def add(isamAppliance,
name,
definitionName,
companyName,
redirectUri=None,
companyUrl=None,
contactPerson=None,
contactType=None,
email=None,
phone=None,
otherInfo=None,
clientId=None,
clientSecret=None,
check_mode=False,
force=False):
"""
Create an API protection definition
"""
ret_obj = definitions.search(isamAppliance,
definitionName,
check_mode=check_mode,
force=force)
if ret_obj['data'] == {}:
warnings = ret_obj["warnings"]
warnings.append(
"API Protection Definition {0} is not found. Cannot process client request."
.format(definitionName))
return isamAppliance.create_return_object(warnings=warnings)
else:
definition = ret_obj['data']
ret_obj = search(isamAppliance,
name=name,
check_mode=check_mode,
force=force)
warnings = ret_obj["warnings"]
if force is True or ret_obj["data"] == {}:
if check_mode is True:
return isamAppliance.create_return_object(changed=True,
warnings=warnings)
else:
# Create a simple json with just the main client attributes
client_json = {
"name": name,
"definition": definition,
"companyName": companyName
}
# Add attributes that have been supplied... otherwise skip them.
if redirectUri is not None:
client_json["redirectUri"] = redirectUri
if companyUrl is not None:
client_json["companyUrl"] = companyUrl
if contactPerson is not None:
client_json["contactPerson"] = contactPerson
if contactType is not None:
client_json["contactType"] = contactType
if email is not None:
client_json["email"] = email
if phone is not None:
client_json["phone"] = phone
if otherInfo is not None:
client_json["otherInfo"] = otherInfo
if clientId is not None:
client_json["clientId"] = clientId
if clientSecret is not None:
client_json["clientSecret"] = clientSecret
return isamAppliance.invoke_post(
"Create an API protection definition",
uri,
client_json,
requires_modules=requires_modules,
requires_version=requires_version,
warnings=warnings)
return isamAppliance.create_return_object(warnings=warnings)
def add(isamAppliance,
name,
definitionName,
companyName,
redirectUri=None,
companyUrl=None,
contactPerson=None,
contactType=None,
email=None,
phone=None,
otherInfo=None,
clientId=None,
clientSecret=None,
requirePkce=None,
encryptionDb=None,
encryptionCert=None,
jwksUri=None,
extProperties=None,
check_mode=False,
force=False):
"""
Create an API protection definition
"""
ret_obj = definitions.search(isamAppliance,
definitionName,
check_mode=check_mode,
force=force)
if ret_obj['data'] == {}:
warnings = ret_obj["warnings"]
warnings.append(
"API Protection Definition {0} is not found. Cannot process client request."
.format(definitionName))
return isamAppliance.create_return_object(warnings=warnings)
else:
definition = ret_obj['data']
ret_obj = search(isamAppliance,
name=name,
check_mode=check_mode,
force=force)
warnings = ret_obj["warnings"]
if force is True or ret_obj["data"] == {}:
if check_mode is True:
return isamAppliance.create_return_object(changed=True,
warnings=warnings)
else:
# Create a simple json with just the main client attributes
client_json = {
"name": name,
"definition": definition,
"companyName": companyName
}
# Add attributes that have been supplied... otherwise skip them.
if redirectUri is not None:
client_json["redirectUri"] = redirectUri
if companyUrl is not None:
client_json["companyUrl"] = companyUrl
if contactPerson is not None:
client_json["contactPerson"] = contactPerson
if contactType is not None:
client_json["contactType"] = contactType
if email is not None:
client_json["email"] = email
if phone is not None:
client_json["phone"] = phone
if otherInfo is not None:
client_json["otherInfo"] = otherInfo
if clientId is not None:
client_json["clientId"] = clientId
if clientSecret is not None:
client_json["clientSecret"] = clientSecret
if requirePkce is not None:
if tools.version_compare(isamAppliance.facts["version"],
"9.0.4.0") < 0:
warnings.append(
"Appliance at version: {0}, requirePkce: {1} is not supported. Needs 9.0.4.0 or higher. Ignoring requirePkce for this call."
.format(isamAppliance.facts["version"], requirePkce))
else:
client_json["requirePkce"] = requirePkce
if encryptionDb is not None:
if tools.version_compare(isamAppliance.facts["version"],
"9.0.4.0") < 0:
warnings.append(
"Appliance at version: {0}, encryptionDb: {1} is not supported. Needs 9.0.4.0 or higher. Ignoring encryptionDb for this call."
.format(isamAppliance.facts["version"], encryptionDb))
else:
client_json["encryptionDb"] = encryptionDb
if encryptionCert is not None:
if tools.version_compare(isamAppliance.facts["version"],
"9.0.4.0") < 0:
warnings.append(
"Appliance at version: {0}, encryptionCert: {1} is not supported. Needs 9.0.4.0 or higher. Ignoring encryptionCert for this call."
.format(isamAppliance.facts["version"],
encryptionCert))
else:
client_json["encryptionCert"] = encryptionCert
if jwksUri is not None:
if tools.version_compare(isamAppliance.facts["version"],
"9.0.4.0") < 0:
warnings.append(
"Appliance at version: {0}, jwksUri: {1} is not supported. Needs 9.0.4.0 or higher. Ignoring jwksUri for this call."
