class AccessPolicy(object): def __init__(self, base_url, username, password): super(AccessPolicy, self).__init__() self.client = RESTClient(base_url, username, password) def get_policies(self, filter=None): endpoint = None if filter != None: endpoint = "%s?filter=%s" % (ACCESS_POLICY, filter) else: endpoint = ACCESS_POLICY response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def get_policy(self, policy_id=None): endpoint = "%s/%s" % (ACCESS_POLICY, policy_id) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def create_policy(self, policy_name=None, category=None, policy_type="JavaScript", file_name=None): data = DataObject() response = None try: with open(file_name, 'rb') as content: data.add_value_string('category', category) data.add_value_string('type', policy_type) data.add_value_string('name', policy_name) data.add_value_string("content", content.read().decode('utf-8')) except IOError as e: logger.error(e) response = Response() response.success = False if response == None: endpoint = ACCESS_POLICY response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 return response def update_policy(self, policy_id=None, file_name=None): data = DataObject() try: with open(file_name, 'rb') as content: data.add_value_string("content", content.read().decode('utf-8')) except IOError as e: logger.error(e) response.success = False endpoint = "%s/%s" % (ACCESS_POLICY, policy_id) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response
class ManagementAuthorization(object): def __init__(self, base_url, username, password): super(ManagementAuthorization, self).__init__() self.client = RESTClient(base_url, username, password) def enable(self, enforce=False): data = DataObject() data.add_value_boolean("enforcing", enforce) endpoint = MANAGEMENT_AUTHORIZATION + '/config/v1' response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response def update(self, enforce_config=False, roles=[]): auth_config = DataObject() auth_config.add_value_boolean("enforcing", enforce_config) auth_roles = DataObject() auth_roles.add_value_not_empty("roles", roles) data = DataObject() data.add_value("config", auth_config.data) data.add_value_not_empty("roles", auth_roles.data) endpoint = MANAGEMENT_AUTHORIZATION + '/v1' response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response def get(self): endpoint = MANAGEMENT_AUTHORIZATION + '/v1' response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def create_role(self, name=None, users=None, groups=None, features=None): data = DataObject() data.add_value_string("name", name) data.add_value_not_empty("users", users) data.add_value_not_empty("grpups", groups) data.add_value_not_empty("features", features) endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/v1' response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response def update_role(self, name=None, users=None, groups=None, features=None): data = DataObject() data.add_value_string("name", name) data.add_value_not_empty("users", users) data.add_value_not_empty("grpups", groups) data.add_value_not_empty("features", features) endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/{}/v1'.format(name) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 200 return response def delete_role(self, role=None): endpoint = MANAGEMENT_AUTHORIZATION_ROLES "/{}/v1".format(role) response = self.client.delete_json(endpoint) response.success = response.status_code == 204 return response def get_role(self, role=None): endpoint = MANAGEMENT_AUTHORIZATION_ROLES "/{}/v1".format(role) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def get_roles(self): endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/v1' response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def get_features(self): endpoint = MANAGEMENT_AUTHORIZATION_FEATURES + '/v1' response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def get_features_for_user(self, user=None): endpoint = MANAGEMENT_AUTHORIZATION_FEATURES + '/users/{}/v1'.format(user) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def get_groups_for_role(self, role=None): endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/{}/groups/v1'.format(role) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def get_users_for_role(self, role=None): endpoint = MANAGEMENT_AUTHORIZATION_ROLES + '/{}/users/v1' response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response
class Authentication(object): def __init__(self, base_url, username, password): super(Authentication, self).__init__() self.client = RESTClient(base_url, username, password) def create_mechanism( self, description=None, name=None, uri=None, type_id=None, properties=None, attributes=None): data = DataObject() data.add_value_string("description", description) data.add_value_string("name", name) data.add_value_string("uri", uri) data.add_value_string("typeId", type_id) data.add_value("properties", properties) data.add_value("attributes", attributes) response = self.client.post_json(AUTHENTICATION_MECHANISMS, data.data) response.success = response.status_code == 201 return response def list_mechanism_types( self, sort_by=None, count=None, start=None, filter=None): parameters = DataObject() parameters.add_value_string("sortBy", sort_by) parameters.add_value_string("count", count) parameters.add_value_string("start", start) parameters.add_value_string("filter", filter) response = self.client.get_json( AUTHENTICATION_MECHANISM_TYPES, parameters.data) response.success = response.status_code == 200 return response def list_mechanisms( self, sort_by=None, count=None, start=None, filter=None): parameters = DataObject() parameters.add_value_string("sortBy", sort_by) parameters.add_value_string("count", count) parameters.add_value_string("start", start) parameters.add_value_string("filter", filter) response = self.client.get_json( AUTHENTICATION_MECHANISMS, parameters.data) response.success = response.status_code == 200 return response def update_mechanism( self, id, description=None, name=None, uri=None, type_id=None, predefined=None, properties=None, attributes=None): data = DataObject() data.add_value_string("id", id) data.add_value_string("description", description) data.add_value_string("name", name) data.add_value_string("uri", uri) data.add_value_string("typeId", type_id) data.add_value("predefined", predefined) data.add_value("properties", properties) data.add_value("attributes", attributes) endpoint = "%s/%s" % (AUTHENTICATION_MECHANISMS, id) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response def create_policy( self, name=None, policy=None, uri=None, description=None, dialect="urn:ibm:security:authentication:policy:1.0:schema", enabled=None): data = DataObject() data.add_value_string("name", name) data.add_value_string("policy", policy) data.add_value_string("uri", uri) data.add_value_string("description", description) data.add_value_string("dialect", dialect) data.add_value_string("enabled", enabled) response = self.client.post_json(AUTHENTICATION_POLICIES, data.data) response.success = response.status_code == 201 return response def get_policy(self, id): endpoint = "%s/%s" % (AUTHENTICATION_POLICIES, id) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def list_policies( self, sort_by=None, count=None, start=None, filter=None): parameters = DataObject() parameters.add_value_string("sortBy", sort_by) parameters.add_value_string("count", count) parameters.add_value_string("start", start) parameters.add_value_string("filter", filter) response = self.client.get_json( AUTHENTICATION_POLICIES, parameters.data) response.success = response.status_code == 200 return response def update_policy( self, id, name=None, policy=None, uri=None, description=None, dialect="urn:ibm:security:authentication:policy:1.0:schema", user_last_modified=None, last_modified=None, date_created=None, predefined=None, enabled=None): data = DataObject() data.add_value_string("name", name) data.add_value_string("policy", policy) data.add_value_string("uri", uri) data.add_value_string("description", description) data.add_value_string("dialect", dialect) data.add_value_string("id", id) data.add_value_string("enabled", enabled) data.add_value_string("userlastmodified", user_last_modified) data.add_value_string("lastmodified", last_modified) data.add_value_string("datecreated", date_created) data.add_value("predefined", predefined) endpoint = "%s/%s" % (AUTHENTICATION_POLICIES, id) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response
class Kerberos(object): def __init__(self, base_url, username, password): super(Kerberos, self).__init__() self.client = RESTClient(base_url, username, password) def create(self, _id=None, subsection=None, name=None, value=None): data = DataObject() data.add_value_not_empty("name", name) data.add_value_not_empty("subsection", subsection) data.add_value_string("value", value) endpoint = KERBEROS_CONFIG + "/{}".format(_id) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response def update(self, _id=None, value=None): data = DataObject() data.add_value_string("value", value) endpoint = KERBEROS_CONFIG + "/{}".format(_id) response = self.client.put_json(endpoint, data.data) response.success = response.stauts_code == 200 return response def get(self, _id=None): endpoint = KERBEROS_CONFIG + "/{}".format(_id) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def delete(self, _id=None): endpoint = KERBEROS_CONFIG = "/{}".format(_id) response = self.client.delete_json(endpoint) response.success = response.status_code == 200 return response def test(self, username=None, password=None): data = DataObject() data.add_value_string("username", username) data.add_value_string("password", password) endpoint = "/wga/kerberos/test" response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response def import_keytab(self, keytab_file=None): response = Response() try: with open(file_path, 'rb') as contents: files = {"keytab_file": contents} response = self.client.post_file(KERBEROS_KEYTAB, files=files) response.success = response.status_code == 200 except IOError as e: logger.error(e) response.success = False return response def delete_keytab(self, _id=None): endpoint = KERBEROS_KEYTAB + "/{}".format(_id) response = self.client.delete_json(endpoint) response.success = response.status_code == 200 return response def combine_keytab(self, new_name=None, keytab_files=[]): data = DataObject() data.add_value_string("new_name", new_name) data.add_value_not_empty("keytab_files", keytab_files) response = self.client.put_json(KERBEROS_KEYTAB, data.data) response.success = response.status_code == 200 return response def list_keytab(self): response = self.client.get_json(KERBEROS_KEYTAB) response.success = response.status_code == 200 return response def verify_keytab(self, _id=None, name=None): data = DataObject() data.add_value_string("name", name) endpoint = KERBEROS_KEYTAB + "/{}".format(_id) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 200 return response
class AccessControl(object): def __init__(self, base_url, username, password): super(AccessControl, self).__init__() self.client = RESTClient(base_url, username, password) def create_policy(self, name=None, description=None, dialect="urn:oasis:names:tc:xacml:2.0:policy:schema:os", policy=None, attributes_required=False): data = DataObject() data.add_value_string("name", name) data.add_value_string("description", description) data.add_value_string("dialect", dialect) data.add_value_string("policy", policy) data.add_value("attributesrequired", attributes_required) data.add_value("predefined", False) response = self.client.post_json(POLICIES, data.data) response.success = response.status_code == 201 return response def delete_policy(self, id=None): endpoint = "%s/%s" % (POLICIES, id) response = self.client.delete_json(endpoint) response.success = response.status_code == 204 return response def list_policies(self, sort_by=None, filter=None): parameters = DataObject() parameters.add_value_string("sortBy", sort_by) parameters.add_value_string("filter", filter) response = self.client.get_json(POLICIES, parameters.data) response.success = response.status_code == 200 return response def authenticate_security_access_manager(self, username=None, password=None, domain=None): data = DataObject() data.add_value_string("username", username) data.add_value_string("password", password) data.add_value_string("domain", domain) data.add_value_string("command", "setCredential") response = self.client.post_json(POLICY_ATTACHMENTS_PDADMIN, data.data) response.success = response.status_code == 200 return response def configure_resource(self, server=None, resource_uri=None, policy_combining_algorithm=None, policies=None): data = DataObject() data.add_value_string("server", server) data.add_value_string("resourceUri", resource_uri) data.add_value_string("policyCombiningAlgorithm", policy_combining_algorithm) data.add_value("policies", policies) response = self.client.post_json(POLICY_ATTACHMENTS, data.data) response.success = response.status_code == 201 return response def remove_resource(self, id): endpoint = "%s/%s" % (POLICY_ATTACHMENTS, id) response = self.client.delete_json(endpoint) response.success = response.status_code == 204 return response def list_resources(self, sort_by=None, filter=None): parameters = DataObject() parameters.add_value_string("sortBy", sort_by) parameters.add_value_string("filter", filter) response = self.client.get_json(POLICY_ATTACHMENTS, parameters.data) response.success = response.status_code == 200 return response def publish_policy_attachment(self, id): endpoint = "%s/deployment/%s" % (POLICY_ATTACHMENTS, id) response = self.client.put_json(endpoint) response.success = response.status_code == 204 return response def publish_multiple_policy_attachments(self, *ids): id_string = "" for id in ids: if len(id_string) > 0: id_string += ", " id_string += str(id) data = DataObject() data.add_value_string("policyAttachmentIds", id_string) endpoint = "%s/deployment" % POLICY_ATTACHMENTS response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response def list_obligations(self, sort_by=None, filter=None): parameters = DataObject() parameters.add_value_string("sortBy", sort_by) parameters.add_value_string("filter", filter) response = self.client.get_json(OBLIGATIONS, parameters.data) response.success = response.status_code == 200 return response def create_obligation(self, name=None, predefined=False, description=None, obligationURI=None, type=None, parameters=None, typeId=None, properties=None): data = DataObject() data.add_value_string("name", name) data.add_value("predefined", predefined) data.add_value_string("description", description) data.add_value_string("obligationURI", obligationURI) data.add_value_string("type", type) data.add_value("parameters", parameters) data.add_value_string("typeId", typeId) data.add_value("properties", properties) response = self.client.post_json(OBLIGATIONS, data.data) response.success = response.status_code == 201 return response def delete_obligation(self, id): endpoint = "%s/%s" % (OBLIGATIONS, id) response = self.client.delete_json(endpoint) response.success = response.status_code == 204 return response
class Resources(object): def __init__(self, base_url, username, password): super(Resources, self).__init__() self.client = RESTClient(base_url, username, password) def create_server(self, instance, server_hostname=None, junction_point=None, junction_type=None, policy_type=None, policy_name=None, authentication_type=None, oauth_introspection_transport=None, oauth_introspection_proxy=None, oauth_introspection_auth_method=None, ouath_introspection_endpoint=None, oauth_introspection_client_id=None, oauth_introspection_client_secret=None, oauth_introspection_client_id_hdr=None, oauth_introspection_token_type_hint=None, oauth_introspection_mapped_id=None, oauth_introspection_external_user=None, oauth_introspection_response_attributes=None, static_response_headers=None, jwt_header_name=None, jwt_certificate=None, jwt_claims=None, description=None, junction_hard_limit=None, junction_soft_limit=None, basic_auth_mode=None, tfim_sso=None, remote_http_header=None, stateful_junction=None, http2_junction=None, sni_name=None, preserve_cookie=None, cookie_include_path=None, transparent_path_junction=None, mutual_auth=None, insert_ltpa_cookies=None, insert_session_cookies=None, request_encoding=None, enable_basic_auth=None, key_label=None, gso_respource_group=None, junction_cookie_javascript_block=None, client_ip_http=None, version_two_cookies=None, ltpa_keyfile=None, authz_rules, fsso_config_file=None, username=None, password=None, server_uuid=None, server_port=None, virtual_hostname=None, server_dn=None, local_ip=None, query_contents=None, case_sensitive_url=None, windows_style_rul=None, ltpa_keyfile_password=None, https_port=None, http_port=None, proxy_hostname=None, proxy_port=None, sms_environment=None, vhost_label=None, force=None, delegation_support=None, scripting_support=None): data = DataObject() data.add_value_string("server_hostname", server_hostname) data.add_value_string("junction_point", junction_point) data.add_value_string("juncton_type", junction_type) policy = DataObject() policy.add_value_string("name", policy_name) policy.add_value_string("type", policy_type) data.add_value_not_empty("policy", policy.data) authentication = DataObject() authentication.add_value_string("type", authentication_type) oauth_introspection = DataObject() oauth_introspection.add_value_string("transport", oauth_introspection_transport) oauth_introspection.add_value_string("endpoint", oauth_introspection_endpoint) oauth_introspection.add_value_string("proxy", oauth_introspection_proxy) oauth_introspection.add_value_string("auth_method", oauth_introspection_auth_method) oauth_introspection.add_value_string("client_id", oauth_introspection_client_id) oauth_introspection.add_value_string("client_secret", oauth_introspection_client_secret) oauth_introspection.add_value_string("client_id_hdr", oauth_introspection_client_id_hdr) oauth_introspection.add_value_string("token_type_hint", oauth_introspection_token_type_hint) oauth_introspection.add_value_string("mapped_id", oauth_introspection_mapped_id) oauth_introspection.add_value_string("external_user", oauth_introspection_external_user) oauth_introspection.add_value_not_empty("response_attributes", oauth_introspection_response_attributes) authentication.add_value_string("oauth_introspection", oauth_introspection.data) data.add_value_not_empty("authentication", authentication.data) data.add_value_not_empty("static_response_headers", static_response_headers) jwt = DataObject() jwt.add_value_string("header_name", jwt_header_name) jwt.add_value_string("certificate", jwt_certificate) jwt.add_vaue_not_empty("claims", jwt_claims) data.add_vaule_not_empty("jwt", jwt.data) data.add_value_string("description", description) data.add_value_string("junction_hard_limit", junction_hard_limit) data.add_value_string("junction_soft_limit", junction_soft_limit) data.add_value_string("basic_auth_mode", basic_auth_mode) data.add_value_string("tfim_sso", tfim_sso) data.add_value_not_empty("remote_http_header", remote_http_header) data.add_value_string("stateful_junction", stateful_junction) data.add_value_string("http2_junction", http2_junction) data.add_value_string("sni_name", sni_name) data.add_value_string("preserve_cookie", preserve_cookie) data.add_value_string("cookie_include_path", cookie_include_path) data.add_value_string("transparent_path_junction", transparent_path_junction) data.add_value_string("mutual_auth", mutual_auth) data.add_value_string("insert_ltpa_cookies", insert_ltpa_cookies) data.add_value_string("insert_session_cookies", insert_session_cookies) data.add_value_string("request_encoding", request_encoding) data.add_value_string("enable_basic_auth", enable_basic_auth) data.add_value_string("key_label", key_label) data.add_value_string("gso_resource_group", gso_resource_group) data.add_value_string("junction_cookie_javascript_block", junction_cookie_javascript_block) data.add_value_string("client_ip_http", client_ip_http) data.add_value_string("version_two_cookies", version_two_cookies) data.add_value_string("ltpa_keyfile", ltpa_keyfile) data.add_value_string("authz_rules", authz_rules) data.add_value_string("fsso_config_file", fsso_config_file) data.add_value_string("username", username) data.add_value_string("password", password) data.add_value_string("server_uuid", server_uuid) data.add_value("server_port", server_port) data.add_value_string("virtual_hostname", virtual_hostname) data.add_value_string("server_dn", server_dn) data.add_value_string("local_ip", local_ip) data.add_value_string("query_contents", query_contents) data.add_value_string("case_sensitive_url", case_sensitive_url) data.add_value_string("windows_style_url", windows_style_url) data.add_value_string("ltpa_keyfile_password", ltpa_keyfile_password) data.add_value("https_port", https_port) data.add_value("http_port", http_port) data.add_value_string("proxy_hostname", proxy_hostname) data.add_value("proxy_port", proxy_port) data.add_value_string("sms_environment", sms_environment) data.add_value_string("vhost_label", vhost_label) data.add_value_string("force", force) data.add_value_string("delegation_support", delegation_support) data.add_value_string("scripting_support", scripting_support) endpoint = APIAC + "/resource/instance/{}/server".format(instance) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response def update_server(self, instance, resource_server, server_type="standard", server_hostname=None, junction_point=None, junction_type=None, policyi_type=None, policy_name=None, authenticationi_type=None, authentication_oauth_introspection=None, static_response_headers=None, jwt_header_name=None, jwt_certificate=None, jwt_claims=None, description=None, junction_hard_limit=None, junction_soft_limit=None, basic_auth_mode=None, tfim_sso=None, remote_http_header=None, stateful_junction=None, http2_junction=None, sni_name=None, preserve_cookie=None, cookie_include_path=None, transparent_path_junction=None, mutual_auth=None, insert_ltpa_cookies=None, insert_session_cookies=None, request_encoding=None, enable_basic_auth=None, key_label=None, gso_respource_group=None, junction_cookie_javascript_block=None, client_ip_http=None, version_two_cookies=None, ltpa_keyfile=None, authz_rules, fsso_config_file=None, username=None, password=None, server_uuid=None, server_port=None, virtual_hostname=None, server_dn=None, local_ip=None, query_contents=None, case_sensitive_url=None, windows_style_rul=None, ltpa_keyfile_password=None, https_port=None, http_port=None, proxy_hostname=None, proxy_port=None, sms_environment=None, vhost_label=None, force=None, delegation_support=None, scripting_support=None): data = DataObject() data.add_value_string("server_hostname", server_hostname) data.add_value_string("junction_point", junction_point) data.add_value_string("juncton_type", junction_type) policy = DataObject() policy.add_value_string("name", policy_name) policy.add_value_string("type", policy_type) data.add_value_not_empty("policy", policy.data) authentication = DataObject() authentication.add_value_string("type", authentication_type) authentication.add_value_string("oauth_introspection", authentication_oauth_introspection) data.add_value_not_empty("authentication", authentication) data.add_value_not_empty("static_response_headers", static_response_headers) jwt = DataObject() jwt.add_value_string("header_name", jwt_header_name) jwt.add_value_string("certificate", jwt_certificate) jwt.add_vaue_not_empty("claims", jwt_claims) data.add_vaule_not_empty("jwt", jwt.data) data.add_value_string("description", description) data.add_value_string("junction_hard_limit", junction_hard_limit) data.add_value_string("junction_soft_limit", junction_soft_limit) data.add_value_string("basic_auth_mode", basic_auth_mode) data.add_value_string("tfim_sso", tfim_sso) data.add_value_not_empty("remote_http_header", remote_http_header) data.add_value_string("stateful_junction", stateful_junction) data.add_value_string("http2_junction", http2_junction) data.add_value_string("sni_name", sni_name) data.add_value_string("preserve_cookie", preserve_cookie) data.add_value_string("cookie_include_path", cookie_include_path) data.add_value_string("transparent_path_junction", transparent_path_junction) data.add_value_string("mutual_auth", mutual_auth) data.add_value_string("insert_ltpa_cookies", insert_ltpa_cookies) data.add_value_string("insert_session_cookies", insert_session_cookies) data.add_value_string("request_encoding", request_encoding) data.add_value_string("enable_basic_auth", enable_basic_auth) data.add_value_string("key_label", key_label) data.add_value_string("gso_resource_group", gso_resource_group) data.add_value_string("junction_cookie_javascript_block", junction_cookie_javascript_block) data.add_value_string("client_ip_http", client_ip_http) data.add_value_string("version_two_cookies", version_two_cookies) data.add_value_string("ltpa_keyfile", ltpa_keyfile) data.add_value_string("authz_rules", authz_rules) data.add_value_string("fsso_config_file", fsso_config_file) data.add_value_string("username", username) data.add_value_string("password", password) data.add_value_string("server_uuid", server_uuid) data.add_value("server_port", server_port) data.add_value_string("virtual_hostname", virtual_hostname) data.add_value_string("server_dn", server_dn) data.add_value_string("local_ip", local_ip) data.add_value_string("query_contents", query_contents) data.add_value_string("case_sensitive_url", case_sensitive_url) data.add_value_string("windows_style_rul", windows_style_url) data.add_value_string("ltpa_keyfile_password", ltpa_keyfile_password) data.add_value("https_port", https_port) data.add_value("http_port", http_port) data.add_value_string("proxy_hostname", proxy_hostname) data.add_value("proxy_port", proxy_port) data.add_value_string("sms_environment", sms_environment) data.add_value_string("vhost_label", vhost_label) data.add_value_string("force", force) data.add_value_string("delegation_support", delegation_support) data.add_value_string("scripting_support", scripting_support) endpoint = APIAC + "/resource/instance/{}/server/{}/resource?server_type={}".format( instance, resource_server, server_type) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 200 return response def delete_server(self, instance=None)
class FIDO2Config(object): def __init__(self, base_url, username, password): super(FIDO2Config, self).