mirror of
https://github.com/vmware/vsphere-automation-sdk-python.git
synced 2024-11-26 19:29:58 -05:00
Rewrite sso samples
Remove old sso samples and created new samples that match Java SDK. Minor changes to some helper methods. Update README
This commit is contained in:
parent
b10443a53b
commit
b25c66ee46
@ -48,19 +48,19 @@ class LookupServiceHelper(object):
|
|||||||
|
|
||||||
self.client = Client(url=self.wsdl_url, location=self.soap_url)
|
self.client = Client(url=self.wsdl_url, location=self.soap_url)
|
||||||
assert self.client is not None
|
assert self.client is not None
|
||||||
print(self.client)
|
# print(self.client)
|
||||||
self.client.set_options(service='LsService', port='LsPort')
|
self.client.set_options(service='LsService', port='LsPort')
|
||||||
|
|
||||||
self.managedObjectReference = self.client.factory.create('ns0:ManagedObjectReference')
|
self.managedObjectReference = self.client.factory.create('ns0:ManagedObjectReference')
|
||||||
self.managedObjectReference._type = 'LookupServiceInstance'
|
self.managedObjectReference._type = 'LookupServiceInstance'
|
||||||
self.managedObjectReference.value = 'ServiceInstance'
|
self.managedObjectReference.value = 'ServiceInstance'
|
||||||
print(self.managedObjectReference)
|
# print(self.managedObjectReference)
|
||||||
|
|
||||||
lookupServiceContent = self.client.service.RetrieveServiceContent(self.managedObjectReference)
|
lookupServiceContent = self.client.service.RetrieveServiceContent(self.managedObjectReference)
|
||||||
print(lookupServiceContent)
|
# print(lookupServiceContent)
|
||||||
|
|
||||||
self.serviceRegistration = lookupServiceContent.serviceRegistration
|
self.serviceRegistration = lookupServiceContent.serviceRegistration
|
||||||
print(self.serviceRegistration)
|
# print(self.serviceRegistration)
|
||||||
|
|
||||||
def find_sso_urls(self):
|
def find_sso_urls(self):
|
||||||
"""
|
"""
|
||||||
@ -189,10 +189,10 @@ class LookupServiceHelper(object):
|
|||||||
assert self.serviceRegistration is not None
|
assert self.serviceRegistration is not None
|
||||||
|
|
||||||
lookupServiceRegistrationFilter = self.__create_filter_spec(product, service, endpoint, protocol)
|
lookupServiceRegistrationFilter = self.__create_filter_spec(product, service, endpoint, protocol)
|
||||||
print(lookupServiceRegistrationFilter)
|
# print(lookupServiceRegistrationFilter)
|
||||||
|
|
||||||
result = self.client.service.List(self.serviceRegistration, lookupServiceRegistrationFilter)
|
result = self.client.service.List(self.serviceRegistration, lookupServiceRegistrationFilter)
|
||||||
print(result)
|
# print(result)
|
||||||
assert len(result) > 0
|
assert len(result) > 0
|
||||||
# Support for MxN
|
# Support for MxN
|
||||||
# return the results in a dictionary where key is NodeId and Value is Service URL
|
# return the results in a dictionary where key is NodeId and Value is Service URL
|
||||||
@ -212,10 +212,10 @@ class LookupServiceHelper(object):
|
|||||||
assert self.serviceRegistration is not None
|
assert self.serviceRegistration is not None
|
||||||
|
|
||||||
lookupServiceRegistrationFilter = self.__create_filter_spec(product, service, endpoint, protocol)
|
lookupServiceRegistrationFilter = self.__create_filter_spec(product, service, endpoint, protocol)
|
||||||
print(lookupServiceRegistrationFilter)
|
# print(lookupServiceRegistrationFilter)
|
||||||
|
|
||||||
result = self.client.service.List(self.serviceRegistration, lookupServiceRegistrationFilter)
|
result = self.client.service.List(self.serviceRegistration, lookupServiceRegistrationFilter)
|
||||||
print(result)
|
# print(result)
|
||||||
assert len(result) > 0
|
assert len(result) > 0
|
||||||
|
|
||||||
urls = []
|
urls = []
|
||||||
@ -254,20 +254,20 @@ class LookupServiceHelper(object):
|
|||||||
lookupServiceRegistrationServiceType = self.client.factory.create('ns0:LookupServiceRegistrationServiceType')
|
lookupServiceRegistrationServiceType = self.client.factory.create('ns0:LookupServiceRegistrationServiceType')
|
||||||
lookupServiceRegistrationServiceType.product = 'com.vmware.cis'
|
lookupServiceRegistrationServiceType.product = 'com.vmware.cis'
|
||||||
lookupServiceRegistrationServiceType.type = 'vcenterserver'
|
lookupServiceRegistrationServiceType.type = 'vcenterserver'
|
||||||
print(lookupServiceRegistrationServiceType)
|
# print(lookupServiceRegistrationServiceType)
|
||||||
|
|
||||||
lookupServiceRegistrationEndpointType = self.client.factory.create('ns0:LookupServiceRegistrationEndpointType')
|
lookupServiceRegistrationEndpointType = self.client.factory.create('ns0:LookupServiceRegistrationEndpointType')
