1
0
mirror of https://github.com/vmware/vsphere-automation-sdk-python.git synced 2024-11-29 12:00:00 -05:00
vsphere-automation-sdk-python/vsphere/6.7.1/vmware.vapi.security.html
2018-10-22 21:38:55 +08:00

660 lines
33 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>vmware.vapi.security package &mdash; vSphere Automation SDK for Python 6.7U1 documentation</title>
<link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<link rel="index" title="Index" href="genindex.html" />
<link rel="search" title="Search" href="search.html" />
<link rel="next" title="vmware.vapi.security.client package" href="vmware.vapi.security.client.html" />
<link rel="prev" title="vmware.vapi.lib package" href="vmware.vapi.lib.html" />
<script src="_static/js/modernizr.min.js"></script>
</head>
<body class="wy-body-for-nav">
<div class="wy-grid-for-nav">
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
<div class="wy-side-scroll">
<div class="wy-side-nav-search">
<a href="index.html" class="icon icon-home"> vSphere Automation SDK for Python
</a>
<div class="version">
6.7U1
</div>
<div role="search">
<form id="rtd-search-form" class="wy-form" action="search.html" method="get">
<input type="text" name="q" placeholder="Search docs" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
</div>
</div>
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
<p class="caption"><span class="caption-text">Contents:</span></p>
<ul class="current">
<li class="toctree-l1"><a class="reference internal" href="com.html">com package</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="vmware.html">vmware package</a><ul class="current">
<li class="toctree-l2 current"><a class="reference internal" href="vmware.html#subpackages">Subpackages</a><ul class="current">
<li class="toctree-l3 current"><a class="reference internal" href="vmware.vapi.html">vmware.vapi package</a><ul class="current">
<li class="toctree-l4 current"><a class="reference internal" href="vmware.vapi.html#subpackages">Subpackages</a></li>
<li class="toctree-l4"><a class="reference internal" href="vmware.vapi.html#submodules">Submodules</a></li>
<li class="toctree-l4"><a class="reference internal" href="vmware.vapi.html#module-vmware.vapi.core">vmware.vapi.core module</a></li>
<li class="toctree-l4"><a class="reference internal" href="vmware.vapi.html#module-vmware.vapi.exception">vmware.vapi.exception module</a></li>
<li class="toctree-l4"><a class="reference internal" href="vmware.vapi.html#module-vmware.vapi.message">vmware.vapi.message module</a></li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
</ul>
</div>
</div>
</nav>
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
<nav class="wy-nav-top" aria-label="top navigation">
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
<a href="index.html">vSphere Automation SDK for Python</a>
</nav>
<div class="wy-nav-content">
<div class="rst-content">
<div role="navigation" aria-label="breadcrumbs navigation">
<ul class="wy-breadcrumbs">
<li><a href="index.html">Docs</a> &raquo;</li>
<li><a href="vmware.html">vmware package</a> &raquo;</li>
<li><a href="vmware.vapi.html">vmware.vapi package</a> &raquo;</li>
<li>vmware.vapi.security package</li>
<li class="wy-breadcrumbs-aside">
<a href="_sources/vmware.vapi.security.rst.txt" rel="nofollow"> View page source</a>
</li>
</ul>
<hr/>
</div>
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
<div itemprop="articleBody">
<div class="section" id="module-vmware.vapi.security">
<span id="vmware-vapi-security-package"></span><h1>vmware.vapi.security package<a class="headerlink" href="#module-vmware.vapi.security" title="Permalink to this headline"></a></h1>
<div class="section" id="subpackages">
<h2>Subpackages<a class="headerlink" href="#subpackages" title="Permalink to this headline"></a></h2>
<div class="toctree-wrapper compound">
<ul>
<li class="toctree-l1"><a class="reference internal" href="vmware.vapi.security.client.html">vmware.vapi.security.client package</a><ul>
