def get_defaults(url, request):
if request.method != 'GET':
return
LOG.debug("DEBUG: GET mock for %s", url)
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
if 'vpn-svc/ike/policies/2' in url.path:
content = {u'kind': u'object#ike-policy',
u'priority-id': u'2',
u'version': u'v1',
u'local-auth-method': u'pre-share',
u'encryption': u'des',
u'hash': u'sha',
u'dhGroup': 1,
u'lifetime': 86400}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/ipsec/policies/' in url.path:
ipsec_policy_id = url.path.split('/')[-1]
content = {u'kind': u'object#ipsec-policy',
u'mode': u'tunnel',
u'policy-id': u'%s' % ipsec_policy_id,
u'protection-suite': {},
u'lifetime-sec': 3600,
u'pfs': u'Disable',
u'anti-replay-window-size': u'None',
u'lifetime-kb': 4608000,
u'idle-time': None}
return httmock.response(requests.codes.OK, content=content)
def get_defaults(url, request):
if request.method != "GET":
return
LOG.debug("GET mock for %s", url)
if not request.headers.get("X-auth-token", None):
return {"status_code": requests.codes.UNAUTHORIZED}
if "vpn-svc/ike/policies/2" in url.path:
content = {
u"kind": u"object#ike-policy",
u"priority-id": u"2",
u"version": u"v1",
u"local-auth-method": u"pre-share",
u"encryption": u"des",
u"hash": u"sha",
u"dhGroup": 1,
u"lifetime": 86400,
}
return httmock.response(requests.codes.OK, content=content)
if "vpn-svc/ipsec/policies/" in url.path:
ipsec_policy_id = url.path.split("/")[-1]
content = {
u"kind": u"object#ipsec-policy",
u"mode": u"tunnel",
u"policy-id": u"%s" % ipsec_policy_id,
u"protection-suite": {},
u"lifetime-sec": 3600,
u"pfs": u"Disable",
u"anti-replay-window-size": u"None",
u"lifetime-kb": 4608000,
u"idle-time": None,
}
return httmock.response(requests.codes.OK, content=content)
def get_defaults(url, request):
if request.method != 'GET':
return
LOG.debug("DEBUG: GET mock for %s", url)
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
if 'vpn-svc/ike/policies/2' in url.path:
content = {u'kind': u'object#ike-policy',
u'priority-id': u'2',
u'version': u'v1',
u'local-auth-method': u'pre-share',
u'encryption': u'des',
u'hash': u'sha',
u'dhGroup': 1,
u'lifetime': 86400}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/ipsec/policies/' in url.path:
ipsec_policy_id = url.path.split('/')[-1]
content = {u'kind': u'object#ipsec-policy',
u'mode': u'tunnel',
u'policy-id': u'%s' % ipsec_policy_id,
u'protection-suite': {},
u'lifetime-sec': 3600,
u'pfs': u'Disable',
u'anti-replay-window-size': u'None',
u'lifetime-kb': 4608000,
u'idle-time': None}
return httmock.response(requests.codes.OK, content=content)
def get_local_ip(url, request):
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
content = {u'kind': u'object#interface',
u'subnet-mask': u'255.255.255.0',
u'ip-address': u'10.5.0.2'}
return httmock.response(requests.codes.OK, content=content)
def get_local_ip(url, request):
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
content = {
u'kind': u'object#interface',
u'subnet-mask': u'255.255.255.0',
u'ip-address': u'10.5.0.2'
}
return httmock.response(requests.codes.OK, content=content)
def get_fqdn(url, request):
LOG.debug("GET FQDN mock for %s", url)
if not request.headers.get("X-auth-token", None):
return {"status_code": requests.codes.UNAUTHORIZED}
content = {
u"kind": u"object#ike-keyring",
u"keyring-name": u"5",
u"pre-shared-key-list": [{u"key": u"super-secret", u"encrypted": False, u"peer-address": u"cisco.com"}],
}
return httmock.response(requests.codes.OK, content=content)
def get_fqdn(url, request):
LOG.debug("DEBUG: GET FQDN mock for %s", url)
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
content = {u'kind': u'object#ike-keyring',
u'keyring-name': u'5',
u'pre-shared-key-list': [
{u'key': u'super-secret',
u'encrypted': False,
u'peer-address': u'cisco.com'}
]}