|
||||||
lookupServiceRegistrationEndpointType.type = 'com.vmware.vim'
|
lookupServiceRegistrationEndpointType.type = 'com.vmware.vim'
|
||||||
lookupServiceRegistrationEndpointType.protocol = 'vmomi'
|
lookupServiceRegistrationEndpointType.protocol = 'vmomi'
|
||||||
print(lookupServiceRegistrationEndpointType)
|
# print(lookupServiceRegistrationEndpointType)
|
||||||
|
|
||||||
lookupServiceRegistrationFilter = self.client.factory.create('ns0:LookupServiceRegistrationFilter')
|
lookupServiceRegistrationFilter = self.client.factory.create('ns0:LookupServiceRegistrationFilter')
|
||||||
lookupServiceRegistrationFilter.serviceType = lookupServiceRegistrationServiceType
|
lookupServiceRegistrationFilter.serviceType = lookupServiceRegistrationServiceType
|
||||||
lookupServiceRegistrationFilter.endpointType = lookupServiceRegistrationEndpointType
|
lookupServiceRegistrationFilter.endpointType = lookupServiceRegistrationEndpointType
|
||||||
print(lookupServiceRegistrationFilter)
|
# print(lookupServiceRegistrationFilter)
|
||||||
|
|
||||||
result = self.client.service.List(self.serviceRegistration, lookupServiceRegistrationFilter)
|
result = self.client.service.List(self.serviceRegistration, lookupServiceRegistrationFilter)
|
||||||
print(result)
|
# print(result)
|
||||||
assert len(result) > 0
|
assert len(result) > 0
|
||||||
|
|
||||||
results_dict = {}
|
results_dict = {}
|
||||||
|
@ -32,7 +32,7 @@ def get_jsonrpc_endpoint_url(host):
|
|||||||
|
|
||||||
def connect(host, user, pwd, skip_verification=False, suppress_warning=True):
|
def connect(host, user, pwd, skip_verification=False, suppress_warning=True):
|
||||||
"""
|
"""
|
||||||
Create an authenticated stub configuraiton object that can be used to issue
|
Create an authenticated stub configuration object that can be used to issue
|
||||||
requests against vCenter.
|
requests against vCenter.
|
||||||
|
|
||||||
Returns a stub_config that stores the session identifier that can be used
|
Returns a stub_config that stores the session identifier that can be used
|
||||||
@ -83,7 +83,7 @@ def logout(stub_config):
|
|||||||
session_svc.delete()
|
session_svc.delete()
|
||||||
|
|
||||||
|
|
||||||
def create_unverified_session(session, suppress_warning):
|
def create_unverified_session(session, suppress_warning=True):
|
||||||
"""
|
"""
|
||||||
Create a unverified session to disable the server certificate verification.
|
Create a unverified session to disable the server certificate verification.
|
||||||
"""
|
"""
|
||||||
|
@ -1,14 +1,14 @@
|
|||||||
This directory contains samples for Platform Service Controller, SSO and Lookup Service APIs:
|
This directory contains samples for Platform Service Controller, SSO and Lookup Service APIs:
|
||||||
|
|
||||||
The vSphere Automation SDK for Python samples use the vSphere Automation Lookup Service
|
The vSphere Automation SDK for Python samples use the vCenter Lookup Service
|
||||||
to obtain the URLs for other vSphere Automation services (SSO, vAPI, VIM, SPBM, etc.).
|
to obtain the URLs for other vSphere Automation services (SSO, vAPI, VIM, SPBM, etc.).
|
||||||
The SDK contains the Lookup Service WSDL files. The samples use the python SUDS client
|
The SDK contains the Lookup Service WSDL files. The samples use the python SUDS client
|
||||||
for accessing the lookup service. The Lookup Service WSDL files are located in wsdl/ directory.
|
for accessing the lookup service. The Lookup Service WSDL files are located in wsdl/ directory.
|
||||||
|
|
||||||
Running the samples
|
Running the samples
|
||||||
|
```cmd
|
||||||
$ cd /path/to/vsphere-automation-sdk-python-samples/bin
|
$ cd /path/to/vsphere-automation-sdk-python-samples/bin
|
||||||
$ ./run_sample.sh ../samples/vsphere/sso/print_services.py --lswsdlurl file:///path/to/vsphere-automation-sdk-python-samples/samples/vsphere/sso/wsdl/lookupservice.wsdl --lssoapurl https://<sso_server>/lookupservice/sdk -v
|
$ ./run_sample.sh ../samples/vsphere/sso/external_psc_sso_workflow.py --lswsdl file:///path/to/vsphere-automation-sdk-python-samples/samples/vsphere/sso/wsdl/lookupservice.wsdl --lsurl https://<server>/lookupservice/sdk -u 'administrator@vsphere.local' -p 'Admin!23' -v
|
||||||
|
```
|
||||||
* Testbed Requirement:
|
* Testbed Requirement:
|
||||||
- 1 vCenter Server
|
- 1 vCenter Server
|
||||||
|
@ -1,135 +0,0 @@
|
|||||||
#!/usr/bin/env python
|
|
||||||
|
|
||||||
"""
|
|
||||||
* *******************************************************
|
|
||||||
* Copyright (c) VMware, Inc. 2013, 2016. All Rights Reserved.
