class RuntimeComponent(object):
def __init__(self, base_url, username, password):
super(RuntimeComponent, self).__init__()
self.client = RESTClient(base_url, username, password)
def configure(
self, ps_mode=None, user_registry=None, admin_password=None,
ldap_password=None, admin_cert_lifetime=None, ssl_compliance=None,
ldap_host=None, ldap_port=None, isam_domain=None, ldap_dn=None,
ldap_suffix=None, ldap_ssl_db=None, ldap_ssl_label=None,
isam_host=None, isam_port=None):
data = DataObject()
data.add_value_string("ps_mode", ps_mode)
data.add_value_string("user_registry", user_registry)
data.add_value_string("admin_cert_lifetime", admin_cert_lifetime)
data.add_value_string("ssl_compliance", ssl_compliance)
data.add_value_string("admin_pwd", admin_password)
data.add_value_string("ldap_pwd", ldap_password)
data.add_value_string("ldap_host", ldap_host)
data.add_value_string("domain", isam_domain)
data.add_value_string("ldap_dn", ldap_dn)
data.add_value_string("ldap_suffix", ldap_suffix)
if ldap_ssl_db is not None:
data.add_value_string("ldap_ssl_db", ldap_ssl_db if ldap_ssl_db.endswith(".kdb") else ldap_ssl_db+".kdb")
data.add_value_string("usessl", "on")
data.add_value_string("ldap_ssl_label", ldap_ssl_label)
data.add_value_string("isam_host", isam_host)
data.add_value("ldap_port", ldap_port)
data.add_value("isam_port", isam_port)
response = self.client.post_json(RUNTIME_COMPONENT, data.data)
response.success = response.status_code == 200
return response
def get_status(self):
"""
Query the ISAM API to get the runtime components list.
:return: PyISAM Response
"""
response = self.client.get_json(RUNTIME_COMPONENT)
response.success = response.status_code == 200
return response
def update_embedded_ldap_password(self, password):
data = DataObject()
data.add_value_string("password", password)
response = self.client.post_json(EMBEDDED_LDAP_PASSWORD, data.data)
response.success = response.status_code == 200
return response
class Attributes(object):
def __init__(self, base_url, username, password):
super(Attributes, self).__init__()
self.client = RESTClient(base_url, username, password)
def create_attribute(
self, category=None, matcher=None, issuer=None, description=None,
name=None, datatype=None, uri=None, storage_session=None,
storage_behavior=None, storage_device=None, type_risk=None,
type_policy=None):
storage_data = DataObject()
storage_data.add_value("session", storage_session)
storage_data.add_value("behavior", storage_behavior)
storage_data.add_value("device", storage_device)
type_data = DataObject()
type_data.add_value("risk", type_risk)
type_data.add_value("policy", type_policy)
data = DataObject()
data.add_value_string("category", category)
data.add_value_string("matcher", matcher)
data.add_value_string("issuer", issuer)
data.add_value_string("description", description)
data.add_value_string("name", name)
data.add_value_string("datatype", datatype)
data.add_value_string("uri", uri)
data.add_value("predefined", False)
data.add_value_not_empty("storageDomain", storage_data.data)
data.add_value_not_empty("type", type_data.data)
response = self.client.post_json(ATTRIBUTES, data.data)
response.success = response.status_code == 201
return response
def list_attributes(
self, sort_by=None, count=None, start=None, filter=None):
parameters = DataObject()
parameters.add_value_string("sortBy", sort_by)
parameters.add_value_string("count", count)
parameters.add_value_string("start", start)
parameters.add_value_string("filter", filter)
response = self.client.get_json(ATTRIBUTES, parameters.data)
response.success = response.status_code == 200
return response
def list_attribute_matchers(self, sort_by=None, filter=None):
parameters = DataObject()
parameters.add_value_string("sortBy", sort_by)
parameters.add_value_string("filter", filter)
response = self.client.get_json(ATTRIBUTE_MATCHERS, parameters.data)
response.success = response.status_code == 200
return response
class ClientCertMapping(object):
def __init__(self, base_url, username, password):
super(ClientCertMapping, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, name=None, content=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("content", content)
response = self.client.post_json(CLIENT_CERT_CDAS, data.data)
response.success = response.status_code == 200
return response
def update(self, _id=None, content=None):
data = DataObject()
data.add_value("content", content)
data.add_value_string("id", _id)
endpoint = CLIENT_CERT_CDAS + "/{}".format(_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def delete(self, _id=None):
endpoint = CLIENT_CERT_CDAS + "/{}".format(_id)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 204
return response
def get(self, _id):
endpoint = CLIENT_CERT_CDAS + "/{}".format(_id)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def get_template(self, tempalte_id=None):
endpoit = "/isam/wga_templates/client_cert_cdas_template"
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def list(self):
response = self.client.get_json(CLIENT_CERT_CDAS)
response.success = response.status_code == 200
return response
class URLMapping(object):
def __init__(self, base_url, username, password):
super(URLMapping, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, name=None, dynurl_config_data=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("dynurl_config_data", dynurl_config_data)
response = self.client.post_json(URL_MAPPING, data.data)
response.success = response.status_code == 200
return response
def update(self, _id=None, dynurl_config_data=None):
data = DataObject()
data.add_value("dynurl_config_data", dynurl_config_data)
endpoint = URL_MAPPING + "/{}".format(_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def delete(self, _id=None):
endpoint = URL_MAPPING + "/{}".format(_id)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 204
return response
def get(self, _id):
endpoint = URL_MAPPING + "/{}".format(_id)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def get_template(self):
endpoint = "/isam/wga_templates/dynurl_template"
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def list(self):
response = self.client.get_json(URL_MAPPING)
response.success = response.status_code == 200
return response
class DocumentRoot(object):
def __init__(self, base_url, username, password):
super(DocumentRoot, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, instance, file_name=None, file_type=None, contents=None):
data = DataObject()