.format(isamAppliance.facts["version"], jwksUri))
else:
client_json["jwksUri"] = jwksUri
if extProperties is not None:
if tools.version_compare(isamAppliance.facts["version"],
"9.0.5.0") < 0:
warnings.append(
"Appliance at version: {0}, extProperties: {1} is not supported. Needs 9.0.5.0 or higher. Ignoring extProperties for this call."
.format(isamAppliance.facts["version"], extProperties))
else:
client_json["extProperties"] = extProperties
return isamAppliance.invoke_post(
"Create an API protection definition",
uri,
client_json,
requires_modules=requires_modules,
requires_version=requires_version,
warnings=warnings)
return isamAppliance.create_return_object(warnings=warnings)
def update(isamAppliance,
name,
definitionName,
companyName,
redirectUri=None,
companyUrl=None,
contactPerson=None,
contactType=None,
email=None,
phone=None,
otherInfo=None,
clientId=None,
clientSecret=None,
check_mode=False,
force=False,
new_name=None):
"""
Update a specified mapping rule
"""
ret_obj = definitions.search(isamAppliance,
definitionName,
check_mode=check_mode,
force=force)
if ret_obj['data'] == {}:
warnings = ret_obj["warnings"]
warnings.append(
"API Protection Definition {0} is not found. Cannot process client request."
.format(definitionName))
return isamAppliance.create_return_object(warnings=warnings)
else:
definition = ret_obj['data']
ret_obj = get(isamAppliance, name)
warnings = ret_obj["warnings"]
if ret_obj["data"] == {}:
warnings.append("Client {0} not found, skipping update.".format(name))
return isamAppliance.create_return_object(warnings=warnings)
else:
id = ret_obj["data"]["id"]
needs_update = False
# Create a simple json with just the main client attributes
json_data = {"definition": definition, "companyName": companyName}
if new_name is not None:
json_data['name'] = new_name
else:
json_data['name'] = name
if force is not True:
del ret_obj['data']['id']
# Add attributes that have been supplied... otherwise skip them.
if redirectUri is not None:
json_data["redirectUri"] = redirectUri
elif 'redirectUri' in ret_obj['data']:
del ret_obj['data']['redirectUri']
if companyUrl is not None:
json_data["companyUrl"] = companyUrl
elif 'companyUrl' in ret_obj['data']:
del ret_obj['data']['companyUrl']
if contactPerson is not None:
json_data["contactPerson"] = contactPerson
elif 'contactPerson' in ret_obj['data']:
del ret_obj['data']['contactPerson']
if contactType is not None:
json_data["contactType"] = contactType
elif 'contactType' in ret_obj['data']:
del ret_obj['data']['contactType']
if email is not None:
json_data["email"] = email
elif 'email' in ret_obj['data']:
del ret_obj['data']['email']
if phone is not None:
json_data["phone"] = phone
elif 'phone' in ret_obj['data']:
del ret_obj['data']['phone']
if otherInfo is not None:
json_data["otherInfo"] = otherInfo
elif 'otherInfo' in ret_obj['data']:
del ret_obj['data']['otherInfo']
if clientId is not None:
json_data["clientId"] = clientId
elif 'clientId' in ret_obj['data']:
del ret_obj['data']['clientId']
if clientSecret is not None:
json_data["clientSecret"] = clientSecret
elif 'clientSecret' in ret_obj['data']:
del ret_obj['data']['clientSecret']
if ibmsecurity.utilities.tools.json_sort(
ret_obj['data']) != ibmsecurity.utilities.tools.json_sort(
json_data):
needs_update = True
if force is True or needs_update is True:
if check_mode is True:
return isamAppliance.create_return_object(changed=True,
warnings=warnings)
else:
return isamAppliance.invoke_put("Update a specified mapping rule",
"{0}/{1}".format(uri, id),
json_data,
requires_modules=requires_modules,
requires_version=requires_version,
warnings=warnings)
return isamAppliance.create_return_object(warnings=warnings)
def update(isamAppliance,
name,
definitionName,
companyName,
redirectUri=None,
companyUrl=None,
contactPerson=None,
contactType=None,
email=None,
phone=None,
otherInfo=None,
clientId=None,
clientSecret=None,
requirePkce=None,
encryptionDb=None,
encryptionCert=None,
jwksUri=None,
extProperties=None,
check_mode=False,
force=False,
new_name=None):
"""
Update a specified mapping rule
"""
ret_obj = definitions.search(isamAppliance,
definitionName,
check_mode=check_mode,
force=force)
if ret_obj['data'] == {}:
warnings = ret_obj["warnings"]
warnings.append(
"API Protection Definition {0} is not found. Cannot process client request."
