You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Incorporating the code from CiscoDNA/ipam/ipam_page.py into an existing Integrity Gateway platform with existing API workflows breaks the ability to authenticate will all workflows. The existing workflows have the @util.rest_workflow_permission_required decorator applied.
Steps to Reproduce
Create an Integrity Gateway 21.8.1 installation with API workflows utilizing the @util.rest_workflow_permission_required decorator
The following lines always return None, and set the g.user object to None:
u=get_user_from_session(token)
g.user=u
Attempting to use any API endpoint results in an HTTP 401 error with the following API payload:
{
"message": "The server could not verify that you are authorized to access the URL requested. You either supplied the wrong credentials (e.g. a bad password), or your browser doesn't understand how to supply the credentials required."
}
Fix
In our installation, removing the entire @app.before_request section resolved our issue. This section seems to be an unnecessary and broken implementation of code already incorporated in the Gateway product at portal/app.py. The relevant section in app.py follows:
@app.before_requestdefbefore_request():
""" Before each request hook"""g.config=configg.use_rest=Trueifrequest.user_agent.browser:
g.use_rest=Falseg.url_hit=urlparse(request.url).pathg.path=request.path.strip("/")
user, use_rest=_get_user_from_request(request)
ifuserisNone:
user, use_rest=_get_user_from_session(session)
else:
session["access_token"] =user.get_unique_name()
session["username"] =user.get_username()
session["bam_url"] =user.get_api().get_url()
g.user=userifuse_restisnotNone:
g.use_rest=use_restlog_endpoint(f"Endpoint {request.path} retrieved by {request.remote_addr}")
The text was updated successfully, but these errors were encountered:
Incorporating the code from CiscoDNA/ipam/ipam_page.py into an existing Integrity Gateway platform with existing API workflows breaks the ability to authenticate will all workflows. The existing workflows have the
@util.rest_workflow_permission_requireddecorator applied.Steps to Reproduce
Current behavior
The problem code appears to be this section:
The following lines always return None, and set the g.user object to None:
Attempting to use any API endpoint results in an HTTP 401 error with the following API payload:
{ "message": "The server could not verify that you are authorized to access the URL requested. You either supplied the wrong credentials (e.g. a bad password), or your browser doesn't understand how to supply the credentials required." }Fix
In our installation, removing the entire
@app.before_requestsection resolved our issue. This section seems to be an unnecessary and broken implementation of code already incorporated in the Gateway product atportal/app.py. The relevant section in app.py follows:The text was updated successfully, but these errors were encountered: