Closed
Description
Running system test in v4.8.0-alpha1
In agentless_cluster environment was possible to detect some issues:
In some of the following tests:
test_jwt_invalidation/test_revoke_endpoint.py
test_jwt_invalidation/test_change_security_resources.py
test_jwt_invalidation/test_change_rbac_mode.py
test_jwt_invalidation/test_update_password.py
The following error message was detected:
Returns:
API token (str): Usable API token.
"""
login_endpoint = '/security/user/authenticate'
login_method = 'POST'
login_body = ''
if auth_context is not None:
login_endpoint = '/security/user/authenticate/run_as'
login_body = 'body="{}"'.format(json.dumps(auth_context).replace('"', '\\"').replace(' ', ''))
try:
token_response = self.get_host(host).ansible('uri', f"url=https://localhost:{port}{login_endpoint} "
f"user={user} password={password} "
f"method={login_method} {login_body} validate_certs=no "
f"force_basic_auth=yes",
check=check)
return token_response['json']['data']['token']
except KeyError:
> raise KeyError(f'Failed to get token: {token_response}')
E KeyError: "Failed to get token: {'changed': False, 'connection': 'close', 'content_length': '65', 'content_type': 'application/problem+json; charset=utf-8', 'date': 'Mon, 11 Dec 2023 10:43:15 GMT', 'elapsed': 0, 'msg': 'Status code was 400 and not [200]: HTTP Error 400: Bad Request', 'redirected': False, 'status': 400, 'url': 'https://localhost:55000/security/user/authenticate/run_as'}"
On the other hand, in test_jwt_invalidation/test_update_password.py, the following variation of the message:
def get_api_token(self, host, user='wazuh', password='wazuh', auth_context=None, port=55000, check=False):
"""Return an API token for the specified user.
Args:
host (str): Hostname.
user (str, optional): API username. Default `wazuh`
password (str, optional): API password. Default `wazuh`
auth_context (dict, optional): Authorization context body. Default `None`
port (int, optional): API port. Default `55000`
check (bool, optional): Ansible check mode("Dry Run"),
by default it is enabled so no changes will be applied. Default `False`
Returns:
API token (str): Usable API token.
"""
login_endpoint = '/security/user/authenticate'
login_method = 'POST'
login_body = ''
if auth_context is not None:
login_endpoint = '/security/user/authenticate/run_as'
login_body = 'body="{}"'.format(json.dumps(auth_context).replace('"', '\\"').replace(' ', ''))
try:
token_response = self.get_host(host).ansible('uri', f"url=https://localhost:{port}{login_endpoint} "
f"user={user} password={password} "
f"method={login_method} {login_body} validate_certs=no "
f"force_basic_auth=yes",
check=check)
return token_response['json']['data']['token']
except KeyError:
> raise KeyError(f'Failed to get token: {token_response}')
E KeyError: "Failed to get token: {'changed': False, 'connection': 'close', 'content_length': '59', 'content_type': 'application/problem+json; charset=utf-8', 'date': 'Mon, 11 Dec 2023 10:44:58 GMT', 'elapsed': 0, 'msg': 'Status code was 401 and not [200]: HTTP Error 401: Unauthorized', 'redirected': False, 'status': 401, 'url': 'https://localhost:55000/security/user/authenticate/run_as'}"
/usr/local/lib/python3.10/dist-packages/wazuh_testing/tools/system.py:229: KeyError
Reports are here:
report_agentless_cluster.zip
Research should be done to see if the API is failing or there were some changes in the endpoint that should be changed in the test