mirror of
https://github.com/pi-hole/pi-hole
synced 2024-12-23 07:18:07 +00:00
Support special webserver.port ports ending in "s" (secure) and "r" (redirect) (#5499)
This commit is contained in:
commit
7f7ec13c82
@ -21,20 +21,60 @@
|
||||
TestAPIAvailability() {
|
||||
|
||||
# as we are running locally, we can get the port value from FTL directly
|
||||
PORT="$(pihole-FTL --config webserver.port)"
|
||||
PORT="${PORT%%,*}"
|
||||
local chaos_api_list availabilityResonse
|
||||
|
||||
availabilityResonse=$(curl -s -o /dev/null -w "%{http_code}" "http://localhost:${PORT}/api/auth")
|
||||
# Query the API URLs from FTL using CHAOS TXT local.api.ftl
|
||||
# The result is a space-separated enumeration of full URLs
|
||||
# e.g., "http://localhost:80/api/" "https://localhost:443/api/"
|
||||
chaos_api_list="$(dig +short chaos txt local.api.ftl @127.0.0.1)"
|
||||
|
||||
# test if http status code was 200 (OK) or 401 (authentication required)
|
||||
if [ ! "${availabilityResonse}" = 200 ] && [ ! "${availabilityResonse}" = 401 ]; then
|
||||
echo "API not available at: http://localhost:${PORT}/api"
|
||||
# If the query was not successful, the variable is empty
|
||||
if [ -z "${chaos_api_list}" ]; then
|
||||
echo "API not available. Please check connectivity"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Iterate over space-separated list of URLs
|
||||
while [ -n "${chaos_api_list}" ]; do
|
||||
# Get the first URL
|
||||
API_URL="${chaos_api_list%% *}"
|
||||
# Strip leading and trailing quotes
|
||||
API_URL="${API_URL%\"}"
|
||||
API_URL="${API_URL#\"}"
|
||||
|
||||
# Test if the API is available at this URL
|
||||
availabilityResonse=$(curl -skS -o /dev/null -w "%{http_code}" "${API_URL}auth")
|
||||
|
||||
# Test if http status code was 200 (OK) or 401 (authentication required)
|
||||
if [ ! "${availabilityResonse}" = 200 ] && [ ! "${availabilityResonse}" = 401 ]; then
|
||||
# API is not available at this port/protocol combination
|
||||
API_PORT=""
|
||||
else
|
||||
# API is available at this URL combination
|
||||
break
|
||||
fi
|
||||
|
||||
# Remove the first URL from the list
|
||||
local last_api_list
|
||||
last_api_list="${chaos_api_list}"
|
||||
chaos_api_list="${chaos_api_list#* }"
|
||||
|
||||
# If the list did not change, we are at the last element
|
||||
if [ "${last_api_list}" = "${chaos_api_list}" ]; then
|
||||
# Remove the last element
|
||||
chaos_api_list=""
|
||||
fi
|
||||
done
|
||||
|
||||
# if API_PORT is empty, no working API port was found
|
||||
if [ -n "${API_PORT}" ]; then
|
||||
echo "API not available at: ${API_URL}"
|
||||
echo "Exiting."
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
Authenthication() {
|
||||
Authentication() {
|
||||
# Try to authenticate
|
||||
LoginAPI
|
||||
|
||||
@ -54,23 +94,23 @@ Authenthication() {
|
||||
}
|
||||
|
||||
LoginAPI() {
|
||||
sessionResponse="$(curl --silent -X POST "http://localhost:${PORT}/api/auth" --user-agent "Pi-hole cli " --data "{\"password\":\"${password}\"}" )"
|
||||
sessionResponse="$(curl -skS -X POST "${API_URL}auth" --user-agent "Pi-hole cli " --data "{\"password\":\"${password}\"}" )"
|
||||
|
||||
if [ -z "${sessionResponse}" ]; then
|
||||
echo "No response from FTL server. Please check connectivity"
|
||||
exit 1
|
||||
fi
|
||||
# obtain validity and session ID from session response
|
||||
validSession=$(echo "${sessionResponse}"| jq .session.valid 2>/dev/null)
|
||||
SID=$(echo "${sessionResponse}"| jq --raw-output .session.sid 2>/dev/null)
|
||||
# obtain validity and session ID from session response
|
||||
validSession=$(echo "${sessionResponse}"| jq .session.valid 2>/dev/null)
|
||||
SID=$(echo "${sessionResponse}"| jq --raw-output .session.sid 2>/dev/null)
|
||||
}
|
||||
|
||||
DeleteSession() {
|
||||
# if a valid Session exists (no password required or successful authenthication) and
|
||||
# SID is not null (successful authenthication only), delete the session
|
||||
# if a valid Session exists (no password required or successful Authentication) and
|
||||
# SID is not null (successful Authentication only), delete the session
|
||||
if [ "${validSession}" = true ] && [ ! "${SID}" = null ]; then
|
||||
# Try to delete the session. Omit the output, but get the http status code
|
||||
deleteResponse=$(curl -s -o /dev/null -w "%{http_code}" -X DELETE "http://localhost:${PORT}/api/auth" -H "Accept: application/json" -H "sid: ${SID}")
|
||||
deleteResponse=$(curl -skS -o /dev/null -w "%{http_code}" -X DELETE "${API_URL}auth" -H "Accept: application/json" -H "sid: ${SID}")
|
||||
|
||||
case "${deleteResponse}" in
|
||||
"200") printf "%b" "A session that was not created cannot be deleted (e.g., empty API password).\n";;
|
||||
@ -84,7 +124,7 @@ DeleteSession() {
|
||||
GetFTLData() {
|
||||
local data response status
|
||||
# get the data from querying the API as well as the http status code
|
||||
response=$(curl -s -w "%{http_code}" -X GET "http://localhost:${PORT}/api$1" -H "Accept: application/json" -H "sid: ${SID}" )
|
||||
response=$(curl -skS -w "%{http_code}" -X GET "${API_URL}$1" -H "Accept: application/json" -H "sid: ${SID}" )
|
||||
|
||||
# status are the last 3 characters
|
||||
status=$(printf %s "${response#"${response%???}"}")
|
||||
|
@ -121,14 +121,14 @@ Main(){
|
||||
# or b) for the /search endpoint (webserver.api.searchAPIauth) no authentication is required.
|
||||
# Therefore, we try to query directly without authentication but do authenticat if 401 is returned
|
||||
|
||||
data=$(GetFTLData "/search/${domain}?N=${max_results}&partial=${partial}")
|
||||
data=$(GetFTLData "search/${domain}?N=${max_results}&partial=${partial}")
|
||||
|
||||
if [ "${data}" = 401 ]; then
|
||||
# Unauthenticated, so authenticate with the FTL server required
|
||||
Authenthication
|
||||
Authentication
|
||||
|
||||
# send query again
|
||||
data=$(GetFTLData "/search/${domain}?N=${max_results}&partial=${partial}")
|
||||
data=$(GetFTLData "search/${domain}?N=${max_results}&partial=${partial}")
|
||||
fi
|
||||
|
||||
GenerateOutput "${data}"
|
||||
|
Loading…
Reference in New Issue
Block a user