npm - @itentialopensource/adapter-cyberark - Versions diffs - 0.3.3 → 0.4.0 - Mend

@itentialopensource/adapter-cyberark 0.3.3 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

package/AUTH.md +33 -12
package/BROKER.md +31 -19
package/CALLS.md +59 -22
package/CHANGELOG.md +16 -0
package/PROPERTIES.md +5 -0
package/README.md +60 -63
package/SYSTEMINFO.md +18 -5
package/TAB1.md +14 -0
package/TAB2.md +342 -0
package/metadata.json +30 -5
package/package.json +7 -9
package/propertiesSchema.json +5 -0
package/refs?service=git-upload-pack +0 -0
package/report/adapterInfo.json +4 -4
package/report/updateReport1715610103599.json +120 -0
package/sampleProperties.json +38 -26
package/test/integration/adapterTestIntegration.js +1 -0
package/test/unit/adapterTestUnit.js +1 -3

package/TAB2.md ADDED Viewed

@@ -0,0 +1,342 @@
+# Cyberark
+## Table of Contents
+  - [Specific Adapter Information](#specific-adapter-information)
+    - [Authentication](#authentication)
+    - [Sample Properties](#sample-properties)
+    - [Swagger](#swagger)
+  - [Generic Adapter Information](#generic-adapter-information)
+## Specific Adapter Information
+### Authentication
+This document will go through the steps for authenticating the CyberArk adapter with Basic Authentication and API Key Authentication. Properly configuring the properties for an adapter in IAP is critical for getting the adapter online. You can read more about adapter authentication <a href="https://docs.itential.com/opensource/docs/authentication" target="_blank">HERE</a>.
+CyberArk also has the ability to request an access token. This process is not documented here.
+Companies periodically change authentication methods to provide better security. As this happens this section should be updated and contributed/merge back into the adapter repository.
+#### Basic Authentication
+The CyberArk adapter requires Basic Authentication. If you change authentication methods, you should change this section accordingly and merge it back into the adapter repository.
+STEPS
+1. Ensure you have access to a CyberArk server and that it is running
+2. Follow the steps in the README.md to import the adapter into IAP if you have not already done so
+3. Use the properties below for the ```properties.authentication``` field
+```json
+"authentication": {
+  "auth_method": "basic user_password",
+  "username": "<username>",
+  "password": "<password>",
+  "auth_field": "header.headers.Authorization",
+  "auth_field_format": "Basic {b64}{username}:{password}{/b64}",
+  "auth_logging": false
+}
+```
+you can leave all of the other properties in the authentication section, they will not be used for CyberArk basic authentication.
+4. Restart the adapter. If your properties were set correctly, the adapter should go online.
+#### API Key Authentication
+The CyberArk adapter also supports API Key Authentication. However, this process is more like Basic Auth just using the API Key instead of a password. If you change authentication methods, you should change this section accordingly and merge it back into the adapter repository.
+STEPS
+1. Ensure you have access to a CyberArk server and that it is running
+2. Follow the steps in the README.md to import the adapter into IAP if you have not already done so
+3. Use the properties below for the ```properties.authentication``` field
+```json
+"authentication": {
+  "auth_method": "static_token",
+  "username": "username",
+  "password": "apikey",
+  "auth_field": "header.headers.Authorization",
+  "auth_field_format": "Basic {b64}{username}:{password}{/b64}",
+  "auth_logging": false
+}
+```
+you can leave all of the other properties in the authentication section, they will not be used for CyberArk token authentication.
+4. Restart the adapter. If your properties were set correctly, the adapter should go online.
+#### Troubleshooting
+- Make sure you copied over the correct username and password.
