mirror of
https://github.com/vmware/vsphere-automation-sdk-python.git
synced 2024-11-22 09:39:58 -05:00
4b77198d0f
Signed-off-by: shweta <spurohit@vmware.com>
612 lines
32 KiB
HTML
612 lines
32 KiB
HTML
|
||
|
||
<!DOCTYPE html>
|
||
<html class="writer-html5" lang="en" >
|
||
<head>
|
||
<meta charset="utf-8" />
|
||
|
||
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
||
|
||
<title>vmware.vapi.security package — vSphere Automation SDK for Python. 7.0.3.0 documentation</title>
|
||
|
||
|
||
|
||
<link rel="stylesheet" href="_static/css/theme.css" type="text/css" />
|
||
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<!--[if lt IE 9]>
|
||
<script src="_static/js/html5shiv.min.js"></script>
|
||
<![endif]-->
|
||
|
||
|
||
<script type="text/javascript" id="documentation_options" data-url_root="./" src="_static/documentation_options.js"></script>
|
||
<script src="_static/jquery.js"></script>
|
||
<script src="_static/underscore.js"></script>
|
||
<script src="_static/doctools.js"></script>
|
||
|
||
<script type="text/javascript" src="_static/js/theme.js"></script>
|
||
|
||
|
||
<link rel="index" title="Index" href="genindex.html" />
|
||
<link rel="search" title="Search" href="search.html" />
|
||
<link rel="next" title="vmware.vapi.security.client package" href="vmware.vapi.security.client.html" />
|
||
<link rel="prev" title="vmware.vapi.lib package" href="vmware.vapi.lib.html" />
|
||
</head>
|
||
|
||
<body class="wy-body-for-nav">
|
||
|
||
|
||
<div class="wy-grid-for-nav">
|
||
|
||
<nav data-toggle="wy-nav-shift" class="wy-nav-side">
|
||
<div class="wy-side-scroll">
|
||
<div class="wy-side-nav-search" >
|
||
|
||
|
||
|
||
<a href="index.html" class="icon icon-home"> vSphere Automation SDK for Python.
|
||
|
||
|
||
|
||
</a>
|
||
|
||
|
||
|
||
|
||
<div class="version">
|
||
7.0.3.0
|
||
</div>
|
||
|
||
|
||
|
||
|
||
<div role="search">
|
||
<form id="rtd-search-form" class="wy-form" action="search.html" method="get">
|
||
<input type="text" name="q" placeholder="Search docs" />
|
||
<input type="hidden" name="check_keywords" value="yes" />
|
||
<input type="hidden" name="area" value="default" />
|
||
</form>
|
||
</div>
|
||
|
||
|
||
</div>
|
||
|
||
|
||
<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<p class="caption"><span class="caption-text">Contents:</span></p>
|
||
<ul class="current">
|
||
<li class="toctree-l1"><a class="reference internal" href="com.html">com package</a></li>
|
||
<li class="toctree-l1 current"><a class="reference internal" href="vmware.html">vmware package</a><ul class="current">
|
||
<li class="toctree-l2 current"><a class="reference internal" href="vmware.html#subpackages">Subpackages</a><ul class="current">
|
||
<li class="toctree-l3 current"><a class="reference internal" href="vmware.vapi.html">vmware.vapi package</a><ul class="current">
|
||
<li class="toctree-l4 current"><a class="reference internal" href="vmware.vapi.html#subpackages">Subpackages</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="vmware.vapi.html#submodules">Submodules</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="vmware.vapi.html#module-vmware.vapi.core">vmware.vapi.core module</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="vmware.vapi.html#module-vmware.vapi.exception">vmware.vapi.exception module</a></li>
|
||
<li class="toctree-l4"><a class="reference internal" href="vmware.vapi.html#module-vmware.vapi.message">vmware.vapi.message module</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
|
||
|
||
|
||
</div>
|
||
|
||
</div>
|
||
</nav>
|
||
|
||
<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
|
||
|
||
|
||
<nav class="wy-nav-top" aria-label="top navigation">
|
||
|
||
<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
|
||
