Beispiel #1
0
    def __init__(self, api_provider, provider_filter_chain):
        """
        Connector constructor

        :type  api_provider: :class:`vmware.vapi.core.ApiProvider`
        :param api_provider: API Provider
        :type  provider_filter_chain: :class:`list` of
            :class:`vmware.vapi.provider.filter.ApiProviderFilter`
        :param provider_filter_chain: List of API filters in order they are to
            be chained
        """
        provider_chain = provider_filter_chain[:] if provider_filter_chain \
            else []
        # Get the first SecurityContextFilter from the chain
        security_context_filter = six.next(
            six.moves.filter(lambda f: isinstance(f, SecurityContextFilter),
                             provider_chain), None)
        self._legacy_security_context_filter = None
        if not security_context_filter:
            # Add the Legacy filter if no security context filter is present
            self._legacy_security_context_filter = LegacySecurityContextFilter(
            )
            provider_chain.append(self._legacy_security_context_filter)
        provider_chain.append(api_provider)
        # Chain the providers
        num_providers = len(provider_chain)
        for i, provider in enumerate(provider_chain):
            if i < num_providers - 1:
                provider.next_provider = provider_chain[i + 1]
        self._api_provider = provider_chain[0]
        self._application_context = None
Beispiel #2
0
def get_configuration(server, username, password, skipVerification):
    session = get_unverified_session() if skipVerification else None
    if not session:
        session = requests.Session()
    host_url = "https://{}/api".format(server)
    sec_ctx = create_user_password_security_context(username, password)
    session_svc = Session(
        StubConfigurationFactory.new_std_configuration(
            get_requests_connector(
                session=session,
                url=host_url,
                provider_filter_chain=[
                    LegacySecurityContextFilter(security_context=sec_ctx)
                ])))
    session_id = session_svc.create()
    print("Session ID : ", session_id)
    sec_ctx = create_session_security_context(session_id)
    stub_config = StubConfigurationFactory.new_std_configuration(
        get_requests_connector(
            session=session,
            url=host_url,
            provider_filter_chain=[
                LegacySecurityContextFilter(security_context=sec_ctx)
            ]))
    return stub_config
Beispiel #3
0
    def __init__(self, session, server, username, password, bearer_token,
                 hok_token, private_key):
        """
        Initialize VsphereClient by creating a parent stub factory instance
        of all vSphere components.

        :type  session: :class:`requests.Session`
        :param session: Requests HTTP session instance. If not specified,
        then one is automatically created and used
        :type  server: :class:`str`
        :param server: vCenter host name or IP address
        :type  username: :class:`str`
        :param username: Name of the user
        :type  password: :class:`str`
        :param password: Password of the user
        :type  bearer_token: :class:`str`
        :param bearer_token: SAML Bearer Token
        :type  hok_token: :class:`str`
        :param hok_token: SAML Hok Token
        :type  private_key: :class:`str`
        :param private_key: Absolute file path of the private key of the user
        """
        if not session:
            self.session = session = requests.Session()
        host_url = "https://" + server + JSON_RPC_ENDPOINT

        if username is not None and password is not None and \
                not bearer_token and not hok_token:
            sec_ctx = create_user_password_security_context(username, password)
        elif bearer_token and not username and not hok_token:
            sec_ctx = create_saml_bearer_security_context(bearer_token)
        elif hok_token and private_key and not bearer_token and not username:
            sec_ctx = create_saml_security_context(hok_token, private_key)
        else:
            raise ValueError('Please provide exactly one of the following '
                             'authentication scheme: username/password, '
                             'bear_token or hok_token/private_key')

        session_svc = Session(
            StubConfigurationFactory.new_std_configuration(
                get_requests_connector(
                    session=session,
                    url=host_url,
                    provider_filter_chain=[
                        LegacySecurityContextFilter(security_context=sec_ctx)
                    ])))

        session_id = session_svc.create()
        sec_ctx = create_session_security_context(session_id)
        stub_config = StubConfigurationFactory.new_std_configuration(
            get_requests_connector(
                session=session,
                url=host_url,
                provider_filter_chain=[
                    LegacySecurityContextFilter(security_context=sec_ctx)
                ]))
        self.session_svc = Session(stub_config)
        stub_factory = StubFactory(stub_config)
        ApiClient.__init__(self, stub_factory)
Beispiel #4
0
    def run(self):
        """
         Converges the external PSC into the Management Node without shutting
         down the Platform Services Controller.
         """
        session = get_unverified_session() if self.skipverification else None

        sec_ctx = create_user_password_security_context(
                    self.username, self.password)
        # TODO The following line to be deleted when API is changed to
        #  @Release type. As of now this is only for testing
        app_ctx = ApplicationContext({SHOW_UNRELEASED_APIS: "True"})

        connector = get_requests_connector(
                session=session,
                msg_protocol='json',
                url='https://{0}:5480/api'.format(self.server),
                provider_filter_chain=[
                    LegacySecurityContextFilter(
                        security_context=sec_ctx)])
        connector.set_application_context(app_ctx)
        stub_config = StubConfigurationFactory.new_std_configuration(connector)
        deployment_type = DeploymentType(stub_config)
        """
         Running convergence task precheck.
         Remove the line ", only_precheck = True" to perform convergence.
         """
        convergence_task = deployment_type.convert_to_vcsa_embedded_task(
            DeploymentType.ConvergenceSpec(DeploymentType.PscInfo(
                sso_admin_username=self.sso_admin_username,
                sso_admin_password=self.sso_admin_password),
                only_precheck=True))

        print('Converge operation started with task ID: \n{0}'.format(
            convergence_task.get_task_id()))
Beispiel #5
0
class Connector(object):
    """ Connector interface """
    def __init__(self, api_provider, provider_filter_chain):
        """
        Connector constructor