return httmock.response(requests.codes.OK, content=content)
def get_fqdn(url, request):
LOG.debug("DEBUG: GET FQDN mock for %s", url)
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
content = {u'kind': u'object#ike-keyring',
u'keyring-name': u'5',
u'pre-shared-key-list': [
{u'key': u'super-secret',
u'encrypted': False,
u'peer-address': u'cisco.com'}
]}
return httmock.response(requests.codes.OK, content=content)
def get_unnumbered(url, request):
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
if FIXED_CSCum50512:
tunnel = url.path.split('/')[-1]
ipsec_policy_id = tunnel[6:]
content = {u'kind': u'object#vpn-site-to-site',
u'vpn-interface-name': u'%s' % tunnel,
u'ip-version': u'ipv4',
u'vpn-type': u'site-to-site',
u'ipsec-policy-id': u'%s' % ipsec_policy_id,
u'ike-profile-id': None,
u'mtu': 1500,
u'local-device': {
u'ip-address': u'unnumbered GigabitEthernet3',
u'tunnel-ip-address': u'10.10.10.10'
},
u'remote-device': {
u'tunnel-ip-address': u'10.10.10.20'
}}
return httmock.response(requests.codes.OK, content=content)
else:
return httmock.response(requests.codes.INTERNAL_SERVER_ERROR)
def get_mtu(url, request):
if not request.headers.get("X-auth-token", None):
return {"status_code": requests.codes.UNAUTHORIZED}
tunnel = url.path.split("/")[-1]
ipsec_policy_id = tunnel[6:]
content = {
u"kind": u"object#vpn-site-to-site",
u"vpn-interface-name": u"%s" % tunnel,
u"ip-version": u"ipv4",
u"vpn-type": u"site-to-site",
u"ipsec-policy-id": u"%s" % ipsec_policy_id,
u"ike-profile-id": None,
u"mtu": 9192,
u"local-device": {u"ip-address": u"10.3.0.1/24", u"tunnel-ip-address": u"10.10.10.10"},
u"remote-device": {u"tunnel-ip-address": u"10.10.10.20"},
}
return httmock.response(requests.codes.OK, content=content)
def get_no_ah(url, request):
LOG.debug("GET No AH mock for %s", url)
if not request.headers.get("X-auth-token", None):
return {"status_code": requests.codes.UNAUTHORIZED}
ipsec_policy_id = url.path.split("/")[-1]
content = {
u"kind": u"object#ipsec-policy",
u"mode": u"tunnel",
u"anti-replay-window-size": u"128",
u"policy-id": u"%s" % ipsec_policy_id,
u"protection-suite": {u"esp-encryption": u"esp-aes", u"esp-authentication": u"esp-sha-hmac"},
u"lifetime-sec": 120,
u"pfs": u"group5",
u"lifetime-kb": 4608000,
u"idle-time": None,
}
return httmock.response(requests.codes.OK, content=content)
def get_no_ah(url, request):
LOG.debug("DEBUG: GET No AH mock for %s", url)
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
ipsec_policy_id = url.path.split('/')[-1]
content = {u'kind': u'object#ipsec-policy',
u'mode': u'tunnel',
u'anti-replay-window-size': u'128',
u'policy-id': u'%s' % ipsec_policy_id,
u'protection-suite': {
u'esp-encryption': u'esp-aes',
u'esp-authentication': u'esp-sha-hmac',
},
u'lifetime-sec': 120,
u'pfs': u'group5',
u'lifetime-kb': 4608000,
u'idle-time': None}
return httmock.response(requests.codes.OK, content=content)
def get_no_ah(url, request):
LOG.debug("DEBUG: GET No AH mock for %s", url)
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
ipsec_policy_id = url.path.split('/')[-1]
content = {u'kind': u'object#ipsec-policy',
u'mode': u'tunnel',
u'anti-replay-window-size': u'128',
u'policy-id': u'%s' % ipsec_policy_id,
u'protection-suite': {
u'esp-encryption': u'esp-aes',
u'esp-authentication': u'esp-sha-hmac',
},
u'lifetime-sec': 120,
u'pfs': u'group5',
u'lifetime-kb': 4608000,
u'idle-time': None}
return httmock.response(requests.codes.OK, content=content)
def get_mtu(url, request):
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
tunnel = url.path.split('/')[-1]
ipsec_policy_id = tunnel[6:]
content = {u'kind': u'object#vpn-site-to-site',
u'vpn-interface-name': u'%s' % tunnel,
u'ip-version': u'ipv4',
u'vpn-type': u'site-to-site',
u'ipsec-policy-id': u'%s' % ipsec_policy_id,
u'ike-profile-id': None,
u'mtu': 9192,
