WebSVN – web_pages – Diff – /trunk/totp_opnsense/opnsense.pm

 # TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
 # BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
 # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
 # DAMAGE.
+#
+# Library to interface with the OPNsense API
+# Provides methods to interact with OPNsense routers via their API.
+#
+# Change History:
+#  v1.0.0 2025-10-01 - RWR
+#    Initial version
 package opnsense;
 use strict;
 use warnings;
 use LWP::UserAgent;
 use JSON;
 use Data::Dumper;
 use XML::Simple;
+our $VERSION = "1.0.0";
-our $USE_CURL = 1; # set to 1 to use curl for API requests, 0 to use LWP
+our $useCurl = 1; # set to 1 to use curl for API requests, 0 to use LWP
-our $DEBUG = 0;    # set to 1 for debug output
+our $debug = 0;    # set to 1 for debug output
+#-----------------------------
+# new: Constructor
+#-----------------------------
 sub new {
-    my ($class, %args) = @_;
+   my ($class, %args) = @_;
-    my $self = {
+   my $self = {
-        base_url => $args{url},
+      baseUrl   => $args{url},
-        apiKey  => $args{apiKey},
+      apiKey    => $args{apiKey},
-        apiSecret => $args{apiSecret},
+      apiSecret => $args{apiSecret},
-        ovpnIndex => $args{ovpnIndex},
+      ovpnIndex => $args{ovpnIndex},
-        template => $args{template},
+      template  => $args{template},
-        hostname => $args{hostname},
+      hostname  => $args{hostname},
-        localport => $args{localport},
+      localPort => $args{localPort},
-        ua => $USE_CURL ?
+      ua        => $useCurl ?
-           'curl -s --insecure' :
+         'curl -s --insecure' :
-           LWP::UserAgent->new(
+         LWP::UserAgent->new(
-              ssl_opts => { verify_hostname => 0, SSL_verify_mode => 0 }
+            ssl_opts => { verify_hostname => 0, SSL_verify_mode => 0 }
-           ),
+         ),
-    };
+   };
-    bless $self, $class;
+   bless $self, $class;
-    return $self;
+   return $self;
+}
+#-----------------------------
+# apiRequest: API request dispatcher
+#-----------------------------
-sub api_request {
+sub apiRequest {
-   if ( $USE_CURL ) {
+   if ($useCurl) {
-       return api_request_curl(@_);
+       return apiRequestCurl(@_);
    } else {
-       return api_request_lwp(@_);
+       return apiRequestLwp(@_);
+   }
+}
+#-----------------------------
+# apiRequestCurl: API request using curl
+#-----------------------------
-sub api_request_curl {
+sub apiRequestCurl {
    my ($self, $endpoint, $method, $data) = @_;
    $method ||= 'GET';
-   my $url = $self->{base_url} . $endpoint;
+   my $url = $self->{baseUrl} . $endpoint;
    my @data = ();
    push @data, '--request', $method;
    push @data, "--header 'Content-Type: application/json'" if ( $method eq 'POST' || $method eq 'PUT' );
    push @data, "--user '$self->{apiKey}:$self->{apiSecret}'";
    push @data, "--data '" . encode_json($data) . "'" if $data;
    my $cmd = join(' ', $self->{ua}, @data, $url);
-   die "In api_request_curl, command is:\n $cmd" if $DEBUG;
+   die "In apiRequestCurl, command is:\n $cmd" if $debug;
    my $json_text = `$cmd`;
    if ( $json_text =~ /<\?xml/) {
       # returned an XML string, just send it
       return $json_text;
+   }
    return decode_json($json_text);
+}
+#-----------------------------
+# apiRequestLwp: API request using LWP
+#-----------------------------
-sub api_request_lwp {
+sub apiRequestLwp {
     my ($self, $endpoint, $method, $data) = @_;
     $method ||= 'GET';
-    my $url = $self->{base_url} . $endpoint;
+    my $url = $self->{baseUrl} . $endpoint;
     my $req = HTTP::Request->new($method => $url);
     $req->header('Content-Type' => 'application/json');
     $req->header('Authorization' => 'key ' . $self->{apiKey} . ':' . $self->{apiSecret});
-    die "In api_request_lwp, request object:\n" . Dumper($req);
+    die "In apiRequestLwp, request object:\n" . Dumper($req);
     $req->content(encode_json($data)) if $data;
     my $res = $self->{ua}->request($req);
     return decode_json($res->decoded_content) if $res->is_success;
     die "API request failed: " . $res->status_line;
+}
+#-----------------------------
+# getVpnUsers: get VPN users
+#-----------------------------
-sub get_vpn_users {
+sub getVpnUsers {
     my ($self) = @_;
     my $return = {};
     my $endpoint = "/api/openvpn/export/accounts/$self->{ovpnIndex}";
-    my $users = $self->api_request($endpoint);
+    my $users = $self->apiRequest($endpoint);
     # die "In get_vpn_users, users object:\n" . Dumper($users);
     foreach my $user ( keys %$users ) {
       next unless
          $user &&
          $users->{$user}->{'users'} &&
+    }
     #die Dumper($return);
     return $return;
+}
+#-----------------------------
-# get all users on the system
+# getAllUsers: get all users on the system
+#-----------------------------
 # returns a hashref keyed by username, value is the user object
 # The api is seriously broken. It is supposed to be /api/system/user, but that returns an error
 # so, we download the entire config and extract the users from there
-sub get_all_users {
+sub getAllUsers {
     my ($self) = @_;
     my $endpoint = "/api/core/backup/download/this";
     my $xml = XML::Simple->new();
-    my $data = $self->api_request($endpoint);
+    my $data = $self->apiRequest($endpoint);
     my $config = $xml->XMLin($data);
     my $return = {};
     if (ref($config->{system}->{user}) eq 'ARRAY') {
         foreach my $user (@{$config->{system}->{user}}) {
             $return->{$user->{name}} = $user;
         $return = $config->{system}->{user};
+    }
     return $return;
+}
+#-----------------------------
+# getVpnProviders: get VPN providers
+#-----------------------------
-sub get_vpn_providers {
+sub getVpnProviders {
    my ($self) = @_;
    my $endpoint = "/api/openvpn/export/providers";
    my $return = {};
-   my $providers = $self->api_request($endpoint);
+   my $providers = $self->apiRequest($endpoint);
    #die "In getVPNProviders, providers object:\n" . Dumper($providers);
    return $return unless
       ref($providers) eq 'HASH' && keys %$providers;
     # key by vpnid, value is name
    foreach my $provider ( keys %$providers ) {
        $return->{$providers->{$provider}->{'vpnid'}} = $providers->{$provider}->{'name'};
+    }
    return $return;
+}
-###
+#-----------------------------
-# get VPN configuration file
+# getVpnConfig: get VPN configuration file
+#-----------------------------
-sub get_vpn_config {
+sub getVpnConfig {
    my ( $self, $cert ) = @_;
    my $endpoint = "/api/openvpn/export/download/$self->{ovpnIndex}/$cert";
    my $payload = ();
    $payload->{'openvpn_export'} = {
        validate_server_cn => 1,
        plain_config => "",
        p12_password => "",
        local_port => $self->{localport},
        cryptoapi => 0
    };
-   $DEBUG = 0;
+   $debug = 0;
-   my $return = $self->api_request($endpoint, 'POST', $payload);
+   my $return = $self->apiRequest($endpoint, 'POST', $payload);
    return $return;
+}
 ;

Subversion Repositories web_pages

(root)/trunk/totp_opnsense/opnsense.pm – Rev 14 → 16