def create(self,
app_id=None,
platform=None,
provider_address=None,
apple_key_store=None,
apple_key_label=None,
firebase_server_key=None):
apple = DataObject()
apple.add_value_string("key_store", apple_key_store)
apple.add_value_string("key_label", apple_key_label)
if apple.data:
apple.add_value_string("provider_address", provider_address)
firebase = DataObject()
firebase.add_value_string("server_key", firebase_server_key)
if firebase.data:
firebase.add_value_string("provider_address", provider_address)
provider = DataObject()
provider.add_value_not_empty("apple", apple.data)
provider.add_value_not_empty("firebase", firebase.data)
data = DataObject()
data.add_value_string("app_id", app_id)
data.add_value_string("platform", platform)
data.add_value_not_empty("provider", provider.data)
response = self.client.post_json(PUSH_NOTIFICATION, data.data)
response.success = response.status_code == 200
return response
def update(self, instance, resource_server, resource_name=None, server_type="standard",
method=None, path=None, name=None, policy_type=None, policy_name=None,
static_response_headers=None, rate_limiting_policy=None, url_aliases=None,
documentation_content_type=None, documentation_file=None):
data = DataObject()
data.add_value_string("method", method)
data.add_value_string("path", path)
data.add_value_string("name", name)
policy = DataObject()
policy.add_value_string("type", policy_type)
policy.add_value_string("name", policy_name)
data.add_value_not_empty("policy", policy.daita)
data.add_value_not_empty("static_response_headers", static_response_headers)
data.add_value_string("rate_limiting_policy", rate_limiting_policy)
data.add_value_not_empty("url_aliases", url_aliases)
documentation = DataObject()
documentation.add_value_string("content_type", documentation_content_type)
documentation.add_value_string("file", documentation_file)
data.add_alue_not_empty("documentation", documentation.data)
endpoint = APIAC + "/resource/instance/{}/server/{}/resource/{}?server_type={}".format(
instance, resource_server, resource_name, server_type)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def create_smtp(
self, name=None, description=None,connect_timeout=None,
connection_host_name=None, connection_host_port=None,
connection_ssl=None, connection_user=None, connection_password=None):
connection_data = DataObject()
connection_data.add_value_string("hostName", connection_host_name)
connection_data.add_value("hostPort", connection_host_port)
connection_data.add_value("ssl", connection_ssl)
connection_data.add_value("user", connection_user)
connection_data.add_value("password", connection_password)
manager_data = DataObject()
manager_data.add_value("connectTimeout", connect_timeout)
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("description", description)
data.add_value_string("type", "smtp")
data.add_value_not_empty("connection", connection_data.data)
data.add_value_not_empty("connectionManager", manager_data.data)
endpoint = SERVER_CONNECTION_SMTP + "/v1"
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 201
return response
def configure_fed(self,
webseal_id,
federation_id=None,
reuse_certs=False,
reuse_acls=False,
runtime_hostname=None,
runtime_port=None,
runtime_username=None,
runtime_password=None):
data = DataObject()
data.add_value_string("federation_id", federation_id)
data.add_value("reuse_certs", reuse_certs)
data.add_value("reuse_acls", reuse_acls)
runtime_data = DataObject()
runtime_data.add_value_string("hostname", runtime_hostname)
runtime_data.add_value_string("port", runtime_port)
runtime_data.add_value_string("username", runtime_username)
runtime_data.add_value_string("password", runtime_password)
data.add_value_not_empty("runtime", runtime_data.data)
endpoint = "%s/%s/fed_config" % (REVERSEPROXY, webseal_id)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def create_isam_runtime(
self, name=None, description=None, locked=None,
connection_bind_dn=None,
connection_bind_pwd=None, connection_ssl_truststore=None,
connection_ssl_auth_key=None,
connection_ssl=None, connect_timeout=None, servers=None):
connection_data = DataObject()
connection_data.add_value_string("bindDN", connection_bind_dn)
