2018-01-09 20:15:02 +00:00
|
|
|
# -*- coding: utf-8 -*-
|
|
|
|
|
#
|
|
|
|
|
# Copyright (c) 2017 F5 Networks Inc.
|
|
|
|
|
# GNU General Public License v3.0 (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
|
|
|
|
|
|
|
|
|
|
from __future__ import absolute_import, division, print_function
|
|
|
|
|
__metaclass__ = type
|
|
|
|
|
|
|
|
|
|
|
2018-09-18 22:20:44 +00:00
|
|
|
import os
|
2018-01-21 18:11:27 +00:00
|
|
|
import time
|
|
|
|
|
|
2018-01-09 20:15:02 +00:00
|
|
|
try:
|
|
|
|
|
from f5.bigiq import ManagementRoot
|
|
|
|
|
from icontrol.exceptions import iControlUnexpectedHTTPError
|
|
|
|
|
HAS_F5SDK = True
|
|
|
|
|
except ImportError:
|
|
|
|
|
HAS_F5SDK = False
|
|
|
|
|
|
2018-01-18 00:14:35 +00:00
|
|
|
try:
|
|
|
|
|
from library.module_utils.network.f5.common import F5BaseClient
|
|
|
|
|
from library.module_utils.network.f5.common import F5ModuleError
|
2018-04-23 18:52:57 +00:00
|
|
|
from library.module_utils.network.f5.common import is_ansible_debug
|
|
|
|
|
from library.module_utils.network.f5.icontrol import iControlRestSession
|
2018-01-18 00:14:35 +00:00
|
|
|
except ImportError:
|
|
|
|
|
from ansible.module_utils.network.f5.common import F5BaseClient
|
|
|
|
|
from ansible.module_utils.network.f5.common import F5ModuleError
|
2018-04-23 18:52:57 +00:00
|
|
|
from ansible.module_utils.network.f5.common import is_ansible_debug
|
|
|
|
|
from ansible.module_utils.network.f5.icontrol import iControlRestSession
|
2018-01-09 20:15:02 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class F5Client(F5BaseClient):
|
2018-05-27 00:23:38 +00:00
|
|
|
def __init__(self, *args, **kwargs):
|
|
|
|
|
super(F5Client, self).__init__(*args, **kwargs)
|
|
|
|
|
self.provider = self.merge_provider_params()
|
|
|
|
|
|
2018-01-09 20:15:02 +00:00
|
|
|
@property
|
|
|
|
|
def api(self):
|
2018-04-23 18:52:57 +00:00
|
|
|
exc = None
|
2018-02-07 06:16:26 +00:00
|
|
|
if self._client:
|
|
|
|
|
return self._client
|
2018-05-27 00:23:38 +00:00
|
|
|
for x in range(0, 10):
|
2018-01-21 18:11:27 +00:00
|
|
|
try:
|
|
|
|
|
result = ManagementRoot(
|
2018-05-27 00:23:38 +00:00
|
|
|
self.provider['server'],
|
|
|
|
|
self.provider['user'],
|
|
|
|
|
self.provider['password'],
|
|
|
|
|
port=self.provider['server_port'],
|
|
|
|
|
verify=self.provider['validate_certs']
|
2018-04-23 18:52:57 +00:00
|
|
|
)
|
|
|
|
|
self._client = result
|
|
|
|
|
return self._client
|
|
|
|
|
except Exception as ex:
|
|
|
|
|
exc = ex
|
|
|
|
|
time.sleep(1)
|
2018-05-27 00:23:38 +00:00
|
|
|
error = 'Unable to connect to {0} on port {1}.'.format(
|
|
|
|
|
self.provider['server'], self.provider['server_port']
|
|
|
|
|
)
|
|
|
|
|
|
2018-04-23 18:52:57 +00:00
|
|
|
if exc is not None:
|
|
|
|
|
error += ' The reported error was "{0}".'.format(str(exc))
|
|
|
|
|
raise F5ModuleError(error)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
class F5RestClient(F5BaseClient):
|
2018-05-11 18:45:42 +00:00
|
|
|
def __init__(self, *args, **kwargs):
|
2018-08-24 19:51:24 +00:00
|
|
|
super(F5RestClient, self).__init__(*args, **kwargs)
|
2018-05-11 18:45:42 +00:00
|
|
|
self.provider = self.merge_provider_params()
|
|
|
|
|
|
2018-04-23 18:52:57 +00:00
|
|
|
@property
|
|
|
|
|
def api(self):
|
2018-05-11 18:45:42 +00:00
|
|
|
exc = None
|
2018-04-23 18:52:57 +00:00
|
|
|
if self._client:
|
|
|
|
|
return self._client
|
|
|
|
|
for x in range(0, 10):
|
|
|
|
|
try:
|
2018-09-18 22:20:44 +00:00
|
|
|
provider = self.provider['auth_provider'] or 'local'
|
2018-05-11 18:45:42 +00:00
|
|
|
url = "https://{0}:{1}/mgmt/shared/authn/login".format(
|
|
|
|
|
self.provider['server'], self.provider['server_port']
|
2018-01-21 18:11:27 +00:00
|
|
|
)
|
2018-05-11 18:45:42 +00:00
|
|
|
payload = {
|
|
|
|
|
'username': self.provider['user'],
|
|
|
|
|
'password': self.provider['password'],
|
|
|
|
|
}
|
2018-09-18 22:20:44 +00:00
|
|
|
|
|
|
|
|
# - local is a special provider that is baked into the system and
|
|
|
|
|
# has no loginReference
|
