Use POST method when requesting the API login endpoint (#4103)

* Use POST method when requesting the API login endpoint

* changelog: add PR entry

Co-authored-by: Matias Ezequiel Moreno <[email protected]>
Co-authored-by: Álex <[email protected]>
Co-authored-by: Antonio David Gutiérrez <[email protected]>
(cherry picked from commit 3977e45)

CHANGELOG.md

@@ -2,6 +2,12 @@
 
 All notable changes to the Wazuh app project will be documented in this file.
 
+## Wazuh v4.4.0 - OpenSearch Dashboards 1.2.0 - Revision 4400
+
+### Changed
+
+- Changed the HTTP verb from `GET` to `POST` in the requests to login to the Wazuh API [#4103](https:/wazuh/wazuh-kibana-app/pull/4103)
+
 ## Wazuh v4.3.5 - OpenSearch Dashboards 1.2.0 - Revision 4306
 
 ### Added

common/api-info/endpoints.json

@@ -6904,25 +6904,6 @@
  }
  ]
  },
- {
- "name": "/security/user/authenticate",
- "documentation": "https://documentation.wazuh.com/current/user-manual/api/reference.html#operation/api.controllers.security_controller.login_user",
- "description": "This method should be called to get an API token. This token will expire after auth_token_exp_timeout seconds (default: 900). This value can be changed using PUT /security/config",
- "summary": "Login",
- "tags": [
- "Security"
- ],
- "query": [
- {
- "name": "raw",
- "description": "Format response in plain text",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- }
- ]
- },
  {
  "name": "/security/users",
  "documentation": "https://documentation.wazuh.com/current/user-manual/api/reference.html#operation/api.controllers.security_controller.get_users",
@@ -10851,6 +10832,25 @@
  }
  ]
  },
+ {
+ "name": "/security/user/authenticate",
+ "documentation": "https://documentation.wazuh.com/current/user-manual/api/reference.html#operation/api.controllers.security_controller.login_user",
+ "description": "This method should be called to get an API token. This token will expire after auth_token_exp_timeout seconds (default: 900). This value can be changed using PUT /security/config",
+ "summary": "Login",
+ "tags": [
+ "Security"
+ ],
+ "query": [
+ {
+ "name": "raw",
+ "description": "Format response in plain text",
+ "required": false,
+ "schema": {
+ "type": "boolean"
+ }
+ }
+ ]
+ },
  {
  "name": "/security/user/authenticate/run_as",
  "documentation": "https://documentation.wazuh.com/current/user-manual/api/reference.html#operation/api.controllers.security_controller.run_as_login",
@@ -12010,4 +12010,4 @@
  }
  ]
  }
-]
+]

scripts/generate-api-4.0-info/generate-api-4.0-info.js

@@ -53,7 +53,7 @@ const main = () => {
  if(!WAZUH_API_URL.startsWith('http') ){
  exitWithMessage(`Wazuh API url is not valid. It should start with "http". Example: https://172.16.1.2:55000`);
  };
- 
+
  // Log the configuration:
  console.log('--------------- Configuration ---------------');
  console.log(`Wazuh API url: ${WAZUH_API_URL}`);
@@ -111,6 +111,7 @@ const generateAPISecurityActionsInformation = async () => {
  const password = 'wazuh';
  try{
  const authenticationResponse = await request(`${WAZUH_API_URL}/security/user/authenticate`, {
+ method: 'POST',
  headers: {
  'Authorization': 'Basic ' + Buffer.from(username + ':' + password).toString('base64')
  }
@@ -119,7 +120,7 @@ const generateAPISecurityActionsInformation = async () => {
  const { token } = JSON.parse(authenticationResponse).data;
  const securityActionsResponse = await request(`${WAZUH_API_URL}/security/actions`, {
  headers: {
- 'Authorization': `Bearer ${token}` 
+ 'Authorization': `Bearer ${token}`
  }
  });
  const securityActions = JSON.parse(securityActionsResponse).data;

server/lib/api-interceptor.ts

@@ -15,7 +15,7 @@ import { ManageHosts } from './manage-hosts';
 import https from 'https';
 
 const httpsAgent = new https.Agent({
- rejectUnauthorized: false, 
+ rejectUnauthorized: false,
 });
 
 const _axios = axios.create({ httpsAgent });
@@ -47,7 +47,7 @@ export const authenticate = async (apiHostID: string, authContext?: any): Promis
  try{
  const api: APIHost = await manageHosts.getHostById(apiHostID);
  const optionsRequest = {
- method: !!authContext ? 'POST' : 'GET',
+ method: 'POST',
  headers: {
  'content-type': 'application/json',
  },

server/lib/api-request-list.json

@@ -6878,25 +6878,6 @@
  }
  ]
  },
- {
- "name": "/security/user/authenticate",
- "documentation": "https://documentation.wazuh.com/current/user-manual/api/reference.html#operation/api.controllers.security_controller.login_user",
- "description": "This method should be called to get an API token. This token will expire after auth_token_exp_timeout seconds (default: 900). This value can be changed using PUT /security/config",
- "summary": "Login",
- "tags": [
- "Security"
- ],
- "query": [
- {
- "name": "raw",
- "description": "Format response in plain text",
- "required": false,
- "schema": {
- "type": "boolean"
- }
- }
- ]
- },
  {
  "name": "/security/users",
  "documentation": "https://documentation.wazuh.com/current/user-manual/api/reference.html#operation/api.controllers.security_controller.get_users",
@@ -10503,6 +10484,25 @@
  }
  ]
  },
+ {
+ "name": "/security/user/authenticate",
+ "documentation": "https://documentation.wazuh.com/current/user-manual/api/reference.html#operation/api.controllers.security_controller.login_user",
+ "description": "This method should be called to get an API token. This token will expire after auth_token_exp_timeout seconds (default: 900). This value can be changed using PUT /security/config",
+ "summary": "Login",
+ "tags": [
+ "Security"
+ ],
+ "query": [
+ {
+ "name": "raw",
+ "description": "Format response in plain text",
+ "required": false,
+ "schema": {
+ "type": "boolean"
+ }
+ }
+ ]
+ },
  {
  "name": "/security/user/authenticate/run_as",
  "documentation": "https://documentation.wazuh.com/current/user-manual/api/reference.html#operation/api.controllers.security_controller.run_as_login",
@@ -11662,4 +11662,4 @@
  }
  ]
  }
-]
+]