Still having issue with Generating APIs

Status
Not open for further replies.

Andyd358

Member
Aug 23, 2018
260
9
18
55
UK
Hi

Just wondering if anybody can point me in the right direction. Im still unable to create API for users I click the button but nothing happens. Ive tried updating fusion through the GUI and its uptodat also tried a gut pull but says its yptodate. I did try installing a fres copy on another server to test and the API works fine on that one. Anyone got any pointers for me to check please
 

Adrian Fretwell

Well-Known Member
Aug 13, 2017
1,500
414
83
I'm sorry I have no idea why this is not working for you but the problem may be browser related.

It is pure javascript that populates the API key field when you click the button:
Code:
    <input type='text' class='formfld' style='width: 250px;' name='api_key' id='api_key' value="" ><button type='button' alt='Generate' title='Generate' onclick="document.getElementById('api_key').value = uuid();" class='btn btn-default ' ><span class='fas fa-key fa-fw'></span><span class='button-label hide-md-dn pad'>Generate</span></button>            <br />Use the generate button to create a 128 bit key.<br />

Code:
<script>
function uuid() {
    var d = new Date().getTime();
    var uuid = 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function(c) {
        var r = (d + Math.random()*16)%16 | 0;
        d = Math.floor(d/16);
        return (c=='x' ? r : (r&0x3|0x8)).toString(16);
    });
    return uuid;
};
</script>
 

Andyd358

Member
Aug 23, 2018
260
9
18
55
UK
I'm sorry I have no idea why this is not working for you but the problem may be browser related.

It is pure javascript that populates the API key field when you click the button:
Code:
    <input type='text' class='formfld' style='width: 250px;' name='api_key' id='api_key' value="" ><button type='button' alt='Generate' title='Generate' onclick="document.getElementById('api_key').value = uuid();" class='btn btn-default ' ><span class='fas fa-key fa-fw'></span><span class='button-label hide-md-dn pad'>Generate</span></button>            <br />Use the generate button to create a 128 bit key.<br />

Code:
<script>
function uuid() {
    var d = new Date().getTime();
    var uuid = 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function(c) {
        var r = (d + Math.random()*16)%16 | 0;
        d = Math.floor(d/16);
        return (c=='x' ? r : (r&0x3|0x8)).toString(16);
    });
    return uuid;
};
</script>
HI

Im not sure its abrowser isuues and I can use it on different installs i have setup even just tried it on a Raspbeery Pi (its slooooow) and works Same browser Same PC
 

Adrian Fretwell

Well-Known Member
Aug 13, 2017
1,500
414
83
Hi Adrian Where is that code located just so for my own sanity i can check it
That was taken from the "view page source" option in the browser whilst on the edit user page. The script for the uuid() function was very near the bottom of the page source.
 
  • Like
Reactions: Andyd358

Andyd358

Member
Aug 23, 2018
260
9
18
55
UK
i can find
<input type='text' class='formfld' style='width: 250px;' name='api_key' id='api_key' value="" ><button type='button' alt='Generate' title='Generate' onclick="document.getElementById('api_key').value = '';" class='btn btn-default ' ><span class='fas fa-key fa-fw'></span><span class='button-label hide-md-dn pad'>Generate</span></button> <br />Use the generate button to create a key.<br /

but cant find any of the script in the scource searched rro
function uuid() {
no entry showing
 

Adrian Fretwell

Well-Known Member
Aug 13, 2017
1,500
414
83
Mmm... Just looking at the PHP code on one of my test servers (FusionPBX V 4.5.11) built on 14th Feb 2020:

/var/www/fusionpbx/core/users/user_edit.php

At line 988, thi sis the code that creates the api_key edit control and button
Code:
    if (permission_exists('api_key')) {
        echo "    <tr>";
        echo "        <td class='vncell' valign='top'>".$text['label-api_key']."</td>";
        echo "        <td class='vtable'>\n";
        echo "            <input type='text' class='formfld' style='width: 250px;' name='api_key' id='api_key' value=\"".escape($api_key)."\" >";
        echo button::create(['type'=>'button','label'=>$text['button-generate'],'icon'=>'key','onclick'=>"document.getElementById('api_key').value = uuid();"]);
        if (strlen($text['description-api_key']) > 0) {
            echo "            <br />".$text['description-api_key']."<br />\n";
        }
        echo "        </td>";
        echo "    </tr>";
    }


And at line 1054, this is the code that writes the script tags for the uuid() function:
Code:
//uuid generation script
    echo "<script>\n";
    echo "function uuid() {\n";
    echo "    var d = new Date().getTime();\n";
    echo "    var uuid = 'xxxxxxxx-xxxx-4xxx-yxxx-xxxxxxxxxxxx'.replace(/[xy]/g, function(c) {\n";
    echo "        var r = (d + Math.random()*16)%16 | 0;\n";
    echo "        d = Math.floor(d/16);\n";
    echo "        return (c=='x' ? r : (r&0x3|0x8)).toString(16);\n";
    echo "    });\n";
    echo "    return uuid;\n";
    echo "};\n";
    echo "</script>\n";
 

