jumpserver/apps/accounts/demos/node/demo.js

const axios = require('axios');
const crypto = require('crypto');
const moment = require('moment');

const API_URL = process.env.API_URL || "http://127.0.0.1:8080";
const KEY_ID = process.env.API_KEY_ID || "72b0b0aa-ad82-4182-a631-ae4865e8ae0e";
const KEY_SECRET = process.env.API_KEY_SECRET || "6fuSO7P1m4cj8SSlgaYdblOjNAmnxDVD7tr8";
const ORG_ID = process.env.ORG_ID || "00000000-0000-0000-0000-000000000002";

class APIClient {
    constructor() {
        this.apiUrl = API_URL;
        this.keyId = KEY_ID;
        this.keySecret = KEY_SECRET;
        this.orgId = ORG_ID;
    }

    signRequest(method, url, params, headers) {
        const date = moment().utc().format('ddd, DD MMM YYYY HH:mm:ss [GMT]');
        const queryString = Object.keys(params).length ? `?${new URLSearchParams(params).toString()}` : "";
        const requestTarget = `${method.toLowerCase()} ${url}${queryString}`;
        headers['Date'] = date;
        headers['X-JMS-ORG'] = this.orgId;
        const signingString = `(request-target): ${requestTarget}\naccept: application/json\ndate: ${date}\nx-jms-org: ${this.orgId}`;
        const signature = crypto.createHmac('sha256', this.keySecret).update(signingString).digest('base64');
        headers['Authorization'] = `Signature keyId="${this.keyId}",algorithm="hmac-sha256",headers="(request-target) accept date x-jms-org",signature="${signature}"`;
    }

    async getAccountSecret(asset, account) {
        const url = `/api/v1/accounts/integration-applications/account-secret/`;
        const params = { asset: asset, account: account };
        const headers = {
            'Accept': 'application/json',
            'X-Source': 'jms-pam'
        };
        this.signRequest('GET', url, params, headers);

        try {
            const response = await axios.get(`${this.apiUrl}${url}`, {
                headers: headers,
                params: params,
                timeout: 10000
            });
            return response.data;
        } catch (error) {
            console.error(`API 请求失败: ${error}`);
            return null;
        }
    }
}

(async () => {
    const client = new APIClient();
    const result = await client.getAccountSecret("ubuntu_docker", "root");
    console.log(result);
})();
merge: with pam (#14911) * perf: change i18n * perf: pam * perf: change translate * perf: add check account * perf: add date field * perf: add account filter * perf: remove some js * perf: add account status action * perf: update pam * perf: 修改 discover account * perf: update filter * perf: update gathered account * perf: 修改账号同步 * perf: squash migrations * perf: update pam * perf: change i18n * perf: update account risk * perf: 更新风险发现 * perf: remove css * perf: Admin connection token * perf: Add a switch to check connectivity after changing the password, and add a custom ssh command for push tasks * perf: Modify account migration files * perf: update pam * perf: remove to check account dir * perf: Admin connection token * perf: update check account * perf: 优化发送结果 * perf: update pam * perf: update bulk update create * perf: prepaire using thread timer for bulk_create_decorator * perf: update bulk create decorator * perf: 优化 playbook manager * perf: 优化收集账号的报表 * perf: Update poetry * perf: Update Dockerfile with new base image tag * fix: Account migrate 0012 file * perf: 修改备份 * perf: update pam * fix: Expand resource_type filter to include raw type * feat: PAM Service (#14552) * feat: PAM Service * perf: import package name --------- Co-authored-by: jiangweidong <1053570670@qq.com> * perf: Change secret dashboard (#14551) Co-authored-by: feng <1304903146@qq.com> * perf: update migrations * perf: 修改支持 pam * perf: Change secret record table dashboard * perf: update status * fix: Automation send report * perf: Change secret report * feat: windows accounts gather * perf: update change status * perf: Account backup * perf: Account backup report * perf: Account migrate * perf: update service to application * perf: update migrations * perf: update logo * feat: oracle accounts gather (#14571) * feat: oracle accounts gather * feat: sqlserver accounts gather * feat: postgresql accounts gather * feat: mysql accounts gather --------- Co-authored-by: wangruidong <940853815@qq.com> * feat: mongodb accounts gather * perf: Change secret * perf: Migrate * perf: Merge conflicting migration files * perf: Change secret * perf: Automation filter org * perf: Account push * perf: Random secret string * perf: Enhance SQL query and update risk handling in accounts * perf: Ticket filter assignee_id * perf: 修改 account remote * perf: 修改一些 adhoc 任务 * perf: Change secret * perf: Remove push account extra api * perf: update status * perf: The entire organization can view activity log * fix: risk field check * perf: add account details api * perf: add demo mode * perf: Delete gather_account * perf: Perfect solution to account version problem * perf: Update status action to handle multiple accounts * perf: Add GatherAccountDetailField and update serializers * perf: Display account history in combination with password change records * perf: Lina translate * fix: Update mysql_filter to handle nested user info * perf: Admin connection token validate_permission account * perf: copy move account * perf: account filter risk * perf: account risk filter * perf: Copy move account failed message * fix: gather account sync account to asset * perf: Pam dashboard * perf: Account dashboard total accounts * perf: Pam dashboard * perf: Change secret filter account secret_reset * perf: 修改 risk filter * perf: pam translate * feat: Check for leaked duplicate passwords. (#14711) * feat: Check for leaked duplicate passwords. * perf: Use SQLite instead of txt as leak password database --------- Co-authored-by: jiangweidong <1053570670@qq.com> Co-authored-by: 老广 <ibuler@qq.com> * perf: merge with remote * perf: Add risk change_password_add handle * perf: Pam dashboard * perf: check account manager import * perf: 重构扫描 * perf: 修改 db * perf: Gather account manager * perf: update change db lib * perf: dashboard * perf: Account gather * perf: 修改 asset get queryset * perf: automation report * perf: Pam account * perf: Pam dashboard api * perf: risk add account * perf: 修改 risk check * perf: Risk account * perf: update risk add reopen action * perf: add pylintrc * Revert "perf: automation report" This reverts commit 22aee542071638bcefae5a244bcabf76f794d7c3. * perf: check account engine * perf: Perf: Optimism Gather Report Style * Perf: Remove unuser actions * Perf: Perf push account * perf: perf gather account * perf: Automation report * perf: Push account recorder * perf: Push account record * perf: Pam dashboard * perf: perf * perf: update intergration * perf: integrations application detail add account tab page * feat: Custom change password supports configuration of interactive items * perf: Go and Python demo code * perf: Custom secret change * perf: add user filter * perf: translate * perf: Add demo code docs * perf: update some i18n * perf: update some i18n * perf: Add Java, Node, Go, and cURL demo code * perf: Translate * perf: Change secret translate * perf: Translate * perf: update some i18n * perf: translate * perf: Ansible playbook * perf: update some choice * perf: update some choice * perf: update account serializer remote unused code * perf: conflict * perf: update import --------- Co-authored-by: ibuler <ibuler@qq.com> Co-authored-by: feng <1304903146@qq.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: wangruidong <940853815@qq.com> Co-authored-by: jiangweidong <1053570670@qq.com> Co-authored-by: feng626 <57284900+feng626@users.noreply.github.com> Co-authored-by: zhaojisen <1301338853@qq.com> 2025-02-21 08:39:57 +00:00			`const axios = require('axios');`
			`const crypto = require('crypto');`
			`const moment = require('moment');`

