@itentialopensource/adapter-cyberark 0.4.6 → 0.4.7

package/AUTH.md

@@ -48,6 +48,31 @@ you can leave all of the other properties in the authentication section, they wi
 
 4. Restart the adapter. If your properties were set correctly, the adapter should go online. 
 
+### OAuth Authentication
+The CyberArk adapter also supports OAuth Authentication. If you change authentication methods, you should change this section accordingly and merge it back into the adapter repository.
+
+STEPS  
+1. Ensure you have access to a CyberArk server and that it is running
+2. Follow the steps in the README.md to import the adapter into IAP if you have not already done so
+3. Use the properties below for the ```properties.authentication``` field
+```json
+"authentication": {
+  "auth_method": "request_token",
+  "token_timeout": 1800000,
+  "token_cache": "local",
+  "invalid_token_error": 401,
+  "auth_field": "header.headers.Authorization",
+  "auth_field_format": "{token}",
+  "auth_logging": false,
+  "client_id": "<client_id>",
+  "client_secret": "<client_secret>",
+  "grant_type": "client_credentials"
+}
+```
+you can leave all of the other properties in the authentication section, they will not be used for CyberArk OAuth authentication.
+
+4. Restart the adapter. If your properties were set correctly, the adapter should go online. 
+
 ### Troubleshooting
 - Make sure you copied over the correct username and password.
 - Turn on debug level logs for the adapter in IAP Admin Essentials.

package/TAB2.md

@@ -59,6 +59,31 @@ you can leave all of the other properties in the authentication section, they wi
 
 4. Restart the adapter. If your properties were set correctly, the adapter should go online. 
 
+#### OAuth Authentication
+The CyberArk adapter also supports OAuth Authentication. If you change authentication methods, you should change this section accordingly and merge it back into the adapter repository.
+
+STEPS  
+1. Ensure you have access to a CyberArk server and that it is running
+2. Follow the steps in the README.md to import the adapter into IAP if you have not already done so
+3. Use the properties below for the ```properties.authentication``` field
+```json
+"authentication": {
+  "auth_method": "request_token",
+  "token_timeout": 1800000,
+  "token_cache": "local",
+  "invalid_token_error": 401,
+  "auth_field": "header.headers.Authorization",
+  "auth_field_format": "{token}",
+  "auth_logging": false,
+  "client_id": "<client_id>",
+  "client_secret": "<client_secret>",
+  "grant_type": "client_credentials"
+}
+```
+you can leave all of the other properties in the authentication section, they will not be used for CyberArk OAuth authentication.
+
+4. Restart the adapter. If your properties were set correctly, the adapter should go online. 
+
 #### Troubleshooting
 - Make sure you copied over the correct username and password.
 - Turn on debug level logs for the adapter in IAP Admin Essentials.

package/entities/.system/action.json

@@ -4,13 +4,13 @@
       "name": "getToken",
       "protocol": "REST",
       "method": "POST",
-      "entitypath": "{base_path}/{version}/login",
+      "entitypath": "{base_path}/{version}/oauth2/platformtoken",
       "requestSchema": "schemaTokenReq.json",
       "responseSchema": "schemaTokenResp.json",
       "timeout": 0,
       "sendEmpty": false,
-      "requestDatatype": "",
-      "responseDatatype": "",
+      "requestDatatype": "URLENCODE",
+      "responseDatatype": "JSON",
       "headers": {},
       "sso": {
         "protocol": "",

package/entities/.system/schemaTokenReq.json

@@ -36,6 +36,39 @@
       },
       "external_name": "password"
     },
+    "client_id": {
+      "type": "string",
+      "description": "client id to log in with",
+      "parse": false,
+      "encode": false,
+      "encrypt": {
+        "type": "AES",
+        "key": ""
+      },
+      "external_name": "client_id"
+    },
+    "client_secret": {
+      "type": "string",
+      "description": "client secret to log in with",
+      "parse": false,
+      "encode": false,
+      "encrypt": {
+        "type": "AES",
+        "key": ""
+      },
+      "external_name": "client_secret"
+    },
+    "grant_type": {
+      "type": "string",
+      "description": "grant type being used",
+      "parse": false,
+      "encode": false,
+      "encrypt": {
+        "type": "AES",
+        "key": ""
+      },
+      "external_name": "grant_type"
+    },
     "token": {
       "type": "string",
       "description": "token returned by system",

package/entities/.system/schemaTokenResp.json

@@ -46,7 +46,7 @@
         "type": "AES",
         "key": ""
       },
-      "external_name": "token"
+      "external_name": "access_token"
     }
   },
   "definitions": {}

package/metadata.json

@@ -45,11 +45,15 @@
     },
     {
       "type": "API Key",
-      "primary": true
+      "primary": false
     },
     {
       "type": "Token",
-      "primary": true
+      "primary": false
+    },
+    {
+      "type": "OAuth",
+      "primary": false
     }
   ],
   "documentation": {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@itentialopensource/adapter-cyberark",
-  "version": "0.4.6",
+  "version": "0.4.7",
   "description": "This adapter integrates with system described as: cyberark",
   "main": "adapter.js",
   "wizardVersion": "2.44.7",

package/report/adapterInfo.json

@@ -1,5 +1,5 @@
 {
-  "version": "0.4.2",
+  "version": "0.4.6",
   "configLines": 43202,
   "scriptLines": 1783,
   "codeLines": 67677,