From c48f3a8b59af64a71478b8e2209cb399382c1373 Mon Sep 17 00:00:00 2001 From: Jarrod Johnson Date: Fri, 27 Aug 2021 16:13:14 -0400 Subject: [PATCH] Sample script to navigate first password change --- misc/setinitalpwd.py | 40 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 misc/setinitalpwd.py diff --git a/misc/setinitalpwd.py b/misc/setinitalpwd.py new file mode 100644 index 00000000..a640fdc7 --- /dev/null +++ b/misc/setinitalpwd.py @@ -0,0 +1,40 @@ +#!/usr/bin/python2 +import pyghmi.util.webclient as webclient +import json +import os +import sys + +tmppassword = 'to3BdS91ABrd' +missingargs = False +if 'XCCUSER' not in os.environ: + print('Must set XCCUSER environment variable') + missingargs = True +if 'XCCPASS' not in os.environ: + print('Must set XCCPASS environment variable') + missingargs = True +if missingargs: + sys.exit(1) + +w = webclient.SecureHTTPConnection(sys.argv[1], 443, verifycallback=lambda x: True) +w.connect() +adata = json.dumps({'username': 'USERID', 'password': 'PASSW0RD'}) +headers = {'Connection': 'keep-alive', 'Content-Type': 'application/json'} +w.request('POST', '/api/login', adata, headers) +rsp = w.getresponse() +if rsp.status == 200: + rspdata = json.loads(rsp.read()) + w.set_header('Content-Type', 'application/json') + w.set_header('Authorization', 'Bearer ' + rspdata['access_token']) + if '_csrf_token' in w.cookies: + w.set_header('X-XSRF-TOKEN', w.cookies['_csrf_token']) + if rspdata.get('pwchg_required', False): + print(repr(w.grab_json_response('/api/function', {'USER_UserPassChange': os.environ['XCCPASS']}))) + print(repr(w.grab_json_response('/api/dataset', { + 'USER_GlobalPassExpWarningPeriod': '0', + 'USER_GlobalPassExpPeriod': '0', + 'USER_GlobalMinPassReuseCycle': '0', + 'USER_GlobalMinPassReuseCycle': '0', + 'USER_GlobalMinPassChgInt': '0', + }))) + #print(repr(w.grab_json_response('/api/function', {'USER_UserPassChange': '1,' + os.environ['XCCPASS']}))) +