From f7ba059b94215160731d4e30fbc239c375c104ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Christian=20K=C3=B6nig?= Date: Sat, 14 Oct 2023 14:01:20 +0200 Subject: [PATCH] Query directly and authenticate only if required MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Christian König --- advanced/Scripts/api.sh | 21 ++++++++++++++++++--- advanced/Scripts/query.sh | 15 +++++++++++++-- 2 files changed, 31 insertions(+), 5 deletions(-) diff --git a/advanced/Scripts/api.sh b/advanced/Scripts/api.sh index afd88671..449f146f 100755 --- a/advanced/Scripts/api.sh +++ b/advanced/Scripts/api.sh @@ -82,10 +82,25 @@ DeleteSession() { } GetFTLData() { - local data + local data response status # get the data from querying the API as well as the http status code - data=$(curl -s -X GET "http://localhost:${PORT}/api$1" -H "Accept: application/json" -H "sid: ${SID}" ) - echo "${data}" + response=$(curl -s -w "%{http_code}" -X GET "http://localhost:${PORT}/api$1" -H "Accept: application/json" -H "sid: ${SID}" ) + + # status are the last 3 characters + status=$(printf %s "${response#"${response%???}"}") + # data is everything from response without the last 3 characters + data=$(printf %s "${response%???}") + + if [ "${status}" = 200 ]; then + # response OK + echo "${data}" + elif [ "${status}" = 000 ]; then + # connection lost + echo "000" + elif [ "${status}" = 401 ]; then + # unauthorized + echo "401" + fi } secretRead() { diff --git a/advanced/Scripts/query.sh b/advanced/Scripts/query.sh index 8407d3f6..a26d249c 100755 --- a/advanced/Scripts/query.sh +++ b/advanced/Scripts/query.sh @@ -118,10 +118,21 @@ Main(){ # Test if the authentication endpoint is available TestAPIAvailability - # Authenticate with the FTL server - Authenthication + + # Users can configure FTL in a way, that for accessing a) all endpoints (webserver.api.localAPIauth) + # or b) for the /search endpoint (webserver.api.searchAPIauth) no authentication is required. + # Therefore, we try to query directly without authentication but do authenticat if 401 is returned data=$(GetFTLData "/search/${domain}?N=${max_results}&partial=${partial}") + + if [ "${data}" = 401 ]; then + # Unauthenticated, so authenticate with the FTL server required + Authenthication + + # send query again + data=$(GetFTLData "/search/${domain}?N=${max_results}&partial=${partial}") + fi + GenerateOutput "${data}" DeleteSession }