Vh" dZddlmZmZmZeZdZdZddl m Z ddl m Z m Z mZmZ ddlmZe dZd Zd Zd Zd Zd ZdZdZedk(reyy#e$rY2wxYw)z Manage SSO )absolute_importdivisionprint_functionaG --- module: infini_sso version_added: 2.16.0 short_description: Configures or queries SSO on Infinibox description: - This module configures (present state) or gets information about (absent state) SSO on Infinibox author: David Ohlemacher (@ohlemacher) options: name: description: - Sets a name to reference the SSO by. required: true type: str issuer: description: - URI of the SSO issuer. required: false type: str sign_on_url: description: - URL for sign on. type: str required: false signed_assertion: description: - Signed assertion type: bool required: false default: false signed_response: description: - Signed response required: false type: bool default: false signing_certificate: description: - Signing certificate content. type: str required: false enabled: description: - Determines if the SSO is enabled. required: false default: true type: bool state: description: - Creates/Modifies the SSO, when using state present. - For state absent, the SSO is removed. - State stat shows the existing SSO's details. type: str required: false default: present choices: [ "stat", "present", "absent" ] extends_documentation_fragment: - infinibox a - name: Configure SSO infini_sso: name: OKTA enabled: true issuer: "http://www.okta.com/eykRra384o32rrTs" sign_on_url: "https://infinidat.okta.com/app/infinidat_psus/exkra32oyyU6KCUCk2p7/sso/saml" state: present user: admin password: secret system: ibox001 - name: Stat SSO infini_sso: name: OKTA state: stat user: admin password: secret system: ibox001 - name: Clear SSO configuration infini_sso: state: absent user: admin password: secret system: ibox001 ) AnsibleModule) api_wrappermerge_two_dicts get_systeminfinibox_argument_spec)APICommandFailedcd|} t|}|jj|j}|S#t$r%}d|d|}|j |Yd}~Sd}~wwxYw)z Find a SSO using its name zconfig/sso/idps?name=pathz"Cannot find SSO identity provider : msgN)r apiget get_resultr fail_json)modulenamersystem sso_resulterrrs r/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/infinidat/infinibox/plugins/modules/infini_sso.pyfind_ssorxs#4& )D"F#ZZ^^^.99;  "24&3%@S!!  "s5> A,A''A,c|jd}t||}|sd|d}|j|tdd|d}t ||d}d |d <|j d i|y ) z Handle the stat state rzSSO identity provider z not found. Cannot stat.rFz stat foundchangedrrredactedsigning_certificateN)paramsrrdictr exit_json)rrrrresults r handle_statr's == D&$'J &tf,DES! $TF+ 6F VZ] 3F$.F !Fvc~|jd}|jd}|jd}|jd}|jd}|jd}|jd}t||}|r|dd } t|| d } |||||||d } t|} | jj | | j } |sd|d}nd|d}td|}t| }d|d<|jdi|y#t$r$}d |d|}|j|Yd}~hd}~wwxYw)z Handle the present state enabledissuer sign_on_urlsigned_assertionsigned_responser!rridzconfig/sso/idps)r*r+rr,r-r.r!)rdataz-Cannot configure SSO identity provider named rrNSSO identity provider named z successfully configuredz; successfully removed and recreated with updated parametersTrr r") r#r delete_ssor rpostrr rr$rr%)rr*r+r,r-r.r!r existing_ssoexisting_sso_idrr0rrrrr&s rhandle_presentr6svmmI&G ]]8 $F-- .K}}%78mm$56O --(=> == DFD)L&q/$/6?+ D",*2 D"F#ZZ__$T_:EEG ,TF2JK,TF2mn  FVZ 0F$.F !Fv "=dV2cUKS!!"s6D D<D77D<cd|}|jd} t|}|jj|j }|S#t $r%}d|d|}|j |Yd}~Sd}~wwxYw)z! Delete a SSO. Reference its ID. zconfig/sso/idps/rr z$Cannot delete SSO identity provider rrN)r#r rdeleterr r)rsso_idrrrrrrs rr2r2s fX &D == D"F#ZZ&&D&1<<>   "4TF"SEBS!! "s5A A;A66A;cN|jd}t||}|s#tdd|d}|jdi||dd}t ||}|sd|d |d }|j | td d|d }t ||}d|d<|jdi|y)z Handle the absent state rFzSSO z already not foundrrr/r1z with ID z not found. Cannot delete.rTz deletedr r!Nr")r#rr$r%r2rr)rr found_ssor&r9rrs r handle_absentr<s == D&I tf./  "6" q\$ FFF+J ,TF)F8C]^S! *4& 9F VZ 0F$.F !Fvr(c*|jd} |dk(r t|n7|dk(r t|n&|dk(r t|n|j d|t |}|j y#t |}|j wxYw)z Handle statesstatestatpresentabsentz'Internal handler error. Invalid state: rN)r#r'r6r<rr logout)rr>rs r execute_staterCs MM' "E  F?   i  6 " h  & !   #J5'!R  SF# F# s AA55Bc|jd}|jd}|jd}d}d}|dvr|s|dz }d}|s|d z }d}|r|j| y y ) zVerify module options are saner!r,r>F)r@z*A sign_on_url parameter must be provided. Tz2A signing_certificate parameter must be provided. rN)r#r)rr!r,r> is_failedrs r check_optionsrGs --(=>-- .K MM' "EI C  ? ?CI" G GCIS!r(c\t}|jttdddtddtdtddtdddtdddtdddtd gd   t|d }t |t |y)z Main FboolT)requiredtypedefaultN)rJrL)rJ)rJrLno_logr@)r?r@rA)rLchoices)r*r+rr,r-r.r!r>)supports_check_mode)r updater$rrGrC) argument_specrs rmainrRs+-M %fdC5t$eT:!5vuM %feL $eT$ Oy2OP  =d CF&&r(__main__N)__doc__ __future__rrrrK __metaclass__ DOCUMENTATIONEXAMPLESansible.module_utils.basicrFansible_collections.infinidat.infinibox.plugins.module_utils.infiniboxrrr r infinisdk.core.exceptionsr ImportErrorrr'r6r2r<rCrGrR__name__r"r(rr^sA@ : x <5 :     $,^ 8""$, zFm  sAAA