zscaler-sdk-python 1.0.0__py2.py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- zscaler/__init__.py +34 -0
- zscaler/cache/__init__.py +0 -0
- zscaler/cache/cache.py +105 -0
- zscaler/cache/no_op_cache.py +68 -0
- zscaler/cache/zscaler_cache.py +161 -0
- zscaler/constants.py +26 -0
- zscaler/errors/__init__.py +0 -0
- zscaler/errors/error.py +10 -0
- zscaler/errors/http_error.py +20 -0
- zscaler/errors/zscaler_api_error.py +24 -0
- zscaler/exceptions/__init__.py +1 -0
- zscaler/exceptions/exceptions.py +101 -0
- zscaler/logger.py +57 -0
- zscaler/ratelimiter/__init__.py +0 -0
- zscaler/ratelimiter/ratelimiter.py +39 -0
- zscaler/user_agent.py +23 -0
- zscaler/utils.py +577 -0
- zscaler/zia/__init__.py +657 -0
- zscaler/zia/activate.py +52 -0
- zscaler/zia/admin_and_role_management.py +344 -0
- zscaler/zia/apptotal.py +71 -0
- zscaler/zia/audit_logs.py +95 -0
- zscaler/zia/authentication_settings.py +98 -0
- zscaler/zia/client.py +88 -0
- zscaler/zia/cloud_apps.py +406 -0
- zscaler/zia/device_management.py +90 -0
- zscaler/zia/dlp.py +784 -0
- zscaler/zia/errors.py +37 -0
- zscaler/zia/firewall.py +1104 -0
- zscaler/zia/forwarding_control.py +271 -0
- zscaler/zia/isolation_profile.py +83 -0
- zscaler/zia/labels.py +180 -0
- zscaler/zia/locations.py +661 -0
- zscaler/zia/sandbox.py +180 -0
- zscaler/zia/security.py +236 -0
- zscaler/zia/ssl_inspection.py +175 -0
- zscaler/zia/traffic.py +853 -0
- zscaler/zia/url_categories.py +442 -0
- zscaler/zia/url_filtering.py +310 -0
- zscaler/zia/users.py +386 -0
- zscaler/zia/web_dlp.py +295 -0
- zscaler/zia/workload_groups.py +58 -0
- zscaler/zia/zpa_gateway.py +187 -0
- zscaler/zpa/__init__.py +683 -0
- zscaler/zpa/app_segments.py +331 -0
- zscaler/zpa/app_segments_inspection.py +311 -0
- zscaler/zpa/app_segments_pra.py +310 -0
- zscaler/zpa/certificates.py +234 -0
- zscaler/zpa/client.py +113 -0
- zscaler/zpa/cloud_connector_groups.py +75 -0
- zscaler/zpa/connectors.py +518 -0
- zscaler/zpa/emergency_access.py +178 -0
- zscaler/zpa/errors.py +37 -0
- zscaler/zpa/idp.py +83 -0
- zscaler/zpa/inspection.py +1012 -0
- zscaler/zpa/isolation_profile.py +85 -0
- zscaler/zpa/lss.py +568 -0
- zscaler/zpa/machine_groups.py +79 -0
- zscaler/zpa/policies.py +848 -0
- zscaler/zpa/posture_profiles.py +122 -0
- zscaler/zpa/privileged_remote_access.py +862 -0
- zscaler/zpa/provisioning.py +271 -0
- zscaler/zpa/saml_attributes.py +100 -0
- zscaler/zpa/scim_attributes.py +117 -0
- zscaler/zpa/scim_groups.py +146 -0
- zscaler/zpa/segment_groups.py +191 -0
- zscaler/zpa/server_groups.py +217 -0
- zscaler/zpa/servers.py +202 -0
- zscaler/zpa/service_edges.py +404 -0
- zscaler/zpa/trusted_networks.py +127 -0
- zscaler_sdk_python-1.0.0.dist-info/LICENSE.md +21 -0
- zscaler_sdk_python-1.0.0.dist-info/METADATA +59 -0
- zscaler_sdk_python-1.0.0.dist-info/RECORD +75 -0
- zscaler_sdk_python-1.0.0.dist-info/WHEEL +6 -0
- zscaler_sdk_python-1.0.0.dist-info/top_level.txt +1 -0
|
@@ -0,0 +1,310 @@
|
|
|
1
|
+
# -*- coding: utf-8 -*-
|
|
2
|
+
|
|
3
|
+
# Copyright (c) 2023, Zscaler Inc.
|
|
4
|
+
#
|
|
5
|
+
# Permission to use, copy, modify, and/or distribute this software for any
|
|
6
|
+
# purpose with or without fee is hereby granted, provided that the above
|
|
7
|
+
# copyright notice and this permission notice appear in all copies.
|
|
8
|
+
#
|
|
9
|
+
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
10
|
+
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
11
|
+
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
12
|
+