u'local-device': {
u'ip-address': u'10.3.0.1/24',
u'tunnel-ip-address': u'10.10.10.10'
},
u'remote-device': {
u'tunnel-ip-address': u'10.10.10.20'
}}
return httmock.response(requests.codes.OK, content=content)
def get_mtu(url, request):
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
tunnel = url.path.split('/')[-1]
ipsec_policy_id = tunnel[6:]
content = {u'kind': u'object#vpn-site-to-site',
u'vpn-interface-name': u'%s' % tunnel,
u'ip-version': u'ipv4',
u'vpn-type': u'site-to-site',
u'ipsec-policy-id': u'%s' % ipsec_policy_id,
u'ike-profile-id': None,
u'mtu': 9192,
u'local-device': {
u'ip-address': u'10.3.0.1/24',
u'tunnel-ip-address': u'10.10.10.10'
},
u'remote-device': {
u'tunnel-ip-address': u'10.10.10.20'
}}
return httmock.response(requests.codes.OK, content=content)
def post(url, request):
if request.method != 'POST':
return
LOG.debug("POST mock for %s", url)
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
if 'interfaces/GigabitEthernet' in url.path:
return {'status_code': requests.codes.NO_CONTENT}
if 'global/local-users' in url.path:
if 'username' not in request.body:
return {'status_code': requests.codes.BAD_REQUEST}
if '"privilege": 20' in request.body:
return {'status_code': requests.codes.BAD_REQUEST}
headers = {'location': '%s/test-user' % url.geturl()}
return httmock.response(requests.codes.CREATED, headers=headers)
if 'vpn-svc/ike/policies' in url.path:
headers = {'location': "%s/2" % url.geturl()}
return httmock.response(requests.codes.CREATED, headers=headers)
if 'vpn-svc/ipsec/policies' in url.path:
m = re.search(r'"policy-id": "(\S+)"', request.body)
if m:
headers = {'location': "%s/%s" % (url.geturl(), m.group(1))}
return httmock.response(requests.codes.CREATED, headers=headers)
return {'status_code': requests.codes.BAD_REQUEST}
if 'vpn-svc/ike/keyrings' in url.path:
headers = {'location': "%s/5" % url.geturl()}
return httmock.response(requests.codes.CREATED, headers=headers)
if 'vpn-svc/site-to-site' in url.path:
m = re.search(r'"vpn-interface-name": "(\S+)"', request.body)
if m:
headers = {'location': "%s/%s" % (url.geturl(), m.group(1))}
return httmock.response(requests.codes.CREATED, headers=headers)
return {'status_code': requests.codes.BAD_REQUEST}
if 'routing-svc/static-routes' in url.path:
headers = {
'location': "%s/10.1.0.0_24_GigabitEthernet1" % url.geturl()
}
return httmock.response(requests.codes.CREATED, headers=headers)
def post(url, request):
if request.method != 'POST':
return
LOG.debug("DEBUG: POST mock for %s", url)
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
if 'interfaces/GigabitEthernet' in url.path:
return {'status_code': requests.codes.NO_CONTENT}
if 'global/local-users' in url.path:
if 'username' not in request.body:
return {'status_code': requests.codes.BAD_REQUEST}
if '"privilege": 20' in request.body:
return {'status_code': requests.codes.BAD_REQUEST}
headers = {'location': '%s/test-user' % url.geturl()}
return httmock.response(requests.codes.CREATED, headers=headers)
if 'vpn-svc/ike/policies' in url.path:
headers = {'location': "%s/2" % url.geturl()}
return httmock.response(requests.codes.CREATED, headers=headers)
if 'vpn-svc/ipsec/policies' in url.path:
m = re.search(r'"policy-id": "(\S+)"', request.body)
if m:
headers = {'location': "%s/%s" % (url.geturl(), m.group(1))}
return httmock.response(requests.codes.CREATED, headers=headers)
return {'status_code': requests.codes.BAD_REQUEST}
if 'vpn-svc/ike/keyrings' in url.path:
headers = {'location': "%s/5" % url.geturl()}
return httmock.response(requests.codes.CREATED, headers=headers)
if 'vpn-svc/site-to-site' in url.path:
m = re.search(r'"vpn-interface-name": "(\S+)"', request.body)
if m:
headers = {'location': "%s/%s" % (url.geturl(), m.group(1))}
return httmock.response(requests.codes.CREATED, headers=headers)
