AnsweredAssumed Answered

Need help with Qualys PHP API

Question asked by AASHIS KHANAL on Sep 18, 2018
Latest reply on Sep 18, 2018 by Sam Friday

Hi I am trying to use the PHP API client example and the SimpleQAPI.php class available under the client example. 

 

I am able to use this code to just login and logout. However, I am not able to use this code to make any other api call. 

 

url: https://qualysapi.qg3.apps.qualys.com/api/2.0/fo/session returns Login Successfull message.

 

However similar other url to list ip doesn't work it gives me bad username password. 

https://qualysapi.qg3.apps.qualys.com/api/2.0/fo/asset/ip doesn't work.

 

My code below: 

index.php

<?php

include_once "classes/SimpleQAPI.php";

$params = array('qlogin' => 'myqualysid',
   'connectTimeout' => 10,
   'timeout' => 59,
   'qpassword' => 'qualyspwd',
// 'qdomain' => 'qualysguard.qg3.apps.qualys.com', // For example 'qualysapi.qualys.com'
    'qdomain' => 'qualysapi.qg3.apps.qualys.com',
   'plogin' => 'xegftert',
   'ppassword' => 'xxxxxxx',
   'headers' => array('X-Requested-With: SimpleQAPI'),
   'purl' => 'http://myproxyurl',
   'pport' => '8080');
  
$SimpleQAPI = new SimpleQAPI($params);

// You have to use the login() method to be able to launch the view_xxx_list() methods
// For each request the answer is stored in $SimpleQAPI->resp
$SimpleQAPI->login();
// This should print : 201x-xx-xxTxx:xx:xxZ Logged in
echo $SimpleQAPI->resp;
?>

 

<?php
class SimpleQAPI
{
    // Params
    private $_connectTimeout;
    private $_timeout;
    private $_ckfile;
    private $_qlogin;
    private $_qpassword;
    private $_plogin;
    private $_ppassword;
    private $_purl;
    private $_pport;
    private $_headers;
    private $_post;
    private $_ch;
    private $_is_logged = false;
    private $_proxy = false;
    private $_proxy_auth = false;

    // Answer of a request will be stored in $resp
    public $resp;

    // Constructor
    public function __construct($params){
        if (isset($params['purl']) && isset($params['pport']))
            $this->_proxy = true;
        if (isset($params['plogin']) && isset($params['ppassword']))
            $this->_proxy_auth = true;
        foreach ($params as $key => $value){
            $key = '_'.$key;
            $this->$key = $value;
        }
    }


    // Function to build the post DATA
    private function _build_post(){
        $post = '';
        foreach ($this->_post as $key => $value)
            $post .= $key.'='.$value.'&';
        return substr($post, 0, -1);
    }


    // Function handling common curl operations
    private function _common_curl(){
        $postfields = $this->_build_post();

        $this->_ch = curl_init();
        echo $c_url = "https://".$this->_qdomain."/".$this->_qurl;
        curl_setopt($this->_ch, CURLOPT_URL, $c_url);
        ($this->_is_logged) ? curl_setopt($this->_ch, CURLOPT_COOKIEFILE, $this->_ckfile) : curl_setopt($this->_ch, CURLOPT_COOKIEJAR, $this->_ckfile);
        curl_setopt($this->_ch, CURLOPT_POSTFIELDS, $postfields);
        if ($this->_proxy)
            curl_setopt($this->_ch, CURLOPT_PROXY, $this->_purl.':'.$this->_pport);

        curl_setopt($this->_ch, CURLOPT_POST, TRUE);
        if ($this->_proxy_auth)
            curl_setopt($this->_ch, CURLOPT_PROXYUSERPWD, $this->_plogin.':'.$this->_ppassword);

        curl_setopt($this->_ch, CURLOPT_CONNECTTIMEOUT, $this->_connectTimeout);
        curl_setopt($this->_ch, CURLOPT_TIMEOUT, $this->_timeout);
        curl_setopt($this->_ch, CURLOPT_SSL_VERIFYPEER, FALSE);
        curl_setopt($this->_ch, CURLOPT_SSL_VERIFYHOST , FALSE);
        curl_setopt($this->_ch, CURLOPT_RETURNTRANSFER, TRUE);
        curl_setopt($this->_ch, CURLOPT_HTTPHEADER, $this->_headers);
        $this->resp = curl_exec($this->_ch);

        if(curl_errno($this->_ch))
            echo 'Curl error: ' . curl_error($this->_ch);
        curl_close($this->_ch);
    }


    // Login
    public function login(){
        echo $this->_ckfile = tempnam ('.', 'CURLCOOKIE');
        $this->_post = array('action' => 'login',
            'username' => $this->_qlogin,
            'password' => $this->_qpassword);
        $this->_qurl = 'api/2.0/fo/session/';
        $this->_common_curl();
        $this->_is_logged = true;
    }


    // Logout
    public function logout(){
        $this->_post = array('action' => 'logout');
        $this->_qurl = 'api/2.0/fo/session/';
        $this->_common_curl();
        $this->_is_logged = false;
        unlink($this->_ckfile);
    }

    // View IP list
    public function view_ip_list(){
        $this->_post = array('action' => 'list');
        $this->_qurl = 'api/2.0/fo/asset/ip/';
        $this->_common_curl();
    }

    // View host list
    public function view_host_list(){
        $this->_post = array('action' => 'list');
        $this->_qurl = 'api/2.0/fo/asset/host/';
        $this->_common_curl();
    }

    public function print_arr($array) {
        echo "<pre>";
        print_r($array);
        echo "</pre>";
    }
}

 

Can someone please help ?

Outcomes