Add files via upload

## Version 1.0.8 (13/10/2025)
1. Updated common.py to include an optioal timeout parameter for web requests within the ClearPassAPILogin class. 
2. API code includes new, modified or deleted API that is implemented in Aruba ClearPass v6.12.6.
3. Updated Readme
4. Included new function within new Utils class to pull token from token file.
5. Updated __init__.py file.

Author: jazzyj123

pyclearpass/__init__.py

@@ -15,3 +15,4 @@
 from pyclearpass.api_sessioncontrol import *
 from pyclearpass.api_toolsandutilities import *
 from pyclearpass.common import *
+from pyclearpass.utils import *

pyclearpass/api_globalserverconfiguration.py

@@ -946,6 +946,7 @@ def replace_cluster_parameters(self, body=({})):
         "PolicyResultCacheTimeout" : 0, #Policy result cache timeout in minutes. Object Type: integer
         "PostAuthUnsubscribeEndpoints" : "", #No Desc. Object Type: string
         "PostAuthV2" : "", #Enable Post-Auth v2. Object Type: string
+        "PostAuthV2CombineEventsToPAN" : "", #Post-Authentication v2 Combine Session Notification Events to PAN. Object Type: string
         "PostAuthV2HttpEnforcement" : "", #Enable Post-Auth v2 HTTP enforcement. Object Type: string
         "ProcessWiredFromIfMap" : "", #Process wired device information from IF-MAP interface. Object Type: string
         "ProfiledKnownEndpointsCleanupOption" : "", #Profiled Known endpoints cleanup option in days. Object Type: string
@@ -1043,6 +1044,7 @@ def update_cluster_parameters(self, body=({})):
         "PolicyResultCacheTimeout" : 0, #Policy result cache timeout in minutes. Object Type: integer
         "PostAuthUnsubscribeEndpoints" : "", #No Desc. Object Type: string
         "PostAuthV2" : "", #Enable Post-Auth v2. Object Type: string
+        "PostAuthV2CombineEventsToPAN" : "", #Post-Authentication v2 Combine Session Notification Events to PAN. Object Type: string
         "PostAuthV2HttpEnforcement" : "", #Enable Post-Auth v2 HTTP enforcement. Object Type: string
         "ProcessWiredFromIfMap" : "", #Process wired device information from IF-MAP interface. Object Type: string
         "ProfiledKnownEndpointsCleanupOption" : "", #Profiled Known endpoints cleanup option in days. Object Type: string

pyclearpass/api_guestactions.py

@@ -17,7 +17,7 @@ def get_guest_by_guest_id_pass_id(self, guest_id="", id=""):
         HTTP Response Codes: 200 OK, 400 Bad Request, 404 Not Found, 406 Not Acceptable, 415 Unsupported Media Type, 422 Unprocessable Entity
         Parameter Type: path, Name: guest_id, Description: Numeric ID of the guest account
         Parameter Type: path, Name: id, Description: Numeric ID of the digital pass template
-        """
+        """ 
         url_path = "/guest/{guest_id}/pass/{id}"
         dict_path = {"guest_id": guest_id, "id": id}
         for item in dict_path:

pyclearpass/api_identities.py

@@ -598,6 +598,8 @@ def new_endpoint(self, body=({})):
         "randomized_mac" : False, #Is MAC address randomized?. Object Type: boolean
         "device_insight_tags" : "", #List of Device Insight Tags. Object Type: string
         "attributes" : {}, #Additional attributes(key/value pairs) may be stored with the endpoint. Object Type: object
+        "added_at" : "", #Timestamp of endpoint addition. Object Type: string
+        "updated_at" : "", #Timestamp of endpoint updation. Object Type: string
 
         }
         """
@@ -638,7 +640,9 @@ def update_endpoint_by_endpoint_id(self, endpoint_id="", body=({})):
         "randomized_mac" : False, #Is MAC address randomized?. Object Type: boolean
         "device_insight_tags" : "", #List of Device Insight Tags. Object Type: string
         "attributes" : {}, #Additional attributes(key/value pairs) may be stored with the endpoint. Object Type: object
-        "profile" : {}, #Endpoint Profile. Object Type: ProfileUpdate
+        "added_at" : "", #Timestamp of endpoint addition. Object Type: string
+        "updated_at" : "", #Timestamp of endpoint updation. Object Type: string
+        "profile" : "", #Endpoint Profile. Object Type: ProfileUpdate
 
