def start_authentication(username, version, proxy, environment): endpoint = environment.get_endpoint() certpath = environment.get_certpath() debug = environment.get_debug() method = "/Security/StartAuthentication" message = AuthRequest('', username, version) json_body = message.get_start_auth_json() headers = {} logging.info("Starting Authentication .. ") response = call_rest_post(endpoint, method, json_body, headers, certpath, proxy, debug) authresponse = AuthResponse(response, endpoint) success_result = authresponse.get_success_result() if (success_result == False): print("Invalid User") sys.exit(0) if (success_result == True): try: tenant_url = authresponse.get_tenant_url() except KeyError as e: logging.error(format(e)) logging.info('Seems we have tenant URL already ') return authresponse endpoint = "https://" + tenant_url logging.info("Redirecting to " + endpoint) logging.info("Authenticating on the tenant..") response = call_rest_post(endpoint, method, json_body, headers, certpath, proxy, environment.get_debug()) tenant_resp = AuthResponse(response, endpoint) return tenant_resp
def advance_auth_for_mech(mechanism, tenant_response, username, endpoint, method, proxy, environment): certpath = environment.get_certpath() mechanism_id = mechanism['MechanismId'] session_id = tenant_response.get_sessionid() tenant_id = tenant_response.get_tenantid() logging.info("The AnswerType is : " + mechanism['AnswerType']) if (mechanism['AnswerType'] == "Text" or mechanism['AnswerType'] == "StartTextOob"): if (mechanism['AnswerType'] == 'Text'): handle_text(mechanism, tenant_response, username, endpoint, method, proxy, environment) if (mechanism['AnswerType'] == "StartTextOob"): handle_text_oob(mechanism, tenant_response, username, endpoint, method, proxy, environment) authresp = result[0] success_result = result[1] summary = result[2] del result[:] if (success_result == False): logging.info("Authentication is not successful..") print("Authentication is not successful..") sys.exit() elif (mechanism['AnswerType'] == "StartOob"): logging.info("StartOob..") request = AdvAuthRequest(tenant_id, session_id, mechanism_id, "") json_req = request.get_adv_auth_json_startoob() headers = {} authresp = call_rest_post(endpoint, method, json_req, headers, certpath, proxy, environment.get_debug()) print(mechanism['PromptSelectMech'] + " Waiting ......") json_req = request.get_adv_auth_json_poll() while (True): sys.stdout.write(".") authresp = call_rest_post(endpoint, method, json_req, headers, certpath, proxy, environment.get_debug()) resp = AuthResponse(authresp, endpoint) success_result = resp.get_success_result() summary = resp.get_summary() if (success_result == True and summary != "OobPending"): break if (success_result != True): break time.sleep(2) print() logging.info("Is it Successful : " + str(success_result)) logging.info(summary) if (success_result == True and summary == "LoginSuccess"): session_token = authresp.cookies['.ASPXAUTH'] logging.info(session_token) session = AuthSession(endpoint, username, session_id, session_token) return session
def handle_unix(mechanism, tenant_response, username, endpoint, method, environment, proxy, request, json_req): certpath = environment.get_certpath() mechanism_id = mechanism['MechanismId'] session_id = tenant_response.get_sessionid() tenant_id = tenant_response.get_tenantid() headers = {} choice = '2' if (mechanism['Name'] == 'SMS'): choice = get_user_choice() if (mechanism['Name'] == 'OATH'): choice = '1' if (choice == '1'): passwd = getpass(mechanism['PromptSelectMech'] + " : ") request = AdvAuthRequest(tenant_id, session_id, mechanism_id, passwd) json_req = request.get_adv_auth_json_passwd() authresp = call_rest_post(endpoint, method, json_req, headers, certpath, proxy, environment.get_debug()) authresponse = AuthResponse(authresp, endpoint) success_result = authresponse.get_success_result() summary = authresponse.get_summary() if (success_result == False): print(Fore.RED + 'Wrong Credentials.. Exiting..') print(Style.RESET_ALL) sys.exit(0) else: print("Waiting for completing authentication mechanism.. ") json_req = request.get_adv_auth_json_poll() while (True): authresp = call_rest_post(endpoint, method, json_req, headers, certpath, proxy, environment.get_debug()) resp = AuthResponse(authresp, endpoint) success_result = resp.get_success_result() summary = resp.get_summary() logging.info("Success : " + str(success_result) + " Summary : " + summary) if (success_result == True and summary != "OobPending"): break if (success_result != True): break result.append(authresp) result.append(success_result) result.append(summary)
