使用 Token 进行 JumpServer API 接口测试


飞致云 发布于 2024-05-15 / 51 阅读 / 0 评论 /
JumpServer 安装完成后,用户可以通过提供的 API 接口进行平台的二次开发。本文介绍用户如何通过 Token 连接方式完成 JumpServer API 接口的对接测试。

安装完 JumpServer 后,JumpServer API 接口调用地址为:JumpServerIP/api/docs

1.使用 JumpServer 页面进行接口功能验证

点击每个 API 接口右侧 “Λ“,可以展开 API 的详细说明,包括参数说明和返回信息说明。

点击 <Try> 和 <Execute> 功能,可以查看接口执行结果和返回信息。

 

2. 使用其他工具进行 JumpServer 接口测试

使用 Postman 测试 JumpServer API 接口,或者直接在服务器后端执行 curl 来测试。

2.1获取用户 Token

JumpServer Token 可分为临时 Token 和永久 Token 两种,都可用于 API 的连接。

2.1.1 临时 Token 获取

  • 在 Jumpserver 后端执行获取 Token 命令:

curl -X POST http://JumpServerIP/api/v1/authentication/auth/ -H 'Content-Type: application/json' -d '{"username": "username", "password": "password"}’

 注: Username 和 Password 填写实际的用户名和密码, JumpServerIP 填写实际地址。

获取返回的临时 Token:

{"token":"4izUQIsbCTCTsMyr54zEH3NfLZKZit8vPVi3","keyword":"Bearer",……….

[root@Test4LinuxRemoteApp ~]# curl -X POST http://10.1.13.133/api/v1/authentication/auth/ -H 'Content-Type: application/json' -d '{"username": "admin", "password": "Fit2cloud.."}'
{"token":"4izUQIsbCTCTsMyr54zEH3NfLZKZit8vPVi3","keyword":"Bearer","date_expired":"2024/05/12 14:03:43 +0800","user":{"id":"ebffbc71-5918-4b9c-a11b-93af95ba79b4","name":"Administrator","username":"admin","email":"admin@example.com","wechat":"","phone":null,"mfa_level":{"value":0,"label":"禁用"},"source":{"value":"local","label":"数据库"},"wecom_id":null,"dingtalk_id":null,"feishu_id":null,"slack_id":null,"created_by":"System","updated_by":"System","comment":"","avatar_url":"/static/img/avatar/admin.png","groups":[{"id":"54ca9fd8-0e4d-4798-96bc-7ad29362e04f","name":"Default"}],"system_roles":[{"id":"00000000-0000-0000-0000-000000000001","display_name":"系统管理员"}],"org_roles":[{"id":"00000000-0000-0000-0000-000000000007","display_name":"组织用户","name":"OrgUser"}],"labels":[],"password_strategy":{"value":"email","label":"生成重置密码链接,通过邮件发送给用户"},"public_key_comment":"","public_key_hash_md5":"","guide_url":"","console_orgs":[{"id":"00000000-0000-0000-0000-000000000000","name":"全局组织","is_default":false,"is_root":true},{"id":"a5e0f4c9-c512-4a21-b96f-1da347b16bd9","name":"API-create","is_default":false,"is_root":false},{"id":"51adeecf-6704-4bca-bda9-b7438da9b0e1","name":"API-createORG","is_default":false,"is_root":false},{"id":"00000000-0000-0000-0000-000000000002","name":"Default","is_default":true,"is_root":false},{"id":"00000000-0000-0000-0000-000000000004","name":"SYSTEM","is_default":false,"is_root":false},{"id":"d37c2421-ed18-41ff-b4c4-69d5d4b6f637","name":"组织测试","is_default":false,"is_root":false}],"audit_orgs":[{"id":"00000000-0000-0000-0000-000000000000","name":"全局组织","is_default":false,"is_root":true},{"id":"a5e0f4c9-c512-4a21-b96f-1da347b16bd9","name":"API-create","is_default":false,"is_root":false},{"id":"51adeecf-6704-4bca-bda9-b7438da9b0e1","name":"API-createORG","is_default":false,"is_root":false},{"id":"00000000-0000-0000-0000-000000000002","name":"Default","is_default":true,"is_root":false},{"id":"00000000-0000-0000-0000-000000000004","name":"SYSTEM","is_default":false,"is_root":false},{"id":"d37c2421-ed18-41ff-b4c4-69d5d4b6f637","name":"组织测试","is_default":false,"is_root":false}],"workbench_orgs":[{"id":"00000000-0000-0000-0000-000000000000","name":"所有组织","is_default":false,"is_root":true},{"id":"00000000-0000-0000-0000-000000000002","name":"Default","is_default":true,"is_root":false}],"receive_backends":["site_msg","email"],"perms":["accounts.add_account","accounts.add_accountbackupautomation","accounts.add_accountbackupexecution","accounts.add_accounttemplate","accounts.add_changesecretautomation","accounts.add_changesecretexecution","accounts.add_gatheraccountsautomation","accounts.add_gatheraccountsexecution","accounts.add_gatheredaccount","accounts.add_pushaccountautomation","accounts.add_pushaccountexecution","accounts.add_virtualaccount","accounts.change_account","accounts.change_accountbackupautomation","accounts.change_accounttemplate","accounts.change_accounttemplatesecret","accounts.change_changesecretautomation","accounts.change_gatheraccountsautomation","accounts.change_gatheredaccount","accounts.change_pushaccountautomation","accounts.change_virtualaccount","accounts.delete_account","accounts.delete_accountbackupautomation","accounts.delete_accounttemplate","accounts.delete_changesecretautomation","accounts.delete_gatheraccountsautomation","accounts.delete_gatheredaccount","accounts.delete_pushaccountautomation","accounts.delete_virtualaccount","accounts.push_account","accounts.remove_account","accounts.verify_account","accounts.view_account","accounts.view_accountbackupautomation","accounts.view_accountbackupexecution","accounts.view_accountsecret","accounts.view_accounttemplate","accounts.view_accounttemplatesecret","accounts.view_changesecretautomation","accounts.view_changesecretexecution","accounts.view_changesecretrecord","accounts.view_gatheraccountsautomation","accounts.view_gatheraccountsexecution","accounts.view_gatheredaccount","accounts.view_pushaccountautomation","accounts.view_pushaccountexecution","accounts.view_virtualaccount","acls.add_commandfilteracl","acls.add_commandgroup","acls.add_connectmethodacl","acls.add_loginacl","acls.add_loginassetacl","acls.change_commandfilteracl","acls.change_commandgroup","acls.change_connectmethodacl","acls.change_loginacl","acls.change_loginassetacl","acls.delete_commandfilteracl","acls.delete_commandgroup","acls.delete_connectmethodacl","acls.delete_loginacl","acls.delete_loginassetacl","acls.view_commandfilteracl","acls.view_commandgroup","acls.view_connectmethodacl","acls.view_loginacl","acls.view_loginassetacl","assets.add_asset","assets.add_custom","assets.add_domain","assets.add_gateway","assets.add_gpt","assets.add_node","assets.add_platform","assets.change_asset","assets.change_assetnodes","assets.change_custom","assets.change_domain","assets.change_gateway","assets.change_gpt","assets.change_node","assets.change_platform","assets.delete_asset","assets.delete_custom","assets.delete_domain","assets.delete_gateway","assets.delete_gpt","assets.delete_node","assets.delete_platform","assets.match_asset","assets.match_node","assets.refresh_assethardwareinfo","assets.test_assetconnectivity","assets.view_asset","assets.view_custom","assets.view_domain","assets.view_gateway","assets.view_gpt","assets.view_node","assets.view_platform","audits.add_ftplog","audits.change_ftplog","audits.offline_usersession","audits.view_activitylog","audits.view_ftplog","audits.view_joblog","audits.view_operatelog","audits.view_passwordchangelog","audits.view_userloginlog","audits.view_usersession","authentication.add_accesskey","authentication.add_connectiontoken","authentication.add_passkey","authentication.add_superconnectiontoken","authentication.add_temptoken","authentication.change_accesskey","authentication.change_passkey","authentication.change_temptoken","authentication.delete_accesskey","authentication.delete_passkey","authentication.expire_connectiontoken","authentication.reuse_connectiontoken","authentication.view_accesskey","authentication.view_connectiontoken","authentication.view_passkey","authentication.view_superconnectiontoken","authentication.view_superconnectiontokensecret","authentication.view_temptoken","labels.add_label","labels.add_labeledresource","labels.change_label","labels.change_labeledresource","labels.delete_label","labels.delete_labeledresource","labels.view_label","labels.view_labeledresource","ops.add_adhoc","ops.add_job","ops.add_jobexecution","ops.add_playbook","ops.change_adhoc","ops.change_job","ops.change_playbook","ops.delete_adhoc","ops.delete_job","ops.delete_playbook","ops.view_adhoc","ops.view_celerytask","ops.view_celerytaskexecution","ops.view_job","ops.view_jobexecution","ops.view_playbook","ops.view_taskmonitor","orgs.add_organization","orgs.change_organization","orgs.delete_organization","orgs.view_alljoinedorg","orgs.view_organization","orgs.view_rootorg","perms.add_assetpermission","perms.change_assetpermission","perms.delete_assetpermission","perms.view_assetpermission","perms.view_myassets","perms.view_userassets","rbac.add_orgrole","rbac.add_orgrolebinding","rbac.add_role","rbac.add_systemrole","rbac.add_systemrolebinding","rbac.change_orgrole","rbac.change_role","rbac.change_systemrole","rbac.delete_orgrole","rbac.delete_orgrolebinding","rbac.delete_role","rbac.delete_systemrole","rbac.delete_systemrolebinding","rbac.view_audit","rbac.view_console","rbac.view_contenttype","rbac.view_filemanager","rbac.view_orgrole","rbac.view_orgrolebinding","rbac.view_permission","rbac.view_role","rbac.view_systemrole","rbac.view_systemrolebinding","rbac.view_systemtools","rbac.view_webterminal","rbac.view_workbench","settings.add_chatprompt","settings.change_announcement","settings.change_auth","settings.change_chatai","settings.change_chatprompt","settings.change_clean","settings.change_email","settings.change_interface","settings.change_license","settings.change_ops","settings.change_other","settings.change_security","settings.change_sms","settings.change_systemmsgsubscription","settings.change_terminal","settings.change_ticket","settings.change_vault","settings.change_virtualapp","settings.delete_chatprompt","settings.view_chatprompt","settings.view_setting","terminal.add_applet","terminal.add_applethost","terminal.add_applethostdeployment","terminal.add_appletpublication","terminal.add_appprovider","terminal.add_command","terminal.add_commandstorage","terminal.add_endpoint","terminal.add_endpointrule","terminal.add_replaystorage","terminal.add_session","terminal.add_sessionjoinrecord","terminal.add_status","terminal.add_supersessionsharing","terminal.add_terminal","terminal.add_virtualapp","terminal.add_virtualapppublication","terminal.change_applet","terminal.change_applethost","terminal.change_applethostdeployment","terminal.change_appletpublication","terminal.change_appprovider","terminal.change_commandstorage","terminal.change_endpoint","terminal.change_endpointrule","terminal.change_replaystorage","terminal.change_session","terminal.change_sessionjoinrecord","terminal.change_task","terminal.change_terminal","terminal.change_virtualapp","terminal.change_virtualapppublication","terminal.delete_applet","terminal.delete_applethost","terminal.delete_applethostdeployment","terminal.delete_appletpublication","terminal.delete_appprovider","terminal.delete_commandstorage","terminal.delete_endpoint","terminal.delete_endpointrule","terminal.delete_replaystorage","terminal.delete_terminal","terminal.delete_virtualapp","terminal.delete_virtualapppublication","terminal.download_sessionreplay","terminal.monitor_session","terminal.terminate_session","terminal.upload_sessionreplay","terminal.validate_sessionactionperm","terminal.view_applet","terminal.view_applethost","terminal.view_applethostdeployment","terminal.view_appletpublication","terminal.view_appprovider","terminal.view_command","terminal.view_commandstorage","terminal.view_endpoint","terminal.view_endpointrule","terminal.view_replaystorage","terminal.view_session","terminal.view_sessionjoinrecord","terminal.view_sessionreplay","terminal.view_status","terminal.view_task","terminal.view_terminal","terminal.view_terminalconfig","terminal.view_virtualapp","terminal.view_virtualapppublication","tickets.add_superticket","tickets.add_ticketsession","tickets.change_superticket","tickets.change_ticketflow","tickets.change_ticketsession","tickets.view_superticket","tickets.view_ticket","tickets.view_ticketflow","users.add_preference","users.add_user","users.add_usergroup","users.change_preference","users.change_user","users.change_usergroup","users.delete_preference","users.delete_user","users.delete_usergroup","users.invite_user","users.match_user","users.remove_user","users.view_preference","users.view_user","users.view_usergroup","xpack.add_account","xpack.add_strategy","xpack.add_strategyaction","xpack.add_strategyrule","xpack.add_syncinstancetask","xpack.add_syncinstancetaskexecution","xpack.change_account","xpack.change_strategy","xpack.change_strategyaction","xpack.change_strategyrule","xpack.change_syncinstancetask","xpack.delete_account","xpack.delete_strategy","xpack.delete_strategyaction","xpack.delete_strategyrule","xpack.delete_syncinstancetask","xpack.test_account","xpack.view_account","xpack.view_strategy","xpack.view_strategyaction","xpack.view_strategyrule","xpack.view_syncinstancedetail","xpack.view_syncinstancetask","xpack.view_syncinstancetaskexecution"],"is_superuser":true,"is_org_admin":true,"is_service_account":false,"is_valid":true,"is_expired":false,"is_active":true,"is_otp_secret_key_bound":false,"can_public_key_auth":true,"mfa_enabled":false,"need_update_password":false,"mfa_force_enabled":false,"is_first_login":false,"login_blocked":false,"date_expired":"2094/03/08 10:54:52 +0800","date_joined":"2024/03/25 10:54:52 +0800","last_login":"2024/05/11 14:03:43 +0800","date_updated":"2024/04/03 17:40:44 +0800","date_api_key_last_used":"2024/05/11 12:00:20 +0800","date_password_last_updated":"2024/03/25 11:13:27 +0800"}}