connection_data.add_value_string("bindPwd", connection_bind_pwd)
connection_data.add_value_string(
"sslTruststore", connection_ssl_truststore)
connection_data.add_value_string("sslAuthKey", connection_ssl_auth_key)
connection_data.add_value("ssl", connection_ssl)
manager_data = DataObject()
manager_data.add_value("connectTimeout", connect_timeout)
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("description", description)
data.add_value_string("type", "isamruntime")
data.add_value("locked", locked)
data.add_value("servers", servers)
data.add_value_not_empty("connection", connection_data.data)
data.add_value_not_empty("connectionManager", manager_data.data)
endpoint = SERVER_CONNECTION_ISAM_RUNTIME + "/v1"
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 201
return response
def create_web_service(
self, name=None, description=None, locked=None, connection_url=None,
connection_user=None, connection_password=None,
connection_ssl_truststore=None, connection_ssl_auth_key=None,
connection_ssl=None):
connection_data = DataObject()
connection_data.add_value_string("url", connection_url)
connection_data.add_value_string("user", connection_user)
connection_data.add_value_string("password", connection_password)
connection_data.add_value_string(
"sslTruststore", connection_ssl_truststore)
connection_data.add_value_string("sslAuthKey", connection_ssl_auth_key)
connection_data.add_value("ssl", connection_ssl)
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("description", description)
data.add_value_string("type", "ws")
data.add_value("locked", locked)
data.add_value_not_empty("connection", connection_data.data)
endpoint = SERVER_CONNECTION_WEB_SERVICE + "/v1"
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 201
return response
def create_ci(
self, name=None, description=None, locked=None,
connection_host_name=None, connection_client_id=None,
connection_client_secret=None, connection_ssl_truststore=None):
connection_data = DataObject()
connection_data.add_value_string("adminHost", connection_host_name)
connection_data.add_value("clientId", connection_client_id)
connection_data.add_value("clientSecret", connection_client_secret)
connection_data.add_value("ssl", True)
connection_data.add_value("sslTruststore", connection_ssl_truststore)
connection_data.add_value("usersEndpoint", "/v2.0/Users")
# yes, I know this is a token endpoint. The parameter name was poorly selected
connection_data.add_value("authorizeEndpoint", "/v1.0/endpoint/default/token")
connection_data.add_value("authenticatorsEndpoint", "/v1.0/authenticators")
connection_data.add_value("authnmethodsEndpoint", "/v1.0/authnmethods")
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("description", description)
data.add_value_string("type", "ci")
data.add_value_string("locked", locked)
data.add_value_not_empty("connection", connection_data.data)
endpoint = SERVER_CONNECTION_CI + "/v1"
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 201
return response
def create_attribute(
self, category=None, matcher=None, issuer=None, description=None,
name=None, datatype=None, uri=None, storage_session=None,
storage_behavior=None, storage_device=None, type_risk=None,
type_policy=None):
storage_data = DataObject()
storage_data.add_value("session", storage_session)
storage_data.add_value("behavior", storage_behavior)
storage_data.add_value("device", storage_device)
type_data = DataObject()
type_data.add_value("risk", type_risk)
type_data.add_value("policy", type_policy)
data = DataObject()
data.add_value_string("category", category)
data.add_value_string("matcher", matcher)
data.add_value_string("issuer", issuer)
data.add_value_string("description", description)
data.add_value_string("name", name)
data.add_value_string("datatype", datatype)
data.add_value_string("uri", uri)
data.add_value("predefined", False)
data.add_value_not_empty("storageDomain", storage_data.data)
data.add_value_not_empty("type", type_data.data)
response = self.client.post_json(ATTRIBUTES, data.data)
response.success = response.status_code == 201
return response
def create_oidc_federation(self,
name=None,
role=None,
issuer_identifier=None,
signature_algorithm=None,
signing_keystore=None,
signing_key_label=None,
refresh_token_length=None,
