cisco-ise 0.1.0
Sign up to get free protection for your applications and to get access to all the features.
- data/LICENSE.txt +20 -0
- data/README.rdoc +276 -0
- data/lib/cisco-ise.rb +165 -0
- data/lib/cisco-ise/acct-status-api.rb +35 -0
- data/lib/cisco-ise/acct-status-element.rb +17 -0
- data/lib/cisco-ise/active-count-api.rb +27 -0
- data/lib/cisco-ise/active-list-api.rb +35 -0
- data/lib/cisco-ise/active-session.rb +10 -0
- data/lib/cisco-ise/auth-list-api.rb +36 -0
- data/lib/cisco-ise/auth-status-api.rb +40 -0
- data/lib/cisco-ise/auth-status-element.rb +15 -0
- data/lib/cisco-ise/coa.rb +54 -0
- data/lib/cisco-ise/delete-api.rb +55 -0
- data/lib/cisco-ise/disconnect-api.rb +49 -0
- data/lib/cisco-ise/end-point-ip-address-api.rb +33 -0
- data/lib/cisco-ise/failure-reason.rb +8 -0
- data/lib/cisco-ise/failure-reasons-api.rb +46 -0
- data/lib/cisco-ise/http-session.rb +99 -0
- data/lib/cisco-ise/mac-address-api.rb +33 -0
- data/lib/cisco-ise/nas-ip-address-api.rb +33 -0
- data/lib/cisco-ise/posture-count-api.rb +25 -0
- data/lib/cisco-ise/product.rb +16 -0
- data/lib/cisco-ise/profiler-count-api.rb +25 -0
- data/lib/cisco-ise/reauth-api.rb +49 -0
- data/lib/cisco-ise/session-count.rb +9 -0
- data/lib/cisco-ise/session-parameters.rb +109 -0
- data/lib/cisco-ise/user-name-api.rb +33 -0
- data/lib/cisco-ise/version-api.rb +43 -0
- data/test/helper.rb +83 -0
- data/test/test_active-session.rb +22 -0
- data/test/test_auth-status-element.rb +22 -0
- data/test/test_cisco-ise.rb +4 -0
- data/test/test_product.rb +24 -0
- metadata +86 -0
data/test/helper.rb
ADDED
@@ -0,0 +1,83 @@
|
|
1
|
+
require 'rubygems'
|
2
|
+
require 'minitest/autorun'
|
3
|
+
require 'minitest/reporters'
|
4
|
+
require 'rexml/document'
|
5
|
+
|
6
|
+
MiniTest::Unit.runner = MiniTest::SuiteRunner.new
|
7
|
+
MiniTest::Unit.runner.reporters << MiniTest::Reporters::RubyMineReporter.new
|
8
|
+
|
9
|
+
$LOAD_PATH.unshift(File.join(File.dirname(__FILE__), '..', 'lib'))
|
10
|
+
$LOAD_PATH.unshift(File.dirname(__FILE__))
|
11
|
+
|
12
|
+
require 'cisco-ise'
|
13
|
+
|
14
|
+
class MiniTest::Unit::TestCase
|
15
|
+
def setup
|
16
|
+
@name = 'Cisco Identity Services Engine'
|
17
|
+
@version = '1.1.0.665'
|
18
|
+
@type_of_node_good = '1'
|
19
|
+
@type_of_node_good_code = 'ACTIVE_MNT_NODE'
|
20
|
+
@type_of_node_bad = '111'
|
21
|
+
@type_of_node_bad_msg = "Unknown node value of #@type_of_node_bad"
|
22
|
+
@user_name = 'username'
|
23
|
+
@calling_station_id = '00:17:AB:CD:EF:GH'
|
24
|
+
@nas_ip_address = '1.1.1.1'
|
25
|
+
@acct_session_id = '00000002'
|
26
|
+
@audit_session_id = '0A43D4A5000000010006581C'
|
27
|
+
@server = 'ise1'
|
28
|
+
@framed_ip_address = '2.2.2.2'
|
29
|
+
@passed = 'true'
|
30
|
+
@failed = 'false'
|
31
|
+
@nas_port = '50147'
|
32
|
+
@identity_group = ''
|
33
|
+
@network_device_name = ''
|
34
|
+
@acs_server = ''
|
35
|
+
@framed_ip_address = ''
|
36
|
+
@network_device_groups = ''
|
37
|
+
@access_service = ''
|
38
|
+
@acs_timestamp = ''
|
39
|
+
@authentication_method = ''
|
40
|
+
@execution_steps = ''
|
41
|
+
@audit_session_id = ''
|
42
|
+
@nas_port_id = ''
|
43
|
+
@nac_policy_compliance = ''
|
44
|
+
@selected_azn_profiles = ''
|
45
|
+
@service_type = ''
|
46
|
+
@message_code = ''
|
47
|
+
@destination_ip_address = ''
|
48
|
+
@nas_port_type = ''
|
49
|
+
@id = ''
|
50
|
+
@acsview_timestamp = ''
|
51
|
+
@acs_session_id = ''
|
52
|
+
@service_selection_policy = ''
|
53
|
+
@authorization_policy = ''
|
54
|
+
@identity_store = ''
|
55
|
+
@response = ''
|
56
|
+
@use_case = ''
|
57
|
+
@cisco_av_pair = ''
|
58
|
+
@acs_username = ''
|
59
|
+
@radius_username = ''
|
60
|
+
@authentication_identity_store = ''
|
61
|
+
@response_time = ''
|
62
|
+
@other_attributes = ''
|
63
|
+
|
64
|
+
|
65
|
+
@xml_failure_reasons = "<?xml version='1.0' encoding='UTF-8' standalone='yes'?><failureReasonList><failureReason id='100001'><code>100001 AUTHMGR-5-FAIL Authorization failed for client</code><cause>This may or may not be indicating a violation</cause><resolution>Please review and resolve according to your organization's policy</resolution></failureReason><failureReason id='100002'><code>100002 AUTHMGR-5-SECURITY_VIOLATION Security violation on the interface</code><cause>This may or may not be indicating a violation</cause><resolution>Please review and resolve according to your organization's policy</resolution></failureReason></failureReasonList>"
|
66
|
+
@xml_active_session = "<activeSession><user_name>#@user_name</user_name><calling_station_id>#@calling_station_id</calling_station_id><nas_ip_address>#@nas_ip_address</nas_ip_address><acct_session_id>#@acct_session_id</acct_session_id><audit_session_id>#@audit_session_id</audit_session_id><server>#@server</server><framed_ip_address>#@framed_ip_address</framed_ip_address></activeSession>"
|
67
|
+
@xml_auth_status = "<authStatusElements><passed xsi:type='xs:boolean' xmlns:xs='http://www.w3.org/2001/XMLSchema' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'>#@passed</passed><failed xsi:type='xs:boolean' xmlns:xs='http://www.w3.org/2001/XMLSchema' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'>#@failed</failed><user_name>#@user_name</user_name><nas_ip_address>#@nas_ip_address</nas_ip_address><calling_station_id>#@calling_station_id</calling_station_id><nas_port>#@nas_port</nas_port><network_device_name>DefaultNetworkDevice</network_device_name><acs_server>itdelab-guest-ise1</acs_server><eap_authentication>Lookup</eap_authentication><network_device_groups>Device Type#All Device Types,Location#All Locations</network_device_groups><access_service>Default Network Access</access_service><acs_timestamp>2012-05-08T05:42:21.409Z</acs_timestamp><authentication_method>mab</authentication_method><execution_steps>11001,11017,11049,11027,15008,15048,15048,15004,15041,15006,15013,24209,24217,22056,22058,22060,15036,15004,15016,11022,11002</execution_steps><audit_session_id>0A43D4A500000019208676B7</audit_session_id><nas_port_id>FastEthernet1/0/47</nas_port_id><nac_policy_compliance>Pending</nac_policy_compliance><selected_azn_profiles>GUEST_WEB_AUTH</selected_azn_profiles><service_type>Call Check</service_type><message_code>5200</message_code><destination_ip_address>10.67.55.13</destination_ip_address><nas_port_type>Ethernet</nas_port_type><id>1334899248841929</id><acsview_timestamp>2012-05-08T05:42:21.410Z</acsview_timestamp><acs_session_id>itdelab-guest-ise1/124273790/406</acs_session_id><service_selection_policy>MAB</service_selection_policy><authorization_policy>Default</authorization_policy><response>{User-Name=00-17-F2-CD-C0-83; State=ReauthSession:0A43D4A500000019208676B7; Class=CACS:0A43D4A500000019208676B7:itdelab-guest-ise1/124273790/406; Termination-Action=RADIUS-Request; cisco-av-pair=url-redirect-acl=ACL-WEBAUTH-REDIRECT; cisco-av-pair=url-redirect=https://itdelab-guest-ise1.cisco.com:8443/guestportal/gateway?sessionId=0A43D4A500000019208676B7&action=cwa; cisco-av-pair=ACS:CiscoSecure-Defined-ACL=#ACSACL#-IP-PERMIT_ALL_TRAFFIC-4f57e406; }</response><use_case>Host