def _getBearerSamlAssertion(options):
"""
Gets the Bearer SAML token from SSO server
"""
import sso
#cert = soapStub.schemeArgs['cert_file']
#key = soapStub.schemeArgs['key_file']
#print "Getting bearer token"
try:
authenticator = sso.SsoAuthenticator(options.stsurl, None)
context = None
if hasattr(ssl, '_create_unverified_context'):
context = ssl._create_unverified_context()
samlAssertion = authenticator.get_bearer_saml_assertion(
options.user,
options.password,
None,
None,
600,
1200,
True,
ssl_context=context)
except Exception, err:
message = "Could not get the token from STS server '" + options.stsurl + "'"
print message + "\n"
raise BaseException(err)
def _getHokSamlAssertion(options):
au = sso.SsoAuthenticator(options.stsurl, options.sts_cert)
hok_token = get_hok_saml_assertion_with_username_password(
au,
options.user,
options.password,
options.public_key,
options.private_key,
request_duration=3600)
return hok_token
def _doLogin(soapStub):
import sso
cert = soapStub.schemeArgs['cert_file']
key = soapStub.schemeArgs['key_file']
authenticator = sso.SsoAuthenticator(sts_url=stsUrl,
sts_cert=stsCert)
samlAssertion = authenticator.get_bearer_saml_assertion(
username, password, cert, key)
si = vim.ServiceInstance("ServiceInstance", soapStub)
sm = si.content.sessionManager
if not sm.currentSession:
try:
soapStub.samlToken = samlAssertion
si.content.sessionManager.LoginByToken()
finally:
soapStub.samlToken = None
def _getHokSamlAssertion_old(options):
"""
Gets the HOK SAML token from SSO server
"""
token = _getBearerSamlAssertion(options)
authenticator = sso.SsoAuthenticator(options.stsurl)
samlAssertion = authenticator.get_hok_saml_assertion(
public_key=options.public_key,
private_key=options.private_key,
delegatable=True,
request_duration=3600,
act_as_token=token)
if options.savesamltoken:
#print "Saving saml token"
file = open(options.savesamltoken, 'w')
file.write(samlAssertion)
file.close()
return samlAssertion
def _doLogin(soapStub):
import sso
cert = soapStub.schemeArgs['cert_file']
key = soapStub.schemeArgs['key_file']
authenticator = sso.SsoAuthenticator(sts_url=stsUrl,
sts_cert=stsCert)
samlAssertion = authenticator.get_hok_saml_assertion(cert, key)
def _requestModifier(request):
return sso.add_saml_context(request, samlAssertion, key)
si = vim.ServiceInstance("ServiceInstance", soapStub)
sm = si.content.sessionManager
if not sm.currentSession:
with soapStub.requestModifier(_requestModifier):
try:
soapStub.samlToken = samlAssertion
si.content.sessionManager.LoginByToken()
finally:
soapStub.samlToken = None