<li class="toctree-l2"><a class="reference internal" href="vmware.vapi.security.client.html#submodules">Submodules</a></li>
<li class="toctree-l2"><a class="reference internal" href="vmware.vapi.security.client.html#module-vmware.vapi.security.client.security_context_filter">vmware.vapi.security.client.security_context_filter module</a></li>
</ul>
</li>
</ul>
</div>
</div>
<div class="section" id="submodules">
<h2>Submodules<a class="headerlink" href="#submodules" title="Permalink to this headline"></a></h2>
</div>
<div class="section" id="module-vmware.vapi.security.privilege">
<span id="vmware-vapi-security-privilege-module"></span><h2>vmware.vapi.security.privilege module<a class="headerlink" href="#module-vmware.vapi.security.privilege" title="Permalink to this headline"></a></h2>
<p>Privilege Validator interface</p>
<dl class="class">
<dt id="vmware.vapi.security.privilege.PrivilegeValidator">
<em class="property">class </em><code class="descclassname">vmware.vapi.security.privilege.</code><code class="descname">PrivilegeValidator</code><a class="headerlink" href="#vmware.vapi.security.privilege.PrivilegeValidator" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
<p>Interface for Privilege Validation</p>
<dl class="method">
<dt id="vmware.vapi.security.privilege.PrivilegeValidator.validate">
<code class="descname">validate</code><span class="sig-paren">(</span><em>user_identity</em>, <em>required_privileges</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.privilege.PrivilegeValidator.validate" title="Permalink to this definition"></a></dt>
<dd><p>Validate the privileges required for a given user identity</p>
</dd></dl>
</dd></dl>
<dl class="function">
<dt id="vmware.vapi.security.privilege.get_privilege_validator">
<code class="descclassname">vmware.vapi.security.privilege.</code><code class="descname">get_privilege_validator</code><span class="sig-paren">(</span><em>privilege_validator=None</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.privilege.get_privilege_validator" title="Permalink to this definition"></a></dt>
<dd><p>Returns the singleton PrivilegeValidator instance</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Type:</th><td class="field-body"><code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code></td>
</tr>
<tr class="field-even field"><th class="field-name">Param:</th><td class="field-body">Privilege Validator class</td>
</tr>
</tbody>
</table>
</dd></dl>
</div>
<div class="section" id="module-vmware.vapi.security.session">
<span id="vmware-vapi-security-session-module"></span><h2>vmware.vapi.security.session module<a class="headerlink" href="#module-vmware.vapi.security.session" title="Permalink to this headline"></a></h2>
<p>Session Security Helper</p>
<dl class="class">
<dt id="vmware.vapi.security.session.SessionSecurityContextParser">
<em class="property">class </em><code class="descclassname">vmware.vapi.security.session.</code><code class="descname">SessionSecurityContextParser</code><a class="headerlink" href="#vmware.vapi.security.session.SessionSecurityContextParser" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.security.rest.SecurityContextParser</span></code></p>
<p>Security context parser used by the REST presentation layer
that builds a security context if the REST request has session
identifier either in the header or in the cookie.</p>
<p>Initialize SessionSecurityContextParser</p>
<dl class="method">
<dt id="vmware.vapi.security.session.SessionSecurityContextParser.build">
<code class="descname">build</code><span class="sig-paren">(</span><em>request</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.session.SessionSecurityContextParser.build" title="Permalink to this definition"></a></dt>
<dd><p>Build the security context if the request has the header
that contains the session identifier or a cookie that has
the session identifier.</p>
<p>The method will first check for session identifier in the cookie,
if it is not present, then it will check in the HTTP headers.