return {'status_code': requests.codes.BAD_REQUEST}
if 'routing-svc/static-routes' in url.path:
headers = {'location':
"%s/10.1.0.0_24_GigabitEthernet1" % url.geturl()}
return httmock.response(requests.codes.CREATED, headers=headers)
def normal_get(url, request):
if request.method != "GET":
return
LOG.debug("GET mock for %s", url)
if not request.headers.get("X-auth-token", None):
return {"status_code": requests.codes.UNAUTHORIZED}
if "global/host-name" in url.path:
content = {u"kind": u"object#host-name", u"host-name": u"Router"}
return httmock.response(requests.codes.OK, content=content)
if "global/local-users" in url.path:
content = {u"kind": u"collection#local-user", u"users": ["peter", "paul", "mary"]}
return httmock.response(requests.codes.OK, content=content)
if "interfaces/GigabitEthernet" in url.path:
actual_interface = url.path.split("/")[-1]
ip = actual_interface[-1]
content = {
u"kind": u"object#interface",
u"description": u"Changed description",
u"if-name": actual_interface,
u"proxy-arp": True,
u"subnet-mask": u"255.255.255.0",
u"icmp-unreachable": True,
u"nat-direction": u"",
u"icmp-redirects": True,
u"ip-address": u"192.168.200.%s" % ip,
u"verify-unicast-source": False,
u"type": u"ethernet",
}
return httmock.response(requests.codes.OK, content=content)
if "vpn-svc/ike/policies/2" in url.path:
content = {
u"kind": u"object#ike-policy",
u"priority-id": u"2",
u"version": u"v1",
u"local-auth-method": u"pre-share",
u"encryption": u"aes256",
u"hash": u"sha",
u"dhGroup": 5,
u"lifetime": 3600,
}
return httmock.response(requests.codes.OK, content=content)
if "vpn-svc/ike/keyrings" in url.path:
content = {
u"kind": u"object#ike-keyring",
u"keyring-name": u"5",
u"pre-shared-key-list": [
{u"key": u"super-secret", u"encrypted": False, u"peer-address": u"10.10.10.20 255.255.255.0"}
],
}
return httmock.response(requests.codes.OK, content=content)
if "vpn-svc/ipsec/policies/" in url.path:
ipsec_policy_id = url.path.split("/")[-1]
content = {
u"kind": u"object#ipsec-policy",
u"mode": u"tunnel",
u"policy-id": u"%s" % ipsec_policy_id,
u"protection-suite": {
u"esp-encryption": u"esp-256-aes",
u"esp-authentication": u"esp-sha-hmac",
u"ah": u"ah-sha-hmac",
},
u"anti-replay-window-size": u"Disable",
u"lifetime-sec": 120,
u"pfs": u"group5",
u"lifetime-kb": 4608000,
u"idle-time": None,
}
return httmock.response(requests.codes.OK, content=content)
if "vpn-svc/site-to-site/Tunnel" in url.path:
tunnel = url.path.split("/")[-1]
# Use same number, to allow mock to generate IPSec policy ID
ipsec_policy_id = tunnel[6:]
content = {
u"kind": u"object#vpn-site-to-site",
u"vpn-interface-name": u"%s" % tunnel,
u"ip-version": u"ipv4",
u"vpn-type": u"site-to-site",
u"ipsec-policy-id": u"%s" % ipsec_policy_id,
u"ike-profile-id": None,
u"mtu": 1500,
u"local-device": {u"ip-address": "10.3.0.1/24", u"tunnel-ip-address": "10.10.10.10"},
u"remote-device": {u"tunnel-ip-address": "10.10.10.20"},
}
return httmock.response(requests.codes.OK, content=content)
if "vpn-svc/ike/keepalive" in url.path:
content = {u"interval": 60, u"retry": 4, u"periodic": True}
return httmock.response(requests.codes.OK, content=content)
if "routing-svc/static-routes" in url.path:
content = {
u"destination-network": u"10.1.0.0/24",
u"kind": u"object#static-route",
u"next-hop-router": None,
u"outgoing-interface": u"GigabitEthernet1",
u"admin-distance": 1,
}
return httmock.response(requests.codes.OK, content=content)
if "vpn-svc/site-to-site/active/sessions" in url.path:
# Only including needed fields for mock
content = {
u"kind": u"collection#vpn-active-sessions",
u"items": [{u"status": u"DOWN-NEGOTIATING", u"vpn-interface-name": u"Tunnel123"}],
}
return httmock.response(requests.codes.OK, content=content)
def get_none(url, request):
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
