idrac 0.1.12 → 0.1.19

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: dc168577884bf076d1472ba870c60262e0cc59fcab318bffa9bd57eaa3dc040b
-  data.tar.gz: 887c5990aed81c2addf6ecf6e7e8b229a8c57fced5090a57ca193fc07a7a5a96
+  metadata.gz: 287cc837870fd1a004f10303ac8a0b60d594f3b2f4561c322e9a56b8cfa3de78
+  data.tar.gz: a34978f43c1157eb3d66a7e3399f057b238d2de777e79c1bfc5a3533a178cc6c
 SHA512:
-  metadata.gz: 9f8714784e0bd9324b03086aaa4dbad64cda93a4f941b6bf6d8b1d36d8e66d892a7ad10fc3cac887c9868ddd1369fe17abce12e192e3e5f60bea1bb6bcb26e0b
-  data.tar.gz: f9f444b78243d5668eec03c717dd46b479d14deddc293c09cd30c79dd2e099777e698eadbd053d4cf13ee2d227b764df473c340ada870a3e1a470167002de05c
+  metadata.gz: 6af64f193514911149d8f902ee0f9bab6a380abc9ad740461f0903cd3dc627f45fdd13e16511da646413922e950aa9c853768acfd8c6692d27c47804a9b70d01
+  data.tar.gz: 8391f69048343693a387bf469f6b71de1322b994435ce3410df031f4171d2fc202607ff5ee3e75df399d5f2ffa630ba3349af798bb54eb561f5cb6c0584b26bb

data/README.md

@@ -50,6 +50,8 @@ idrac firmware:update /path/to/firmware.exe --host=192.168.1.100 --username=root
 idrac firmware:interactive --host=192.168.1.100 --username=root --password=calvin
 ```
 
+All commands automatically handle session expiration by re-authenticating when necessary, ensuring that long-running operations like firmware updates complete successfully even if the iDRAC session times out.
+
 ### Ruby API
 
 ```ruby
@@ -62,6 +64,9 @@ client = IDRAC.new(
   password: 'calvin'
 )
 
+# The client automatically handles session expiration (401 errors)
+# by re-authenticating and retrying the request
+
 # Take a screenshot (using the client convenience method)
 filename = client.screenshot
 puts "Screenshot saved to: #{filename}"
@@ -98,6 +103,79 @@ After checking out the repo, run `bin/setup` to install dependencies. Then, run
 
 To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and the created tag, and push the `.gem` file to [rubygems.org](https://rubygems.org).
 