The session security context is created based on the first session
identifier it finds.</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>request</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">werkzeug.wrappers.Request</span></code>) Request object</td>
</tr>
<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><a class="reference internal" href="vmware.vapi.html#vmware.vapi.core.SecurityContext" title="vmware.vapi.core.SecurityContext"><code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.core.SecurityContext</span></code></a> or <code class="docutils literal notranslate"><span class="pre">None</span></code></td>
</tr>
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Security context object</td>
</tr>
</tbody>
</table>
</dd></dl>
</dd></dl>
<dl class="function">
<dt id="vmware.vapi.security.session.create_session_security_context">
<code class="descclassname">vmware.vapi.security.session.</code><code class="descname">create_session_security_context</code><span class="sig-paren">(</span><em>session_id</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.session.create_session_security_context" title="Permalink to this definition"></a></dt>
<dd><p>Create a security context for Session Id based authentication
scheme</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>session_id</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) Session ID</td>
</tr>
<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><a class="reference internal" href="vmware.vapi.html#vmware.vapi.core.SecurityContext" title="vmware.vapi.core.SecurityContext"><code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.core.SecurityContext</span></code></a></td>
</tr>
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Newly created security context</td>
</tr>
</tbody>
</table>
</dd></dl>
</div>
<div class="section" id="module-vmware.vapi.security.sso">
<span id="vmware-vapi-security-sso-module"></span><h2>vmware.vapi.security.sso module<a class="headerlink" href="#module-vmware.vapi.security.sso" title="Permalink to this headline"></a></h2>
<p>SSO Security Helper</p>
<dl class="class">
<dt id="vmware.vapi.security.sso.JSONCanonicalEncoder">
<em class="property">class </em><code class="descclassname">vmware.vapi.security.sso.</code><code class="descname">JSONCanonicalEncoder</code><span class="sig-paren">(</span><em>skipkeys=False</em>, <em>ensure_ascii=True</em>, <em>check_circular=True</em>, <em>allow_nan=True</em>, <em>sort_keys=False</em>, <em>indent=None</em>, <em>separators=None</em>, <em>default=None</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONCanonicalEncoder" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">json.encoder.JSONEncoder</span></code></p>
<p>Custom JSON Encoder class to canonicalize dictionary
and list objects</p>
<p>Constructor for JSONEncoder, with sensible defaults.</p>
<p>If skipkeys is false, then it is a TypeError to attempt
encoding of keys that are not str, int, float or None. If
skipkeys is True, such items are simply skipped.</p>
<p>If ensure_ascii is true, the output is guaranteed to be str
objects with all incoming non-ASCII characters escaped. If
ensure_ascii is false, the output can contain non-ASCII characters.</p>
<p>If check_circular is true, then lists, dicts, and custom encoded
objects will be checked for circular references during encoding to
prevent an infinite recursion (which would cause an OverflowError).
Otherwise, no such check takes place.</p>
<p>If allow_nan is true, then NaN, Infinity, and -Infinity will be
encoded as such. This behavior is not JSON specification compliant,
but is consistent with most JavaScript based encoders and decoders.
Otherwise, it will be a ValueError to encode such floats.</p>
<p>If sort_keys is true, then the output of dictionaries will be
sorted by key; this is useful for regression tests to ensure
that JSON serializations can be compared on a day-to-day basis.</p>
<p>If indent is a non-negative integer, then JSON array
elements and object members will be pretty-printed with that
indent level. An indent level of 0 will only insert newlines.
