VhddlmZmZmZeZdZdZdZddl Z ddl m Z ddl m Z mZddlmZGd d e Z dd Zd Zd ZdZedk(reyy))absolute_importdivisionprint_functiona module: ipa_otpconfig author: justchris1 (@justchris1) short_description: Manage FreeIPA OTP Configuration Settings version_added: 2.5.0 description: - Modify global configuration settings of a FreeIPA Server with respect to OTP (One Time Passwords). attributes: check_mode: support: full diff_mode: support: none options: ipatokentotpauthwindow: description: TOTP authentication window in seconds. aliases: ["totpauthwindow"] type: int ipatokentotpsyncwindow: description: TOTP synchronization window in seconds. aliases: ["totpsyncwindow"] type: int ipatokenhotpauthwindow: description: HOTP authentication window in number of hops. aliases: ["hotpauthwindow"] type: int ipatokenhotpsyncwindow: description: HOTP synchronization window in hops. aliases: ["hotpsyncwindow"] type: int extends_documentation_fragment: - community.general.ipa.documentation - community.general.attributes a> - name: Ensure the TOTP authentication window is set to 300 seconds community.general.ipa_otpconfig: ipatokentotpauthwindow: '300' ipa_host: localhost ipa_user: admin ipa_pass: supersecret - name: Ensure the TOTP synchronization window is set to 86400 seconds community.general.ipa_otpconfig: ipatokentotpsyncwindow: '86400' ipa_host: localhost ipa_user: admin ipa_pass: supersecret - name: Ensure the HOTP authentication window is set to 10 hops community.general.ipa_otpconfig: ipatokenhotpauthwindow: '10' ipa_host: localhost ipa_user: admin ipa_pass: supersecret - name: Ensure the HOTP synchronization window is set to 100 hops community.general.ipa_otpconfig: ipatokenhotpsyncwindow: '100' ipa_host: localhost ipa_user: admin ipa_pass: supersecret ze otpconfig: description: OTP configuration as returned by IPA API. returned: always type: dict N) AnsibleModule) IPAClientipa_argument_spec) to_nativec*eZdZfdZdZdZxZS)OTPConfigIPAClientc2tt| ||||y)N)superr __init__)selfmodulehostportprotocol __class__s s/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/community/general/plugins/modules/ipa_otpconfig.pyrzOTPConfigIPAClient.__init__Zs  $0tXNc(|jddS)Notpconfig_show)methodname _post_json)rs rrz!OTPConfigIPAClient.otpconfig_show]s&6TBBrc*|jd||S)N otpconfig_mod)rritemr)rrrs rrz OTPConfigIPAClient.otpconfig_mod`soDtLLr)__name__ __module__ __qualname__rrr __classcell__)rs@rr r YsOCMrr ci}|t||d<|t||d<|t||d<|t||d<|S)Nipatokentotpauthwindowipatokentotpsyncwindowipatokenhotpauthwindowipatokenhotpsyncwindow)str)r%r&r'r(configs rget_otpconfig_dictr+dsjF)+./E+F'()+./E+F'()+./E+F'()+./E+F'( Mrc(|j||S)N)ipa_data module_data)get_diff)client ipa_config module_configs rget_otpconfig_diffr3ts ??JM? JJrc0t|jjd|jjd|jjd|jjd}|j}t |||}d}i}|D]K}|j||j|dk7s(d}|j ||j|iM|r|j s|jd|||jfS) Nr%r&r'r(r%r&r'r(FT)rr)r+paramsgetrr3update check_moder)rr0module_otpconfig ipa_otpconfigdiffchanged new_otpconfig module_keys rensurer@xs )%}}001IJ%}}001IJ%}}001IJ%}}001IJ  ))+M fm5E FDGMQ    +}/@/@T/R RG  *.>.B.B:.N!O PQ v(($]; F))+ ++rc Xt}|jtddgdtddgdtddgdtddgdt|d }t ||j d |j d |j d } |j |j d|j dt||\}}|jy#t$r8}|jt|tjYd}~Pd}~wwxYw)NinttotpauthwindowF)typealiasesno_logtotpsyncwindowhotpauthwindowhotpsyncwindowr5T) argument_specsupports_check_modeipa_hostipa_portipa_prot)rrrripa_useripa_pass)usernamepassword)msg exception)r= otpconfig)rr8dictrr r6loginr@ Exception fail_jsonr traceback format_exc exit_json)rJrr0r=rUes rmainr^s4%'M#9I8JSXY#9I8JSXY#9I8JSXY#9I8JSXY # F   ]]: & ]]: &z* FM ]]:.]]:.  $FF3 W : MYq\Y5I5I5KLLMsansible_collections.community.general.plugins.module_utils.iparr+ansible.module_utils.common.text.convertersr r r+r3r@r^r rrrisyA@   D < 4gAMMLPKO  K,.;B zFr