KSC Open API

[Виктор Михайлов]

Есть ли возможность аутентификации через KlAkOAPI Python package при использовании на KSC 2FA? В документации описана аутентификация только через HTTP https://support.kaspersky.com/help/KSC/14/KSCAPI/a00396.html

[Виктор Михайлов]

Сделал сам так:

from KlAkOAPI.AdmServer import KlAkAdmServer

import urllib3  
import requests
import base64
import json

username = 'OpenAPI_2FA'
password = '1qazXSW@'

def ConnectKSC_2FA_Token(ip):
    # connect to KSC  with two-factor Token authentication using TOTP codes
    # The Token (KlAkAdmServer.CreateByToken) can be used for logon purposes to Administration Server for a short time (3 minutes by default).
    urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
    url_login = ip + "/api/v1.0/login"
    url_CreateToken = ip + "/api/v1.0/Session.CreateToken"
    user = base64.b64encode(username.encode("utf-8")).decode("utf-8")
    passwd = base64.b64encode(password.encode("utf-8")).decode("utf-8")
    session = requests.Session()
    auth_headers = {
        "Authorization": 'KSCBasic user="'
        + user
        + '", pass="'
        + passwd
        + '", internal="0"',
        "Content-Type": "application/json",
    }
    data = {}
    connect = None
    response = session.post(
        url=url_login, headers=auth_headers, data=data, verify=False
    )
    if response.status_code == 401 and response.text == "Authentication not finished":
        totp = input("Enter a TOTP: ")
        auth_headers = {
            "Authorization": 'KSCMFA totp="' + totp + '"',
            "Content-Type": "application/json",
        }
        data = {}
        response = session.post(
            url=url_login, headers=auth_headers, data=data, verify=False
        )
        if response.status_code == 200:
            response = session.post(
                url=url_CreateToken, headers="", data=data, verify=False
            )
            if response.status_code == 200:
                Token = json.loads(response.text)["PxgRetVal"]
                connect = KlAkAdmServer.CreateByToken(
                    ip, Token, verify=False, vserver=""
                )
    else:
        session.close()
        connect = KlAkAdmServer.Create(ip, username, password, verify=False, vserver="")
    return connect