API¶
This page will describe all available functions which can be used on a OpenAM instance.
python-openam is an python wrapper for the OpenAM Rest API.
-
class
openam.
Openam
(openam_url='', resource=1.0, protocol=1.0, timeout=10, cookiename='iplanetDirectoryPro')[source]¶ OpenAM Rest Interface.
-
__init__
(openam_url='', resource=1.0, protocol=1.0, timeout=10, cookiename='iplanetDirectoryPro')[source]¶ Will initialize the openam module.
Parameters:
-
authenticate
(realm=None, username=None, password=None, login_params=None)[source]¶ Will authenticate the configured user on OpenAM.
When successful, a http header is added to the current headers with the the value of the ‘cookiename’ (Default is set to ‘iplanetDirectoryPro’) name and has the value from the retrieved tokenId.
Parameters: - realm (str) – The name of the realm on which the user needs to auhtenticate on. (Optional, when realms are used.)
- username (str) – The username which is used to authenticate against OpenAM.
- password (str) – The password for the user configured on ‘username’
- login_params (str) – Extra arguments that are appended to the authenticate uri. Can be used for authenticating against a module or specific chain. Example: ?authIndexType=module&authIndexValue=myLdapModule
Return type: Returns: A dict with the keys ‘succesUrl’ and ‘tokenId’.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> am.authenticate(username="amadmin", password="password_openam") {u'successUrl': u'/openam/console', u'tokenId': u'AQIC5wM2LY4SfcxpamATDDJ7bGltWGY0fjfPO12mGFymFk8.*AAJTSQA.. '} >>> am.logout()
-
change_password
(username=None, user_data=None)[source]¶ Change the password for the given user.
Parameters: Return type: Returns: True when successful password change, otherwise a False.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> user_data = {"currentpassword": "secret12", "userpassword": "secret13"} >>> am.change_password(username="bjensen", user_data=user_data) True >>> am.logout()
-
create_identity
(realm=None, type='users', user_data=None)[source]¶ Create an identity. This can be one of the following types.
- users
- agents
- groups
It can be configured by using the correct value in type. When something else is used other than the 3 mentioned types, users will be used.
Parameters: Return type: Returns: All information regarding the created identity.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> user_data = {"username": "bjensen", "userpassword": "secret12", "mail": "bjensen@example.com"} >>> am.create_identity(user=user_data) {u'username': u'bjensen', u'dn': [u'uid=bjensen,ou=people,dc=openam,dc=forgerock,dc=org'], u'realm': u'/'..} >>> am.create_identity(user=user_data) {u'reason': u'Conflict', u'code': 409, u'message': u'Resource already exists'} >>> am.logout()
-
create_realm
(realm_data=None)[source]¶ Creating a realm.
Parameters: realm_data (dict) – Realm data that is needed for creating the realm.
Return type: Returns: All information regarding the created realm.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> realm_data = {"realm": "myRealm"} >>> am.create_realm(realm_data=realm_data) {u'realmCreated': u'/myRealm'} >>> am.logout()
-
create_resourcetype
(realm=None, resource_data=None)[source]¶ Creating a resouretype.
Parameters: Return type: Returns: Information about the just created resourcetype.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> create_resourcetype = { >>> "name": "My Resource Type", >>> "actions": { >>> "LEFT": "true", >>> "RIGHT": "true", >>> "UP": "true", >>> "DOWN": "true" >>> }, >>> "patterns": [ >>> "http://device/location/*" >>> ] >>> } >>> am.create_resourcetype(resource_data=create_resourcetype) {u'description': None, u'lastModifiedDate': 1472947547951, u'actions': {u'DOWN': True ... >>> am.logout()
-
delete_identity
(realm=None, type='users', username=None)[source]¶ Delete an identity. This can be one of the following types.
- users
- agents
- groups
Parameters: Return type: Returns: Information if the deleting went successful.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.delete_identity(username="bjensen") {u'success': u'true'} >>> am.logout()
-
delete_realm
(realm=None)[source]¶ Deleting a realm.
Parameters: realm (str) – The name of the realm.
Return type: Returns: Information if delete is successful.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.delete_realm(realm="myRealm") {u'success': u'true'} >>> am.logout()
-
delete_resourcetype
(realm=None, uuid=None)[source]¶ Deleting a resourcetype by providing a uuid.
Parameters: Return type: Returns: Not much.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.delete_resourcetype(uuid="c1d1c11b-f101-4ecd-ab6f-26044e027f87") {} >>> am.logout()
-
get_identity
(realm=None, type='users', username=None, fields=None)[source]¶ Get an identity. This can be one of the following types.
- users
- agents
- groups
Parameters: Return type: Returns: False when no user is found, otherwise information about the identity.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.get_identity(username="demo") {u'username': u'demo', u'dn': [u'uid=demo,ou=people,dc=openam,dc=forgerock,dc=org'], u'realm': u'/', ... >>> am.logout()
-
get_realm
(realm=None)[source]¶ Get information of the given realm.