<a href="index.html">vSphere Automation SDK for Python.</a>
|
||
|
||
</nav>
|
||
|
||
|
||
<div class="wy-nav-content">
|
||
|
||
<div class="rst-content">
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
|
||
<div role="navigation" aria-label="breadcrumbs navigation">
|
||
|
||
<ul class="wy-breadcrumbs">
|
||
|
||
<li><a href="index.html" class="icon icon-home"></a> »</li>
|
||
|
||
<li><a href="vmware.html">vmware package</a> »</li>
|
||
|
||
<li><a href="vmware.vapi.html">vmware.vapi package</a> »</li>
|
||
|
||
<li>vmware.vapi.security package</li>
|
||
|
||
|
||
<li class="wy-breadcrumbs-aside">
|
||
|
||
|
||
<a href="_sources/vmware.vapi.security.rst.txt" rel="nofollow"> View page source</a>
|
||
|
||
|
||
</li>
|
||
|
||
</ul>
|
||
|
||
|
||
<hr/>
|
||
</div>
|
||
<div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
|
||
<div itemprop="articleBody">
|
||
|
||
<div class="section" id="module-vmware.vapi.security">
|
||
<span id="vmware-vapi-security-package"></span><h1>vmware.vapi.security package<a class="headerlink" href="#module-vmware.vapi.security" title="Permalink to this headline">¶</a></h1>
|
||
<div class="section" id="subpackages">
|
||
<h2>Subpackages<a class="headerlink" href="#subpackages" title="Permalink to this headline">¶</a></h2>
|
||
<div class="toctree-wrapper compound">
|
||
<ul>
|
||
<li class="toctree-l1"><a class="reference internal" href="vmware.vapi.security.client.html">vmware.vapi.security.client package</a><ul>
|
||
<li class="toctree-l2"><a class="reference internal" href="vmware.vapi.security.client.html#submodules">Submodules</a></li>
|
||
<li class="toctree-l2"><a class="reference internal" href="vmware.vapi.security.client.html#module-vmware.vapi.security.client.security_context_filter">vmware.vapi.security.client.security_context_filter module</a></li>
|
||
</ul>
|
||
</li>
|
||
</ul>
|
||
</div>
|
||
</div>
|
||
<div class="section" id="submodules">
|
||
<h2>Submodules<a class="headerlink" href="#submodules" title="Permalink to this headline">¶</a></h2>
|
||
</div>
|
||
<div class="section" id="module-vmware.vapi.security.session">
|
||
<span id="vmware-vapi-security-session-module"></span><h2>vmware.vapi.security.session module<a class="headerlink" href="#module-vmware.vapi.security.session" title="Permalink to this headline">¶</a></h2>
|
||
<p>Session Security Helper</p>
|
||
<dl class="py class">
|
||
<dt id="vmware.vapi.security.session.SessionSecurityContextParser">
|
||
<em class="property"><span class="pre">class</span> </em><code class="sig-prename descclassname"><span class="pre">vmware.vapi.security.session.</span></code><code class="sig-name descname"><span class="pre">SessionSecurityContextParser</span></code><a class="headerlink" href="#vmware.vapi.security.session.SessionSecurityContextParser" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.security.rest.SecurityContextParser</span></code></p>
|
||
<p>Security context parser used by the REST presentation layer
|
||
that builds a security context if the REST request has session
|
||
identifier either in the header or in the cookie.</p>
|
||
<p>Initialize SessionSecurityContextParser</p>
|
||
<dl class="py method">
|
||
<dt id="vmware.vapi.security.session.SessionSecurityContextParser.build">
|
||
<code class="sig-name descname"><span class="pre">build</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.session.SessionSecurityContextParser.build" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Build the security context if the request has the header
|
||
that contains the session identifier or a cookie that has
|
||
the session identifier.</p>
|
||
<p>The method will first check for session identifier in the cookie,
|
||
if it is not present, then it will check in the HTTP headers.
|
||
The session security context is created based on the first session
|
||
identifier it finds.</p>
|
||
<dl class="field-list simple">
|
||
<dt class="field-odd">Parameters</dt>
|
||
<dd class="field-odd"><p><strong>request</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">werkzeug.wrappers.Request</span></code>) – Request object</p>
|
||
</dd>
|
||
<dt class="field-even">Return type</dt>
|
||
<dd class="field-even"><p><a class="reference internal" href="vmware.vapi.html#vmware.vapi.core.SecurityContext" title="vmware.vapi.core.SecurityContext"><code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.core.SecurityContext</span></code></a> or <code class="docutils literal notranslate"><span class="pre">None</span></code></p>
|
||
</dd>
|
||
<dt class="field-odd">Returns</dt>
|
||
<dd class="field-odd"><p>Security context object</p>
|
||
</dd>
|
||
</dl>
|
||
</dd></dl>
|
||
|
||
</dd></dl>
|
||
|
||
<dl class="py function">
|
||
<dt id="vmware.vapi.security.session.create_session_security_context">
|
||
<code class="sig-prename descclassname"><span class="pre">vmware.vapi.security.session.</span></code><code class="sig-name descname"><span class="pre">create_session_security_context</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">session_id</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.session.create_session_security_context" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Create a security context for Session Id based authentication
|
||
scheme</p>
|
||
<dl class="field-list simple">
|
||
<dt class="field-odd">Parameters</dt>
|
||
<dd class="field-odd"><p><strong>session_id</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) – Session ID</p>
|
||
</dd>
|
||
<dt class="field-even">Return type</dt>
|
||
<dd class="field-even"><p><a class="reference internal" href="vmware.vapi.html#vmware.vapi.core.SecurityContext" title="vmware.vapi.core.SecurityContext"><code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.core.SecurityContext</span></code></a></p>
|
||
</dd>
|
||
<dt class="field-odd">Returns</dt>
|
||
<dd class="field-odd"><p>Newly created security context</p>
|
||
</dd>
|
||
</dl>
|
||
</dd></dl>
|
||
|
||
</div>
|
||
<div class="section" id="module-vmware.vapi.security.sso">
|
||
<span id="vmware-vapi-security-sso-module"></span><h2>vmware.vapi.security.sso module<a class="headerlink" href="#module-vmware.vapi.security.sso" title="Permalink to this headline">¶</a></h2>
|
||
<p>SSO Security Helper</p>
|
||
<dl class="py class">
|
||
<dt id="vmware.vapi.security.sso.JSONCanonicalEncoder">
|
||
<em class="property"><span class="pre">class</span> </em><code class="sig-prename descclassname"><span class="pre">vmware.vapi.security.sso.</span></code><code class="sig-name descname"><span class="pre">JSONCanonicalEncoder</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">skipkeys</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">ensure_ascii</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">check_circular</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">allow_nan</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">True</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">sort_keys</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">False</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">indent</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">separators</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">default</span></span><span class="o"><span class="pre">=</span></span><span class="default_value"><span class="pre">None</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONCanonicalEncoder" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">json.encoder.JSONEncoder</span></code></p>
|
||
<p>Custom JSON Encoder class to canonicalize dictionary
|
||
and list objects</p>
|
||
<p>Constructor for JSONEncoder, with sensible defaults.</p>
|
||
<p>If skipkeys is false, then it is a TypeError to attempt
|
||
encoding of keys that are not str, int, float or None. If
|
||
skipkeys is True, such items are simply skipped.</p>
|
||
<p>If ensure_ascii is true, the output is guaranteed to be str
|
||
objects with all incoming non-ASCII characters escaped. If
|
||
ensure_ascii is false, the output can contain non-ASCII characters.</p>
|
||
<p>If check_circular is true, then lists, dicts, and custom encoded
|
||
objects will be checked for circular references during encoding to
|
||
prevent an infinite recursion (which would cause an OverflowError).
|
||
Otherwise, no such check takes place.</p>
|
||
<p>If allow_nan is true, then NaN, Infinity, and -Infinity will be
|
||
encoded as such. This behavior is not JSON specification compliant,
|
||
but is consistent with most JavaScript based encoders and decoders.
|
||
Otherwise, it will be a ValueError to encode such floats.</p>
|
||
<p>If sort_keys is true, then the output of dictionaries will be
|
||
sorted by key; this is useful for regression tests to ensure
|
||
that JSON serializations can be compared on a day-to-day basis.</p>
|
||
<p>If indent is a non-negative integer, then JSON array
|
||
elements and object members will be pretty-printed with that
|
||
indent level. An indent level of 0 will only insert newlines.
|
||
None is the most compact representation.</p>
|
||
<p>If specified, separators should be an (item_separator, key_separator)
|
||
tuple. The default is (‘, ‘, ‘: ‘) if <em>indent</em> is <code class="docutils literal notranslate"><span class="pre">None</span></code> and
|
||
(‘,’, ‘: ‘) otherwise. To get the most compact JSON representation,
|
||
you should specify (‘,’, ‘:’) to eliminate whitespace.</p>
|
||
<p>If specified, default is a function that gets called for objects
|
||
that can’t otherwise be serialized. It should return a JSON encodable
|
||
version of the object or raise a <code class="docutils literal notranslate"><span class="pre">TypeError</span></code>.</p>
|
||
<dl class="py method">
|
||
<dt id="vmware.vapi.security.sso.JSONCanonicalEncoder.encode">
|
||
<code class="sig-name descname"><span class="pre">encode</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">o</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONCanonicalEncoder.encode" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Encode a given python object</p>
|
||
<dl class="field-list simple">
|
||
<dt class="field-odd">Parameters</dt>
|
||
<dd class="field-odd"><p><strong>o</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code>) – Python object</p>
|
||
</dd>
|
||
<dt class="field-even">Return type</dt>
|
||
<dd class="field-even"><p><code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code></p>
|
||
</dd>
|
||
<dt class="field-odd">Returns</dt>
|
||
<dd class="field-odd"><p>JSON string in canonicalized form</p>
|
||
</dd>
|
||
</dl>
|
||
</dd></dl>
|
||
|
||
</dd></dl>
|
||
|
||
<dl class="py class">
|
||
<dt id="vmware.vapi.security.sso.JSONCanonicalizer">
|
||
<em class="property"><span class="pre">class</span> </em><code class="sig-prename descclassname"><span class="pre">vmware.vapi.security.sso.</span></code><code class="sig-name descname"><span class="pre">JSONCanonicalizer</span></code><a class="headerlink" href="#vmware.vapi.security.sso.JSONCanonicalizer" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code></p>
|
||
<p>This class is responsible for transforming JSON messages into their
|
||
canonical representation.</p>
|
||
<dl class="simple">
|
||
<dt>The canonical form is defined by the following rules:</dt><dd><ol class="arabic simple">
|
||
<li><p>Non-significant(1) whitespace characters MUST NOT be used</p></li>
|
||
<li><p>Non-significant(1) line endings MUST NOT be used</p></li>
|
||
<li><p>Entries (set of name/value pairs) in JSON objects MUST be sorted
|
||
lexicographically(2) by their names based on UCS codepoint values</p></li>
|
||
<li><p>Arrays MUST preserve their initial ordering</p></li>
|
||
</ol>
|
||
</dd>
|
||
</dl>
|
||
<p>Link to the IEFT proposal:
|
||
<a class="reference external" href="https://datatracker.ietf.org/doc/draft-staykov-hu-json-canonical-form/">https://datatracker.ietf.org/doc/draft-staykov-hu-json-canonical-form/</a></p>
|
||
<dl class="py method">
|
||
<dt id="vmware.vapi.security.sso.JSONCanonicalizer.canonicalize">
|
||
<em class="property"><span class="pre">static</span> </em><code class="sig-name descname"><span class="pre">canonicalize</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">input_message</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONCanonicalizer.canonicalize" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Canonicalize the input message</p>
|
||
<dl class="field-list simple">
|
||
<dt class="field-odd">Parameters</dt>
|
||
<dd class="field-odd"><p><strong>input_message</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) – Input message</p>
|
||
</dd>
|
||
<dt class="field-even">Return type</dt>
|
||
<dd class="field-even"><p><code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code></p>
|
||
</dd>
|
||
<dt class="field-odd">Returns</dt>
|
||
<dd class="field-odd"><p>Canonicalized message</p>
|
||
</dd>
|
||
</dl>
|
||
</dd></dl>
|
||
|
||
<dl class="py method">
|
||
<dt id="vmware.vapi.security.sso.JSONCanonicalizer.canonicalize_py_obj">
|
||
<em class="property"><span class="pre">static</span> </em><code class="sig-name descname"><span class="pre">canonicalize_py_obj</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">py_obj</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONCanonicalizer.canonicalize_py_obj" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Canonicalize the input python object</p>
|
||
<dl class="field-list simple">
|
||
<dt class="field-odd">Parameters</dt>
|
||
<dd class="field-odd"><p><strong>input_message</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">object</span></code>) – Input python object</p>
|
||
</dd>
|
||
<dt class="field-even">Return type</dt>
|
||
<dd class="field-even"><p><code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code></p>
|
||
</dd>
|
||
<dt class="field-odd">Returns</dt>
|
||
<dd class="field-odd"><p>Canonicalized message</p>
|
||
</dd>
|
||
</dl>
|
||
</dd></dl>
|
||
|
||
</dd></dl>
|
||
|
||
<dl class="py class">
|
||
<dt id="vmware.vapi.security.sso.JSONSSOSigner">
|
||
<em class="property"><span class="pre">class</span> </em><code class="sig-prename descclassname"><span class="pre">vmware.vapi.security.sso.</span></code><code class="sig-name descname"><span class="pre">JSONSSOSigner</span></code><a class="headerlink" href="#vmware.vapi.security.sso.JSONSSOSigner" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.protocol.common.lib.RequestProcessor</span></code></p>
|
||
<p>This class is used for signing JSON request messages</p>
|
||
<dl class="py method">
|
||
<dt id="vmware.vapi.security.sso.JSONSSOSigner.process">
|
||
<code class="sig-name descname"><span class="pre">process</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">input_message</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONSSOSigner.process" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Sign the input JSON request message.</p>
|
||
<p>The message is signed using user’s private key. The digest and saml
|
||
token is then added to the security context block of the execution
|
||
context. A timestamp is also added to guard against replay attacks</p>
|
||
<p>Sample input security context:
|
||
{</p>
|
||
<blockquote>
|
||
<div><p>‘schemeId’: ‘SAML_TOKEN’,
|
||
‘privateKey’: <PRIVATE_KEY>,
|
||
‘samlToken’: <SAML_TOKEN>,
|
||
‘signatureAlgorithm’: <ALGORITHM>,</p>
|
||
</div></blockquote>
|
||
<p>}</p>
|
||
<p>Security context block before signing:
|
||
{</p>
|
||
<blockquote>
|
||
<div><p>‘schemeId’: ‘SAML_TOKEN’,
|
||
‘signatureAlgorithm’: <ALGORITHM>,
|
||
‘timestamp’: {</p>
|
||
<blockquote>
|
||
<div><p>‘created’: ‘2012-10-26T12:24:18.941Z’,
|
||
‘expires’: ‘2012-10-26T12:44:18.941Z’,</p>