Lookup</use_case><cisco_av_pair>audit-session-id=0A43D4A500000019208676B7</cisco_av_pair><acs_username>00:17:F2:CD:C0:83</acs_username><radius_username>00:17:F2:CD:C0:83</radius_username><selected_identity_store>Internal Endpoints</selected_identity_store><identity_policy_matched_rule>Default</identity_policy_matched_rule><response_time>8</response_time><other_attributes>ConfigVersionId=14,DestinationPort=1645,Protocol=Radius,Framed-MTU=1500,EAP-Key-Name=,cisco-nas-port=FastEthernet1/0/47,CPMSessionID=0A43D4A500000019208676B7,EndPointMACAddress=00-17-F2-CD-C0-83,Device Type=Device Type#All Device Types,Location=Location#All Locations,Device IP Address=10.67.212.165,Called-Station-ID=00:13:1A:73:5E:B3</other_attributes></authStatusElements>"
|
68
|
+
@xml_active_count = "<?xml version='1.0' encoding='UTF-8' standalone='yes'?><sessionCount><count>1</count></sessionCount>"
|
69
|
+
|
70
|
+
end
|
71
|
+
|
72
|
+
def get_rexml_root(xml)
|
73
|
+
REXML::Document.new(xml).root
|
74
|
+
end
|
75
|
+
def get_product_xml(node)
|
76
|
+
get_rexml_root("<product name='#@name'><version>#@version</version><type_of_node>#{node}</type_of_node></product>")
|
77
|
+
end
|
78
|
+
|
79
|
+
def get_active_session_xml
|
80
|
+
get_rexml_root(@xml_active_session)
|
81
|
+
end
|
82
|
+
|
83
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
require './helper.rb'
|
2
|
+
|
3
|
+
class TestActiveSession < MiniTest::Unit::TestCase
|
4
|
+
|
5
|
+
def test_active_session
|
6
|
+
|
7
|
+
session = CiscoISE::ActiveSession.new(get_active_session_xml)
|
8
|
+
|
9
|
+
# Let make sure all the data is parsed correctly
|
10
|
+
assert_instance_of CiscoISE::ActiveSession, session
|
11
|
+
assert_equal session.acct_session_id, @acct_session_id
|
12
|
+
assert_equal session.audit_session_id, @audit_session_id
|
13
|
+
assert_equal session.calling_station_id, @calling_station_id
|
14
|
+
assert_equal session.framed_ip_address, @framed_ip_address
|
15
|
+
assert_equal session.nas_ip_address, @nas_ip_address
|
16
|
+
assert_equal session.server, @server
|
17
|
+
assert_equal session.user_name, @user_name
|
18
|
+
|
19
|
+
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
@@ -0,0 +1,22 @@
|
|
1
|
+
require './helper.rb'
|
2
|
+
|
3
|
+
class TestAuthStatusElement < MiniTest::Unit::TestCase
|
4
|
+
|
5
|
+
def test_auth_status_element
|
6
|
+
|
7
|
+
session = CiscoISE::AuthStatusElement.new(get_auth_status_xml)
|
8
|
+
|
9
|
+
# Let make sure all the data is parsed correctly
|
10
|
+
assert_instance_of CiscoISE::ActiveSession, session
|
11
|
+
assert_equal session.acct_session_id, @acct_session_id
|
12
|
+
assert_equal session.audit_session_id, @audit_session_id
|
13
|
+
assert_equal session.calling_station_id, @calling_station_id
|
14
|
+
assert_equal session.framed_ip_address, @framed_ip_address
|
15
|
+
assert_equal session.nas_ip_address, @nas_ip_address
|
16
|
+
assert_equal session.server, @server
|
17
|
+
assert_equal session.user_name, @user_name
|
18
|
+
|
19
|
+
|
20
|
+
end
|
21
|
+
|
22
|
+
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
require 'helper'
|
2
|
+
|
3
|
+
class TestProduct < MiniTest::Unit::TestCase
|
4
|
+
|
5
|
+
def test_product_with_good_node
|
6
|
+
|
7
|
+
product = CiscoISE::Product.new(get_product_xml(@type_of_node_good))
|
8
|
+
|
9
|
+
# Let make sure all the data is parsed correctly
|
10
|
+
assert_instance_of CiscoISE::Product, product
|
11
|
+
assert_equal product.name, @name
|
12
|
+
assert_equal product.type_of_node, @type_of_node_good
|
13
|
+
assert_equal product.type_of_node_as_code, @type_of_node_good_code
|
14
|
+
assert_equal product.version, @version
|
15
|
+
|
16
|
+
end
|
17
|
+
|
18
|
+
def test_product_with_bad_node
|
19
|
+
# Lets validate an error message is returned if we have a bad node type
|
20
|
+
product = CiscoISE::Product.new(get_product_xml(@type_of_node_bad))
|
21
|
+
assert_equal @type_of_node_bad_msg, product.type_of_node_as_code
|
22
|
+
end
|
23
|
+
|
24
|
+
end
|
metadata
ADDED
@@ -0,0 +1,86 @@
|
|
1
|
+
--- !ruby/object:Gem::Specification
|
2
|
+
name: cisco-ise
|
3
|
+
version: !ruby/object:Gem::Version
|
4
|
+
prerelease:
|
5
|
+
version: 0.1.0
|
6
|
+
platform: ruby
|
7
|
+
authors:
|
8
|
+
- Mark Sullivan
|
9
|
+
autorequire:
|
10
|
+
bindir: bin
|
11
|
+
cert_chain: []
|
12
|
+
|
13
|
+
date: 2012-05-01 00:00:00 Z
|
14
|
+
dependencies: []
|
15
|
+
|
16
|
+
description: A Ruby Cisco Identity Services Engine (ISE) API Wrapper
|
17
|
+
email: mark@sullivans.id.au
|
18
|
+
executables: []
|
19
|
+
|
20
|
+
extensions: []
|
21
|
+
|
22
|
+
extra_rdoc_files: []
|
23
|
+
|
24
|
+
files:
|
25
|
+
- lib/cisco-ise/acct-status-api.rb
|
26
|
+
- lib/cisco-ise/acct-status-element.rb
|
27
|
+
- lib/cisco-ise/active-count-api.rb
|
28
|
+
- lib/cisco-ise/active-list-api.rb
|
29
|
+
- lib/cisco-ise/active-session.rb
|
30
|
+
- lib/cisco-ise/auth-list-api.rb
|
31
|
+
- lib/cisco-ise/auth-status-api.rb
|
32
|
+
- lib/cisco-ise/auth-status-element.rb
|
33
|
+
- lib/cisco-ise/coa.rb
|
34
|
+
- lib/cisco-ise/delete-api.rb
|
35
|
+
- lib/cisco-ise/disconnect-api.rb
|
36
|
+
- lib/cisco-ise/end-point-ip-address-api.rb
|
37
|
+
- lib/cisco-ise/failure-reason.rb
|
38
|
+
- lib/cisco-ise/failure-reasons-api.rb
|
39
|
+
- lib/cisco-ise/http-session.rb
|
40
|
+
- lib/cisco-ise/mac-address-api.rb
|
41
|
+
- lib/cisco-ise/nas-ip-address-api.rb
|
42
|
+
- lib/cisco-ise/posture-count-api.rb
|
43
|
+
- lib/cisco-ise/product.rb
|
44
|
+
- lib/cisco-ise/profiler-count-api.rb
|
45
|
+
- lib/cisco-ise/reauth-api.rb
|
46
|
+
- lib/cisco-ise/session-count.rb
|
47
|
+
- lib/cisco-ise/session-parameters.rb
|
48
|
+
- lib/cisco-ise/user-name-api.rb
|
49
|
+
- lib/cisco-ise/version-api.rb
|
50
|
+
- lib/cisco-ise.rb
|
51
|
+
- LICENSE.txt
|
52
|
+
- README.rdoc
|
53
|
+
- test/helper.rb
|
54
|
+
- test/test_active-session.rb
|
55
|
+
- test/test_auth-status-element.rb
|
56
|
+
- test/test_cisco-ise.rb
|
57
|
+
- test/test_product.rb
|
58
|
+
homepage: http://github.com/marksull/cisco-ise
|
59
|
+
licenses: []
|
60
|
+
|
61
|
+
post_install_message:
|
62
|
+
rdoc_options: []
|
63
|
+
|
64
|
+
require_paths:
|
65
|
+
- lib
|
66
|
+
required_ruby_version: !ruby/object:Gem::Requirement
|
67
|
+
none: false
|
68
|
+
requirements:
|
69
|
+
- - ">="
|
70
|
+
- !ruby/object:Gem::Version
|
71
|
+
version: "0"
|
72
|
+
required_rubygems_version: !ruby/object:Gem::Requirement
|
73
|
+
none: false
|
74
|
+
requirements:
|
75
|
+
- - ">="
|
76
|
+
- !ruby/object:Gem::Version
|
77
|
+
version: "0"
|
78
|
+
requirements: []
|
79
|
+
|
80
|
+
rubyforge_project:
|
81
|
+
rubygems_version: 1.8.23
|
82
|
+
signing_key:
|
83
|
+
specification_version: 3
|
84
|
+
summary: Cisco ISE API Wrapper!
|
85
|
+
test_files: []
|
86
|
+
|