palo_alto 0.3.0 → 0.3.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b68e035e0f51de7ec25732169187fae61088d874498b3f04aa8c0729f3ff31ce
-  data.tar.gz: f9a00e1a28101f24b8ec95f2d226bec3b6d8f25226aabfaeef9c47183de2e240
+  metadata.gz: f00537b8aa9a599ba43138f32b97eb01447dddcc51dcfb612739b7dd178e0c53
+  data.tar.gz: 70fc4d52ef2a266324e5435423e674f24e84a9421de113768bf3f2f8eab1ae67
 SHA512:
-  metadata.gz: 23c323a9076ee9f963a25eb6582b83110a95a1bb8c5f9ee65121d7afaf3c24639f682e93d602d7730968c0eec7de7f73651702e1996b658ffc69508fe8d21b34
-  data.tar.gz: 5fe403c5af1998c3a8696326ff46045a3990784f42ba209baa8f36a5a0f2247693e092820489d5a8c68304329ab6a149707eb62f9c2b2ba344ef1fc267d3965f
+  metadata.gz: 686fa339ef2c3b0fd1612774cb185d60136ce8b1da967741d20ae252e9946874e33208287d2152540dc0af8f344596a00a99aa1edbb6565b225d7b0da4218583
+  data.tar.gz: 1b66201dde43d65272f7f3bba5504a95b397b3943df30b08899a1bc787796e4b6585ceb058b3cc28008e339d8f4d622dfd3eaa0a58dee5e6946f58147adf4a4f

data/README.md

@@ -1,3 +1,6 @@
 Works for me :)
 
+Version 0.2.x: Panorama 10.0
+Version 0.3.x: Panorama 10.1
+
 You can find examples on how to use this module in the examples/ directory

data/examples/test_config.rb

@@ -1,6 +1,7 @@
 require 'palo_alto'
 
-client = PaloAlto::XML.new(host: "panorama-test", username: "admin", password: "Admin123!", debug: [:sent, :received, :statistics])
+client = PaloAlto::XML.new(host: 'panorama-test', username: 'admin', password: 'Admin123!',
+                           debug: %i[sent received statistics])
 dg = 'PLAYGROUND'
 
 # create a tag
@@ -43,7 +44,7 @@ pp rules
 pp rules.length
 
 pp rules.first.api_attributes # attributes like uuid and loc
-pp rules.first.values() # values as hash
+pp rules.first.values # values as hash
 
 rule = rules.first
 rule.tag.member = [new_tag.name]
@@ -59,5 +60,5 @@ pp rule.name
 exit 0
 
 # create a new template
-new_template = client.config.devices.entry(name:'localhost.localdomain').template.entry(name: 'testtemplate').create!
+new_template = client.config.devices.entry(name: 'localhost.localdomain').template.entry(name: 'testtemplate').create!
 new_template.push!

data/examples/test_op.rb

@@ -1,63 +1,62 @@
 require 'palo_alto'
 
-a= {commit: { partial:[
-  {'admin': ['admin']},
-   'no-template',
-   'no-template-stack',
-   'no-log-collector',
-   'no-log-collector-group',
-   'no-wildfire-appliance',
-   'no-wildfire-appliance-cluster',
-   {'device-and-network': 'excluded'},
-   {'shared-object': 'excluded'}
- ]}}
-
-b= { show: {devices: 'all' } }
-
-c = {revert: { config: {
- partial:[
-  {'admin': ['admin']},
-   'no-template',
-   'no-template-stack',
-   'no-log-collector',
-   'no-log-collector-group',
-   'no-wildfire-appliance',
-   'no-wildfire-appliance-cluster',
-   {'device-and-network': 'excluded'},
-   {'shared-object': 'excluded'}
- ]}}}
-
-d = {commit: nil}
+a = { commit: { partial: [
+  { admin: ['admin'] },
+  'no-template',
+  'no-template-stack',
+  'no-log-collector',
+  'no-log-collector-group',
+  'no-wildfire-appliance',
+  'no-wildfire-appliance-cluster',
+  { 'device-and-network': 'excluded' },
+  { 'shared-object': 'excluded' }
+] } }
+
+b = { show: { devices: 'all' } }
+
+c = { revert: { config: {
+  partial: [
+    { admin: ['admin'] },
+    'no-template',
+    'no-template-stack',
+    'no-log-collector',
+    'no-log-collector-group',
+    'no-wildfire-appliance',
+    'no-wildfire-appliance-cluster',
+    { 'device-and-network': 'excluded' },
+    { 'shared-object': 'excluded' }
+  ]
+} } }
+
+d = { commit: nil }
 
 e = 'commit'
 
-f = {revert: 'config'}
+f = { revert: 'config' }
 
-g= {show: 'templates'}
+g = { show: 'templates' }
 
-h= {show: 'devicegroups'}
+h = { show: 'devicegroups' }
 
-j={show: {jobs: {id: 12431}}}
+j = { show: { jobs: { id: 12_431 } } }
 
-k={check: 'full-commit-required'}
+k = { check: 'full-commit-required' }
 
-push_to_device={	'commit-all': { 'shared-policy': { 'device-group': [{name:'TEST-DG'}]}}}
+push_to_device = {	'commit-all': { 'shared-policy': { 'device-group': [{ name: 'TEST-DG' }] } } }
 
-#validate:
-p={	'commit-all': 
-	{
-		'shared-policy': [
-			{'device-group': [{name:'PLAYGROUND'}]},
-			{'include-template':'yes'},
-			{'merge-with-candidate-cfg':'yes'},
-			{'force-template-values':'no'},
-			{'validate-only':'yes'}
-		]
-	}
-}
-
-i = {show: {query: {result: {id: 10438 }}}}
+# validate:
+p = {	'commit-all':
+  {
+    'shared-policy': [
+      { 'device-group': [{ name: 'PLAYGROUND' }] },
+      { 'include-template': 'yes' },
+      { 'merge-with-candidate-cfg': 'yes' },
+      { 'force-template-values': 'no' },
+      { 'validate-only': 'yes' }
+    ]
+  } }
 
+i = { show: { query: { result: { id: 10_438 } } } }
 
 # hit counts:
 device_group = 'PLAYGROUND'
@@ -69,11 +68,11 @@ l = {
         entry: [{
           name: device_group
         }, {
-          "pre-rulebase": [{
+          'pre-rulebase': [{
             entry: [{
               name: 'security'
             }, {
-              'rules': 'all'
+              rules: 'all'
             }]
           }]
         }]
@@ -83,7 +82,7 @@ l = {
 }
 
 # hit count for one rule, with more details:
-rule_name = "Rule 27"
+rule_name = 'Rule 27'
 l = {
   show: {
     'rule-hit-count': [{
@@ -91,12 +90,12 @@ l = {
         entry: [{
           name: device_group
         }, {
-          "pre-rulebase": [{
+          'pre-rulebase': [{
             entry: [{
               name: 'security'
             }, {
-              'rules': {
-                "rule-name": [{
+              rules: {
+                'rule-name': [{
                   entry: [{
                     name: rule_name
                   }]
@@ -110,18 +109,16 @@ l = {
   }
 }
 
+client = PaloAlto::XML.new(host: 'panorama-test', username: 'admin', password: 'Admin123!', debug: %i[sent received])
 
-client = PaloAlto::XML.new(host: "panorama-test", username: "admin", password: "Admin123!", debug: [:sent, :received])
-
-#pp client.op.execute(a)
-#pp client.op.execute(b)
-#pp client.op.execute(c)
+# pp client.op.execute(a)
+# pp client.op.execute(b)
+# pp client.op.execute(c)
 pp client.op.execute(d)
-puts "---------------------------"
+puts '---------------------------'
 pp client.op.execute(e)
-puts "---------------------------"
+puts '---------------------------'
 
-#pp client.op.execute(f)
+# pp client.op.execute(f)
 
 pp client.op.execute(k)
-

data/lib/palo_alto/config.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
-# generated: 2022-08-09 10:45:48 +0200
+# generated: 2022-09-09 13:55:04 +0200
 # rubocop:disable Style/FrozenStringLiteralComment
 require 'openssl'
 require 'nokogiri'
@@ -347,12 +347,12 @@ end
 def inspect
 to_s[0...-1] + ' ' + values(full_tree: false).map { |k, v| "#{k}: #{v.inspect}" }.join(', ') + '>'
 end
-def get_all
+def get_all(xpath: to_xpath)
 raise(InvalidCommandException, "please use 'get' here") if self.class.superclass != ArrayConfigClass
 payload = {
 type: 'config',
 action: 'get',
-xpath: to_xpath
+xpath: xpath
 }
 data = @client.execute(payload)
 start_time = Time.now
@@ -414,8 +414,10 @@ api_attributes[attr.name] = attr.value
 end
 end
 def get_class_from_child_str(child)
-# check for class name in camelcase format
-self.class.const_get(child.name.capitalize.gsub(/-(.)/) { Regexp.last_match(1).upcase })
+str = child.name.dup
+str[0] = str[0].upcase
+name = str.gsub(/-(.)/) { |_e| Regexp.last_match(1).upcase }
+self.class.const_get(name)
 rescue NameError
 raise "Child not found for #{self.class.to_s}: #{child.name}"
 end
@@ -425,9 +427,9 @@ child.name.match(/\A[a-zA-Z0-9_-]*\z/) or raise 'invalid character'
 if (prop = self.class.props[child.name])
 if has_multiple_values?
 @external_values[child.name] ||= []
-@external_values[child.name] << enforce_type(prop, child.text)
+@external_values[child.name] << enforce_type(prop, child.text, skip_validation: true)
 else
-@external_values[child.name] = enforce_type(prop, child.text)
+@external_values[child.name] = enforce_type(prop, child.text, skip_validation: true)
 end
 elsif (new_class = get_class_from_child_str(child))
 if new_class.superclass == ConfigClass
@@ -446,7 +448,7 @@ end
 subclass
 end
 end
-def enforce_type(prop_arr, value, value_type: prop_arr['type'])
+def enforce_type(prop_arr, value, value_type: prop_arr['type'], skip_validation: false)
 case value_type
 when 'bool'
 return true if ['yes', true].include?(value)
@@ -456,10 +458,10 @@ when 'string', 'ipdiscontmask', 'iprangespec', 'ipspec', 'rangelistspec'
 raise(ArgumentError, "Not string: #{value.inspect}") unless value.is_a?(String)
 if prop_arr['regex'] && !value.match(prop_arr['regex']) && !value.match(prop_arr['regex'])
 raise ArgumentError,
-"Not matching regex: #{value.inspect} (#{prop_arr['regex'].inspect})"
+"Not matching regex: #{value.inspect} (#{prop_arr['regex'].inspect})" unless skip_validation
 end
 if prop_arr['maxlen'] && (value.length > prop_arr['maxlen'].to_i)
-raise(ArgumentError, "Too long, max. #{prop_arr['maxlen'].to_i} characters allowed")
+raise(ArgumentError, "Too long, max. #{prop_arr['maxlen'].to_i} characters allowed") unless skip_validation
 end
 value
 when 'enum'
@@ -485,8 +487,8 @@ end
 raise(ArgumentError, "Nothing matching found for #{value.inspect} (#{prop_arr.inspect})")
 end
 end
-def xml_builder(xml, full_tree: false, changed_only: true)
-keys = changed_only ? @values.keys : self.class.props.keys
+def xml_builder(xml, full_tree: false)
+keys = self.class.props.keys
 keys.map do |k|
 next if k.start_with?('@')
 v = prop_get(k, include_defaults: false)
@@ -502,12 +504,13 @@ if full_tree
 if subclass.is_a?(Hash)
 subclass.each do |k2, subclass2|
 xml.public_send(k, k2) do |xml2|
-subclass2.xml_builder(xml2, full_tree: full_tree, changed_only: changed_only)
+subclass2.xml_builder(xml2, full_tree: full_tree)
 end
 end
 else
+k = 'method_' if k=='method'
 xml.public_send(k) do |xml2|
-subclass.xml_builder(xml2, full_tree: full_tree, changed_only: changed_only)
+subclass.xml_builder(xml2, full_tree: full_tree)
 end
 end
 end
@@ -595,7 +598,7 @@ elsif @external_values.key?(prop) && @external_values[prop].is_a?(Array)
 @values[prop] = @external_values[prop].dup
 elsif @external_values.key?(prop)
 @external_values[prop]
-elsif my_prop.key?('default') && include_defaults
+elsif my_prop.key?('default') && ( my_prop['optional'] != 'yes' || include_defaults )
 enforce_types(my_prop, my_prop['default'])
 end
 end
@@ -615,14 +618,14 @@ my_prop = self.class.props[prop] or raise(InternalErrorException,
 "Unknown attribute for #{self.class}: #{prop}")
 @values[prop] = enforce_types(my_prop, value)
 end
-def to_xml(changed_only:, full_tree:, include_root:)
+def to_xml(full_tree:, include_root:)
 builder = Nokogiri::XML::Builder.new do |xml|
 xml.public_send(_section, begin
 selector
 rescue StandardError
 nil
 end) do
-xml_builder(xml, changed_only: changed_only, full_tree: full_tree)
+xml_builder(xml, full_tree: full_tree)
 end
 end
 if include_root
@@ -632,7 +635,7 @@ builder.doc.root.children.map(&:to_xml).join("\n")
 end
 end
 def push!
-xml_str = to_xml(changed_only: false, full_tree: true, include_root: true)
+xml_str = to_xml(full_tree: true, include_root: true)
 payload = {
 type: 'config',
 action: 'edit',
@@ -695,7 +698,9 @@ obj = xpath.where(PaloAlto.xpath_attr(k.to_sym) == v)
 end
 def rename!(new_name, internal_only: false)
 # https://docs.paloaltonetworks.com/pan-os/10-1/pan-os-panorama-api/pan-os-xml-api-request-types/configuration-api/rename-configuration.html
-unless internal_only
+result = if internal_only
+true
+else
 payload = {
 type: 'config',
 action: 'rename',
@@ -708,6 +713,7 @@ end
 selector.transform_values! { new_name }
 @external_values["@#{selector.keys.first}"] = new_name
 set_xpath_from_selector!
+result
 end
 end
 # no end of class Xml here as generated source will be added here
@@ -27097,7 +27103,15 @@ end # class Global
 def global
 @subclasses['global'] ||= Global.new(parent_instance: self, client: @client, create_children: @create_children)
 end
-@props = {'dashboard'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'acc'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'menu-tree-path'=>'ACC', 'prune-on-sdb'=>'cfg.vm-license-type=vm50l,cfg.platform.model=PA-410', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'tasks'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}}
+@props = {'validate'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'string', 'help-string'=>'Validate'}, 'dashboard'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'acc'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'menu-tree-path'=>'ACC', 'prune-on-sdb'=>'cfg.vm-license-type=vm50l,cfg.platform.model=PA-410', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'tasks'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}}
+# Validate
+def validate
+prop_get('validate')
+end
+# Validate
+def validate=(val)
+prop_set('validate', val)
+end
 def dashboard
 prop_get('dashboard')
 end
@@ -29481,7 +29495,15 @@ end # class Global
 def global
 @subclasses['global'] ||= Global.new(parent_instance: self, client: @client, create_children: @create_children)
 end
-@props = {'dashboard'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'acc'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'menu-tree-path'=>'ACC', 'prune-on-sdb'=>'cfg.vm-license-type=vm50l,cfg.platform.model=PA-410', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'tasks'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}}
+@props = {'validate'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'string', 'help-string'=>'Validate'}, 'dashboard'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'acc'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'menu-tree-path'=>'ACC', 'prune-on-sdb'=>'cfg.vm-license-type=vm50l,cfg.platform.model=PA-410', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'tasks'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}}
+# Validate
+def validate
+prop_get('validate')
+end
+# Validate
+def validate=(val)
+prop_set('validate', val)
+end
 def dashboard
 prop_get('dashboard')
 end
@@ -85332,7 +85354,15 @@ end # class Global
 def global
 @subclasses['global'] ||= Global.new(parent_instance: self, client: @client, create_children: @create_children)
 end
-@props = {'dashboard'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'acc'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'menu-tree-path'=>'ACC', 'prune-on-sdb'=>'cfg.vm-license-type=vm50l,cfg.platform.model=PA-410', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'tasks'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}}
+@props = {'validate'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'string', 'help-string'=>'Validate'}, 'dashboard'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'acc'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'menu-tree-path'=>'ACC', 'prune-on-sdb'=>'cfg.vm-license-type=vm50l,cfg.platform.model=PA-410', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}, 'tasks'=>{'node-type'=>'element', 'optional'=>'yes', 'type'=>'enum', 'enum'=>[{'value'=>'enable'}, {'value'=>'disable'}]}}
+# Validate
+def validate
+prop_get('validate')
+end
+# Validate
+def validate=(val)
+prop_set('validate', val)
+end
 def dashboard
 prop_get('dashboard')
 end

data/lib/palo_alto/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module PaloAlto
-  VERSION = '0.3.0'
+  VERSION = '0.3.1'
 end

data/lib/palo_alto.rb

@@ -74,7 +74,6 @@ module PaloAlto
 
   module Helpers
     class Rest
-      @http_clients = {} # will include [http_client, lock]
       @global_lock = Mutex.new
 
       def self.make_request(opts)
@@ -91,16 +90,18 @@ module PaloAlto
         options = options.merge(opts)
         options[:headers].merge!(headers)
 
-        http_client = lock = nil
+        http_client = nil
 
         @global_lock.synchronize do
-          unless (http_client, lock = @http_clients[options[:host]])
+          Thread.current[:http_clients] ||= {}
+
+          unless (http_client = Thread.current[:http_clients][options[:host]])
             http_client = Net::HTTP.new(options[:host], 443)
             http_client.use_ssl = true
             http_client.verify_mode = options[:verify_ssl]
             http_client.read_timeout = http_client.open_timeout = (options[:timeout] || 60)
             http_client.set_debug_output(options[:debug].include?(:http) ? $stdout : nil)
-            @http_clients[options[:host]] = [http_client, (lock = Mutex.new)]
+            Thread.current[:http_clients][options[:host]] = http_client
           end
         end
 
@@ -114,11 +115,9 @@ module PaloAlto
           post_req.set_form_data(payload)
         end
 
-        response = lock.synchronize do
-          http_client.start unless http_client.started?
+        http_client.start unless http_client.started?
 
-          http_client.request(post_req)
-        end
+        response = http_client.request(post_req)
 
         case response.code
         when '200'
@@ -168,9 +167,17 @@ module PaloAlto
   end
 
   class XML
-    attr_accessor :host, :username, :password, :auth_key, :verify_ssl, :debug, :timeout
+    attr_accessor :host, :username, :auth_key, :verify_ssl, :debug, :timeout
+
+    def pretty_print_instance_variables
+      super - [:@password, :@subclasses, :@subclasses, :@expression, :@arguments]
+    end
+
+    def execute(payload, skip_authentication: false)
+      if !auth_key && !skip_authentication
+        get_auth_key
+      end
 
-    def execute(payload)
       retried = false
       begin
         # configure options for the request
@@ -191,14 +198,14 @@ module PaloAlto
         start_time = Time.now
         text = Helpers::Rest.make_request(options)
         if debug.include?(:statistics)
-          warn "Elapsed for API call #{payload[:type]}/#{payload[:action] || '(unknown action)'}: #{Time.now - start_time} seconds"
+          warn "Elapsed for API call #{payload[:type]}/#{payload[:action] || '(unknown action)'} on #{host}: #{Time.now - start_time} seconds"
         end
 
         warn "received: #{Time.now}\n#{text}\n" if debug.include?(:received)
 
         data = Nokogiri::XML.parse(text)
         unless data.xpath('//response/@status').to_s == 'success'
-          warn 'command failed'
+          warn "command failed on host #{host} at #{Time.now}"
           warn "sent:\n#{options.inspect}\n" if debug.include?(:sent_on_error)
           warn "received:\n#{text.inspect}\n" if debug.include?(:received_on_error)
           code = data.at_xpath('//response/@code')&.value.to_i # sometimes there is no code :( e.g. for 'op' errors
@@ -232,8 +239,12 @@ module PaloAlto
             else
               { commit: { partial: [
                 { 'admin': [username] },
-                device_groups ? ( device_groups.empty? ? 'no-device-group' : { 'device-group': device_groups } ) : nil,
-                templates ? ( templates.empty? ? 'no-template' : { 'template': templates } ) : nil,
+                if device_groups
+                  device_groups.empty? ? 'no-device-group' : { 'device-group': device_groups }
+                end,
+                if templates
+                  templates.empty? ? 'no-template' : { 'template': templates }
+                end,
                 'no-template-stack',
                 'no-log-collector',
                 'no-log-collector-group',
@@ -339,14 +350,17 @@ module PaloAlto
       }
     end
 
-    def wait_for_job_completion(job_id, wait: 5, timeout: 480)
+    def wait_for_job_completion(job_id, wait: 5, timeout: 600)
       cmd = { show: { jobs: { id: job_id } } }
       start = Time.now
       loop do
-        result = op.execute(cmd)
-        status = result.at_xpath('response/result/job/status')&.text
-        return result unless %w[ACT PEND].include?(status)
-
+        begin
+          result = op.execute(cmd)
+          status = result.at_xpath('response/result/job/status')&.text
+          return result unless %w[ACT PEND].include?(status)
+        rescue => e
+          warn [:job_query_error, e].inspect
+        end
         sleep wait
         break unless start + timeout > Time.now
       end
@@ -384,20 +398,17 @@ module PaloAlto
     end
 
     def initialize(host:, username:, password:, verify_ssl: OpenSSL::SSL::VERIFY_NONE, debug: [])
-      self.host       = host
-      self.username   = username
-      self.password   = password
-      self.verify_ssl = verify_ssl
-      self.debug      = debug
+      @host       = host
+      @username   = username
+      @password   = password
+      @verify_ssl = verify_ssl
+      @debug      = debug
 
       @subclasses = {}
 
       # xpath
       @expression = :root
       @arguments = [Expression.new(:this_node), []]
-
-      # attempt to obtain the auth_key
-      get_auth_key
     end
 
     # Perform a query to the API endpoint for an auth_key based on the credentials provided
@@ -405,10 +416,10 @@ module PaloAlto
       # establish the required options for the key request
       payload = { type: 'keygen',
                   user: username,
-                  password: password }
+                  password: @password }
 
       # get and parse the response for the key
-      xml_data = execute(payload)
+      xml_data = execute(payload, skip_authentication: true)
       self.auth_key = xml_data.xpath('//response/result/key')[0].content
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: palo_alto
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.3.1
 platform: ruby
 authors:
 - Sebastian Roesner
 autorequire: 
 bindir: exe
 cert_chain: []
-date: 2022-08-09 00:00:00.000000000 Z
+date: 2022-09-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: nokogiri