Merge pull request #335 from HewlettPackard/enhancement/#273-324-enabling-authentication-using-sessionID

adriane-cardozo · web-flow · commit e29f507f1d23 · 2017-10-31T14:52:12.000-02:00
adding support for authentication using sessionID
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -6,8 +6,10 @@ Added endpoints-support.md to track the supported and tested endpoints for the d
 - Login details
 
 #### Bug fixes & Enhancements
+- [#273](https://github.com/HewlettPackard/python-hpOneView/issues/273) OneViewClient doesn't allow using a token (sessionId)
 - [#317](https://github.com/HewlettPackard/python-hpOneView/issues/317) Resource "Roles" should be under "Security" instead of "Uncategorized"
 - [#320](https://github.com/HewlettPackard/python-hpOneView/issues/320) Issue with pickling HPOneViewException
+- [#324](https://github.com/HewlettPackard/python-hpOneView/issues/324) Is it possible to login with session token?
 - [#330](https://github.com/HewlettPackard/python-hpOneView/issues/330) Remove unused/legacy code from connection.py
 
 # v4.2.0
@@ -128,7 +130,7 @@ Bugfixes and corrections.
    - Developer friendly interface
    - Standardization for building new endpoint clients
    - Core client implementation
-   - Support for Python’s logging library
+   - Support for Python�s logging library
    - Added possibility to load connection settings from configuration file
    - Simple access to OneView API endpoints through OneViewClient module
  3. Added developer-focused samples
diff --git a/README.md b/README.md
@@ -69,6 +69,8 @@ Connection properties for accessing the OneView appliance can be set in a JSON f
 Before running the samples or your own scripts, you must create the JSON file.
 An example can be found at: [OneView configuration sample](examples/config-rename.json).
 
+Note: If you have an active and valid login session and want to use it, define the sessionID in the Credentials. When sessionID is defined, you can remove username and password from your JSON (they will be disregarded anyway).
+
 Once you have created the JSON file, you can initialize the OneViewClient:
 
 ```python
@@ -84,8 +86,12 @@ Configuration can also be stored in environment variables:
 ```bash
 # Required
 export ONEVIEWSDK_IP='172.16.102.82'
+
 export ONEVIEWSDK_USERNAME='Administrator'
 export ONEVIEWSDK_PASSWORD='secret123'
+# Or sessionID
+export ONEVIEWSDK_SESSIONID='123'
+
 
 # Optional
 export ONEVIEWSDK_API_VERSION='300'
@@ -95,6 +101,8 @@ export ONEVIEWSDK_PROXY='<proxy_host>:<proxy_port>'
 
 :lock: Tip: Make sure no unauthorized person has access to the environment variables, since the password is stored in clear-text.
 
+Note: If you have an active and valid login session and want to use it, define the ONEVIEWSDK_SESSIONID. When a sessionID is defined, it will be used for authentication (username and password will be ignored in this case).
+
 Once you have defined the environment variables, you can initialize the OneViewClient using the following code snippet:
 
 ```python
@@ -103,7 +111,8 @@ oneview_client = OneViewClient.from_environment_variables()
 
 ### Dictionary
 
-You can also set the configuration using a dictionary:
+You can also set the configuration using a dictionary. As described above, for authentication you can use username/password:
+
 
 ```python
 config = {
@@ -113,6 +122,18 @@ config = {
         "password": "secret123"
     }
 }
+```
+
+ or if you have an active and valid login session and want to use it, define the sessionID in the Credentials:
+
+
+```python
+config = {
+    "ip": "172.16.102.82",
+    "credentials": {
+        "sessionID": "123"
+    }
+}
 
 oneview_client = OneViewClient(config)
 ```
diff --git a/examples/config-rename.json b/examples/config-rename.json
@@ -5,7 +5,8 @@
   "credentials": {
     "userName": "administrator",
     "authLoginDomain": "",
-    "password": ""
+    "password": "",
+    "sessionID": ""
   },
   "enclosure_hostname": "172.18.1.13",
   "enclosure_username": "",
diff --git a/examples/connections.py b/examples/connections.py
@@ -26,14 +26,18 @@
 from hpOneView.exceptions import HPOneViewException
 from config_loader import try_load_from_file
 
+# You can use username/password or sessionID for authentication.
+# Be sure to inform a valid and active sessionID.
 config = {
-    "ip": "172.16.102.59",
+    "ip": "<oneview_ip>",
     "credentials": {
-        "userName": "administrator",
-        "password": ""
+        "userName": "<username>",
+        "password": "<password>",
+        "sessionID": "<sessionID>"
     }
 }
 
+
 # Try load config from a file (if there is a config file)
 config = try_load_from_file(config)
 
diff --git a/hpOneView/connection.py b/hpOneView/connection.py
@@ -439,7 +439,12 @@ def login(self, cred, verbose=False):
 
         self._cred = cred
         try:
-            task, body = self.post(uri['loginSessions'], self._cred)
+            if self._cred.get("sessionID"):
+                self.set_session_id(self._cred["sessionID"])
+                task, body = self.put(uri['loginSessions'], None)
+            else:
+                self._cred.pop("sessionID", None)
+                task, body = self.post(uri['loginSessions'], self._cred)
         except HPOneViewException:
             logger.exception('Login failed')
             raise
diff --git a/hpOneView/oneview_client.py b/hpOneView/oneview_client.py
@@ -215,7 +215,7 @@ def from_environment_variables(cls):
         Construct OneViewClient using environment variables.
 
         Allowed variables: ONEVIEWSDK_IP (required), ONEVIEWSDK_USERNAME (required), ONEVIEWSDK_PASSWORD (required),
-        ONEVIEWSDK_AUTH_LOGIN_DOMAIN, ONEVIEWSDK_API_VERSION, ONEVIEWSDK_IMAGE_STREAMER_IP, and ONEVIEWSDK_PROXY.
+        ONEVIEWSDK_AUTH_LOGIN_DOMAIN, ONEVIEWSDK_API_VERSION, ONEVIEWSDK_IMAGE_STREAMER_IP, ONEVIEWSDK_SESSIONID and ONEVIEWSDK_PROXY.
 
         Returns:
             OneViewClient:
@@ -227,11 +227,12 @@ def from_environment_variables(cls):
         auth_login_domain = os.environ.get('ONEVIEWSDK_AUTH_LOGIN_DOMAIN', '')
         password = os.environ.get('ONEVIEWSDK_PASSWORD', '')
         proxy = os.environ.get('ONEVIEWSDK_PROXY', '')
+        sessionID = os.environ.get('ONEVIEWSDK_SESSIONID', '')
 
         config = dict(ip=ip,
                       image_streamer_ip=image_streamer_ip,
                       api_version=api_version,
-                      credentials=dict(userName=username, authLoginDomain=auth_login_domain, password=password),
+                      credentials=dict(userName=username, authLoginDomain=auth_login_domain, password=password, sessionID=sessionID),
                       proxy=proxy)
 
         return cls(config)
diff --git a/tests/unit/test_connection.py b/tests/unit/test_connection.py
@@ -884,6 +884,44 @@ def test_login_with_exception_in_post(self, mock_post, mock_get):
 
         self.assertRaises(HPOneViewException, self.connection.login, {})
 
+    @patch.object(connection, 'get')
+    @patch.object(connection, 'put')
+    def test_login_sessionID(self, mock_put, mock_get):
+        mock_get.side_effect = [{'minimumVersion': 300, 'currentVersion': 400}]
+        mock_put.return_value = {'cat': 'task'}, {'sessionID': '123'}
+
+        self.connection.login({"sessionID": "123"})
+
+        self.assertEqual(self.connection.get_session_id(), '123')
+        self.assertEqual(self.connection.get_session(), True)
+
+    @patch.object(connection, 'get')
+    @patch.object(connection, 'put')
+    def test_login_username_password_sessionID(self, mock_put, mock_get):
+        mock_get.side_effect = [{'minimumVersion': 300, 'currentVersion': 400}]
+        mock_put.return_value = {'cat': 'task'}, {'sessionID': '123'}
+
+        self.connection.login({"userName": "administrator", "password": "", "sessionID": "123"})
+
+        self.assertEqual(self.connection.get_session_id(), '123')
+        self.assertEqual(self.connection.get_session(), True)
+
+    @patch.object(connection, 'get')
+    @patch.object(connection, 'put')
+    def test_login_with_exception_in_put(self, mock_put, mock_get):
+        mock_get.side_effect = [{'minimumVersion': 300, 'currentVersion': 400}]
+        mock_put.side_effect = HPOneViewException("Failed")
+
+        self.assertRaises(HPOneViewException, self.connection.login, {"sessionID": "123"})
+
+    @patch.object(connection, 'get')
+    @patch.object(connection, 'put')
+    def test_login_with_exception_in_put_username_password_sessionID(self, mock_put, mock_get):
+        mock_get.side_effect = [{'minimumVersion': 300, 'currentVersion': 400}]
+        mock_put.side_effect = HPOneViewException("Failed")
+
+        self.assertRaises(HPOneViewException, self.connection.login, {"userName": "administrator", "password": "", "sessionID": "123"})
+
     @patch.object(connection, 'get')
     def test_validate_version_exceeding_minimum(self, mock_get):
         self.connection._apiVersion = 300
diff --git a/tests/unit/test_oneview_client.py b/tests/unit/test_oneview_client.py
@@ -86,6 +86,11 @@
     'ONEVIEWSDK_PASSWORD': 'secret123'
 }
 
+OS_ENVIRON_CONFIG_MINIMAL_WITH_SESSIONID = {
+    'ONEVIEWSDK_IP': '172.16.100.199',
+    'ONEVIEWSDK_SESSIONID': '123'
+}
+
 OS_ENVIRON_CONFIG_FULL = {
     'ONEVIEWSDK_IP': '172.16.100.199',
     'ONEVIEWSDK_IMAGE_STREAMER_IP': '172.172.172.172',
@@ -96,6 +101,16 @@
     'ONEVIEWSDK_PROXY': '172.16.100.195:9999'
 }
 
+OS_ENVIRON_CONFIG_FULL_WITH_SESSIONID = {
+    'ONEVIEWSDK_IP': '172.16.100.199',
+    'ONEVIEWSDK_IMAGE_STREAMER_IP': '172.172.172.172',
+    'ONEVIEWSDK_USERNAME': 'admin',
+    'ONEVIEWSDK_PASSWORD': 'secret123',
+    'ONEVIEWSDK_SESSIONID': '123',
+    'ONEVIEWSDK_API_VERSION': '201',
+    'ONEVIEWSDK_PROXY': '172.16.100.195:9999'
+}
+
 
 class OneViewClientTest(unittest.TestCase):
     def __mock_file_open(self, json_config_content):
@@ -147,6 +162,39 @@ def test_from_json_file(self, mock_open, mock_login):
         self.assertIsInstance(oneview_client, OneViewClient)
         self.assertEqual("172.16.102.59", oneview_client.connection.get_host())
 
+    @mock.patch.object(connection, 'login')
+    @mock.patch(mock_builtin('open'))
+    def test_from_json_file_with_sessionID(self, mock_open, mock_login):
+        json_config_content = u"""{
+          "ip": "172.16.102.59",
+          "credentials": {
+            "userName": "administrator",
+            "authLoginDomain": "",
+            "password": "",
+            "sessionID": "123"
+          }
+        }"""
+        mock_open.return_value = self.__mock_file_open(json_config_content)
+        oneview_client = OneViewClient.from_json_file("config.json")
+
+        self.assertIsInstance(oneview_client, OneViewClient)
+        self.assertEqual("172.16.102.59", oneview_client.connection.get_host())
+
+    @mock.patch.object(connection, 'login')
+    @mock.patch(mock_builtin('open'))
+    def test_from_json_file_with_only_sessionID(self, mock_open, mock_login):
+        json_config_content = u"""{
+          "ip": "172.16.102.59",
+          "credentials": {
+            "sessionID": "123"
+          }
+        }"""
+        mock_open.return_value = self.__mock_file_open(json_config_content)
+        oneview_client = OneViewClient.from_json_file("config.json")
+
+        self.assertIsInstance(oneview_client, OneViewClient)
+        self.assertEqual("172.16.102.59", oneview_client.connection.get_host())
+
     @mock.patch.object(connection, 'login')
     @mock.patch(mock_builtin('open'))
     def test_default_api_version(self, mock_open, mock_login):
@@ -190,7 +238,21 @@ def test_from_minimal_environment_variables(self, mock_set_proxy, mock_login):
 
         mock_login.assert_called_once_with(dict(userName='admin',
                                                 password='secret123',
-                                                authLoginDomain=''))
+                                                authLoginDomain='',
+                                                sessionID=''))
+        mock_set_proxy.assert_not_called()
+        self.assertEqual(300, oneview_client.connection._apiVersion)
+
+    @mock.patch.object(connection, 'login')
+    @mock.patch.object(connection, 'set_proxy')
+    @mock.patch.dict('os.environ', OS_ENVIRON_CONFIG_MINIMAL_WITH_SESSIONID)
+    def test_from_minimal_environment_variables_with_sessionID(self, mock_set_proxy, mock_login):
+        oneview_client = OneViewClient.from_environment_variables()
+
+        mock_login.assert_called_once_with(dict(userName='',
+                                                password='',
+                                                authLoginDomain='',
+                                                sessionID='123'))
         mock_set_proxy.assert_not_called()
         self.assertEqual(300, oneview_client.connection._apiVersion)
 
@@ -202,13 +264,30 @@ def test_from_full_environment_variables(self, mock_set_proxy, mock_login):
 
