def configure_fed(self, webseal_id, federation_id=None, reuse_certs=False, reuse_acls=False, runtime_hostname=None, runtime_port=None, runtime_username=None, runtime_password=None): data = DataObject() data.add_value_string("federation_id", federation_id) data.add_value("reuse_certs", reuse_certs) data.add_value("reuse_acls", reuse_acls) runtime_data = DataObject() runtime_data.add_value_string("hostname", runtime_hostname) runtime_data.add_value_string("port", runtime_port) runtime_data.add_value_string("username", runtime_username) runtime_data.add_value_string("password", runtime_password) data.add_value_not_empty("runtime", runtime_data.data) endpoint = "%s/%s/fed_config" % (REVERSEPROXY, webseal_id) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 204 return response
def create_smtp( self, name=None, description=None,connect_timeout=None, connection_host_name=None, connection_host_port=None, connection_ssl=None, connection_user=None, connection_password=None): connection_data = DataObject() connection_data.add_value_string("hostName", connection_host_name) connection_data.add_value("hostPort", connection_host_port) connection_data.add_value("ssl", connection_ssl) connection_data.add_value("user", connection_user) connection_data.add_value("password", connection_password) manager_data = DataObject() manager_data.add_value("connectTimeout", connect_timeout) data = DataObject() data.add_value_string("name", name) data.add_value_string("description", description) data.add_value_string("type", "smtp") data.add_value_not_empty("connection", connection_data.data) data.add_value_not_empty("connectionManager", manager_data.data) endpoint = SERVER_CONNECTION_SMTP + "/v1" response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 return response
def create_attribute( self, category=None, matcher=None, issuer=None, description=None, name=None, datatype=None, uri=None, storage_session=None, storage_behavior=None, storage_device=None, type_risk=None, type_policy=None): storage_data = DataObject() storage_data.add_value("session", storage_session) storage_data.add_value("behavior", storage_behavior) storage_data.add_value("device", storage_device) type_data = DataObject() type_data.add_value("risk", type_risk) type_data.add_value("policy", type_policy) data = DataObject() data.add_value_string("category", category) data.add_value_string("matcher", matcher) data.add_value_string("issuer", issuer) data.add_value_string("description", description) data.add_value_string("name", name) data.add_value_string("datatype", datatype) data.add_value_string("uri", uri) data.add_value("predefined", False) data.add_value_not_empty("storageDomain", storage_data.data) data.add_value_not_empty("type", type_data.data) response = self.client.post_json(ATTRIBUTES, data.data) response.success = response.status_code == 201 return response
def create_isam_runtime( self, name=None, description=None, locked=None, connection_bind_dn=None, connection_bind_pwd=None, connection_ssl_truststore=None, connection_ssl_auth_key=None, connection_ssl=None, connect_timeout=None, servers=None): connection_data = DataObject() connection_data.add_value_string("bindDN", connection_bind_dn) connection_data.add_value_string("bindPwd", connection_bind_pwd) connection_data.add_value_string( "sslTruststore", connection_ssl_truststore) connection_data.add_value_string("sslAuthKey", connection_ssl_auth_key) connection_data.add_value("ssl", connection_ssl) manager_data = DataObject() manager_data.add_value("connectTimeout", connect_timeout) data = DataObject() data.add_value_string("name", name) data.add_value_string("description", description) data.add_value_string("type", "isamruntime") data.add_value("locked", locked) data.add_value("servers", servers) data.add_value_not_empty("connection", connection_data.data) data.add_value_not_empty("connectionManager", manager_data.data) endpoint = SERVER_CONNECTION_ISAM_RUNTIME + "/v1" response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 return response
def create_web_service( self, name=None, description=None, locked=None, connection_url=None, connection_user=None, connection_password=None, connection_ssl_truststore=None, connection_ssl_auth_key=None, connection_ssl=None): connection_data = DataObject() connection_data.add_value_string("url", connection_url) connection_data.add_value_string("user", connection_user) connection_data.add_value_string("password", connection_password) connection_data.add_value_string( "sslTruststore", connection_ssl_truststore) connection_data.add_value_string("sslAuthKey", connection_ssl_auth_key) connection_data.add_value("ssl", connection_ssl) data = DataObject() data.add_value_string("name", name) data.add_value_string("description", description) data.add_value_string("type", "ws") data.add_value("locked", locked) data.add_value_not_empty("connection", connection_data.data) endpoint = SERVER_CONNECTION_WEB_SERVICE + "/v1" response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 return response
def create_ci( self, name=None, description=None, locked=None, connection_host_name=None, connection_client_id=None, connection_client_secret=None, connection_ssl_truststore=None): connection_data = DataObject() connection_data.add_value_string("adminHost", connection_host_name) connection_data.add_value("clientId", connection_client_id) connection_data.add_value("clientSecret", connection_client_secret) connection_data.add_value("ssl", True) connection_data.add_value("sslTruststore", connection_ssl_truststore) connection_data.add_value("usersEndpoint", "/v2.0/Users") # yes, I know this is a token endpoint. The parameter name was poorly selected connection_data.add_value("authorizeEndpoint", "/v1.0/endpoint/default/token") connection_data.add_value("authenticatorsEndpoint", "/v1.0/authenticators") connection_data.add_value("authnmethodsEndpoint", "/v1.0/authnmethods") data = DataObject() data.add_value_string("name", name) data.add_value_string("description", description) data.add_value_string("type", "ci") data.add_value_string("locked", locked) data.add_value_not_empty("connection", connection_data.data) endpoint = SERVER_CONNECTION_CI + "/v1" response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 return response
def combine_keytab(self, new_name=None, keytab_files=[]): data = DataObject() data.add_value_string("new_name", new_name) data.add_value_not_empty("keytab_files", keytab_files) response = self.client.put_json(KERBEROS_KEYTAB, data.data) response.success = response.status_code == 200 return response
def create(self, name=None, content=None): data = DataObject() data.add_value_string("name", name) data.add_value_not_empty("content", content) response = self.client.post_json(PASSWORD_STRENGTH, data.data) response.success = response.status_code == 200 return response
def create(self, name=None, groups=[], attributes=[]): data = DataObject() data.add_value_string("name", name) data.add_value_not_empty("group", grups) data.add_value_not_empty("attributes", attributes) response = self.client.post_json(POLICY, data.data) response.success = response.status_code == 200 return response
def update(self, name, groups=[], attributes=[]): data = DataObject() data.add_value_not_empty("groups", groups) data.add_value_not_empty("attributes", attributes) endpoint = POLICY + "/{}".format(name) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 200 return response
def create(self, _id=None, subsection=None, name=None, value=None): data = DataObject() data.add_value_not_empty("name", name) data.add_value_not_empty("subsection", subsection) data.add_value_string("value", value) endpoint = KERBEROS_CONFIG + "/{}".format(_id) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response
def create_record(self, address, hostname_list): hostnames = [] for entry in hostname_list: hostnames.append({"name": str(entry)}) data = DataObject() data.add_value_string("addr", address) data.add_value_not_empty("hostnames", hostnames) response = self.client.post_json(HOST_RECORDS, data.data) response.success = response.status_code == 200 return response
def create_user(self, user=None, password=None, groups=[]): data = DataObject() data.add_value_string('id', user) data.add_value_string('password', password) if groups: groups_data = DataObject() for group in groups: groups_data.add_value('id', group) data.add_value_not_empty('groups', groups_data.data) endpoint = SYSACCOUNT_USERS + '/v1' response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response
def update(self, enforce_config=False, roles=[]): auth_config = DataObject() auth_config.add_value_boolean("enforcing", enforce_config) auth_roles = DataObject() auth_roles.add_value_not_empty("roles", roles) data = DataObject() data.add_value("config", auth_config.data) data.add_value_not_empty("roles", auth_roles.data) endpoint = MANAGEMENT_AUTHORIZATION + '/v1' response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response
def create_oidc_federation(self, name=None, role=None, issuer_identifier=None, signature_algorithm=None, signing_keystore=None, signing_key_label=None, refresh_token_length=None, authorization_grant_lifetime=None, authorization_code_lifetime=None, authorization_code_length=None, access_token_lifetime=None, access_token_length=None, id_token_lifetime=None, grant_types_supported=None, active_delegate_id=None, rule_type=None, identity_mapping_rule_reference=None, applies_to=None, auth_type=None, basic_auth_username=None, basic_auth_password=None, client_key_store=None, client_key_alias=None, issuer_uri=None, message_format=None, ssl_key_store=None, uri=None): data = DataObject() data.add_value_string("name", name) data.add_value_string("protocol", "OIDC") data.add_value_string("role", role) attributeMapping = DataObject() identityMapping = DataObject() identityMapping.add_value_string("activeDelegateId", active_delegate_id) properties = DataObject() properties.add_value_string("ruleType", rule_type) properties.add_value_string("identityMappingRuleReference", identity_mapping_rule_reference) identityMapping.add_value_not_empty("properties", properties.data) configuration = DataObject() configuration.add_value_not_empty("identityMapping", identityMapping.data) configuration.add_value_not_empty("attributeMapping", attributeMapping.data) data.add_value_not_empty("configuration", configuration.data) response = self.client.post_json(FEDERATIONS, data.data) response.success = response.status_code == 201 return response
def update(self, instance, resource_server, resource_name=None, server_type="standard", method=None, path=None, name=None, policy_type=None, policy_name=None, static_response_headers=None, rate_limiting_policy=None, url_aliases=None, documentation_content_type=None, documentation_file=None): data = DataObject() data.add_value_string("method", method) data.add_value_string("path", path) data.add_value_string("name", name) policy = DataObject() policy.add_value_string("type", policy_type) policy.add_value_string("name", policy_name) data.add_value_not_empty("policy", policy.daita) data.add_value_not_empty("static_response_headers", static_response_headers) data.add_value_string("rate_limiting_policy", rate_limiting_policy) data.add_value_not_empty("url_aliases", url_aliases) documentation = DataObject() documentation.add_value_string("content_type", documentation_content_type) documentation.add_value_string("file", documentation_file) data.add_alue_not_empty("documentation", documentation.data) endpoint = APIAC + "/resource/instance/{}/server/{}/resource/{}?server_type={}".format( instance, resource_server, resource_name, server_type) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 200 return response
def update_relying_party( self, id, name=None, rp_id=None, origins=None, metadata_set=None, metadata_soft_fail=True, mediator_mapping_rule_id=None, attestation_statement_types=None, attestation_statement_formats=None, attestation_public_key_algorithms=None, attestation_android_safety_net_max_age=None, attestation_android_safetynet_clock_skew=None, relying_party_impersonation_group="adminGroup"): data = DataObject() data.add_value("id", id) data.add_value("name", name) data.add_value("rpId", rp_id) fidoServerOptions = DataObject() fidoServerOptions.add_value_not_empty("origins", origins) fidoServerOptions.add_value("metadataSet", metadata_set) fidoServerOptions.add_value("metadataSoftFail", metadata_soft_fail) fidoServerOptions.add_value("mediatorMappingRuleId", mediator_mapping_rule_id) attestation = DataObject() attestation.add_value("statementTypes", attestation_statement_types) attestation.add_value("statementFormats", attestation_statement_formats) attestation.add_value("publicKeyAlgorithms", attestation_public_key_algorithms) attestation.add_value("publicKeyAlgorithms", attestation_public_key_algorithms) fidoServerOptions.add_value("attestation", attestation.data) attestationAndroidSafetyNetOptions = DataObject() attestationAndroidSafetyNetOptions.add_value("attestationMaxAge", attestation_android_safetynet_max_age) attestationAndroidSafetyNetOptions.add_value("clockSkew", attestation_android_safetynet_clock_skew) fidoServerOptions.add_value("android-safetynet", attestationAndroidSafetyNetOptions.data) data.add_value("fidoServerOptions", fidoServerOptions.data) relyingPartyOptions = DataObject() relyingPartyOptions.add_value("impersonationGroup", relying_party_impersonation_group) data.add_value("relyingPartyOptions", relyingPartyOptions.data) endpoint = "%s/%s" % (FIDO2_RELYING_PARTIES, id) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response
def configure_mmfa(self, webseal_id, lmi_hostname=None, lmi_port=None, lmi_username=None, lmi_password=None, runtime_hostname=None, runtime_port=None, runtime_username=None, runtime_password=None, reuse_certs=None, reuse_acls=None, reuse_pops=None, channel=None): lmi_data = DataObject() lmi_data.add_value_string("hostname", lmi_hostname) lmi_data.add_value_string("username", lmi_username) lmi_data.add_value_string("password", lmi_password) lmi_data.add_value("port", lmi_port) runtime_data = DataObject() runtime_data.add_value_string("hostname", runtime_hostname) runtime_data.add_value_string("username", runtime_username) runtime_data.add_value_string("password", runtime_password) runtime_data.add_value("port", runtime_port) data = DataObject() data.add_value('channel', channel) data.add_value("reuse_certs", reuse_certs) data.add_value("reuse_acls", reuse_acls) data.add_value("reuse_pops", reuse_pops) data.add_value_not_empty("lmi", lmi_data.data) data.add_value_not_empty("runtime", runtime_data.data) endpoint = "%s/%s/mmfa_config" % (REVERSEPROXY, webseal_id) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 204 return response