data.add_value_string("file_name", file_name)
data.add_value_string("type", file_type)
data.add_value_string("contents", contents)
endpoint = APIAC + "/instance/{}/documentation".format(instance)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def rename(self, instance, name=None, new_name=None, file_type=None):
data = DataObject()
data.add_value_string("new_name", new_name)
data.add_value_string("type", file_type)
endpoint = APIAC + "/instance/{}/documentation/{}".format(
instance, name)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def update(self, instance, name=None, file_type=None, contents=None):
data = DataObject()
data.add_value_string("contents", contents)
data.add_value_string("type", file_type)
endpoint = APIAC + "/instance/{}/documentation/{}".format(
instance, name)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def get(self, instance, name=None):
endpoint = APIAC + "/instance/{}/documentation/{}".format(
instance, name)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def list(self, instance):
endpoint = APIAC + "/instance/{}/documentation".format(instance)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
class Licensing(object):
def __init__(self, base_url, username, password):
super(Licensing, self).__init__()
self.client = RESTClient(base_url, username, password)
def activate_module(self, code):
data = DataObject()
data.add_value_string("code", code)
endpoint = CAPABILITIES + "/v1"
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def get_activated_module(self, id):
endpoint = "%s/%s/v1" % (CAPABILITIES, id)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def get_activated_modules(self):
endpoint = CAPABILITIES + "/v1"
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def import_activation_code(self, file_path):
response = Response()
try:
with open(file_path, 'rb') as code:
data = DataObject()
data.add_value_string("name", "activation")
files = {"filename": code}
endpoint = CAPABILITIES + "/v1"
response = self.client.post_file(endpoint,
data=data.data,
files=files)
response.success = response.status_code == 200
except IOError as e:
logger.error(e)
response.success = False
return response
class Policies(object):
def __init__(self, base_url, username, password):
super(Policies, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, name=None, groups=[], attributes=[]):
data = DataObject()
data.add_value_string("name", name)
data.add_value_not_empty("group", grups)
data.add_value_not_empty("attributes", attributes)
response = self.client.post_json(POLICY, data.data)
response.success = response.status_code == 200
return response
def update(self, name, groups=[], attributes=[]):
data = DataObject()
data.add_value_not_empty("groups", groups)
data.add_value_not_empty("attributes", attributes)
endpoint = POLICY + "/{}".format(name)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def get(self, name=None):
endpoint = POLICY + "/{}".format(name)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def delete(self, name=None):
endpoint = POLICY + "/{}".format(name)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 200
return response
def list(self):
response = self.client.get_json(POLICY)
response.success = response.status_code == 200
return response
class ServerConnections9050(ServerConnections):
def __init__(self, base_url, username, password):
super(ServerConnections, self).__init__()
self.client = RESTClient(base_url, username, password)
def create_isam_runtime(
self, name=None, description=None, locked=None,
connection_bind_dn=None,
connection_bind_pwd=None, connection_ssl_truststore=None,
connection_ssl_auth_key=None,
connection_ssl=None, connect_timeout=None, servers=None):
connection_data = DataObject()
connection_data.add_value_string("bindDN", connection_bind_dn)
connection_data.add_value_string("bindPwd", connection_bind_pwd)
connection_data.add_value_string(
"sslTruststore", connection_ssl_truststore)
connection_data.add_value_string("sslAuthKey", connection_ssl_auth_key)
connection_data.add_value("ssl", connection_ssl)
manager_data = DataObject()
manager_data.add_value("connectTimeout", connect_timeout)
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("description", description)
data.add_value_string("type", "isamruntime")
data.add_value("locked", locked)
data.add_value("servers", servers)
data.add_value_not_empty("connection", connection_data.data)
data.add_value_not_empty("connectionManager", manager_data.data)
endpoint = SERVER_CONNECTION_ISAM_RUNTIME + "/v1"
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 201
return response
def get_runtime(self):
endpoint = SERVER_CONNECTION_ISAM_RUNTIME + "/v1"
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def delete_runtime(self, uuid):
endpoint = "%s/%s/v1" % (SERVER_CONNECTION_ISAM_RUNTIME, uuid)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 204
return response
class HTTP_Transform(object):
def __init__(self, base_url, username, password):
super(HTTP_Transform, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, name=None, template=None, contents=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("template", template)
data.add_value_string("contents", contents)
response = self.client.post_json(HTTP_TRANSFORM, data.data)
response.success = response.status_code == 200
return response
def update(self, _id, content=None):
data = DataObject()
data.add_vale_string("content", content)
endpoint = HTTP_TRANSFORM + "/{}".format(_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.stauts_code == 200
return response
def delete(self, _id=None):
endpoint = HTTP_TRANSFORM + "/{}".format(_id)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 200
return repsonse
def get(self, _id=None):
endpoint = HTTP_TRANSFORM + "/{}".format(_id)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def list(self):
response = self.client.get_json(HTTP_TRANSFORM)
response.success = response.status_code == 200
return response
class HostsFile(object):
def __init__(self, base_url, username, password):
super(HostsFile, self).__init__()
self.client = RESTClient(base_url, username, password)
def add_hostname(self, address, hostname=None):
data = DataObject()
data.add_value_string("name", hostname)
endpoint = "%s/%s/hostnames" % (HOST_RECORDS, address)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def create_record(self, address, hostname_list):
hostnames = []
for entry in hostname_list:
hostnames.append({"name": str(entry)})
data = DataObject()
data.add_value_string("addr", address)
data.add_value_not_empty("hostnames", hostnames)
response = self.client.post_json(HOST_RECORDS, data.data)
response.success = response.status_code == 200
return response
def get_record(self, address):
endpoint = "%s/%s/hostnames" % (HOST_RECORDS, address)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
class Rate_Limit(object):
def __init__(self, base_url, username, password):
super(Rate_Limit, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, name=None, content=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("content", content)
response = self.client.post_json(RATELIMIT, data.data)
response.success = response.status_code == 200
return response
def update(self, _id=None, content=None):
data = DataObject()
data.add_value("content", content)
endpoint = RATELIMIT + "/{}".format(_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def delete(self, _id=None):
endpoint = RATELIMIT + "/{}".format(_id)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 204
return response
def get(self, _id):
endpoint = RATELIMIT + "/{}".format(_id)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def list(self):
response = self.client.get_json(RATELIMIT)
response.success = response.status_code == 200
return response
class RSA(object):
def __init__(self, base_url, username, password):
super(RSA, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, server_config_file=None):
response = Response()
endpoint = RSA_CONFIG + "/server_config"
try:
with open(server_config_file, "r") as server_config:
files = {"server_config": server_config}
response = self.client.post_file(endpoint, files=files)
response.success = response.status_code == 200
except IOError as e:
logger.error(e)
response.success = False
return response
def get(self):
response = self.client.get_json(RSA_CONFIG)
response.success = response.status_code == 200
return response
def test(self, username=None, password=None):
endpoint = RSA_CONFIG + "/test"
data = DataObject()
data.add_value_string("username", username)
data.add_value_string("password", password)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def delete(self):
endpoint = RSA_CONFIG + "/server_config"
response = self.client.delete_json(endpoint)
response.success = response.status_code == 204
return response
def delete_node_secret(self):
endpoint = RSA_CONFIG + "/nose_secret"
response = self.client.delete_json(endpoint)
response.success = response.status_code == 204
return response
class PolicyAdmin(object):
def __init__(self, base_url, username, password):
super(PolicyAdmin, self).__init__()
self.client = RESTClient(base_url, username, password)
def execute(self, admin_id, admin_pwd, commands):
data = DataObject()
data.add_value_string("admin_id", admin_id)
data.add_value_string("admin_pwd", admin_pwd)
data.add_value("commands", commands)
response = self.client.post_json(PDADMIN, data.data)
response.success = response.status_code == 200
return response
class CLICommands(object):
def __init__(self, base_url, username, password):
super(CLICommands, self).__init__()
self.client = RESTClient(base_url, username, password)
def run(
self, command=None,input_array=None):
data = DataObject()
data.add_value_string("command", command)
data.add_value("input", input_array)
response = self.client.post_json(CLI_COMMAND, data.data)
response.success = response.status_code == 200
return response
class RuntimeParameters(object):
def __init__(self, base_url, username, password):
super(RuntimeParameters, self).__init__()
self.client = RESTClient(base_url, username, password)
def update(self, parameter, value=None):
data = DataObject()
data.add_value("value", value)
endpoint = "%s/%s/v1" % (RUNTIME_TUNING, parameter)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def get_runtime_tuning(self):
endpoint = "%s/v1" % RUNTIME_TUNING
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def add_listening_interface(self, interface, port, secure=None):
data = DataObject()
data.add_value("interface", interface)
data.add_value("port", port)
data.add_value("secure", secure)
endpoint = "%s/%s/v1" % (RUNTIME_TUNING, ENDPOINTS)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def delete_listening_interface(self, interface, port):
endpoint = "%s/%s/%s:%d/v1" % (RUNTIME_TUNING, ENDPOINTS, interface,
port)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 204
return response
class AdvancedTuning(object):
def __init__(self, base_url, username, password):
super(AdvancedTuning, self).__init__()
self.client = RESTClient(base_url, username, password)
def create_parameter(self, key=None, value=None, comment=None):
data = DataObject()
data.add_value_string("key", key)
data.add_value_string("value", value)
data.add_value_string("comment", comment)
data.add_value("_isNew", True)
response = self.client.post_json(ADVANCED_PARAMETERS, data.data)
response.success = response.status_code == 201
return response
def update_parameter(self, id=None, key=None, value=None, comment=None):
data = DataObject()
data.add_value_string("key", key)
data.add_value_string("value", value)
data.add_value_string("comment", comment)
response = self.client.put_json(ADVANCED_PARAMETERS + "/" + id,
data.data)
response.success = response.status_code == 200
return response
def list_parameters(self):
response = self.client.get_json(ADVANCED_PARAMETERS)
response.success = response.status_code == 200
if response.success:
response.json = response.json.get("tuningParameters", [])
return response
def delete_parameter(self, uuid=None):
endpoint = ADVANCED_PARAMETERS + "/{}".format(uuid)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 204
return response
class RiskProfiles(object):
def __init__(self, base_url, username, password):
super(RiskProfiles, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, description=None, name=None, active=None, attributes=None):
data = DataObject()
data.add_value_string("description", description)
data.add_value_string("name", name)
data.add_value("active", active)
data.add_value("attributes", attributes)
data.add_value("predefined", False)
response = self.client.post_json(RISK_PROFILES, data.data)
response.success = response.status_code == 201
return response
class ConfigDb(object):
def __init__(self, base_url, username, password):
super(ConfigDb, self).__init__()
self.client = RESTClient(base_url, username, password)
"""
setup the CONFIG database.
