sp-seutils 0.0.1 → 0.0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/sp-seutils.rb +92 -43
- metadata +6 -6
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: bbd1054feedb226b7502926e6451f215ec2f62accfd8be745175b0cf92be5e06
|
|
4
|
+
data.tar.gz: 43066d0e2dd362b67283d6556ec3efd2e37eba0554746e87bd06595efd4864a9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 781cdac94ae2401a189bf21cd63089facad7f038f1be198abcd761341ccc978a20c009148ea423350b8492d062085a9ed2bb5a0fca5ffa984908325aab7e338f
|
|
7
|
+
data.tar.gz: 490ee6136a6f58d2b5092bff2baa967957328613198c726647d4595b76614066244bfbc9fcf8b64014a27b08a2a4f3f51e361a2914aca342da69925b3c8095f3
|
data/lib/sp-seutils.rb
CHANGED
|
@@ -126,6 +126,38 @@ class SeUtils
|
|
|
126
126
|
return rest_result
|
|
127
127
|
end
|
|
128
128
|
|
|
129
|
+
#-----------------------------------------------------------------------------#
|
|
130
|
+
# run specified API method ... for v3 etc
|
|
131
|
+
# api must include the entire string if http args are used
|
|
132
|
+
# body is either json or a hash
|
|
133
|
+
#
|
|
134
|
+
def self.api_do(org,api,body,api_method,client_id,client_secret,user,pass,token=nil)
|
|
135
|
+
return nil unless ["patch","put","post","delete"].include? api_method.to_s
|
|
136
|
+
body = JSON.generate(body) if body.is_a? Hash
|
|
137
|
+
base_url = org.split(".identitynow.com").first+".api.identitynow.com"
|
|
138
|
+
url = URI.join(base_url, api).to_s
|
|
139
|
+
token = token || idn_oauth_3(org,client_id,client_secret,user,pass)
|
|
140
|
+
content_type = 'application/json'
|
|
141
|
+
content_type = 'application/json-patch+json' if api_method.to_s == "patch"
|
|
142
|
+
rest_result = nil
|
|
143
|
+
redirected_url = nil
|
|
144
|
+
response = RestClient::Request.new({
|
|
145
|
+
method: api_method.to_sym,
|
|
146
|
+
url: url,
|
|
147
|
+
payload: body,
|
|
148
|
+
timeout: nil,
|
|
149
|
+
headers: {'Authorization' => "Bearer #{token}",
|
|
150
|
+
"Accept"=>"*/*" ,
|
|
151
|
+
'Content-Type' => content_type,
|
|
152
|
+
'cache-control' => 'no-cache'
|
|
153
|
+
}
|
|
154
|
+
}).execute do |response, request, result, &block|
|
|
155
|
+
rest_result = handle_rest_response(response, request, result, &block)
|
|
156
|
+
end
|
|
157
|
+
return rest_result
|
|
158
|
+
end
|
|
159
|
+
|
|
160
|
+
|
|
129
161
|
|
|
130
162
|
#-----------------------------------------------------------------------------#
|
|
131
163
|
# Get a list of apps
|
|
@@ -188,7 +220,6 @@ class SeUtils
|
|
|
188
220
|
i = 0
|
|
189
221
|
loop do
|
|
190
222
|
url = URI.join(org, api).to_s+arg.to_s+"?limit=250&offset="+i.to_s
|
|
191
|
-
# puts "executing API GET #{url}"
|
|
192
223
|
token = token || idn_oauth(org,user,password,client_id,client_secret)
|
|
193
224
|
page = nil
|
|
194
225
|
RestClient.get(url, {'Authorization' => "Bearer #{token}", 'X-CSRF-Token' => 'nocheck' } ) do |response, request, result, &block|
|
|
@@ -206,7 +237,7 @@ class SeUtils
|
|
|
206
237
|
# returns JSON
|
|
207
238
|
#
|
|
208
239
|
def self.api_accessprofile_list(org,user,password,client_id,client_secret,token=nil)
|
|
209
|
-
api =
|
|
240
|
+
api = "api/v2/access-profiles"
|
|
210
241
|
rest_result = []
|
|
211
242
|
i = 0
|
|
212
243
|
loop do
|
|
@@ -228,7 +259,7 @@ class SeUtils
|
|
|
228
259
|
# returns JSON
|
|
229
260
|
#
|
|
230
261
|
def self.api_accessprofile_get(org,user,password,client_id,client_secret,id,token=nil)
|
|
231
|
-
api =
|
|
262
|
+
api = "api/v2/access-profiles/"+id.to_s
|
|
232
263
|
url = URI.join(org, api).to_s
|
|
233
264
|
token = token || idn_oauth(org,user,password,client_id,client_secret)
|
|
234
265
|
rest_result = nil
|
|
@@ -243,7 +274,7 @@ class SeUtils
|
|
|
243
274
|
# returns JSON
|
