cmdbox 0.5.3.1__py3-none-any.whl → 0.6.0__py3-none-any.whl

cmdbox/app/edge.py

@@ -1,4 +1,4 @@
-from cmdbox.app import common, feature, options, web
+from cmdbox.app import common, edge_tool, feature, options, web
 from cmdbox.app.commons import convert
 from cmdbox.app.options import Options
 from fastapi import FastAPI, Request, HTTPException
@@ -26,7 +26,7 @@ class Edge(object):
         self.appcls = appcls
         self.ver = ver
         self.options = options.Options.getInstance()
-        self.tool = Tool(logger, appcls, ver)
+        self.tool = edge_tool.Tool(logger, appcls, ver)
         if self.ver is None:
             raise ValueError('ver is None')
         if self.appcls is None:
@@ -63,12 +63,30 @@ class Edge(object):
             conf = common.loadopt(conf_file)
         else:
             conf = dict()
+        skip_opts = []
+        input_opts = []
+        def _show_opts(choice_show:Dict[str, List[str]], value:str, ref_opts:List[Dict[str, Any]]) -> None:
+            for k, v in choice_show.items():
+                if k == value:
+                    input_opts.extend(v)
+                else:
+                    skip_opts.extend(v)
+                for r in ref_opts:
+                    for opt in v:
+                        if 'opt' not in r or r['opt'] is None:
+                            continue
+                        if 'choice_show' not in r or r['choice_show'] is None:
+                            continue
+                        _show_opts(r['choice_show'], '', [o for o in ref_opts if o['opt'] == opt])
         for r in ref_opts:
             if 'opt' not in r or r['opt'] is None:
                 continue
             opt = r['opt']
-            if opt in ['output_json', 'output_json_append', 'stdout_log', 'capture_stdout', 'capture_maxsize']:
+            if opt in ['tag', 'clmsg_id', 'output_json', 'output_json_append', 'stdout_log', 'capture_stdout', 'capture_maxsize']:
+                continue
+            if opt in skip_opts and opt not in input_opts:
                 continue
+            choice_show = r['choice_show'] if 'choice_show' in r else dict()
             default = conf[opt] if opt in conf else None
             default = r['default'] if default is None and 'default' in r else default
             default = default if default is not None else ''
@@ -86,6 +104,7 @@ class Edge(object):
                 value = questionary.select(f"{opt}:({help}):", choice, default=default).ask()
             else:
                 value = questionary.text(f"{opt}:({help}):", default=default, validate=lambda v:not required or len(v)>0).ask()
+            _show_opts(choice_show, value, ref_opts)
             if r['type'] == Options.T_BOOL: value = value=='True'
             if r['type'] == Options.T_INT: value = int(value)
             if r['type'] == Options.T_FLOAT: value = float(value)
@@ -129,43 +148,71 @@ class Edge(object):
             if 'auth_type' not in opt or opt['auth_type'] is None:
                 msg = dict(warn=f"Please run the `edge config` command. And please set the auth_type.")
                 return msg
-            if opt['auth_type'] == 'idpw' and ('user' not in opt or opt['user'] is None):
-                msg = dict(warn=f"Please run the `edge config` command. And please set the user.")
-                return msg
-            if opt['auth_type'] == 'idpw' and ('password' not in opt or opt['password'] is None):
-                msg = dict(warn=f"Please run the `edge config` command. And please set the password.")
-                return msg
-            if opt['auth_type'] == 'apikey' and ('apikey' not in opt or opt['apikey'] is None):
-                msg = dict(warn=f"Please run the `edge config` command. And please set the apikey.")
-                return msg
-            if opt['auth_type'] == 'oauth2' and ('oauth2' not in opt or opt['oauth2'] is None):
-                msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2.")
-                return msg
-            if opt['auth_type'] == 'oauth2' and ('oauth2_port' not in opt or opt['oauth2_port'] is None):
-                msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2_port.")
-                return msg
-            if isinstance(opt['oauth2_port'], str):
-                if not opt['oauth2_port'].isdigit():
-                    msg = dict(warn=f"Please set the numeric value in the oauth2_port. oauth2_port={opt['oauth2_port']}")
+            if opt['auth_type'] == 'idpw':
+                if 'user' not in opt or opt['user'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the user.")
                     return msg
-                opt['oauth2_port'] = int(opt['oauth2_port'])
-            if opt['oauth2'] == 'azure' and ('oauth2_tenant_id' not in opt or opt['oauth2_tenant_id'] is None):
-                msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2_tenant_id.")
-                return msg
-            if opt['auth_type'] == 'oauth2' and ('oauth2_client_id' not in opt or opt['oauth2_client_id'] is None):
-                msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2_client_id.")
-                return msg
-            if opt['auth_type'] == 'oauth2' and ('oauth2_client_secret' not in opt or opt['oauth2_client_secret'] is None):
-                msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2_client_secret.")
-                return msg