authorization_grant_lifetime=None,
authorization_code_lifetime=None,
authorization_code_length=None,
access_token_lifetime=None,
access_token_length=None,
id_token_lifetime=None,
grant_types_supported=None,
active_delegate_id=None,
rule_type=None,
identity_mapping_rule_reference=None,
applies_to=None,
auth_type=None,
basic_auth_username=None,
basic_auth_password=None,
client_key_store=None,
client_key_alias=None,
issuer_uri=None,
message_format=None,
ssl_key_store=None,
uri=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("protocol", "OIDC")
data.add_value_string("role", role)
attributeMapping = DataObject()
identityMapping = DataObject()
identityMapping.add_value_string("activeDelegateId",
active_delegate_id)
properties = DataObject()
properties.add_value_string("ruleType", rule_type)
properties.add_value_string("identityMappingRuleReference",
identity_mapping_rule_reference)
identityMapping.add_value_not_empty("properties", properties.data)
configuration = DataObject()
configuration.add_value_not_empty("identityMapping",
identityMapping.data)
configuration.add_value_not_empty("attributeMapping",
attributeMapping.data)
data.add_value_not_empty("configuration", configuration.data)
response = self.client.post_json(FEDERATIONS, data.data)
response.success = response.status_code == 201
return response
def create_user(self, user=None, password=None, groups=[]):
data = DataObject()
data.add_value_string('id', user)
data.add_value_string('password', password)
if groups:
groups_data = DataObject()
for group in groups:
groups_data.add_value('id', group)
data.add_value_not_empty('groups', groups_data.data)
endpoint = SYSACCOUNT_USERS + '/v1'
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def update(self, enforce_config=False, roles=[]):
auth_config = DataObject()
auth_config.add_value_boolean("enforcing", enforce_config)
auth_roles = DataObject()
auth_roles.add_value_not_empty("roles", roles)
data = DataObject()
data.add_value("config", auth_config.data)
data.add_value_not_empty("roles", auth_roles.data)
endpoint = MANAGEMENT_AUTHORIZATION + '/v1'
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def configure(
self, ps_mode=None, user_registry=None, admin_password=None,
ldap_password=None, admin_cert_lifetime=None, ssl_compliance=None,
ldap_host=None, ldap_port=None, isam_domain=None, ldap_dn=None,
ldap_suffix=None, ldap_ssl_db=None, ldap_ssl_label=None,
isam_host=None, isam_port=None, clean_ldap=None):
data = DataObject()
data.add_value_string("ps_mode", ps_mode)
data.add_value_string("user_registry", user_registry)
data.add_value_string("admin_cert_lifetime", admin_cert_lifetime)
data.add_value_string("ssl_compliance", ssl_compliance)
data.add_value_string("admin_pwd", admin_password)
data.add_value_string("ldap_pwd", ldap_password)
data.add_value_string("ldap_host", ldap_host)
data.add_value_string("domain", isam_domain)
data.add_value_string("ldap_dn", ldap_dn)
data.add_value_string("ldap_suffix", ldap_suffix)
data.add_value_string("clean_ldap", clean_ldap)
if ldap_ssl_db is not None:
data.add_value_string("ldap_ssl_db", ldap_ssl_db if ldap_ssl_db.endswith(".kdb") else ldap_ssl_db+".kdb")
data.add_value_string("usessl", "on")
data.add_value_string("ldap_ssl_label", ldap_ssl_label)
data.add_value_string("isam_host", isam_host)
data.add_value("ldap_port", ldap_port)
data.add_value("isam_port", isam_port)
logger.info(data.data)
response = self.client.post_json(RUNTIME_COMPONENT, data.data)
response.success = response.status_code == 200
return response
def update_route(self,
uuid,
enabled=None,
address=None,
mask_or_prefix=None,
gateway=None,
interface_uuid=None,
metric=0,
comment=None,
table=None):
data = DataObject()
data.add_value_string("address", address)
data.add_value_string("maskOrPrefix", mask_or_prefix)
data.add_value("enabled", enabled)
data.add_value("metric", metric)
data.add_value_string("gateway", gateway)
data.add_value_string("interfaceUUID", interface_uuid)
data.add_value_string("metric", metric)
data.add_value_string("comment", comment)
data.add_value_string("table", table)
url = ROUTES + '/' + uuid
response = self.client.put_json(url, data.data)
response.success = response.status_code == 200
return response
