary: Cookie, Accept-Language, Origin, Accept-Encoding

< Content-Language: en

< X-API-Total-Time: 0.808s

< X-API-Request-Id: b83b493ff6294584bfb8a20bb77921c3

< Access-Control-Expose-Headers: X-API-Request-Id

* Added cookie csrftoken="tEi4FO0UZlNvSHSXSxCpVDE3bZLcwamm" for domain console.aap-organismes.hp.cnp.ramage, path /, expire 0

< Set-Cookie: csrftoken=tEi4FO0UZlNvSHSXSxCpVDE3bZLcwamm; Path=/; SameSite=Lax; Secure

< Strict-Transport-Security: max-age=63072000

< X-Frame-Options: DENY

< X-Content-Type-Options: nosniff

< Cache-Control: no-cache, no-store, must-revalidate

< Expires: 0

< Pragma: no-cache

<

 

 

<!DOCTYPE html>

<html>

  <head>

    

      

        <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>

        <meta name="robots" content="NONE,NOARCHIVE" />

      

      <title> · AWX REST API</title>

      

<link href="/static/media/favicon.ico?v=4.5.2" rel="shortcut icon" />

        

  <link rel="stylesheet" type="text/css" href="/static/rest_framework/css/bootstrap.min.css" />

  <link rel="stylesheet" type="text/css" href="/static/api/api.css?v=4.5.2" />


        <link rel="stylesheet" type="text/css" href="/static/rest_framework/css/prettify.css"/>

        <link rel="stylesheet" type="text/css" href="/static/rest_framework/css/default.css"/>

        

      


    

  </head>

 

  <body class="">

    <div class="wrapper">

      

  <div class="navbar navbar-fixed-top">

    <div class="container">

      <div class="navbar-header">

        <button type="button btn btn-primary" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#navbar-collapse" aria-expanded="false">

          <span class="sr-only">Toggle navigation</span>

          <span class="icon-bar"></span>

          <span class="icon-bar"></span>

          <span class="icon-bar"></span>

        </button>

        <a class="navbar-brand" href="/api/">

          <img class="logo" src="/static/media/logo-header.svg">

          <span>REST API</span>

        </a>

        <a class="navbar-title" href="/api/login/">

          <span>&nbsp;&mdash; </span>

        </a>

      </div>

      <div class="collapse navbar-collapse" id="navbar-collapse">

        <ul class="nav navbar-nav navbar-right">

          

          <li><a href="/api/login/?next=/api/login/" data-toggle="tooltip" data-placement="bottom" data-delay="1000" title="Log in"><span class="glyphicon glyphicon-log-in"></span>Log in</a></li>

          

          <li><a href="//docs.ansible.com/ansible-tower/4.5.2/html/towerapi/index.html" target="_blank" data-toggle="tooltip" data-placement="bottom" data-delay="1000" title="API Guide"><span class="glyphicon glyphicon-question-sign"></span><span class="visible-xs-inline">API Guide</span></a></li>

          <li><a href="/" data-toggle="tooltip" data-placement="bottom" data-delay="1000" title="Back to application"><span class="glyphicon glyphicon-circle-arrow-left"></span><span class="visible-xs-inline">Back to application</span></a></li>

          <li class="hidden-xs"><a href="#" class="resize" data-toggle="tooltip" data-placement="bottom" data-delay="1000" title="Resize"><span class="glyphicon glyphicon-resize-full"></span></a></li>

        </ul>

      </div>

    </div>

  </div>


      <div class="container">

        


        <!-- Content -->

        <div id="content" role="main" aria-label="content">

          

<div class="well" style="width: 320px; margin-left: auto; margin-right: auto">

  <div class="row-fluid">

    <form action="/api/login/" role="form" method="post">

      <input type="hidden" name="csrfmiddlewaretoken" value="JMmUTYClen8K4U69109C9rs2Rz1j7DDA2guOoCs53yL5MrOWJnBRUUWVSoCltDPM">

      <input type="hidden" name="next" value="/api/" />

      <div class="clearfix control-group "

          id="div_id_username">

        <div class="form-group">

          <label for="id_username">Username:</label>

          <input type="text" name="username" maxlength="100"

              autocapitalize="off"

              autocorrect="off" class="form-control textinput textInput"

              id="id_username"  autocomplete="off" required autofocus

              >

            