|
||
</div></blockquote>
|
||
<p>}</p>
|
||
</div></blockquote>
|
||
<p>}</p>
|
||
<p>Security context block after signing:
|
||
{</p>
|
||
<blockquote>
|
||
<div><p>‘schemeId’: ‘SAML_TOKEN’,
|
||
‘signatureAlgorithm’: <ALGORITHM>,
|
||
‘signature’: {</p>
|
||
<blockquote>
|
||
<div><p>‘samlToken’: <SAML_TOKEN>,
|
||
‘value’: <DIGEST></p>
|
||
</div></blockquote>
|
||
<p>}
|
||
‘timestamp’: {</p>
|
||
<blockquote>
|
||
<div><p>‘created’: ‘2012-10-26T12:24:18.941Z’,
|
||
‘expires’: ‘2012-10-26T12:44:18.941Z’,</p>
|
||
</div></blockquote>
|
||
<p>}</p>
|
||
</div></blockquote>
|
||
<p>}</p>
|
||
</dd></dl>
|
||
|
||
</dd></dl>
|
||
|
||
<dl class="py class">
|
||
<dt id="vmware.vapi.security.sso.JSONSSOVerifier">
|
||
<em class="property"><span class="pre">class</span> </em><code class="sig-prename descclassname"><span class="pre">vmware.vapi.security.sso.</span></code><code class="sig-name descname"><span class="pre">JSONSSOVerifier</span></code><a class="headerlink" href="#vmware.vapi.security.sso.JSONSSOVerifier" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.protocol.common.lib.RequestProcessor</span></code></p>
|
||
<p>This class is used to verify the authenticity of the request
|
||
message by verifying the digest present in the security context
|
||
block.</p>
|
||
<dl class="py method">
|
||
<dt id="vmware.vapi.security.sso.JSONSSOVerifier.process">
|
||
<code class="sig-name descname"><span class="pre">process</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">input_message</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.JSONSSOVerifier.process" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Verify the input JSON message.</p>
|
||
<p>For verification, we need 4 things:</p>
|
||
<ol class="arabic simple">
|
||
<li><p>algorithm: extracted from security context</p></li>
|
||
</ol>
|
||
<p>2. certificate: public key of the principal embedded in the
|
||
SAML token is used
|
||
3. digest: value field from signature block
|
||
4. canonical msg: signature block is removed from the request
|
||
and the remaining part is canonicalized</p>
|
||
<p>Sample input security context:
|
||
{</p>
|
||
<blockquote>
|
||
<div><p>‘schemeId’: ‘SAML_TOKEN’,
|
||
‘signatureAlgorithm’: <ALGORITHM>,
|
||
‘signature’: {</p>
|
||
<blockquote>
|
||
<div><p>‘samlToken’: <SAML_TOKEN>,
|
||
‘value’: <DIGEST></p>
|
||
</div></blockquote>
|
||
<p>}
|
||
‘timestamp’: {</p>
|
||
<blockquote>
|
||
<div><p>‘created’: ‘2012-10-26T12:24:18.941Z’,
|
||
‘expires’: ‘2012-10-26T12:44:18.941Z’,</p>
|
||
</div></blockquote>
|
||
<p>}</p>
|
||
</div></blockquote>
|
||
<p>}</p>
|
||
<dl class="field-list simple">
|
||
<dt class="field-odd">Parameters</dt>
|
||
<dd class="field-odd"><p><strong>input_message</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) – Input JSON request message</p>
|
||
</dd>
|
||
<dt class="field-even">Return type</dt>
|
||
<dd class="field-even"><p><code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code></p>
|
||
</dd>
|
||
<dt class="field-odd">Returns</dt>
|
||
<dd class="field-odd"><p>JSON request message after signature verification</p>
|
||
</dd>
|
||
</dl>
|
||
</dd></dl>
|
||
|
||
</dd></dl>
|
||
|
||
<dl class="py function">
|
||
<dt id="vmware.vapi.security.sso.create_saml_bearer_security_context">
|
||
<code class="sig-prename descclassname"><span class="pre">vmware.vapi.security.sso.</span></code><code class="sig-name descname"><span class="pre">create_saml_bearer_security_context</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">token</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.create_saml_bearer_security_context" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Create a security context for SAML bearer token based
