-
Notifications
You must be signed in to change notification settings - Fork 0
/
erpm.py
68 lines (51 loc) · 2.76 KB
/
erpm.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
#!/usr/bin/python
# -*- coding: utf-8 -*-
# This script demonstrates:
# 1. Authenticating to the Lieberman ERPM PAM / EPV API
# 3. Requesting & returning a password key by account & target ID
#
import ssl
import json
import urllib2
# API User account details
username = 'app1' # sys.argv[1]
password = 'Password1!' # sys.argv[2]
def get_password():
# Create a fake SSL context to ignore the certificate error
# Don 't EVER do this in production, this is for local sandbox testing
ctx = ssl.create_default_context()
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE
# specify connection details
erpm_host = 'https://13.65.145.0' # ERPM Web Service
checkout_comment = 'Checking out a password' # A comment to use when checking out the key
target_name = 'dfw-vpd-pamapp1'
# specify the needed endpoint URIs
# Endpoint to get the API token
token_endpoint = '/ERPMWebService/json/V2/AuthService.svc/DoLogin2'
# Endpoint for checking out a password
stored_account_co_endpoint = '/ERPMWebService/JSON/V2/AuthService.svc/AccountStoreOps_StoredCredential_CheckOut'
# Get the API authentication token
auth_token_request = urllib2.Request(erpm_host + token_endpoint)
auth_token_request.add_header('Content-Type', 'application/json')
auth_token_response = urllib2.urlopen(auth_token_request, context=ctx, data=json.dumps({'LoginType': 1,
'Password': password,
'Username': username}))
api_auth_token = json.loads(auth_token_response.read())['OperationMessage']
# Format the PW checkout message
sp_checkout_message = json.dumps({"AuthenticationToken": api_auth_token,
"AccountIdentificationInfo": {"AccountName": "ACME\\testapp",
"AccountStore": {"CustomTypeName": "",
"TargetName": target_name,
"Type": 1}, "PasswordList": ""},
"Comment": checkout_comment})
sp_checkout_request = urllib2.Request(erpm_host + stored_account_co_endpoint)
sp_checkout_request.add_header('Content-Type', 'application/json')
sp_checkout_response = urllib2.urlopen(sp_checkout_request, context=ctx, data=sp_checkout_message)
stored_password = json.loads(sp_checkout_response.read())['Password']
# Return the account list
return stored_password
def main():
stored_password = get_password()
print stored_password
main()