def call_read_api(): """ Calls the read_api endpoint as a client server/app would""" print("call_read_api()") # Get Okta OAuth Token access_token = None json_response = {"status": "false", "timestamp": datetime.datetime.now()} okta_util = OktaUtil(request.headers, config.okta) oauth_url = "{0}/oauth2/{1}/v1/token?clientId={2}&grant_type=client_credentials&scope=read_only".format( config.okta["org_host"], config.okta["auth_server_id"], config.okta["oidc_client_id"]) oauth_response = okta_util.execute_post(oauth_url, {}, okta_util.OKTA_OAUTH_HEADERS) print("oauth_response: {0}".format( json.dumps(oauth_response, indent=4, sort_keys=True))) if "access_token" in oauth_response: access_token = oauth_response["access_token"] # print "access_token: {0}".format(access_token) # Use OAuth token in header and request read_api endpoint headers = { "Accept": "application/json", "Content-Type": "application/json", "Authorization": "Bearer {0}".format(access_token) } json_response = okta_util.execute_get( "{0}/read_api".format(config.okta["app_host"]), {}, headers) print("json_response: {0}".format( json.dumps(json_response, default=default_date_to_string_converter))) return json.dumps(json_response, default=default_date_to_string_converter)
def mfa_verification_poll(): print "mfa_verification_poll()" request_json = request.get_json() print "request_json: {0}".format( json.dumps(request_json, indent=4, sort_keys=True)) polling_url = request_json["pollingUrl"] user_name = request_json["userName"] okta_util = OktaUtil(request.headers, config.okta) response = okta_util.execute_get(polling_url, None) if "factorResult" in response: print "factorResult: {0}".format(response["factorResult"]) if response[ "factorResult"] == "SUCCESS": # Means the user successfully passed the factor, so reset the pasword okta_user_id = okta_util.get_user(user_name)["id"] password_reset_response = okta_util.reset_user_password( okta_user_id) print "password_reset_response: {0}".format( json.dumps(password_reset_response, indent=4, sort_keys=True)) response["ott"] = password_reset_response[ "resetPasswordUrl"].replace( "{0}/reset_password/".format(config.okta["org_host"]), "") return json.dumps(response)