-            if opt['auth_type'] == 'oauth2' and ('oauth2_timeout' not in opt or opt['oauth2_timeout'] is None):
-                msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2_timeout.")
-                return msg
-            if isinstance(opt['oauth2_timeout'], str):
-                if not opt['oauth2_timeout'].isdigit():
-                    msg = dict(warn=f"Please set the numeric value in the oauth2_timeout. oauth2_timeout={opt['oauth2_timeout']}")
+                if 'password' not in opt or opt['password'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the password.")
                     return msg
-                opt['oauth2_timeout'] = int(opt['oauth2_timeout'])
+            if opt['auth_type'] == 'apikey':
+                if 'apikey' not in opt or opt['apikey'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the apikey.")
+                    return msg
+            if opt['auth_type'] == 'oauth2':
+                if 'oauth2' not in opt or opt['oauth2'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2.")
+                    return msg
+                if 'oauth2_port' not in opt or opt['oauth2_port'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2_port.")
+                    return msg
+                if isinstance(opt['oauth2_port'], str):
+                    if not opt['oauth2_port'].isdigit():
+                        msg = dict(warn=f"Please set the numeric value in the oauth2_port. oauth2_port={opt['oauth2_port']}")
+                        return msg
+                    opt['oauth2_port'] = int(opt['oauth2_port'])
+                if opt['oauth2'] == 'azure':
+                    if 'oauth2_tenant_id' not in opt or opt['oauth2_tenant_id'] is None:
+                        msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2_tenant_id.")
+                        return msg
+                if 'oauth2_client_id' not in opt or opt['oauth2_client_id'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2_client_id.")
+                    return msg
+                if 'oauth2_client_secret' not in opt or opt['oauth2_client_secret'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2_client_secret.")
+                    return msg
+                if 'oauth2_timeout' not in opt or opt['oauth2_timeout'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the oauth2_timeout.")
+                    return msg
+                if isinstance(opt['oauth2_timeout'], str):
+                    if not opt['oauth2_timeout'].isdigit():
+                        msg = dict(warn=f"Please set the numeric value in the oauth2_timeout. oauth2_timeout={opt['oauth2_timeout']}")
+                        return msg
+                    opt['oauth2_timeout'] = int(opt['oauth2_timeout'])
+            if opt['auth_type'] == 'saml':
+                if 'saml' not in opt or opt['saml'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the saml.")
+                    return msg
+                if 'saml_port' not in opt or opt['saml_port'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the saml.")
+                    return msg
+                if isinstance(opt['saml_port'], str):
+                    if not opt['saml_port'].isdigit():
+                        msg = dict(warn=f"Please set the numeric value in the saml_port. saml_port={opt['saml_port']}")
+                        return msg
+                    opt['saml_port'] = int(opt['saml_port'])
+                if opt['saml'] == 'azure':
+                    if 'saml_tenant_id' not in opt or opt['saml_tenant_id'] is None:
+                        msg = dict(warn=f"Please run the `edge config` command. And please set the saml_tenant_id.")
+                        return msg
+                if 'saml_timeout' not in opt or opt['saml_timeout'] is None:
+                    msg = dict(warn=f"Please run the `edge config` command. And please set the saml_timeout.")
+                    return msg
+                if isinstance(opt['saml_timeout'], str):
+                    if not opt['saml_timeout'].isdigit():
+                        msg = dict(warn=f"Please set the numeric value in the saml_timeout. saml_timeout={opt['saml_timeout']}")
+                        return msg
+                    opt['saml_timeout'] = int(opt['saml_timeout'])
             if 'svcert_no_verify' not in opt or opt['svcert_no_verify'] is not True:
                 opt['svcert_no_verify'] = False
             if 'timeout' not in opt or opt['timeout'] is None:
@@ -184,9 +231,12 @@ class Edge(object):
             if self.svcert_no_verify:
                 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
             status, msg = self.signin(opt.get('auth_type'), opt.get('user'), opt.get('password'), opt.get('apikey'),
-                                      opt.get('oauth2'), int(opt.get('oauth2_port')),
+                                      opt.get('oauth2'), int(opt.get('oauth2_port', 8091)),
                                       opt.get('oauth2_tenant_id'), opt.get('oauth2_client_id'), opt.get('oauth2_client_secret'),
-                                      int(opt.get('oauth2_timeout')))
+                                      int(opt.get('oauth2_timeout', 60)),
+                                      opt.get('saml'), int(opt.get('saml_port', 8091)),
+                                      opt.get('saml_tenant_id'), int(opt.get('saml_timeout', 60)))
+
             if status != 0:
                 return msg
 