|
|
||||||
* *******************************************************
|
|
||||||
*
|
|
||||||
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
|
|
||||||
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
|
|
||||||
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
|
|
||||||
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
|
|
||||||
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
||||||
"""
|
|
||||||
|
|
||||||
__author__ = 'VMware, Inc.'
|
|
||||||
__copyright__ = 'Copyright 2013, 2016 VMware, Inc. All rights reserved.'
|
|
||||||
|
|
||||||
import argparse
|
|
||||||
|
|
||||||
import requests
|
|
||||||
|
|
||||||
try:
|
|
||||||
from urlparse import urlparse
|
|
||||||
except ImportError:
|
|
||||||
from urllib.parse import urlparse
|
|
||||||
from samples.vsphere.common import sso
|
|
||||||
from com.vmware.cis_client import Session
|
|
||||||
from vmware.vapi.security.sso import create_saml_bearer_security_context
|
|
||||||
from vmware.vapi.security.session import create_session_security_context
|
|
||||||
from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
|
|
||||||
from vmware.vapi.lib.connect import get_requests_connector
|
|
||||||
from samples.vsphere.common.ssl_helper import get_unverified_context
|
|
||||||
|
|
||||||
|
|
||||||
class ConnectionWorkflow(object):
|
|
||||||
"""
|
|
||||||
Demonstrates vAPI connection and service initialization callflow
|
|
||||||
Step 1: Connect to the SSO URL and retrieve the SAML token.
|
|
||||||
Step 2: Connect to the vapi service endpoint.
|
|
||||||
Step 3: Use the SAML token to login to vAPI service endpoint.
|
|
||||||
Step 4: Create a vAPI session.
|
|
||||||
Step 5: Delete the vAPI session.
|
|
||||||
Note: Use the lookup service print services sample to retrieve the SSO and vAPI service URLs
|
|
||||||
"""
|
|
||||||
|
|
||||||
def __init__(self):
|
|
||||||
self.vapi_url = None
|
|
||||||
self.sts_url = None
|
|
||||||
self.sso_username = None
|
|
||||||
self.sso_password = None
|
|
||||||
self.session = None
|
|
||||||
self.skip_verification = False
|
|
||||||
|
|
||||||
def options(self):
|
|
||||||
self.argparser = argparse.ArgumentParser(description=self.__doc__)
|
|
||||||
# setup the argument parser
|
|
||||||
self.argparser.add_argument('-a', '--vapiurl', help='vAPI URL')
|
|
||||||
self.argparser.add_argument('-s', '--stsurl', help='SSO URL')
|
|
||||||
self.argparser.add_argument('-u', '--username', help='SSO username')
|
|
||||||
self.argparser.add_argument('-p', '--password', help='SSO user password')
|
|
||||||
self.argparser.add_argument('-v', '--skipverification', action='store_true',
|
|
||||||
help='Do not verify server certificate')
|
|
||||||
self.args = self.argparser.parse_args() # parse all the sample arguments when they are all set
|
|
||||||
|
|
||||||
def setup(self):
|
|
||||||
self.vapi_url = self.args.vapiurl
|
|
||||||
assert self.vapi_url is not None
|
|
||||||
self.sts_url = self.args.stsurl
|
|
||||||
assert self.sts_url is not None
|
|
||||||
self.sso_username = self.args.username
|
|
||||||
assert self.sso_username is not None
|
|
||||||
self.sso_password = self.args.password
|
|
||||||
assert self.sso_password is not None
|
|
||||||
self.skip_verification = self.args.skipverification
|
|
||||||
|
|
||||||
def execute(self):
|
|
||||||
print('vapi_url: {0}'.format(self.vapi_url))
|
|
||||||
# parse the URL and determine the scheme
|
|
||||||
o = urlparse(self.vapi_url)
|
|
||||||
assert o.scheme is not None
|
|
||||||
if o.scheme.lower() != 'https':
|
|
||||||
print('VAPI URL must be a https URL')
|
|
||||||
raise Exception('VAPI URL must be a https URL')
|
|
||||||
|
|
||||||
print('sts_url: {0}'.format(self.sts_url))
|
|
||||||
print('Initialize SsoAuthenticator and fetching SAML bearer token...')
|
|
||||||
authenticator = sso.SsoAuthenticator(self.sts_url)
|
|
||||||
context = None
|
|
||||||
if self.skip_verification:
|
|
||||||
context = get_unverified_context()
|
|
||||||
bearer_token = authenticator.get_bearer_saml_assertion(self.sso_username,
|
|
||||||
self.sso_password,
|
|
||||||
delegatable=True,
|
|
||||||
ssl_context=context)
|
|
||||||
|
|
||||||
print('Creating SAML Bearer Security Context...')
|
|
||||||
sec_ctx = create_saml_bearer_security_context(bearer_token)
|
|
||||||
|
|
||||||
print('Connecting to VAPI provider and preparing stub configuration...')
|
|
||||||
session = requests.Session()
|
|
||||||
if self.skip_verification:
|
|
||||||
session.verify = False
|
|
||||||
connector = get_requests_connector(session=session, url=self.vapi_url)
|
|
||||||
self.stub_config = StubConfigurationFactory.new_std_configuration(connector)
|
|
||||||
|
|
||||||
connector.set_security_context(sec_ctx)
|
|
||||||
self.stub_config = StubConfigurationFactory.new_std_configuration(connector)
|
|
||||||
self.session = Session(self.stub_config)
|
|
||||||
|
|
||||||
print('Login to VAPI endpoint and get the session_id...')
|
|
||||||
self.session_id = self.session.create()
|
|
||||||
|
|
||||||
print('Update the VAPI connection with session_id...')
|
|
||||||
session_sec_ctx = create_session_security_context(self.session_id)
|
|
||||||
connector.set_security_context(session_sec_ctx)
|
|
||||||
|
|
||||||
def cleanup(self):
|
|
||||||
if self.session_id is not None:
|
|
||||||
self.disconnect()
|
|
||||||
print('VAPI session disconnected successfully...')
