From 11580947f8103c0f7c23cad0a032a83f7acada61 Mon Sep 17 00:00:00 2001
From: Tim Rupp <caphrim007@gmail.com>
Date: Fri, 8 Dec 2017 15:39:04 -0800
Subject: [PATCH] Adds token cleanup to some f5 modules (#33728)

The tokens can build up over time and if too many accumulate, it
prevents you from logging in. This adds cleanup
---
 .../modules/network/f5/bigip_monitor_https.py | 13 +++++++++
 .../network/f5/bigip_monitor_snmp_dca.py      | 26 ++++++++++++-----
 .../modules/network/f5/bigip_monitor_tcp.py   | 28 +++++++++++++------
 .../network/f5/bigip_monitor_tcp_echo.py      | 26 ++++++++++++-----
 .../network/f5/bigip_monitor_tcp_half_open.py | 26 ++++++++++++-----
 5 files changed, 90 insertions(+), 29 deletions(-)

diff --git a/lib/ansible/modules/network/f5/bigip_monitor_https.py b/lib/ansible/modules/network/f5/bigip_monitor_https.py
index a84a4f72e5..0edc066b6b 100644
--- a/lib/ansible/modules/network/f5/bigip_monitor_https.py
+++ b/lib/ansible/modules/network/f5/bigip_monitor_https.py
@@ -566,6 +566,16 @@ class ArgumentSpec(object):
         self.f5_product_name = 'bigip'
 
 
+def cleanup_tokens(client):
+    try:
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
+        )
+        resource.delete()
+    except Exception:
+        pass
+
+
 def main():
     spec = ArgumentSpec()
 
@@ -574,6 +584,7 @@ def main():
         supports_check_mode=spec.supports_check_mode,
         f5_product_name=spec.f5_product_name
     )
+
     try:
         if not HAS_F5SDK:
             raise F5ModuleError("The python f5-sdk module is required")
@@ -583,8 +594,10 @@ def main():
 
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))
 
 
diff --git a/lib/ansible/modules/network/f5/bigip_monitor_snmp_dca.py b/lib/ansible/modules/network/f5/bigip_monitor_snmp_dca.py
index 6ecac841b0..bded8d815f 100644
--- a/lib/ansible/modules/network/f5/bigip_monitor_snmp_dca.py
+++ b/lib/ansible/modules/network/f5/bigip_monitor_snmp_dca.py
@@ -642,23 +642,35 @@ class ArgumentSpec(object):
         self.f5_product_name = 'bigip'
 
 
-def main():
+def cleanup_tokens(client):
     try:
-        spec = ArgumentSpec()
-
-        client = AnsibleF5Client(
-            argument_spec=spec.argument_spec,
-            supports_check_mode=spec.supports_check_mode,
-            f5_product_name=spec.f5_product_name
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
         )
+        resource.delete()
+    except Exception:
+        pass
 
+
+def main():
+    spec = ArgumentSpec()
+
+    client = AnsibleF5Client(
+        argument_spec=spec.argument_spec,
+        supports_check_mode=spec.supports_check_mode,
+        f5_product_name=spec.f5_product_name
+    )
+
+    try:
         if not HAS_F5SDK:
             raise F5ModuleError("The python f5-sdk module is required")
 
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))
 
 
diff --git a/lib/ansible/modules/network/f5/bigip_monitor_tcp.py b/lib/ansible/modules/network/f5/bigip_monitor_tcp.py
index b0abb48396..9f2a557237 100644
--- a/lib/ansible/modules/network/f5/bigip_monitor_tcp.py
+++ b/lib/ansible/modules/network/f5/bigip_monitor_tcp.py
@@ -945,17 +945,27 @@ class ArgumentSpec(object):
         ]
 
 
-def main():
+def cleanup_tokens(client):
     try:
-        spec = ArgumentSpec()
-
-        client = AnsibleF5Client(
-            argument_spec=spec.argument_spec,
-            supports_check_mode=spec.supports_check_mode,
-            f5_product_name=spec.f5_product_name,
-            mutually_exclusive=spec.mutually_exclusive
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
         )
+        resource.delete()
+    except Exception:
+        pass
 
+
+def main():
+    spec = ArgumentSpec()
+
+    client = AnsibleF5Client(
+        argument_spec=spec.argument_spec,
+        supports_check_mode=spec.supports_check_mode,
+        f5_product_name=spec.f5_product_name,
+        mutually_exclusive=spec.mutually_exclusive
+    )
+
+    try:
         if not HAS_F5SDK:
             raise F5ModuleError("The python f5-sdk module is required")
 
@@ -964,8 +974,10 @@ def main():
 
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))
 
 
diff --git a/lib/ansible/modules/network/f5/bigip_monitor_tcp_echo.py b/lib/ansible/modules/network/f5/bigip_monitor_tcp_echo.py
index 0d5cb0e86a..643adfada5 100644
--- a/lib/ansible/modules/network/f5/bigip_monitor_tcp_echo.py
+++ b/lib/ansible/modules/network/f5/bigip_monitor_tcp_echo.py
@@ -495,16 +495,26 @@ class ArgumentSpec(object):
         self.f5_product_name = 'bigip'
 
 
-def main():
+def cleanup_tokens(client):
     try:
-        spec = ArgumentSpec()
-
-        client = AnsibleF5Client(
-            argument_spec=spec.argument_spec,
-            supports_check_mode=spec.supports_check_mode,
-            f5_product_name=spec.f5_product_name
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
         )
+        resource.delete()
+    except Exception:
+        pass
 
+
+def main():
+    spec = ArgumentSpec()
+
+    client = AnsibleF5Client(
+        argument_spec=spec.argument_spec,
+        supports_check_mode=spec.supports_check_mode,
+        f5_product_name=spec.f5_product_name
+    )
+
+    try:
         if not HAS_F5SDK:
             raise F5ModuleError("The python f5-sdk module is required")
 
@@ -513,8 +523,10 @@ def main():
 
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))
 
 
diff --git a/lib/ansible/modules/network/f5/bigip_monitor_tcp_half_open.py b/lib/ansible/modules/network/f5/bigip_monitor_tcp_half_open.py
index f78282914e..0279f61972 100644
--- a/lib/ansible/modules/network/f5/bigip_monitor_tcp_half_open.py
+++ b/lib/ansible/modules/network/f5/bigip_monitor_tcp_half_open.py
@@ -543,16 +543,26 @@ class ArgumentSpec(object):
         self.f5_product_name = 'bigip'
 
 
-def main():
+def cleanup_tokens(client):
     try:
-        spec = ArgumentSpec()
-
-        client = AnsibleF5Client(
-            argument_spec=spec.argument_spec,
-            supports_check_mode=spec.supports_check_mode,
-            f5_product_name=spec.f5_product_name
+        resource = client.api.shared.authz.tokens_s.token.load(
+            name=client.api.icrs.token
         )
+        resource.delete()
+    except Exception:
+        pass
 
+
+def main():
+    spec = ArgumentSpec()
+
+    client = AnsibleF5Client(
+        argument_spec=spec.argument_spec,
+        supports_check_mode=spec.supports_check_mode,
+        f5_product_name=spec.f5_product_name
+    )
+
+    try:
         if not HAS_F5SDK:
             raise F5ModuleError("The python f5-sdk module is required")
 
@@ -561,8 +571,10 @@ def main():
 
         mm = ModuleManager(client)
         results = mm.exec_module()
+        cleanup_tokens(client)
         client.module.exit_json(**results)
     except F5ModuleError as e:
+        cleanup_tokens(client)
         client.module.fail_json(msg=str(e))