+- Turn on debug level logs for the adapter in IAP Admin Essentials.
+- Turn on auth_logging for the adapter in IAP Admin Essentials (adapter properties).
+- Investigate the logs - in particular:
+  - The FULL REQUEST log to make sure the proper headers are being sent with the request.
+  - The FULL BODY log to make sure the payload is accurate.
+  - The CALL RETURN log to see what the other system is telling us.
+- Credentials should be ** masked ** by the adapter so make sure you verify the username and password - including that there are erroneous spaces at the front or end.
+- Remember when you are done to turn auth_logging off as you do not want to log credentials.
+### Sample Properties
+Sample Properties can be used to help you configure the adapter in the Itential Automation Platform. You will need to update connectivity information such as the host, port, protocol and credentials.
+```json
+  "properties": {
+    "host": "pvwa.example.com",
+    "port": 443,
+    "choosepath": "",
+    "base_path": "/",
+    "version": "",
+    "cache_location": "none",
+    "encode_pathvars": true,
+    "encode_queryvars": true,
+    "save_metric": false,
+    "stub": true,
+    "protocol": "https",
+    "authentication": {
+      "auth_method": "basic user_password",
+      "username": "username",
+      "password": "password",
+      "token": "token",
+      "token_timeout": 600000,
+      "token_cache": "local",
+      "invalid_token_error": 401,
+      "auth_field": "header.headers.Authorization",
+      "auth_field_format": "Basic {b64}{username}:{password}{/b64}",
+      "auth_logging": false,
+      "client_id": "",
+      "client_secret": "",
+      "grant_type": "",
+      "sensitive": [],
+      "sso": {
+        "protocol": "",
+        "host": "",
+        "port": 0
+      },
+      "multiStepAuthCalls": [
+        {
+          "name": "",
+          "requestFields": {},
+          "responseFields": {},
+          "successfullResponseCode": 200
+        }
+      ]
+    },
+    "healthcheck": {
+      "type": "none",
+      "frequency": 60000,
+      "query_object": {},
+      "addlHeaders": {}
+    },
+    "throttle": {
+      "throttle_enabled": false,
+      "number_pronghorns": 1,
+      "sync_async": "sync",
+      "max_in_queue": 1000,
+      "concurrent_max": 1,
+      "expire_timeout": 0,
+      "avg_runtime": 200,
+      "priorities": [
+        {
+          "value": 0,
+          "percent": 100
+        }
+      ]
+    },
+    "request": {
+      "number_redirects": 0,
+      "number_retries": 3,
+      "limit_retry_error": [
+        0
+      ],
+      "failover_codes": [],
+      "attempt_timeout": 5000,
+      "global_request": {
+        "payload": {},
+        "uriOptions": {},
+        "addlHeaders": {},
+        "authData": {}
+      },
+      "healthcheck_on_timeout": true,
+      "return_raw": false,
+      "archiving": false,
+      "return_request": false
+    },
+    "proxy": {
+      "enabled": false,
+      "host": "",
+      "port": 1,
+      "protocol": "http",
+      "username": "",
+      "password": ""
+    },
+    "ssl": {
+      "ecdhCurve": "",
+      "enabled": false,
+      "accept_invalid_cert": false,
+      "ca_file": "",
+      "key_file": "",
+      "cert_file": "",
+      "secure_protocol": "",
+      "ciphers": ""
+    },
+    "mongo": {
+      "host": "",
+      "port": 0,
+      "database": "",
+      "username": "",
+      "password": "",
+      "replSet": "",
+      "db_ssl": {
+        "enabled": false,
+        "accept_invalid_cert": false,
+        "ca_file": "",
+        "key_file": "",
+        "cert_file": ""
+      }
+    },
+    "devicebroker": {
+      "enabled": false,
+      "getDevice": [
+        {
+          "path": "/not/mapped",
+          "method": "GET",
+          "query": {},
+          "body": {},
+          "headers": {},
+          "handleFailure": "ignore",