None is the most compact representation.</p>
<p>If specified, separators should be an (item_separator, key_separator)
tuple. The default is (, , : ) if <em>indent</em> is <code class="docutils literal notranslate"><span class="pre">None</span></code> and
(,, : ) otherwise. To get the most compact JSON representation,
you should specify (,, :) to eliminate whitespace.</p>
<p>If specified, default is a function that gets called for objects
that cant otherwise be serialized. It should return a JSON encodable
version of the object or raise a <code class="docutils literal notranslate"><span class="pre">TypeError</span></code>.</p>
<dl class="method">
<dt id="vmware.vapi.security.sso.JSONCanonicalEncoder.encode">
<code class="descname">encode</code><span class="sig-paren">(</span><em>o</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONCanonicalEncoder.encode" title="Permalink to this definition"></a></dt>
<dd><p>Encode a given python object</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>o</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code>) Python object</td>
</tr>
<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code></td>
</tr>
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">JSON string in canonicalized form</td>
</tr>
</tbody>
</table>
</dd></dl>
</dd></dl>
<dl class="class">
<dt id="vmware.vapi.security.sso.JSONCanonicalizer">
<em class="property">class </em><code class="descclassname">vmware.vapi.security.sso.</code><code class="descname">JSONCanonicalizer</code><a class="headerlink" href="#vmware.vapi.security.sso.JSONCanonicalizer" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
<p>This class is responsible for transforming JSON messages into their
canonical representation.</p>
<dl class="docutils">
<dt>The canonical form is defined by the following rules:</dt>
<dd><ol class="first last arabic simple">
<li>Non-significant(1) whitespace characters MUST NOT be used</li>
<li>Non-significant(1) line endings MUST NOT be used</li>
<li>Entries (set of name/value pairs) in JSON objects MUST be sorted
lexicographically(2) by their names based on UCS codepoint values</li>
<li>Arrays MUST preserve their initial ordering</li>
</ol>
</dd>
</dl>
<p>Link to the IEFT proposal:
<a class="reference external" href="https://datatracker.ietf.org/doc/draft-staykov-hu-json-canonical-form/">https://datatracker.ietf.org/doc/draft-staykov-hu-json-canonical-form/</a></p>
<dl class="staticmethod">
<dt id="vmware.vapi.security.sso.JSONCanonicalizer.canonicalize">
<em class="property">static </em><code class="descname">canonicalize</code><span class="sig-paren">(</span><em>input_message</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONCanonicalizer.canonicalize" title="Permalink to this definition"></a></dt>
<dd><p>Canonicalize the input message</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>input_message</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) Input message</td>
</tr>
<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code></td>
</tr>
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Canonicalized message</td>
</tr>
</tbody>
</table>
</dd></dl>
<dl class="staticmethod">
<dt id="vmware.vapi.security.sso.JSONCanonicalizer.canonicalize_py_obj">
<em class="property">static </em><code class="descname">canonicalize_py_obj</code><span class="sig-paren">(</span><em>py_obj</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONCanonicalizer.canonicalize_py_obj" title="Permalink to this definition"></a></dt>
<dd><p>Canonicalize the input python object</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>input_message</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code>) Input python object</td>
</tr>
<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code></td>
</tr>
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Canonicalized message</td>
</tr>
</tbody>
</table>
</dd></dl>
</dd></dl>
<dl class="class">
<dt id="vmware.vapi.security.sso.JSONSSOSigner">
<em class="property">class </em><code class="descclassname">vmware.vapi.security.sso.</code><code class="descname">JSONSSOSigner</code><a class="headerlink" href="#vmware.vapi.security.sso.JSONSSOSigner" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.protocol.common.lib.RequestProcessor</span></code></p>
<p>This class is used for signing JSON request messages</p>
<dl class="method">
<dt id="vmware.vapi.security.sso.JSONSSOSigner.process">
<code class="descname">process</code><span class="sig-paren">(</span><em>input_message</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONSSOSigner.process" title="Permalink to this definition"></a></dt>
<dd><p>Sign the input JSON request message.</p>
<p>The message is signed using users private key. The digest and saml
token is then added to the security context block of the execution
context. A timestamp is also added to guard against replay attacks</p>
<p>Sample input security context:
{</p>
<blockquote>
<div>schemeId: SAML_TOKEN,
privateKey: &lt;PRIVATE_KEY&gt;,
samlToken: &lt;SAML_TOKEN&gt;,
signatureAlgorithm: &lt;ALGORITHM&gt;,</div></blockquote>
<p>}</p>
<p>Security context block before signing:
{</p>
<blockquote>
<div><p>schemeId: SAML_TOKEN,
signatureAlgorithm: &lt;ALGORITHM&gt;,
timestamp: {</p>
<blockquote>
<div>created: 2012-10-26T12:24:18.941Z,
expires: 2012-10-26T12:44:18.941Z,</div></blockquote>
<p>}</p>
</div></blockquote>
<p>}</p>
<p>Security context block after signing:
{</p>
<blockquote>
<div><p>schemeId: SAML_TOKEN,
signatureAlgorithm: &lt;ALGORITHM&gt;,
signature: {</p>
<blockquote>
<div>samlToken: &lt;SAML_TOKEN&gt;,
value: &lt;DIGEST&gt;</div></blockquote>
<p>}
timestamp: {</p>
<blockquote>
<div>created: 2012-10-26T12:24:18.941Z,
expires: 2012-10-26T12:44:18.941Z,</div></blockquote>
<p>}</p>
</div></blockquote>
<p>}</p>
</dd></dl>
</dd></dl>
<dl class="class">
<dt id="vmware.vapi.security.sso.JSONSSOVerifier">
<em class="property">class </em><code class="descclassname">vmware.vapi.security.sso.</code><code class="descname">JSONSSOVerifier</code><a class="headerlink" href="#vmware.vapi.security.sso.JSONSSOVerifier" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.protocol.common.lib.RequestProcessor</span></code></p>
<p>This class is used to verify the authenticity of the request
message by verifying the digest present in the security context
block.</p>
<dl class="method">
<dt id="vmware.vapi.security.sso.JSONSSOVerifier.process">
<code class="descname">process</code><span class="sig-paren">(</span><em>input_message</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONSSOVerifier.process" title="Permalink to this definition"></a></dt>
<dd><p>Verify the input JSON message.</p>
<p>For verification, we need 4 things:</p>
<ol class="arabic simple">
<li>algorithm: extracted from security context</li>
</ol>
<p>2. certificate: public key of the principal embedded in the
SAML token is used
3. digest: value field from signature block
4. canonical msg: signature block is removed from the request
and the remaining part is canonicalized</p>
<p>Sample input security context:
{</p>
<blockquote>
<div><p>schemeId: SAML_TOKEN,
signatureAlgorithm: &lt;ALGORITHM&gt;,
signature: {</p>
<blockquote>
<div>samlToken: &lt;SAML_TOKEN&gt;,
value: &lt;DIGEST&gt;</div></blockquote>
<p>}
timestamp: {</p>
<blockquote>
<div>created: 2012-10-26T12:24:18.941Z,
expires: 2012-10-26T12:44:18.941Z,</div></blockquote>
<p>}</p>
</div></blockquote>
<p>}</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>input_message</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) Input JSON request message</td>
</tr>
<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code></td>
</tr>
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">JSON request message after signature verification</td>
</tr>
</tbody>
</table>
</dd></dl>
</dd></dl>
<dl class="function">
<dt id="vmware.vapi.security.sso.create_saml_bearer_security_context">
<code class="descclassname">vmware.vapi.security.sso.</code><code class="descname">create_saml_bearer_security_context</code><span class="sig-paren">(</span><em>token</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.create_saml_bearer_security_context" title="Permalink to this definition"></a></dt>
<dd><p>Create a security context for SAML bearer token based
authentication scheme</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>token</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) SAML Token</td>
</tr>
</tbody>
</table>
</dd></dl>
<dl class="function">
<dt id="vmware.vapi.security.sso.create_saml_security_context">
<code class="descclassname">vmware.vapi.security.sso.</code><code class="descname">create_saml_security_context</code><span class="sig-paren">(</span><em>token</em>, <em>private_key</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.create_saml_security_context" title="Permalink to this definition"></a></dt>
<dd><p>Create a security context for SAML token based
authentication scheme</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
<li><strong>token</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) SAML Token</li>
<li><strong>private_key</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) Absolute file path of the private key of the user</li>
</ul>
</td>
</tr>
<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><p class="first"><a class="reference internal" href="vmware.vapi.html#vmware.vapi.core.SecurityContext" title="vmware.vapi.core.SecurityContext"><code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.core.SecurityContext</span></code></a></p>
</td>
</tr>
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body"><p class="first last">Newly created security context</p>
</td>
</tr>
</tbody>
</table>
</dd></dl>
</div>
<div class="section" id="module-vmware.vapi.security.user_password">