|
244
275
|
#
|
|
245
276
|
def self.api_workgroups_get(org,user,password,client_id,client_secret,id=nil,token=nil)
|
|
246
|
-
api =
|
|
277
|
+
api = "api/v2/workgroups/"+id.to_s # hopefully no more than 250 governance groups
|
|
247
278
|
url = URI.join(org, api).to_s
|
|
248
279
|
token = token || idn_oauth(org,user,password,client_id,client_secret)
|
|
249
280
|
rest_result = nil
|
|
@@ -413,7 +444,7 @@ class SeUtils
|
|
|
413
444
|
source_json[k] = "true" if v.is_a? TrueClass
|
|
414
445
|
source_json[k] = "false" if v.is_a? FalseClass
|
|
415
446
|
end
|
|
416
|
-
source_json["connectorAttributes"]["cloudExternalId"] = source_json["connectorAttributes"]["cloudExternalId"].to_s
|
|
447
|
+
# source_json["connectorAttributes"]["cloudExternalId"] = source_json["connectorAttributes"]["cloudExternalId"].to_s
|
|
417
448
|
|
|
418
449
|
# shouldn't be updating these things... we'll keep the ones from the GET
|
|
419
450
|
["type","connector","connectorClass","created", "modified"].each{|i| args.delete i}
|
|
@@ -490,31 +521,52 @@ class SeUtils
|
|
|
490
521
|
#-----------------------------------------------------------------------------#
|
|
491
522
|
# Get accounts from a source
|
|
492
523
|
#
|
|
493
|
-
def self.api_source_getaccounts(org,
|
|
494
|
-
|
|
495
|
-
|
|
496
|
-
|
|
497
|
-
|
|
498
|
-
|
|
499
|
-
|
|
500
|
-
|
|
501
|
-
|
|
502
|
-
|
|
503
|
-
|
|
504
|
-
|
|
505
|
-
|
|
506
|
-
|
|
507
|
-
|
|
508
|
-
|
|
509
|
-
|
|
510
|
-
|
|
511
|
-
|
|
512
|
-
|
|
513
|
-
|
|
514
|
-
|
|
515
|
-
|
|
516
|
-
|
|
517
|
-
|
|
524
|
+
def self.api_source_getaccounts(org,client_id,client_secret,source_id,token=nil)
|
|
525
|
+
api = "api/source/getAccounts"
|
|
526
|
+
|
|
527
|
+
args = "?id=#{source_id}"
|
|
528
|
+
url = cc_url(URI.join(org, api+args).to_s)
|
|
529
|
+
# puts "executing API GET #{url}"
|
|
530
|
+
token = token || idn_oauth_2(org,client_id,client_secret)
|
|
531
|
+
|
|
532
|
+
rest_result = nil
|
|
533
|
+
redirected_url = nil
|
|
534
|
+
response = RestClient::Request.new({
|
|
535
|
+
method: :get,
|
|
536
|
+
url: url,
|
|
537
|
+
timeout: nil,
|
|
538
|
+
headers: {'Authorization' => "Bearer #{token}",
|
|
539
|
+
"Accept"=>"*/*" ,
|
|
540
|
+
'cache-control' => 'no-cache'
|
|
541
|
+
}
|
|
542
|
+
}).execute do |response, request, result, &block|
|
|
543
|
+
rest_result = handle_rest_response(response, request, result, &block)
|
|
544
|
+
end
|
|
545
|
+
return rest_result
|
|
546
|
+
end
|
|
547
|
+
# api = "api/source/getAccounts"
|
|
548
|
+
|
|
549
|
+
# body = JSON.generate({:id=>source_id})
|
|
550
|
+
# url = cc_url(URI.join(org, api).to_s)
|
|
551
|
+
# token = token || idn_oauth(org,user,password,client_id,client_secret)
|
|
552
|
+
|
|
553
|
+
# rest_result = nil
|
|
554
|
+
# redirected_url = nil
|
|
555
|
+
# response = RestClient::Request.new({
|
|
556
|
+
# method: :get,
|
|
557
|
+
# url: url,
|
|
558
|
+
# payload: body,
|
|
559
|
+
# timeout: nil,
|
|
560
|
+
# headers: {'Authorization' => "Bearer #{token}",
|
|
561
|
+
# "Accept"=>"*/*" ,
|
|
562
|
+
# 'Content-Type' => 'application/json',
|
|
563
|
+
# 'cache-control' => 'no-cache'
|
|
564
|
+
# }
|
|
565
|
+
# }).execute do |response, request, result, &block|
|
|
566
|
+
# rest_result = handle_rest_response(response, request, result, &block)
|
|
567
|
+
# end
|
|
568
|
+
# return rest_result
|
|
569
|
+
# end
|
|
518
570
|
|
|
519
571
|
#-----------------------------------------------------------------------------#
|
|
520
572
|
# Get accounts CSV file
|
|
@@ -536,7 +588,6 @@ class SeUtils
|
|
|
536
588
|
i += page.length
|
|
537
589
|
page.each do |u|
|
|
538
590
|
users[u["name"].split(" ").join(".")] = u["externalId"] unless u.nil?