"""
def set_db(self,
db_type=None,
port=None,
host=None,
secure=True,
user=None,
passwd=None,
db_name=None):
data = DataObject()
get_response = self.get_db()
data.data = get_response.json
data.add_value_string("cfgdb_address", host)
data.add_value_string("cfgdb_port", port)
data.add_value_string("cfgdb_secure", "true" if secure else "false")
data.add_value_string("cfgdb_user", user)
data.add_value_string("cfgdb_password", passwd)
data.add_value_string("cfgdb_db_name", db_name)
data.add_value_string("cfgdb_db_type", db_type)
endpoint = CONFIG_DB
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def get_db(self):
endpoint = CONFIG_DB
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
class FSSO(object):
def __init__(self, base_url, username, password):
super(FSSO, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, name=None, fsso_config_data=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_string("fsso_config_data", fsso_config_data)
response = self.client.post_json(FSSO_CONFIG, data.data)
response.success = response.status_code == 200
return response
def update(self, _id=None, fsso_config_data=None):
data = DataObject()
data.add_value("fsso_config_data", fsso_config_data)
endpoint = FSSO_CONFIG + "/{}".format(_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def delete(self, _id=None):
endpoint = FSSO_CONFIG + "/{}".format(_id)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 204
return response
def get(self, _id):
endpoint = FSSO_CONFIG + "/{}".format(_id)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def list(self):
response = self.client.get_json(FSSO_CONFIG)
response.success = response.status_code == 200
return response
class PasswordStrength(object):
def __init__(self, base_url, username, password):
super(PasswordStrength, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, name=None, content=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_not_empty("content", content)
response = self.client.post_json(PASSWORD_STRENGTH, data.data)
response.success = response.status_code == 200
return response
def update(self, name=None, new_name=None content=None):
class AttributeSources(object):
def __init__(self, base_url, username, password):
super(AttributeSources, self).__init__()
self.client = RESTClient(base_url, username, password)
def create_attribute_source(self,
attribute_name=None,
attribute_type=None,
attribute_value=True,
properties=None):
data = DataObject()
data.add_value_string("name", attribute_name)
data.add_value_string("type", attribute_type)
data.add_value_string("value", attribute_value)
data.add_value("properties", properties)
response = self.client.post_json(ATTRIBUTE_SOURCES, data.data)
response.success = response.status_code == 201
return response
class MMFAConfig(object):
def __init__(self, base_url, username, password):
super(MMFAConfig, self).__init__()
self.client = RESTClient(base_url, username, password)
def update(self,
client_id=None,
hostname=None,
junction=None,
options=None,
port=None):
data = DataObject()
data.add_value_string("client_id", client_id)
data.add_value_string("hostname", hostname)
data.add_value_string("junction", junction)
data.add_value_string("options", options)
data.add_value("port", port)
response = self.client.post_json(MMFA_CONFIG, data.data)
response.success = response.status_code == 204
return response
class Utilities(object):
def __init__(self, base_url, username, password):
super(Utilities, self).__init__()
self.client = RESTClient(base_url, username, password)
def store_crednetial(self, admin_id=None, admin_pwd=None, admin_domain=None):
data = DataObject()
data.add_value_string("admin_id", admin_id)
data.add_value_string("admin_pwd", admin_pwd)
data.add_value_string("admin_domain", admin_domain)
response = self.client.post_json(CREDENTIALS, data.data)
response.success = response.status_code == 200
return response
def delete_credential(self):
response = self.client.delete_json(CREDENTIALS)
response.success = response.status_code == 200
return response
def get_credential(self):
response = self.client.get_json(CREDENTIALS)
response.success = response.status_code == 200
return response
def list_groups(self):
response = self.client.get_json(GROUPS)
response.success = response.status_code == 200
return response
class StaticRoutes(object):
def __init__(self, base_url, username, password):
super(StaticRoutes, self).__init__()
self.client = RESTClient(base_url, username, password)
def create_route(self,
address=None,
mask_or_prefix=None,
enabled=True,
gateway=None,
interface_uuid=None,
metric=0,
comment=None,
table=None):
data = DataObject()
data.add_value_string("address", address)
data.add_value_string("maskOrPrefix", mask_or_prefix)
data.add_value("enabled", enabled)
data.add_value("metric", metric)
data.add_value_string("gateway", gateway)
data.add_value_string("interfaceUUID", interface_uuid)
