Created
August 15, 2023 14:20
-
-
Save BoredHackerBlog/8902b43717c452563cf39cb3fe9d0f68 to your computer and use it in GitHub Desktop.
This code gets auth token to access guac account and also lets you expire the token instantly logging out the user. this may be useful if you'd like someone to temporarily access guac without giving them username and password
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| GUAC_URL="http://10.0.0.1:8080/guacamole" | |
| GUAC_USERNAME="user" | |
| GUAC_PASSWORD="password" | |
| def get_token(): | |
| url = f"{GUAC_URL}/api/tokens" | |
| payload = f"username={GUAC_USERNAME}&password={GUAC_PASSWORD}" | |
| headers = {"Content-Type": "application/x-www-form-urlencoded"} | |
| response = requests.request("POST", url, data=payload, headers=headers) | |
| token = response.json()['authToken'] | |
| return token | |
| def expire_token(token): | |
| url = f"{GUAC_URL}/api/session" | |
| headers = {"Guacamole-Token": f"{token}"} | |
| response = requests.request("DELETE", url, headers=headers) | |
| token = get_token() | |
| access_url = f"{GUAC_URL}/?token={token}" | |
| print(access_url) | |
| expire_token(token) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment