def streamingservice_device_validatecode():
logger.debug("streamingservice_device_validatecode()")
url = "https://jl0tn0gk0e.execute-api.us-east-2.amazonaws.com/default/prd-zartan-deviceinformation?user_code=" + request.form["user_code"]
headers = {
"x-api-key": session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["aws_api_key"],
}
s3response = RestUtil.execute_get(url, headers=headers)
if ("device_code" in s3response):
logger.debug("Save Device State")
state = str(uuid.uuid4())
session["device_state"] = state
url = "https://d9qgirtrci.execute-api.us-east-2.amazonaws.com/default/prd-zartan-devicestate"
headers = {
"x-api-key": session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]["aws_api_key"],
}
body = {
"device_code": s3response['device_code'],
"device_id": s3response['device_id'],
"state": state
}
RestUtil.execute_post(url, body, headers=headers)
response = url_for(
"streamingservice_views_bp.streamingservice_device_register",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"]
)
else:
response = "invalid"
return response
def get_oauth_token_from_login(code,
grant_type,
auth_options=None,
headers=None):
logger.debug("OktaAuth.get_oauth_token()")
okta_headers = OktaUtil.get_oauth_okta_headers(headers)
redirect_url = url_for(
"streamingservice_views_bp.streamingservice_callback",
_external=True,
_scheme=session[SESSION_INSTANCE_SETTINGS_KEY]["app_scheme"])
url = ("{issuer}/v1/token?"
"grant_type={grant_type}&"
"code={code}&"
"redirect_uri={redirect_uri}").format(
issuer=session[SESSION_INSTANCE_SETTINGS_KEY]["issuer"],
code=code,
redirect_uri=redirect_url,
grant_type=grant_type)
body = {"authorization_code": code}
if auth_options:
for key in auth_options:
url = "{url}&{key}={value}".format(url=url,
key=key,
value=auth_options[key])
return RestUtil.execute_post(url, body, okta_headers)
def get_udp_oauth_access_token(udp_config):
logger.debug("get_app_vertical()")
results = None
udp_issuer = udp_config["issuer"]
udp_token_endpoint = "{issuer}/v1/token".format(issuer=udp_issuer)
udp_oauth_client_id = udp_config["client_id"]
udp_oauth_client_secret = udp_config["client_secret"]
basic_auth_encoded = OktaUtil.get_encoded_auth(udp_oauth_client_id,
udp_oauth_client_secret)
oauth2_headers = {
"Accept": "application/json",
"Content-Type": "application/x-www-form-urlencoded",
"Authorization": "Basic {0}".format(basic_auth_encoded)
}
# logger.debug(oauth2_headers)
url = "{0}?grant_type=client_credentials&scope=secrets:read".format(
udp_token_endpoint)
responseData = RestUtil.execute_post(url, headers=oauth2_headers)
# logger.debug(responseData)
if "access_token" in responseData:
results = responseData["access_token"]
else:
logger.warning(
"Failed to get UDP Service OAuth token: {message}".format(
message=responseData))
return results
def gbac_idverification_getverificationcode():
logger.debug("gbac_idverification_bp")
user_info = get_userinfo()
okta_admin = OktaAdmin(session[SESSION_INSTANCE_SETTINGS_KEY])
user = okta_admin.get_user(user_info["sub"])
evidenttoken = ""
basicauth = OktaUtil.get_encoded_auth("okta", "Ry4EZf8SyxKyStLK6BqxBBLXEW4SrIo6hc0m2rR3PoI")
headers = {
"Accept": "application/json",
"Content-Type": "application/json",
"Authorization": "Basic {0}".format(basicauth)
}
my_str = user["profile"]["email"]
idx = my_str.index("@")
email = my_str[:idx] + str(time.time()) + my_str[idx:]
body = {
"email": email,
"templateId": "1ce55f4e-7bb2-4907-9643-dc61f1f04f4d"
}
response = RestUtil.execute_post(" https://verify.api.demo.evidentid.com/api/v1/verify/requests", headers=headers, body=body)
evidenttoken = response["userIdentityToken"]
user_data = {"profile": {get_udp_ns_fieldname("evident_id"): response["id"]}}
okta_admin.update_user(user["id"], user_data)
return evidenttoken
def addLoggedInCustomerOrderDeliveryMode(self, order_cart_code):
self.logger.debug("Hybris add delivery mode to cart")
hybris_headers = self.get_post_hybris_headers(self.user_token)
body = {'deliveryModeId': 'premium-gross'}
url = "{hybris_url}/rest/v2/electronics/users/current/carts/{cart_id}/deliverymode".format(
hybris_url=self.hybris_base_url, cart_id=order_cart_code)
return RestUtil.execute_put_nonjson(url, body, hybris_headers)
def submitLoggedInCustomerOrder(self, order_cart_code):
self.logger.debug("Hybris submit order")
hybris_headers = self.get_post_hybris_headers(self.user_token)
body = {'cartId': order_cart_code, 'securityCode': '12345'}
url = "{hybris_url}/rest/v2/electronics/users/current/orders".format(
hybris_url=self.hybris_base_url)