.format(definitionName))
return isamAppliance.create_return_object(warnings=warnings)
else:
definition = ret_obj['data']
ret_obj = get(isamAppliance, name)
warnings = ret_obj["warnings"]
if ret_obj["data"] == {}:
warnings.append("Client {0} not found, skipping update.".format(name))
return isamAppliance.create_return_object(warnings=warnings)
else:
id = ret_obj["data"]["id"]
needs_update = False
# Create a simple json with just the main client attributes
json_data = {"definition": definition, "companyName": companyName}
if new_name is not None:
json_data['name'] = new_name
else:
json_data['name'] = name
if force is not True:
del ret_obj['data']['id']
# Add attributes that have been supplied... otherwise skip them.
if redirectUri is not None:
json_data["redirectUri"] = redirectUri
elif 'redirectUri' in ret_obj['data']:
del ret_obj['data']['redirectUri']
if companyUrl is not None:
json_data["companyUrl"] = companyUrl
elif 'companyUrl' in ret_obj['data']:
del ret_obj['data']['companyUrl']
if contactPerson is not None:
json_data["contactPerson"] = contactPerson
elif 'contactPerson' in ret_obj['data']:
del ret_obj['data']['contactPerson']
if contactType is not None:
json_data["contactType"] = contactType
elif 'contactType' in ret_obj['data']:
del ret_obj['data']['contactType']
if email is not None:
json_data["email"] = email
elif 'email' in ret_obj['data']:
del ret_obj['data']['email']
if phone is not None:
json_data["phone"] = phone
elif 'phone' in ret_obj['data']:
del ret_obj['data']['phone']
if otherInfo is not None:
json_data["otherInfo"] = otherInfo
elif 'otherInfo' in ret_obj['data']:
del ret_obj['data']['otherInfo']
if clientId is not None:
json_data["clientId"] = clientId
elif 'clientId' in ret_obj['data']:
del ret_obj['data']['clientId']
if clientSecret is not None:
json_data["clientSecret"] = clientSecret
elif 'clientSecret' in ret_obj['data']:
del ret_obj['data']['clientSecret']
if requirePkce is not None:
if tools.version_compare(isamAppliance.facts["version"],
"9.0.4.0") < 0:
warnings.append(
"Appliance at version: {0}, requirePkce: {1} is not supported. Needs 9.0.4.0 or higher. Ignoring requirePkce for this call."
.format(isamAppliance.facts["version"], requirePkce))
else:
json_data["requirePkce"] = requirePkce
elif 'requirePkce' in ret_obj['data']:
del ret_obj['data']['requirePkce']
if encryptionDb is not None:
if tools.version_compare(isamAppliance.facts["version"],
"9.0.4.0") < 0:
warnings.append(
"Appliance at version: {0}, encryptionDb: {1} is not supported. Needs 9.0.4.0 or higher. Ignoring encryptionDb for this call."
.format(isamAppliance.facts["version"], encryptionDb))
else:
json_data["encryptionDb"] = encryptionDb
elif 'encryptionDb' in ret_obj['data']:
del ret_obj['data']['encryptionDb']
if encryptionCert is not None:
if tools.version_compare(isamAppliance.facts["version"],
"9.0.4.0") < 0:
warnings.append(
"Appliance at version: {0}, encryptionCert: {1} is not supported. Needs 9.0.4.0 or higher. Ignoring encryptionCert for this call."
.format(isamAppliance.facts["version"], encryptionCert))
else:
json_data["encryptionCert"] = encryptionCert
elif 'encryptionCert' in ret_obj['data']:
del ret_obj['data']['encryptionCert']
if jwksUri is not None:
if tools.version_compare(isamAppliance.facts["version"],
"9.0.4.0") < 0:
warnings.append(
"Appliance at version: {0}, jwksUri: {1} is not supported. Needs 9.0.4.0 or higher. Ignoring jwksUri for this call."
.format(isamAppliance.facts["version"], jwksUri))
else:
json_data["jwksUri"] = jwksUri
elif 'jwksUri' in ret_obj['data']:
del ret_obj['data']['jwksUri']
if extProperties is not None:
if tools.version_compare(isamAppliance.facts["version"],
"9.0.5.0") < 0:
warnings.append(
"Appliance at version: {0}, extProperties: {1} is not supported. Needs 9.0.5.0 or higher. Ignoring extProperties for this call."
.format(isamAppliance.facts["version"], extProperties))
else:
json_data["extProperties"] = extProperties
elif 'extProperties' in ret_obj['data']:
del ret_obj['data']['extProperties']
sorted_ret_obj = tools.json_sort(ret_obj['data'])
sorted_json_data = tools.json_sort(json_data)
logger.debug("Sorted Existing Data:{0}".format(sorted_ret_obj))
logger.debug("Sorted Desired Data:{0}".format(sorted_json_data))
if sorted_ret_obj != sorted_json_data:
needs_update = True
if force is True or needs_update is True:
if check_mode is True:
return isamAppliance.create_return_object(changed=True,
warnings=warnings)
else:
return isamAppliance.invoke_put("Update a specified mapping rule",
"{0}/{1}".format(uri, id),
json_data,
requires_modules=requires_modules,
requires_version=requires_version,
warnings=warnings)
return isamAppliance.create_return_object(warnings=warnings)