TeamPass icon indicating copy to clipboard operation
TeamPass copied to clipboard
verified publisher icon nilsteampassnet

API cannot autorize

Open aeazarka opened this issue 2 years ago • 3 comments

Steps to reproduce

  1. Make simple post with body {"login": "my_ldap_login", "password": "my_ldap_pass", "apikey": "my_tp_api_key"} over py.requests or by postman

Expected behaviour

Tell us what should happen get JWT token

Actual behaviour

Tell us what happens instead Got error 'PHP message: PHP Warning: Undefined array key "login" in /var/www/html/teampass/api/Controller/Api/AuthController.php on line 46; PHP message: PHP Warning: Undefined array key "password" in /var/www/html/teampass/api/Controller/Api/AuthController.php on line 47; PHP message: PHP Warning: Undefined array key "apikey" in /var/www/html/teampass/api/Controller/Api/AuthController.php on line 48'

Server configuration

Current version loaded 3.0.10.56 Ubuntu 20.04.6 LTS PHP version: 8.2.10 Memory limit: 128M Memory usage: 981.61 KB Maximum time execution: 30 Maximum file size upload: 20M Server version: 10.6.15-MariaDB-1:10.6.15+maria~ubu2004 Database size: 154.73MB

Teampass configuration file:

Updated from an older Teampass or fresh install: PLEASE attach to this issue the file /includes/config/tp.config.php.

Client configuration

Browser:

Operating system:

Logs

Web server error log

Insert your webserver log here

Log from the web-browser developer console (CTRL + SHIFT + i)

Insert the log here and especially the answer of the query that failed.

sample python code

import requests, json host = 'http://192.168.254.229/teampass/api/index.php' body = { 'login': 'my_ldap_login', 'password': 'my_ldap_pass', 'apikey': 'my_tp_api_key' } response = requests.post(url=f'{host}/authorize', data=json.dumps(body)) print(response.json())

aeazarka avatar Oct 06 '23 08:10 aeazarka

Please refer to https://documentation.teampass.net/#/api-basic?id=authorize

Just did a test and it works Capture d’écran du 2023-10-10 14-46-55

I believe you are missing authorize in your url.

nilsteampassnet avatar Oct 10 '23 12:10 nilsteampassnet

Hello,

I have the same issue with current version 3.1.2.44

curl -X POST "https://servername/api/index.php/authorize" \
  -H "Content-Type: application/json" \
  -d '{"apikey": "Qfjcruc9HJNN6VpsWmuY69UZrp8QRrtyepF3GqU","login":"usertest", "password": "userpassword"}'

here is the result

<br />
<b>Warning</b>:  Undefined array key "login" in <b>/var/www/teampass-3-git/api/Controller/Api/AuthController.php</b> on line <b>48</b><br />
<br />
<b>Warning</b>:  Undefined array key "password" in <b>/var/www/teampass-3-git/api/Controller/Api/AuthController.php</b> on line <b>49</b><br />
<br />
<b>Warning</b>:  Undefined array key "apikey" in <b>/var/www/teampass-3-git/api/Controller/Api/AuthController.php</b> on line <b>50</b><br />
{"error":"AuthModel::getUserAuth(): Argument #1 ($login) must be of type string, null given, called in \/var\/www\/teampass-3-git\/api\/Controller\/Api\/AuthController.php on line 47 Something went wrong! Please contact support.2"}

I discoverd that it didn't like the header "Content-Type: application/json".

I have added var_dump($request); at line 37 in the api/Controller/Api/AuthController.php

with the header "Content-Type: application/json", the dump content is empty and without the header, there is content, but not understand later.

One other question around the api authorize: Why is it needed to provide username & password when the api key is provided? (if I read right).

Regards

guyomog78 avatar May 17 '24 12:05 guyomog78

Hello,

I'm witnessing the very same situation as @guyomog78 on a Teampass version 3.0.10 :

curl -X POST -k -i 'https://teampass.mydomain.com/api/index.php/authorize' --data '{
    "apikey": "szewTsECfSz6BRXPVnmDxWKFWxxxxxxLvbp2pTe",
    "login": "user01",
    "password": "pwd"
}'

with the same error message : {"error":"AuthModel::getUserAuth(): Argument #1 ($login) must be of type string, null given, called in \/var\/www\/html\/TeamPass\/api\/Controller\/Api\/AuthController.php on line 45 Something went wrong! Please contact support."} and /var/log/apache2/teampass_error.log containing :

[Fri Jun 28 13:58:32.370215 2024] [php:warn] [pid 463502] [client 10.32.2.6:59676] PHP Warning:  Undefined array key "login" in /var/www/html/TeamPass/api/Controller/Api/AuthController.php on line 46
[Fri Jun 28 13:58:32.370247 2024] [php:warn] [pid 463502] [client 10.32.2.6:59676] PHP Warning:  Undefined array key "password" in /var/www/html/TeamPass/api/Controller/Api/AuthController.php on line 47
[Fri Jun 28 13:58:32.370257 2024] [php:warn] [pid 463502] [client 10.32.2.6:59676] PHP Warning:  Undefined array key "apikey" in /var/www/html/TeamPass/api/Controller/Api/AuthController.php on line 48

@nilsteampassnet , do you have a suggestion about this point? Or debug points we could add to get things working?

Thank you.

Nicolas

necarnot avatar Jun 28 '24 12:06 necarnot

Closed automatically due to inactivity (no response for over 1 year).

nilsteampassnet avatar Oct 25 '25 12:10 nilsteampassnet