def create(self, app_id=None, platform=None, provider_address=None, apple_key_store=None, apple_key_label=None, firebase_server_key=None): apple = DataObject() apple.add_value_string("key_store", apple_key_store) apple.add_value_string("key_label", apple_key_label) if apple.data: apple.add_value_string("provider_address", provider_address) firebase = DataObject() firebase.add_value_string("server_key", firebase_server_key) if firebase.data: firebase.add_value_string("provider_address", provider_address) provider = DataObject() provider.add_value_not_empty("apple", apple.data) provider.add_value_not_empty("firebase", firebase.data) data = DataObject() data.add_value_string("app_id", app_id) data.add_value_string("platform", platform) data.add_value_not_empty("provider", provider.data) response = self.client.post_json(PUSH_NOTIFICATION, data.data) response.success = response.status_code == 200 return response
def update_role(self, name=None, users=None, groups=None, features=None): data = DataObject() data.add_value_string("name", name) data.add_value_not_empty("users", users) data.add_value_not_empty("grpups", groups) data.add_value_not_empty("features", features) endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/{}/v1'.format(name) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 200 return response
def update(self, name, allowed_origins=[], allow_credentials=None, exposed_headers=[], handle_preflight=None, allowed_methods=[], allowed_headers=[], max_age=None): data = DataObject() data.add_value_not_empty("allowed_origins", allowed_origins) data.add_value_boolean("allow_credentials", allow_credentials) data.add_value_not_empty("exposed_headers", exposed_headers) data.add_value_boolean("handle_preflight", handle_preflight) data.add_value_not_empty("alowed_methods", allowed_methods) data.add_value_not_empty("alowed_headers", allowed_headers) data.add_value("max_age", max_age) endpoint = CORS_POLICY + "/{}".format(name) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 200 return response
def update(self, client_id=None, hostname=None, junction=None, port=None, details_url=None, enrollment_endpoint=None, hotp_shared_secret_endpoint=None, totp_shared_secret_endpoint=None, token_endpoint=None, authntrxn_endpoint=None, mobile_endpoint_prefix=None, qrlogin_endpoint=None, discovery_mechanisms=None, options=None): endpoints = DataObject() endpoints.add_value_string("details_url", details_url) endpoints.add_value_string("enrollment_endpoint", enrollment_endpoint) endpoints.add_value_string("hotp_shared_secret_endpoint", hotp_shared_secret_endpoint) endpoints.add_value_string("totp_shared_secret_endpoint", totp_shared_secret_endpoint) endpoints.add_value_string("token_endpoint", token_endpoint) endpoints.add_value_string("authntrxn_endpoint", authntrxn_endpoint) endpoints.add_value_string("mobile_endpoint_prefix", mobile_endpoint_prefix) endpoints.add_value_not_empty("qrlogin_endpoint", qrlogin_endpoint) data = DataObject() data.add_value_string("client_id", client_id) data.add_value_string("hostname", hostname) data.add_value_string("junction", junction) data.add_value_string("options", options) data.add_value("port", port) data.add_value_not_empty("endpoints", endpoints.data) data.add_value_not_empty("discovery_mechanisms", discovery_mechanisms) response = self.client.post_json(MMFA_CONFIG, data.data) response.success = response.status_code == 204 return response
def create_oidc_rp_federation(self, name=None, redirect_uri_prefix=None, response_types=None, active_delegate_id=None, identity_mapping_rule_reference=None, advanced_configuration_active_delegate=None, advanced_configuration_rule_id=None): data = DataObject() data.add_value_string("name", name) data.add_value_string("protocol", "OIDC10") data.add_value_string("role", 'rp') attributeMapping = DataObject() identityMapping = DataObject() identityMapping.add_value_string("activeDelegateId", active_delegate_id) properties = DataObject() properties.add_value_string("identityMappingRuleReference", identity_mapping_rule_reference) identityMapping.add_value_not_empty("properties", properties.data) advancedConfiguration = DataObject() if advanced_configuration_active_delegate == None: advancedConfiguration.add_value_string("activeDelegateId", 'skip-advance-map') else: advancedConfiguration.add_value_string( "activeDelegateId", advanced_configuration_active_delegate) properties = DataObject() properties.add_value_string("advanceMappingRuleReference", advanced_configuration_rule_id) advancedConfiguration.add_value_not_empty("properties", properties.data) configuration = DataObject() configuration.add_value_string("redirectUriPrefix", redirect_uri_prefix) configuration.add_value("responseTypes", response_types) configuration.add_value_not_empty("advanceConfiguration", advancedConfiguration.data) configuration.add_value_not_empty("identityMapping", identityMapping.data) configuration.add_value_not_empty("attributeMapping", attributeMapping.data) data.add_value_not_empty("configuration", configuration.data) response = self.client.post_json(FEDERATIONS, data.data) response.success = response.status_code == 201 return response