  • 使用 Postman 获取临时 Token

请求方式:

POST

Request URL:

/api/v1/authentication/auth/

 

在 Header 处添加

Request Header:

Content-Type:application/json

 

在 Body 处填入用户名密码。 

参数名

类型

描述

是否必选

username

String

用户名

password

String

密码

 

获取返回的 Token.

2.1.2 临时 Token 的使用

注:测试时使用临时 Token 要放在后面

curl -X GET http://10.1.13.133/api/v1/assets/assets/ \ -H 'Authorization: bearer  HD0J6IPRnr2zjNrOe1z2gqqw0msuXklFsImL'

如果使用 Postman 进行接口测试,需要在 Authorization 里面选择 “Bearer Token” 并填入临时 Token:

 

2.1.3 永久 Token 获取

Token 获取的操作步骤:

$ docker exec -it jms_core /bin/bash

$ cd apps

$ python manage.py shell

>>> from users.models import User

>>> user = User.objects.get(username='admin')

>>> user.create_private_token()

'70703180340299c8b0fd451e2ead05f342f4adb2'

如果显示已经存在,可以执行:

user.auth_token #获得已经有的

user.refresh_private_token()  #刷新

user.private_token.delete()  #删除

 

注:测试时使用永久 Token 要放在前面

curl -H 'Authorization: Token 90fe06635975f11b5bb7ec9f309102bfba9d6c5b' -H 'Content-Type:application/json'  http://10.1.13.133/api/v1/assets/assets/

 

2.1.4 永久 Token 使用

在 Postman 中使用永久 Token:

不需要在 Authorization 里面设置,需要在 Header 里面添加。

2.2 测试举例

2.2.1获取组织列表信息

请求方式:

GET

Request URL:

/api/v1/orgs/orgs/

Request Header:

Authorization:Bearer XXXXXXXXXXXX

XXXXXXXXXXXX为管理员的 Token 信息

“X-JMS-ORG:XXXXXXXXXXXX

XXXXXXXXXXXX为组织 ID(可以不填)“

请求示例:

返回示例:

[

    {

        "id": "a5e0f4c9-c512-4a21-b96f-1da347b16bd9",

        "name": "API-create",

        "resource_statistics": {

            "users_amount": 1,

            "groups_amount": 1,

            "assets_amount": 0,

            "nodes_amount": 1,

            "domains_amount": 0,

            "asset_perms_amount": 0

        },

        "is_default": false,

        "is_root": false,

        "internal": false,

        "date_created": "2024/05/08 16:54:21 +0800",

        "created_by": "Administrator",

        "comment": ""

    },

    {

        "id": "00000000-0000-0000-0000-000000000002",

        "name": "Default",

        "resource_statistics": {

            "users_amount": 6,

            "groups_amount": 1,

            "assets_amount": 12,

            "nodes_amount": 1,

            "domains_amount": 0,

            "asset_perms_amount": 10

        },

        "is_default": true,

        "is_root": false,

        "internal": true,

        "date_created": "2024/03/25 10:55:31 +0800",

        "created_by": "System",

        "comment": ""

    },

    {

        "id": "00000000-0000-0000-0000-000000000004",

        "name": "SYSTEM",

        "resource_statistics": {

            "users_amount": 0,

            "groups_amount": 0,

            "assets_amount": 1,

            "nodes_amount": 2,

            "domains_amount": 0,

            "asset_perms_amount": 0

        },

        "is_default": false,

        "is_root": false,

        "internal": true,

        "date_created": "2024/03/25 10:57:18 +0800",

        "created_by": "System",

        "comment": ""

    },

    {

        "id": "d37c2421-ed18-41ff-b4c4-69d5d4b6f637",

        "name": "组织测试",

        "resource_statistics": {

            "users_amount": 0,

            "groups_amount": 0,

            "assets_amount": 0,

            "nodes_amount": 1,

            "domains_amount": 0,

            "asset_perms_amount": 0

        },

        "is_default": false,

        "is_root": false,

        "internal": false,

        "date_created": "2024/05/08 16:50:43 +0800",

        "created_by": "Administrator",

        "comment": ""

    }

]

2.2.1添加组织

请求方式:

Post

Request URL:

/api/v1/orgs/orgs/

Request Header:

Authorization:Bearer XXXXXXXXXXXX

XXXXXXXXXXXX为管理员的token信息

Body:

要创建的组织信息。

请求示例:

在 Body 中填入需要创建的组织信息。

返回结果:

登录 JumpServer 验证创建结果



是否对你有帮助?