        :type  api_provider: :class:`vmware.vapi.core.ApiProvider`
        :param api_provider: API Provider
        :type  provider_filter_chain: :class:`list` of
            :class:`vmware.vapi.provider.filter.ApiProviderFilter`
        :param provider_filter_chain: List of API filters in order they are to
            be chained
        """
        provider_chain = provider_filter_chain[:] if provider_filter_chain \
            else []
        # Get the first SecurityContextFilter from the chain
        security_context_filter = six.next(
            six.moves.filter(lambda f: isinstance(f, SecurityContextFilter),
                             provider_chain), None)
        self._legacy_security_context_filter = None
        if not security_context_filter:
            # Add the Legacy filter if no security context filter is present
            self._legacy_security_context_filter = LegacySecurityContextFilter(
            )
            provider_chain.append(self._legacy_security_context_filter)
        provider_chain.append(api_provider)
        # Chain the providers
        num_providers = len(provider_chain)
        for i, provider in enumerate(provider_chain):
            if i < num_providers - 1:
                provider.next_provider = provider_chain[i + 1]
        self._api_provider = provider_chain[0]
        self._application_context = None

    @abc.abstractmethod
    def connect(self):
        """ rpc provider connect """

    @abc.abstractmethod
    def disconnect(self):
        """ rpc provider disconnect """

    def set_application_context(self, ctx):
        """
        Set the application context

        All the subsequent calls made using this
        connector will use this as the application
        context in the ExecutionContext

        :type  ctx: :class:`vmware.vapi.core.ApplicationContext`
        :param ctx: New application context
        """
        self._application_context = ctx

    def set_security_context(self, ctx):
        """
        Set the security context

        All the subsequent calls made using this
        connector will use this as the security
        context in the ExecutionContext

        :type  ctx: :class:`vmware.vapi.core.SecurityContext`
        :param ctx: New security context
        """
        if not self._legacy_security_context_filter:
            return
            # raise?
        self._legacy_security_context_filter.set_security_context(ctx)

    def new_context(self, runtime_data=None):
        """
        create new execution context object

        :type  runtime_data: :class:`vmware.vapi.core.RuntimeData`    # pylint: disable=line-too-long
        :param runtime_data: Http runtime data
        :rtype:  :class:`vmware.vapi.core.ExecutionContext`
        :return: execution context
        """
        app_ctx = self._application_context
        # Create a default application context only if
        # the user has not provided anything
        if app_ctx is None:
            app_ctx = create_default_application_context()

        if runtime_data is None:
            runtime_data = RuntimeData()

        return ExecutionContext(application_context=app_ctx,
                                runtime_data=runtime_data)

    def get_api_provider(self):
        """
        get api provider

        :rtype:  :class:`vmware.vapi.core.ApiProvider`
        :return: api provider
        """
        return self._api_provider
Beispiel #6
0
 def setUp(self):
     self.sec_ctx_filter = LegacySecurityContextFilter(
         next_provider=MockProvider())
Beispiel #7
0
class TestSecurityContextFilter(unittest.TestCase):
    def setUp(self):
        self.sec_ctx_filter = LegacySecurityContextFilter(
            next_provider=MockProvider())

    def test_abstract_security_context_filter(self):
        self.assertRaises(TypeError, SecurityContextFilter)

    def test_authn_op_with_sec_ctx(self):
        sec_ctx = SecurityContext({
            SCHEME_ID: USER_PASSWORD_SCHEME_ID,
            USER_KEY: 'testuser',
            PASSWORD_KEY: 'password'
        })
        ctx = ExecutionContext(None, sec_ctx)
        input_val = VoidValue()
        method_result = self.sec_ctx_filter.invoke('svc', 'op2', input_val,
                                                   ctx)
        self.assertEqual(method_result.output, IntegerValue(20))
        self.assertEqual(method_result.error, None)

    def test_authn_op_with_sec_ctx_on_filter(self):
        sec_ctx = SecurityContext({
            SCHEME_ID: USER_PASSWORD_SCHEME_ID,
            USER_KEY: 'testuser',
            PASSWORD_KEY: 'password'
        })
        self.sec_ctx_filter.set_security_context(sec_ctx)
        ctx = ExecutionContext(None, None)
        input_val = VoidValue()
        method_result = self.sec_ctx_filter.invoke('svc', 'op2', input_val,
                                                   ctx)
        self.assertEqual(method_result.output, IntegerValue(20))
        self.assertEqual(method_result.error, None)

    def test_authn_op_without_sec_ctx(self):
        ctx = ExecutionContext(None, None)
        input_val = VoidValue()
        method_result = self.sec_ctx_filter.invoke('svc', 'op2', input_val,
                                                   ctx)
        self.assertEqual(method_result.output, None)
        self.assertEqual(method_result.error, error_values[3])

    def test_op_with_sec_ctx_on_filter(self):
        sec_ctx = SecurityContext({
            SCHEME_ID: USER_PASSWORD_SCHEME_ID,
            USER_KEY: 'testuser',
            PASSWORD_KEY: 'password'
        })
        self.sec_ctx_filter.set_security_context(sec_ctx)
        ctx = ExecutionContext(ApplicationContext(), None)
        input_val = VoidValue()
        method_result = self.sec_ctx_filter.invoke('svc', 'op1', input_val,
                                                   ctx)
        self.assertEqual(method_result.output, IntegerValue(10))
        self.assertEqual(method_result.error, None)

    def test_op(self):
        ctx = ExecutionContext(ApplicationContext(), None)
        input_val = VoidValue()
        method_result = self.sec_ctx_filter.invoke('svc', 'op1', input_val,
                                                   ctx)
        self.assertEqual(method_result.output, IntegerValue(10))
        self.assertEqual(method_result.error, None)