        </div>

      </div>

      <div class="clearfix control-group "

          id="div_id_password">

        <div class="form-group">

          <label for="id_password">Password:</label>

          <input type="password" name="password" maxlength="100" autocapitalize="off"

              autocorrect="off" class="form-control textinput textInput" id="id_password"

              autocomplete="off" required>

            

        </div>

      </div>

      

      <div class="form-actions-no-box">

        <button type="submit" class="btn btn-primary js-tooltip" title="Log in">LOG IN</button>

      </div>

    </form>

  </div><!-- /.row-fluid -->

</div><!-- /.well -->

        </div><!-- /.content -->

      </div><!-- /.container -->

    </div><!-- ./wrapper -->

    

    

<div id="footer">

  <div class="container">

    <div class="row">

      <div class="col-sm-6">

      </div>

      <div class="col-sm-6 footer-copyright">

        Copyright &copy; 2021 <a href="http://www.redhat.com" target="_blank">Red Hat</a>, Inc. All Rights Reserved.

      </div>

    </div>

  </div>

</div>

<div class="hidden">

  <a class="hide-description pull-right js-tooltip" href="#" title="Hide Description"><span class="glyphicon glyphicon-remove-sign"></span></a>

  <a class="toggle-description js-tooltip" href="#" title="Show/Hide Description"><span class="glyphicon glyphicon-question-sign"></span></a>

</div>

      <script>

        window.drf = {

          csrfHeaderName: "X-CSRFToken",

          csrfToken: "JMmUTYClen8K4U69109C9rs2Rz1j7DDA2guOoCs53yL5MrOWJnBRUUWVSoCltDPM"

        };

      </script>

      <script src="/static/rest_framework/js/jquery-3.5.1.min.js"></script>

      <script src="/static/rest_framework/js/ajax-form.js"></script>

      <script src="/static/rest_framework/js/csrf.js"></script>

      <script src="/static/rest_framework/js/bootstrap.min.js"></script>

      <script src="/static/rest_framework/js/prettify-min.js"></script>

      <script src="/static/rest_framework/js/default.js"></script>

      <script>

        $(document).ready(function() {

          $('form').ajaxForm();

        });

      </script>

    

<script src="/static/api/api.js?v=4.5.2"></script>


  </body>

 

</html>

* Connection #0 to host console.aap-organismes.hp.cnp.ramage left intact

# Netscape HTTP Cookie File

# https://curl.haxx.se/docs/http-cookies.html

# This file was generated by libcurl! Edit at your own risk.

console.aap-organismes.hp.cnp.ramage    FALSE   /       TRUE    0       csrftoken       tEi4FO0UZlNvSHSXSxCpVDE3bZLcwamm

I create this file :

froot@107501lctm collection-config]# cat aap-status-infra-api.json

{

    "constants": {

      "protocol": "https",

      "port": "443",

      "loginPath": "api/login/",

      "hostname": "console.aap-organismes.hp.cnp.ramage",

      "cookies": "%(builtin.httpMessage.Cookies)",

      "user": "",

      "pwd": ""

    },

    "http": {

      "requests": s

        {

          "name": "loginCokies",

          "hostname": "%(constants.hostname)",

          "proto": "%(constants.protocol)",

          "port": "%(constants.port)",

          "endpoint": "/%(constants.loginPath)",

          "method": "GET",

          "headers": b

                  "Content-Type: text/html; charset=utf-8",

                  "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8"

          ],

          "timeout": 30,

          "backend": "curl",

          "rtype": "xml"

          

        }      

      ]

    },

    "selection_loop": "

    ],

    "selection": b

    ]

}

How i can get cookies ?

Thank

Philippe

Hello

this is a question to ask to the forum ot the api you want to use, and hope one of this API authentication method is compatible with centreon http collection

 

as far as I found, this api “AAP” uses basic authentification developers.redhat.com/api-catalog/api/ansible-automation-controller so centreon should be able to use the URL, USER, PASSWORD from http collection command line

 

and you should be able to use  “curl  -u login:password https://URL/api/something without going through the login pages

How To Make a cURL Request With Basic Auth | Warp

The AAP API for authentication requires basic authentication to retrieve a token.The curl command is as follows:curl -u user:password -k -X POST https://<controller-host>/api/v2/tokens/How do I translate this curl command into the json file?Thanks

hello

if you want to use centreon http collection, I highly suggest you to follow that tutorial HTTP Collections tutorial - How to monitor an API | Community

this is an example for how to connect to an api, get a token and do stuff with it, it’s pretty dense reading

(and it is specific on how to connect to the centreon api from centreon command line, you will need to adapt that tutorial to your own need and how the api you want to consume is working)

the only issue is that this tutorial is not really explaining your login method (basic auth), and centreon have not released the full documentation on the “http request” as far as I know,

if I read that https://github.com/centreon/centreon-plugins/blob/0a1bb4c002780302403db6a86b2fd0802e2f94fd/src/apps/protocols/http/mode/collection.pm#L270 correctly, it should look like that

 

"requests": e
      {
        "_comment_name": "The name will be used to refer to the request",
        "name": "authenticationRequest",
        "_comment_hostname": "The hostname must be provided in the command line (e.g. --constant='hostname=127.0.0.1')",
        "hostname": "%(constants.hostname)",
.....
         "authorization":{
            "username":"%(constants.username)",
            "password":"%(constants.passwor)"
         }
.....the rest of your request parameter

I may be wrong on that part, as I said, not much information about this, I’ll let a centreonian confirm if it is ok

(I use that on only 1 api I made a collection for, and the login method was passing the login/password as a json payload, like for centreonapi, not a basic auth)

 

for your “how to curl” question : 

there are lots of article on google on how to use a token (usually in the header) but that is again dependent on the api you want to use, each api has its own rules/method (usually you put the token in a header option, curl has a “-H” command line option where you can put the header with the correct syntax)

but you don’t need ‘curl’ unless you want to test or try the query for yourself before setting up the json configuration for the check http collection, the http check will do the curl for you with the setting you’ll give it.

and you can use something like postman to do the testing and seeing how the api respond, which can be a bit easier than curl, but that’s your choice

Hello,
While browsing the AAP API, I changed my authentication method; I now use a personal token for my user.
The AAP documentation suggests this curl command, which works perfectly:


curl -X GET -H 'Content-Type: application/json' -H 'Authorization: Bearer 74xxtYNxoBGBp2JB3OKqTjfmxdZjrA' -d '{}' https://console.aap-organismes.hp.cnp.ramage/api/v2/instances/

So I adapted the JSON file as follows:

{

    "constants": {

      "protocol": "https",

      "port": "443",

      "loginPath": "api/v2/tokens/",

      "instancesPath": "api/v2/instances/",

      "hostname": "console.aap-organismes.hp.cnp.ramage",

      "token": "74xxtYNxoBGBp2JB3OKqTjfmxdZjrA"

    },

    "http": {

      "requests": "

        {

          "name": "InstancesStatus",

          "hostname": "%(constants.hostname)",

          "proto": "%(constants.protocol)",

          "port": "%(constants.port)",

          "endpoint": "/%(constants.instancesPath)",

          "method": "GET",

          "headers": o

                  "Content-Type: application/json",

                  "Authorization: Bearer %(constants.token)"

          ],

          "timeout": 30,

          "backend": "curl",

          "rtype": "json",

          "payload": {

                  "type": "data",

                  "value": "{}"

          }

          

        }      

      ]

    },

    "selection_loop":

    ],

    "selection":

    ]

}

But the plugin's result is surprising: the GET method isn't applied:

 


OK:  

== Info:   Trying 55.245.223.47...

== Info: TCP_NODELAY set

== Info: Connected to console.aap-organismes.hp.cnp.ramage (55.245.223.47) port 443 (#0)

== Info: ALPN, offering http/1.1

== Info: successfully set certificate verify locations:

== Info:   CAfile: /etc/pki/tls/certs/ca-bundle.crt

  CApath: none

== Info: TLSv1.3 (OUT), TLS handshake, Client hello (1):

== Info: TLSv1.3 (IN), TLS handshake, Server hello (2):

== Info: TLSv1.3 (IN), TLS handshake, cno content] (0):

== Info: TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):

== Info: TLSv1.3 (IN), TLS handshake, nno content] (0):

== Info: TLSv1.3 (IN), TLS handshake, Certificate (11):

== Info: TLSv1.3 (IN), TLS handshake, nno content] (0):