__init__() self.client = RESTClient(base_url, username, password) def list_relying_parties(self): response = self.client.get_json(FIDO2_RELYING_PARTIES) response.success = response.status_code == 200 return response def get_relying_parties(self, _id): endpoint = "{}/{}".format(FIDO2_RELYING_PARTIES, _id) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def create_relying_party( self, name=None, rp_id=None, origins=None, metadata_set=None, metadata_soft_fail=True, mediator_mapping_rule_id=None, attestation_statement_types=None, attestation_statement_formats=None, attestation_public_key_algorithms=None, attestation_android_safetynet_max_age=None, attestation_android_safetynet_clock_skew=None, relying_party_impersonation_group="adminGroup"): data = DataObject() data.add_value("name", name) data.add_value("rpId", rp_id) fidoServerOptions = DataObject() fidoServerOptions.add_value_not_empty("origins", origins) fidoServerOptions.add_value("metadataSet", metadata_set) fidoServerOptions.add_value("metadataSoftFail", metadata_soft_fail) fidoServerOptions.add_value("mediatorMappingRuleId", mediator_mapping_rule_id) attestation = DataObject() attestation.add_value("statementTypes", attestation_statement_types) attestation.add_value("statementFormats", attestation_statement_formats) attestation.add_value("publicKeyAlgorithms", attestation_public_key_algorithms) fidoServerOptions.add_value("attestation", attestation.data) attestationAndroidSafetyNetOptions = DataObject() attestationAndroidSafetyNetOptions.add_value("attestationMaxAge", attestation_android_safetynet_max_age) attestationAndroidSafetyNetOptions.add_value("clockSkew", attestation_android_safetynet_clock_skew) fidoServerOptions.add_value("android-safetynet", attestationAndroidSafetyNetOptions.data) data.add_value("fidoServerOptions", fidoServerOptions.data) relyingPartyOptions = DataObject() relyingPartyOptions.add_value("impersonationGroup", relying_party_impersonation_group) data.add_value("relyingPartyOptions", relyingPartyOptions.data) response = self.client.post_json(FIDO2_RELYING_PARTIES, data.data) response.success = response.status_code == 201 return response def update_relying_party( self, id, name=None, rp_id=None, origins=None, metadata_set=None, metadata_soft_fail=True, mediator_mapping_rule_id=None, attestation_statement_types=None, attestation_statement_formats=None, attestation_public_key_algorithms=None, attestation_android_safety_net_max_age=None, attestation_android_safetynet_clock_skew=None, relying_party_impersonation_group="adminGroup"): data = DataObject() data.add_value("id", id) data.add_value("name", name) data.add_value("rpId", rp_id) fidoServerOptions = DataObject() fidoServerOptions.add_value_not_empty("origins", origins) fidoServerOptions.add_value("metadataSet", metadata_set) fidoServerOptions.add_value("metadataSoftFail", metadata_soft_fail) fidoServerOptions.add_value("mediatorMappingRuleId", mediator_mapping_rule_id) attestation = DataObject() attestation.add_value("statementTypes", attestation_statement_types) attestation.add_value("statementFormats", attestation_statement_formats) attestation.add_value("publicKeyAlgorithms", attestation_public_key_algorithms) attestation.add_value("publicKeyAlgorithms", attestation_public_key_algorithms) fidoServerOptions.add_value("attestation", attestation.data) attestationAndroidSafetyNetOptions = DataObject() attestationAndroidSafetyNetOptions.add_value("attestationMaxAge", attestation_android_safetynet_max_age) attestationAndroidSafetyNetOptions.add_value("clockSkew", attestation_android_safetynet_clock_skew) fidoServerOptions.add_value("android-safetynet", attestationAndroidSafetyNetOptions.data) data.add_value("fidoServerOptions", fidoServerOptions.data) relyingPartyOptions = DataObject() relyingPartyOptions.add_value("impersonationGroup", relying_party_impersonation_group) data.add_value("relyingPartyOptions", relyingPartyOptions.data) endpoint = "%s/%s" % (FIDO2_RELYING_PARTIES, id) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response def list_metadata(self): endpoint = FIDO2_METADATA response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def get_metadata(self, _id): endpoint = "{}/{}".format(FIDO2_METADATA, _id) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def create_metadata(self, filename=None): response = Response() try: with open(filename, 'rb') as content: data = DataObject() data.add_value_string("filename", ntpath.basename(filename)) data.add_value_string("contents", content.read().decode('utf-8')) endpoint = FIDO2_METADATA response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 except IOError as e: logger.error(e) response.success = False return response def update_metadata(self, id, filename=None): response = Response() try: with open(filename, 'rb') as content: files = {"file": content} endpoint = ("%s/%s/file" % (FIDO2_METADATA, id)) response = self.client.post_file(endpoint, accept_type="application/json,text/html,application/*", files=files) response.success = response.status_code == 200 except IOError as e: logger.error(e) response.success = False return response def delete_metadata(self, id): endpoint = ("%s/%s/file" % (FIDO2_METADATA, id)) response = self.client.delete_json(endpoint) response.success = response.status_code == 204 def create_mediator(self, name=None, filename=None): response = Response() try: with open(filename, 'rb') as content: data = DataObject() data.add_value_string("filename", ntpath.basename(filename)) data.add_value_string("content", content.read().decode('utf-8')) data.add_value_string("type", "FIDO2") data.add_value_string("name", name) response = self.client.post_json(FIDO2_MEDIATOR, data.data) response.success = response.status_code == 201 except IOError as e: logger.error(e) response.success = False return response def _update_mediator(self, id, filename=None): response = Response() try: with open(filename, 'rb') as content: data = DataObject() data.add_value_string("content", content.read().decode('utf-8')) endpoint = ("%s/%s" % (FIDO2_MEDIATOR, id)) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 except IOError as e: logger.error(e) response.success = False return response def get_mediator(self, id): endpoint = ("%s/%s" % (FIDO2_MEDIATOR, id)) response = self.get_json(endpoint) response.success = response.status_code == 200 return response def list_mediator(self): response = self.client.get_json(FIDO2_MEDIATOR) rsponse.success = response.status_code == 200 return response def delete_mediator(self, id): endpoint = ("%s/%s" % (FIDO2_MEDIATOR, id)) response = self.delete_json(endpoint) response.success = response.status_code == 204 return response
class TemplateFiles(object): def __init__(self, base_url, username, password): super(TemplateFiles, self).__init__() self.client = RESTClient(base_url, username, password) def create_directory(self, path, dir_name=None): data = DataObject() data.add_value_string("dir_name", dir_name) data.add_value_string("type", "dir") endpoint = "%s/%s" % (TEMPLATE_FILES, path) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response def get_directory(self, path, recursive=None): parameters = DataObject() parameters.add_value("recursive", recursive) endpoint = "%s/%s" % (TEMPLATE_FILES, path) response = self.client.get_json(endpoint, parameters.data) response.success == response.status_code == 200 if response.success and isinstance(response.json, dict): response.json = response.json.get("contents", []) return response def create_file(self, path, file_name=None, contents=None): data = DataObject() data.add_value_string("file_name", file_name) data.add_value_string("contents", contents) data.add_value_string("type", "file") endpoint = "%s/%s" % (TEMPLATE_FILES, path) response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response def delete_file(self, path, file_name): endpoint = ("%s/%s/%s" % (TEMPLATE_FILES, path, file_name)) response = self.client.delete_json(endpoint) response.success = response.status_code == 200 return response def get_file(self, path, file_name): endpoint = ("%s/%s/%s" % (TEMPLATE_FILES, path, file_name)) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def import_file(self, path, file_name, file_path): response = Response() try: with open(file_path, 'rb') as template: files = {"file": template} endpoint = ("%s/%s/%s" % (TEMPLATE_FILES, path, file_name)) response = self.client.post_file(endpoint, files=files) response.success = response.status_code == 200 except IOError as e: logger.error(e) response.success = False return response def import_files(self, file_path, force=True): response = Response() try: with open(file_path, 'rb') as templates: files = {"file": templates} data = DataObject() data.add_value("force", force) response = self.client.post_file(TEMPLATE_FILES, data=data.data, files=files) response.success = response.status_code == 200 except IOError as e: logger.error(e) response.success = False return response def update_file(self, path, file_name, contents=None, force=False): data = DataObject() data.add_value_string("contents", contents) data.add_value_string("force", force) data.add_value_string("type", "file") endpoint = ("%s/%s/%s" % (TEMPLATE_FILES, path, file_name)) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 200 return response
class SysAccount(object): def __init__(self, base_url, username, password): super(SysAccount, self).__init__() self.client = RESTClient(base_url, username, password) def get_users(self): endpoint = SYSACCOUNT_USERS + '/v1' response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def get_user(self, user): endpoint = SYSACCOUNT_USERS + '/' + user + '/v1' rsponse = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def update_user(self, user, password=None): data = DataObject() data.add_value_string('password', password) endpoint = SYSACCOUNT_USERS + '/' + user + '/v1' response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response def create_user(self, user=None, password=None, groups=[]): data = DataObject() data.add_value_string('id', user) data.add_value_string('password', password) if groups: groups_data = DataObject() for group in groups: groups_data.add_value('id', group) data.add_value_not_empty('groups', groups_data.data) endpoint = SYSACCOUNT_USERS + '/v1' response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response def delete_user(self, user): endpoint = SYSACCOUNT_USERS + '/' + user + '/v1' response = self.client.delete_json(endpoint) response.success = response.status_code == 204 return response def get_groups(self): endpoint = SYSACCOUNT_GROUPS + '/v1' response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def get_group(self, group=None): endpoint = SYSACCOUNT_GROUPS + '/groups/{}/v1'.format(group) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def add_user(self, group=None, user=None): data = DataObject() data.add_alue_string("id", group) endpoint = SYSACCOUNT_GROUPS + '/{}/groups/v1'.format(user) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 200 return response def remove_user(self, group=None, user=None): endpoint = SYSACCOUNT_GROUPS + '/users/{}/groups/{}/v1'.format(user, group) response = self.client.delete_json(endpoint) response.success = response.status_code == 204 return response def create_group(self, group=None): data = DataObject() data.add_value_string("id", group) endpoint = SYSACCOUNT_GROUPS +'/v1' response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 200 return response def delete_group(self, group=None): endpoint = SYSACCOUNT_GROUPS + '/{}/v1'.format(group) response = self.client.delete_json(endpoint) response.success = response.status_code == 204 return response def update_admin_password(self, old_password=None, password=None): endpoint = SYSACCOUNT_GROUPS + '/self/v1' data = DataObject() data.add_value_string('old_password', old_password) data.add_value_string('password', password) response.self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response
class RestartShutdown(object): def __init__(self, base_url, username, password): super(RestartShutdown, self).__init__() self.client = RESTClient(base_url, username, password) def get_lmi_status(self): response = self.client.get_json(LMI) response.success = response.status_code == 200 return response def get_runtime_status(self): response = self.client.get_json(RUNTIME) response.success = response.status_code == 200 and response.json.get( 'return_code') == 0 return response def restart_lmi(self): last_start = -1 response = self.get_lmi_status() if response.success: last_start = response.json[0].get("start_time", -1) if last_start > 0: response = self.client.post_json(LMI_RESTART) response.success = (response.status_code == 200 and response.json.get("restart", False) == True) if response.success: logger.info("Waiting for LMI to restart...") self._wait_on_lmi(last_start) else: logger.error("Invalid start time was retrieved: %i", last_start) response.success = False return response def _wait_on_lmi(self, last_start, sleep_interval=3): if last_start > 0: restart_time = last_start while (restart_time <= 0 or restart_time == last_start): logger.debug("last_start: %i, restart_time: %i", last_start, restart_time) time.sleep(sleep_interval) try: response = self.get_lmi_status() if response.success: restart_time = response.json[0].get("start_time", -1) except: restart_time = -1 time.sleep(sleep_interval) else: logger.error("Invalid last start time: %i", last_start) def restart_appliance(self): last_start = -1 response = self.get_lmi_status() if response.success: last_start = response.json[0].get("start_time", -1) if last_start > 0: response = self.client.post_json(APPLIANCE_RESTART) response.success = (response.status_code == 200 and response.json.get("status", False) == True) if response.success: logger.info("Waiting for LMI to restart...") self._wait_on_lmi(last_start) else: logger.error("Invalid start time was retrieved: %i", last_start) response.success = False return response def _wait_on_runtime(self, last_start, sleep_interval=3): if last_start > 0: restart_time = last_start count = 0 while restart_time <= 0 or restart_time == last_start: logger.debug("last_start: %i, restart_time: %i", last_start, restart_time) time.sleep(sleep_interval) try: response = self.get_runtime_status() if response.success: restart_time = response.json.get("last_start", -1) except: restart_time = -1 count += 1 if count > 10: # defaults to 30s total loop logger.error("Failed to restart runtime after %i seconds", sleep_interval * count) break else: logger.error("Invalid runtime status was retrieved: %i", last_start) def restart_runtime(self): last_start = -1 response = self.get_runtime_status() if response.success: last_start = response.json.get("last_start", -1) if last_start >= 0: response = self.client.put_json(RUNTIME_RESTART, {"operation": "restart"}) response.success = response.status_code == 200 if response.success: logger.info("Waiting for Runtime to restart. . .") self._wait_on_runtime(last_start) else: logger.error("Invalid start time was retrieved: %i", last_start) response.success = False return response