@@ -247,8 +297,8 @@ class Edge(object):
         def _job(thevent:threading.Event, pipe_cmd, prevq:queue.Queue):
             resq:queue.Queue = pipe_cmd['resq']
             del pipe_cmd['resq']
-            tool = Tool(self.logger, self.appcls, self.ver)
-            tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2)
+            tool = edge_tool.Tool(self.logger, self.appcls, self.ver)
+            tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2, self.saml)
             feat:feature.Feature = self.options.get_cmd_attr(pipe_cmd['mode'], pipe_cmd['cmd'], 'feature')
             while not thevent.is_set():
                 prevres = None if prevq is None else prevq.get(pipe_cmd['timeout'])
@@ -304,8 +354,8 @@ class Edge(object):
             for opt in opts:
                 def mkcmd(opt):
                     def _ex():
-                        tool = Tool(self.logger, self.appcls, self.ver)
-                        tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2)
+                        tool = edge_tool.Tool(self.logger, self.appcls, self.ver)
+                        tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2, self.saml)
                         feat:feature.Feature = self.options.get_cmd_attr(opt['mode'], opt['cmd'], 'feature')
                         for status, ret in feat.edgerun(opt, tool, self.logger, self.timeout):
                             pass
@@ -329,7 +379,7 @@ class Edge(object):
             items = []
             items.append(pystray.MenuItem('Gui', lambda: self.tool.open_browser('/gui')))
             for k, op in opens.items():
-                def mkop(tool:Tool, href):
+                def mkop(tool:edge_tool.Tool, href):
                     return lambda: tool.open_browser(href)
                 items.append(pystray.MenuItem(op['html'], mkop(self.tool, op['href'])))
             return items
@@ -353,7 +403,9 @@ class Edge(object):
 
     def signin(self, auth_type:str, user:str, password:str, apikey:str,
                oauth2:str, oauth2_port:int, oauth2_tenant_id:str, oauth2_client_id:str, oauth2_client_secret:str,
-               oauth2_timeout:int) -> Tuple[int, Dict[str, Any]]:
+               oauth2_timeout:int,
+               saml:str, saml_port:int, saml_tenant_id:str,
+               saml_timeout:int) -> Tuple[int, Dict[str, Any]]:
         """
         サインインを行います
 
@@ -368,6 +420,10 @@ class Edge(object):
             oauth2_client_id (str): OAuth2クライアントID
             oauth2_client_secret (str): OAuth2クライアントシークレット
             oauth2_timeout (int): OAuth2タイムアウト
+            saml (str): SAML
+            saml_port (int): SAMLポート
+            saml_tenant_id (str): SAMLテナントID
+            saml_timeout (int): SAMLタイムアウト
 
         Returns:
             Tuple[int, Dict[str, Any]]: 終了コード, メッセージ
@@ -375,13 +431,14 @@ class Edge(object):
         self.session = requests.Session()
         self.signed_in = False
         self.oauth2 = oauth2
+        self.saml = saml
         if auth_type == "noauth":
             status, res, _ = self.site_request(self.session.get, "/gui")
             if status != 0: return status, res
             status, self.user_info = self.load_user_info()
             self.user_info['auth_type'] = auth_type
             if status != 0: return status, res
-            self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2)
+            self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2, self.saml)
             return 0, dict(success="No auth.")
 
         # ID/PW認証を使用する場合
@@ -398,7 +455,7 @@ class Edge(object):
             self.user_info['auth_type'] = auth_type
             self.user_info['password'] = password
             if status != 0: return status, res
-            self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2)
+            self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2, self.saml)
             return 0, dict(success="Signin Success.")
 