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
13
|
+
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
14
|
+
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
15
|
+
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
16
|
+
|
|
17
|
+
from box import Box, BoxList
|
|
18
|
+
from requests import Response
|
|
19
|
+
|
|
20
|
+
from zscaler.utils import (
|
|
21
|
+
add_id_groups,
|
|
22
|
+
convert_keys,
|
|
23
|
+
recursive_snake_to_camel,
|
|
24
|
+
snake_to_camel,
|
|
25
|
+
)
|
|
26
|
+
from zscaler.zpa.client import ZPAClient
|
|
27
|
+
|
|
28
|
+
|
|
29
|
+
class AppSegmentsPRAAPI:
|
|
30
|
+
# Params that need reformatting
|
|
31
|
+
reformat_params = [
|
|
32
|
+
("server_group_ids", "serverGroups"),
|
|
33
|
+
]
|
|
34
|
+
|
|
35
|
+
def __init__(self, client: ZPAClient):
|
|
36
|
+
self.rest = client
|
|
37
|
+
|
|
38
|
+
def list_segments_pra(self, **kwargs) -> BoxList:
|
|
39
|
+
"""
|
|
40
|
+
Retrieve all configured application segments.
|
|
41
|
+
|
|
42
|
+
Returns:
|
|
43
|
+
:obj:`BoxList`: List of application segments.
|
|
44
|
+
|
|
45
|
+
Examples:
|
|
46
|
+
>>> app_segments = zpa.app_segments.list_segments()
|
|
47
|
+
|
|
48
|
+
"""
|
|
49
|
+
list, _ = self.rest.get_paginated_data(path="/application", **kwargs)
|
|
50
|
+
return list
|
|
51
|
+
|
|
52
|
+
def get_segment_pra(self, segment_id: str) -> Box:
|
|
53
|
+
"""
|
|
54
|
+
Get information for an application segment.
|
|
55
|
+
|
|
56
|
+
Args:
|
|
57
|
+
segment_id (str):
|
|
58
|
+
The unique identifier for the application segment.
|
|
59
|
+
|
|
60
|
+
Returns:
|
|
61
|
+
:obj:`Box`: The application segment resource record.
|
|
62
|
+
|
|
63
|
+
Examples:
|
|
64
|
+
>>> app_segment = zpa.app_segments.details('99999')
|
|
65
|
+
|
|
66
|
+
"""
|
|
67
|
+
return self.rest.get(f"application/{segment_id}")
|
|
68
|
+
|
|
69
|
+
def get_segment_pra_by_name(self, name):
|
|
70
|
+
apps = self.list_segments_pra()
|
|
71
|
+
for app in apps:
|
|
72
|
+
if app.get("name") == name:
|
|
73
|
+
return app
|
|
74
|
+
return None
|
|
75
|
+
|
|
76
|
+
def delete_segment_pra(self, segment_id: str, force_delete: bool = False) -> int:
|
|
77
|
+
"""
|
|
78
|
+
Delete an application segment.
|
|
79
|
+
|
|
80
|
+
Args:
|
|
81
|
+
force_delete (bool):
|
|
82
|
+
Setting this field to true deletes the mapping between Application Segment and Segment Group.
|
|
83
|
+
segment_id (str):
|
|
84
|
+
The unique identifier for the application segment.
|
|
85
|
+
|
|
86
|
+
Returns:
|
|
87
|
+
:obj:`int`: The operation response code.
|
|
88
|
+
|
|
89
|
+
Examples:
|
|
90
|
+
Delete an Application Segment with an id of 99999.
|
|
91
|
+
|
|
92
|
+
>>> zpa.app_segments.delete('99999')
|
|
93
|
+
|
|
94
|
+
Force deletion of an Application Segment with an id of 88888.
|
|
95
|
+
|
|
96
|
+
>>> zpa.app_segments.delete('88888', force_delete=True)
|
|
97
|
+
|
|
98
|
+
"""
|
|
99
|
+
query = ""
|
|
100
|
+
if force_delete:
|
|
101
|
+
query = "forceDelete=true"
|
|
102
|
+
response = self.rest.delete("/application/%s?%s" % (segment_id, query))
|
|
103
|
+
return response.status_code
|
|
104
|
+
|
|
105
|
+
def add_segment_pra(
|
|
106
|
+
self,
|
|
107
|
+
name: str,
|
|
108
|
+
domain_names: list,
|
|
109
|
+
segment_group_id: str,
|
|
110
|
+
server_group_ids: list,
|
|
111
|
+
tcp_port_ranges: list = None,
|
|
112
|
+
udp_port_ranges: list = None,
|
|
113
|
+
common_apps_dto: dict = None,
|
|
114
|
+
**kwargs,
|
|
115
|
+
) -> Box:
|
|
116
|
+
"""
|
|
117
|
+
Create an application segment.