			`const API_URL = process.env.API_URL \|\| "http://127.0.0.1:8080";`
			`const KEY_ID = process.env.API_KEY_ID \|\| "72b0b0aa-ad82-4182-a631-ae4865e8ae0e";`
			`const KEY_SECRET = process.env.API_KEY_SECRET \|\| "6fuSO7P1m4cj8SSlgaYdblOjNAmnxDVD7tr8";`
			`const ORG_ID = process.env.ORG_ID \|\| "00000000-0000-0000-0000-000000000002";`

			`class APIClient {`
			`constructor() {`
			`this.apiUrl = API_URL;`
			`this.keyId = KEY_ID;`
			`this.keySecret = KEY_SECRET;`
			`this.orgId = ORG_ID;`
			`}`

			`signRequest(method, url, params, headers) {`
			`const date = moment().utc().format('ddd, DD MMM YYYY HH:mm:ss [GMT]');`
			const queryString = Object.keys(params).length ? `?${new URLSearchParams(params).toString()}` : "";
			const requestTarget = `${method.toLowerCase()} ${url}${queryString}`;
			`headers['Date'] = date;`
			`headers['X-JMS-ORG'] = this.orgId;`
			const signingString = `(request-target): ${requestTarget}\naccept: application/json\ndate: ${date}\nx-jms-org: ${this.orgId}`;
			`const signature = crypto.createHmac('sha256', this.keySecret).update(signingString).digest('base64');`
			headers['Authorization'] = `Signature keyId="${this.keyId}",algorithm="hmac-sha256",headers="(request-target) accept date x-jms-org",signature="${signature}"`;
			`}`

			`async getAccountSecret(asset, account) {`
			const url = `/api/v1/accounts/integration-applications/account-secret/`;
			`const params = { asset: asset, account: account };`
			`const headers = {`
			`'Accept': 'application/json',`
			`'X-Source': 'jms-pam'`
			`};`
			`this.signRequest('GET', url, params, headers);`

			`try {`
			const response = await axios.get(`${this.apiUrl}${url}`, {
			`headers: headers,`
			`params: params,`
			`timeout: 10000`
			`});`
			`return response.data;`
			`} catch (error) {`
			console.error(`API 请求失败: ${error}`);
			`return null;`
			`}`
			`}`
			`}`

			`(async () => {`
			`const client = new APIClient();`
			`const result = await client.getAccountSecret("ubuntu_docker", "root");`
			`console.log(result);`
			`})();`