def get_security_context(self, on_error):
"""
Retrieve security context. If this method is called after an error
occured, then a new access token is obtained using the refresh token and
a new security context is created.
:type on_error: :class:`bool`
:param on_error: Whether this method is called after getting an error
:rtype: :class:`vmware.vapi.core.SecurityContext`
:return: Security context
"""
if on_error or not self._access_token:
token = self._session.post(self._refresh_url, data=self._data).json()
self._access_token = token['access_token']
return create_oauth_security_context(self._access_token)
parser.add_argument('--skipverification',
action='store_true',
help='Skip Server Certificate Verification')
args = parser.parse_args()
session = requests.session()
if args.skipverification:
session = get_unverified_session()
stub_config = StubConfigurationFactory.new_std_configuration(
get_requests_connector(session=session,
url=HTTP_ENDPOINT.format(args.vcenter_server)))
# create oauth security context for authentication
oauth_security_context = create_oauth_security_context(args.subject_token)
stub_config.connector.set_security_context(oauth_security_context)
token_exchange = TokenExchange(stub_config)
exchange_spec = token_exchange.ExchangeSpec(
grant_type=token_exchange.TOKEN_EXCHANGE_GRANT,
subject_token_type=token_exchange.ACCESS_TOKEN_TYPE,
actor_token_type=token_exchange.ID_TOKEN_TYPE,
requested_token_type=token_exchange.SAML2_TOKEN_TYPE,
actor_token=args.actor_token,
subject_token=args.subject_token)
response = token_exchange.exchange(exchange_spec)
saml_token = response.access_token
# convert saml token to saml assertion
samlAssertion = etree.tostring(
def test_security_context(self):
ctx = create_oauth_security_context('token')
self.assertEqual(ctx[SCHEME_ID], OAUTH_SCHEME_ID)
self.assertEqual(ctx[ACCESS_TOKEN], 'token')