|
|
118
|
+
|
|
119
|
+
Args:
|
|
120
|
+
segment_group_id (str):
|
|
121
|
+
The unique identifer for the segment group this application segment belongs to.
|
|
122
|
+
udp_ports (:obj:`list` of :obj:`str`):
|
|
123
|
+
List of udp port range pairs, e.g. ['35000', '35000'] for port 35000.
|
|
124
|
+
tcp_ports (:obj:`list` of :obj:`str`):
|
|
125
|
+
List of tcp port range pairs, e.g. ['22', '22'] for port 22-22, ['80', '100'] for 80-100.
|
|
126
|
+
domain_names (:obj:`list` of :obj:`str`):
|
|
127
|
+
List of domain names or IP addresses for the application segment.
|
|
128
|
+
name (str):
|
|
129
|
+
The name of the application segment.
|
|
130
|
+
server_group_ids (:obj:`list` of :obj:`str`):
|
|
131
|
+
The list of server group IDs that belong to this application segment.
|
|
132
|
+
**kwargs:
|
|
133
|
+
Optional keyword args.
|
|
134
|
+
|
|
135
|
+
Keyword Args:
|
|
136
|
+
bypass_type (str):
|
|
137
|
+
The type of bypass for the Application Segment. Accepted values are `ALWAYS`, `NEVER` and `ON_NET`.
|
|
138
|
+
config_space (str):
|
|
139
|
+
The config space for this Application Segment. Accepted values are `DEFAULT` and `SIEM`.
|
|
140
|
+
default_idle_timeout (int):
|
|
141
|
+
The Default Idle Timeout for the Application Segment.
|
|
142
|
+
default_max_age (int):
|
|
143
|
+
The Default Max Age for the Application Segment.
|
|
144
|
+
description (str):
|
|
145
|
+
Additional information about this Application Segment.
|
|
146
|
+
double_encrypt (bool):
|
|
147
|
+
Double Encrypt the Application Segment micro-tunnel.
|
|
148
|
+
enabled (bool):
|
|
149
|
+
Enable the Application Segment.
|
|
150
|
+
health_check_type (str):
|
|
151
|
+
Set the Health Check Type. Accepted values are `DEFAULT` and `NONE`.
|
|
152
|
+
health_reporting (str):
|
|
153
|
+
Set the Health Reporting. Accepted values are `NONE`, `ON_ACCESS` and `CONTINUOUS`.
|
|
154
|
+
ip_anchored (bool):
|
|
155
|
+
Enable IP Anchoring for this Application Segment.
|
|
156
|
+
is_cname_enabled (bool):
|
|
157
|
+
Enable CNAMEs for this Application Segment.
|
|
158
|
+
passive_health_enabled (bool):
|
|
159
|
+
Enable Passive Health Checks for this Application Segment.
|
|
160
|
+
icmp_access_type (str): Sets ICMP access type for ZPA clients.
|
|
161
|
+
|
|
162
|
+
Returns:
|
|
163
|
+
:obj:`Box`: The newly created application segment resource record.
|
|
164
|
+
|
|
165
|
+
Examples:
|
|
166
|
+
Add a new application segment for example.com, ports 8080-8085.
|
|
167
|
+
|
|
168
|
+
>>> zpa.app_segments.add_segment('new_app_segment',
|
|
169
|
+
... domain_names=['example.com'],
|
|
170
|
+
... segment_group_id='99999',
|
|
171
|
+
... tcp_ports=['8080', '8085'],
|
|
172
|
+
... server_group_ids=['99999', '88888'])
|
|
173
|
+
|
|
174
|
+
"""
|
|
175
|
+
|
|
176
|
+
# Initialise payload
|
|
177
|
+
payload = {
|
|
178
|
+
"name": name,
|
|
179
|
+
"domainNames": domain_names,
|
|
180
|
+
"tcpPortRanges": tcp_port_ranges,
|
|
181
|
+
"udpPortRanges": udp_port_ranges,
|
|
182
|
+
"segmentGroupId": segment_group_id,
|
|
183
|
+
"commonAppsDto": common_apps_dto if common_apps_dto else None,
|
|
184
|
+
"serverGroups": [{"id": group_id} for group_id in server_group_ids],
|
|
185
|
+
}
|
|
186
|
+
|
|
187
|
+
# Process common_apps_dto if it's provided
|
|
188
|
+
if common_apps_dto:
|
|
189
|
+
camel_common_apps_dto = recursive_snake_to_camel(common_apps_dto)
|
|
190
|
+
payload["commonAppsDto"] = camel_common_apps_dto
|
|
191
|
+
|
|
192
|
+
add_id_groups(self.reformat_params, kwargs, payload)
|
|
193
|
+
for key, value in kwargs.items():
|
|
194
|
+
if value is not None:
|
|
195
|
+
payload[snake_to_camel(key)] = value
|
|
196
|
+
|
|
197
|
+
# Convert the entire payload's keys to camelCase before sending
|
|
198
|
+
camel_payload = recursive_snake_to_camel(payload)
|
|
199
|
+
for key, value in kwargs.items():
|
|
200
|
+
if value is not None:
|
|
201
|
+
camel_payload[snake_to_camel(key)] = value
|
|
202
|
+
|
|
203
|
+
response = self.rest.post("application", json=camel_payload)
|
|
204
|
+
if isinstance(response, Response):
|
|
205
|
+
# this is only true when the creation failed (status code is not 2xx)
|
|
206
|
+
status_code = response.status_code
|
|
207
|
+
# Handle error response
|
|
208
|
+
raise Exception(
|
|
209
|
+
f"API call failed with status {status_code}: {response.json()}"
|
|
210
|
+
)
|
|
211
|
+
return response
|
|
212
|
+
|
|
213
|
+
def update_segment_pra(
|
|
214
|
+
self, segment_id: str, common_apps_dto=None, **kwargs
|
|
215
|
+
) -> Box:
|
|
216
|
+
"""
|
|
217
|
+
Update an application segment.