data.add_value_string("metric", metric)
data.add_value_string("comment", comment)
data.add_value_string("table", table)
response = self.client.post_json(ROUTES, data.data)
response.success = response.status_code == 201
return response
def list_routes(self):
response = self.client.get_json(ROUTES)
response.success = response.status_code == 200
return response
class PushNotification(object):
def __init__(self, base_url, username, password):
super(PushNotification, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self,
app_id=None,
platform=None,
provider_address=None,
apple_key_store=None,
apple_key_label=None,
firebase_server_key=None):
apple = DataObject()
apple.add_value_string("key_store", apple_key_store)
apple.add_value_string("key_label", apple_key_label)
if apple.data:
apple.add_value_string("provider_address", provider_address)
firebase = DataObject()
firebase.add_value_string("server_key", firebase_server_key)
if firebase.data:
firebase.add_value_string("provider_address", provider_address)
provider = DataObject()
provider.add_value_not_empty("apple", apple.data)
provider.add_value_not_empty("firebase", firebase.data)
data = DataObject()
data.add_value_string("app_id", app_id)
data.add_value_string("platform", platform)
data.add_value_not_empty("provider", provider.data)
response = self.client.post_json(PUSH_NOTIFICATION, data.data)
response.success = response.status_code == 200
return response
class ReverseProxy9040(ReverseProxy):
def __init__(self, base_url, username, password):
super(ReverseProxy, self).__init__()
self.client = RESTClient(base_url, username, password)
def configure_api_protection(self,
webseal_id,
hostname=None,
port=None,
username=None,
password=None,
reuse_certs=None,
reuse_acls=None,
api=None,
browser=None,
junction=None):
data = DataObject()
data.add_value_string("hostname", hostname)
data.add_value_string("username", username)
data.add_value_string("password", password)
data.add_value("port", port)
data.add_value("junction", junction if junction != None else "/mga")
data.add_value_boolean("reuse_certs", reuse_certs)
data.add_value_boolean("reuse_acls", reuse_acls)
data.add_value_boolean("api", api)
data.add_value_boolean("browser", browser)
endpoint = "%s/%s/oauth_config" % (REVERSEPROXY, webseal_id)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def configure_mmfa(self,
webseal_id,
lmi_hostname=None,
lmi_port=None,
lmi_username=None,
lmi_password=None,
runtime_hostname=None,
runtime_port=None,
runtime_username=None,
runtime_password=None,
reuse_certs=None,
reuse_acls=None,
reuse_pops=None,
channel=None):
lmi_data = DataObject()
lmi_data.add_value_string("hostname", lmi_hostname)
lmi_data.add_value_string("username", lmi_username)
lmi_data.add_value_string("password", lmi_password)
lmi_data.add_value("port", lmi_port)
runtime_data = DataObject()
runtime_data.add_value_string("hostname", runtime_hostname)
runtime_data.add_value_string("username", runtime_username)
runtime_data.add_value_string("password", runtime_password)
runtime_data.add_value("port", runtime_port)
data = DataObject()
data.add_value('channel', channel)
data.add_value("reuse_certs", reuse_certs)
data.add_value("reuse_acls", reuse_acls)
data.add_value("reuse_pops", reuse_pops)
data.add_value_not_empty("lmi", lmi_data.data)
data.add_value_not_empty("runtime", runtime_data.data)
endpoint = "%s/%s/mmfa_config" % (REVERSEPROXY, webseal_id)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 204
return response
class ReverseProxy(object):
def __init__(self, base_url, username, password):
super(ReverseProxy, self).__init__()
self.client = RESTClient(base_url, username, password)
def create_instance(self,
inst_name=None,
host=None,
admin_id=None,
admin_pwd=None,
ssl_yn=None,
key_file=None,
cert_label=None,
ssl_port=None,
http_yn=None,
http_port=None,
https_yn=None,
https_port=None,
nw_interface_yn=None,
ip_address=None,
listening_port=None,
domain=None):
data = DataObject()
data.add_value_string("inst_name", inst_name)
data.add_value_string("host", host)
data.add_value_string("listening_port", listening_port)
data.add_value_string("domain", domain)
data.add_value_string("admin_id", admin_id)
data.add_value_string("admin_pwd", admin_pwd)
data.add_value_string("ssl_yn", ssl_yn)
if key_file != None and not key_file.endswith(".kdb"):
key_file = key_file + ".kdb"
data.add_value_string("key_file", key_file)
data.add_value_string("cert_label", cert_label)
data.add_value_string("ssl_port", ssl_port)
data.add_value_string("http_yn", http_yn)
data.add_value_string("http_port", http_port)
data.add_value_string("https_yn", https_yn)
data.add_value_string("https_port", https_port)
data.add_value_string("nw_interface_yn", nw_interface_yn)
data.add_value_string("ip_address", ip_address)
response = self.client.post_json(REVERSEPROXY, data.data)
response.success = response.status_code == 200
return response