Andyd358

Member
Aug 23, 2018
260
9
18
55
UK
I seem to have bits missing then:
if (permission_exists('api_key')) {
echo " <tr>";
echo " <td class='vncell' valign='top'>".$text['label-api_key']."</td>";
echo " <td class='vtable'>\n";
echo " <input type='text' class='formfld' style='width: 250px;' name='api_key' id='api_key' value=\"".escape($api_key)."\" >";
echo button::create(['type'=>'button','label'=>$text['button-generate'],'icon'=>'key','onclick'=>"document.getElementById('api_key').value = '".generate_password(32,3)."';"]);
if (strlen($text['description-api_key']) > 0) {
echo " <br />".$text['description-api_key']."<br />\n";
}
echo " </td>";
echo " </tr>";
}

if (permission_exists('message_key')) {
echo " <tr>";
echo " <td class='vncell' valign='top'>".$text['label-message_key']."</td>";
echo " <td class='vtable'>\n";
echo " <input type='text' class='formfld' style='width: 250px;' name='message_key' id='message_key' value=\"".($message_key ? escape($message_key) : escape($user_settings["message"]["key"]["text"]))."\" >";
echo button::create(['type'=>'button','label'=>$text['button-generate'],'icon'=>'key','onclick'=>"document.getElementById('message_key').value = '".generate_password(32,3)."';"]);
if (strlen($text['description-message_key']) > 0) {
echo " <br />".$text['description-message_key']."<br />\n";
}
echo " </td>";
echo " </tr>";
}

echo "<tr ".($user_uuid == $_SESSION['user_uuid'] ? "style='display: none;'" : null).">\n";
echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
echo " ".$text['label-enabled']."\n";
echo "</td>\n";
echo "<td class='vtable' align='left'>\n";
echo " <select class='formfld' name='user_enabled'>\n";
echo " <option value='true' ".(($user_enabled == "true") ? "selected='selected'" : null).">".$text['option-true']."</option>\n";
echo " <option value='false' ".(($user_enabled == "false") ? "selected='selected'" : null).">".$text['option-false']."</option>\n";
echo " </select>\n";
echo "<br />\n";
echo $text['description-enabled']."\n";
echo "</td>\n";
echo "</tr>\n";

echo "</table>";
echo "<br /><br />";

if ($action == 'edit') {
echo "<input type='hidden' name='id' value=\"".escape($user_uuid)."\">";
if (permission_exists("user_edit")) {
echo "<input type='hidden' name='username_old' value=\"".escape($username)."\">";
}
}
echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";

echo "</form>";

if (permission_exists("user_edit") && permission_exists('user_setting_view') && $action == 'edit') {
require $_SERVER["DOCUMENT_ROOT"].PROJECT_PATH."/core/user_settings/user_settings.php";
echo "<br><br>";
}

echo "<script>\n";

//hide password fields before submit
echo " function submit_form() {\n";
echo " hide_password_fields();\n";
echo " $('form#frm').submit();\n";
echo " }\n";
echo "</script>\n";

//include the footer
require_o
 

Adrian Fretwell

Well-Known Member
Aug 13, 2017
1,500
414
83
It looks like you have a later version of edit_user.php, more like the version that is currently on the master branch on Github:
https://github.com/fusionpbx/fusionpbx/blob/master/core/users/user_edit.php

This code seems to create a password using a php function called generate_password at the page build time rather than generating on the fly using javascript.

My assumption is that this generate_password() function is failing which is why the relavent part of your page source looks like this:

Code:
onclick="document.getElementById('api_key').value = '';"
 

Andyd358

Member
Aug 23, 2018
260
9
18
55
UK
It looks like you have a later version of edit_user.php, more like the version that is currently on the master branch on Github:
https://github.com/fusionpbx/fusionpbx/blob/master/core/users/user_edit.php

This code seems to create a password using a php function called generate_password at the page build time rather than generating on the fly using javascript.

My assumption is that this generate_password() function is failing which is why the relavent part of your page source looks like this:

Code:
onclick="document.getElementById('api_key').value = '';"
OK here comes a dumb question Can I downgrade it? Is it safe and how do i do that :) I really need to get this API thing working for a customer who requires it for the phonebook application. Alternativley if anyones knows how I can use the remote phonebook reature on yealink phones with ot using fusion that may be batter
 

Adrian Fretwell

Well-Known Member
Aug 13, 2017
1,500
414
83
The api key can be any string of digits or numbers or whatever, originally it was a uuid but you can just type in to that field any string of random characters. The key can be whatever you want it to be.

If you want to use a uuid there is an online uuid generator tool here: https://www.uuidgenerator.net/ (choose the version 4 uuid)

If you want to run some PHP to generate one your self at the command line try this:
Code:
#!/usr/bin/php
<?php

$_uuid = com_create_guid();
echo $_uuid."\n";

exit(0);

function com_create_guid() { //uuid V4 only
    return sprintf( '%04x%04x-%04x-%04x-%04x-%04x%04x%04x',
    mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ),
    mt_rand( 0, 0xffff ),
    mt_rand( 0, 0x0fff ) | 0x4000,
    mt_rand( 0, 0x3fff ) | 0x8000,
    mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff ), mt_rand( 0, 0xffff )
    );
}
 

Andyd358

Member
Aug 23, 2018
260
9
18
55
UK
Thanks for your help Dont know why i just didnt try that to be honest. Problem I have is now i get access denied for the phonebook. Feel like just going to their office and entering the contacts in the phone for them......
 

Andyd358

Member
Aug 23, 2018
260
9
18
55
UK
Hi Adrian thanks for you help tonight put me on the right direction Think I have it working now at least I can access the XML file via the API key now so hopefully the phones will be able to as well (note to self api wont work if the user does not have permissions to access the phonebook Doh)
 
Status
Not open for further replies.