         mock_login.assert_called_once_with(dict(userName='admin',
                                                 password='secret123',
-                                                authLoginDomain='authdomain'))
+                                                authLoginDomain='authdomain',
+                                                sessionID=''))
         mock_set_proxy.assert_called_once_with('172.16.100.195', 9999)
 
         self.assertEqual(201, oneview_client.connection._apiVersion)
         self.assertEqual(oneview_client.create_image_streamer_client().connection.get_host(),
                          OS_ENVIRON_CONFIG_FULL['ONEVIEWSDK_IMAGE_STREAMER_IP'])
 
+    @mock.patch.object(connection, 'login')
+    @mock.patch.object(connection, 'set_proxy')
+    @mock.patch.dict('os.environ', OS_ENVIRON_CONFIG_FULL_WITH_SESSIONID)
+    def test_from_full_environment_variables_with_sessionID(self, mock_set_proxy, mock_login):
+        oneview_client = OneViewClient.from_environment_variables()
+
+        mock_login.assert_called_once_with(dict(userName='admin',
+                                                password='secret123',
+                                                authLoginDomain='',
+                                                sessionID='123'))
+        mock_set_proxy.assert_called_once_with('172.16.100.195', 9999)
+
+        self.assertEqual(201, oneview_client.connection._apiVersion)
+        self.assertEqual(oneview_client.create_image_streamer_client().connection.get_host(),
+                         OS_ENVIRON_CONFIG_FULL_WITH_SESSIONID['ONEVIEWSDK_IMAGE_STREAMER_IP'])
+
     @mock.patch.dict('os.environ', OS_ENVIRON_CONFIG_FULL)
     @mock.patch.object(OneViewClient, '__init__')
     def test_from_environment_variables_is_passing_right_arguments_to_the_constructor(self, mock_cls):
@@ -219,9 +298,40 @@ def test_from_environment_variables_is_passing_right_arguments_to_the_constructo
                                           'ip': '172.16.100.199',
                                           'image_streamer_ip': '172.172.172.172',
                                           'credentials':
-                                              {'password': 'secret123',
+                                              {'userName': 'admin',
+                                               'password': 'secret123',
                                                'authLoginDomain': 'authdomain',
-                                               'userName': 'admin'}})
+                                               'sessionID': ''}})
+
+    @mock.patch.dict('os.environ', OS_ENVIRON_CONFIG_FULL_WITH_SESSIONID)
+    @mock.patch.object(OneViewClient, '__init__')
+    def test_from_environment_variables_is_passing_right_arguments_to_the_constructor_with_sessionID(self, mock_cls):
+        mock_cls.return_value = None
+        OneViewClient.from_environment_variables()
+        mock_cls.assert_called_once_with({'api_version': 201,
+                                          'proxy': '172.16.100.195:9999',
+                                          'ip': '172.16.100.199',
+                                          'image_streamer_ip': '172.172.172.172',
+                                          'credentials':
+                                              {'userName': 'admin',
+                                               'password': 'secret123',
+                                               'authLoginDomain': '',
+                                               'sessionID': '123'}})
+
+    @mock.patch.dict('os.environ', OS_ENVIRON_CONFIG_MINIMAL_WITH_SESSIONID)
+    @mock.patch.object(OneViewClient, '__init__')
+    def test_from_environment_variables_is_passing_right_arguments_to_the_constructor_with_only_sessionID(self, mock_cls):
+        mock_cls.return_value = None
+        OneViewClient.from_environment_variables()
+        mock_cls.assert_called_once_with({'api_version': 300,
+                                          'proxy': '',
+                                          'ip': '172.16.100.199',
+                                          'image_streamer_ip': '',
+                                          'credentials':
+                                              {'userName': '',
+                                               'password': '',
+                                               'authLoginDomain': '',
+                                               'sessionID': '123'}})
 
     @mock.patch.object(connection, 'login')
     def test_create_image_streamer_client_without_image_streamer_ip(self, mock_login):