|
|
218
|
+
|
|
219
|
+
Args:
|
|
220
|
+
segment_id (str):
|
|
221
|
+
The unique identifier for the application segment.
|
|
222
|
+
**kwargs:
|
|
223
|
+
Optional params.
|
|
224
|
+
|
|
225
|
+
Keyword Args:
|
|
226
|
+
bypass_type (str):
|
|
227
|
+
The type of bypass for the Application Segment. Accepted values are `ALWAYS`, `NEVER` and `ON_NET`.
|
|
228
|
+
config_space (str):
|
|
229
|
+
The config space for this Application Segment. Accepted values are `DEFAULT` and `SIEM`.
|
|
230
|
+
default_idle_timeout (int):
|
|
231
|
+
The Default Idle Timeout for the Application Segment.
|
|
232
|
+
default_max_age (int):
|
|
233
|
+
The Default Max Age for the Application Segment.
|
|
234
|
+
description (str):
|
|
235
|
+
Additional information about this Application Segment.
|
|
236
|
+
domain_names (:obj:`list` of :obj:`str`):
|
|
237
|
+
List of domain names or IP addresses for the application segment.
|
|
238
|
+
double_encrypt (bool):
|
|
239
|
+
Double Encrypt the Application Segment micro-tunnel.
|
|
240
|
+
enabled (bool):
|
|
241
|
+
Enable the Application Segment.
|
|
242
|
+
health_check_type (str):
|
|
243
|
+
Set the Health Check Type. Accepted values are `DEFAULT` and `NONE`.
|
|
244
|
+
health_reporting (str):
|
|
245
|
+
Set the Health Reporting. Accepted values are `NONE`, `ON_ACCESS` and `CONTINUOUS`.
|
|
246
|
+
ip_anchored (bool):
|
|
247
|
+
Enable IP Anchoring for this Application Segment.
|
|
248
|
+
is_cname_enabled (bool):
|
|
249
|
+
Enable CNAMEs for this Application Segment.
|
|
250
|
+
name (str):
|
|
251
|
+
The name of the application segment.
|
|
252
|
+
passive_health_enabled (bool):
|
|
253
|
+
Enable Passive Health Checks for this Application Segment.
|
|
254
|
+
segment_group_id (str):
|
|
255
|
+
The unique identifer for the segment group this application segment belongs to.
|
|
256
|
+
server_group_ids (:obj:`list` of :obj:`str`):
|
|
257
|
+
The list of server group IDs that belong to this application segment.
|
|
258
|
+
tcp_ports (:obj:`list` of :obj:`tuple`):
|
|
259
|
+
List of TCP port ranges specified as a tuple pair, e.g. for ports 21-23, 8080-8085 and 443:
|
|
260
|
+
[(21, 23), (8080, 8085), (443, 443)]
|
|
261
|
+
udp_ports (:obj:`list` of :obj:`tuple`):
|
|
262
|
+
List of UDP port ranges specified as a tuple pair, e.g. for ports 34000-35000 and 36000:
|
|
263
|
+
[(34000, 35000), (36000, 36000)]
|
|
264
|
+
icmp_access_type (str): Sets ICMP access type for ZPA clients.
|
|
265
|
+
|
|
266
|
+
Returns:
|
|
267
|
+
:obj:`Box`: The updated application segment resource record.
|
|
268
|
+
|
|
269
|
+
Examples:
|
|
270
|
+
Rename the application segment for example.com.
