def connect_via_basic_auth(self):
url = "https://{0}:{1}/mgmt/tm/sys".format(
self.provider['server'], self.provider['server_port']
)
session = iControlRestSession(
url_username=self.provider['user'],
url_password=self.provider['password'],
validate_certs=self.provider['validate_certs'],
)
response = session.get(
url,
headers=self.headers
)
if response.status not in [200]:
if b'Configuration Utility restarting...' in response.content and self.retries < 3:
time.sleep(30)
self.retries += 1
return self.connect_via_basic_auth()
else:
self.retries = 0
return None, response.content
self.retries = 0
return session, None
def connect_via_token_auth(self):
provider = self.provider['auth_provider'] or 'local'
url = "https://{0}:{1}/mgmt/shared/authn/login".format(
self.provider['server'], self.provider['server_port'])
payload = {
'username': self.provider['user'],
'password': self.provider['password'],
}
# - local is a special provider that is baked into the system and
# has no loginReference
if provider != 'local':
login_ref = self.get_login_ref(provider)
payload.update(login_ref)
session = iControlRestSession(
validate_certs=self.provider['validate_certs'])
response = session.post(url, json=payload, headers=self.headers)
if response.status not in [200]:
return None, response.content
session.request.headers['X-F5-Auth-Token'] = response.json(
)['token']['token']
return session, None
def connect_via_token_auth(self):
url = "https://{0}:{1}/mgmt/shared/authn/login".format(
self.provider['server'], self.provider['server_port']
)
payload = {
'username': self.provider['user'],
'password': self.provider['password'],
'loginProviderName': self.provider['auth_provider'] or 'tmos'
}
session = iControlRestSession(
validate_certs=self.provider['validate_certs']
)
response = session.post(
url,
json=payload,
headers=self.headers
)
if response.status not in [200]:
if b'Configuration Utility restarting...' in response.content and self.retries < 3:
time.sleep(30)
self.retries += 1
return self.connect_via_token_auth()
else:
self.retries = 0
return None, response.content
self.retries = 0
session.request.headers['X-F5-Auth-Token'] = response.json()['token']['token']
return session, None
def api(self):
ex = None
if self._client:
return self._client
for x in range(0, 10):
try:
server = self.params['provider']['server'] or self.params[
'server']
user = self.params['provider']['user'] or self.params['user']
password = self.params['provider']['password'] or self.params[
'password']
server_port = self.params['provider'][
'server_port'] or self.params['server_port'] or 443
validate_certs = self.params['provider'][
'validate_certs'] or self.params['validate_certs']
# Should we import from module??
# self.module.params['server'],
result = iControlRestSession(server,
user,
password,
port=server_port,
verify=validate_certs,
auth_provider='local',
debug=is_ansible_debug(
self.module))
self._client = result
return self._client
except Exception as ex:
time.sleep(1)
error = 'Unable to connect to {0} on port {1}.'.format(
self.params['server'], self.params['server_port'])
if ex is not None:
error += ' The reported error was "{0}".'.format(str(ex))
raise F5ModuleError(error)
def api(self):
exc = None
if self._client:
return self._client
for x in range(0, 10):
try:
url = "https://{0}:{1}/mgmt/shared/authn/login".format(
self.provider['server'], self.provider['server_port']
)
payload = {
'username': self.provider['user'],
'password': self.provider['password'],
'loginProviderName': self.provider['auth_provider'] or 'local'
}
session = iControlRestSession()
session.verify = self.provider['validate_certs']
response = session.post(url, json=payload)
if response.status not in [200]:
raise F5ModuleError('Status code: {0}. Unexpected Error: {1} for uri: {2}\nText: {3}'.format(
response.status, response.reason, response.url, response._content
))
session.headers['X-F5-Auth-Token'] = response.json()['token']['token']
self._client = session
return self._client
except Exception as ex:
exc = ex