def get_applications(user, session, environment, proxy): method = "/uprest/getupdata" body = {} headers = {} headers['X-CENTRIFY-NATIVE-CLIENT'] = 'true' headers['Content-type'] = 'application/json' session_token = "Bearer "+session.session_token headers['Authorization'] = session_token response = restclient.call_rest_post(session.endpoint, method, body, headers, environment.get_certpath(), proxy,environment.get_debug()) logging.info(response.text) return response.json()
def handle_app_click(session, appkey, version, environment, proxy): method = "/uprest/handleAppClick?appkey=" + appkey body = {} headers = {} session_token = "Bearer "+session.session_token headers['Authorization'] = session_token response = restclient.call_rest_post(session.endpoint, method, body, headers, environment.get_certpath(), proxy, environment.get_debug()) logging.info("Call App Response URL : " + response.url) if ('elevate' in response.url): url = response.url parsed_url = urlparse.urlparse(url) elav = urlparse.parse_qs(parsed_url.query)['elevate'][0] chal = urlparse.parse_qs(parsed_url.query)['challengeId'][0] ele_session = auth.elevate(session, appkey, headers, response, version, environment, proxy) ele_token = "Bearer "+ele_session.session_token headers['Authorization'] = ele_token headers['X-CFY-CHALLENGEID'] = chal body['ChallengeStateId'] = chal json_body = json.dumps(body) response = restclient.call_rest_post(session.endpoint, method, json_body, headers, environment.get_certpath(), proxy, environment.get_debug()) logging.info("Call App Response URL - After Elevate : " + response.url) return response
def handle_text_oob(mechanism, tenant_response, username, endpoint, method, proxy, environment): certpath = environment.get_certpath() mechanism_id = mechanism['MechanismId'] session_id = tenant_response.get_sessionid() tenant_id = tenant_response.get_tenantid() logging.info("Starting StartTextOob...") request = AdvAuthRequest(tenant_id, session_id, mechanism_id, "") json_req = request.get_adv_auth_json_startoob() headers = {} authresp = call_rest_post(endpoint, method, json_req, headers, certpath, proxy, environment.get_debug()) logging.info("The response is StartOob req" + authresp.text) handle_unix(mechanism, tenant_response, username, endpoint, method, environment, proxy, request, json_req)
def elevate(session, appkey, headers, response, version, environment, proxy): url = response.url parsed_url = urlparse.urlparse(url) elav = urlparse.parse_qs(parsed_url.query)['elevate'][0] chal = urlparse.parse_qs(parsed_url.query)['challengeId'][0] method = "/security/startchallenge" message = {} message['Version'] = "1.0" message['elevate'] = elav message['ChallengeStateId'] = chal json_body = json.dumps(message) chal_resp = call_rest_post(session.endpoint, method, json_body, headers, environment.get_certpath(), proxy, environment.get_debug()) auth_resp = AuthResponse(chal_resp, session.endpoint) return advance_authentication(auth_resp, session.endpoint, "", "1.0", proxy, environment)
def handle_text(mechanism, tenant_response, username, endpoint, method, proxy, environment): certpath = environment.get_certpath() mechanism_id = mechanism['MechanismId'] session_id = tenant_response.get_sessionid() tenant_id = tenant_response.get_tenantid() passwd = getpass(mechanism['PromptSelectMech'] + " : ") request = AdvAuthRequest(tenant_id, session_id, mechanism_id, passwd) json_req = request.get_adv_auth_json_passwd() headers = {} authresp = call_rest_post(endpoint, method, json_req, headers, certpath, proxy, environment.get_debug()) authresponse = AuthResponse(authresp, endpoint) success_result = authresponse.get_success_result() logging.info("Is it Successful : " + str(success_result)) summary = authresponse.get_summary() logging.info(summary) if (success_result == False): print("Wrong Credentials.. Exiting..") sys.exit() global result result.append(authresp) result.append(success_result) result.append(summary)