def delete_instance(self, id, admin_id, admin_pwd):
data = DataObject()
data.add_value_string("admin_id", admin_id)
data.add_value_string("admin_pwd", admin_pwd)
data.add_value_string("operation", "unconfigure")
endpoint = "%s/%s" % (REVERSEPROXY, id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def list_instances(self):
response = self.client.get_json(REVERSEPROXY)
response.success = response.status_code == 200
return response
def get_wga_defaults(self):
response = self.client.get_json(WGA_DEFAULTS)
response.success = response.status_code == 200
return response
def restart_instance(self, id):
data = DataObject()
data.add_value_string("operation", "restart")
endpoint = "%s/%s" % (REVERSEPROXY, id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def configure_mmfa(self,
webseal_id,
lmi_hostname=None,
lmi_port=None,
lmi_username=None,
lmi_password=None,
runtime_hostname=None,
runtime_port=None,
runtime_username=None,
runtime_password=None,
reuse_certs=None,
reuse_acls=None,
reuse_pops=None):
lmi_data = DataObject()
lmi_data.add_value_string("hostname", lmi_hostname)
lmi_data.add_value_string("username", lmi_username)
lmi_data.add_value_string("password", lmi_password)
lmi_data.add_value("port", lmi_port)
runtime_data = DataObject()
runtime_data.add_value_string("hostname", runtime_hostname)
runtime_data.add_value_string("username", runtime_username)
runtime_data.add_value_string("password", runtime_password)
runtime_data.add_value("port", runtime_port)
data = DataObject()
data.add_value("reuse_certs", reuse_certs)
data.add_value("reuse_acls", reuse_acls)
data.add_value("reuse_pops", reuse_pops)
data.add_value_not_empty("lmi", lmi_data.data)
data.add_value_not_empty("runtime", runtime_data.data)
endpoint = "%s/%s/mmfa_config" % (REVERSEPROXY, webseal_id)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def configure_fed(self,
webseal_id,
federation_id=None,
reuse_certs=False,
reuse_acls=False,
runtime_hostname=None,
runtime_port=None,
runtime_username=None,
runtime_password=None):
data = DataObject()
data.add_value_string("federation_id", federation_id)
data.add_value("reuse_certs", reuse_certs)
data.add_value("reuse_acls", reuse_acls)
runtime_data = DataObject()
runtime_data.add_value_string("hostname", runtime_hostname)
runtime_data.add_value_string("port", runtime_port)
runtime_data.add_value_string("username", runtime_username)
runtime_data.add_value_string("password", runtime_password)
data.add_value_not_empty("runtime", runtime_data.data)
endpoint = "%s/%s/fed_config" % (REVERSEPROXY, webseal_id)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def configure_aac(self,
webseal_id,
junction=None,
reuse_certs=False,
reuse_acls=False,
runtime_hostname=None,
runtime_port=None,
runtime_username=None,
runtime_password=None):
data = DataObject()
data.add_value("reuse_certs", reuse_certs)
data.add_value("reuse_acls", reuse_acls)
data.add_value("junction", junction)
data.add_value_string("hostname", runtime_hostname)
data.add_value_string("port", runtime_port)
data.add_value_string("username", runtime_username)
data.add_value_string("password", runtime_password)
endpoint = "%s/%s/authsvc_config" % (REVERSEPROXY, webseal_id)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def add_configuration_stanza(self, webseal_id, stanza_id):
endpoint = ("%s/%s/configuration/stanza/%s" %
(REVERSEPROXY, webseal_id, stanza_id))
response = self.client.post_json(endpoint, data=data)
response.success = response.status_code == 200
def delete_configuration_stanza(self, webseal_id, stanza_id):
endpoint = ("%s/%s/configuration/stanza/%s" %
(REVERSEPROXY, webseal_id, stanza_id))
response = self.client.delete_json(endpoint, data=data)
response.success = response.status_code == 200
def add_configuration_stanza_entry(self, webseal_id, stanza_id, entry_name,
value):
data = {"entries": [[str(entry_name), str(value)]]}
endpoint = ("%s/%s/configuration/stanza/%s/entry_name" %
(REVERSEPROXY, webseal_id, stanza_id))
response = self.client.post_json(endpoint, data=data)
response.success = response.status_code == 200
return response
def delete_configuration_stanza_entry(self,
webseal_id,
stanza_id,
entry_name,
value=None):
endpoint = ("%s/%s/configuration/stanza/%s/entry_name/%s" %
(REVERSEPROXY, webseal_id, stanza_id, entry_name))
if value:
endpoint = "%s/value/%s" % (endpoint, value)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 200
return response
def get_configuration_stanza_entry(self, webseal_id, stanza_id,
entry_name):
endpoint = ("%s/%s/configuration/stanza/%s/entry_name/%s" %
(REVERSEPROXY, webseal_id, stanza_id, entry_name))
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def update_configuration_stanza_entry(self, webseal_id, stanza_id,
entry_name, value):
data = DataObject()
data.add_value_string("value", value)
endpoint = ("%s/%s/configuration/stanza/%s/entry_name/%s" %
(REVERSEPROXY, webseal_id, stanza_id, entry_name))