content = {u'kind': u'collection#vpn-active-sessions',
u'items': []}
return httmock.response(requests.codes.OK, content=content)
def get_none(url, request):
if not request.headers.get("X-auth-token", None):
return {"status_code": requests.codes.UNAUTHORIZED}
content = {u"kind": u"collection#vpn-active-sessions", u"items": []}
return httmock.response(requests.codes.OK, content=content)
def get_local_ip(url, request):
if not request.headers.get("X-auth-token", None):
return {"status_code": requests.codes.UNAUTHORIZED}
content = {u"kind": u"object#interface", u"subnet-mask": u"255.255.255.0", u"ip-address": u"10.5.0.2"}
return httmock.response(requests.codes.OK, content=content)
def normal_get(url, request):
if request.method != 'GET':
return
LOG.debug("DEBUG: GET mock for %s", url)
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
if 'global/host-name' in url.path:
content = {u'kind': u'object#host-name',
u'host-name': u'Router'}
return httmock.response(requests.codes.OK, content=content)
if 'global/local-users' in url.path:
content = {u'kind': u'collection#local-user',
u'users': ['peter', 'paul', 'mary']}
return httmock.response(requests.codes.OK, content=content)
if 'interfaces/GigabitEthernet' in url.path:
actual_interface = url.path.split('/')[-1]
ip = actual_interface[-1]
content = {u'kind': u'object#interface',
u'description': u'Changed description',
u'if-name': actual_interface,
u'proxy-arp': True,
u'subnet-mask': u'255.255.255.0',
u'icmp-unreachable': True,
u'nat-direction': u'',
u'icmp-redirects': True,
u'ip-address': u'192.168.200.%s' % ip,
u'verify-unicast-source': False,
u'type': u'ethernet'}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/ike/policies/2' in url.path:
content = {u'kind': u'object#ike-policy',
u'priority-id': u'2',
u'version': u'v1',
u'local-auth-method': u'pre-share',
u'encryption': u'aes',
u'hash': u'sha',
u'dhGroup': 5,
u'lifetime': 3600}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/ike/keyrings' in url.path:
content = {u'kind': u'object#ike-keyring',
u'keyring-name': u'5',
u'pre-shared-key-list': [
{u'key': u'super-secret',
u'encrypted': False,
u'peer-address': u'10.10.10.20 255.255.255.0'}
]}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/ipsec/policies/' in url.path:
ipsec_policy_id = url.path.split('/')[-1]
content = {u'kind': u'object#ipsec-policy',
u'mode': u'tunnel',
u'policy-id': u'%s' % ipsec_policy_id,
u'protection-suite': {
u'esp-encryption': u'esp-aes',
u'esp-authentication': u'esp-sha-hmac',
u'ah': u'ah-sha-hmac',
},
u'anti-replay-window-size': u'128',
u'lifetime-sec': 120,
u'pfs': u'group5',
u'lifetime-kb': 4608000,
u'idle-time': None}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/site-to-site/Tunnel' in url.path:
tunnel = url.path.split('/')[-1]
# Use same number, to allow mock to generate IPSec policy ID
ipsec_policy_id = tunnel[6:]
content = {u'kind': u'object#vpn-site-to-site',
u'vpn-interface-name': u'%s' % tunnel,
u'ip-version': u'ipv4',
u'vpn-type': u'site-to-site',
u'ipsec-policy-id': u'%s' % ipsec_policy_id,
u'ike-profile-id': None,
u'mtu': 1500,
u'local-device': {
u'ip-address': '10.3.0.1/24',
u'tunnel-ip-address': '10.10.10.10'
},
u'remote-device': {
u'tunnel-ip-address': '10.10.10.20'
}}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/ike/keepalive' in url.path:
content = {u'interval': 60,
u'retry': 4,
u'periodic': True}
return httmock.response(requests.codes.OK, content=content)
if 'routing-svc/static-routes' in url.path:
content = {u'destination-network': u'10.1.0.0/24',
u'kind': u'object#static-route',
u'next-hop-router': None,
u'outgoing-interface': u'GigabitEthernet1',
u'admin-distance': 1}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/site-to-site/active/sessions':