|
|
||||||
|
|
||||||
def disconnect(self):
|
|
||||||
self.session.delete()
|
|
||||||
|
|
||||||
|
|
||||||
def main():
|
|
||||||
connectionWorkflow = ConnectionWorkflow()
|
|
||||||
connectionWorkflow.options()
|
|
||||||
connectionWorkflow.setup()
|
|
||||||
connectionWorkflow.execute()
|
|
||||||
connectionWorkflow.cleanup()
|
|
||||||
|
|
||||||
# Start program
|
|
||||||
if __name__ == '__main__':
|
|
||||||
main()
|
|
119
samples/vsphere/sso/embedded_psc_sso_workflow.py
Normal file
119
samples/vsphere/sso/embedded_psc_sso_workflow.py
Normal file
@ -0,0 +1,119 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
"""
|
||||||
|
* *******************************************************
|
||||||
|
* Copyright (c) VMware, Inc. 2016. All Rights Reserved.
|
||||||
|
* *******************************************************
|
||||||
|
*
|
||||||
|
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
|
||||||
|
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
|
||||||
|
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
|
||||||
|
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
|
||||||
|
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||||
|
"""
|
||||||
|
|
||||||
|
|
||||||
|
__author__ = 'VMware, Inc.'
|
||||||
|
__copyright__ = 'Copyright 2017 VMware, Inc. All rights reserved.'
|
||||||
|
__vcenter_version__ = '6.0+'
|
||||||
|
|
||||||
|
from pprint import pprint
|
||||||
|
import requests
|
||||||
|
|
||||||
|
from com.vmware.cis_client import Session
|
||||||
|
from com.vmware.vcenter_client import Datacenter
|
||||||
|
from vmware.vapi.lib.connect import get_requests_connector
|
||||||
|
from vmware.vapi.security.session import create_session_security_context
|
||||||
|
from vmware.vapi.security.sso import create_saml_bearer_security_context
|
||||||
|
from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
|
||||||
|
|
||||||
|
from samples.vsphere.common.ssl_helper import get_unverified_context
|
||||||
|
from samples.vsphere.common.vapiconnect import create_unverified_session
|
||||||
|
from samples.vsphere.common.sample_util import parse_cli_args
|
||||||
|
from samples.vsphere.common import sso
|
||||||
|
|
||||||
|
|
||||||
|
class EmbeddedPscSsoWorkflow(object):
|
||||||
|
"""
|
||||||
|
Demonstrates how to Login to vCenter vAPI service with
|
||||||
|
embedded Platform Services Controller.
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self):
|
||||||
|
self.server = None
|
||||||
|
self.username = None
|
||||||
|
self.password = None
|
||||||
|
self.session = None
|
||||||
|
self.session_id = None
|
||||||
|
self.skip_verification = False
|
||||||
|
|
||||||
|
def setup(self):
|
||||||
|
self.server, self.username, self.password, _, self.skip_verification = \
|
||||||
|
parse_cli_args()
|
||||||
|
|
||||||
|
def run(self):
|
||||||
|
print('\n\n#### Example: Login to vCenter server with '
|
||||||
|
'embedded Platform Services Controller')
|
||||||
|
|
||||||
|
# Since the platform services controller is embedded, the sso server
|
||||||
|
# is the same as the vCenter server.
|
||||||
|
ssoUrl = 'https://{}/sts/STSService'.format(self.server)
|
||||||
|
|
||||||
|
print('\nStep 1: Connect to the Single Sign-On URL and '
|
||||||
|
'retrieve the SAML bearer token.')
|
||||||
|
|
||||||
|
authenticator = sso.SsoAuthenticator(ssoUrl)
|
||||||
|
context = None
|
||||||
|
if self.skip_verification:
|
||||||
|
context = get_unverified_context()
|
||||||
|
bearer_token = authenticator.get_bearer_saml_assertion(
|
||||||
|
self.username,
|
||||||
|
self.password,
|
||||||
|
delegatable=True,
|
||||||
|
ssl_context=context)
|
||||||
|
|
||||||
|
# Creating SAML Bearer Security Context
|
||||||
|
sec_ctx = create_saml_bearer_security_context(bearer_token)
|
||||||
|
|
||||||
|
print('\nStep 2. Login to vAPI services using the SAML bearer token.')
|
||||||
|
|
||||||
|
# The URL for the stub requests are made against the /api HTTP endpoint
|
||||||
|
# of the vCenter system.
|
||||||
|
vapi_url = 'https://{}/api'.format(self.server)
|
||||||
|
|
||||||
|
# Create an authenticated stub configuration object that can be used to
|
||||||
|
# issue requests against vCenter.
|
||||||
|
session = requests.Session()
|
||||||
|
if self.skip_verification:
|
||||||
|
session = create_unverified_session(session)
|
||||||
|
connector = get_requests_connector(session=session, url=vapi_url)
|
||||||
|
connector.set_security_context(sec_ctx)
|
||||||
|
stub_config = StubConfigurationFactory.new_std_configuration(
|
||||||
|
connector)
|
||||||
|
self.session = Session(stub_config)
|
||||||
|
|
||||||
|
# Login to VAPI endpoint and get the session_id
|
||||||
|
self.session_id = self.session.create()
|
||||||
|
|
||||||
|
# Update the VAPI connection with session_id
|
||||||
|
session_sec_ctx = create_session_security_context(self.session_id)
|
||||||
|
connector.set_security_context(session_sec_ctx)
|
||||||
|
|
||||||
|
print('\nStep 3: List available datacenters using the vAPI services')
|
||||||
|
|
||||||
|
datacenter_svc = Datacenter(stub_config)
|
||||||
|
pprint(datacenter_svc.list())
|
||||||
|
|
||||||
|
self.session.delete()
|
||||||
|
print('VAPI session disconnected successfully...')
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
embedded_psc_sso_workflow = EmbeddedPscSsoWorkflow()
|
||||||
|
embedded_psc_sso_workflow.setup()
|
||||||
|
embedded_psc_sso_workflow.run()
|
||||||
|
|
||||||
|
|
||||||
|
# Start program
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
175
samples/vsphere/sso/external_psc_sso_workflow.py
Normal file
175
samples/vsphere/sso/external_psc_sso_workflow.py
Normal file
@ -0,0 +1,175 @@
|
|||||||
|
#!/usr/bin/env python
|
||||||
|
|
||||||
|
"""
|
||||||
|
* *******************************************************
|
||||||
|
* Copyright (c) VMware, Inc. 2016. All Rights Reserved.
|
||||||
|
* *******************************************************
|
||||||
|
*
|
||||||
|
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
|
||||||
|
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
|
||||||
|
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
|
||||||
|
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
|
||||||
|
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
|
||||||
|
"""
|
||||||
|
|
||||||
|
__author__ = 'VMware, Inc.'
|
||||||
|
__copyright__ = 'Copyright 2017 VMware, Inc. All rights reserved.'
|
||||||
|
__vcenter_version__ = '6.0+'
|
||||||
|
|
||||||
|
import argparse
|
||||||
|
import requests
|
||||||
|
from pprint import pprint
|
||||||
|
|
||||||
|
from com.vmware.cis_client import Session
|
||||||
|
from com.vmware.vcenter_client import Datacenter
|
||||||
|
|
||||||
|
from vmware.vapi.lib.connect import get_requests_connector
|
||||||
|
from vmware.vapi.security.session import create_session_security_context
|
||||||
|
from vmware.vapi.security.sso import create_saml_bearer_security_context
|
||||||
|
from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
|
||||||
|
|
||||||
|
from samples.vsphere.common import sso
|
||||||
|
from samples.vsphere.common.lookup_service_helper import LookupServiceHelper
|
||||||
|
from samples.vsphere.common.ssl_helper import get_unverified_context
|
||||||
|
from samples.vsphere.common.vapiconnect import create_unverified_session
|
||||||
|
|
||||||
|
|
||||||
|
class ExternalPscSsoWorkflow(object):
|
||||||
|
"""
|
||||||
|
Demonstrates how to Login to vCenter vAPI service with
|
||||||
|
external Platform Services Controller.
|
||||||
|
"""
|
||||||
|
|
||||||
|
def __init__(self):
|
||||||
|
self.lswsdl = None
|
||||||
|
self.lsurl = None
|
||||||
|
self.mgmtinstancename = None
|
||||||
|
self.username = None
|
||||||
|
self.password = None
|
||||||
|
self.session = None
|
||||||
|
self.session_id = None
|
||||||
|
self.args = None
|
||||||
|
self.argparser = None
|
||||||
|
self.mgmtinstancename = None
|
||||||
|
self.skip_verification = False
|
||||||
|
|
||||||
|
def options(self):
|
||||||
|
self.argparser = argparse.ArgumentParser(description=self.__doc__)
|
||||||
|
# setup the argument parser
|
||||||
|
self.argparser.add_argument('-w', '--lswsdl',
|
||||||
|
help='Lookup service WSDL')
|
||||||
|
self.argparser.add_argument('-s', '--lsurl', help='Lookup service URL')
|
||||||
|
self.argparser.add_argument('-m', '--mgmtinstancename',
|
||||||
|
help='Instance name of the vCenter Server '
|
||||||
|
'management node. '
|
||||||
|
'When only one node is registered, '
|
||||||
|
'it is selected by default; otherwise,'
|
||||||
|
' omit the parameter to get a list of '
|
||||||
|
'available nodes.')
|
||||||
|
self.argparser.add_argument('-u', '--username', help='SSO user name')
|
||||||
|
self.argparser.add_argument('-p', '--password',
|
||||||
|
help='SSO user password')
|
||||||
|
self.argparser.add_argument('-v', '--skipverification',
|
||||||
|
action='store_true',
|
||||||
|
help='Do not verify server certificate')
|
||||||
|
self.args = self.argparser.parse_args()
|
||||||
|
|
||||||
|
def setup(self):
|
||||||
|
self.lswsdl = self.args.lswsdl
|
||||||
|
assert self.lswsdl is not None
|
||||||
|
print('lswsdl: {0}'.format(self.lswsdl))
|
||||||
|
|
||||||
|
self.lsurl = self.args.lsurl
|
||||||
|
assert self.lsurl is not None
|
||||||
|
print('lsurl: {0}'.format(self.lsurl))
|
||||||
|
|
||||||
|
self.username = self.args.username
|
||||||
|
assert self.username is not None
|
||||||
|
|
||||||
|
self.password = self.args.password
|
||||||
|
assert self.password is not None
|
||||||
|
|
||||||
|
self.mgmtinstancename = self.args.mgmtinstancename
|
||||||
|
self.skip_verification = self.args.skipverification
|
||||||
|
|
||||||
|
def run(self):
|
||||||
|
print('\n\n#### Example: Login to vCenter server with '
|
||||||
|
'external Platform Services Controller')
|
||||||
|
|
||||||
|
print('\nStep 1: Connect to the lookup service on the '
|
||||||
|
'Platform Services Controller node: {0}'.format(self.lsurl))
|
||||||
|
lookupservicehelper = LookupServiceHelper(wsdl_url=self.lswsdl,
|
||||||
|
soap_url=self.lsurl,
|
||||||
|
skip_verification=self.skip_verification)
|
||||||
|
lookupservicehelper.connect()
|
||||||
|
|
||||||
|
if self.mgmtinstancename is None:
|
||||||
|
self.mgmtinstancename, self.mgmtnodeid = lookupservicehelper.get_default_mgmt_node()
|
||||||
|
elif self.mgmtnodeid is None:
|
||||||
|
self.mgmtnodeid = lookupservicehelper.get_mgmt_node_id(
|
||||||
|
self.mgmtinstancename)
|
||||||
|
assert self.mgmtnodeid is not None
|
||||||
|
|
||||||
|
print('\nStep 2: Discover the Single Sign-On service URL'
|
||||||
|
' from lookup service.')
