Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection #5903

Merged
merged 2 commits into from
Jan 30, 2023
Merged

Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection #5903

merged 2 commits into from
Jan 30, 2023

Conversation

mraineri
Copy link
Contributor

SUMMARY

Redfish services do not expect authorization headers when performing a POST to the session collection. The expectation is credentials are in the request body. While the specification is silent on how services behave when authorization headers are present in this request, the guidance for clients is to not provide the header.

The change here removes the authorization header on two conditions:

  • When performing a GET on the service root (/redfish/v1/): this is an unauthenticated resource and is used for discovery prior to logging into the system.
  • When performing a POST on the session collection (/redfish/v1/SessionService/Sessions).

Fix #5886

ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

redfish_utils

ADDITIONAL INFORMATION

On some systems, using the Redfish command "CreateSessions" will result in an error (as shown in #5886).

Before:

fatal: [localhost]: FAILED! => {"ansible_facts": {"discovered_interpreter_python": "/usr/bin/python3"}, "changed": false, "msg": "HTTP Error 415 on POST request to 'https://<REDACTED>/redfish/v1/SessionService/Sessions', extended message: 'A general error has occurred. See Resolution for information on how to resolve the error.'"}

After:

ok: [localhost] => {
    "redfish_results": {
        "ansible_facts": {
            "discovered_interpreter_python": "/usr/bin/python3"
        },
        "changed": true,
        "failed": false,
        "msg": "Action was successful",
        "return_values": {},
        "session": {
            "token": "66de70083fccd78fcbd200d9341473b7",
            "uri": "/redfish/v1/SessionService/Sessions/70"
        }
    }
}

@ansibullbot
Copy link
Collaborator

cc @Bhavya06 @rajeevkallur @renxulei @tomasg2012 @xmadsen
click here for bot help

@ansibullbot ansibullbot added bug This issue/PR relates to a bug module_utils module_utils plugins plugin (any type) labels Jan 27, 2023
@felixfontein felixfontein added check-before-release PR will be looked at again shortly before release and merged if possible. backport-5 labels Jan 28, 2023
@github-actions
Copy link

github-actions bot commented Jan 30, 2023
edited
Loading

Docs Build 📝

Thank you for contribution!✨

This PR has been merged and your docs changes will be incorporated when they are next published.

@felixfontein felixfontein merged commit ea5cbe2 into ansible-collections:main Jan 30, 2023
@patchback
Copy link

patchback bot commented Jan 30, 2023
edited
Loading

Backport to stable-5: 💚 backport PR created

✅ Backport PR branch: patchback/backports/stable-5/ea5cbe2553716192c9a15f93532c286d1ddec1d1/pr-5903

Backported as #5923

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

@felixfontein felixfontein removed the check-before-release PR will be looked at again shortly before release and merged if possible. label Jan 30, 2023
patchback bot pushed a commit that referenced this pull request Jan 30, 2023
@mraineri @patchback
Redfish: Removed basic auth header when performing a GET on the servi…
2334fc4 
…ce root and POST to the session collection (#5903)

* Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection

* Update changelogs/fragments/5886-redfish-correct-basic-auth-usage-on-session-creation.yml

Co-authored-by: Felix Fontein <[email protected]>

---------

Co-authored-by: Felix Fontein <[email protected]>
(cherry picked from commit ea5cbe2)
@patchback patchback bot mentioned this pull request Jan 30, 2023
Merged
@patchback
Copy link

patchback bot commented Jan 30, 2023
edited
Loading

Backport to stable-6: 💚 backport PR created

✅ Backport PR branch: patchback/backports/stable-6/ea5cbe2553716192c9a15f93532c286d1ddec1d1/pr-5903

Backported as #5924

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

@felixfontein
Copy link
Collaborator

@mraineri thanks a lot for your contribution!

patchback bot pushed a commit that referenced this pull request Jan 30, 2023
@mraineri @patchback
Redfish: Removed basic auth header when performing a GET on the servi…
a66d828 
…ce root and POST to the session collection (#5903)

* Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection

* Update changelogs/fragments/5886-redfish-correct-basic-auth-usage-on-session-creation.yml

Co-authored-by: Felix Fontein <[email protected]>

---------

Co-authored-by: Felix Fontein <[email protected]>
(cherry picked from commit ea5cbe2)
@patchback patchback bot mentioned this pull request Jan 30, 2023
Merged
felixfontein pushed a commit that referenced this pull request Jan 30, 2023
@patchback @mraineri
[PR #5903/ea5cbe25 backport][stable-5] Redfish: Removed basic auth he…
7b532be 
…ader when performing a GET on the service root and POST to the session collection (#5923)

Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection (#5903)

* Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection

* Update changelogs/fragments/5886-redfish-correct-basic-auth-usage-on-session-creation.yml

Co-authored-by: Felix Fontein <[email protected]>

---------

Co-authored-by: Felix Fontein <[email protected]>
(cherry picked from commit ea5cbe2)

Co-authored-by: Mike Raineri <[email protected]>
felixfontein pushed a commit that referenced this pull request Jan 30, 2023
@patchback @mraineri
[PR #5903/ea5cbe25 backport][stable-6] Redfish: Removed basic auth he…
3c5c3a0 
…ader when performing a GET on the service root and POST to the session collection (#5924)

Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection (#5903)

* Redfish: Removed basic auth header when performing a GET on the service root and POST to the session collection

* Update changelogs/fragments/5886-redfish-correct-basic-auth-usage-on-session-creation.yml

Co-authored-by: Felix Fontein <[email protected]>

---------

Co-authored-by: Felix Fontein <[email protected]>
(cherry picked from commit ea5cbe2)

Co-authored-by: Mike Raineri <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@felixfontein felixfontein felixfontein left review comments

Assignees
No one assigned
Labels
bug This issue/PR relates to a bug module_utils module_utils plugins plugin (any type)
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Redfish Session Auth with Dell iDRAC9
3 participants
@mraineri @ansibullbot @felixfontein