def create_server(self, instance, server_hostname=None, junction_point=None, junction_type=None, policy_type=None, policy_name=None, authentication_type=None, oauth_introspection_transport=None, oauth_introspection_proxy=None, oauth_introspection_auth_method=None, ouath_introspection_endpoint=None, oauth_introspection_client_id=None, oauth_introspection_client_secret=None, oauth_introspection_client_id_hdr=None, oauth_introspection_token_type_hint=None, oauth_introspection_mapped_id=None, oauth_introspection_external_user=None, oauth_introspection_response_attributes=None, static_response_headers=None, jwt_header_name=None, jwt_certificate=None, jwt_claims=None, description=None, junction_hard_limit=None, junction_soft_limit=None, basic_auth_mode=None, tfim_sso=None, remote_http_header=None, stateful_junction=None, http2_junction=None, sni_name=None, preserve_cookie=None, cookie_include_path=None, transparent_path_junction=None, mutual_auth=None, insert_ltpa_cookies=None, insert_session_cookies=None, request_encoding=None, enable_basic_auth=None, key_label=None, gso_respource_group=None, junction_cookie_javascript_block=None, client_ip_http=None, version_two_cookies=None, ltpa_keyfile=None, authz_rules, fsso_config_file=None, username=None, password=None, server_uuid=None, server_port=None, virtual_hostname=None, server_dn=None, local_ip=None, query_contents=None, case_sensitive_url=None, windows_style_rul=None, ltpa_keyfile_password=None, https_port=None, http_port=None, proxy_hostname=None, proxy_port=None, sms_environment=None, vhost_label=None, force=None, delegation_support=None, scripting_support=None): data = DataObject() data.add_value_string("server_hostname", server_hostname) data.add_value_string("junction_point", junction_point) data.add_value_string("juncton_type", junction_type) policy = DataObject() policy.add_value_string("name", policy_name) policy.add_value_string("type", policy_type) data.add_value_not_empty("policy", policy.data) authentication = DataObject() authentication.add_value_string("type", authentication_type) oauth_introspection = DataObject() oauth_introspection.add_value_string("transport", oauth_introspection_transport) oauth_introspection.add_value_string("endpoint", oauth_introspection_endpoint) oauth_introspection.add_value_string("proxy", oauth_introspection_proxy) oauth_introspection.add_value_string("auth_method", oauth_introspection_auth_method) oauth_introspection.add_value_string("client_id", oauth_introspection_client_id) oauth_introspection.add_value_string("client_secret", oauth_introspection_client_secret) oauth_introspection.add_value_string("client_id_hdr", oauth_introspection_client_id_hdr) oauth_introspection.add_value_string("token_type_hint", oauth_introspection_token_type_hint) oauth_introspection.add_value_string("mapped_id", oauth_introspection_mapped_id) oauth_introspection.add_value_string("external_user", oauth_introspection_external_user) oauth_introspection.add_value_not_empty("response_attributes", oauth_introspection_response_attributes) authentication.add_value_string("oauth_introspection", oauth_introspection.data) data.add_value_not_empty("authentication", authentication.data) data.add_value_not_empty("static_response_headers", static_response_headers) jwt = DataObject() jwt.add_value_string("header_name", jwt_header_name) jwt.add_value_string("certificate", jwt_certificate) jwt.add_vaue_not_empty("claims", jwt_claims) data.add_vaule_not_empty("jwt", jwt.data) data.add_value_string("description", description) data.add_value_string("junction_hard_limit", junction_hard_limit) data.add_value_string("junction_soft_limit", junction_soft_limit) data.add_value_string("basic_auth_mode", basic_auth_mode) data.add_value_string("tfim_sso", tfim_sso) data.add_value_not_empty("remote_http_header", remote_http_header) data.add_value_string("stateful_junction", stateful_junction) data.add_value_string("http2_junction", http2_junction) data.add_value_string("sni_name", sni_name) data.add_value_string("preserve_cookie", preserve_cookie) data.add_value_string("cookie_include_path", cookie_include_path) data.add_value_string("transparent_path_junction", transparent_path_junction) data.add_value_string("mutual_auth", mutual_auth) data.add_value_string("insert_ltpa_cookies", insert_ltpa_cookies) data.add_value_string("insert_session_cookies", insert_session_cookies) data.add_value_string("request_encoding", request_encoding) data.add_value_string