|
||||||
|
sso_url = lookupservicehelper.find_sso_url()
|
||||||
|
print('Sso URL: {0}'.format(sso_url))
|
||||||
|
|
||||||
|
print('\nStep 3: Connect to the Single Sign-On URL and '
|
||||||
|
'retrieve the SAML bearer token.')
|
||||||
|
authenticator = sso.SsoAuthenticator(sso_url)
|
||||||
|
context = None
|
||||||
|
if self.skip_verification:
|
||||||
|
context = get_unverified_context()
|
||||||
|
bearer_token = authenticator.get_bearer_saml_assertion(
|
||||||
|
self.username,
|
||||||
|
self.password,
|
||||||
|
delegatable=True,
|
||||||
|
ssl_context=context)
|
||||||
|
|
||||||
|
# Creating SAML Bearer Security Context
|
||||||
|
sec_ctx = create_saml_bearer_security_context(bearer_token)
|
||||||
|
|
||||||
|
print('\nStep 4. Discover the vAPI service URL from lookup service.')
|
||||||
|
vapi_url = lookupservicehelper.find_vapi_url(self.mgmtnodeid)
|
||||||
|
print('vAPI URL: {0}'.format(vapi_url))
|
||||||
|
|
||||||
|
print('\nStep 5. Login to vAPI services using the SAML bearer token.')
|
||||||
|
|
||||||
|
# Create an authenticated stub configuration object that can be used to
|
||||||
|
# issue requests against vCenter.
|
||||||
|
session = requests.Session()
|
||||||
|
if self.skip_verification:
|
||||||
|
session = create_unverified_session(session)
|
||||||
|
connector = get_requests_connector(session=session, url=vapi_url)
|
||||||
|
connector.set_security_context(sec_ctx)
|
||||||
|
stub_config = StubConfigurationFactory.new_std_configuration(
|
||||||
|
connector)
|
||||||
|
self.session = Session(stub_config)
|
||||||
|
|
||||||
|
# Login to VAPI endpoint and get the session_id
|
||||||
|
self.session_id = self.session.create()
|
||||||
|
|
||||||
|
# Update the VAPI connection with session_id
|
||||||
|
session_sec_ctx = create_session_security_context(self.session_id)
|
||||||
|
connector.set_security_context(session_sec_ctx)
|
||||||
|
|
||||||
|
print('\nStep 6: List available datacenters using the vAPI services')
|
||||||
|
|
||||||
|
datacenter_svc = Datacenter(stub_config)
|
||||||
|
pprint(datacenter_svc.list())
|
||||||
|
|
||||||
|
self.session.delete()
|
||||||
|
print('VAPI session disconnected successfully...')
|
||||||
|
|
||||||
|
|
||||||
|
def main():
|
||||||
|
external_psc_sso_workflow = ExternalPscSsoWorkflow()
|
||||||
|
external_psc_sso_workflow.options()
|
||||||
|
external_psc_sso_workflow.setup()
|
||||||
|
external_psc_sso_workflow.run()
|
||||||
|
|
||||||
|
|
||||||
|
# Start program
|
||||||
|
if __name__ == '__main__':
|
||||||
|
main()
|
@ -1,91 +0,0 @@
|
|||||||
"""
|
|
||||||
* *******************************************************
|
|
||||||
* Copyright (c) VMware, Inc. 2014. All Rights Reserved.
|
|
||||||
* *******************************************************
|
|
||||||
*
|
|
||||||
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
|
|
||||||
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
|
|
||||||
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
|
|
||||||
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
|
|
||||||
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
||||||
"""
|
|
||||||
|
|
||||||
__author__ = 'VMware, Inc.'
|
|
||||||
__copyright__ = 'Copyright 2014 VMware, Inc. All rights reserved.'
|
|
||||||
|
|
||||||
import argparse
|
|
||||||
from samples.vsphere.common.lookup_service_helper import LookupServiceHelper
|
|
||||||
|
|
||||||
|
|
||||||
class PrintServices(object):
|
|
||||||
"""
|
|
||||||
Demonstrates service discovery using lookup service APIs.
|
|
||||||
The sample prints all the PSC (Platform Service Controller) and Management Node (vCenter Server) and
|
|
||||||
some of the critical services (SSO, VAPI, VIM etc.) running on these nodes. This sample can also be used
|
|
||||||
to find out the server deployment (e.g. MxN setup with multiple PSC/Management nodes).