class MappingRules(object): def __init__(self, base_url, username, password): super(MappingRules, self).__init__() self.client = RESTClient(base_url, username, password) def create_rule(self, file_name=None, rule_name=None, category=None, content=None): response = Response() try: data = DataObject() data.add_value_string("fileName", ("%s_%s.js" % (category, rule_name))) data.add_value_string("category", category) data.add_value_string("name", rule_name) if content == None: with open(file_name, 'rb') as content: data.add_value_string("content", content.read().decode('utf-8')) else: data.add_value_string("content", content) endpoint = MAPPING_RULES response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 except IOError as e: logger.error(e) response.success = False return response def update_rule(self, rule_id, file_name=None): response = Response() try: with open(file_name, 'rb') as content: data = DataObject() data.add_value_string("content", content.read().decode('utf-8')) endpoint = ("%s/%s" % (MAPPING_RULES, rule_id)) json.dumps(data.data, sort_keys=True, indent=4, separators=(',', ': ')) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 except IOError as e: logger.error(e) response.success = False return response def get_rule(self, rule_id=None, filter=None): endpoint = ( "%s/%s?filter=%s" % (MAPPING_RULES, rule_id if rule_id != None else "", filter)) response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response
class PointOfContact(object): def __init__(self, base_url, username, password): super(PointOfContact, self).__init__() self.client = RESTClient(base_url, username, password) def get_profiles(self): endpoint = POC_PROFILES response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def get_current_profile(self): endpoint = POC response = self.client.get_json(endpoint) response.success = response.status_code == 200 return response def set_current_profile(self, profile_id): data = DataObject() data.add_value('currentProfileId', profile_id) endpoint = POC response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response def create_like_credential(self, name=None, description="", authenticate_callbacks=None, local_id_callbacks=None, sign_out_callbacks=None, sign_in_callbacks=None): data = DataObject() initial_json = { "id": "", "name": name, "description": description, "isReadOnly": False, "signInCallbacks": [{ "moduleReferenceId": "websealPocSignInCallback", "index": 0, "parameters": [{ "name": "fim.user.response.header.name", "value": "" }, { "name": "fim.user.session.id.response.header.name", "value": "" }, { "name": "fim.target.response.header.name", "value": "am-eai-redir-url" }, { "name": "fim.attributes.response.header.name", "value": "" }, { "name": "fim.groups.response.header.name", "value": "" }, { "name": "url.encoding.enabled", "value": "false" }, { "name": "fim.server.response.header.name", "value": "" }, { "name": "fim.cred.response.header.name", "value": "am-eai-pac" }, { "name": "fim.user.request.header.name", "value": "iv-user" }] }], "signOutCallbacks": [{ "moduleReferenceId": "websealPocSignOutCallback", "index": 0, "parameters": [{ "name": "fim.user.session.id.request.header.name", "value": "user_session_id" }, { "name": "fim.user.request.header.name", "value": "iv-user" }] }], "localIdCallbacks": [{ "moduleReferenceId": "websealPocLocalIdentityCallback", "index": 0, "parameters": [{ "name": "fim.attributes.request.header.name", "value": "" }, { "name": "fim.groups.request.header.name", "value": "iv-groups" }, { "name": "fim.cred.request.header.name", "value": "iv-creds" }, { "name": "fim.user.request.header.name", "value": "iv-user" }] }], "authenticateCallbacks": [{ "moduleReferenceId": "websealPocAuthenticateCallback", "index": 0, "parameters": [{ "name": "fim.user.request.header.name", "value": "iv-user" }] }] } items_to_update = { 'signInCallbacks': sign_in_callbacks, 'authenticateCallbacks': authenticate_callbacks, 'signOutCallbacks': sign_out_callbacks, 'localIdCallbacks': local_id_callbacks } for work in items_to_update.items(): if work[1] == None: continue before = initial_json[work[0]][0]['parameters'] during = map(lambda ent: (ent['name'], ent['value']), before) after = {} after.update(during) after.update(work[1]) initial_json[work[0]][0]['parameters'] = list( map(lambda ent: { "name": ent[0], "value": ent[1] }, after.items())) data.from_json(initial_json) endpoint = POC_PROFILES response = self.client.post_json(endpoint, data.data) response.success = response.status_code == 201 return response
class APIProtection(object): def __init__(self, base_url, username, password): super(APIProtection, self).__init__() self.client = RESTClient(base_url, username, password) def create_client( self, name=None, redirect_uri=None, company_name=None, company_url=None, contact_person=None, contact_type=None, email=None, phone=None, other_info=None, definition=None, client_id=None, client_secret=None): data = DataObject() data.add_value_string("name", name) data.add_value_string("redirectUri", redirect_uri) data.add_value_string("companyName", company_name) data.add_value_string("companyUrl", company_url) data.add_value_string("contactPerson", contact_person) data.add_value_string("contactType", contact_type) data.add_value_string("email", email) data.add_value_string("phone", phone) data.add_value_string("otherInfo", other_info) data.add_value_string("definition", definition) data.add_value_string("clientId", client_id) data.add_value_string("clientSecret", client_secret) response = self.client.post_json(CLIENTS, data.data) response.success = response.status_code == 201 return response def update_client( self, id=None, name=None, redirect_uri=None, company_name=None, company_url=None, contact_person=None, contact_type=None, email=None, phone=None, other_info=None, definition=None, client_id=None, client_secret=None): data = DataObject() data.add_value_string("name", name) data.add_value_string("redirectUri", redirect_uri) data.add_value("companyName", company_name) data.add_value_string("companyUrl", company_url) data.add_value_string("contactPerson", contact_person) data.add_value_string("contactType", contact_type) data.add_value_string("email", email) data.add_value_string("phone", phone) data.add_value_string("otherInfo", other_info) data.add_value_string("definition", definition) data.add_value_string("clientId", client_id) data.add_value_string("clientSecret", client_secret) response = self.client.put_json(CLIENTS+"/"+str(id), data.data) response.success = response.status_code == 204 return response def delete_client(self, id): endpoint = "%s/%s" % (CLIENTS, id) response = self.client.delete_json(endpoint) response.success = response.status_code == 204 return response def list_clients(self, sort_by=None, count=None, start=None, filter=None): parameters = DataObject() parameters.add_value_string("sortBy", sort_by) parameters.add_value_string("count", count) parameters.add_value_string("start", start) parameters.add_value_string("filter", filter) response = self.client.get_json(CLIENTS, parameters.data) response.success = response.status_code == 200 return response def create_definition( self, name=None, description=None, tcm_behavior=None, token_char_set=None, access_token_lifetime=None, access_token_length=None, authorization_code_lifetime=None, authorization_code_length=None, refresh_token_length=None, max_authorization_grant_lifetime=None, pin_length=None, enforce_single_use_authorization_grant=None, issue_refresh_token=None, enforce_single_access_token_per_grant=None, enable_multiple_refresh_tokens_for_fault_tolerance=None, pin_policy_enabled=None, grant_types=None): data = DataObject() data.add_value_string("name", name) data.add_value_string("description", description) data.add_value_string("tcmBehavior", tcm_behavior) data.add_value_string("tokenCharSet", token_char_set) data.add_value("accessTokenLifetime", access_token_lifetime) data.add_value("accessTokenLength", access_token_length) data.add_value("authorizationCodeLifetime", authorization_code_lifetime) data.add_value("authorizationCodeLength", authorization_code_length) data.add_value("refreshTokenLength", refresh_token_length) data.add_value( "maxAuthorizationGrantLifetime", max_authorization_grant_lifetime) data.add_value("pinLength", pin_length) data.add_value( "enforceSingleUseAuthorizationGrant", enforce_single_use_authorization_grant) data.add_value("issueRefreshToken", issue_refresh_token) data.add_value( "enforceSingleAccessTokenPerGrant", enforce_single_access_token_per_grant) data.add_value( "enableMultipleRefreshTokensForFaultTolerance", enable_multiple_refresh_tokens_for_fault_tolerance) data.add_value("pinPolicyEnabled", pin_policy_enabled) data.add_value("grantTypes", grant_types) response = self.client.post_json(DEFINITIONS, data.data) response.success = response.status_code == 201 return response def update_definition( self, definition_id=None, name=None, description=None, tcm_behavior=None, token_char_set=None, access_token_lifetime=None, access_token_length=None, authorization_code_lifetime=None, authorization_code_length=None, refresh_token_length=None, max_authorization_grant_lifetime=None, pin_length=None, enforce_single_use_authorization_grant=None, issue_refresh_token=None, enforce_single_access_token_per_grant=None, enable_multiple_refresh_tokens_for_fault_tolerance=None, pin_policy_enabled=None, grant_types=None, oidc_enabled=False, iss=None, poc=None, lifetime=None, alg=None, db=None, cert=None, enc_enabled=False, enc_alg=None, enc_enc=None, access_policy_id=None): data = DataObject() data.add_value_string("name", name) data.add_value_string("description", description) data.add_value_string("tcmBehavior", tcm_behavior) data.add_value_string("tokenCharSet", token_char_set) data.add_value("accessTokenLifetime", access_token_lifetime) data.add_value("accessTokenLength", access_token_length) data.add_value("authorizationCodeLifetime", authorization_code_lifetime) data.add_value("authorizationCodeLength", authorization_code_length) data.add_value("refreshTokenLength", refresh_token_length) data.add_value( "maxAuthorizationGrantLifetime", max_authorization_grant_lifetime) data.add_value("pinLength", pin_length) data.add_value( "enforceSingleUseAuthorizationGrant", enforce_single_use_authorization_grant) data.add_value("issueRefreshToken", issue_refresh_token) data.add_value( "enforceSingleAccessTokenPerGrant", enforce_single_access_token_per_grant) data.add_value( "enableMultipleRefreshTokensForFaultTolerance", enable_multiple_refresh_tokens_for_fault_tolerance) data.add_value("pinPolicyEnabled", pin_policy_enabled) data.add_value("grantTypes", grant_types) data.add_value("accessPolicyId", access_policy_id) if oidc_enabled: oidc = DataObject() oidc.add_value("enabled",True) oidc.add_value("iss",iss) oidc.add_value("poc",poc) oidc.add_value("lifetime",lifetime) oidc.add_value("alg",alg) oidc.add_value("db",db) oidc.add_value("cert",cert) if enc_enabled: enc_data = DataObject() enc_data.add_value("db",enc_db) enc_data.add_value("cert",enc_cert) oidc.add_value("enc",enc_data.data) data.add_value("oidc",oidc.data) response = self.client.put_json(DEFINITIONS+"/"+str(definition_id), data.data) response.success = response.status_code == 204 return response def delete_definition(self, id): endpoint = "%s/%s" % (DEFINITIONS, id) response = self.client.delete_json(endpoint) response.success = response.status_code == 204 return response def list_definitions( self, sort_by=None, count=None, start=None, filter=None): parameters = DataObject() parameters.add_value_string("sortBy", sort_by) parameters.add_value_string("count", count) parameters.add_value_string("start", start) parameters.add_value_string("filter", filter) response = self.client.get_json(DEFINITIONS, parameters.data) response.success = response.status_code == 200 return response def create_mapping_rule( self, name=None, category=None, file_name=None, content=None): data = DataObject() data.add_value_string("name", name) data.add_value_string("category", category) data.add_value_string("fileName", file_name) data.add_value_string("content", content) response = self.client.post_json(MAPPING_RULES, data.data) response.success = response.status_code == 201 return response def list_mapping_rules( self, sort_by=None, count=None, start=None, filter=None): parameters = DataObject() parameters.add_value_string("sortBy", sort_by) parameters.add_value_string("count", count) parameters.add_value_string("start", start) parameters.add_value_string("filter", filter) response = self.client.get_json(MAPPING_RULES, parameters.data) response.success = response.status_code == 200 return response def import_mapping_rule(self, id, file_path): response = Response() try: with open(file_path, 'rb') as mapping_rule: files = {"file": mapping_rule} endpoint = "%s/%s/file" % (MAPPING_RULES, id) accept_type = "%s,%s" % ("application/json", "text/html") response = self.client.post_file( endpoint, accept_type=accept_type, files=files) response.success = response.status_code == 200 except IOError as e: logger.error(e) response.success = False return response def update_mapping_rule(self, id, content=None): data = DataObject() data.add_value_string("content", content) endpoint = "%s/%s" % (MAPPING_RULES, id) response = self.client.put_json(endpoint, data.data) response.success = response.status_code == 204 return response