("enable_basic_auth", enable_basic_auth) data.add_value_string("key_label", key_label) data.add_value_string("gso_resource_group", gso_resource_group) data.add_value_string("junction_cookie_javascript_block", junction_cookie_javascript_block) data.add_value_string("client_ip_http", client_ip_http) data.add_value_string("version_two_cookies", version_two_cookies) data.add_value_string("ltpa_keyfile", ltpa_keyfile) data.add_value_string("authz_rules", authz_rules) data.add_value_string("fsso_config_file", fsso_config_file) data.add_value_string("username", username) data.add_value_string("password", password) data.add_value_string("server_uuid", server_uuid) data.add_value("server_port", server_port) data.add_value_string("virtual_hostname", virtual_hostname) data.add_value_string("server_dn", server_dn) data.add_value_string("local_ip", local_ip) data.add_value_string("query_contents", query_contents) data.add_value_string("case_sensitive_url", case_sensitive_url) data.add_value_string("windows_style_url", windows_style_url) data.add_value_string("ltpa_keyfile_password", ltpa_keyfile_password) data.add_value("https_port", https_port) data.add_value("http_port", http_port) data.add_value_string("proxy_hostname", proxy_hostname) data.add_value("proxy_port", proxy_port) data.add_value_string("sms_environment", sms_environment) data.add_value_string("vhost_label", vhost_label) data.add_value_string("force", force) data.add_value_string("delegation_support", delegation_support) data.add_value_string("scripting_support", scripting_support) endpoint = APIAC + "/resource/instance/{}/server".format(instance) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response
def create_oidc_rp_partner( self, federation_id, name=None, enabled=False, client_id=None, client_secret=None, metadata_endpoint=None, scope=None, token_endpoint_auth_method=None, perform_userinfo=False, advanced_configuration_active_delegate='skip-advance-map', advanced_configuration_rule_id=None, signing_algorithm=None): data = DataObject() data.add_value_string("name", name) data.add_value("enabled", enabled) data.add_value_string("role", 'rp') attributeMapping = DataObject() identityMapping = DataObject() configuration = DataObject() configuration.add_value_not_empty("clientId", client_id) configuration.add_value_not_empty("signatureAlgorithm", signing_algorithm) configuration.add_value_not_empty("clientSecret", client_secret) configuration.add_value_not_empty("scope", scope) configuration.add_value_not_empty("tokenEndpointAuthMethod", token_endpoint_auth_method) configuration.add_value_not_empty("performUserinfo", perform_userinfo) basic = DataObject() basic.add_value_not_empty("activeDelegateId", "metadataEndpointUrl") basic_properties = DataObject() basic_properties.add_value_not_empty("metadataEndpointUrl", metadata_endpoint) basic.add_value("properties", basic_properties.data) configuration.add_value("scope", scope) configuration.add_value_not_empty("identityMapping", identityMapping.data) if advanced_configuration_active_delegate: advancedConfiguration = DataObject() advancedConfiguration.add_value_string( "activeDelegateId", advanced_configuration_active_delegate) if (advanced_configuration_active_delegate != 'skip-advance-map'): properties = DataObject() properties.add_value_string("advanceMappingRuleReference", advanced_configuration_rule_id) advancedConfiguration.add_value_not_empty( "properties", properties.data) configuration.add_value_not_empty("advanceConfiguration", advancedConfiguration.data) configuration.add_value_not_empty("basicConfiguration", basic.data) data.add_value_not_empty("configuration", configuration.data) endpoint = "%s/%s/partners" % (FEDERATIONS, federation_id) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 return response
def create_saml_federation(self, name=None, role=None, template_name=None, active_delegate_id=None, need_consent_to_federate=None, signature_algorithm=None, signing_keystore=None, signing_key_label=None, sso_service_binding=None, message_issuer_format=None, decrypt_keystore=None, decrypt_key_label=None, point_of_contact_url=None, provider_id=None, company_name=None): data = DataObject() data.add_value_string("name", name) data.add_value_string("protocol", "SAML2_0") data.add_value_string("role", role) data.add_value_string("templateName", template_name) encryptionSettings = DataObject() signatureSettings = DataObject() identityMapping = None if (active_delegate_id is not None): identityMapping = DataObject() identityMapping.add_value_string("activeDelegateId", active_delegate_id) decryptionKeyIdentifier = DataObject() decryptionKeyIdentifier.add_value_string("keystore", decrypt_keystore) decryptionKeyIdentifier.add_value_string("label", decrypt_key_label) signingKeyIdentifier = DataObject() signingKeyIdentifier.add_value_string("keystore", signing_keystore) signingKeyIdentifier.add_value_string("label", signing_key_label) encryptionSettings.add_value_not_empty("decryptionKeyIdentifier", decryptionKeyIdentifier.data) signatureSettings.add_value_not_empty("signingKeyIdentifier", signingKeyIdentifier.data) ssoServiceBinding = None if (sso_service_binding is not None): ssoServiceBinding = DataObject() ssoServiceBinding.add_value_string("binding", sso_service_binding) configuration = DataObject() configuration.add_value_not_empty("encryptionSettings", encryptionSettings.data) configuration.add_value_not_empty("signatureSettings", signatureSettings.data) configuration.add_value_string("providerId", provider_id) configuration.add_value_string("pointOfContactUrl", point_of_contact_url) configuration.add_value_string("companyName", company_name) if (ssoServiceBinding is not None): configuration.add_value("singleSignOnService", [ssoServiceBinding.data]) if (identityMapping is not None): configuration.add_value("identityMapping", identityMapping.data) configuration.add_value("needConsentToFederate", need_consent_to_federate) configuration.add_value_string("messageIssuerFormat", message_issuer_format) data.add_value_not_empty("configuration", configuration.data) response = self.client.post_json(FEDERATIONS, data.data) response.success = response.status_code == 201 return response
def create_saml_partner(self, federation_id, name=None, enabled=False, role=None, template_name=None, acs_binding=None, block_encryption_algorithm=None, encryption_key_transport_algorithm=None, encryption_keystore=None, encryption_key_label=None, signature_digest_algorithm=None, acs=None, single_logout_service=None, acs_default=True, acs_index=0, acs_url=None, attribute_mapping=[], active_delegate_id=None, client_auth_method=None, signature_algorithm=None, validate_logout_request=None, validate_logout_response=None, provider_id=None, signature_validation=None, validate_authn_request=None, validation_keystore=None, validation_key_label=None, mapping_rule=None): data = DataObject() data.add_value_string("name", name) data.add_value("enabled", enabled) data.add_value_string("role", role) data.add_value_string("templateName", template_name) attributeMapping = DataObject() attributeMapping.add_value_not_empty("map", attribute_mapping) properties = DataObject() clientAuth = DataObject() clientAuth.add_value_string("method", client_auth_method) clientAuth.add_value_not_empty("properties", properties.data) serverCertValidation = DataObject() # serverCertValidation.add_value_string("keystore", "") soapSettings = DataObject() soapSettings.add_value_not_empty("clientAuth", clientAuth.data) if clientAuth.data or serverCertValidation.data: soapSettings.add_value("serverCertValidation", serverCertValidation.data) properties = DataObject() properties.add_value_string("identityMappingRule", mapping_rule) identityMapping = DataObject() identityMapping.add_value_not_empty("properties", properties.data) identityMapping.add_value_string("activeDelegateId", active_delegate_id) assertionConsumerService = DataObject() assertionConsumerService.add_value_string("binding", acs_binding) assertionConsumerService.add_value("default", acs_default) assertionConsumerService.add_value("index", acs_index) assertionConsumerService.add_value_string("url", acs_url) encryptionKeyIdentifier = DataObject() encryptionKeyIdentifier.add_value("keystore", encryption_keystore) encryptionKeyIdentifier.add_value("label", encryption_key_label) encryptionSettings = DataObject() encryptionSettings.add_value_not_empty("encryptionKeyIdentifier", encryptionKeyIdentifier.data) encryptionSettings.add_value_string("blockEncryptionAlgorithm", block_encryption_algorithm) encryptionSettings.add_value_string( "encryptionKeyTransportAlgorithm", encryption_key_transport_algorithm) validationKeyIdentifier = DataObject() validationKeyIdentifier.add_value("keystore", validation_keystore) validationKeyIdentifier.add_value("label", validation_key_label) validationOptions = DataObject() validationOptions.add_value("validateAuthnRequest", validate_authn_request) validationOptions.add_value("validateLogoutRequest", validate_logout_request) validationOptions.add_value("validateLogoutResponse", validate_logout_response) signatureSettings = DataObject() signatureSettings.add_value_not_empty("validationOptions", validationOptions.data) signatureSettings.add_value_not_empty("validationKeyIdentifier", validationKeyIdentifier.data) signatureSettings.add_value_string("signatureAlgorithm", signature_algorithm) signatureSettings.add_value_string("digestAlgorithm", signature_digest_algorithm) configuration = DataObject() configuration.add_value_not_empty("identityMapping", identityMapping.data) configuration.add_value_not_empty("attributeMapping", attributeMapping.data) configuration.add_value_not_empty("assertionConsumerService", [assertionConsumerService.data]) configuration.add_value_not_empty("assertionConsumerService", acs) configuration.add_value_not_empty("singleLogoutService", single_logout_service) configuration.add_value_not_empty("signatureSettings", signatureSettings.data) configuration.add_value_not_empty("encryptionSettings", encryptionSettings.data) configuration.add_value_not_empty("soapSettings", soapSettings.data) configuration.add_value_not_empty("providerId", provider_id) data.add_value_not_empty("configuration", configuration.data) endpoint = "%s%s/partners" % (FEDERATIONS, federation_id) print(json.dumps(data.data)) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 return response
