Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow passing ssl_context when login with token #892

Merged
merged 2 commits into from
Feb 3, 2023
Merged

Allow passing ssl_context when login with token #892

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f75313a
Allow passing ssl_context when login with token
rgerganov Apr 16, 2020
0512646
Merge branch 'master' into sso-ssl-context
Feb 3, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 9 additions & 5 deletions pyVim/connect.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
#############################################################
# Copyright (c) 2005-2022 VMware, Inc.
# Copyright (c) 2005-2023 VMware, Inc.
#############################################################

## @file connect.py
Expand Down Expand Up @@ -118,13 +118,14 @@ def _doLogin(soapStub):
return _doLogin

@staticmethod
def makeCertHokTokenLoginMethod(stsUrl, stsCert=None):
def makeCertHokTokenLoginMethod(stsUrl, stsCert=None, ssl_context=None):
'''Return a function that will call the vim.SessionManager.LoginByToken()
after obtaining a HoK SAML token from the STS. The result of this function
can be passed as the "loginMethod" to a SessionOrientedStub constructor.

@param stsUrl: URL of the SAML Token issuing service. (i.e. SSO server).
@param stsCert: public key of the STS service.
@param ssl_context: SSL context
'''
assert (stsUrl)

Expand All @@ -135,7 +136,8 @@ def _doLogin(soapStub):
authenticator = sso.SsoAuthenticator(sts_url=stsUrl,
sts_cert=stsCert)

samlAssertion = authenticator.get_hok_saml_assertion(cert, key)
samlAssertion = authenticator.get_hok_saml_assertion(
cert, key, ssl_context=ssl_context)

def _requestModifier(request):
return sso.add_saml_context(request, samlAssertion, key)
Expand All @@ -156,7 +158,8 @@ def _requestModifier(request):
def makeCredBearerTokenLoginMethod(username,
password,
stsUrl,
stsCert=None):
stsCert=None,
ssl_context=None):
'''Return a function that will call the vim.SessionManager.LoginByToken()
after obtaining a Bearer token from the STS. The result of this function
can be passed as the "loginMethod" to a SessionOrientedStub constructor.
Expand All @@ -165,6 +168,7 @@ def makeCredBearerTokenLoginMethod(username,
@param password: password of the user/service registered with STS.
@param stsUrl: URL of the SAML Token issueing service. (i.e. SSO server).
@param stsCert: public key of the STS service.
@param ssl_context: SSL context
'''
assert (username)
assert (password)
Expand All @@ -177,7 +181,7 @@ def _doLogin(soapStub):
authenticator = sso.SsoAuthenticator(sts_url=stsUrl,
sts_cert=stsCert)
samlAssertion = authenticator.get_bearer_saml_assertion(
username, password, cert, key)
username, password, cert, key, ssl_context=ssl_context)
si = vim.ServiceInstance("ServiceInstance", soapStub)
sm = si.content.sessionManager
if not sm.currentSession:
Expand Down