|
|
271
|
+
|
|
272
|
+
>>> zpa.app_segments.update('99999',
|
|
273
|
+
... name='new_app_name',
|
|
274
|
+
|
|
275
|
+
"""
|
|
276
|
+
# Set payload to value of existing record and recursively convert nested dict keys from snake_case to camelCase.
|
|
277
|
+
payload = convert_keys(self.get_segment_pra(segment_id))
|
|
278
|
+
|
|
279
|
+
if kwargs.get("tcp_port_ranges"):
|
|
280
|
+
payload["tcpPortRange"] = [
|
|
281
|
+
{"from": ports[0], "to": ports[1]}
|
|
282
|
+
for ports in kwargs.pop("tcp_port_ranges")
|
|
283
|
+
]
|
|
284
|
+
|
|
285
|
+
if kwargs.get("udp_port_ranges"):
|
|
286
|
+
payload["udpPortRange"] = [
|
|
287
|
+
{"from": ports[0], "to": ports[1]}
|
|
288
|
+
for ports in kwargs.pop("udp_port_ranges")
|
|
289
|
+
]
|
|
290
|
+
|
|
291
|
+
if common_apps_dto:
|
|
292
|
+
camel_common_apps_dto = recursive_snake_to_camel(
|
|
293
|
+
common_apps_dto
|
|
294
|
+
) # use the recursive function
|
|
295
|
+
payload[
|
|
296
|
+
"commonAppsDto"
|
|
297
|
+
] = camel_common_apps_dto # ensure commonAppsDto gets added to payload
|
|
298
|
+
|
|
299
|
+
# Convert other keys in payload
|
|
300
|
+
add_id_groups(self.reformat_params, kwargs, payload)
|
|
301
|
+
|
|
302
|
+
# Add remaining optional parameters to payload
|
|
303
|
+
for key, value in kwargs.items():
|
|
304
|
+
payload[snake_to_camel(key)] = value
|
|
305
|
+
|
|
306
|
+
resp = self.rest.put(f"application/{segment_id}", json=payload).status_code
|
|
307
|
+
|
|
308
|
+
# Return the object if it was updated successfully
|
|
309
|
+
if not isinstance(resp, Response):
|
|
310
|
+
return self.get_segment_pra(segment_id)
|
|
@@ -0,0 +1,234 @@
|
|
|
1
|
+
# -*- coding: utf-8 -*-
|
|
2
|
+
|
|
3
|
+
# Copyright (c) 2023, Zscaler Inc.
|
|
4
|
+
#
|
|
5
|
+
# Permission to use, copy, modify, and/or distribute this software for any
|
|
6
|
+
# purpose with or without fee is hereby granted, provided that the above
|
|
7
|
+
# copyright notice and this permission notice appear in all copies.
|
|
8
|
+
#
|
|
9
|
+
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
10
|
+
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
11
|
+
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
12
|
+
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
13
|
+
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
14
|
+
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
15
|
+
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
from box import Box, BoxList
|
|
19
|
+
from requests import Response
|
|
20
|
+
|
|
21
|
+
from zscaler.utils import snake_to_camel
|
|
22
|
+
from zscaler.zpa.client import ZPAClient
|
|
23
|
+
|
|
24
|
+
|
|
25
|
+
class CertificatesAPI:
|
|
26
|
+
def __init__(self, client: ZPAClient):
|
|
27
|
+
self.rest = client
|
|
28
|
+
|
|
29
|
+
def list_issued_certificates(self, **kwargs) -> BoxList:
|
|
30
|
+
"""
|
|
31
|
+
Returns a list of all Browser Access certificates.
|
|
32
|
+
|
|
33
|
+
Args:
|
|
34
|
+
**kwargs: Optional keyword args.
|
|
35
|
+
|
|
36
|
+
Keyword Args:
|
|
37
|
+
max_items (int, optional):
|
|
38
|
+
The maximum number of items to request before stopping iteration.
|
|
39
|
+
max_pages (int, optional):
|
|
40
|
+
The maximum number of pages to request before stopping iteration.
|
|
41
|
+
pagesize (int, optional):
|
|
42
|
+
Specifies the page size. The default size is 20, but the maximum size is 500.
|
|
43
|
+
search (str, optional):
|
|
44
|
+
The search string used to match against features and fields.
|
|
45
|
+
|
|
46
|
+
Returns:
|
|
47
|
+
:obj:`BoxList`: List of all Browser Access certificates.
|
|
48
|
+
|
|
49
|
+
Examples:
|
|
50
|
+
>>> for cert in zpa.certificates.list_browser_access():
|
|
51
|
+
... print(cert)
|
|
52
|
+
|
|
53
|
+
"""
|
|
54
|
+
list, _ = self.rest.get_paginated_data(
|
|
55
|
+
path="/clientlessCertificate/issued",
|
|
56
|
+
**kwargs,
|
|
57
|
+
api_version="v2",
|
|
58
|
+
)
|
|
59
|
+
return list
|
|
60
|
+
|
|
61
|
+
def list_all_certificates(self, **kwargs) -> BoxList:
|
|
62
|
+
"""
|
|
63
|
+
Returns a list of all Browser Access certificates.
