tyler.durden
/
icingaweb2-module-director
mirror of https://github.com/Icinga/icingaweb2-module-director.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Icinga2Agent: Improved handling for Host API-Keys 

Improved the handling to validate if a local host API-Key is still valid or
deprecated. This will ensure proper error handling in case the local key is
lost, the Director Key is dropped or one of both is not valid
This commit is contained in:
Christian Stein 2017-07-20 19:33:53 +02:00 committed by Thomas Gelf
parent 3062cf2ebd
commit 56516cf572
1 changed files with 56 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
contrib/windows-agent-installer/Icinga2Agent.psm1
View File

@ -1865,6 +1865,32 @@ object ApiListener "api" {
return $jsonString; return $jsonString;
} }
#
# Check if the local host key is still valid
#
$installer | Add-Member -membertype ScriptMethod -name 'isHostAPIKeyValid' -value {
# If no API key is yet defined, we will require to fetch one
if (-Not $this.getProperty('director_host_token')) {
return $FALSE;
}
# Check against the powershell-parameter URL if our host API key is valid
# If we receive content -> everything is ok
# If we receive any 4xx code, propably the API Key is invalid and we require to fetch a new one
[string]$url = $this.config('director_url') + 'self-service/powershell-parameters?key=' + $this.getProperty('director_host_token');
[string]$response = $this.createHTTPRequest($url, '', 'POST', 'application/json', $TRUE, $FALSE);
if ($this.isHTTPResponseCode($response)) {
if ($response[0] -eq '4') {
$this.info('Target host is already present inside Icinga Director without API-Key. Re-Creating key...');
return $FALSE;
}
}
$this.info('Host API-Key validation successfull.');
return $TRUE;
}
# #
# This function will allow us to create a # This function will allow us to create a
# host object directly inside the Icinga Director # host object directly inside the Icinga Director
@ -1875,7 +1901,13 @@ object ApiListener "api" {
if ($this.config('director_url') -And $this.getProperty('local_hostname')) { if ($this.config('director_url') -And $this.getProperty('local_hostname')) {
if ($this.config('director_auth_token')) { if ($this.config('director_auth_token')) {
if ($this.requireIcingaDirectorAPIVersion('1.4.0', '[Function::createHostInsideIcingaDirector]')) { if ($this.requireIcingaDirectorAPIVersion('1.4.0', '[Function::createHostInsideIcingaDirector]')) {
if ($this.getProperty('director_host_token') -eq '') {
# Check if our API Host-Key is present and valid
if ($this.isHostAPIKeyValid()) {
return;
}
# If not, try to create the host and fetch the API key
[string]$apiKey = $this.config('director_auth_token'); [string]$apiKey = $this.config('director_auth_token');
[string]$url = $this.config('director_url') + 'self-service/register-host?name=' + $this.getProperty('local_hostname') + '&key=' + $apiKey; [string]$url = $this.config('director_url') + 'self-service/register-host?name=' + $this.getProperty('local_hostname') + '&key=' + $apiKey;
[string]$json = ''; [string]$json = '';
@ -1903,7 +1935,6 @@ object ApiListener "api" {
} }
} }
} }
}
} elseif ($this.config('director_host_object')) { } elseif ($this.config('director_host_object')) {
# Setup the url we need to call # Setup the url we need to call
[string]$url = $this.config('director_url') + 'host'; [string]$url = $this.config('director_url') + 'host';