+## Changelog
+
+### Version 0.1.19
+- **Basic Auth Session Clearing**: Implemented direct session management using Basic Authentication
+- Added ability to list and delete all active sessions without requiring a session
+- Improved session clearing by directly accessing the Redfish Sessions API with Basic Auth
+- Enhanced force_clear_sessions to first try the direct Basic Auth approach before falling back to login/logout cycles
+- Added detailed logging of session clearing operations
+
+### Version 0.1.18
+- **Direct Mode Implementation**: Added a fallback mechanism for environments with persistent session issues
+- Implemented automatic switching to direct mode (Basic Auth) when session creation repeatedly fails
+- Added detection of maximum sessions condition to avoid unnecessary session creation attempts
+- Improved handling of authentication failures with graceful degradation to direct mode
+- Added Basic Auth support for all request types when in direct mode
+- Enhanced logging for better visibility into authentication mode changes
+
+### Version 0.1.17
+- **Enhanced Session Clearing**: Added aggressive session clearing functionality
+- Implemented a force_clear_sessions method that attempts multiple login/logout cycles with both authentication methods
+- Added automatic session clearing when maximum sessions error is encountered
+- Improved retry logic after session clearing
+- Added detailed logging during session clearing process for better troubleshooting
+
+### Version 0.1.16
+- **Implemented Redfish API Session Management**: Completely redesigned session handling to use the proper Redfish API
+- Added support for X-Auth-Token authentication (the standard Redfish approach)
+- Maintained backward compatibility with legacy session management for screenshot functionality
+- Improved session creation and deletion with proper error handling
+- Added fallback mechanism to legacy authentication if Redfish session creation fails
+- Enhanced logging for better troubleshooting of session-related issues
+
+### Version 0.1.15
+- **Aggressive Session Management**: Implemented a more robust approach to handle persistent session issues
+- Added retry counters with limits to prevent infinite loops
+- Increased delays between logout and login operations (5 seconds)
+- Added multiple logout attempts to ensure sessions are properly cleared
+- Added pre-emptive logout before login to help clear existing sessions
+- Improved error messages with attempt counters for better debugging
+
+### Version 0.1.14
+- **Enhanced Session Management**: Improved handling of "maximum number of user sessions" errors
+- Added detection and handling of session limits during initial login
+- Added retry mechanism with proper session cleanup
+- Added delays between logout and login operations to allow server to process session changes
+- Made logout operation more robust by handling potential errors
+
+### Version 0.1.13
+- **Fixed Maximum Sessions Error**: Added handling for "maximum number of user sessions" errors
+- The client now properly logs out before attempting to create a new session
+- Improved session management to prevent session buildup on the iDRAC server
+
+### Version 0.1.12
+- **Improved Session Handling**: Added automatic re-authentication when sessions expire (401 errors)
+- The client now automatically re-logs in and retries the request when it encounters a 401 Unauthorized error
+- This prevents interruptions during long-running operations when the iDRAC session times out
+
+### Version 0.1.11
+- Added support for Ruby 3.2.x (previously required Ruby 3.3.0+)
+- Fixed SSL verification warnings by making SSL verification optional
+- Improved error handling and reporting
+
+### Version 0.1.10
+- Added base64 gem as a dependency to address Ruby 3.4.0 compatibility warnings
+- Updated dependency versions with bounded requirements
+- Added proper license specification in gemspec
+
+### Version 0.1.9
+- Added screenshot functionality with custom output filename support
+- Improved firmware update process with better progress reporting
+- Enhanced error handling for network connectivity issues
+- Added default credentials (root/calvin) to simplify command usage
+
 ## Contributing
 
 Bug reports and pull requests are welcome on GitHub at https://github.com/usiegj00/idrac.

data/bin/idrac

@@ -19,6 +19,7 @@ module IDRAC
     class_option :port, type: :numeric, default: 443, desc: "iDRAC port"
     class_option :no_ssl, type: :boolean, default: false, desc: "Disable SSL"
     class_option :verify_ssl, type: :boolean, default: false, desc: "Enable SSL verification (not recommended for iDRAC's self-signed certificates)"
+    class_option :direct_mode, type: :boolean, default: false, desc: "Use direct mode with Basic Auth instead of sessions (for environments with session limits)"
 
     desc "firmware:update PATH", "Update firmware using the specified file"
     method_option :wait, type: :boolean, default: true, desc: "Wait for the update to complete"
@@ -191,7 +192,8 @@ module IDRAC
         password: options[:password],
         port: options[:port],
         use_ssl: !options[:no_ssl],
-        verify_ssl: options[:verify_ssl]
+        verify_ssl: options[:verify_ssl],
+        direct_mode: options[:direct_mode]
       )
     end
   end

data/lib/idrac/client.rb

@@ -4,12 +4,14 @@ require 'nokogiri'
 require 'base64'
 require 'uri'
 require 'httparty'
+require 'json'
 
 module IDRAC
   class Client
     attr_reader :host, :username, :password, :port, :use_ssl, :verify_ssl
+    attr_accessor :direct_mode
 