# Only including needed fields for mock
content = {u'kind': u'collection#vpn-active-sessions',
u'items': [{u'status': u'DOWN-NEGOTIATING',
u'vpn-interface-name': u'Tunnel123'}, ]}
return httmock.response(requests.codes.OK, content=content)
def normal_get(url, request):
if request.method != 'GET':
return
LOG.debug("DEBUG: GET mock for %s", url)
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
if 'global/host-name' in url.path:
content = {u'kind': u'object#host-name',
u'host-name': u'Router'}
return httmock.response(requests.codes.OK, content=content)
if 'global/local-users' in url.path:
content = {u'kind': u'collection#local-user',
u'users': ['peter', 'paul', 'mary']}
return httmock.response(requests.codes.OK, content=content)
if 'interfaces/GigabitEthernet' in url.path:
actual_interface = url.path.split('/')[-1]
ip = actual_interface[-1]
content = {u'kind': u'object#interface',
u'description': u'Changed description',
u'if-name': actual_interface,
u'proxy-arp': True,
u'subnet-mask': u'255.255.255.0',
u'icmp-unreachable': True,
u'nat-direction': u'',
u'icmp-redirects': True,
u'ip-address': u'192.168.200.%s' % ip,
u'verify-unicast-source': False,
u'type': u'ethernet'}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/ike/policies/2' in url.path:
content = {u'kind': u'object#ike-policy',
u'priority-id': u'2',
u'version': u'v1',
u'local-auth-method': u'pre-share',
u'encryption': u'aes',
u'hash': u'sha',
u'dhGroup': 5,
u'lifetime': 3600}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/ike/keyrings' in url.path:
content = {u'kind': u'object#ike-keyring',
u'keyring-name': u'5',
u'pre-shared-key-list': [
{u'key': u'super-secret',
u'encrypted': False,
u'peer-address': u'10.10.10.20 255.255.255.0'}
]}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/ipsec/policies/' in url.path:
ipsec_policy_id = url.path.split('/')[-1]
content = {u'kind': u'object#ipsec-policy',
u'mode': u'tunnel',
u'policy-id': u'%s' % ipsec_policy_id,
u'protection-suite': {
u'esp-encryption': u'esp-aes',
u'esp-authentication': u'esp-sha-hmac',
u'ah': u'ah-sha-hmac',
},
u'anti-replay-window-size': u'128',
u'lifetime-sec': 120,
u'pfs': u'group5',
u'lifetime-kb': 4608000,
u'idle-time': None}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/site-to-site/Tunnel' in url.path:
tunnel = url.path.split('/')[-1]
# Use same number, to allow mock to generate IPSec policy ID
ipsec_policy_id = tunnel[6:]
content = {u'kind': u'object#vpn-site-to-site',
u'vpn-interface-name': u'%s' % tunnel,
u'ip-version': u'ipv4',
u'vpn-type': u'site-to-site',
u'ipsec-policy-id': u'%s' % ipsec_policy_id,
u'ike-profile-id': None,
u'mtu': 1500,
u'local-device': {
u'ip-address': '10.3.0.1/24',
u'tunnel-ip-address': '10.10.10.10'
},
u'remote-device': {
u'tunnel-ip-address': '10.10.10.20'
}}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/ike/keepalive' in url.path:
content = {u'interval': 60,
u'retry': 4,
u'periodic': True}
return httmock.response(requests.codes.OK, content=content)
if 'routing-svc/static-routes' in url.path:
content = {u'destination-network': u'10.1.0.0/24',
u'kind': u'object#static-route',
u'next-hop-router': None,
u'outgoing-interface': u'GigabitEthernet1',
u'admin-distance': 1}
return httmock.response(requests.codes.OK, content=content)
if 'vpn-svc/site-to-site/active/sessions' in url.path:
# Only including needed fields for mock
content = {u'kind': u'collection#vpn-active-sessions',
u'items': [{u'status': u'DOWN-NEGOTIATING',
u'vpn-interface-name': u'Tunnel123'}, ]}
return httmock.response(requests.codes.OK, content=content)
def get_none(url, request):
if not request.headers.get('X-auth-token', None):
return {'status_code': requests.codes.UNAUTHORIZED}
content = {u'kind': u'collection#vpn-active-sessions',
u'items': []}
return httmock.response(requests.codes.OK, content=content)