         # APIKEY認証を使用する場合
@@ -413,7 +470,7 @@ class Edge(object):
             self.user_info['auth_type'] = auth_type
             self.user_info['apikey'] = apikey
             if status != 0: return status, res
-            self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2)
+            self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2, self.saml)
             return 0, dict(success="Signin Success.")
 
         # OAuth2認証を使用する場合
@@ -453,9 +510,9 @@ class Edge(object):
                         status, self.user_info = self.load_user_info()
                         self.user_info['auth_type'] = auth_type
                         self.user_info['access_token'] = access_token
-                        if status != 0: return status, res
+                        if status != 0: return res
                         self.signed_in = True
-                        self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2)
+                        self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2, self.saml)
                         return dict(success="Signin success. Please close your browser.")
                     except Exception as e:
                         raise HTTPException(status_code=500, detail=f'Failed to get token. {e}')
@@ -519,9 +576,9 @@ class Edge(object):
                         status, self.user_info = self.load_user_info()
                         self.user_info['auth_type'] = auth_type
                         self.user_info['access_token'] = access_token
-                        if status != 0: return status, res
+                        if status != 0: return res
                         self.signed_in = True
-                        self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2)
+                        self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2, self.saml)
                         return dict(success="Signin success. Please close your browser.")
                     except Exception as e:
                         raise HTTPException(status_code=500, detail=f'Failed to get token. {e}')
@@ -549,7 +606,6 @@ class Edge(object):
                     time.sleep(1)
                 return 0, dict(success="Signin success.")
 
-
             # Azure OAuth2を使用する場合
             elif oauth2 == "azure":
                 if oauth2_tenant_id is None:
@@ -591,9 +647,9 @@ class Edge(object):
                         status, self.user_info = self.load_user_info()
                         self.user_info['auth_type'] = auth_type
                         self.user_info['access_token'] = access_token
-                        if status != 0: return status, res
+                        if status != 0: return res
                         self.signed_in = True
-                        self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2)
+                        self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2, self.saml)
                         return dict(success="Signin success. Please close your browser.")
                     except Exception as e:
                         raise HTTPException(status_code=500, detail=f'Failed to get token. {e}')
@@ -622,165 +678,78 @@ class Edge(object):
                     time.sleep(1)
                 return 0, dict(success="Signin success.")
 
