def _handleUpdateProxyAccount(self, confInfo, args):
settings = ("proxy_url", "proxy_username", "proxy_password",
"proxy_port", "proxy_enabled", "proxy_rdns", "proxy_type")
if not utils.is_true(args["proxy_enabled"][0]):
_LOGGER.info("Disabling proxy")
for k in settings:
if k not in ("proxy_type", "proxy_rdns"):
args[k] = [""]
args["proxy_enabled"][0] = "0"
confDict = self.readConf("service_now")
if (confDict.get("snow_proxy")
and confDict["snow_proxy"].get("proxy_url")):
proxy_url = confDict["snow_proxy"]["proxy_url"]
_LOGGER.info("Remove credentials for proxy %s", proxy_url)
mgr = cred.CredentialManager(self.getSessionKey(),
scc.getMgmtUri())
mgr.delete(proxy_url, self.dummy, self.appName)
if (utils.is_true(args["proxy_enabled"][0])
and args["proxy_username"][0]
and not args["proxy_password"][0]):
_LOGGER.error("Missing proxy password")
raise Exception("Missing proxy password")
self._handleUpdateAccount(confInfo, args, "snow_proxy", settings)
def get_configs(self):
meta_configs, stanza_configs = self.get_modinput_configs()
self.meta_configs = meta_configs
self.stanza_configs = stanza_configs
self.cred_manager = cred.CredentialManager(meta_configs["session_key"],
meta_configs["server_uri"])
self.app_dir = op.dirname(op.dirname(op.dirname(op.abspath(__file__))))
self.app = op.basename(self.app_dir)
return meta_configs, stanza_configs
def __init__(self):
meta_configs, stanza_configs = self.get_modinput_configs()
self.meta_configs = meta_configs
self.stanza_configs = stanza_configs
self.cred_manager = cred.CredentialManager(meta_configs["session_key"],
meta_configs["server_uri"])
self.conf_manager = conf.ConfManager(meta_configs["server_uri"],
meta_configs["session_key"])
self.appname = consts.app_name
default_configs = self._get_default_configs()
if all(default_configs[k] for k in ("url", "username", "password")):
self._set_defaults(default_configs)
self._encrypt_new_credentials(default_configs)
self._update_stanza_configs(default_configs)
self._update_workflow_action_url(default_configs)
self.default_configs = default_configs
def _get_service_now_account(self):
app = snow_consts.app_name
snow_conf = scc.getMergedConf("service_now")
snow_account = {}
for stanza in ("snow_default", "snow_account", "snow_proxy"):
snow_account.update(snow_conf[stanza])
mgr = cred.CredentialManager(self.getSessionKey(), scc.getMgmtUri())
accs = (("url", "username", "password"),
("proxy_url", "proxy_username", "proxy_password"))
for (url_k, user_k, pass_k) in accs:
url = snow_account[url_k]
username = snow_account[user_k]
password = snow_account[pass_k]
if url and username == snow_consts.encrypted \
and password == snow_consts.encrypted:
userpass = mgr.get_clear_password(url, snow_consts.dummy, app)
if not userpass:
msg = "Failed to get clear credentials for %s" % url
_LOGGER.error(msg)
raise Exception(msg)
username, password = userpass.split(snow_consts.userpass_sep)
snow_account[user_k] = username
snow_account[pass_k] = password
if snow_account["proxy_port"]:
snow_account["proxy_port"] = int(snow_account["proxy_port"])
if utils.is_false(snow_account["proxy_enabled"]):
snow_account["proxy_url"] = ""
snow_account["proxy_port"] = ""
snow_url = snow_account["url"]
if not snow_url:
raise Exception("ServiceNow account has not been setup.")
if not snow_url.startswith("https://"):
snow_url = "https://%s" % snow_url
if not snow_url.endswith("/"):
snow_url = "%s/" % snow_url
snow_account["url"] = snow_url
return snow_account
def _get_service_now_account(self):
app = snow_consts.app_name
snow_conf = scc.getMergedConf("service_now")
snow_account = {}
for stanza in ("snow_default", "snow_account", "snow_proxy"):
snow_account.update(snow_conf[stanza])
mgr = cred.CredentialManager(self.session_key, scc.getMgmtUri())
accs = (("url", "username", "password"),
("proxy_url", "proxy_username", "proxy_password"))
for (url_k, user_k, pass_k) in accs:
url = snow_account[url_k]
username = snow_account[user_k]
password = snow_account[pass_k]
if url and username == "<encrypted>" and password == "<encrypted>":
userpass = mgr.get_clear_password(url, "dummy", app)
if not userpass:
self.logger.error("Failed to get clear credentials for %s",
url)
raise Exception("Failed to get clear credentials"
" for {}".format(url))
username, password = userpass.split("``")
snow_account[user_k] = username
snow_account[pass_k] = password
if snow_account["proxy_port"]:
snow_account["proxy_port"] = int(snow_account["proxy_port"])
if utils.is_false(snow_account["proxy_enabled"]):
snow_account["proxy_url"] = ""
snow_account["proxy_port"] = ""
snow_url = snow_account["url"]
if not snow_url:
raise Exception("ServiceNow account has not been setup.")
if not snow_url.startswith("https://"):
snow_url = "https://{}".format(snow_url)
if not snow_url.endswith("/"):
snow_url = "{}/".format(snow_url)
snow_account["url"] = snow_url
return snow_account
def _decrypt_username_password(self, confDict):
accounts = (("snow_account", "username", "password", "url"),
("snow_proxy", "proxy_username", "proxy_password",
"proxy_url"))
for (stanza, user_k, passwd_k, url_k) in accounts:
if not confDict.get(stanza, None):
continue
account = confDict[stanza]
encrypted = all(
account.get(k, None) == self.encrypted
for k in (user_k, passwd_k))
if encrypted:
_LOGGER.info("decrypting")
mgr = cred.CredentialManager(self.getSessionKey(),
scc.getMgmtUri())
password = mgr.get_clear_password(account[url_k], self.dummy,
self.appName)
if password:
user_pass = password.split(self.userpass_sep)
account[user_k], account[passwd_k] = user_pass
def _handleUpdateAccount(self, confInfo, args, stanza, settings):
mgr = cred.CredentialManager(self.getSessionKey(), scc.getMgmtUri())
account = {}
for k in settings:
if args.get(k, None):
account[k] = args[k][0]
confInfo[stanza].append(k, args[k])
url = args[settings[0]][0].strip()
user = args[settings[1]][0].strip()
passwd = args[settings[2]][0].strip()
if (url and user and passwd and user != self.encrypted
and passwd != self.encrypted):
_LOGGER.info("encrypting")
userpass = self.userpass_sep.join((user, passwd))
mgr.update(url, self.dummy, userpass, self.appName)
account[settings[1]] = self.encrypted
account[settings[2]] = self.encrypted
if account:
self.writeConf("service_now", stanza, account)