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def create_junction(self,
webseal_id,
server_hostname=None,
junction_point=None,
junction_type=None,
description=None,
basic_auth_mode=None,
tfim_sso=None,
stateful_junction=None,
preserve_cookie=None,
cookie_include_path=None,
transparent_path_junction=None,
mutual_auth=None,
insert_ltpa_cookies=None,
insert_session_cookies=None,
request_encoding=None,
enable_basic_auth=None,
key_label=None,
gso_resource_group=None,
junction_cookie_javascript_block=None,
client_ip_http=None,
version_two_cookies=None,
ltpa_keyfile=None,
authz_rules=None,
fsso_config_file=None,
username=None,
password=None,
server_uuid=None,
virtual_hostname=None,
server_dn=None,
local_ip=None,
query_contents=None,
case_sensitive_url=None,
windows_style_url=None,
ltpa_keyfile_password=None,
proxy_hostname=None,
sms_environment=None,
vhost_label=None,
force=None,
delegation_support=None,
scripting_support=None,
junction_hard_limit=None,
junction_soft_limit=None,
server_port=None,
https_port=None,
http_port=None,
proxy_port=None,
remote_http_header=None):
data = DataObject()
data.add_value_string("server_hostname", server_hostname)
data.add_value_string("junction_point", junction_point)
data.add_value_string("junction_type", junction_type)
data.add_value_string("description", description)
data.add_value_string("basic_auth_mode", basic_auth_mode)
data.add_value_string("tfim_sso", tfim_sso)
data.add_value_string("stateful_junction", stateful_junction)
data.add_value_string("preserve_cookie", preserve_cookie)
data.add_value_string("cookie_include_path", cookie_include_path)
data.add_value_string("transparent_path_junction",
transparent_path_junction)
data.add_value_string("mutual_auth", mutual_auth)
data.add_value_string("insert_ltpa_cookies", insert_ltpa_cookies)
data.add_value_string("insert_session_cookies", insert_session_cookies)
data.add_value_string("request_encoding", request_encoding)
data.add_value_string("enable_basic_auth", enable_basic_auth)
data.add_value_string("key_label", key_label)
data.add_value_string("gso_resource_group", gso_resource_group)
data.add_value_string("junction_cookie_javascript_block",
junction_cookie_javascript_block)
data.add_value_string("client_ip_http", client_ip_http)
data.add_value_string("version_two_cookies", version_two_cookies)
data.add_value_string("ltpa_keyfile", ltpa_keyfile)
data.add_value_string("authz_rules", authz_rules)
data.add_value_string("fsso_config_file", fsso_config_file)
data.add_value_string("username", username)
data.add_value_string("password", password)
data.add_value_string("server_uuid", server_uuid)
data.add_value_string("virtual_hostname", virtual_hostname)
data.add_value_string("server_dn", server_dn)
data.add_value_string("local_ip", local_ip)
data.add_value_string("query_contents", query_contents)
data.add_value_string("case_sensitive_url", case_sensitive_url)
data.add_value_string("windows_style_url", windows_style_url)
data.add_value_string("ltpa_keyfile_password", ltpa_keyfile_password)
data.add_value_string("proxy_hostname", proxy_hostname)
data.add_value_string("sms_environment", sms_environment)
data.add_value_string("vhost_label", vhost_label)
data.add_value_string("force", force)
data.add_value_string("delegation_support", delegation_support)
data.add_value_string("scripting_support", scripting_support)
data.add_value("junction_hard_limit", junction_hard_limit)
data.add_value("junction_soft_limit", junction_soft_limit)
data.add_value("server_port", server_port)
data.add_value("https_port", https_port)
data.add_value("http_port", http_port)
data.add_value("proxy_port", proxy_port)
data.add_value("remote_http_header", remote_http_header)
endpoint = "%s/%s/junctions" % (REVERSEPROXY, str(webseal_id))
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def delete_junction(self, webseal_id, junction_point):
query = urllib.parse.urlencode({JUNCTIONS_QUERY: junction_point})
endpoint = "%s/%s/junctions?%s" % (REVERSEPROXY, webseal_id, query)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 200
return response
def list_junctions(self, webseal_id):
endpoint = "%s/%s/junctions" % (REVERSEPROXY, webseal_id)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def import_management_root_files(self, webseal_id, file_path):
response = Response()
endpoint = ("%s/%s/management_root" % (REVERSEPROXY, webseal_id))
try:
with open(file_path, 'rb') as pages:
files = {"file": pages}
response = self.client.post_file(endpoint, files=files)
response.success = response.status_code == 200
except IOError as e:
logger.error(e)
response.success = False
return response
def update_management_root_file(self, webseal_id, page_id, contents):
data = DataObject()
data.add_value_string("type", "file")
data.add_value_string("contents", contents)
endpoint = ("%s/%s/management_root/%s" %
(REVERSEPROXY, webseal_id, page_id))