|
|
64
|
+
|
|
65
|
+
Args:
|
|
66
|
+
**kwargs: Optional keyword args.
|
|
67
|
+
|
|
68
|
+
Keyword Args:
|
|
69
|
+
**max_items (int, optional):
|
|
70
|
+
The maximum number of items to request before stopping iteration.
|
|
71
|
+
**max_pages (int, optional):
|
|
72
|
+
The maximum number of pages to request before stopping iteration.
|
|
73
|
+
**pagesize (int, optional):
|
|
74
|
+
Specifies the page size. The default size is 20, but the maximum size is 500.
|
|
75
|
+
**search (str, optional):
|
|
76
|
+
The search string used to match against features and fields.
|
|
77
|
+
|
|
78
|
+
Returns:
|
|
79
|
+
:obj:`BoxList`: List of all Browser Access certificates.
|
|
80
|
+
|
|
81
|
+
Examples:
|
|
82
|
+
>>> for cert in zpa.certificates.list_all_certificates():
|
|
83
|
+
... print(cert)
|
|
84
|
+
|
|
85
|
+
"""
|
|
86
|
+
list, _ = self.rest.get_paginated_data(
|
|
87
|
+
path="/certificate", **kwargs, api_version="v1"
|
|
88
|
+
)
|
|
89
|
+
return list
|
|
90
|
+
|
|
91
|
+
def get_certificate_by_name(self, name):
|
|
92
|
+
certs = self.list_all_certificates()
|
|
93
|
+
for cert in certs:
|
|
94
|
+
if cert.get("name") == name:
|
|
95
|
+
return cert
|
|
96
|
+
return None
|
|
97
|
+
|
|
98
|
+
def add_certificate(self, name: str, cert_blob: str, **kwargs) -> Box:
|
|
99
|
+
"""
|
|
100
|
+
Add a new Certificate.
|
|
101
|
+
|
|
102
|
+
Args:
|
|
103
|
+
name (str): The name of the certificate.
|
|
104
|
+
cert_blob (str): The content of the certificate. Must include the certificate and private key (in PEM format) in the JSON payload.
|
|
105
|
+
**kwargs: Optional keyword args.
|
|
106
|
+
|
|
107
|
+
Keyword Args:
|
|
108
|
+
description (str): The description of the certificate.
|
|
109
|
+
|
|
110
|
+
Returns:
|
|
111
|
+
:obj:`Box`: The resource record for the newly created server.
|
|
112
|
+
|
|
113
|
+
Examples:
|
|
114
|
+
Create a certificate with minimum required parameters:
|
|
115
|
+
|
|
116
|
+
>>> zpa.servers.add_server(
|
|
117
|
+
... name='myserver.example',
|
|
118
|
+
... cert_blob=("-----BEGIN CERTIFICATE-----\\n"
|
|
119
|
+
... "MIIFNzCCBIHNIHIO==\\n"
|
|
120
|
+
... "-----END CERTIFICATE-----"),
|
|
121
|
+
)
|
|
122
|
+
|
|
123
|
+
"""
|
|
124
|
+
payload = {"name": name, "certBlob": cert_blob}
|
|
125
|
+
|
|
126
|
+
# Add optional parameters to payload
|
|
127
|
+
for key, value in kwargs.items():
|
|
128
|
+
payload[snake_to_camel(key)] = value
|
|
129
|
+
|
|
130
|
+
response = self.rest.post("/certificate", json=payload)
|
|
131
|
+
if isinstance(response, Response):
|
|
132
|
+
status_code = response.status_code
|
|
133
|
+
if status_code > 299:
|
|
134
|
+
return None
|
|
135
|
+
return self.get_certificate(response.get("id"))
|
|
136
|
+
|
|
137
|
+
def get_certificate(self, certificate_id: str) -> Box:
|
|
138
|
+
"""
|
|
139
|
+
Returns information on a specified Browser Access certificate.
|
|
140
|
+
|
|
141
|
+
Args:
|
|
142
|
+
certificate_id (str):
|
|
143
|
+
The unique identifier for the Browser Access certificate.
|
|
144
|
+
|
|
145
|
+
Returns:
|
|
146
|
+
:obj:`Box`:
|
|
147
|
+
The Browser Access certificate resource record.
