Using MaaS OAuth 1.0 credentials for REST API integration tools

tlu-earthdaily · 1 May 2023 22:43

I’ve been attempting to add MaaS to some third-party automation and integration products (eg. n8n/Nodemation; Zapier; ReTool), but although I’ve read the MaaS API Authentication Reference documentation, I’ve not been able to make any headway.

When I attempt to add MaaS’s credentials via a header auth per the cURL example, the following does not work:
"Authorization" : "OAuth oauth_version=1.0, oauth_signature_method=PLAINTEXT, oauth_consumer_key={consumerKey}, oauth_token={token}, oauth_signature=&{signature}, oauth_nonce=$(uuidgen), oauth_timestamp=$(date +%s)"

If I instead want to add MaaS via OAuth 1.0 credentials, some of the tools prompt for the following, even though OAuth 1.0 was specified instead of OAuth 2.0:

Authorization URL
Access Token URL
Token Secret
Realm
Request Token URL
Signature Method (HMAC-SHA1; HMAC-SHA256; HMAC-SHA512)

Does anyone have any insight? (I suspect the OAuth 1.0 in these tools are actuall OAuth 1.0a… I’m not sure)

troyanov · 2 May 2023 07:56

Can you paste verbose cURL output? I am wondering if you split API KEY correctly…

Just checked and it works for me:

❯ set API_KEY (string split : '4EQeqcnotB3SmCAARP:VDgsywawXZTSFyqqw:h77ZskPJsecretjxrQRNbMzaQ3Qa')
❯ MAAS_URL='http://10.0.0.1:5240' curl --header "Authorization: OAuth oauth_version=1.0, oauth_signature_method=PLAINTEXT, oauth_consumer_key=$API_KEY[1], oauth_token=$API_KEY[2], oauth_signature=&$API_KEY[3], oauth_nonce=$(uuidgen), oauth_timestamp=$(date +%s)" $MAAS_URL/MAAS/api/2.0/users/ -v

troyanov · 3 June 2023 10:51

Hello @tlu-earthdaily
Do you still experiencing this issue? Unfortunately I cannot help you without knowing your curl parameters.

borsik · 16 January 2025 16:28

I needed just basic list of MaaS machines, one line per host and first IP address. For this purpose I created shell script using jq (apt install jq):

# Split the API_KEY into separate parts
API_KEY="<your-maas-api-key>"
IFS=':' read -r CONSUMER_KEY TOKEN TOKEN_SECRET <<< "$API_KEY"

# Set the MAAS_URL
MAAS_URL='http://localhost:5240'

# Make the curl request with OAuth header and adjust the output format
curl --header "Authorization: OAuth \
    oauth_version=1.0, \
    oauth_signature_method=PLAINTEXT, \
    oauth_consumer_key=$CONSUMER_KEY, \
    oauth_token=$TOKEN, \
    oauth_signature=&$TOKEN_SECRET, \
    oauth_nonce=$(uuidgen), \
    oauth_timestamp=$(date +%s)" \
    $MAAS_URL/MAAS/api/2.0/machines/ -v \
| jq -r '.[] | "\(.hostname) \(.ip_addresses[0])"'

Hope that’s help to someone.