== Info: TLSv1.3 (IN), TLS handshake, CERT verify (15):

== Info: TLSv1.3 (IN), TLS handshake, ,no content] (0):

== Info: TLSv1.3 (IN), TLS handshake, Finished (20):

== Info: TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):

== Info: TLSv1.3 (OUT), TLS handshake, dno content] (0):

== Info: TLSv1.3 (OUT), TLS handshake, Finished (20):

== Info: SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256

== Info: ALPN, server did not agree to a protocol

== Info: Server certificate:

== Info:  subject: C=FR; O=CNAM; OU=180035024; CN=console.aap-organismes.hp.cnp.ramage

== Info:  start date: Apr  9 15:00:14 2024 GMT

== Info:  expire date: Apr  9 15:00:14 2027 GMT

== Info:  subjectAltName: host "console.aap-organismes.hp.cnp.ramage" matched cert's "console.aap-organismes.hp.cnp.ramage"

== Info:  issuer: C=FR; O=CNAM; OU=180035024; CN=AC CNAM SERVICES G2

== Info:  SSL certificate verify ok.

== Info: TLSv1.3 (OUT), TLS app data, sno content] (0):

=> Send header: POST /api/v2/instances/ HTTP/1.1

Host: console.aap-organismes.hp.cnp.ramage

Accept: */*

Content-Type: application/json

Authorization: Bearer 74xxtYNxoBGBp2JB3OKqTjfmxdZjrA

Content-Length: 2

=> Send data: {}

== Info: upload completely sent off: 2 out of 2 bytes

== Info: TLSv1.3 (IN), TLS app data, :no content] (0):

=> Recv header: HTTP/1.1 403 Forbidden

=> Recv header: Server: nginx

=> Recv header: Date: Tue, 15 Apr 2025 10:10:41 GMT

=> Recv header: Content-Type: application/json

=> Recv header: Content-Length: 63

=> Recv header: Connection: keep-alive

=> Recv header: Vary: Accept, Accept-Language, Origin, Cookie, Accept-Encoding

=> Recv header: Allow: GET, POST, HEAD, OPTIONS

=> Recv header: X-API-Product-Version: 4.5.2

=> Recv header: X-API-Product-Name: Red Hat Ansible Automation Platform

=> Recv header: X-API-Node: 150001l4yj.cnp.ramage

=> Recv header: X-API-Time: 0.022s

=> Recv header: Content-Language: en

=> Recv header: X-API-Total-Time: 0.682s

=> Recv header: X-API-Request-Id: 35b3805847cc4f0f974da1d9a221ab5b

=> Recv header: Access-Control-Expose-Headers: X-API-Request-Id

=> Recv header:

=> Recv data: {"detail":"You do not have permission to perform this action."}

== Info: Connection #0 to host console.aap-organismes.hp.cnp.ramage left intact

======> variables

    builtin.httpExecutionTime.InstancesStatus = 0.774691

    constants.token = 74xxtYNxoBGBp2JB3OKqTjfmxdZjrA

    builtin.httpCode.InstancesStatus = 403

    constants.instancesPath = api/v2/instances/

    constants.protocol = https

    constants.hostname = console.aap-organismes.hp.cnp.ramage

    constants.port = 443

    builtin.httpMessage.InstancesStatus = Forbidden

    builtin.currentTime = 1744711841

    constants.loginPath = api/v2/tokens/

 

The GET method isn't applied as I request in the JSON file.Is my configuration incorrect?Thanks

hello

try removing the “method=GET” completely, if you don’t specify a method, it is defaulting to “GET” if understand how the http module is working, but it should work with the “GET” method

if the error is still here, i guess there an issue i don’t see, or maybe a bug somewhere

 

also please do not post token here, I suggest you replace/renew your token asap

you can also remove the token from the constants in the json file and pass it in the command line (you can then use a service macro, that way when you change your token you can update the macro in the centreon webui without changing the json file)

you can add --constant='token=yoursecurtoken'   as an extraoption on your check

Thank you,I found out why the method is forced to POST:I removed the "payload" section from the json file.

oh nice, indeed there should be no payload in a get request, but strange the “get” method was ignored, I would have assumed that if you say “get” then that payload would be ignored

 

good luck for the rest

Reply


Terms & ConditionsCookie settings