idnio 2.3.2b

data/lib/objects/integrations.rb

@@ -0,0 +1,149 @@
+#!/usr/bin/env ruby
+require "json"
+require "idnio/idnapi"
+require "idnio/program"
+require "idnio/markdown"
+
+module Integrations
+
+  #
+  # Exports Integration configurations.
+  #
+  def self.export( directory )
+
+    response = IDNAPI.get( "#{$url}/cc/api/integration/listSimIntegrations", $token )
+
+    case response
+    when Net::HTTPSuccess
+
+      integrations = JSON.parse( response.body )
+
+      $log.info "\tDetected #{integrations.count} integrations."
+
+      integrations.each do |integration|
+
+        $log.info "\tIntegration: #{integration["name"]}"
+        Program.write_file( "#{directory}/integrations/", "Integration - #{integration["name"]}.json", JSON.pretty_generate( integration ) )
+
+      end
+
+    else
+      $log.error "\tError: Unable to fetch integrations."
+    end # case response
+
+  end
+
+  def self.import( directory )
+
+    # Read from the file system to determine how many integrations we have.
+    integrations = Program.read_directory( "#{directory}/integrations" )
+    $log.info "\tDetected #{integrations.length} integrations."
+
+    # Iterate through each transform.
+    integrations.each do |integration|
+
+      # Get the integration JSON.
+      template_integration = JSON.parse( integration )
+
+      $log.info "\tIntegration: #{integration["name"]}"
+
+      existing_integration = Integrations.get_by_name( integration["name"] )
+
+      # If we don't have an existing integration, lets create one.
+      if existing_integration.nil?
+
+        # Remove any ID since this isn't used in the creation.
+        template_integration['id'] = nil
+
+        # Remove the source references, since we can't look these up any longer.
+        template_integration['sources'] = []
+        $log.warn "\t\tSources could not be resolved and set. You may need to configure these when complete."
+
+        # Resolve the cluster settings for this tenant.
+        cluster_ref = ReferenceResolver.get_default_cluster_ref
+        unless cluster_ref['id'].nil?
+          template_integration['cluster'] = cluster_ref['id']
+          $log.warn "\t\tUsing default Virtual Appliance cluster."
+        else
+          template_integration['cluster'] = nil
+          $log.warn "\t\tSources could not be resolved and set. You may need to configure these when complete."
+        end
+
+        IDNAPI.post_json( "#{$url}/cc/api/integration/createSimIntegration", $token, template_transform )
+
+      # If we don't have an existing integration, lets update the one we have.
+      else
+
+        template_integration['id'] = existing_integration['existing_integration']
+        template_integration['sources'] = existing_integration['sources']
+        template_integration['cluster'] = existing_integration['cluster']
+
+        IDNAPI.post_json( "#{$url}/cc/api/integration/updateSimIntegration", $token, template_transform )
+
+      end
+
+    end
+  end
+
+  #
+  # Documents Integration configurations.
+  #
+  def self.doc
+
+    response = IDNAPI.get( "#{$url}/cc/api/integration/listSimIntegrations", $token )
+
+    case response
+    when Net::HTTPSuccess
+
+      integrations = JSON.parse( response.body )
+
+      Markdown.h2 "Integrations"
+
+      $log.info "\tDetected #{integrations.count} integrations."
+
+      integrations.each do |integration|
+
+        $log.info "\tIntegration: #{integration["name"]}"
+
+        Markdown.h3 "#{integration["name"]}"
+        Markdown.text "- **Name** - #{integration["name"]}\n"
+        Markdown.text "- **Type** - #{integration["type"]}\n"
+        Markdown.text "- **Description** - #{integration["description"]}\n"
+        Markdown.text "- **Cluster** - #{integration["cluster"]}\n"
+
+        Markdown.text( "- **Sources**\n" )
+
+        integration["sources"].each do |source|
+          Markdown.text( "\t- #{source}\n" )
+        end
+
+        Markdown.text( "- **Attributes**\n" )
+
+        integration["attributes"].each do |key,value|
+          Markdown.text( "\t- **#{key}** - #{value}\n" )
+        end
+
+        Markdown.text( "- **Status Map**\n" )
+
+        Markdown.text "| Integration Status | IdentityNow Status |\n"
+        Markdown.text "|--------------------|--------------------|\n"
+        integration["statusMap"].each do |key,value|
+          Markdown.text( "| #{key} | #{value} |\n" )
+        end
+
+        Markdown.text( "- **Request**\n" )
+
+        integration["request"].each do |key,value|
+          Markdown.text( "\t- **#{key}** - `#{value}`\n" )
+        end
+
+      end
+
+    else
+      $log.error "\tError: Unable to fetch integrations."
+    end # case response
+
+    Markdown.write
+
+  end # def self.doc
+end

