Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

What's the status of UAPI Session::create_temp_user ?

Discussion in 'cPanel Developers' started by az_, Apr 13, 2019.

Tags:
  1. az_

    az_ Registered

    Joined:
    Apr 13, 2019
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Australia
    cPanel Access Level:
    Root Administrator
    For Session::create_temp_user , the documented behavior seems to be that it should provide a session ID that can be used to direct a user to an authenticated part of their cPanel user interface.

    As reported in this thread, the function does not seem to actually generate this session token. Cgi::phpmyadminlink seems to suffer from the same issue - no URL returned.

    Unlike in that other thread, I believe we have a legitimate use for this function.

    We need to redirect the cPanel user to a part of their cPanel web user interface that has functionality which not exposed via the UAPI. This is for a third-party integration.

    More generally, the workflow is:
    1. The user is sitting in unprivileged SSH or on a webapp where they can talk to UAPI via the /usr/bin/uapi binary
    2. The user runs a command/clicks a button in the webapp that should generate an authenticated cPanel URL in the form of https://${host}:2083/{session_token}/frontend/paper_lantern/some_third_party_app/{...} and redirect the user there
    I am familiar with the "happy path" that cPanel wants us to use (generate the session via WHM, or implement the functionality natively in UAPI, or use user/password authentication), but there's just a bunch of trickiness that precludes us from pursuing those approaches in this case.

    At any rate, Session::create_temp_user appears to do what we want - I'm just not sure why it doesn't do what it says on the box.

    Thanks!
     
  2. cPanelMichael

    cPanelMichael Technical Support Community Manager Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    47,549
    Likes Received:
    2,182
    Trophy Points:
    363
    cPanel Access Level:
    Root Administrator
    Twitter:
    Hello @az_,

    Applications that integrate with cPanel must authenticate as a cPanel user, or must authenticate as a WHM user and specify a cPanel user to run as. It's not possible to grant UI access to individual cPanel plugins without also granting full access to the cPanel UI.

    In cPanel & WHM version 80, we are introducing cPanel API tokens. While it doesn't add the specific functionality you are seeking, this is a first step towards the ability to manage access to specific cPanel UAPI functions. You can read more about this on the following documents:

    How to Use cPanel API Tokens - cPanel Knowledge Base - cPanel Documentation
    Manage API Tokens in cPanel - Version 80 Documentation - cPanel Documentation

    Let me know if you have any questions.

    Thank you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice