Mirrors/vsphere-automation-sdk-python
1
0
Fork 0
mirror of https://github.com/vmware/vsphere-automation-sdk-python.git synced 2024-11-26 11:19:59 -05:00
Code

Rewrite sso samples

Browse Source 
Remove old sso samples and created new samples that match Java SDK.
Minor changes to some helper methods.
Update README
This commit is contained in:
Tianhao He 2017-02-15 16:04:17 -08:00
parent b10443a53b
commit b25c66ee46
8 changed files with 313 additions and 395 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
samples/vsphere/common/lookup_service_helper.py
View File

@ -48,19 +48,19 @@ class LookupServiceHelper(object):
self.client = Client(url=self.wsdl_url, location=self.soap_url)
assert self.client is not None
print(self.client)
# print(self.client)
self.client.set_options(service='LsService', port='LsPort')
self.managedObjectReference = self.client.factory.create('ns0:ManagedObjectReference')
self.managedObjectReference._type = 'LookupServiceInstance'
self.managedObjectReference.value = 'ServiceInstance'
print(self.managedObjectReference)
# print(self.managedObjectReference)
lookupServiceContent = self.client.service.RetrieveServiceContent(self.managedObjectReference)
print(lookupServiceContent)
# print(lookupServiceContent)
self.serviceRegistration = lookupServiceContent.serviceRegistration
print(self.serviceRegistration)
# print(self.serviceRegistration)
def find_sso_urls(self):
"""
@ -189,10 +189,10 @@ class LookupServiceHelper(object):
assert self.serviceRegistration is not None
lookupServiceRegistrationFilter = self.__create_filter_spec(product, service, endpoint, protocol)
print(lookupServiceRegistrationFilter)
# print(lookupServiceRegistrationFilter)
result = self.client.service.List(self.serviceRegistration, lookupServiceRegistrationFilter)
print(result)
# print(result)
assert len(result) > 0
# Support for MxN
# return the results in a dictionary where key is NodeId and Value is Service URL
@ -212,10 +212,10 @@ class LookupServiceHelper(object):
assert self.serviceRegistration is not None
lookupServiceRegistrationFilter = self.__create_filter_spec(product, service, endpoint, protocol)
print(lookupServiceRegistrationFilter)
# print(lookupServiceRegistrationFilter)
result = self.client.service.List(self.serviceRegistration, lookupServiceRegistrationFilter)
print(result)
# print(result)
assert len(result) > 0
urls = []
@ -254,20 +254,20 @@ class LookupServiceHelper(object):
lookupServiceRegistrationServiceType = self.client.factory.create('ns0:LookupServiceRegistrationServiceType')
lookupServiceRegistrationServiceType.product = 'com.vmware.cis'
lookupServiceRegistrationServiceType.type = 'vcenterserver'
print(lookupServiceRegistrationServiceType)
# print(lookupServiceRegistrationServiceType)
lookupServiceRegistrationEndpointType = self.client.factory.create('ns0:LookupServiceRegistrationEndpointType')
lookupServiceRegistrationEndpointType.type = 'com.vmware.vim'
lookupServiceRegistrationEndpointType.protocol = 'vmomi'
print(lookupServiceRegistrationEndpointType)
# print(lookupServiceRegistrationEndpointType)
lookupServiceRegistrationFilter = self.client.factory.create('ns0:LookupServiceRegistrationFilter')
lookupServiceRegistrationFilter.serviceType = lookupServiceRegistrationServiceType
lookupServiceRegistrationFilter.endpointType = lookupServiceRegistrationEndpointType
print(lookupServiceRegistrationFilter)
# print(lookupServiceRegistrationFilter)
result = self.client.service.List(self.serviceRegistration, lookupServiceRegistrationFilter)
print(result)
# print(result)
assert len(result) > 0
results_dict = {}

4
samples/vsphere/common/vapiconnect.py
View File

@ -32,7 +32,7 @@ def get_jsonrpc_endpoint_url(host):
def connect(host, user, pwd, skip_verification=False, suppress_warning=True):
"""
Create an authenticated stub configuraiton object that can be used to issue
Create an authenticated stub configuration object that can be used to issue
requests against vCenter.
Returns a stub_config that stores the session identifier that can be used
@ -83,7 +83,7 @@ def logout(stub_config):
session_svc.delete()
def create_unverified_session(session, suppress_warning):
def create_unverified_session(session, suppress_warning=True):
"""
Create a unverified session to disable the server certificate verification.
"""

8
samples/vsphere/sso/README.md
View File

@ -1,14 +1,14 @@
This directory contains samples for Platform Service Controller, SSO and Lookup Service APIs:
The vSphere Automation SDK for Python samples use the vSphere Automation Lookup Service
The vSphere Automation SDK for Python samples use the vCenter Lookup Service
to obtain the URLs for other vSphere Automation services (SSO, vAPI, VIM, SPBM, etc.).
The SDK contains the Lookup Service WSDL files. The samples use the python SUDS client
for accessing the lookup service. The Lookup Service WSDL files are located in wsdl/ directory.
Running the samples
```cmd
$ cd /path/to/vsphere-automation-sdk-python-samples/bin
$ ./run_sample.sh ../samples/vsphere/sso/print_services.py --lswsdlurl file:///path/to/vsphere-automation-sdk-python-samples/samples/vsphere/sso/wsdl/lookupservice.wsdl --lssoapurl https://<sso_server>/lookupservice/sdk -v
$ ./run_sample.sh ../samples/vsphere/sso/external_psc_sso_workflow.py --lswsdl file:///path/to/vsphere-automation-sdk-python-samples/samples/vsphere/sso/wsdl/lookupservice.wsdl --lsurl https://<server>/lookupservice/sdk -u 'administrator@vsphere.local' -p 'Admin!23' -v
```
* Testbed Requirement:
- 1 vCenter Server

135
samples/vsphere/sso/connection_workflow.py
View File

@ -1,135 +0,0 @@
#!/usr/bin/env python
"""
* *******************************************************
* Copyright (c) VMware, Inc. 2013, 2016. All Rights Reserved.
* *******************************************************
*
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
"""
__author__ = 'VMware, Inc.'
__copyright__ = 'Copyright 2013, 2016 VMware, Inc. All rights reserved.'
import argparse
import requests
try:
from urlparse import urlparse
except ImportError:
from urllib.parse import urlparse
from samples.vsphere.common import sso
from com.vmware.cis_client import Session
from vmware.vapi.security.sso import create_saml_bearer_security_context
from vmware.vapi.security.session import create_session_security_context
from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
from vmware.vapi.lib.connect import get_requests_connector
from samples.vsphere.common.ssl_helper import get_unverified_context
class ConnectionWorkflow(object):
"""
Demonstrates vAPI connection and service initialization callflow
Step 1: Connect to the SSO URL and retrieve the SAML token.
Step 2: Connect to the vapi service endpoint.
Step 3: Use the SAML token to login to vAPI service endpoint.
Step 4: Create a vAPI session.
Step 5: Delete the vAPI session.
Note: Use the lookup service print services sample to retrieve the SSO and vAPI service URLs
"""
def __init__(self):
self.vapi_url = None
self.sts_url = None
self.sso_username = None
self.sso_password = None
self.session = None
self.skip_verification = False
def options(self):
self.argparser = argparse.ArgumentParser(description=self.__doc__)
# setup the argument parser
self.argparser.add_argument('-a', '--vapiurl', help='vAPI URL')
self.argparser.add_argument('-s', '--stsurl', help='SSO URL')
self.argparser.add_argument('-u', '--username', help='SSO username')
self.argparser.add_argument('-p', '--password', help='SSO user password')
self.argparser.add_argument('-v', '--skipverification', action='store_true',
help='Do not verify server certificate')
self.args = self.argparser.parse_args() # parse all the sample arguments when they are all set
def setup(self):
self.vapi_url = self.args.vapiurl
assert self.vapi_url is not None
self.sts_url = self.args.stsurl
assert self.sts_url is not None
self.sso_username = self.args.username
assert self.sso_username is not None
self.sso_password = self.args.password
assert self.sso_password is not None
self.skip_verification = self.args.skipverification
def execute(self):
print('vapi_url: {0}'.format(self.vapi_url))
# parse the URL and determine the scheme
o = urlparse(self.vapi_url)
assert o.scheme is not None
if o.scheme.lower() != 'https':
print('VAPI URL must be a https URL')
raise Exception('VAPI URL must be a https URL')
print('sts_url: {0}'.format(self.sts_url))
print('Initialize SsoAuthenticator and fetching SAML bearer token...')
authenticator = sso.SsoAuthenticator(self.sts_url)
context = None
if self.skip_verification:
context = get_unverified_context()
bearer_token = authenticator.get_bearer_saml_assertion(self.sso_username,
self.sso_password,
delegatable=True,
ssl_context=context)
print('Creating SAML Bearer Security Context...')
sec_ctx = create_saml_bearer_security_context(bearer_token)
print('Connecting to VAPI provider and preparing stub configuration...')
session = requests.Session()
if self.skip_verification:
session.verify = False
connector = get_requests_connector(session=session, url=self.vapi_url)
self.stub_config = StubConfigurationFactory.new_std_configuration(connector)
connector.set_security_context(sec_ctx)
self.stub_config = StubConfigurationFactory.new_std_configuration(connector)
self.session = Session(self.stub_config)
print('Login to VAPI endpoint and get the session_id...')
self.session_id = self.session.create()
print('Update the VAPI connection with session_id...')
session_sec_ctx = create_session_security_context(self.session_id)
connector.set_security_context(session_sec_ctx)
def cleanup(self):
if self.session_id is not None:
self.disconnect()
print('VAPI session disconnected successfully...')
def disconnect(self):
self.session.delete()
def main():
connectionWorkflow = ConnectionWorkflow()
connectionWorkflow.options()
connectionWorkflow.setup()
connectionWorkflow.execute()
connectionWorkflow.cleanup()
# Start program
if __name__ == '__main__':
main()

119
samples/vsphere/sso/embedded_psc_sso_workflow.py Normal file
View File

@ -0,0 +1,119 @@
#!/usr/bin/env python
"""
* *******************************************************
* Copyright (c) VMware, Inc. 2016. All Rights Reserved.
* *******************************************************
*
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
"""
__author__ = 'VMware, Inc.'
__copyright__ = 'Copyright 2017 VMware, Inc. All rights reserved.'
__vcenter_version__ = '6.0+'
from pprint import pprint
import requests
from com.vmware.cis_client import Session
from com.vmware.vcenter_client import Datacenter
from vmware.vapi.lib.connect import get_requests_connector
from vmware.vapi.security.session import create_session_security_context
from vmware.vapi.security.sso import create_saml_bearer_security_context
from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
from samples.vsphere.common.ssl_helper import get_unverified_context
from samples.vsphere.common.vapiconnect import create_unverified_session
from samples.vsphere.common.sample_util import parse_cli_args
from samples.vsphere.common import sso
class EmbeddedPscSsoWorkflow(object):
"""
Demonstrates how to Login to vCenter vAPI service with
embedded Platform Services Controller.
"""
def __init__(self):
self.server = None
self.username = None
self.password = None
self.session = None
self.session_id = None
self.skip_verification = False
def setup(self):
self.server, self.username, self.password, _, self.skip_verification = \
parse_cli_args()
def run(self):
print('\n\n#### Example: Login to vCenter server with '
'embedded Platform Services Controller')
# Since the platform services controller is embedded, the sso server
# is the same as the vCenter server.
ssoUrl = 'https://{}/sts/STSService'.format(self.server)
print('\nStep 1: Connect to the Single Sign-On URL and '
'retrieve the SAML bearer token.')
authenticator = sso.SsoAuthenticator(ssoUrl)
context = None
if self.skip_verification:
context = get_unverified_context()
bearer_token = authenticator.get_bearer_saml_assertion(
self.username,
self.password,
delegatable=True,
ssl_context=context)
# Creating SAML Bearer Security Context
sec_ctx = create_saml_bearer_security_context(bearer_token)
print('\nStep 2. Login to vAPI services using the SAML bearer token.')
# The URL for the stub requests are made against the /api HTTP endpoint
# of the vCenter system.
vapi_url = 'https://{}/api'.format(self.server)
# Create an authenticated stub configuration object that can be used to
# issue requests against vCenter.
session = requests.Session()
if self.skip_verification:
session = create_unverified_session(session)
connector = get_requests_connector(session=session, url=vapi_url)
connector.set_security_context(sec_ctx)
stub_config = StubConfigurationFactory.new_std_configuration(
connector)
self.session = Session(stub_config)
# Login to VAPI endpoint and get the session_id
self.session_id = self.session.create()
# Update the VAPI connection with session_id
session_sec_ctx = create_session_security_context(self.session_id)
connector.set_security_context(session_sec_ctx)
print('\nStep 3: List available datacenters using the vAPI services')
datacenter_svc = Datacenter(stub_config)
pprint(datacenter_svc.list())
self.session.delete()
print('VAPI session disconnected successfully...')
def main():
embedded_psc_sso_workflow = EmbeddedPscSsoWorkflow()
embedded_psc_sso_workflow.setup()
embedded_psc_sso_workflow.run()
# Start program
if __name__ == '__main__':
main()

175
samples/vsphere/sso/external_psc_sso_workflow.py Normal file
View File

@ -0,0 +1,175 @@
#!/usr/bin/env python
"""
* *******************************************************
* Copyright (c) VMware, Inc. 2016. All Rights Reserved.
* *******************************************************
*
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
"""
__author__ = 'VMware, Inc.'
__copyright__ = 'Copyright 2017 VMware, Inc. All rights reserved.'
__vcenter_version__ = '6.0+'
import argparse
import requests
from pprint import pprint
from com.vmware.cis_client import Session
from com.vmware.vcenter_client import Datacenter
from vmware.vapi.lib.connect import get_requests_connector
from vmware.vapi.security.session import create_session_security_context
from vmware.vapi.security.sso import create_saml_bearer_security_context
from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
from samples.vsphere.common import sso
from samples.vsphere.common.lookup_service_helper import LookupServiceHelper
from samples.vsphere.common.ssl_helper import get_unverified_context
from samples.vsphere.common.vapiconnect import create_unverified_session
class ExternalPscSsoWorkflow(object):
"""
Demonstrates how to Login to vCenter vAPI service with
external Platform Services Controller.
"""
def __init__(self):
self.lswsdl = None
self.lsurl = None
self.mgmtinstancename = None
self.username = None
self.password = None
self.session = None
self.session_id = None
self.args = None
self.argparser = None
self.mgmtinstancename = None
self.skip_verification = False
def options(self):
self.argparser = argparse.ArgumentParser(description=self.__doc__)
# setup the argument parser
self.argparser.add_argument('-w', '--lswsdl',
help='Lookup service WSDL')
self.argparser.add_argument('-s', '--lsurl', help='Lookup service URL')
self.argparser.add_argument('-m', '--mgmtinstancename',
help='Instance name of the vCenter Server '
'management node. '
'When only one node is registered, '
'it is selected by default; otherwise,'
' omit the parameter to get a list of '
'available nodes.')
self.argparser.add_argument('-u', '--username', help='SSO user name')
self.argparser.add_argument('-p', '--password',
help='SSO user password')
self.argparser.add_argument('-v', '--skipverification',
action='store_true',
help='Do not verify server certificate')
self.args = self.argparser.parse_args()
def setup(self):
self.lswsdl = self.args.lswsdl
assert self.lswsdl is not None
print('lswsdl: {0}'.format(self.lswsdl))
self.lsurl = self.args.lsurl
assert self.lsurl is not None
print('lsurl: {0}'.format(self.lsurl))
self.username = self.args.username
assert self.username is not None
self.password = self.args.password
assert self.password is not None
self.mgmtinstancename = self.args.mgmtinstancename
self.skip_verification = self.args.skipverification
def run(self):
print('\n\n#### Example: Login to vCenter server with '
'external Platform Services Controller')
print('\nStep 1: Connect to the lookup service on the '
'Platform Services Controller node: {0}'.format(self.lsurl))
lookupservicehelper = LookupServiceHelper(wsdl_url=self.lswsdl,
soap_url=self.lsurl,
skip_verification=self.skip_verification)
lookupservicehelper.connect()
if self.mgmtinstancename is None:
self.mgmtinstancename, self.mgmtnodeid = lookupservicehelper.get_default_mgmt_node()
elif self.mgmtnodeid is None:
self.mgmtnodeid = lookupservicehelper.get_mgmt_node_id(
self.mgmtinstancename)
assert self.mgmtnodeid is not None
print('\nStep 2: Discover the Single Sign-On service URL'
' from lookup service.')
sso_url = lookupservicehelper.find_sso_url()
print('Sso URL: {0}'.format(sso_url))
print('\nStep 3: Connect to the Single Sign-On URL and '
'retrieve the SAML bearer token.')
authenticator = sso.SsoAuthenticator(sso_url)
context = None
if self.skip_verification:
context = get_unverified_context()
bearer_token = authenticator.get_bearer_saml_assertion(
self.username,
self.password,
delegatable=True,
ssl_context=context)
# Creating SAML Bearer Security Context
sec_ctx = create_saml_bearer_security_context(bearer_token)
print('\nStep 4. Discover the vAPI service URL from lookup service.')
vapi_url = lookupservicehelper.find_vapi_url(self.mgmtnodeid)
print('vAPI URL: {0}'.format(vapi_url))
print('\nStep 5. Login to vAPI services using the SAML bearer token.')
# Create an authenticated stub configuration object that can be used to
# issue requests against vCenter.
session = requests.Session()
if self.skip_verification:
session = create_unverified_session(session)
connector = get_requests_connector(session=session, url=vapi_url)
connector.set_security_context(sec_ctx)
stub_config = StubConfigurationFactory.new_std_configuration(
connector)
self.session = Session(stub_config)
# Login to VAPI endpoint and get the session_id
self.session_id = self.session.create()
# Update the VAPI connection with session_id
session_sec_ctx = create_session_security_context(self.session_id)
connector.set_security_context(session_sec_ctx)
print('\nStep 6: List available datacenters using the vAPI services')
datacenter_svc = Datacenter(stub_config)
pprint(datacenter_svc.list())
self.session.delete()
print('VAPI session disconnected successfully...')
def main():
external_psc_sso_workflow = ExternalPscSsoWorkflow()
external_psc_sso_workflow.options()
external_psc_sso_workflow.setup()
external_psc_sso_workflow.run()
# Start program
if __name__ == '__main__':
main()

91
samples/vsphere/sso/print_services.py
View File

@ -1,91 +0,0 @@
"""
* *******************************************************
* Copyright (c) VMware, Inc. 2014. All Rights Reserved.
* *******************************************************
*
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
"""
__author__ = 'VMware, Inc.'
__copyright__ = 'Copyright 2014 VMware, Inc. All rights reserved.'
import argparse
from samples.vsphere.common.lookup_service_helper import LookupServiceHelper
class PrintServices(object):
"""
Demonstrates service discovery using lookup service APIs.
The sample prints all the PSC (Platform Service Controller) and Management Node (vCenter Server) and
some of the critical services (SSO, VAPI, VIM etc.) running on these nodes. This sample can also be used
to find out the server deployment (e.g. MxN setup with multiple PSC/Management nodes).
"""
def __init__(self):
self.lswsdlurl = None
self.lssoapurl = None
def options(self):
self.argparser = argparse.ArgumentParser(description=self.__doc__)
# setup the argument parser
self.argparser.add_argument('-w', '--lswsdlurl',
help='Lookup service WSDL URL')
self.argparser.add_argument('-s', '--lssoapurl',
help='Lookup service SOAP URL')
self.argparser.add_argument('-v', '--skipverification',
action='store_true',
help='Do not verify server certificate')
self.args = self.argparser.parse_args() # parse all the sample arguments when they are all set
def setup(self):
self.lswsdlurl = self.args.lswsdlurl
assert self.lswsdlurl is not None
print('lswsdlurl: {0}'.format(self.lswsdlurl))
self.lssoapurl = self.args.lssoapurl
assert self.lssoapurl is not None
print('lssoapurl: {0}'.format(self.lssoapurl))
self.skip_verification = self.args.skipverification
def execute(self):
print('Connecting to lookup service url: {0}'.format(self.lssoapurl))
lookupservicehelper = LookupServiceHelper(wsdl_url=self.lswsdlurl,
soap_url=self.lssoapurl,
skip_verification=self.skip_verification)
lookupservicehelper.connect()
# print the PSC nodes and SSO service endpoint URLs
for index, sso_url in enumerate(lookupservicehelper.find_sso_urls(), start=1):
print('=============================')
print('PSC node: {0}'.format(index))
print(' SSO URL: {0}'.format(sso_url))
print('=============================')
# print the mgmt (vCenter Server) nodes and some of the critical service endpoint URLs
for instance_name, node_id in lookupservicehelper.find_mgmt_nodes().items():
print('=============================')
print('Mgmt node instance name: {0} node_id: {1}'.format(instance_name, node_id))
print(' VAPI URL: {0}'.format(lookupservicehelper.find_vapi_url(node_id)))
print(' VIM URL: {0}'.format(lookupservicehelper.find_vim_url(node_id)))
print(' SPBM URL: {0}'.format(lookupservicehelper.find_vim_pbm_url(node_id)))
print('=============================')
def cleanup(self):
pass
def main():
printServices = PrintServices()
printServices.options()
printServices.setup()
printServices.execute()
printServices.cleanup()
# Start program
if __name__ == "__main__":
main()