|
|
148
|
+
|
|
149
|
+
Examples:
|
|
150
|
+
>>> ba_certificate = zpa.certificates.get_browser_access('99999')
|
|
151
|
+
|
|
152
|
+
"""
|
|
153
|
+
response = self.rest.get("/clientlessCertificate/%s" % (certificate_id))
|
|
154
|
+
if isinstance(response, Response):
|
|
155
|
+
status_code = response.status_code
|
|
156
|
+
if status_code != 200:
|
|
157
|
+
return None
|
|
158
|
+
return response
|
|
159
|
+
|
|
160
|
+
def delete_certificate(self, certificate_id: str) -> Box:
|
|
161
|
+
"""
|
|
162
|
+
Returns information on a specified Browser Access certificate.
|
|
163
|
+
|
|
164
|
+
Args:
|
|
165
|
+
certificate_id (str):
|
|
166
|
+
The unique identifier for the Browser Access certificate.
|
|
167
|
+
|
|
168
|
+
Returns:
|
|
169
|
+
:obj:`Box`:
|
|
170
|
+
The Browser Access certificate resource record.
|
|
171
|
+
|
|
172
|
+
Examples:
|
|
173
|
+
>>> ba_certificate = zpa.certificates.get_certificate('99999')
|
|
174
|
+
|
|
175
|
+
"""
|
|
176
|
+
return self.rest.get(f"certificate/{certificate_id}")
|
|
177
|
+
|
|
178
|
+
def get_enrolment(self, certificate_id: str) -> Box:
|
|
179
|
+
"""
|
|
180
|
+
Returns information on the specified enrollment certificate.
|
|
181
|
+
|
|
182
|
+
Args:
|
|
183
|
+
certificate_id (str): The unique id of the enrollment certificate.
|
|
184
|
+
|
|
185
|
+
Returns:
|
|
186
|
+
:obj:`Box`: The enrollment certificate resource record.
|
|
187
|
+
|
|
188
|
+
Examples:
|
|
189
|
+
enrolment_cert = zpa.certificates.get_enrolment('99999999')
|
|
190
|
+
|
|
191
|
+
"""
|
|
192
|
+
response = self.rest.get("/enrollmentCert/%s" % (certificate_id))
|
|
193
|
+
if isinstance(response, Response):
|
|
194
|
+
status_code = response.status_code
|
|
195
|
+
if status_code != 200:
|
|
196
|
+
return None
|
|
197
|
+
return response
|
|
198
|
+
|
|
199
|
+
def list_enrolment(self, **kwargs) -> BoxList:
|
|
200
|
+
"""
|
|
201
|
+
Returns a list of all configured enrollment certificates.
|
|
202
|
+
|
|
203
|
+
Args:
|
|
204
|
+
**kwargs: Optional keyword args.
|
|
205
|
+
|
|
206
|
+
Keyword Args:
|
|
207
|
+
**max_items (int, optional):
|
|
208
|
+
The maximum number of items to request before stopping iteration.
|
|
209
|
+
**max_pages (int, optional):
|
|
210
|
+
The maximum number of pages to request before stopping iteration.
|
|
211
|
+
**pagesize (int, optional):
|
|
212
|
+
Specifies the page size. The default size is 20, but the maximum size is 500.
|
|
213
|
+
**search (str, optional):
|
|
214
|
+
The search string used to match against features and fields.
|
|
215
|
+
|
|
216
|
+
Returns:
|
|
217
|
+
:obj:`BoxList`: List of all enrollment certificates.
|
|
218
|
+
|
|
219
|
+
Examples:
|
|
220
|
+
>>> for cert in zpa.certificates.list_enrolment():
|
|
221
|
+
... print(cert)
|
|
222
|
+
|
|
223
|
+
"""
|
|
224
|
+
list, _ = self.rest.get_paginated_data(
|
|
225
|
+
path="/enrollmentCert", **kwargs, api_version="v2"
|
|
226
|
+
)
|
|
227
|
+
return list
|
|
228
|
+
|
|
229
|
+
def get_enrolment_cert_by_name(self, name):
|
|
230
|
+
certs = self.list_enrolment()
|
|
231
|
+
for cert in certs:
|
|
232
|
+
if cert.get("name") == name:
|
|
233
|
+
return cert
|
|
234
|
+
return None
|
zscaler/zpa/client.py
ADDED
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
# -*- coding: utf-8 -*-
|
|
2
|
+
|
|
3
|
+
# Copyright (c) 2023, Zscaler Inc.
|
|
4
|
+
#
|
|
5
|
+
# Permission to use, copy, modify, and/or distribute this software for any
|
|
6
|
+
# purpose with or without fee is hereby granted, provided that the above
|
|
7
|
+
# copyright notice and this permission notice appear in all copies.
|
|
8
|
+
#
|
|
9
|
+
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
10
|
+
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
11
|
+
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
12
|
+
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
13
|
+
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
14
|
+
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
15
|
+
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
16
|
+
|
|
17
|
+
|
|
18
|
+
class ZPAClient:
|
|
19
|
+
def __init__():
|
|
20
|
+
pass
|
|
21
|
+
|
|
22
|
+
def get(
|
|
23
|
+
self,
|
|
24
|
+
path: str,
|
|
25
|
+
json=None,
|
|
26
|
+
params=None,
|
|
27
|
+
fail_safe: bool = False,
|
|
28
|
+
api_version: str = None,
|
|
29
|
+
):
|
|
30
|
+
"""
|
|
31
|
+
Send a GET request to the ZPA API.