|
|
539
|
-
@idn_users << u unless u.nil?
|
|
540
591
|
nil_users+=1 if u.nil?
|
|
541
592
|
end
|
|
542
593
|
break if page.length != 250
|
|
@@ -571,7 +622,6 @@ class SeUtils
|
|
|
571
622
|
timeout: nil,
|
|
572
623
|
headers: {'Authorization' => "Bearer #{token}",
|
|
573
624
|
"Accept"=>"*/*" ,
|
|
574
|
-
'Cache-Control' => 'no-cache',
|
|
575
625
|
'Content-Type' => 'application/json',
|
|
576
626
|
'cache-control' => 'no-cache'
|
|
577
627
|
}
|
|
@@ -660,7 +710,6 @@ class SeUtils
|
|
|
660
710
|
timeout: nil,
|
|
661
711
|
headers: {'Authorization' => "Bearer #{token}",
|
|
662
712
|
"Accept"=>"*/*" ,
|
|
663
|
-
'Cache-Control' => 'no-cache',
|
|
664
713
|
'Content-Type' => 'application/json',
|
|
665
714
|
'cache-control' => 'no-cache'
|
|
666
715
|
}
|
|
@@ -1406,10 +1455,11 @@ class SeUtils
|
|
|
1406
1455
|
#
|
|
1407
1456
|
def self.api_source_reset(org,user,password,client_id,client_secret,id,query,token=nil)
|
|
1408
1457
|
api = "api/source/reset/"
|
|
1409
|
-
url = cc_url(URI.join(org, api
|
|
1458
|
+
url = cc_url(URI.join(org, api).to_s).to_s+"?id=#{id}"
|
|
1410
1459
|
token = token || idn_oauth(org,user,password,client_id,client_secret)
|
|
1411
1460
|
redirected_url = nil
|
|
1412
1461
|
rest_result = nil
|
|
1462
|
+
wait_for_identity_refresh(org,user,password,client_id,client_secret,token)
|
|
1413
1463
|
RestClient.post(url, nil,
|
|
1414
1464
|
{'Authorization' => "Bearer #{token}",'X-CSRF-Token' => 'nocheck' }) do |response, request, result, &block|
|
|
1415
1465
|
rest_result = handle_rest_response(response,request,result,&block)
|
|
@@ -1449,7 +1499,6 @@ class SeUtils
|
|
|
1449
1499
|
timeout: nil,
|
|
1450
1500
|
headers: {'Authorization' => "Bearer #{token}",
|
|
1451
1501
|
"Accept"=>"*/*" ,
|
|
1452
|
-
'Cache-Control' => 'no-cache',
|
|
1453
1502
|
'Content-Type' => 'application/json',
|
|
1454
1503
|
'cache-control' => 'no-cache'
|
|
1455
1504
|
}
|
|
@@ -1598,8 +1647,8 @@ class SeUtils
|
|
|
1598
1647
|
return result
|
|
1599
1648
|
end
|
|
1600
1649
|
|
|
1601
|
-
def self.source_name_id_extid(org,
|
|
1602
|
-
sources_list = JSON.parse(api_get(org,
|
|
1650
|
+
def self.source_name_id_extid(org,user,pass,client_id,client_secret,token)
|
|
1651
|
+
sources_list = JSON.parse(api_get(org,"source/list",user,pass,client_id,client_secret,token))
|
|
1603
1652
|
name_id_extid = {}
|
|
1604
1653
|
sources_list.each do |i|
|
|
1605
1654
|
next if i["name"] == "IdN Admins" # skip this source, which is flat file and unique to each IdN org
|
|
@@ -1611,7 +1660,7 @@ class SeUtils
|
|
|
1611
1660
|
return name_id_extid
|
|
1612
1661
|
end
|
|
1613
1662
|
|
|
1614
|
-
def self.entitlement_id_transform(org,
|
|
1663
|
+
def self.entitlement_id_transform(org,user,pass,client_id,client_secret,token)
|
|
1615
1664
|
entitlement_maps = {}
|
|
1616
1665
|
source_dir_contents = Dir.entries(@sources_dir)[2..-1]
|
|
1617
1666
|
sources = {}
|
|
@@ -1638,7 +1687,7 @@ class SeUtils
|
|
|
1638
1687
|
all_entitlement_map[ent["id"]][:name] = ent["displayableName"] if ent["displayName"].nil? # could be a bug?