<span id="vmware-vapi-security-user-password-module"></span><h2>vmware.vapi.security.user_password module<a class="headerlink" href="#module-vmware.vapi.security.user_password" title="Permalink to this headline"></a></h2>
<p>User password Security Helper</p>
<dl class="class">
<dt id="vmware.vapi.security.user_password.UserPasswordSecurityContextParser">
<em class="property">class </em><code class="descclassname">vmware.vapi.security.user_password.</code><code class="descname">UserPasswordSecurityContextParser</code><a class="headerlink" href="#vmware.vapi.security.user_password.UserPasswordSecurityContextParser" title="Permalink to this definition"></a></dt>
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.security.rest.SecurityContextParser</span></code></p>
<p>Security context parser used by the REST presentation layer
that builds a security context if the REST request has
username/password credentials in the HTTP header.</p>
<p>Initialize UserPasswordSecurityContextParser</p>
<dl class="method">
<dt id="vmware.vapi.security.user_password.UserPasswordSecurityContextParser.build">
<code class="descname">build</code><span class="sig-paren">(</span><em>request</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.user_password.UserPasswordSecurityContextParser.build" title="Permalink to this definition"></a></dt>
<dd><p>Build the security context if the request has authorization
header that contains base64 encoded string of username/password.</p>
<p>If the request authorization header doesnt have the username/password,
this method returns None.</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><strong>request</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">werkzeug.wrappers.Request</span></code>) Request object</td>
</tr>
<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><a class="reference internal" href="vmware.vapi.html#vmware.vapi.core.SecurityContext" title="vmware.vapi.core.SecurityContext"><code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.core.SecurityContext</span></code></a> or <code class="docutils literal notranslate"><span class="pre">None</span></code></td>
</tr>
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body">Security context object</td>
</tr>
</tbody>
</table>
</dd></dl>
</dd></dl>
<dl class="function">
<dt id="vmware.vapi.security.user_password.create_user_password_security_context">
<code class="descclassname">vmware.vapi.security.user_password.</code><code class="descname">create_user_password_security_context</code><span class="sig-paren">(</span><em>user_name</em>, <em>password</em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.user_password.create_user_password_security_context" title="Permalink to this definition"></a></dt>
<dd><p>Create a security context for Username-Password based authentication
scheme</p>
<table class="docutils field-list" frame="void" rules="none">
<col class="field-name" />
<col class="field-body" />
<tbody valign="top">
<tr class="field-odd field"><th class="field-name">Parameters:</th><td class="field-body"><ul class="first simple">
<li><strong>user_name</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) Name of the user</li>
<li><strong>password</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) Password of the user</li>
</ul>
</td>
</tr>
<tr class="field-even field"><th class="field-name">Return type:</th><td class="field-body"><p class="first"><a class="reference internal" href="vmware.vapi.html#vmware.vapi.core.SecurityContext" title="vmware.vapi.core.SecurityContext"><code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.core.SecurityContext</span></code></a></p>
</td>
</tr>
<tr class="field-odd field"><th class="field-name">Returns:</th><td class="field-body"><p class="first last">Newly created security context</p>
</td>
</tr>
</tbody>
</table>
</dd></dl>
</div>
</div>
</div>
</div>
<footer>
<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
<a href="vmware.vapi.security.client.html" class="btn btn-neutral float-right" title="vmware.vapi.security.client package" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right"></span></a>
<a href="vmware.vapi.lib.html" class="btn btn-neutral" title="vmware.vapi.lib package" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left"></span> Previous</a>
</div>
<hr/>
<div role="contentinfo">
<p>
&copy; Copyright 2018, VMware, Inc.
</p>
</div>
Built with <a href="http://sphinx-doc.org/">Sphinx</a> using a <a href="https://github.com/rtfd/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
</footer>
</div>
</div>
</section>
</div>
<script type="text/javascript" id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<script async="async" type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.1/MathJax.js?config=TeX-AMS-MML_HTMLorMML"></script>
<script type="text/javascript" src="_static/js/theme.js"></script>
<script type="text/javascript">
jQuery(function () {
SphinxRtdTheme.Navigation.enable(true);
});
</script>
</body>
</html>