|
|
||||||
"""
|
|
||||||
|
|
||||||
def __init__(self):
|
|
||||||
self.lswsdlurl = None
|
|
||||||
self.lssoapurl = None
|
|
||||||
|
|
||||||
def options(self):
|
|
||||||
self.argparser = argparse.ArgumentParser(description=self.__doc__)
|
|
||||||
# setup the argument parser
|
|
||||||
self.argparser.add_argument('-w', '--lswsdlurl',
|
|
||||||
help='Lookup service WSDL URL')
|
|
||||||
self.argparser.add_argument('-s', '--lssoapurl',
|
|
||||||
help='Lookup service SOAP URL')
|
|
||||||
self.argparser.add_argument('-v', '--skipverification',
|
|
||||||
action='store_true',
|
|
||||||
help='Do not verify server certificate')
|
|
||||||
self.args = self.argparser.parse_args() # parse all the sample arguments when they are all set
|
|
||||||
|
|
||||||
def setup(self):
|
|
||||||
self.lswsdlurl = self.args.lswsdlurl
|
|
||||||
assert self.lswsdlurl is not None
|
|
||||||
print('lswsdlurl: {0}'.format(self.lswsdlurl))
|
|
||||||
|
|
||||||
self.lssoapurl = self.args.lssoapurl
|
|
||||||
assert self.lssoapurl is not None
|
|
||||||
print('lssoapurl: {0}'.format(self.lssoapurl))
|
|
||||||
|
|
||||||
self.skip_verification = self.args.skipverification
|
|
||||||
|
|
||||||
def execute(self):
|
|
||||||
print('Connecting to lookup service url: {0}'.format(self.lssoapurl))
|
|
||||||
lookupservicehelper = LookupServiceHelper(wsdl_url=self.lswsdlurl,
|
|
||||||
soap_url=self.lssoapurl,
|
|
||||||
skip_verification=self.skip_verification)
|
|
||||||
lookupservicehelper.connect()
|
|
||||||
|
|
||||||
# print the PSC nodes and SSO service endpoint URLs
|
|
||||||
for index, sso_url in enumerate(lookupservicehelper.find_sso_urls(), start=1):
|
|
||||||
print('=============================')
|
|
||||||
print('PSC node: {0}'.format(index))
|
|
||||||
print(' SSO URL: {0}'.format(sso_url))
|
|
||||||
print('=============================')
|
|
||||||
|
|
||||||
# print the mgmt (vCenter Server) nodes and some of the critical service endpoint URLs
|
|
||||||
for instance_name, node_id in lookupservicehelper.find_mgmt_nodes().items():
|
|
||||||
print('=============================')
|
|
||||||
print('Mgmt node instance name: {0} node_id: {1}'.format(instance_name, node_id))
|
|
||||||
print(' VAPI URL: {0}'.format(lookupservicehelper.find_vapi_url(node_id)))
|
|
||||||
print(' VIM URL: {0}'.format(lookupservicehelper.find_vim_url(node_id)))
|
|
||||||
print(' SPBM URL: {0}'.format(lookupservicehelper.find_vim_pbm_url(node_id)))
|
|
||||||
print('=============================')
|
|
||||||
|
|
||||||
def cleanup(self):
|
|
||||||
pass
|
|
||||||
|
|
||||||
|
|
||||||
def main():
|
|
||||||
printServices = PrintServices()
|
|
||||||
printServices.options()
|
|
||||||
printServices.setup()
|
|
||||||
printServices.execute()
|
|
||||||
printServices.cleanup()
|
|
||||||
|
|
||||||
# Start program
|
|
||||||
if __name__ == "__main__":
|
|
||||||
main()
|
|
@ -1,150 +0,0 @@
|
|||||||
#!/usr/bin/env python
|
|
||||||
|
|
||||||
"""
|
|
||||||
* *******************************************************
|
|
||||||
* Copyright (c) VMware, Inc. 2014, 2016. All Rights Reserved.
|
|
||||||
* *******************************************************
|
|
||||||
*
|
|
||||||
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
|
|
||||||
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
|
|
||||||
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
|
|
||||||
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
|
|
||||||
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
|
|
||||||
"""
|
|
||||||
|
|
||||||
__author__ = 'VMware, Inc.'
|
|
||||||
__copyright__ = 'Copyright 2014, 2016 VMware, Inc. All rights reserved.'
|
|
||||||
|
|
||||||
import argparse
|
|
||||||
import requests
|
|
||||||
from vmware.vapi.lib.connect import get_requests_connector
|
|
||||||
from com.vmware.cis_client import Session
|
|
||||||
from vmware.vapi.security.user_password import create_user_password_security_context
|
|
||||||
from vmware.vapi.security.session import create_session_security_context
|
|
||||||
from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
|
|
||||||
from com.vmware.cis.tagging_client import Tag
|
|
||||||
from samples.vsphere.common.lookup_service_helper import LookupServiceHelper
|
|
||||||
|
|
||||||
|
|
||||||
class VapiConnectionWorkflow(object):
|
|
||||||
"""
|
|
||||||
Demonstrates vAPI connection and service initialization callflow using the username and password
|
|
||||||
Step 1: Retrieve the vAPI service endpoint URL from lookup service.
|
|
||||||
Step 2: Connect to the vAPI service endpoint.
|
|
||||||
Step 3: Use the username/password to login to the vAPI service endpoint.
|
|
||||||
Step 4: Create a vAPI session.
|
|
||||||
Step 5: Validate some of the vAPI services.
|
|
||||||
Step 6: Delete the vAPI session.
|
|
||||||
"""
|
|
||||||
|
|
||||||
def __init__(self):
|
|
||||||
self.lswsdlurl = None
|
|
||||||
self.lssoapurl = None
|
|
||||||
self.mgmtinstancename = None # Optional: used when there are more than one mgmt node
|
|
||||||
self.username = None
|
|
||||||
self.password = None
|
|
||||||
|
|
||||||
self.mgmtnodeid = None
|
|
||||||
self.vapiurl = None
|
|
||||||
self.session = None
|
|
||||||
self.session_id = None
|
|
||||||
self.stub_config = None
|
|
||||||
self.skip_verification = False
|
|
||||||
|
|
||||||
def options(self):
|
|
||||||
self.argparser = argparse.ArgumentParser(description=self.__doc__)
|
|
||||||
# setup the argument parser
|
|
||||||
self.argparser.add_argument('-w', '--lswsdlurl', help='Lookup service WSDL URL')
|
|
||||||
self.argparser.add_argument('-s', '--lssoapurl', help='Lookup service SOAP URL')
|
|
||||||
self.argparser.add_argument('-m', '--mgmtinstancename',
|
|
||||||
help='Instance name of the vCenter Server management node. ' + \
|
|
||||||
'When only one node is registered, it is selected by default; ' + \
|
|
||||||
'otherwise, omit the parameter to get a list of available nodes.')