def create_oidc_partner(self, federation_id, name=None, enabled=False, role=None, template_name=None, client_id=None, client_secret=None, applies_to=None, grant_type=None, authorization_endpoint_url=None, token_endpoint_url=None, signature_algorithm=None, signing_keystore=None, signing_key_label=None, issuer_identifier=None, redirect_uri_prefix=None, jwk_endopoint_url=None, scope=[]): data = DataObject() data.add_value_string("name", name) data.add_value("enabled", enabled) data.add_value_string("role", role) attributeMapping = DataObject() identityMapping = DataObject() configuration = DataObject() configuration.add_value_not_empty("identityMapping", identityMapping.data) configuration.add_value_not_empty("attributeMapping", attributeMapping.data) configuration.add_value_not_empty("templateName", template_name) configuration.add_value_not_empty("clientId", client_id) configuration.add_value_not_empty("clientSecret", client_secret) configuration.add_value_not_empty("appliesTo", applies_to) configuration.add_value_not_empty("grantType", grant_type) configuration.add_value_not_empty("authorizationEndpointUrl", authorization_endpoint_url) configuration.add_value_not_empty("tokenEndpointUrl", token_endpoint_url) configuration.add_value_not_empty("signatureAlgorithm", signature_algorithm) configuration.add_value_not_empty("signingKeystore", signing_keystore) configuration.add_value_not_empty("signingKeyLabel", signing_key_label) configuration.add_value_not_empty("issuerIdentifier", issuer_identifier) configuration.add_value_not_empty("redirectUriPrefix", redirect_uri_prefix) configuration.add_value_not_empty("jwkEndpointUrl", jwk_endopoint_url) configuration.add_value("scope", scope) data.add_value_not_empty("configuration", configuration.data) endpoint = "%s/%s/partners" % (FEDERATIONS, federation_id) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 return response
def update(self, old_password=None, new_password=None, confirm_password=None, min_heap_size=None, max_heap_size=None, session_timeout=None, http_port=None, https_port=None, min_threads=None, max_threads=None, max_pool_size=None, lmi_debugging_enabled=None, console_log_level=None, accept_client_certs=None, validate_client_cert_identity=None, exclude_csrf_checking=None, enable_ssl_v3=None, sshd_port=None, session_inactivity_timeout=None, max_files=None, max_file_size=None, http_proxy=None, https_proxy=None, login_header=None, login_message=None, sshd_client_alive_interval=None, enabled_server_protocols=None, enabled_tls=None, session_cache_purge=None): data = DataObject() data.add_value_string("oldPassword", old_password) data.add_value_string("newPassword", new_password) data.add_value_string("confirmPassword", confirm_password) data.add_value_string("consoleLogLevel", console_log_level) data.add_value_string("excludeCsrfChecking", exclude_csrf_checking) data.add_value("minHeapSize", min_heap_size) data.add_value("maxHeapSize", max_heap_size) data.add_value("sessionTimeout", session_timeout) data.add_value("httpPort", http_port) data.add_value("httpsPort", https_port) data.add_value("minThreads", min_threads) data.add_value("maxThreads", max_threads) data.add_value("maxPoolSize", max_pool_size) data.add_value_bool("lmiDebuggingEnabled", lmi_debugging_enabled) data.add_value_bool("acceptClientCerts", accept_client_certs) data.add_value_bool("validateClientCertIdentity", validate_client_cert_identity) data.add_value_bool("enableSSLv3", enable_ssl_v3) data.add_value("sshdPort", sshd_port) data.add_value("sessionInactivityTimeout", session_inactivity_timeout) data.add_value("sessionCachePurge", session_cache_purge) data.add_value("maxFiles", max_files) data.add_value("maxFileSize", max_file_size) data.add_value_string("httpProxy", http_proxy) data.add_value_string("httpsProxy", https_proxy) data.add_value_string("loginHeader", login_header) data.add_value_string("loginMessage", login_message) data.add_value("sshdClientAliveInterval", sshd_client_alive_interval) data.add_value_string("enabledServerProtocols", enabled_server_protocols) data.add_value_not_empty("enabledTLS", enabled_tls) response = self.client.put_json(ADMIN_CONFIG, data.data) response.success = response.status_code == 200 return response