""" * ******************************************************* * Copyright (c) VMware, Inc. 2013, 2016. All Rights Reserved. * SODX-License-Identifier: MIT * ******************************************************* * * DISCLAIMER. THIS PROGRAM IS PROVIDED TO YOU "AS IS" WITHOUT * WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER ORAL OR WRITTEN, * EXPRESS OR IMPLIED. THE AUTHOR SPECIFICALLY DISCLAIMS ANY IMPLIED * WARRANTIES OR CONDITIONS OF MERCHANTABILITY, SATISFACTORY QUALITY, * NON-INFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE. """ __author__ = 'VMware, Inc.' __copyright__ = 'Copyright 2013, 2016 VMware, Inc. All rights reserved.' from vmware.vapi.security.sso import create_saml_bearer_security_context from samples.vsphere.common import sso from samples.vsphere.common.lookup_service_helper import LookupServiceHelper from samples.vsphere.common.ssl_helper import get_unverified_context class PlatformServiceController(object): """ Manages services on the infrastructure node (e.g. lookup service, SSO etc.) """ def __init__(self, lswsdlurl, lssoapurl, ssousername, ssopassword, skip_verification): self.lswsdlurl = lswsdlurl self.lssoapurl = lssoapurl self.ssousername = ssousername self.ssopassword = ssopassword self.lookupservicehelper = None self.stsurl = None self.bearer_token = None # SAML bearer token self.sec_ctx = None # Security context self.skip_verification = skip_verification def login(self): """ Finds the SSO URL from the lookup service and retrieves the SAML token from STS URL """ print('Connecting to lookup service url: {0}'.format(self.lssoapurl)) self.lookupservicehelper = LookupServiceHelper(wsdl_url=self.lswsdlurl, soap_url=self.lssoapurl, skip_verification=self.skip_verification) self.lookupservicehelper.connect() self.stsurl = self.lookupservicehelper.find_sso_url() assert self.stsurl is not None print('Retrieving a SAML bearer token from STS url : {0}'.format( self.stsurl)) au = sso.SsoAuthenticator(self.stsurl) context = None if self.skip_verification: context = get_unverified_context() self.bearer_token = au.get_bearer_saml_assertion( self.ssousername, self.ssopassword, delegatable=True, ssl_context=context) self.sec_ctx = create_saml_bearer_security_context(self.bearer_token)