|
||
authentication scheme</p>
|
||
<dl class="field-list simple">
|
||
<dt class="field-odd">Parameters</dt>
|
||
<dd class="field-odd"><p><strong>token</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) – SAML Token</p>
|
||
</dd>
|
||
</dl>
|
||
</dd></dl>
|
||
|
||
<dl class="py function">
|
||
<dt id="vmware.vapi.security.sso.create_saml_security_context">
|
||
<code class="sig-prename descclassname"><span class="pre">vmware.vapi.security.sso.</span></code><code class="sig-name descname"><span class="pre">create_saml_security_context</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">token</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">private_key</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.sso.create_saml_security_context" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Create a security context for SAML token based
|
||
authentication scheme</p>
|
||
<dl class="field-list simple">
|
||
<dt class="field-odd">Parameters</dt>
|
||
<dd class="field-odd"><ul class="simple">
|
||
<li><p><strong>token</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) – SAML Token</p></li>
|
||
<li><p><strong>private_key</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) – Absolute file path of the private key of the user</p></li>
|
||
</ul>
|
||
</dd>
|
||
<dt class="field-even">Return type</dt>
|
||
<dd class="field-even"><p><a class="reference internal" href="vmware.vapi.html#vmware.vapi.core.SecurityContext" title="vmware.vapi.core.SecurityContext"><code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.core.SecurityContext</span></code></a></p>
|
||
</dd>
|
||
<dt class="field-odd">Returns</dt>
|
||
<dd class="field-odd"><p>Newly created security context</p>
|
||
</dd>
|
||
</dl>
|
||
</dd></dl>
|
||
|
||
</div>
|
||
<div class="section" id="module-vmware.vapi.security.user_password">
|
||
<span id="vmware-vapi-security-user-password-module"></span><h2>vmware.vapi.security.user_password module<a class="headerlink" href="#module-vmware.vapi.security.user_password" title="Permalink to this headline">¶</a></h2>
|
||
<p>User password Security Helper</p>
|
||
<dl class="py class">
|
||
<dt id="vmware.vapi.security.user_password.UserPasswordSecurityContextParser">
|
||
<em class="property"><span class="pre">class</span> </em><code class="sig-prename descclassname"><span class="pre">vmware.vapi.security.user_password.</span></code><code class="sig-name descname"><span class="pre">UserPasswordSecurityContextParser</span></code><a class="headerlink" href="#vmware.vapi.security.user_password.UserPasswordSecurityContextParser" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Bases: <code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.security.rest.SecurityContextParser</span></code></p>
|
||
<p>Security context parser used by the REST presentation layer
|
||
that builds a security context if the REST request has
|
||
username/password credentials in the HTTP header.</p>
|
||
<p>Initialize UserPasswordSecurityContextParser</p>
|
||
<dl class="py method">
|
||
<dt id="vmware.vapi.security.user_password.UserPasswordSecurityContextParser.build">
|
||
<code class="sig-name descname"><span class="pre">build</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">request</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.user_password.UserPasswordSecurityContextParser.build" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Build the security context if the request has authorization
|
||
header that contains base64 encoded string of username/password.</p>
|
||
<p>If the request authorization header doesn’t have the username/password,
|
||
