def content_request(uri, session_key, method, payload, err_msg): """ :return: response content if successful otherwise raise ConfRequestException """ resp, content = rest.splunkd_request(uri, session_key, method, data=payload, retry=3) if resp is None and content is None: return None if resp.status >= 200 and resp.status <= 204: return content else: msg = "{}, status={}, reason={}, detail={}".format( err_msg, resp.status, resp.reason, content) logger.error(msg) if resp.status == 404: raise ConfNotExistsException(msg) if resp.status == 409: raise ConfExistsException(msg) else: if content and "already exists" in content: raise ConfExistsException(msg) raise ConfRequestException(msg)
def _get_credentials(self, prop, name=None): """ :return: clear or encrypted password for specified realm, user """ endpoint = self._get_endpoint(name, True) response, content = rest.splunkd_request(endpoint, self._session_key, method="GET") if response is None and content is None: raise CredException("Failed to get clear credentials") results = {} if response and response.status in (200, 201) and content: passwords = xdp.parse_conf_xml_dom(content) for password in passwords: if password.get("realm") == self._realm: values = password[prop].split(self._sep) if len(values) % 2 == 1: continue result = { values[i]: values[i + 1] for i in range(0, len(values), 2) } results[password.get("username")] = result return results
def get_session_key(username, password, splunkd_uri="https://localhost:8089"): """ Get session key by using login username and passwrod :return: session_key if successful, None if failed """ eid = "".join((splunkd_uri, "/services/auth/login")) postargs = { "username": username, "password": password, } response, content = rest.splunkd_request(eid, None, method="POST", data=postargs) if response is None and content is None: raise CredException("Get session key failed.") xml_obj = xdm.parseString(content) session_nodes = xml_obj.getElementsByTagName("sessionKey") if not session_nodes: raise CredException("Invalid username or password.") session_key = session_nodes[0].firstChild.nodeValue if not session_key: raise CredException("Get session key failed.") return session_key
def get_session_key(username, password, splunkd_uri="https://localhost:8089"): """ Get session key by using login username and passwrod :return: session_key if successful, None if failed """ eid = "".join((splunkd_uri, "/services/auth/login")) postargs = {"username": username, "password": password, } response, content = rest.splunkd_request( eid, None, method="POST", data=postargs) if response is None and content is None: raise CredException("Get session key failed.") xml_obj = xdm.parseString(content) session_nodes = xml_obj.getElementsByTagName("sessionKey") if not session_nodes: raise CredException("Invalid username or password.") session_key = session_nodes[0].firstChild.nodeValue if not session_key: raise CredException("Get session key failed.") return session_key
def _get_credentials(self, prop, name=None): """ :return: clear or encrypted password for specified realm, user """ endpoint = self._get_endpoint(name, True) response, content = rest.splunkd_request( endpoint, self._session_key, method="GET") if response is None and content is None: raise CredException("Failed to get clear credentials") results = {} if response and response.status in (200, 201) and content: passwords = xdp.parse_conf_xml_dom(content) for password in passwords: if password.get("realm") == self._realm: values = password[prop].split(self._sep) if len(values) % 2 == 1: continue result = { values[i]: values[i + 1] for i in range(0, len(values), 2) } results[password.get("username")] = result return results
def _do_rest(uri, session_key): resp, content = rest.splunkd_request(uri, session_key) if resp is None: return None if resp.status not in (200, 201): return None stanza_objs = xdp.parse_conf_xml_dom(content) if not stanza_objs: return None return stanza_objs[0]
def delete(self, name, throw=False): """ Delete the encrypted entry """ endpoint = self._get_endpoint(name) response, content = rest.splunkd_request(endpoint, self._session_key, method="DELETE") if not response or response not in (200, 201): if throw: raise CredException( "Failed to delete credential stanza {}".format(name))
def delete(self, name, throw=False): """ Delete the encrypted entry """ endpoint = self._get_endpoint(name) response, content = rest.splunkd_request( endpoint, self._session_key, method="DELETE") if not response or response not in (200, 201): if throw: raise CredException( "Failed to delete credential stanza {}".format(name))
def get_all_passwords(self): """ :return: a list of dict when successful, None when failed. the dict at least contains { "realm": xxx, "username": yyy, "clear_password": zzz, } """ endpoint = "{}/services/storage/passwords".format(self._splunkd_uri) response, content = rest.splunkd_request(endpoint, self._session_key, method="GET") if response and response.status in (200, 201) and content: return xdp.parse_conf_xml_dom(content) raise CredException("Failed to get credentials")
def _create(self, name, str_to_encrypt): """ Create a new stored credential. :return: raise on failure """ payload = { "name": name, "password": str_to_encrypt, "realm": self._realm, } endpoint = self._get_endpoint(name) resp, content = rest.splunkd_request(endpoint, self._session_key, method="POST", data=payload) if not resp or resp.status not in (200, 201): raise CredException("Failed to encrypt username {}".format(name))
def get_all_passwords(self): """ :return: a list of dict when successful, None when failed. the dict at least contains { "realm": xxx, "username": yyy, "clear_password": zzz, } """ endpoint = "{}/services/storage/passwords".format(self._splunkd_uri) response, content = rest.splunkd_request( endpoint, self._session_key, method="GET") if response and response.status in (200, 201) and content: return xdp.parse_conf_xml_dom(content) raise CredException("Failed to get credentials")
def _do_request(self, uri, method, data=None, content_type="application/x-www-form-urlencoded"): headers = {"Content-Type": content_type} resp, content = rest.splunkd_request(uri, self._session_key, method, headers, data) if resp is None and content is None: raise KVException("Failed uri={0}, data={1}".format(uri, data)) if resp.status in (200, 201): return content elif resp.status == 409: raise KVAlreadyExists("{0}-{1} already exists".format(uri, data)) elif resp.status == 404: raise KVNotExists("{0}-{1} not exists".format(uri, data)) else: raise KVException("Failed to {0} {1}, reason={2}".format( method, uri, resp.reason))