ansible/community.general
1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00
Code Releases Activity

Add option for domain authorization (#3228)

Browse source 
Use DomainPasswordGrantAuthorizer if parameter `domain` is used.
This commit is contained in:
Martin Vician 2021-08-20 12:54:29 +01:00 committed by GitHub
parent c7fccb2c01
commit bcccf4e388
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 39 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
changelogs/fragments/3228-tss-domain-authorization.yml Normal file
View file

@ -0,0 +1,3 @@
minor_changes:
- tss lookup plugin - added new parameter for domain authorization
(https://github.com/ansible-collections/community.general/pull/3228).

35
plugins/lookup/tss.py
View file

@ -45,6 +45,16 @@ options:
- section: tss_lookup - section: tss_lookup
key: password key: password
required: true required: true
domain:
default: ""
description: The domain with which to request the OAuth2 Access Grant.
env:
- name: TSS_DOMAIN
ini:
- section: tss_lookup
key: domain
required: false
version_added: 3.6.0
api_path_uri: api_path_uri:
default: /api/v1 default: /api/v1
description: The path to append to the base URL to form a valid REST description: The path to append to the base URL to form a valid REST
@ -130,7 +140,8 @@ except ImportError:
sdk_version = "0.0.5" sdk_version = "0.0.5"
try: try:
from thycotic.secrets.server import PasswordGrantAuthorizer from thycotic.secrets.server import PasswordGrantAuthorizer, DomainPasswordGrantAuthorizer
sdK_version_below_v1 = False sdK_version_below_v1 = False
except ImportError: except ImportError:
sdK_version_below_v1 = True sdK_version_below_v1 = True
@ -138,7 +149,6 @@ except ImportError:
from ansible.utils.display import Display from ansible.utils.display import Display
from ansible.plugins.lookup import LookupBase from ansible.plugins.lookup import LookupBase
display = Display() display = Display()
@ -147,12 +157,28 @@ class LookupModule(LookupBase):
def Client(server_parameters): def Client(server_parameters):
if LooseVersion(sdk_version) < LooseVersion('1.0.0') or sdK_version_below_v1: if LooseVersion(sdk_version) < LooseVersion('1.0.0') or sdK_version_below_v1:
return SecretServer(**server_parameters) return SecretServer(
server_parameters["base_url"],
server_parameters["username"],
server_parameters["password"],
server_parameters["api_path_uri"],
server_parameters["token_path_uri"],
)
else: else:
# The Password Authorizer became available in v1.0.0 and beyond. # The Password Authorizer and Domain Password Authorizer
# became available in v1.0.0 and beyond.
# Import only if sdk_version requires it. # Import only if sdk_version requires it.
# from thycotic.secrets.server import PasswordGrantAuthorizer # from thycotic.secrets.server import PasswordGrantAuthorizer
if server_parameters["domain"]:
authorizer = DomainPasswordGrantAuthorizer(
server_parameters["base_url"],
server_parameters["username"],
server_parameters["domain"],
server_parameters["password"],
server_parameters["token_path_uri"],
)
else:
authorizer = PasswordGrantAuthorizer( authorizer = PasswordGrantAuthorizer(
server_parameters["base_url"], server_parameters["base_url"],
server_parameters["username"], server_parameters["username"],
@ -175,6 +201,7 @@ class LookupModule(LookupBase):
"base_url": self.get_option("base_url"), "base_url": self.get_option("base_url"),
"username": self.get_option("username"), "username": self.get_option("username"),
"password": self.get_option("password"), "password": self.get_option("password"),
"domain": self.get_option("domain"),
"api_path_uri": self.get_option("api_path_uri"), "api_path_uri": self.get_option("api_path_uri"),
"token_path_uri": self.get_option("token_path_uri"), "token_path_uri": self.get_option("token_path_uri"),
} }