Class: HybridPlatformsConductor::Thycotic

Inherits:

Object

• Object
• HybridPlatformsConductor::Thycotic

Includes:

LoggerHelpers

Defined in:

lib/hybrid_platforms_conductor/thycotic.rb

Overview

Gives ways to query the Thycotic SOAP API at a given URL

Constant Summary

Constants included from LoggerHelpers

LoggerHelpers::LEVELS_MODIFIERS, LoggerHelpers::LEVELS_TO_STDERR

Class Method Summary

• .with_thycotic(thycotic_url, logger, logger_stderr, domain: ENV['hpc_domain_for_thycotic']) ⇒ Object

  Provide a Thycotic connector, and make sure the password is being cleaned when exiting.

Instance Method Summary

• #download_file_attachment_by_item_id(secret_id, secret_item_id) ⇒ Object

  Get a file attached to a given secret .

• #get_secret(secret_id) ⇒ Object

  Return secret corresponding to a given secret ID.

• #initialize(url, user, password, domain: ENV['hpc_domain_for_thycotic'], logger: Logger.new(STDOUT), logger_stderr: Logger.new(STDERR)) ⇒ Thycotic constructor

  Constructor.

Methods included from LoggerHelpers

#err, #init_loggers, #log_component=, #log_debug?, #log_level=, #out, #section, #set_loggers_format, #stderr_device, #stderr_device=, #stderr_displayed?, #stdout_device, #stdout_device=, #stdout_displayed?, #stdouts_to_s, #with_progress_bar

Constructor Details

#initialize(url, user, password, domain: ENV['hpc_domain_for_thycotic'], logger: Logger.new(STDOUT), logger_stderr: Logger.new(STDERR)) ⇒ Thycotic

Constructor

Parameters

• url (String): URL of the Thycotic Secret Server

• user (String): User name to be used to connect to Thycotic

• password (String): Password to be used to connect to Thycotic

• domain (String): Domain to use for authentication to Thycotic [default: ENV]

• logger (Logger): Logger to be used [default: Logger.new(STDOUT)]

• logger_stderr (Logger): Logger to be used for stderr [default: Logger.new(STDERR)]

# File 'lib/hybrid_platforms_conductor/thycotic.rb', line 37

def initialize(
  url,
  user,
  password,
  domain: ENV['hpc_domain_for_thycotic'],
  logger: Logger.new(STDOUT),
  logger_stderr: Logger.new(STDERR)
)
  init_loggers(logger, logger_stderr)
  # Get a token to this SOAP API
  @client = Savon.client(
    wsdl: "#{url}/webservices/SSWebservice.asmx?wsdl",
    ssl_verify_mode: :none,
    logger: @logger,
    log: log_debug?
  )
  @token = @client.call(:authenticate, message: {
    username: user,
    password: password,
    domain: domain
  }).to_hash.dig(:authenticate_response, :authenticate_result, :token)
  raise "Unable to get token from SOAP authentication to #{url}" if @token.nil?
end

Class Method Details

.with_thycotic(thycotic_url, logger, logger_stderr, domain: ENV['hpc_domain_for_thycotic']) ⇒ Object

Provide a Thycotic connector, and make sure the password is being cleaned when exiting.

Parameters

• thycotic_url (String): The Thycotic URL

• logger (Logger): Logger to be used

• logger_stderr (Logger): Logger to be used for stderr

• domain (String): Domain to use for authentication to Thycotic [default: ENV]

• Proc: Code called with the Thyctotic instance.

  • thycotic (Thyctotic): The Thyctotic instance to use.

# File 'lib/hybrid_platforms_conductor/thycotic.rb', line 22

def self.with_thycotic(thycotic_url, logger, logger_stderr, domain: ENV['hpc_domain_for_thycotic'])
  Credentials.with_credentials_for(:thycotic, logger, logger_stderr, url: thycotic_url) do |thycotic_user, thycotic_password|
    yield Thycotic.new(thycotic_url, thycotic_user, thycotic_password, logger: logger, logger_stderr: logger_stderr)
  end
end

Instance Method Details

#download_file_attachment_by_item_id(secret_id, secret_item_id) ⇒ Object

Get a file attached to a given secret

Parameters

• secret_id (Object): The secret ID

• secret_item_id (Object): The secret item id

Result

• String or nil: The file content, or nil if none

# File 'lib/hybrid_platforms_conductor/thycotic.rb', line 81

def download_file_attachment_by_item_id(secret_id, secret_item_id)
  file_in_base64 = @client.call(:download_file_attachment_by_item_id, message: {
    token: @token,
    secretId: secret_id,
    secretItemId: secret_item_id
  }).to_hash.dig(:download_file_attachment_by_item_id_response, :download_file_attachment_by_item_id_result, :file_attachment)
  file_in_base64.nil? ? nil : Base64.decode64(file_in_base64)
end

#get_secret(secret_id) ⇒ Object

Return secret corresponding to a given secret ID

Parameters

• secret_id (Object): The secret ID

Result

• Hash: The corresponding API result

# File 'lib/hybrid_platforms_conductor/thycotic.rb', line 67

def get_secret(secret_id)
  @client.call(:get_secret, message: {
    token: @token,
    secretId: secret_id
  }).to_hash.dig(:get_secret_response, :get_secret_result)
end