topic Re: Creating Internal users by python and argparse in Network Access Control

Creating Internal users by python and argparse

RichardAcolatse8417 — Mon, 24 May 2021 14:00:47 GMT

Hi All ,

I creating a python script with python and Json with argparse . i encouter an error with while run the command with my script

. Below is the command with the error

:\Users\user\Desktop>python user2.py abt200 john.doe@contos pa@ssWord John Brown
The name isabt200
The email is john.Brown@contoso.com
The password ispa@ssWord
The first name isJohn
The last name is Brown
{
"ERSResponse" : {
"operation" : "POST-create-internaluser",
"messages" : [ {
"title" : "Invalid JSON Input: No content to map to Object due to end of input",
"type" : "ERROR",
"code" : "Application resource validation exception"
} ],
"link" : {
"rel" : "related",
"href" : "https://192.169.49.15:9060/ers/config/internaluser",
"type" : "application/xml"
}
}
}

Any suggestions are welcome

kind Regards

Re: Creating Internal users by python and argparse

RichardAcolatse8417 — Mon, 24 May 2021 14:02:26 GMT

This is my code as well

#!/usr/bin/env python
import argparse
import requests
import json

requests.packages.urllib3.disable_warnings()

url = "https://192.169.49.15:9060/ers/config/internaluser"
parser = argparse.ArgumentParser()

#positional arguments
parser.add_argument('name', help='Enter the name')
parser.add_argument('email', help='Enter the email')
parser.add_argument('password', help='Enter the password')
parser.add_argument('firstname', help='Enter the first name')
parser.add_argument('lastname', help='Enter the last name')

opts = parser.parse_args()

#print the namespace object
#print (opts)

print ('The name is' + opts.name)
print ('The email is ' + opts.email)
print ('The password is' + opts.password)
print ('The first name is' + opts.firstname)
print ('The last name is ' + opts.lastname)

payload ={}
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Basic ZXJzYWRtaW46b0ZsUFJybmU0NTE=',
'Cookie': 'APPSESSIONID=A70D7085616DB14AD231971CA4A83803; Cookie_1=value; JSESSIONIDSSO=B37E2D40D9E08A8CE005198A09FC247F'
}

response = requests.request("POST", url, headers=headers, data=payload, verify=False)

print(response.text)

Re: Creating Internal users by python and argparse

RichardAcolatse8417 — Tue, 25 May 2021 12:00:01 GMT

Any suggestions are welcomed

Re: Creating Internal users by python and argparse

thomas — Sun, 06 Jun 2021 23:03:49 GMT

I highly recommend learning some Python basics - you have a JSON error because your JSON payload is empty:{}

https://developer.cisco.com/learning/modules has a Programming Fundamentals course that can help you learn Python and JSON. You need to dump/print the output of your JSON payload before sending it to ISE. This is basic software troubleshooting.

I have created some scripts for you that do what you want (without argparse) and I successfully tested them on my ISE node.

ise_get_simple_internaluser.txt: dumps an internaluser request. Modify it for other resources.
ise_post_simple_internaluser.txt : uses an static JSON data string.
ise_post_simple_internaluser_template.txt : uses a template to substitute values into the JSON data. You can modify this with values from argparse.

I had to remove the #!/usr/bin/env python3 "shebang" line from the top of each file and change the file extension from .py to .txt extension to attach the files to this community page - change it before running them! I also had to slightly change your password to be allowed with the default ISE password policy.

They all dump the headers, data, and response values so I can verify what I am sending and what is coming back. This is the kind of troubleshooting with print statements that you need when you are beginning to do REST programming with Python or any language.

Here is the output of one of the scripts so you can easily see what it is sending and receiving :

./ise_post_simple_internaluser.py
--------------------------------------------------------------------------------
Accept:[application/json]
Accept-Encoding:[gzip, deflate]
Authorization:[Basic YWRtaW46QzFzY28xMjM0NQ==]
Connection:[keep-alive]
Content-Length:[200]
Content-Type:[application/json]
User-Agent:[python-requests/2.25.1]
data:
{
    "InternalUser": {
        "name": "isabt200",
        "firstName" : "John",
        "lastName" : "Brown",
        "email" : "john.Brown@contoso.com",
        "password" : "1spa@ssWord"
    }
}

--------------------------------------------------------------------------------
Cache-Control:[no-cache, no-store, must-revalidate]
Connection:[keep-alive]
Content-Length:[0]
Content-Security-Policy:[default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;]
Content-Type:[application/json;charset=utf-8]
Date:[Sun, 06 Jun 2021 22:20:37 GMT]
Expires:[Thu, 01 Jan 1970 00:00:00 GMT]
Keep-Alive:[timeout=60]
Location:[https://ise.securitydemo.net:9060/ers/config/internaluser/33226f95-3694-4dd0-9c0d-53302ba906f8]
Pragma:[no-cache]
Server:[]
Set-Cookie:[JSESSIONIDSSO=91997FD281ABEFB04973D93734B1FB21; Path=/; Secure; HttpOnly, APPSESSIONID=44DCE40B329012621CCF6038EFDB4ED1; Path=/ers; Secure; HttpOnly]
Strict-Transport-Security:[max-age=31536000; includeSubDomains]
X-Content-Security-Policy:[default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;]
X-Content-Type-Options:[nosniff]
X-Frame-Options:[SAMEORIGIN]
X-WebKit-CSP:[default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline'; img-src 'self' data:;]
X-XSS-Protection:[1; mode=block]
--------------------------------------------------------------------------------
internaluser : https://ise.securitydemo.net:9060/ers/config/internaluser/33226f95-3694-4dd0-9c0d-53302ba906f8