-        return 1, dict(warn="unsupported auth_type.")
-
-class Tool(object):
-    def __init__(self, logger:logging.Logger, appcls=None, ver=None):
-        self.logger = logger
-        self.appcls = appcls
-        self.ver = ver
-
-    def notify(self, message:dict):
-        """
-        通知メッセージを表示します
-
-        Args:
-            message (dict): メッセージ
-        """
-        if type(message) is list:
-            message = message[0]
-        if type(message) is not dict:
-            message = {"info":str(message)}
-        if self.logger.level == logging.DEBUG:
-            self.logger.debug(f"notify: {common.to_str(message, slise=256)}")
-        try:
-            if 'success' in message and type(message['success']) == dict:
-                message = "\n".join([f"{k}:{v}" for k, v in message['success'].items()])
-                message = f'Success\n{message}'
-            else:
-                message = "\n".join([f"{k} : {v}" for k, v in message.items()])
-            import plyer
-            if hasattr(self, 'icon_path') and self.icon_path is not None:
-                plyer.notification.notify(title=self.ver.__title__, message=str(message)[:256], app_icon=str(self.icon_path))
-            else:
-                plyer.notification.notify(title=self.ver.__title__, message=str(message)[:256])
-        except Exception as e:
-            self.logger.error(f"notify error. {e}", exc_info=True)
-
-    def set_session(self, session:requests.Session, svcert_no_verify:bool, endpoint:str, icon_path:Path, user_info:Dict[str, Any], oauth2:str):
-        """
-        セッションを設定します
-
-        Args:
-            session (requests.Session): セッション
-            svcert_no_verify (bool): サーバー証明書の検証を行わない
-            endpoint (str): エンドポイント
-            icon_path (Path): アイコン画像のパス
-            user_info (Dict[str, Any]): ユーザー情報
-            oauth2 (str): OAuth2
-        """
-        self.session = session
-        self.svcert_no_verify = svcert_no_verify
-        self.endpoint = endpoint
-        self.icon_path = icon_path
-        self.user = user_info
-        self.oauth2 = oauth2
-
-    def exec_cmd(self, opt:Dict[str, Any], logger:logging.Logger, timeout:int, prevres:Any=None) -> Tuple[int, Dict[str, Any]]:
-        """
-        この機能のエッジ側の実行を行います
-
-        Args:
-            opt (Dict[str, Any]): オプション
-            logger (logging.Logger): ロガー
-            timeout (int): タイムアウト時間
-            prevres (Any): 前コマンドの結果。pipeline実行の実行結果を参照する時に使用します。
-
-        Returns:
-            Tuple[int, Dict[str, Any], Any]: 終了コード, 結果
-        """
-        if logger.level == logging.DEBUG:
-            logger.debug(f"exec_cmd: {self.endpoint}/exec_cmd/{opt['title']}")
-        if prevres is not None:
-            headers = {'content-type':'application/octet-stream'}
-            prevres = common.to_str(prevres)
-            res = self.session.post(f"{self.endpoint}/exec_cmd/{opt['title']}", headers=headers, data=prevres,
-                                    verify=not self.svcert_no_verify, timeout=timeout, allow_redirects=False)
-        else:
-            res = self.session.post(f"{self.endpoint}/exec_cmd/{opt['title']}",
-                                    verify=not self.svcert_no_verify, timeout=timeout, allow_redirects=False)
-
-        if res.status_code != 200:
-            msg = dict(warn=f"Access failed. status_code={res.status_code}")
-            logger.warning(f"Access failed. status_code={res.status_code}")
-            return 1, msg
-        else:
-            ret = msg = res.json()
-            if isinstance(msg, list):
-                if len(msg) == 0:
-                    logger.warning(f"No result.")
-                    return 1, dict(warn="No result.")
-                msg = msg[0]
-            if isinstance(msg, dict) and 'success' not in msg:
-                logger.warning(f"{msg}")
-                return 1, ret
-            if logger.level == logging.DEBUG:
-                logger.debug(f"{common.to_str(ret, slise=255)}")
-            return 0, ret
-
-    def pub_result(self, title:str, output:str, timeout:int) -> Tuple[int, Dict[str, Any]]:
-        """
-        結果を公開します
-
-        Args:
-            title (str): タイトル
-            output (str): 出力
-            logger (logging.Logger): ロガー
-            timeout (int): タイムアウト時間
+        # saml認証を使用する場合
+        elif auth_type == "saml":
+            # Azure samlを使用する場合
+            if saml == "azure":
+                if saml_tenant_id is None:
+                    return 1, dict(warn="Please specify the --saml_tenant_id option.")
+                saml_settings = dict(
+                    strict=False,
+                    debug=self.logger.level==logging.DEBUG,
+                    idp=dict(
+                        entityId=f'https://sts.windows.net/{saml_tenant_id}/',
+                        singleSignOnService=dict(
+                            url=f'https://login.microsoftonline.com/{saml_tenant_id}/saml2',
+                            binding=f'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'),
+                        certFingerprint='',
+                        certFingerprintAlgorithm='sha1',
+                        singleLogoutService=dict()),
+                    sp=dict(
+                        entityId=self.endpoint,
+                        assertionConsumerService=dict(
+                            url=f'http://localhost:{saml_port}/saml/azure/callback',
+                            binding=f'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST'),
+                        attributeConsumingService=dict(),
+                        singleLogoutService=dict(
+                            binding=f'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect'),
+                        NameIDFormat=f'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
+                        x509cert='',
+                        privateKey=''))
+                request_data = dict(
+                    https='off',
+                    http_host='localhost',
+                    server_port=saml_port,
+                    script_name=f'/saml/azure/gui?next=gui',
+                    post_data=dict(),
+                    get_data=dict(n=common.random_string(8)),
+                )
+                from onelogin.saml2.auth import OneLogin_Saml2_Auth
+                auth = OneLogin_Saml2_Auth(request_data=request_data, old_settings=saml_settings)
+
+                # SAML認証のコールバックを受けるFastAPIサーバーを起動
+                fastapi = FastAPI()
+                @fastapi.post('/saml/azure/callback')
+                async def saml_azure_callback(req:Request):
+                    form_data = await req.form()
+                    try:
+                        status, res, headers = self.site_request(self.session.post, f"/saml/azure/callback", data=form_data, ok_status=[200, 307])
+                        if status != 0 or headers.get('signin') is None:
+                            return dict(warn=f"Signin failed.")
+                        status, self.user_info = self.load_user_info()
+                        self.user_info['auth_type'] = auth_type
+                        if status != 0: return res
+                        self.signed_in = True
+                        self.user_info['saml_token'] = convert.str2b64str(common.to_str(form_data._dict))
+                        self.tool.set_session(self.session, self.svcert_no_verify, self.endpoint, self.icon_path, self.user_info, self.oauth2, self.saml)
+                        return dict(success="Signin success. Please close your browser.")
+                    except Exception as e:
+                        raise HTTPException(status_code=500, detail=f'Failed to get token. {e}')
 
