Php API调用防火墙后重定向到登录
对于一个项目,我必须对fortigate防火墙进行api调用,我可以绕过SSL证书,但之后我被重定向到登录页面,即使我使用了授权密钥(用户名+密码base64编码) 我的代码:Php API调用防火墙后重定向到登录,php,python,api,firewall,Php,Python,Api,Firewall,对于一个项目,我必须对fortigate防火墙进行api调用,我可以绕过SSL证书,但之后我被重定向到登录页面,即使我使用了授权密钥(用户名+密码base64编码) 我的代码: import urllib2,ssl u='username' p='password' url='https://fortigate-url/api/v2/cmdb/firewall/policy/?vdom=root' def encodeUserData(user, password): return "Ba
import urllib2,ssl
u='username'
p='password'
url='https://fortigate-url/api/v2/cmdb/firewall/policy/?vdom=root'
def encodeUserData(user, password):
return "Basic " + (user + ":" + password).encode("base64").rstrip()
req = urllib2.Request(url)
req.add_header('Accept', 'application/json')
req.add_header("Content-type", "application/x-www-form-urlencoded")
req.add_header('Authorization', encodeUserData(u, p))
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
res = urllib2.urlopen(req,context=ctx)
print res.read()
GET /login?redir=%2fapi%2fv2%2fcmdb%2fpolicy%2f%3fvdom=root%2f HTTP/1.1
Host: 198.51.150.55
User-Agent: curl/7.53.1
Authorization: Rftfa4fYm=
Accept:application/json
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2017 11:53:06 GMT
Set-Cookie: APSCOOKIE_2199254599="0%260"; path=/; expires=Mon, 03-Apr-1967 11:53:06 GMT
Set-Cookie: log_filters="0%260"; path=/log/; expires=Mon, 03-Apr-1967 11:53:06 GMT
Set-Cookie: log_type="0%260"; path=/log/; expires=Mon, 03-Apr-1967 11:53:06 GMT
Set-Cookie: just_logged_in="0%260"; path=/system/status/; expires=Mon, 03-Apr-1967 11:53:06 GMT
Set-Cookie: opmode="0%260"; path=/; expires=Mon, 03-Apr-1967 11:53:06 GMT
Set-Cookie: csrftoken="0%260"; path=/; expires=Mon, 03-Apr-1967 11:53:06 GMT
Set-Cookie: ccsrftoken="0%260"; path=/; expires=Mon, 03-Apr-1967 11:53:06 GMT
Set-Cookie: last_l3_menu="0%260"; path=/p/system/navbar/; expires=Mon, 03-Apr-1967 11:53:06 GMT
Set-Cookie: fsck="0%260"; path=/; expires=Mon, 03-Apr-1967 11:53:06 GMT
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html style="height:100%">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="pragma" content="no-cache">
<link href="/25689/style.css" rel="stylesheet" type="text/css">
<link href="/25689/css/jquery.ui.css" rel="stylesheet" type="text/css">
<script type='text/javascript' src='/25689/lang/en.js'></script>
<script language="JavaScript">
if (top.location != window.location) top.location.reload();
if (window.opener) {window.opener.top.location.reload(); self.close();}
var redir = '\/api\/v2\/cmdb\/firewall\/policy\/?vdom=root\/';
</script>
<link href="/25689/css/login.css" rel="stylesheet" type="text/css">
</head>
<body>
<table id="container">
<tr><td>
<noscript id="js_msg_txt">Warning: this page requires Javascript. To correctly view, please enable it in your browser.</noscript>
<form id="login_panel" action="" onsubmit="return false;" method="get" name="login" autocomplete="off">
<div name="err_msg_txt" id="err_msg_txt"> </div>
<label for="username">Name</label>
<input type="text" name="username" id="username" value="" maxlength="35" autocorrect="off" autocapitalize="off" >
<label for="secretkey">Password</label>
<input type=password autocomplete="off" name="secretkey" id="secretkey">
...
* Connection #0 to 'fortigate url' left intact
GET/login?redir=%2fapi%2fv2%2fcmdb%2fpolicy%2f%3fvdom=root%2f HTTP/1.1
主持人:198.51.150.55
用户代理:curl/7.53.1
授权:Rftfa4fYm=
接受:application/json
HTTP/1.1200ok
日期:2017年3月21日星期二11:53:06 GMT
设置Cookie:APSCOOKIE_2199254599=“0%260”;路径=/;expires=Mon,1967年4月3日11:53:06 GMT
设置Cookie:log_filters=“0%260”;路径=/log/;expires=Mon,1967年4月3日11:53:06 GMT
设置Cookie:log_type=“0%260”;路径=/log/;expires=Mon,1967年4月3日11:53:06 GMT
设置Cookie:just_logged_in=“0%260”;路径=/system/status/;expires=Mon,1967年4月3日11:53:06 GMT
设置Cookie:opmode=“0%260”;路径=/;expires=Mon,1967年4月3日11:53:06 GMT
设置Cookie:csrftoken=“0%260”;路径=/;expires=Mon,1967年4月3日11:53:06 GMT
设置Cookie:ccsrftoken=“0%260”;路径=/;expires=Mon,1967年4月3日11:53:06 GMT
设置Cookie:last_l3_menu=“0%260”;路径=/p/system/navbar/;expires=Mon,1967年4月3日11:53:06 GMT
设置Cookie:fsck=“0%260”;路径=/;expires=Mon,1967年4月3日11:53:06 GMT
传输编码:分块
内容类型:text/html;字符集=utf-8
X-Frame-Options:SAMEORIGIN
X-UA-兼容:IE=Edge
如果(top.location!=window.location)top.location.reload();
if(window.opener){window.opener.top.location.reload();self.close();}
var redir='\/api\/v2\/cmdb\/firewall\/policy\/?vdom=root\/';
警告:此页面需要Javascript。要正确查看,请在浏览器中启用它。
名称
密码
...
*0到“fortigate url”的连接保持不变
是否可以使用相同的脚本绕过登录?尽管它使用以下代码工作:
import requests
fortigate_host = '198.51.100.1'
fortigate_user = 'admin'
fortigate_pass = 'pass'
login_url = 'https://%s/logincheck' % fortigate_host
login_payload = {'username': fortigate_user, 'secretkey': fortigate_pass}
r = requests.post(login_url, data=login_payload, verify=False)
cookiejar = r.cookies
print r.headers
print r.text
r = requests.get('https://%s/api/v2/cmdb/system/interface/' % fortigate_host,
cookies=cookiejar, verify=False)
print r.content