         }
         """
@@ -667,7 +671,9 @@ def replace_endpoint_by_endpoint_id(self, endpoint_id="", body=({})):
         "randomized_mac" : False, #Is MAC address randomized?. Object Type: boolean
         "device_insight_tags" : "", #List of Device Insight Tags. Object Type: string
         "attributes" : {}, #Additional attributes(key/value pairs) may be stored with the endpoint. Object Type: object
-        "profile" : {}, #Endpoint Profile. Object Type: ProfileReplace
+        "added_at" : "", #Timestamp of endpoint addition. Object Type: string
+        "updated_at" : "", #Timestamp of endpoint updation. Object Type: string
+        "profile" : "", #Endpoint Profile. Object Type: ProfileReplace
 
         }
         """
@@ -725,7 +731,9 @@ def update_endpoint_mac_address_by_mac_address(self, mac_address="", body=({})):
         "randomized_mac" : False, #Is MAC address randomized?. Object Type: boolean
         "device_insight_tags" : "", #List of Device Insight Tags. Object Type: string
         "attributes" : {}, #Additional attributes(key/value pairs) may be stored with the endpoint. Object Type: object
-        "profile" : {}, #Endpoint Profile. Object Type: ProfileUpdate
+        "added_at" : "", #Timestamp of endpoint addition. Object Type: string
+        "updated_at" : "", #Timestamp of endpoint updation. Object Type: string
+        "profile" : "", #Endpoint Profile. Object Type: ProfileUpdate
 
         }
         """
@@ -754,7 +762,9 @@ def replace_endpoint_mac_address_by_mac_address(self, mac_address="", body=({}))
         "randomized_mac" : False, #Is MAC address randomized?. Object Type: boolean
         "device_insight_tags" : "", #List of Device Insight Tags. Object Type: string
         "attributes" : {}, #Additional attributes(key/value pairs) may be stored with the endpoint. Object Type: object
-        "profile" : {}, #Endpoint Profile. Object Type: ProfileReplace
+        "added_at" : "", #Timestamp of endpoint addition. Object Type: string
+        "updated_at" : "", #Timestamp of endpoint updation. Object Type: string
+        "profile" : "", #Endpoint Profile. Object Type: ProfileReplace
 
         }
         """

pyclearpass/api_sessioncontrol.py

@@ -109,6 +109,48 @@ def new_session_by_id_reauthorize(self, id="", body=({})):
             self, url=url_path, method="post", query=body
         )
 
+    # API Service: Change of Authorization by MAC without enabling Insight
+    def get_active_session_by_mac_address(self, interval="", mac_address=""):
+        """
+        Operation: Get a list of Enforcement Profiles for the given MAC
+        HTTP Response Codes: 200 OK, 401 Unauthorized, 403 Forbidden, 404 Not Found, 406 Not Acceptable, 415 Unsupported Media Type
+        Parameter Type (Optional): query, Name: interval, Description: interval to get active session
+        Parameter Type: path, Name: mac_address, Description: filter by mac-address
+        """
+        url_path = "/active-session/{mac_address}"
+        dict_query = {"interval": interval}
+        url_path = _generate_parameterised_url(parameters=dict_query, url=url_path)
+        dict_path = {"mac_address": mac_address}
+        for item in dict_path:
+            url_path = url_path.replace("{" + item + "}", dict_path[item])
+        return ClearPassAPILogin._send_request(self, url=url_path, method="get")
+
+    def new_active_session_by_mac_address(self, interval="", mac_address="", body=({})):
+        """
+        Operation: Change of Authorization of active session for the given MAC
+        HTTP Response Codes: 201 Created, 401 Unauthorized, 403 Forbidden, 404 Not Found, 406 Not Acceptable, 415 Unsupported Media Type, 422 Unprocessable Entity
+        Parameter Type (Optional): query, Name: interval, Description: interval to get active session
+        Parameter Type: path, Name: mac_address, Description: filter by mac-address
+        Required Body Parameters: None listed
+        Parameter Type: body, Name: body
+        Body example with descriptions and object types below (type(dict):
+
+        body={
+        "enforcement_profile" : "", #When performing CoA, the 'enforcement_profile' parameter MUST be provided. Object Type: string
+
+        }
+        """
+        url_path = "/active-session/{mac_address}"
+        dict_query = {"interval": interval}
+        url_path = _generate_parameterised_url(parameters=dict_query, url=url_path)
+        dict_path = {"mac_address": mac_address}
+        for item in dict_path:
+            url_path = url_path.replace("{" + item + "}", dict_path[item])
+        body = _remove_empty_keys(keys=body)
+        return ClearPassAPILogin._send_request(
+            self, url=url_path, method="post", query=body
+        )
+
     # API Service: Manage Session Action Methods
     def new_session_action_disconnect(self, async_="", body=({})):
         """

pyclearpass/common.py

@@ -16,6 +16,7 @@ def __init__(
         server="",
         api_token="",
         verify_ssl=False,
+        timeout=None
     ):
         """
         This is the class constructor for the ClearPassModule.
@@ -24,16 +25,19 @@ def __init__(
 