time.sleep(1)
error = 'Unable to connect to {0} on port {1}.'.format(
self.provider['server'], self.provider['server_port']
)
if exc is not None:
error += ' The reported error was "{0}".'.format(str(exc))
raise F5ModuleError(error)
def connect_via_basic_auth(self):
url = "https://{0}:{1}/mgmt/tm/sys".format(
self.provider['server'], self.provider['server_port'])
session = iControlRestSession(
url_username=self.provider['user'],
url_password=self.provider['password'],
validate_certs=self.provider['validate_certs'],
)
response = session.get(url, headers=self.headers)
if response.status not in [200]:
return None, response.content
return session, None
def read_provider_info_from_device(self):
uri = "https://{0}:{1}/info/system".format(
self.provider['server'], self.provider['server_port'])
session = iControlRestSession()
session.verify = self.provider['validate_certs']
resp = session.get(uri)
try:
response = resp.json()
except ValueError as ex:
raise F5ModuleError(str(ex))
if 'code' in response and response['code'] == 400:
if 'message' in response:
raise F5ModuleError(response['message'])
else:
raise F5ModuleError(resp.content)
return response
def connect_via_token_auth(self):
url = "https://{0}:{1}/mgmt/shared/authn/login".format(
self.provider['server'], self.provider['server_port'])
payload = {
'username': self.provider['user'],
'password': self.provider['password'],
'loginProviderName': self.provider['auth_provider'] or 'tmos'
}
session = iControlRestSession(
validate_certs=self.provider['validate_certs'])
response = session.post(url, json=payload, headers=self.headers)
if response.status not in [200]:
return None, response.content
session.request.headers['X-F5-Auth-Token'] = response.json(
)['token']['token']
return session, None
def generate_license_from_remote(self):
mgmt = iControlRestSession(
validate_certs=False,
headers={
'SOAPAction': '""',
'Content-Type': 'text/xml; charset=utf-8',
}
)
for x in range(0, 10):
try:
resp = mgmt.post(
self.want.license_url,
data=self.want.license_envelope,
)
except Exception:
continue
try:
resp = LicenseXmlParser(content=resp.content)
result = resp.json()
except F5ModuleError:
# This error occurs when there is a problem with the license server and it
# starts returning invalid XML (like if they upgraded something and the server
# is redirecting improperly.
#
# There's no way to recover from this error except by notifying F5 that there
# is an issue with the license server.
raise
except Exception:
continue
if result['state'] == 'EULA_REQUIRED':
self.want.update({'eula': result['eula']})
continue
if result['state'] == 'LICENSE_RETURNED':
return result
elif result['state'] == 'EMAIL_REQUIRED':
raise F5ModuleError("Email must be provided")
elif result['state'] == 'CONTACT_INFO_REQUIRED':
raise F5ModuleError("Contact info must be provided")
else:
raise F5ModuleError(result['fault_text'])
def generate_license_from_remote(self):
mgmt = iControlRestSession()
mgmt.verify = False
mgmt.headers = {
'SOAPAction': '""',
'Content-Type': 'text/xml; charset=utf-8',
}
for x in range(0, 10):
try:
resp = mgmt.post(self.want.license_url, data=self.want.license_envelope)
except Exception as ex:
continue
try:
resp = LicenseXmlParser(content=resp._content)
result = resp.json()
except F5ModuleError as ex:
# This error occurs when there is a problem with the license server and it
# starts returning invalid XML (like if they upgraded something and the server
# is redirecting improperly.
#
# There's no way to recover from this error except by notifying F5 that there
# is an issue with the license server.
raise
except Exception as ex:
continue
if result['state'] == 'EULA_REQUIRED':
self.want.update({'eula': result['eula']})
continue
if result['state'] == 'LICENSE_RETURNED':
return result
elif result['state'] == 'EMAIL_REQUIRED':
raise F5ModuleError("Email must be provided")
elif result['state'] == 'CONTACT_INFO_REQUIRED':
raise F5ModuleError("Contact info must be provided")
else:
raise F5ModuleError(result['fault_text'])