def create_client(
self, name=None, redirect_uri=None, company_name=None,
company_url=None, contact_person=None, contact_type=None,
email=None, phone=None, other_info=None, definition=None,
client_id=None, client_secret=None, require_pkce_verification=None,
jwks_uri=None, encryption_db=None, encryption_cert=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value("redirectUri", redirect_uri)
data.add_value_string("companyName", company_name)
data.add_value_string("companyUrl", company_url)
data.add_value_string("contactPerson", contact_person)
data.add_value_string("contactType", contact_type)
data.add_value_string("email", email)
data.add_value_string("phone", phone)
data.add_value_string("otherInfo", other_info)
data.add_value_string("definition", definition)
data.add_value_string("clientId", client_id)
data.add_value_string("clientSecret", client_secret)
data.add_value_boolean("requirePkce", require_pkce_verification)
data.add_value_string("jwksUri", jwks_uri)
data.add_value_string("encryptionDb", encryption_db)
data.add_value_string("encryptioncert", encryption_cert)
response = self.client.post_json(CLIENTS, data.data)
response.success = response.status_code == 201
return response
def configure_api_protection(self,
webseal_id,
hostname=None,
port=None,
username=None,
password=None,
reuse_certs=None,
reuse_acls=None,
api=None,
browser=None,
junction=None):
data = DataObject()
data.add_value_string("hostname", hostname)
data.add_value_string("username", username)
data.add_value_string("password", password)
data.add_value("port", port)
data.add_value("junction", junction if junction != None else "/mga")
data.add_value_boolean("reuse_certs", reuse_certs)
data.add_value_boolean("reuse_acls", reuse_acls)
data.add_value_boolean("api", api)
data.add_value_boolean("browser", browser)
endpoint = "%s/%s/oauth_config" % (REVERSEPROXY, webseal_id)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def create_policy(self,
policy_name=None,
category=None,
policy_type="JavaScript",
file_name=None):
data = DataObject()
response = None
try:
with open(file_name, 'rb') as content:
data.add_value_string('category', category)
data.add_value_string('type', policy_type)
data.add_value_string('name', policy_name)
data.add_value_string("content",
content.read().decode('utf-8'))
except IOError as e:
logger.error(e)
response = Response()
response.success = False
if response == None:
endpoint = ACCESS_POLICY
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 201
return response
def set_db(self,
db_type=None,
port=None,
host=None,
secure=True,
user=None,
passwd=None,
db_name=None):
data = DataObject()
get_response = self.get_db()
data.data = get_response.json
data.add_value_string("hvdb_address", host)
data.add_value_string("hvdb_port", port)
data.add_value_string("hvdb_db_secure", "true" if secure else "false")
data.add_value_string("hvdb_user", user)
data.add_value_string("hvdb_password", passwd)
data.add_value_string("hvdb_db_name", db_name)
data.add_value_string("hvdb_db_type", db_type)
endpoint = RUNTIME_DB
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def create_rule(self,
file_name=None,
rule_name=None,
category=None,
content=None):
response = Response()
try:
data = DataObject()
data.add_value_string("fileName",
("%s_%s.js" % (category, rule_name)))
data.add_value_string("category", category)
data.add_value_string("name", rule_name)
if content == None:
with open(file_name, 'rb') as content:
data.add_value_string("content",
content.read().decode('utf-8'))
else:
data.add_value_string("content", content)
endpoint = MAPPING_RULES
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 201
except IOError as e:
logger.error(e)
response.success = False
return response
def update(self, _id=None, fsso_config_data=None):
data = DataObject()
data.add_value("fsso_config_data", fsso_config_data)
endpoint = FSSO_CONFIG + "/{}".format(_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def set_sla_status(self, accept=True):
data = DataObject()
data.add_value("accepted", accept)
response = self.client.put_json(SERVICE_AGREEMENTS_ACCEPTED, data.data)
response.success = response.status_code == 200
return response
def create_group(self, group=None):
data = DataObject()