         Mandatory Parameters:
         server (string): Website for ClearPass services example - https://yourserver.network.local:443/api
-        verify_ssl (boolean, optional): default value False. Allows use of an invalid SSL certificate.
 
-        Option 1 Parameters -
+        Option 1 Parameters:-
         granttype (string) = ['client_credentials' or 'password' or 'refresh_token']: OAuth2 authentication method,client_id (string): Client ID defined in API Clients,
         clientsecret (string, optional): Client secret, required if the API client is not a public client,
         username (string, optional): Username for authentication, required for grant_type "password",
         password (string, optional): Password for authentication, required for grant_type "password",
 
-        Option 2 Parameters-
+        Option 2 Parameters:
         api_token = Provide the api_token which is the 'access token'.
+        
+        Optional Parameters:
+        verify_ssl (boolean, optional): default value False. Allows use of an invalid SSL certificate.
+        timeout (int, optional): default value none. Allows to adjust the timeout value for the web request in seconds.
 
         }
 
@@ -45,7 +49,8 @@ def __init__(
         self.password = password
         self.server = server
         self.api_token = api_token
-        self.verify_ssl = False
+        self.verify_ssl = verify_ssl
+        self.timeout = timeout
 
     def _send_request(
         self, url, method, query="", content_response_type="application/json"
@@ -79,34 +84,39 @@ def _send_request(
                     json=query,
                     headers=header,
                     verify=self.verify_ssl,
+                    timeout=self.timeout,
                 )
             if method == "patch":
                 response = requests.patch(
                     url=full_url_path,
                     json=query,
                     headers=header,
                     verify=self.verify_ssl,
+                    timeout=self.timeout,
                 )
             if method == "put":
                 response = requests.put(
                     url=full_url_path,
                     json=query,
                     headers=header,
                     verify=self.verify_ssl,
+                    timeout=self.timeout,
                 )
             if method == "get":
                 response = requests.get(
                     url=full_url_path,
                     json=query,
                     headers=header,
                     verify=self.verify_ssl,
+                    timeout=self.timeout,
                 )
             if method == "delete":
                 response = requests.delete(
                     url=full_url_path,
                     json=query,
                     headers=header,
                     verify=self.verify_ssl,
+                    timeout=self.timeout,
                 )
             if method == "":
                 print(

pyclearpass/utils.py

@@ -0,0 +1,53 @@
+# (C) Copyright 2019-2025 Hewlett Packard Enterprise Development LP.
+# Apache License 2.0
+
+import json
+import csv
+import os
+
+ 
+class Utils:
+    def get_token_from_file(fileName):
+        """
+        Use this function to retrieve the access_token from a file which is located in the working directory of the script.
+        The file must use the following structure:
+        {"access_token":"your_secret_token"}
+        """
+        try:
+            f = open(fileName, "r")
+            content = f.read()
+            jsonContent = json.loads(content)
+            if jsonContent["access_token"]:
+                return jsonContent["access_token"]
+            else:
+                raise ValueError(
+                    {"status": "Error", "message": "Missing Access Token."}
+                )
+
+        except KeyError as e:
+            raise Exception(
+                {
+                    "status": "Error",
+                    "Message": "Missing 'access_token' key name. Ensure key name exists as per the function usage details.",
+                }
+            )
+        except json.JSONDecodeError as e:
+            raise Exception(
+                {
+                    "status": "Error",
+                    "Message": "Ensure a valid json file as described in the function usage details.",
+                }
+            )
+        except FileNotFoundError as e:
+            raise Exception(
+                {
+                    "status": "Error",
+                    "Message": "Ensure the token file '"
+                    + fileName
+                    + "' exists. "
+                    + e.strerror,
+                }
+            )
+
+        except Exception as e:
+            raise Exception({"status": "Error", "Message": e})