-    def initialize(host:, username:, password:, port: 443, use_ssl: true, verify_ssl: true)
+    def initialize(host:, username:, password:, port: 443, use_ssl: true, verify_ssl: true, direct_mode: false)
       @host = host
       @username = username
       @password = password
@@ -18,6 +20,10 @@ module IDRAC
       @verify_ssl = verify_ssl
       @session_id = nil
       @cookies = nil
+      @x_auth_token = nil
+      @direct_mode = direct_mode
+      @sessions_maxed = false
+      @tried_clearing_sessions = false
     end
 
     def connection
@@ -28,7 +34,234 @@ module IDRAC
       end
     end
 
-    def login
+    # Force clear all sessions by attempting multiple login/logout cycles
+    def force_clear_sessions
+      puts "Attempting to force clear all sessions..."
+      
+      # First try to delete sessions directly using Basic Auth
+      if delete_all_sessions_with_basic_auth
+        puts "Successfully cleared sessions using Basic Auth"
+        return true
+      end
+      
+      # If direct deletion fails, try the login/logout cycle approach
+      puts "Falling back to login/logout cycle approach for clearing sessions..."
+      
+      # Try multiple login/logout cycles with both methods
+      3.times do |i|
+        begin
+          # Try Redfish session first
+          begin
+            if create_redfish_session
+              puts "Successfully created Redfish session (attempt #{i+1})"
+              delete_redfish_session
+              puts "Deleted Redfish session (attempt #{i+1})"
+              sleep(2)
+            end
+          rescue => e
+            puts "Error during Redfish session cycle: #{e.message}"
+          end
+          
+          # Then try legacy session
+          begin
+            legacy_login(i)
+            puts "Successfully created legacy session (attempt #{i+1})"
+            legacy_logout
+            puts "Deleted legacy session (attempt #{i+1})"
+            sleep(2)
+          rescue => e
+            # If we get "maximum sessions" error, that's expected
+            if e.message.include?("maximum number of user sessions")
+              puts "Maximum sessions error during legacy login (expected during clearing)"
+            else
+              puts "Error during legacy session cycle: #{e.message}"
+            end
+          end
+          
+          # Add a longer delay between cycles
+          sleep(3) if i < 2
+        rescue => e
+          puts "Error during session clearing cycle #{i+1}: #{e.message}"
+        end
+      end
+      
+      puts "Completed session clearing attempts"
+    end
+
+    # Delete all sessions using Basic Authentication
+    def delete_all_sessions_with_basic_auth
+      puts "Attempting to delete all sessions using Basic Authentication..."
+      
+      # First, get the list of sessions
+      sessions_url = '/redfish/v1/SessionService/Sessions'
+      
+      # Create a connection with Basic Auth
+      basic_auth_headers = {
+        'Authorization' => "Basic #{Base64.strict_encode64("#{username}:#{password}")}",
+        'Content-Type' => 'application/json'
+      }
+      
+      begin
+        # Get the list of sessions
+        response = connection.get(sessions_url) do |req|
+          req.headers.merge!(basic_auth_headers)
+        end
+        
+        if response.status != 200
+          puts "Failed to get sessions list: #{response.status} - #{response.body}"
+          return false
+        end
+        
+        # Parse the response to get session IDs
+        begin
+          sessions_data = JSON.parse(response.body)
+          
+          if sessions_data['Members'] && sessions_data['Members'].any?
+            puts "Found #{sessions_data['Members'].count} active sessions"
+            
+            # Delete each session
+            success = true
+            sessions_data['Members'].each do |session|
+              session_url = session['@odata.id']
+              
+              # Skip if no URL
+              next unless session_url
+              
+              # Delete the session
+              delete_response = connection.delete(session_url) do |req|
+                req.headers.merge!(basic_auth_headers)
+              end
+              
+              if delete_response.status == 200 || delete_response.status == 204
+                puts "Successfully deleted session: #{session_url}"
+              else
+                puts "Failed to delete session #{session_url}: #{delete_response.status}"
+                success = false
+              end
+              
+              # Small delay between deletions
+              sleep(1)
+            end
+            
+            return success
+          else
+            puts "No active sessions found"
+            return true
+          end
+        rescue JSON::ParserError => e
+          puts "Error parsing sessions response: #{e.message}"
+          return false
+        end
+      rescue => e
+        puts "Error during session deletion with Basic Auth: #{e.message}"
+        return false
+      end
+    end
+
+    # Create a Redfish session (preferred method for all Redfish API calls)
+    def create_redfish_session
+      # Skip if we're in direct mode or we know sessions are maxed out
+      if @direct_mode || @sessions_maxed
+        puts "Skipping Redfish session creation (direct mode or sessions maxed)"
+        return false
+      end
+      
+      url = '/redfish/v1/SessionService/Sessions'
+      payload = { "UserName" => username, "Password" => password }
+      
+      response = connection.post(url) do |req|
+        req.headers['Content-Type'] = 'application/json'
+        req.body = payload.to_json
+      end
+      
+      if response.status == 201 || response.status == 200
+        # Extract X-Auth-Token from response headers
+        @x_auth_token = response.headers['X-Auth-Token']
+        
+        # Extract session location from response headers
+        @session_location = response.headers['Location']
+        
+        puts "Redfish session created successfully"
+        @sessions_maxed = false
+        return true
+      elsif response.status == 400 && response.body.include?("maximum number of user sessions")
+        puts "Maximum sessions reached during Redfish session creation"
+        @sessions_maxed = true
+        
+        # Only try to clear sessions if we haven't tried too many times
+        if !@tried_clearing_sessions
+          @tried_clearing_sessions = true
+          force_clear_sessions
+          
+          # Try one more time after clearing
+          response = connection.post(url) do |req|
+            req.headers['Content-Type'] = 'application/json'
+            req.body = payload.to_json
+          end
+          
+          if response.status == 201 || response.status == 200
+            @x_auth_token = response.headers['X-Auth-Token']
+            @session_location = response.headers['Location']
+            puts "Redfish session created successfully after clearing sessions"
+            @sessions_maxed = false
+            return true
+          else
+            puts "Failed to create Redfish session after clearing: #{response.status} - #{response.body}"
+            # If we still can't create a session, switch to direct mode
+            @direct_mode = true
+            return false
+          end
+        else
+          # If we've already tried clearing sessions, switch to direct mode
+          @direct_mode = true
+          return false
+        end
+      else
+        puts "Failed to create Redfish session: #{response.status} - #{response.body}"
+        return false
+      end
+    end
+    
+    # Delete the Redfish session
+    def delete_redfish_session
+      return unless @x_auth_token && @session_location
+      
+      begin
+        response = connection.delete(@session_location) do |req|
+          req.headers['X-Auth-Token'] = @x_auth_token
+        end
+        
+        if response.status == 200 || response.status == 204
+          puts "Redfish session deleted successfully"
+        else
+          puts "Warning: Failed to delete Redfish session: #{response.status}"
+        end
+      rescue => e
+        puts "Warning: Error during Redfish session deletion: #{e.message}"
+      ensure
+        @x_auth_token = nil
+        @session_location = nil
+      end
+    end
+
+    # Legacy login method for screenshot functionality
+    def legacy_login(retry_count = 0)
+      # Skip if we're in direct mode
+      if @direct_mode
+        puts "Skipping legacy login (direct mode)"
+        return false
+      end
+      
+      # Limit retries to prevent infinite loops
+      if retry_count >= 3
+        # If we've tried too many times, switch to direct mode
+        @direct_mode = true
+        raise Error, "Failed to login after multiple attempts due to maximum sessions limit"
+      end
+      
+      # Always try to logout first to clear any existing sessions
+      legacy_logout if retry_count > 0
+      
       response = connection.post('/data/login') do |req|
         req.headers['Content-Type'] = 'application/x-www-form-urlencoded'
         req.body = "user=#{username}&password=#{password}"
@@ -47,6 +280,17 @@ module IDRAC
         error_message = xml_doc.at_xpath('//errorMsg')&.text
         
         if error_message && !error_message.empty?
+          # Check for maximum sessions error
+          if error_message.include?("maximum number of user sessions")
+            puts "Maximum sessions reached, attempting to clear sessions (attempt #{retry_count + 1}/3)..."
+            # Try to clear any existing sessions by forcing a logout
+            legacy_logout
+            # Wait longer for the server to process the logout
+            sleep(5)
+            # Try logging in again with incremented retry counter
+            return legacy_login(retry_count + 1)
+          end
+          
           raise Error, "Error Message: #{error_message}"
         end
         
@@ -57,52 +301,200 @@ module IDRAC
       end
     end
 
-    def logout
+    # Legacy logout method for screenshot functionality
+    def legacy_logout
       return unless @session_id
       
-      response = connection.get('/data/logout') do |req|
-        req.headers['Cookie'] = "sessionid=#{@session_id}"
+      begin
+        # Try multiple logout attempts to ensure session is cleared
+        3.times do |i|
+          response = connection.get('/data/logout') do |req|
+            req.headers['Cookie'] = "sessionid=#{@session_id}"
+          end
+          
+          break if response.status == 200
+          sleep(1) if i < 2  # Sleep between attempts, but not after the last one
+        end
+      rescue => e
+        # Ignore errors during logout
+        puts "Warning: Error during logout: #{e.message}"
+      ensure
+        @session_id = nil
+        @cookies = nil
       end
       
-      @session_id = nil
-      @cookies = nil
-      response.status == 200
+      true
+    end
+
+    # Main login method that decides which approach to use
+    def login
+      # If we're in direct mode, skip login attempts
+      if @direct_mode
+        puts "Operating in direct mode (no session)"
+        return true
+      end
+      
+      # First try to create a Redfish session
+      if create_redfish_session
+        return true
+      else
+        # If we failed to create a Redfish session, try to clear sessions first
+        if !@tried_clearing_sessions
+          @tried_clearing_sessions = true
+          force_clear_sessions
+          
+          # Try Redfish again
+          if create_redfish_session
+            return true
+          end
+        end
+        
+        # Fall back to legacy login if Redfish session creation fails
+        if !@direct_mode
+          puts "Falling back to legacy login method"
+          return legacy_login
+        else
+          puts "Operating in direct mode (no session)"
+          return true
+        end
+      end
     end
 
-    def authenticated_request(method, path, options = {})
-      login unless @session_id
+    # Main logout method that decides which approach to use
+    def logout
+      if @x_auth_token
+        delete_redfish_session
+      end
+      
+      if @session_id
+        legacy_logout
+      end
+      
+      true
+    end
+
+    def authenticated_request(method, path, options = {}, retry_count = 0)
+      # Limit retries to prevent infinite loops
+      if retry_count >= 3
+        # If we've tried too many times, switch to direct mode
+        @direct_mode = true
+        puts "Switching to direct mode after multiple authentication failures"
+      end
+      
+      # Ensure we have a valid session (unless in direct mode)
+      unless @direct_mode
+        begin
+          login unless @x_auth_token || @session_id
+        rescue Error => e
+          # If login fails with maximum sessions error, try to handle it
+          if e.message.include?("maximum number of user sessions") && retry_count < 2
+            puts "Maximum sessions reached during initial login, attempting to clear sessions (attempt #{retry_count + 1}/3)..."
+            logout
+            sleep(5)  # Longer delay
+            return authenticated_request(method, path, options, retry_count + 1)
+          else
+            # If we've tried too many times, switch to direct mode
+            if retry_count >= 2
+              @direct_mode = true
+              puts "Switching to direct mode after multiple authentication failures"
+            else
+              # Re-raise other errors or if we've tried too many times
+              raise
+            end
+          end
+        end
+      end
       
       options[:headers] ||= {}
-      options[:headers]['Cookie'] = "sessionid=#{@session_id}"
+      
+      # Use X-Auth-Token if available (preferred Redfish method)
+      if @x_auth_token
+        options[:headers]['X-Auth-Token'] = @x_auth_token
+      elsif @session_id
+        # Fall back to session cookie if needed
+        options[:headers]['Cookie'] = "sessionid=#{@session_id}"
+      elsif @direct_mode
+        # In direct mode, use Basic Auth
+        options[:headers]['Authorization'] = "Basic #{Base64.strict_encode64("#{username}:#{password}")}"
+      end
       
       response = connection.send(method, path, options[:params]) do |req|
         req.headers.merge!(options[:headers])
         req.body = options[:body] if options[:body]
       end
       
-      # If we get a 401 Unauthorized, try to re-login and retry the request once
-      if response.status == 401
+      # Handle authentication errors
+      if response.status == 401 && !@direct_mode
         puts "Session expired, re-authenticating..."
+        logout
+        sleep(3)
         login
-        options[:headers]['Cookie'] = "sessionid=#{@session_id}"
+        
+        # Update headers with new authentication
+        options[:headers] ||= {}
+        if @x_auth_token
+          options[:headers]['X-Auth-Token'] = @x_auth_token
+        elsif @session_id
+          options[:headers]['Cookie'] = "sessionid=#{@session_id}"
+        elsif @direct_mode
+          options[:headers]['Authorization'] = "Basic #{Base64.strict_encode64("#{username}:#{password}")}"
+        end
         
         response = connection.send(method, path, options[:params]) do |req|
           req.headers.merge!(options[:headers])
           req.body = options[:body] if options[:body]
         end
+        
+        # If we still get a 401, switch to direct mode
+        if response.status == 401 && retry_count < 2
+          @direct_mode = true
+          puts "Switching to direct mode after authentication failure"
+          return authenticated_request(method, path, options, retry_count + 1)
+        end
+      end
+      
+      # Check for maximum sessions error in the response
+      if response.status == 200
+        begin
+          xml_doc = Nokogiri::XML(response.body)
+          error_message = xml_doc.at_xpath('//errorMsg')&.text
+          
+          if error_message && error_message.include?("maximum number of user sessions") && retry_count < 2
+            puts "Maximum sessions reached, clearing sessions and retrying (attempt #{retry_count + 1}/3)..."
+            logout
+            sleep(5)
+            login
+            return authenticated_request(method, path, options, retry_count + 1)
+          end
+        rescue => e
+          # If we can't parse the response as XML, just continue
+        end
       end
       
       response
     end
 
     def get(path:, headers: {})
+      # For screenshot functionality, we need to use the legacy cookies
+      if @cookies.nil? && !@direct_mode
+        legacy_login unless @session_id
+      end
+      
+      headers_to_use = {
+        "User-Agent" => "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36",
+        "Accept-Encoding" => "deflate, gzip"
+      }
+      
+      if @cookies
+        headers_to_use["Cookie"] = @cookies
+      elsif @direct_mode
+        # In direct mode, use Basic Auth
+        headers_to_use["Authorization"] = "Basic #{Base64.strict_encode64("#{username}:#{password}")}"
+      end
+      
       response = HTTParty.get(
         "#{base_url}/#{path}",
-        headers: {
-          "User-Agent" => "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36",
-          "Accept-Encoding" => "deflate, gzip",
-          "Cookie" => @cookies
-        }.merge(headers),
+        headers: headers_to_use.merge(headers),
         verify: false
       )
     end

data/lib/idrac/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module IDRAC
-  VERSION = "0.1.12"
+  VERSION = "0.1.19"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: idrac
 version: !ruby/object:Gem::Version
-  version: 0.1.12
+  version: 0.1.19
 platform: ruby
 authors:
 - Jonathan Siegel