this method returns None.</p>
|
||
<dl class="field-list simple">
|
||
<dt class="field-odd">Parameters</dt>
|
||
<dd class="field-odd"><p><strong>request</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">werkzeug.wrappers.Request</span></code>) – Request object</p>
|
||
</dd>
|
||
<dt class="field-even">Return type</dt>
|
||
<dd class="field-even"><p><a class="reference internal" href="vmware.vapi.html#vmware.vapi.core.SecurityContext" title="vmware.vapi.core.SecurityContext"><code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.core.SecurityContext</span></code></a> or <code class="docutils literal notranslate"><span class="pre">None</span></code></p>
|
||
</dd>
|
||
<dt class="field-odd">Returns</dt>
|
||
<dd class="field-odd"><p>Security context object</p>
|
||
</dd>
|
||
</dl>
|
||
</dd></dl>
|
||
|
||
</dd></dl>
|
||
|
||
<dl class="py function">
|
||
<dt id="vmware.vapi.security.user_password.create_user_password_security_context">
|
||
<code class="sig-prename descclassname"><span class="pre">vmware.vapi.security.user_password.</span></code><code class="sig-name descname"><span class="pre">create_user_password_security_context</span></code><span class="sig-paren">(</span><em class="sig-param"><span class="n"><span class="pre">user_name</span></span></em>, <em class="sig-param"><span class="n"><span class="pre">password</span></span></em><span class="sig-paren">)</span><a class="headerlink" href="#vmware.vapi.security.user_password.create_user_password_security_context" title="Permalink to this definition">¶</a></dt>
|
||
<dd><p>Create a security context for Username-Password based authentication
|
||
scheme</p>
|
||
<dl class="field-list simple">
|
||
<dt class="field-odd">Parameters</dt>
|
||
<dd class="field-odd"><ul class="simple">
|
||
<li><p><strong>user_name</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) – Name of the user</p></li>
|
||
<li><p><strong>password</strong> (<code class="xref py py-class docutils literal notranslate"><span class="pre">str</span></code>) – Password of the user</p></li>
|
||
</ul>
|
||
</dd>
|
||
<dt class="field-even">Return type</dt>
|
||
<dd class="field-even"><p><a class="reference internal" href="vmware.vapi.html#vmware.vapi.core.SecurityContext" title="vmware.vapi.core.SecurityContext"><code class="xref py py-class docutils literal notranslate"><span class="pre">vmware.vapi.core.SecurityContext</span></code></a></p>
|
||
</dd>
|
||
<dt class="field-odd">Returns</dt>
|
||
<dd class="field-odd"><p>Newly created security context</p>
|
||
</dd>
|
||
</dl>
|
||
</dd></dl>
|
||
|
||
</div>
|
||
</div>
|
||
|
||
|
||
</div>
|
||
|
||
</div>
|
||
<footer>
|
||
<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
|
||
<a href="vmware.vapi.security.client.html" class="btn btn-neutral float-right" title="vmware.vapi.security.client package" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
|
||
<a href="vmware.vapi.lib.html" class="btn btn-neutral float-left" title="vmware.vapi.lib package" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
|
||
</div>
|
||
|
||
<hr/>
|
||
|
||
<div role="contentinfo">
|
||
<p>
|
||
© Copyright 2021, VMware, Inc..
|
||
|
||
</p>
|
||
</div>
|
||
|
||
|
||
|
||
Built with <a href="https://www.sphinx-doc.org/">Sphinx</a> using a
|
||
|
||
<a href="https://github.com/readthedocs/sphinx_rtd_theme">theme</a>
|
||
|
||
provided by <a href="https://readthedocs.org">Read the Docs</a>.
|
||
|
||
</footer>
|
||
</div>
|
||
</div>
|
||
|
||
</section>
|
||
|
||
</div>
|
||
|
||
|
||
<script type="text/javascript">
|
||
jQuery(function () {
|
||
SphinxRtdTheme.Navigation.enable(true);
|
||
});
|
||
</script>
|
||
|
||
|
||
|
||
|
||
|
||
|
||
</body>
|
||
</html> |