|
|
1639
1688
|
end
|
|
1640
1689
|
end
|
|
1641
|
-
sources_list = JSON.parse(api_get(org,
|
|
1690
|
+
sources_list = JSON.parse(api_get(org,"source/list",user,pass,client_id,client_secret,token))
|
|
1642
1691
|
ext_ids = {}
|
|
1643
1692
|
sources_list.each do |i|
|
|
1644
1693
|
next if i["name"] == "IdN Admins" # skip this source, which is flat file and unique to each IdN org
|
|
@@ -1651,7 +1700,7 @@ class SeUtils
|
|
|
1651
1700
|
ext_ids.each do |id, ext_id|
|
|
1652
1701
|
threads << Thread.new do
|
|
1653
1702
|
app_entitlements = []
|
|
1654
|
-
result = api_get(org, "entitlement/list/?CISApplicationId=#{ext_id}",
|
|
1703
|
+
result = api_get(org, "entitlement/list/?CISApplicationId=#{ext_id}",user,pass,client_id,client_secret,token)
|
|
1655
1704
|
entitlement_bundle = JSON.parse(result)["items"]
|
|
1656
1705
|
entitlement_bundle.each do |ent|
|
|
1657
1706
|
entitlement = {}
|
|
@@ -2007,7 +2056,7 @@ class SeUtils
|
|
|
2007
2056
|
|
|
2008
2057
|
new_args.chop!
|
|
2009
2058
|
|
|
2010
|
-
args = URI.
|
|
2059
|
+
args = URI.encode_www_form_component(new_args)
|
|
2011
2060
|
|
|
2012
2061
|
api = "api/campaign/create"
|
|
2013
2062
|
url = URI.join(org, api, args).to_s
|
|
@@ -2289,7 +2338,7 @@ class SeUtils
|
|
|
2289
2338
|
args = args+k.to_s+"="+v.to_s+"&"
|
|
2290
2339
|
end
|
|
2291
2340
|
args.chop!
|
|
2292
|
-
return URI.
|
|
2341
|
+
return URI.encode_www_form_component(args)
|
|
2293
2342
|
end
|
|
2294
2343
|
|
|
2295
2344
|
def self.unescape(s)
|
|
@@ -2322,7 +2371,7 @@ class SeUtils
|
|
|
2322
2371
|
def self.rest_value_array(a)
|
|
2323
2372
|
return a if (a == []) || (a.nil?)
|
|
2324
2373
|
s = ["["]
|
|
2325
|
-
a.each{ |i| s << i+','}
|
|
2374
|
+
a.each{ |i| s << i.to_s+','}
|
|
2326
2375
|
s.last.chop!
|
|
2327
2376
|
s << "]"
|
|
2328
2377
|
a = s.join
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sp-seutils
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Josh Karnes
|
|
8
|
-
autorequire:
|
|
8
|
+
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2021-01-08 00:00:00.000000000 Z
|
|
12
12
|
dependencies: []
|
|
13
13
|
description: Utilities SailPoint SEs can use to help perform demo system tasks.
|
|
14
14
|
email: josh.karnes@sailpoint.com
|
|
@@ -21,7 +21,7 @@ homepage: https://rubygems.org/gems/sp-seutils
|
|
|
21
21
|
licenses:
|
|
22
22
|
- MIT
|
|
23
23
|
metadata: {}
|
|
24
|
-
post_install_message:
|
|
24
|
+
post_install_message:
|
|
25
25
|
rdoc_options: []
|
|
26
26
|
require_paths:
|
|
27
27
|
- lib
|
|
@@ -36,8 +36,8 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
36
36
|
- !ruby/object:Gem::Version
|
|
37
37
|
version: '0'
|
|
38
38
|
requirements: []
|
|
39
|
-
rubygems_version: 3.
|
|
40
|
-
signing_key:
|
|
39
|
+
rubygems_version: 3.2.4
|
|
40
|
+
signing_key:
|
|
41
41
|
specification_version: 4
|
|
42
42
|
summary: SailPoint SE Utilities
|
|
43
43
|
test_files: []
|