return RestUtil.execute_post_nonjson(url, body, hybris_headers)
def systemSubmitGuestOrder(self, cart):
self.logger.debug("Hybris submit order")
hybris_headers = self.get_post_hybris_headers(self.system_token)
body = {'cartId': cart, 'securityCode': '12345'}
url = "{hybris_url}/rest/v2/electronics/users/anonymous/orders".format(
hybris_url=self.hybris_base_url)
return RestUtil.execute_post_nonjson(url, body, hybris_headers)
def addAddressForLoggedInCustomer(self, details):
self.logger.debug("Hybris Add Address")
hybris_headers = self.get_post_hybris_headers(self.user_token)
url = "{hybris_url}/rest/v2/electronics/users/current/addresses".format(
hybris_url=self.hybris_base_url)
self.logger.debug("Post Body:{body}".format(body=details))
return RestUtil.execute_post_nonjson(url, details, hybris_headers)
def systemAddGuestDeliveryDetails(self, cart, address_details):
self.logger.debug("Hybris add delivery details to cart")
hybris_headers = self.get_post_hybris_headers(self.system_token)
url = "{hybris_url}/rest/v2/electronics/users/anonymous/carts/{cart_id}/addresses/delivery".format(
hybris_url=self.hybris_base_url, cart_id=cart)
return RestUtil.execute_post_nonjson(url, address_details,
hybris_headers)
def systemAddGuestDeliveryMode(self, cart):
self.logger.debug("Hybris add delivery mode to cart")
hybris_headers = self.get_post_hybris_headers(self.system_token)
body = {'deliveryModeId': 'premium-gross'}
url = "{hybris_url}/rest/v2/electronics/users/anonymous/carts/{cart_id}/deliverymode".format(
hybris_url=self.hybris_base_url, cart_id=cart)
return RestUtil.execute_put_nonjson(url, body, hybris_headers)
def assignGuestCartToLoggedInCustomer(self, guestCartGuid):
self.logger.debug("Hybris Assign guest->customer cart")
hybris_headers = self.get_post_hybris_headers(self.user_token)
body = {'oldCartId': guestCartGuid}
url = "{hybris_url}/rest/v2/electronics/users/current/carts".format(
hybris_url=self.hybris_base_url)
return RestUtil.execute_post_nonjson(url, body, hybris_headers)
def send_mail_via_sparkpost(subject, message, recipients):
Email.logger.debug("send_mail_via_sparkpost()")
url = "https://api.sparkpost.com/api/v1/transmissions"
headers = {
"Authorization":
session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]
["sparkpost_api_key"],
"Content-Type":
"application/json"
}
body = {
"options": {
"sandbox": False
},
"content": {
"from":
"noreply@{domain}".format(
domain=session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]
["sparkpost_from_domain"]),
"subject":
subject,
"html":
message
},
"recipients": recipients
}
return RestUtil.execute_post(url, body, headers=headers)
def send_mail_via_sendgrid(subject, message, recipients):
Email.logger.debug("send_mail_via_sendgrid()")
logging.debug(recipients)
url = "https://api.sendgrid.com/v3/mail/send"
headers = {
"Authorization":
"Bearer {apikey}".format(
apikey=session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]
["sendgrid_api_key"]),
"Content-Type":
"application/json"
}
body = {
"personalizations": [{
"to": [{
"email": recipients[0]['address']
}]
}],
"from": {
"email":
"noreply@{domain}".format(
domain=session[SESSION_INSTANCE_SETTINGS_KEY]["settings"]
["sendgrid_from_domain"])
},
"subject": subject,
"content": [{
"type": "text/html",
"value": message
}]
}
return RestUtil.execute_post(url, body, headers=headers)
def get_oauth_token(self,
code,
grant_type,
auth_options=None,
headers=None):
print("OktaAuth.get_oauth_token()")
okta_headers = OktaUtil.get_oauth_okta_headers(headers)
url = ("{host}/oauth2{auth_server}/v1/token?"
"grant_type={grant_type}&"
"code={code}&"
"redirect_uri={redirect_uri}").format(
host=self.okta_config["org_url"],
auth_server=OktaUtil.get_authserver_id(
self.okta_config["auth_server_id"]),
code=code,
redirect_uri=self.okta_config["redirect_uri"],
grant_type=grant_type)
body = {"authorization_code": code}
if auth_options:
for key in auth_options:
url = "{url}&{key}={value}".format(url=url,
key=key,
value=auth_options[key])
return RestUtil.execute_post(url, body, okta_headers)
def get_user(self, user_id):
self.logger.debug("OktaAdmin.get_user(user_id)")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/users/{user_id}".format(
base_url=self.okta_config["okta_org_name"], user_id=user_id)
return RestUtil.execute_get(url, okta_headers)
def get_oauth_token(self,
code,
grant_type,
auth_options=None,
headers=None):
self.logger.debug("OktaAuth.get_oauth_token()")
okta_headers = OktaUtil.get_oauth_okta_headers(headers)
url = ("{issuer}/v1/token?"