data.add_value_string("id", group)
endpoint = SYSACCOUNT_GROUPS +'/v1'
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def enable(self, enforce=False):
data = DataObject()
data.add_value_boolean("enforcing", enforce)
endpoint = MANAGEMENT_AUTHORIZATION + '/config/v1'
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def add_user(self, group=None, user=None):
data = DataObject()
data.add_alue_string("id", group)
endpoint = SYSACCOUNT_GROUPS + '/{}/groups/v1'.format(user)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def update(self, _id=None, dynurl_config_data=None):
data = DataObject()
data.add_value("dynurl_config_data", dynurl_config_data)
endpoint = URL_MAPPING + "/{}".format(_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def update(self, _id=None, content=None):
data = DataObject()
data.add_value("content", content)
endpoint = RATELIMIT + "/{}".format(_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def update_embedded_ldap_password(self, password):
data = DataObject()
data.add_value_string("password", password)
response = self.client.post_json(EMBEDDED_LDAP_PASSWORD, data.data)
response.success = response.status_code == 200
return response
def create_jdbc(self, name=None, description=None, locked=None, database_type=None, connection_jndi=None,
connection_host_name=None, connection_port=None, connection_ssl=None, connection_user=None,
connection_password=None, connection_type=None, connection_service_name=None,
connection_dataabse_name=None, connection_aged_timeout=None, connection_connection_timeout=None,
connection_per_thread=None, connection_max_idle=None, connection_max_pool_size=None,
connection_min_pool_size=None, connection_per_local_thread=None, connection_purge_policy=None,
connection_reap_time=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("description", description)
data.add_value_string("locked", locked)
data.add_value_string("type", database_type)
data.add_value_string("jndiId", connection_jndi)
connection_data = DataObject()
connection_data.add_value_string("serverName", connection_host_name)
connection_data.add_value_string("portNumber", connection_port)
connection_data.add_value_string("ssl", connection_ssl)
connection_data.add_value_string("user", connection_user)
connection_data.add_value_string("password", connection_password)
connection_data.add_value_string("type", connection_type)
connection_data.add_value_string("serviceName", connection_service_name)
connection_data.add_value_string("databaseName", connection_database_name)
data.add_value_string("connection", connection_data.data)
manager = DataObject()
manager.add_value_string("agedTimeout", connection_aged_timeout)
manager.add_value_string("connectionTimeout", connection_connection_timeout)
manager.add_value_string("maxConnectionsPerThread", connection_per_thread)
manager.add_value_string("maxIdleTime", connection_max_idle)
manager.add_value_string("maxPoolSize", connection_max_pool_size)
manager.add_value_string("minPoolSize", connection_min_pool_size)
manager.add_value_string("numConnectionsPerThreadLocal", connection_per_thread_local)
manager.add_value_string("purgePolicy", connection_purge_policy)
manager.add_value_string("reapTime", connection_reap_time)
data.add_value_string("connectionManager", manager.data)
endpoint = SERVER_CONNECTION_JDBC + "/v1"
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 201
return response
def create(self, name=None, fsso_config_data=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("fsso_config_data", fsso_config_data)
response = self.client.post_json(FSSO_CONFIG, data.data)
response.success = response.status_code == 200
return response
def create(self, name=None, content=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_not_empty("content", content)
response = self.client.post_json(PASSWORD_STRENGTH, data.data)
response.success = response.status_code == 200
return response
def combine_keytab(self, new_name=None, keytab_files=[]):
data = DataObject()
data.add_value_string("new_name", new_name)
data.add_value_not_empty("keytab_files", keytab_files)
response = self.client.put_json(KERBEROS_KEYTAB, data.data)
response.success = response.status_code == 200
return response