|
|
32
|
+
Parameters:
|
|
33
|
+
- path (str): API endpoint path.
|
|
34
|
+
- json (str): the request body.
|
|
35
|
+
- params (dict): the query params
|
|
36
|
+
- api_version (str): the api version, availbale values: v1, v2, userconfig_v1, cbiconfig_v1
|
|
37
|
+
"""
|
|
38
|
+
pass
|
|
39
|
+
|
|
40
|
+
def get_paginated_data(
|
|
41
|
+
self,
|
|
42
|
+
path=None,
|
|
43
|
+
params=None,
|
|
44
|
+
expected_status_code=200,
|
|
45
|
+
api_version: str = None,
|
|
46
|
+
search=None,
|
|
47
|
+
search_field="name",
|
|
48
|
+
max_pages=None,
|
|
49
|
+
max_items=None,
|
|
50
|
+
sort_order=None,
|
|
51
|
+
sort_by=None,
|
|
52
|
+
sort_dir=None,
|
|
53
|
+
start_time=None,
|
|
54
|
+
end_time=None,
|
|
55
|
+
idp_group_id=None,
|
|
56
|
+
scim_user_id=None,
|
|
57
|
+
page=None,
|
|
58
|
+
pagesize=20,
|
|
59
|
+
):
|
|
60
|
+
"""
|
|
61
|
+
Send a GET request to the ZPA API to fetch all pages of a resources.
|
|
62
|
+
Parameters:
|
|
63
|
+
- path (str): API endpoint path.
|
|
64
|
+
- data_key_name (str): list field key.
|
|
65
|
+
- data_per_page: the page size
|
|
66
|
+
- params (dict): the query params
|
|
67
|
+
- api_version (str): the api version, availbale values: v1, v2, userconfig_v1 or cbiconfig
|
|
68
|
+
"""
|
|
69
|
+
pass
|
|
70
|
+
|
|
71
|
+
def put(self, path: str, json=None, params=None, api_version: str = None):
|
|
72
|
+
"""
|
|
73
|
+
Send a PUT request to the ZPA API.
|
|
74
|
+
Parameters:
|
|
75
|
+
- path (str): API endpoint path.
|
|
76
|
+
- json (str): the request body.
|
|
77
|
+
- params (dict): the query params
|
|
78
|
+
- api_version (str): the api version, availbale values: v1, v2, userconfig_v1 or cbiconfig
|
|
79
|
+
"""
|
|
80
|
+
pass
|
|
81
|
+
|
|
82
|
+
def patch(self, path: str, json=None, params=None, api_version: str = None):
|
|
83
|
+
"""
|
|
84
|
+
Send a PATCH request to the ZPA API.
|
|
85
|
+
Parameters:
|
|
86
|
+
- path (str): API endpoint path.
|
|
87
|
+
- json (str): the request body.
|
|
88
|
+
- params (dict): the query params
|
|
89
|
+
- api_version (str): the api version, availbale values: v1, v2, userconfig_v1 or cbiconfig
|
|
90
|
+
"""
|
|
91
|
+
pass
|
|
92
|
+
|
|
93
|
+
def post(self, path: str, json=None, params=None, api_version: str = None):
|
|
94
|
+
"""
|
|
95
|
+
Send a POST request to the ZPA API.
|
|
96
|
+
Parameters:
|
|
97
|
+
- path (str): API endpoint path.
|
|
98
|
+
- json (str): the request body.
|
|
99
|
+
- params (dict): the query params
|
|
100
|
+
- api_version (str): the api version, availbale values: v1, v2, userconfig_v1 or cbiconfig
|
|
101
|
+
"""
|
|
102
|
+
pass
|
|
103
|
+
|
|
104
|
+
def delete(self, path: str, json=None, params=None, api_version: str = None):
|
|
105
|
+
"""
|
|
106
|
+
Send a DELETE request to the ZPA API.
|
|
107
|
+
Parameters:
|
|
108
|
+
- path (str): API endpoint path.
|
|
109
|
+
- json (str): the request body.
|
|
110
|
+
- params (dict): the query params
|
|
111
|
+
- api_version (str): the api version, availbale values: v1, v2, userconfig_v1 or cbiconfig
|
|
112
|
+
"""
|
|
113
|
+
pass
|