+          "requestFields": {
+            "insample": "{port}"
+          },
+          "responseDatakey": "",
+          "responseFields": {
+            "name": "{this}{||}{that}",
+            "ostype": "{osfield}",
+            "ostypePrefix": "meraki-",
+            "port": "{port}",
+            "ipaddress": "{ip_addr}",
+            "serial": "{serial}"
+          }
+        }
+      ],
+      "getDevicesFiltered": [
+        {
+          "path": "/not/mapped",
+          "method": "GET",
+          "pagination": {
+            "offsetVar": "",
+            "limitVar": "",
+            "incrementBy": "limit",
+            "requestLocation": "query"
+          },
+          "query": {},
+          "body": {},
+          "headers": {},
+          "handleFailure": "ignore",
+          "requestFields": {},
+          "responseDatakey": "",
+          "responseFields": {
+            "name": "{this}{||}{that}",
+            "ostype": "{osfield}",
+            "ostypePrefix": "meraki-",
+            "port": "{port}",
+            "ipaddress": "{ip_addr}",
+            "serial": "{serial}",
+            "id": "{myid}"
+          }
+        }
+      ],
+      "isAlive": [
+        {
+          "path": "/not/mapped/{devID}",
+          "method": "GET",
+          "query": {},
+          "body": {},
+          "headers": {},
+          "handleFailure": "ignore",
+          "requestFields": {
+            "devID": "{id}"
+          },
+          "responseDatakey": "",
+          "responseFields": {
+            "status": "return2xx",
+            "statusValue": "AD.200"
+          }
+        }
+      ],
+      "getConfig": [
+        {
+          "path": "/not/mapped/{devID}",
+          "method": "GET",
+          "query": {},
+          "body": {},
+          "headers": {},
+          "handleFailure": "ignore",
+          "requestFields": {
+            "devID": "{id}"
+          },
+          "responseDatakey": "",
+          "responseFields": {}
+        }
+      ],
+      "getCount": [
+        {
+          "path": "/not/mapped",
+          "method": "GET",
+          "query": {},
+          "body": {},
+          "headers": {},
+          "handleFailure": "ignore",
+          "requestFields": {},
+          "responseDatakey": "",
+          "responseFields": {}
+        }
+      ]
+    },
+    "cache": {
+      "enabled": false,
+      "entities": [
+        {
+          "entityType": "device",
+          "frequency": 3600,
+          "flushOnFail": false,
+          "limit": 10000,
+          "retryAttempts": 5,
+          "sort": true,
+          "populate": [
+            {
+              "path": "/not/mapped",
+              "method": "GET",
+              "pagination": {
+                "offsetVar": "",
+                "limitVar": "",
+                "incrementBy": "limit",
+                "requestLocation": "query"
+              },
+              "query": {},
+              "body": {},
+              "headers": {},
+              "handleFailure": "ignore",
+              "requestFields": {},
+              "responseDatakey": "",
+              "responseFields": {
+                "name": "{this}{||}{that}",
+                "ostype": "{osfield}",
+                "ostypePrefix": "meraki-",
+                "port": "{port}",
+                "ipaddress": "{ip_addr}",
+                "serial": "{serial}",
+                "id": "{myid}"
+              }
+            }
+          ],
+          "cachedTasks": [
+            {
+              "name": "",
+              "filterField": "",
+              "filterLoc": ""
+            }
+          ]
+        }
+      ]
+    }
+  }
+```
+### [Swagger](https://gitlab.com/itentialopensource/adapters/security/adapter-cyberark/-/blob/master/report/adapter-openapi.json)
+## [Generic Adapter Information](https://gitlab.com/itentialopensource/adapters/security/adapter-cyberark/-/blob/master/README.md)

package/metadata.json CHANGED Viewed

@@ -36,20 +36,45 @@
     "isDeprecated": false
   },
   "brokerSince": "",
+  "authMethods": [
+    {
+      "type": "Basic Auth",
+      "primary": true
+    },
+    {
+      "type": "API Key",
+      "primary": true
+    },
+    {
+      "type": "Token",
+      "primary": true
+    }
+  ],
   "documentation": {
     "storeLink": "",
     "npmLink": "https://www.npmjs.com/package/@itentialopensource/adapter-cyberark",
-    "repoLink": "https://gitlab.com/itentialopensource/adapters/security/adapter-cyberark",
+    "repoLink": "https://gitlab.com/itentialopensource/adapters/adapter-cyberark",
     "docLink": "https://docs.itential.com/opensource/docs/cyberark",
     "demoLinks": [],
-    "trainingLinks": [],
+    "trainingLinks": [
+      {
+        "title": "Itential Academy",
+        "link": "https://www.itential.com/itential-academy/"
+      }
+    ],
     "faqLink": "https://docs.itential.com/opensource/docs/troubleshooting-an-adapter",
     "contributeLink": "https://gitlab.com/itentialopensource/adapters/contributing-guide",
     "issueLink": "https://itential.atlassian.net/servicedesk/customer/portals",
     "webLink": "https://www.itential.com/adapters/cyberark-access-management/",
-    "vendorLink": "",
-    "productLink": "",
-    "apiLinks": []
+    "vendorLink": "https://www.cyberark.com/",
+    "productLink": "https://www.cyberark.com/products/",
+    "apiLinks": [
+      {
+        "title": "CyberArk REST API",
+        "link": "https://docs.cyberark.com/conjur-enterprise/latest/en/Content/Developer/lp_REST_API.htm?tocpath=Developer%7CREST%C2%A0APIs%7C_____0",
+        "public": true
+      }
+    ]
   },
   "assets": [],
   "relatedItems": {

package/package.json CHANGED Viewed

@@ -1,10 +1,10 @@
 {
   "name": "@itentialopensource/adapter-cyberark",
-  "version": "0.3.3",
+  "version": "0.4.0",
   "description": "This adapter integrates with system described as: cyberark",
   "main": "adapter.js",
   "wizardVersion": "2.44.7",
-  "engineVersion": "1.67.14",
+  "engineVersion": "1.67.19",
   "adapterType": "http",
   "scripts": {
     "artifactize": "npm i && node utils/packModificationScript.js",
@@ -15,7 +15,6 @@
     "test:baseunit": "mocha test/unit/adapterBaseTestUnit.js --LOG=error",
     "test:unit": "mocha test/unit/adapterTestUnit.js --LOG=error",
     "test:integration": "mocha test/integration/adapterTestIntegration.js --LOG=error",
-    "test:cover": "nyc --reporter html --reporter text mocha --reporter dot test/*",
     "test": "npm run test:baseunit && npm run test:unit && npm run test:integration",
     "adapter:install": "npm i && node utils/tbScript.js install",
     "adapter:checkMigrate": "node utils/checkMigrate.js",
@@ -43,20 +42,20 @@
   ],
   "license": "Apache-2.0",
   "engines": {
-    "node": ">= 8.0.0",
+    "node": ">= 14.0.0",
     "npm": ">= 6.0.0"
   },
   "repository": {
     "type": "git",
-    "url": "git@gitlab.com:itentialopensource/adapters/security/adapter-cyberark.git"
+    "url": "git@gitlab.com:itentialopensource/adapters/adapter-cyberark.git"
   },
   "author": "Itential",
-  "homepage": "https://gitlab.com/itentialopensource/adapters/security/adapter-cyberark#readme",
+  "homepage": "https://gitlab.com/itentialopensource/adapters/adapter-cyberark#readme",
   "dependencies": {
-    "@itentialopensource/adapter-utils": "^5.3.8",
+    "@itentialopensource/adapter-utils": "^5.3.10",
     "acorn": "^8.10.0",
     "ajv": "^8.12.0",
-    "axios": "^1.6.7",
+    "axios": "^1.6.8",
     "commander": "^11.0.0",
     "dns-lookup-promise": "^1.0.4",
     "fs-extra": "^11.1.1",
@@ -64,7 +63,6 @@
     "mocha": "^10.3.0",
     "mocha-param": "^2.0.1",
     "mongodb": "^4.16.0",
-    "nyc": "^15.1.0",
     "ping": "^0.4.4",
     "prompts": "^2.4.2",
     "readline-sync": "^1.4.10",

package/propertiesSchema.json CHANGED Viewed

@@ -945,6 +945,11 @@
     "devicebroker": {
       "type": "object",
       "properties": {
+        "enabled": {
+          "type": "boolean",
+          "description": "Whether or not the device broker calls have been mapped",
+          "default": false
+        },
         "getDevice": {
           "type": "array",
           "description": "Broker call(s) to getDevice",

package/refs?service=git-upload-pack CHANGED Viewed

Binary file

package/report/adapterInfo.json CHANGED Viewed

@@ -1,10 +1,10 @@
 {
-  "version": "0.2.0",
-  "configLines": 43197,
+  "version": "0.3.4",
+  "configLines": 43202,
   "scriptLines": 1783,
   "codeLines": 67677,
-  "testLines": 43678,
+  "testLines": 43677,
   "testCases": 2250,
-  "totalCodeLines": 113138,
+  "totalCodeLines": 113137,
   "wfTasks": 730
 }

package/report/updateReport1715610103599.json ADDED Viewed

@@ -0,0 +1,120 @@
+{
+  "errors": [],
+  "statistics": [
+    {
+      "owner": "errorJson",
+      "description": "New adapter errors available for use",
+      "value": 0
+    },
+    {
+      "owner": "errorJson",
+      "description": "Adapter errors no longer available for use",
+      "value": 0
+    },
+    {
+      "owner": "errorJson",
+      "description": "Adapter errors that have been updated (e.g. recommendation changes)",
+      "value": 31
+    },
+    {
+      "owner": "packageJson",
+      "description": "Number of production dependencies",
+      "value": 16
+    },
+    {
+      "owner": "packageJson",
+      "description": "Number of development dependencies",
+      "value": 6
+    },
+    {
+      "owner": "packageJson",
+      "description": "Number of npm scripts",
+      "value": 21
+    },
+    {
+      "owner": "packageJson",
+      "description": "Runtime Library dependency",
+      "value": "^5.3.10"
+    },
+    {
+      "owner": "propertiesSchemaJson",
+      "description": "Adapter properties defined in the propertiesSchema file",
+      "value": 78
+    },
+    {
+      "owner": "markdown",
+      "description": "Number of lines in the README.md",
+      "value": 344
+    },
+    {
+      "owner": "markdown",
+      "description": "Number of lines in the SUMMARY.md",
+      "value": 9
+    },
+    {
+      "owner": "markdown",
+      "description": "Number of lines in the PROPERTIES.md",
+      "value": 647
+    },
+    {
+      "owner": "markdown",
+      "description": "Number of lines in the TROUBLESHOOT.md",
+      "value": 48
+    },
+    {
+      "owner": "markdown",
+      "description": "Number of lines in the ENHANCE.md",
+      "value": 70
+    },
+    {
+      "owner": "markdown",
+      "description": "Number of lines in the BROKER.md",
+      "value": 70
+    },
+    {
+      "owner": "unitTestJS",
+      "description": "Number of lines of code in unit tests",
+      "value": 21748
+    },
+    {
+      "owner": "unitTestJS",
+      "description": "Number of unit tests",
+      "value": 1466
+    },
+    {
+      "owner": "integrationTestJS",
+      "description": "Number of lines of code in integration tests",
+      "value": 20677
+    },
+    {
+      "owner": "integrationTestJS",
+      "description": "Number of integration tests",
+      "value": 714
+    },
+    {
+      "owner": "staticFile",
+      "description": "Number of lines of code in adapterBase.js",
+      "value": 1453
+    },
+    {
+      "owner": "staticFile",
+      "description": "Number of static files added",
+      "value": 36
+    },
+    {
+      "owner": "Overall",
+      "description": "Total lines of Code",
+      "value": 43878
+    },
+    {
+      "owner": "Overall",
+      "description": "Total Tests",
+      "value": 2180
+    },
+    {
+      "owner": "Overall",
+      "description": "Total Files",
+      "value": 6
+    }
+  ]
+}