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
# Upload a single file (eg HTML or ico), rather than a zip.
def import_management_root_file(self, webseal_id, page_id, file_path):
response = Response()
endpoint = ("%s/%s/management_root/%s" %
(REVERSEPROXY, webseal_id, page_id))
try:
with open(file_path, 'rb') as contents:
files = {"file": contents}
response = self.client.post_file(endpoint, files=files)
response.success = response.status_code == 200
except IOError as e:
logger.error(e)
response.success = False
return response
def import_junction_mapping_file(self, file_path):
response = Response()
try:
with open(file_path, 'rb') as contents:
jmt_config_file = {"jmt_config_file": contents}
response = self.client.post_file(JMT_CONFIG,
files=jmt_config_file)
response.success = response.status_code == 200
except IOError as e:
logger.error(e)
response.success = False
return response
def update_junction_mapping_file(self, file_id, jmt_config_data):
data = DataObject()
data.add_value_string("id", file_id)
data.add_value_string("jmt_config_data", jmt_config_data)
endpoint = ("%s/%s" % (JMT_CONFIG, file_id))
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
class Kerberos(object):
def __init__(self, base_url, username, password):
super(Kerberos, self).__init__()
self.client = RESTClient(base_url, username, password)
def create(self, _id=None, subsection=None, name=None, value=None):
data = DataObject()
data.add_value_not_empty("name", name)
data.add_value_not_empty("subsection", subsection)
data.add_value_string("value", value)
endpoint = KERBEROS_CONFIG + "/{}".format(_id)
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def update(self, _id=None, value=None):
data = DataObject()
data.add_value_string("value", value)
endpoint = KERBEROS_CONFIG + "/{}".format(_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.stauts_code == 200
return response
def get(self, _id=None):
endpoint = KERBEROS_CONFIG + "/{}".format(_id)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def delete(self, _id=None):
endpoint = KERBEROS_CONFIG = "/{}".format(_id)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 200
return response
def test(self, username=None, password=None):
data = DataObject()
data.add_value_string("username", username)
data.add_value_string("password", password)
endpoint = "/wga/kerberos/test"
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def import_keytab(self, keytab_file=None):
response = Response()
try:
with open(file_path, 'rb') as contents:
files = {"keytab_file": contents}
response = self.client.post_file(KERBEROS_KEYTAB, files=files)
response.success = response.status_code == 200
except IOError as e:
logger.error(e)
response.success = False
return response
def delete_keytab(self, _id=None):
endpoint = KERBEROS_KEYTAB + "/{}".format(_id)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 200
return response
def combine_keytab(self, new_name=None, keytab_files=[]):
data = DataObject()
data.add_value_string("new_name", new_name)
data.add_value_not_empty("keytab_files", keytab_files)
response = self.client.put_json(KERBEROS_KEYTAB, data.data)
response.success = response.status_code == 200
return response
def list_keytab(self):
response = self.client.get_json(KERBEROS_KEYTAB)
response.success = response.status_code == 200
return response
def verify_keytab(self, _id=None, name=None):
data = DataObject()
data.add_value_string("name", name)
endpoint = KERBEROS_KEYTAB + "/{}".format(_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
class ManagementAuthorization(object):
def __init__(self, base_url, username, password):
super(ManagementAuthorization, self).__init__()
self.client = RESTClient(base_url, username, password)
def enable(self, enforce=False):
data = DataObject()
data.add_value_boolean("enforcing", enforce)
endpoint = MANAGEMENT_AUTHORIZATION + '/config/v1'
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response
def update(self, enforce_config=False, roles=[]):
auth_config = DataObject()
auth_config.add_value_boolean("enforcing", enforce_config)
auth_roles = DataObject()
auth_roles.add_value_not_empty("roles", roles)
data = DataObject()
data.add_value("config", auth_config.data)
data.add_value_not_empty("roles", auth_roles.data)
endpoint = MANAGEMENT_AUTHORIZATION + '/v1'
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def get(self):
endpoint = MANAGEMENT_AUTHORIZATION + '/v1'
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def create_role(self, name=None, users=None, groups=None, features=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_not_empty("users", users)
data.add_value_not_empty("grpups", groups)
data.add_value_not_empty("features", features)
endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/v1'
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def update_role(self, name=None, users=None, groups=None, features=None):
data = DataObject()
data.add_value_string("name", name)
data.add_value_not_empty("users", users)
data.add_value_not_empty("grpups", groups)
data.add_value_not_empty("features", features)
endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/{}/v1'.format(name)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 200
return response
def delete_role(self, role=None):
endpoint = MANAGEMENT_AUTHORIZATION_ROLES "/{}/v1".format(role)
response = self.client.delete_json(endpoint)
response.success = response.status_code == 204
return response
def get_role(self, role=None):
endpoint = MANAGEMENT_AUTHORIZATION_ROLES "/{}/v1".format(role)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def get_roles(self):
endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/v1'
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def get_features(self):
endpoint = MANAGEMENT_AUTHORIZATION_FEATURES + '/v1'
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def get_features_for_user(self, user=None):
endpoint = MANAGEMENT_AUTHORIZATION_FEATURES + '/users/{}/v1'.format(user)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def get_groups_for_role(self, role=None):
endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/{}/groups/v1'.format(role)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def get_users_for_role(self, role=None):
endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/{}/users/v1'
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
class AccessPolicy(object):
def __init__(self, base_url, username, password):
super(AccessPolicy, self).__init__()
self.client = RESTClient(base_url, username, password)
def get_policies(self, filter=None):
endpoint = None
if filter != None:
endpoint = "%s?filter=%s" % (ACCESS_POLICY, filter)
else:
endpoint = ACCESS_POLICY
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def get_policy(self, policy_id=None):
endpoint = "%s/%s" % (ACCESS_POLICY, policy_id)
response = self.client.get_json(endpoint)
response.success = response.status_code == 200
return response
def create_policy(self,
policy_name=None,
category=None,
policy_type="JavaScript",
file_name=None):
data = DataObject()
response = None
try:
with open(file_name, 'rb') as content:
data.add_value_string('category', category)
data.add_value_string('type', policy_type)
data.add_value_string('name', policy_name)
data.add_value_string("content",
content.read().decode('utf-8'))
except IOError as e:
logger.error(e)
response = Response()
response.success = False
if response == None:
endpoint = ACCESS_POLICY
response = self.client.post_json(endpoint, data.data)
response.success = response.status_code == 201
return response
def update_policy(self, policy_id=None, file_name=None):
data = DataObject()
try:
with open(file_name, 'rb') as content:
data.add_value_string("content",
content.read().decode('utf-8'))
except IOError as e:
logger.error(e)
response.success = False
endpoint = "%s/%s" % (ACCESS_POLICY, policy_id)
response = self.client.put_json(endpoint, data.data)
response.success = response.status_code == 204
return response