def refresh_iam_token(self, r_token, account_id=None, ims_account=None):
"""Refreshes the IAM Token, will default to values in the config file"""
iam_client = requests.Session()
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'User-Agent': consts.USER_AGENT,
'Accept': 'application/json'
}
data = {
'grant_type': 'refresh_token',
'refresh_token': r_token,
'response_type': 'cloud_iam'
}
sl_config = self.settings['softlayer']
if account_id is None and sl_config.get('account_id', False):
account_id = sl_config.get('account_id')
if ims_account is None and sl_config.get('ims_account', False):
ims_account = sl_config.get('ims_account')
data['account'] = account_id
data['ims_account'] = ims_account
try:
response = iam_client.request(
'POST',
'https://iam.cloud.ibm.com/identity/token',
data=data,
headers=headers,
auth=requests.auth.HTTPBasicAuth('bx', 'bx'))
if response.status_code != 200:
LOGGER.warning("Unable to refresh IAM Token. %s",
response.text)
response.raise_for_status()
tokens = json.loads(response.text)
except requests.HTTPError as ex:
error = json.loads(response.text)
raise exceptions.IAMError(
response.status_code, error.get('errorMessage'),
'https://iam.cloud.ibm.com/identity/token') from ex
a_expire = time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(tokens['expiration']))
r_expire = time.strftime(
'%Y-%m-%d %H:%M:%S',
time.localtime(tokens['refresh_token_expiration']))
LOGGER.warning(
"Tokens retrieved, expires at %s, Refresh expires at %s", a_expire,
r_expire)
self.settings['softlayer']['access_token'] = tokens['access_token']
self.settings['softlayer']['refresh_token'] = tokens['refresh_token']
config.write_config(self.settings, self.config_file)
self.auth = slauth.BearerAuthentication('', tokens['access_token'])
return tokens
def authenticate_with_iam_token(self, a_token, r_token=None):
"""Authenticates to the SL API with an IAM Token
:param string a_token: Access token
:param string r_token: Refresh Token, to be used if Access token is expired.
"""
self.auth = slauth.BearerAuthentication('', a_token, r_token)
def authenticate_with_passcode(self, passcode):
"""Performs IBM IAM SSO Authentication
:param string passcode: your IBMid password
"""
iam_client = requests.Session()
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'User-Agent': consts.USER_AGENT,
'Accept': 'application/json'
}
data = {
'grant_type': 'urn:ibm:params:oauth:grant-type:passcode',
'passcode': passcode,
'response_type': 'cloud_iam'
}
try:
response = iam_client.request(
'POST',
'https://iam.cloud.ibm.com/identity/token',
data=data,
headers=headers,
auth=requests.auth.HTTPBasicAuth('bx', 'bx'))
if response.status_code != 200:
LOGGER.error("Unable to login: %s", response.text)
response.raise_for_status()
tokens = json.loads(response.text)
except requests.HTTPError as ex:
error = json.loads(response.text)
raise exceptions.IAMError(
response.status_code, error.get('errorMessage'),
'https://iam.cloud.ibm.com/identity/token') from ex
self.settings['softlayer']['access_token'] = tokens['access_token']
self.settings['softlayer']['refresh_token'] = tokens['refresh_token']
a_expire = time.strftime('%Y-%m-%d %H:%M:%S',
time.localtime(tokens['expiration']))
r_expire = time.strftime(
'%Y-%m-%d %H:%M:%S',
time.localtime(tokens['refresh_token_expiration']))
LOGGER.warning(
"Tokens retrieved, expires at %s, Refresh expires at %s", a_expire,
r_expire)
config.write_config(self.settings, self.config_file)
self.auth = slauth.BearerAuthentication('', tokens['access_token'],
tokens['refresh_token'])
return tokens
def authenticate_with_password(self,
username,
password,
security_question_id=None,
security_question_answer=None):
"""Performs IBM IAM Username/Password Authentication
:param string username: your IBMid username
:param string password: your IBMid password
"""
iam_client = requests.Session()
headers = {
'Content-Type': 'application/x-www-form-urlencoded',
'User-Agent': consts.USER_AGENT,
'Accept': 'application/json'
}
data = {
'grant_type': 'password',
'password': password,
'response_type': 'cloud_iam',
'username': username
}
try:
response = iam_client.request(
'POST',
'https://iam.cloud.ibm.com/identity/token',
data=data,
headers=headers,
auth=requests.auth.HTTPBasicAuth('bx', 'bx'))
if response.status_code != 200:
LOGGER.error("Unable to login: %s", response.text)
response.raise_for_status()
tokens = json.loads(response.text)
except requests.HTTPError as ex:
error = json.loads(response.text)
raise exceptions.IAMError(
response.status_code, error.get('errorMessage'),
'https://iam.cloud.ibm.com/identity/token') from ex
self.settings['softlayer']['access_token'] = tokens['access_token']
self.settings['softlayer']['refresh_token'] = tokens['refresh_token']
config.write_config(self.settings, self.config_file)
self.auth = slauth.BearerAuthentication('', tokens['access_token'],
tokens['refresh_token'])
return tokens