data/lib/objects/lifecycle-states.rb

@@ -0,0 +1,86 @@
+#!/usr/bin/env ruby
+require "json"
+require "idnio/idnapi"
+require "idnio/program"
+require "idnio/markdown"
+
+module LifecycleStates
+
+  #
+  # Exports Lifeycle State configurations.
+  #
+  def self.export( directory )
+
+    response = IDNAPI.get( "#{$url}/cc/api/profile/list", $token )
+
+    unless response.nil?
+
+      identityProfiles = JSON.parse( response.body )
+
+      identityProfiles.each do |identityProfile|
+
+        response = IDNAPI.get( "#{$url}/cc/api/profile/get/#{identityProfile["id"]}", $token )
+
+        unless response.nil?
+
+          JSON.parse( response.body )["configuredStates"].each do |lifecycleState|
+
+              response = IDNAPI.get( "#{$url}/cc/api/lifecycleState/get/#{lifecycleState["externalId"]}", $token )
+
+              lifecycleState = JSON.parse( response.body )
+
+              $log.info "\tLifecycle State: #{identityProfile["name"]} - #{lifecycleState["name"]}"
+
+              Program.write_file( "#{directory}/lifecycle-states/", "Lifecycle States - #{identityProfile["name"]} - #{lifecycleState["name"]}.json", JSON.pretty_generate( lifecycleState ) )
+
+          end
+        end
+      end
+    end
+  end
+
+  #
+  # Imports Lifeycle State configurations.
+  #
+  def self.import( directory )
+    $log.warn "\tImport for object type lifecycle-states is not supported at this time."
+  end
+
+  #
+  # Documents Lifecycle State configurations.
+  #
+  def self.doc
+    Markdown.h2( "Lifecycle States" )
+
+    response = IDNAPI.get( "#{$url}/cc/api/profile/list", $token )
+
+    unless response.nil?
+
+      identity_profiles = JSON.parse( response.body )
+
+      identity_profiles.each do |identity_profile|
+
+        response = IDNAPI.get( "#{$url}/cc/api/profile/get/#{identity_profile["id"]}", $token )
+
+        unless response.nil?
+
+          JSON.parse( response.body )["configuredStates"].each do |lifecycle_state|
+
+              response = IDNAPI.get( "#{$url}/cc/api/lifecycleState/get/#{lifecycle_state["externalId"]}", $token )
+
+              lifecycle_state = JSON.parse( response.body )
+
+              $log.info "\tLifecycle State: #{identity_profile["name"]} - #{lifecycle_state["displayName"]}"
+              Markdown.h3( "#{identity_profile["name"]} - #{lifecycle_state["name"]}" )
+              Markdown.text( "- **Display Name** - #{lifecycle_state["displayName"]}\n" )
+              Markdown.text( "- **Name** - #{lifecycle_state["name"]}\n" )
+              Markdown.text( "- **Enabled** - #{lifecycle_state["enabled"]}\n" )
+              Markdown.text( "- **Description** - #{lifecycle_state["description"]}\n" )
+          end
+        end
+      end
+    end
+    Markdown.write
+  end
+
+end

data/lib/objects/password-policies.rb

@@ -0,0 +1,107 @@
+#!/usr/bin/env ruby
+require "json"
+require "idnio/idnapi"
+require "idnio/program"
+require "idnio/markdown"
+
+module PasswordPolicies
+
+  def self.query( query )
+    response = IDNAPI.get( "#{$url}/cc/api/passwordPolicy/list", $token )
+    unless response.nil?
+      policies = JSON.parse( response.body )
+
+      policies.each do |policy|
+        if(policy["name"] == query)
+          return policy
+        end
+      end
+    end
+    return nil
+  end
+
+  def self.create( params )
+    create_params = {
+      "name" => params["name"],
+      "maxLength" => params["maxLength"],
+      "minLength" => params["minLength"],
+      "minAlpha" => params["minAlpha"],
+      "minUpper" => params["minUpper"],
+      "minLower" => params["minLower"],
+      "minNumeric" => params["minNumeric"],
+      "minSpecial" => params["minSpecial"],
+      "minCharacterTypes" => params["minCharacterTypes"],
+      "maxRepeatedChars" => params["maxRepeatedChars"],
+      "useHistory" => params["useHistory"],
+      "useAccountAttributes" => params["useAccountAttributes"],
+      "useIdentityAttributes" => params["useIdentityAttributes"],
+      "validateAgainstAccountName" => params["validateAgainstAccountName"],
+      "validateAgainstAccountId" => params["validateAgainstAccountId"],
+      "useDictionary" => params["useDictionary"],
+      "enablePasswdExpiration" => params["enablePasswdExpiration"],
+      "requireStrongAuthn" => params["requireStrongAuthn"],
+      "requireStrongAuthOffNetwork" => params["requireStrongAuthOffNetwork"],
+      "requireStrongAuthUntrustedGeographies" => params["requireStrongAuthUntrustedGeographies"]
+    }
+    response = IDNAPI.post_form( "#{$url}/cc/api/passwordPolicy/create", $token, create_params )
+    return response
+  end
+
+  def self.update( params, id )
+    update_params = {
+      "name" => params["name"],
+      "maxLength" => params["maxLength"],
+      "minLength" => params["minLength"],
+      "minAlpha" => params["minAlpha"],
+      "minUpper" => params["minUpper"],
+      "minLower" => params["minLower"],
+      "minNumeric" => params["minNumeric"],
+      "minSpecial" => params["minSpecial"],
+      "minCharacterTypes" => params["minCharacterTypes"],
+      "maxRepeatedChars" => params["maxRepeatedChars"],
+      "useHistory" => params["useHistory"],
+      "useAccountAttributes" => params["useAccountAttributes"],
+      "useIdentityAttributes" => params["useIdentityAttributes"],
+      "validateAgainstAccountName" => params["validateAgainstAccountName"],
+      "validateAgainstAccountId" => params["validateAgainstAccountId"],
+      "useDictionary" => params["useDictionary"],
+      "enablePasswdExpiration" => params["enablePasswdExpiration"],
+      "requireStrongAuthn" => params["requireStrongAuthn"],
+      "requireStrongAuthOffNetwork" => params["requireStrongAuthOffNetwork"],
+      "requireStrongAuthUntrustedGeographies" => params["requireStrongAuthUntrustedGeographies"]
+    }
+    response = IDNAPI.post_form( "#{$url}/cc/api/passwordPolicy/set/#{id}", $token, update_params )
+    return response
+  end
+
+  #
+  # Exports Password Policy configurations.
+  #
+  def self.export( directory )
+
+    response = IDNAPI.get( "#{$url}/cc/api/passwordPolicy/list", $token )
+    unless response.nil?
+        policies = JSON.parse( response.body )
+        $log.info "\tDetected #{policies.count} policies."
+        policies.each do |policy|
+          $log.debug "\tPolicy: #{policy["name"]}"
+          Program.write_file( "#{directory}/password-policies/", "Password Policy - #{policy["name"]}.json", JSON.pretty_generate( policy ) )
+        end
+    end
+  end
+
+  #
+  # Import Password Policies configurations.
+  #
+  def self.import( directory )
+    $log.warn "\tImport for object type password-policies is not supported at this time."
+  end
+
+  #
+  # Documents Password Policies configurations.
+  #
+  def self.doc
+    $log.warn "\tDocumentation for object type password-policies is not supported at this time."
+  end
+
+end

data/lib/objects/password-sync-groups.rb

@@ -0,0 +1,100 @@
+#!/usr/bin/env ruby
+require "json"
+require "idnio/idnapi"
+require "idnio/program"
+require "idnio/markdown"
+require "objects/sources"
+
+module PasswordSyncGroups
+
+  def self.getPolicyId( query )
+    response = IDNAPI.get( "#{$url}/cc/api/passwordPolicy/list", $token )
+    unless response.nil?
+      policies = JSON.parse( response.body )
+
+      policies.each do |policy|
+        if(policy["name"] == query)
+          return policy["id"]
+        end
+      end
+    end
+    return nil
+  end
+
+  def self.getPolicyName( query )
+    response = IDNAPI.get( "#{$url}/cc/api/passwordPolicy/get/#{query}", $token )
+    unless response.nil?
+      policy = JSON.parse( response.body )
+
+      return policy["name"]
+    end
+    return nil
+  end
+
+  def self.query( query )
+    response = IDNAPI.get( "#{$url}/cc/api/passwordSyncGroup/list", $token )
+    unless response.nil?
+      groups = JSON.parse( response.body )
+      groups.each do |group|
+        if(group["name"] == query)
+          return group
+        end
+      end
+    end
+    return nil
+  end
+
+  def self.create( param )
+    create_params = {
+      "name" => param["name"],
+      "passwordPolicyId" => param["passwordPolicyId"],
+      "sources" => param["sources"]
+    }
+    response = IDNAPI.post_json( "#{$url}/cc/api/passwordSyncGroup/create", $token, create_params )
+    return response
+  end
+
+  def self.update( param )
+    update_params = {
+      "id" => param["id"],
+      "name" => param["name"],
+      "passwordPolicyId" => param["passwordPolicyId"],
+      "sources" => param["sources"]
+    }
+    response = IDNAPI.post_json( "#{$url}/cc/api/passwordSyncGroup/set/#{param["id"]}", $token, update_params )
+    return response
+  end
+
+  #
+  # Exports Password Sync Group configurations.
+  #
+  def self.export( directory )
+
+    response = IDNAPI.get( "#{$url}/cc/api/passwordSyncGroup/list", $token )
+    unless response.nil?
+        groups = JSON.parse( response.body )
+        $log.info "\tDetected #{groups.count} sync groups."
+        groups.each do |group|
+          $log.debug "\tSync Group: #{group["name"]}"
+          policyName = PasswordSyncGroups.getPolicyName( group["passwordPolicyId"] )
+          group["passwordPolicyName"] = policyName
+          Program.write_file( "#{directory}/password-sync-groups/", "Password Sync Group - #{group["name"]}.json", group.to_json )
+        end
+    end
+  end
+
+  #
+  # Import Password Sync Groups configurations.
+  #
+  def self.import( directory )
+    $log.warn "\tImport for object type password-sync-groups is not supported at this time."
+  end
+
+  #
+  # Documents Password Sync Groups configurations.
+  #
+  def self.doc
+    $log.warn "\tDocumentation for object type password-sync-groups is not supported at this time."
+  end
+
+end

data/lib/objects/public-identities-config.rb

@@ -0,0 +1,78 @@
+#!/usr/bin/env ruby
+require "json"
+require "uri"
+require "idnio/idnapi"
+require "idnio/program"
+require "idnio/markdown"
+
+module PublicIdentitiesConfig
+
+  #
+  # Exports Public Identity Config
+  #
+  def self.export( directory )
+
+    response = IDNAPI.get( "#{$url}/beta/public-identities-config/", $token )
+    
+    case response
+    when Net::HTTPSuccess
+      $log.info "\tRetreived configuration."
+      config = JSON.parse( response.body )
+      Program.write_file( "#{directory}/public-identities-config/", "public-identities-config.json", JSON.pretty_generate( config ) )
+    else
+      $log.error "\tUnable to retreive configuration."
+    end
+
+  end
+
+  #
+  # Imports Public Identity Config
+  #
+  def self.import( directory )
+
+    # Read from the file system to determine how many configs we have.  We should really only have one.
+    configs = Program.read_directory( "#{directory}/public-identities-config/" )
+    $log.info "\tRetreived configuration."
+
+    # Iterate through each transform.
+    configs.each do |config|
+
+      $log.debug "\t\tImporting public identities config..."
+
+      response = IDNAPI.put_json( "#{$url}/beta/public-identities-config/", $token, JSON.parse( config ) )
+
+      case response
+      when Net::HTTPSuccess
+        $log.info "\tUpdated public identities config."
+      else
+        $log.error "\tUnable to import public identities config."
+      end
+    end
+  end
+
+  #
+  # Documents Public Identity Config
+  #
+  def self.doc
+
+    Markdown.h2( "Public Identity Config" )
+
+    response = IDNAPI.get( "#{$url}/beta/public-identities-config/", $token )
+    case response
+    when Net::HTTPSuccess
+      $log.info "\tRetreived configuration."
+
+      config = JSON.parse( response.body )
+
+      Markdown.text "Attributes:\n"
+      config['attributes'].each do |attribute|
+        Markdown.text "- #{attribute['name']}\n"
+      end
+
+    else
+      $log.error "\tUnable to retreive configuration."
+    end
+
+    Markdown.write
+  end
+end