"grant_type={grant_type}&"
"code={code}&"
"redirect_uri={redirect_uri}").format(
issuer=self.okta_config["issuer"],
code=code,
redirect_uri=self.okta_config["redirect_uri"],
grant_type=grant_type)
body = {"authorization_code": code}
if auth_options:
for key in auth_options:
url = "{url}&{key}={value}".format(url=url,
key=key,
value=auth_options[key])
return RestUtil.execute_post(url, body, okta_headers)
def userinfo(self, token, headers=None):
self.logger.debug("OktaAuth.userinfo()")
okta_headers = OktaUtil.get_oauth_okta_bearer_token_headers(headers, token)
# self.logger.debug("okta_headers: {0}".format(okta_headers))
url = "{issuer}/v1/userinfo".format(issuer=self.okta_config["issuer"])
body = {}
return RestUtil.execute_post(url, body, okta_headers)
def create_idp(self, idp):
self.logger.debug("OktaAdmin.create_idp(idp)")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/idps".format(
base_url=self.okta_config["okta_org_name"])
self.logger.debug(idp)
return RestUtil.execute_post(url, idp, okta_headers)
def upload_idp_certificate(self, idp_cert):
self.logger.debug("OktaAdmin.upload_idp_certificate(idp_cert)")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/idps/credentials/keys".format(
base_url=self.okta_config["okta_org_name"])
return RestUtil.execute_post(url, idp_cert, okta_headers)
def get_idp_certificate(self, kid):
self.logger.debug("OktaAdmin.get_idp_certificates()")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/idps/credentials/keys/{kid}".format(
base_url=self.okta_config["okta_org_name"], kid=kid)
return RestUtil.execute_get(url, okta_headers)
def get_applications_all(self):
self.logger.debug("OktaAdmin.get_applications_all(user_id)")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/apps/?limit=200".format(
base_url=self.okta_config["okta_org_name"])
return RestUtil.execute_get(url, okta_headers)
def get_application_groups(self, appid):
self.logger.debug("OktaAdmin.get_application_groups(appid)")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/apps/{app_id}/groups".format(
base_url=self.okta_config["okta_org_name"], app_id=appid)
return RestUtil.execute_get(url, okta_headers)
def get_applications_by_user_id(self, user_id):
self.logger.debug("OktaAdmin.get_applications_by_user_id(user_id)")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/apps/?limit=200&filter=user.id+eq+\"{user_id}\"".format(
base_url=self.okta_config["okta_org_name"], user_id=user_id)
return RestUtil.execute_get(url, okta_headers)
def get_user_list_by_group_id(self, id):
self.logger.debug("OktaAdmin.get_user_list_by_group_id(user_id)")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/groups/{id}/users".format(
base_url=self.okta_config["okta_org_name"], id=id)
return RestUtil.execute_get(url, okta_headers)
def get_groups_by_name(self, name):
self.logger.debug("OktaAdmin.get_groups_by_name(name)")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/groups?q={name}".format(
base_url=self.okta_config["okta_org_name"], name=name)
return RestUtil.execute_get(url, okta_headers)
def deactivate_idp(self, idp_id):
self.logger.debug("OktaAdmin.deactivate_idp(idp_id)")
# self.logger.debug("User profile: {0}".format(json.dumps(user)))
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/idps/{idp_id}/lifecycle/deactivate".format(
base_url=self.okta_config["okta_org_name"], idp_id=idp_id)
return RestUtil.execute_post(url, {}, okta_headers)
def list_available_questions(self, user_id):
self.logger.debug("list_available_questions()")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{0}/api/v1/users/{1}/factors/questions".format(
self.okta_config["okta_org_name"], user_id)
return RestUtil.execute_get(url, okta_headers)
def delete_factor(self, user_id, factor_id, headers=None):
self.logger.debug("delete_securityquestion()")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{0}/api/v1/users/{1}/factors/{2}".format(
self.okta_config["okta_org_name"], user_id, factor_id)
return RestUtil.execute_delete(url=url, headers=okta_headers)
def get_user_list_by_search(self, search):
# /api/v1/users?search=profile.department eq "Engineering"
self.logger.debug("OktaAdmin.get_user_list_by_search(search)")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/users?search={search}".format(
base_url=self.okta_config["okta_org_name"], search=search)
return RestUtil.execute_get(url, okta_headers)
def reset_password_for_user(self, user_id):
self.logger.debug("OktaAdmin.unsuspend_user(user_id)")
okta_headers = OktaUtil.get_protected_okta_headers(self.okta_config)
url = "{base_url}/api/v1/users/{user_id}/lifecycle/reset_password".format(
base_url=self.okta_config["okta_org_name"], user_id=user_id)
body = {}
return RestUtil.execute_post(url, body, okta_headers)