150
samples/vsphere/sso/vapi_connection_workflow.py
View File

@ -1,150 +0,0 @@
#!/usr/bin/env python
"""
* *******************************************************
* Copyright (c) VMware, Inc. 2014, 2016. All Rights Reserved.
* *******************************************************
*
* DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT
* WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN,
* EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED
* WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY,
* NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE.
"""
__author__ = 'VMware, Inc.'
__copyright__ = 'Copyright 2014, 2016 VMware, Inc. All rights reserved.'
import argparse
import requests
from vmware.vapi.lib.connect import get_requests_connector
from com.vmware.cis_client import Session
from vmware.vapi.security.user_password import create_user_password_security_context
from vmware.vapi.security.session import create_session_security_context
from vmware.vapi.stdlib.client.factories import StubConfigurationFactory
from com.vmware.cis.tagging_client import Tag
from samples.vsphere.common.lookup_service_helper import LookupServiceHelper
class VapiConnectionWorkflow(object):
"""
Demonstrates vAPI connection and service initialization callflow using the username and password
Step 1: Retrieve the vAPI service endpoint URL from lookup service.
Step 2: Connect to the vAPI service endpoint.
Step 3: Use the username/password to login to the vAPI service endpoint.
Step 4: Create a vAPI session.
Step 5: Validate some of the vAPI services.
Step 6: Delete the vAPI session.
"""
def __init__(self):
self.lswsdlurl = None
self.lssoapurl = None
self.mgmtinstancename = None # Optional: used when there are more than one mgmt node
self.username = None
self.password = None
self.mgmtnodeid = None
self.vapiurl = None
self.session = None
self.session_id = None
self.stub_config = None
self.skip_verification = False
def options(self):
self.argparser = argparse.ArgumentParser(description=self.__doc__)
# setup the argument parser
self.argparser.add_argument('-w', '--lswsdlurl', help='Lookup service WSDL URL')
self.argparser.add_argument('-s', '--lssoapurl', help='Lookup service SOAP URL')
self.argparser.add_argument('-m', '--mgmtinstancename',
help='Instance name of the vCenter Server management node. ' + \
'When only one node is registered, it is selected by default; ' + \
'otherwise, omit the parameter to get a list of available nodes.')
self.argparser.add_argument('-u', '--username', help='SSO user name')
self.argparser.add_argument('-p', '--password', help='SSO user password')
self.argparser.add_argument('-v', '--skipverification', action='store_true',
help='Do not verify server certificate')
self.args = self.argparser.parse_args() # parse all the sample arguments when they are all set
def setup(self):
self.lswsdlurl = self.args.lswsdlurl
assert self.lswsdlurl is not None
print('lswsdlurl: {0}'.format(self.lswsdlurl))
self.lssoapurl = self.args.lssoapurl
assert self.lssoapurl is not None
print('lssoapurl: {0}'.format(self.lssoapurl))
self.username = self.args.username
assert self.username is not None
self.password = self.args.password
assert self.password is not None
self.mgmtinstancename = self.args.mgmtinstancename
self.skip_verification = self.args.skipverification
def execute(self):
print('Connecting to lookup service url: {0}'.format(self.lssoapurl))
lookupservicehelper = LookupServiceHelper(wsdl_url=self.lswsdlurl,
soap_url=self.lssoapurl,
skip_verification=self.skip_verification)
lookupservicehelper.connect()
if self.mgmtinstancename is None:
self.mgmtinstancename, self.mgmtnodeid = lookupservicehelper.get_default_mgmt_node()
elif self.mgmtnodeid is None:
self.mgmtnodeid = lookupservicehelper.get_mgmt_node_id(self.mgmtinstancename)
assert self.mgmtnodeid is not None
self.vapiurl = lookupservicehelper.find_vapi_url(self.mgmtnodeid)
print('vapi_url: {0}'.format(self.vapiurl))
print('Connecting to VAPI endpoint and preparing stub configuration...')
session = requests.Session()
if self.skip_verification:
session.verify = False
connector = get_requests_connector(session=session, url=self.vapiurl)
self.stub_config = StubConfigurationFactory.new_std_configuration(connector)
sec_ctx = create_user_password_security_context(self.username, self.password)
connector.set_security_context(sec_ctx)
self.stub_config = StubConfigurationFactory.new_std_configuration(connector)
self.session = Session(self.stub_config)
print('Login to VAPI endpoint and get the session_id...')
self.session_id = self.session.create()
print('Update the VAPI connection with session_id...')
session_sec_ctx = create_session_security_context(self.session_id)
connector.set_security_context(session_sec_ctx)
# make sure you can access some of the VAPI services
tag_svc = Tag(self.stub_config)
print('List all the existing tags user has access to...')
tags = tag_svc.list()
if len(tags) > 0:
for tag in tags:
print('Found Tag: {0}'.format(tag))
else:
print('No Tag Found...')
def cleanup(self):
if self.session_id is not None:
self.disconnect()
print('VAPI session disconnected successfully...')
def disconnect(self):
self.session.delete()
def main():
vapiConnectionWorkflow = VapiConnectionWorkflow()
vapiConnectionWorkflow.options()
vapiConnectionWorkflow.setup()
vapiConnectionWorkflow.execute()
vapiConnectionWorkflow.cleanup()
# Start program
if __name__ == '__main__':
main()