-        Returns:
-            Tuple[int, Dict[str, Any]]: 終了コード, メッセージ
-        """
-        output = common.to_str(output)
-        data = f'title={urllib.parse.quote(title)}&output={urllib.parse.quote(output)}'
-        headers = {'content-type':'application/x-www-form-urlencoded'}
-        res = self.session.post(f"{self.endpoint}/result/pub", headers=headers, data=data,
-                                verify=not self.svcert_no_verify, timeout=timeout, allow_redirects=False)
-        if res.status_code != 200:
-            msg = dict(warn=f"Access failed. status_code={res.status_code}")
-            return 1, msg
-        else:
-            msg = res.json()
-            return 0, msg
+                if not hasattr(self, 'thUvicorn') or not self.thUvicorn.is_alive():
+                    self.thUvicorn = web.ThreadedUvicorn(self.logger, Config(app=fastapi, host='localhost', port=saml_port), {})
+                    self.thUvicorn.start()
+                    time.sleep(1)
 
-    def open_browser(self, path:str) -> Tuple[int, Dict[str, str]]:
-        """
-        指定したパスをブラウザで開きます。
-        この時認証情報を含めて開きます。
+                # SAML認証のリクエストを送信
+                webbrowser.open(auth.login())
 
-        Args:
-            path (str): パス
+                # 認証完了まで指定秒数待つ
+                tm = time.time()
+                while not self.signed_in:
+                    if time.time() - tm > saml_timeout:
+                        return 1, dict(warn="Signin Timeout.")
+                    time.sleep(1)
+                return 0, dict(success="Signin success.")
 
-        Returns:
-            Tuple[int, Dict[str, str]]: 終了コード, メッセージ
-        """
-        path = f"/{path}" if not path.startswith('/') else path
-        if not hasattr(self, 'user'):
-            webbrowser.open(f"{self.endpoint}{path}")
-            return 0, dict(success="Open browser.")
-        token = dict(auth_type=self.user['auth_type'])
-        if self.user['auth_type'] == "noauth":
-            webbrowser.open(f"{self.endpoint}{path}")
-            return 0, dict(success="Open browser.")
-        elif self.user['auth_type'] == "idpw":
-            hashed = self.user['password'] if self.user['hash']=='plain' else common.hash_password(self.user['password'], self.user['hash'])
-            token = dict(**token, **dict(user=self.user['name'], token=common.encrypt(path, hashed)))
-            token = convert.str2b64str(common.to_str(token))
-            webbrowser.open(f"{self.endpoint}/dosignin_token/{token}{path}")
-            return 0, dict(success="Open browser.")
-        elif self.user['auth_type'] == "apikey":
-            hashed = common.hash_password(self.user['apikey'], 'sha1')
-            token = dict(**token, **dict(user=self.user['name'], token=common.encrypt(path, hashed)))
-            token = convert.str2b64str(common.to_str(token))
-            webbrowser.open(f"{self.endpoint}/dosignin_token/{token}{path}")
-            return 0, dict(success="Open browser.")
-        elif self.user['auth_type'] == "oauth2" and self.oauth2 == 'google':
-            webbrowser.open(f"{self.endpoint}/oauth2/google/session/{self.user['access_token']}{path}")
-            return 0, dict(success="Open browser.")
-        elif self.user['auth_type'] == "oauth2" and self.oauth2 == 'github':
-            webbrowser.open(f"{self.endpoint}/oauth2/github/session/{self.user['access_token']}{path}")
-            return 0, dict(success="Open browser.")
-        elif self.user['auth_type'] == "oauth2" and self.oauth2 == 'azure':
-            webbrowser.open(f"{self.endpoint}/oauth2/azure/session/{self.user['access_token']}{path}")
-            return 0, dict(success="Open browser.")
         return 1, dict(warn="unsupported auth_type.")