|
|
|
|
if provider != 'local':
|
|
|
|
|
login_ref = self.get_login_ref(provider)
|
|
|
|
|
payload.update(login_ref)
|
|
|
|
|
|
2018-05-11 18:45:42 +00:00
|
|
|
session = iControlRestSession()
|
|
|
|
|
session.verify = self.provider['validate_certs']
|
|
|
|
|
response = session.post(url, json=payload)
|
|
|
|
|
|
|
|
|
|
if response.status not in [200]:
|
|
|
|
|
raise F5ModuleError('Status code: {0}. Unexpected Error: {1} for uri: {2}\nText: {3}'.format(
|
2018-08-24 19:51:24 +00:00
|
|
|
response.status, response.reason, response.url, response.content
|
2018-05-11 18:45:42 +00:00
|
|
|
))
|
|
|
|
|
|
|
|
|
|
session.headers['X-F5-Auth-Token'] = response.json()['token']['token']
|
|
|
|
|
self._client = session
|
2018-02-07 06:16:26 +00:00
|
|
|
return self._client
|
2018-04-23 18:52:57 +00:00
|
|
|
except Exception as ex:
|
2018-05-11 18:45:42 +00:00
|
|
|
exc = ex
|
2018-04-23 18:52:57 +00:00
|
|
|
time.sleep(1)
|
2018-05-11 18:45:42 +00:00
|
|
|
error = 'Unable to connect to {0} on port {1}.'.format(
|
|
|
|
|
self.provider['server'], self.provider['server_port']
|
|
|
|
|
)
|
|
|
|
|
if exc is not None:
|
|
|
|
|
error += ' The reported error was "{0}".'.format(str(exc))
|
2018-04-23 18:52:57 +00:00
|
|
|
raise F5ModuleError(error)
|
2018-09-18 22:20:44 +00:00
|
|
|
|
|
|
|
|
def get_login_ref(self, provider):
|
|
|
|
|
info = self.read_provider_info_from_device()
|
|
|
|
|
uuids = [os.path.basename(os.path.dirname(x['link'])) for x in info['providers'] if '-' in x['link']]
|
|
|
|
|
if provider in uuids:
|
|
|
|
|
name = self.get_name_of_provider_id(info, provider)
|
|
|
|
|
if not name:
|
|
|
|
|
raise F5ModuleError(
|
|
|
|
|
"No name found for the provider '{0}'".format(provider)
|
|
|
|
|
)
|
|
|
|
|
return dict(
|
|
|
|
|
loginReference=dict(
|
|
|
|
|
link="https://localhost/mgmt/cm/system/authn/providers/{0}/{1}/login".format(name, provider)
|
|
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
names = [os.path.basename(os.path.dirname(x['link'])) for x in info['providers'] if '-' in x['link']]
|
|
|
|
|
if names.count(provider) > 1:
|
|
|
|
|
raise F5ModuleError(
|
|
|
|
|
"Ambiguous auth_provider provided. Please specify a specific provider ID."
|
|
|
|
|
)
|
|
|
|
|
uuid = self.get_id_of_provider_name(info, provider)
|
|
|
|
|
if not uuid:
|
|
|
|
|
raise F5ModuleError(
|
|
|
|
|
"No name found for the provider '{0}'".format(provider)
|
|
|
|
|
)
|
|
|
|
|
return dict(
|
|
|
|
|
loginReference=dict(
|
|
|
|
|
link="https://localhost/mgmt/cm/system/authn/providers/{0}/{1}/login".format(provider, uuid)
|
|
|
|
|
)
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
def get_name_of_provider_id(self, info, provider):
|
|
|
|
|
# Add slashes to the provider name so that it specifically finds the provider
|
|
|
|
|
# as part of the URL and not a part of another substring
|
|
|
|
|
provider = '/' + provider + '/'
|
|
|
|
|
for x in info['providers']:
|
|
|
|
|
if x['link'].find(provider) > -1:
|
|
|
|
|
return x['name']
|
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
def get_id_of_provider_name(self, info, provider):
|
|
|
|
|
for x in info['providers']:
|
|
|
|
|
if x['name'] == provider:
|
|
|
|
|
return os.path.basename(os.path.dirname(x['link']))
|
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
def read_provider_info_from_device(self):
|
|
|
|
|
uri = "https://{0}:{1}/info/system".format(
|
|
|
|
|
self.provider['server'], self.provider['server_port']
|
|
|
|
|
)
|
|
|
|
|
session = iControlRestSession()
|
|
|
|
|
session.verify = self.provider['validate_certs']
|
|
|
|
|
|
|
|
|
|
resp = session.get(uri)
|
|
|
|
|
try:
|
|
|
|
|
response = resp.json()
|
|
|
|
|
except ValueError as ex:
|
|
|
|
|
raise F5ModuleError(str(ex))
|
|
|
|
|
|
|
|
|
|
if 'code' in response and response['code'] == 400:
|
|
|
|
|
if 'message' in response:
|
|
|
|
|
raise F5ModuleError(response['message'])
|
|
|
|
|
else:
|
|
|
|
|
raise F5ModuleError(resp.content)
|
|
|
|
|
return response
|