|
|
||||||
self.argparser.add_argument('-u', '--username', help='SSO user name')
|
|
||||||
self.argparser.add_argument('-p', '--password', help='SSO user password')
|
|
||||||
self.argparser.add_argument('-v', '--skipverification', action='store_true',
|
|
||||||
help='Do not verify server certificate')
|
|
||||||
self.args = self.argparser.parse_args() # parse all the sample arguments when they are all set
|
|
||||||
|
|
||||||
def setup(self):
|
|
||||||
self.lswsdlurl = self.args.lswsdlurl
|
|
||||||
assert self.lswsdlurl is not None
|
|
||||||
print('lswsdlurl: {0}'.format(self.lswsdlurl))
|
|
||||||
|
|
||||||
self.lssoapurl = self.args.lssoapurl
|
|
||||||
assert self.lssoapurl is not None
|
|
||||||
print('lssoapurl: {0}'.format(self.lssoapurl))
|
|
||||||
|
|
||||||
self.username = self.args.username
|
|
||||||
assert self.username is not None
|
|
||||||
|
|
||||||
self.password = self.args.password
|
|
||||||
assert self.password is not None
|
|
||||||
|
|
||||||
self.mgmtinstancename = self.args.mgmtinstancename
|
|
||||||
self.skip_verification = self.args.skipverification
|
|
||||||
|
|
||||||
def execute(self):
|
|
||||||
print('Connecting to lookup service url: {0}'.format(self.lssoapurl))
|
|
||||||
lookupservicehelper = LookupServiceHelper(wsdl_url=self.lswsdlurl,
|
|
||||||
soap_url=self.lssoapurl,
|
|
||||||
skip_verification=self.skip_verification)
|
|
||||||
lookupservicehelper.connect()
|
|
||||||
|
|
||||||
if self.mgmtinstancename is None:
|
|
||||||
self.mgmtinstancename, self.mgmtnodeid = lookupservicehelper.get_default_mgmt_node()
|
|
||||||
elif self.mgmtnodeid is None:
|
|
||||||
self.mgmtnodeid = lookupservicehelper.get_mgmt_node_id(self.mgmtinstancename)
|
|
||||||
assert self.mgmtnodeid is not None
|
|
||||||
|
|
||||||
self.vapiurl = lookupservicehelper.find_vapi_url(self.mgmtnodeid)
|
|
||||||
print('vapi_url: {0}'.format(self.vapiurl))
|
|
||||||
|
|
||||||
print('Connecting to VAPI endpoint and preparing stub configuration...')
|
|
||||||
session = requests.Session()
|
|
||||||
if self.skip_verification:
|
|
||||||
session.verify = False
|
|
||||||
connector = get_requests_connector(session=session, url=self.vapiurl)
|
|
||||||
self.stub_config = StubConfigurationFactory.new_std_configuration(connector)
|
|
||||||
|
|
||||||
sec_ctx = create_user_password_security_context(self.username, self.password)
|
|
||||||
connector.set_security_context(sec_ctx)
|
|
||||||
self.stub_config = StubConfigurationFactory.new_std_configuration(connector)
|
|
||||||
self.session = Session(self.stub_config)
|
|
||||||
|
|
||||||
print('Login to VAPI endpoint and get the session_id...')
|
|
||||||
self.session_id = self.session.create()
|
|
||||||
|
|
||||||
print('Update the VAPI connection with session_id...')
|
|
||||||
session_sec_ctx = create_session_security_context(self.session_id)
|
|
||||||
connector.set_security_context(session_sec_ctx)
|
|
||||||
|
|
||||||
# make sure you can access some of the VAPI services
|
|
||||||
tag_svc = Tag(self.stub_config)
|
|
||||||
print('List all the existing tags user has access to...')
|
|
||||||
tags = tag_svc.list()
|
|
||||||
if len(tags) > 0:
|
|
||||||
for tag in tags:
|
|
||||||
print('Found Tag: {0}'.format(tag))
|
|
||||||
else:
|
|
||||||
print('No Tag Found...')
|
|
||||||
|
|
||||||
def cleanup(self):
|
|
||||||
if self.session_id is not None:
|
|
||||||
self.disconnect()
|
|
||||||
print('VAPI session disconnected successfully...')
|
|
||||||
|
|
||||||
def disconnect(self):
|
|
||||||
self.session.delete()
|
|
||||||
|
|
||||||
|
|
||||||
def main():
|
|
||||||
vapiConnectionWorkflow = VapiConnectionWorkflow()
|
|
||||||
vapiConnectionWorkflow.options()
|
|
||||||
vapiConnectionWorkflow.setup()
|
|
||||||
vapiConnectionWorkflow.execute()
|
|
||||||
vapiConnectionWorkflow.cleanup()
|
|
||||||
|
|
||||||
# Start program
|
|
||||||
if __name__ == '__main__':
|
|
||||||
main()
|
|
Loading…
Reference in New Issue
Block a user