Parameters: realm (str) – The name of the realm.
Return type: Returns: All information about the realm.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.get_realm(realm="myRealm") {u'serviceNames': [u'sunAMDelegationService', u'iPlanetAMAuthService', u'iPlanetAMPolicyConfigService', .. } >>> am.logout()
-
get_resourcetype
(realm=None, uuid=None)[source]¶ Get all information about a specific resourcetype.
Parameters: - realm – The name of the realm.
- uuid (str) – The unique uuid.
Typr realm: str
Return type: Returns: All information about one resourcetype.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.get_resourcetype(uuid='20a13582-1f32-4f83-905f-f71ff4e2e00d') {u'description': u'The built-in delegation Resource Type available to OpenAM Policies.', u'lastModifiedDate': 1422892465848, ... >>> am.logout()
-
get_serverinfo
(property=None)[source]¶ Get all - or when provided with the property - server related information.
Parameters: property (str) – The type of information needed. When none is provided, all available configuration is returned (*).
Return type: Returns: Server specific information from OpenAM.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> am.authenticate(username="amadmin", password="password_openam") >>> am.get_serverinfo(property="cookieDomains") {u'domains': [u'.example.com']} >>> am.logout()
-
list_identities
(realm=None, type='users', query=None)[source]¶ List or search an identity. This can be one of the following types.
- users
- agents
- groups
Parameters: Return type: Returns: Information of the found identities.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.list_identities(query="demo") {u'totalPagedResultsPolicy': u'NONE', u'pagedResultsCookie': None, u'totalPagedResults': -1, u'result': [{u'username': u'demo', u'dn' ... >>> am.logout()
-
list_realms
(realm=None)[source]¶ Get information on all (sub) realms that are configured.
Parameters: realm (str) – The name of the realm.
Return type: Returns: Information with all realms.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.list_realms() {u'totalPagedResultsPolicy': u'NONE', u'pagedResultsCookie': None, u'totalPagedResults': -1, u'result': [u'/', u'/myRealm'] >>> am.logout()
-
list_resourcetypes
(realm=None, query=None)[source]¶ Listing all resourcetypes that are available.
Parameters: Return type: Returns: Information about all resourcetypes.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.list_resourcetypes() {u'totalPagedResultsPolicy': u'NONE', u'pagedResultsCookie': None, u'totalPagedResults': -1, u'result': [{u'description': u'The built-in delegation ..' .. >>> am.logout()
-
logout
()[source]¶ Will logout the current user from OpenAM.
Return type: Returns: True if logout was successful, False when won’t.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> am.authenticate(username="amadmin", password="password_openam") >>> am.logout() True
-
session_information
(action=None, token=None)[source]¶ Will give information about the provided session.
Parameters: Return type: Returns: Information about the session.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.session_information(action="getMaxTime", token=auth_data['tokenId']) {u'maxtime': 7199} >>> am.logout()
-
token_validation
(realm=None, token=None)[source]¶ Validate if the session is active.
Parameters: Return type: Returns: Information if token is active or not.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> am.token_validation(token=auth_data['tokenId']) {u'valid': True, u'realm': u'/', u'uid': u'amadmin'} >>> am.logout()
-
update_identity
(realm=None, type='users', username=None, user_data=None)[source]¶ Update an identity. This can be one of the following types.
- users
- agents
- groups
Parameters: Return type: Returns: All information regarding the updated identity.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> user_data = { "mail": "demo@example.com" } >>> am.update_identity(username="demo", user_data=user_data) {u'username': u'demo', u'dn': [u'uid=demo,ou=people,dc=openam,dc=forgerock,dc=org'], u'realm': u'/', ... >>> am.logout()
-
update_realm
(realm=None, realm_data=None)[source]¶ Updating a realm.
Parameters: - realm (str) – The name of the realm.
- realm_data – Realm data that is needed for updating the realm.
Return type: Returns: Information if the update is successful.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> realm_data = {"sunOrganizationStatus": "Inactive"} >>> am.update_realm(realm="myRealm", realm_data=realm_data) {u'realmUpdated': u'/myRealm'} >>> am.logout()
-
update_resourcetype
(realm=None, uuid=None, resource_data=None)[source]¶ Updating a resourcetype.
Parameters: Return type: Returns: Information about the updated resourcetype.
Example: >>> import openam >>> am = openam.Openam(openam_url="http://openam.example.com:8080/openam/") >>> auth_data = am.authenticate(username="amadmin", password="password_openam") >>> resource_data = { >>> "uuid": "c1d1c11b-f101-4ecd-ab6f-26044e027f87", >>> "name": "My Updated Resource Type", >>> "actions": { >>> "LEFT": "false", >>> "RIGHT": "false", >>> "UP": "false", >>> "DOWN": "false" >>> }, >>> "patterns": [ >>> "http://device/location/*" >>> ] >>> } {u'description': None, u'lastModifiedDate': 1472947723472, u'actions': { ... }, u'name': u'My Updated Resource Type', >>> am.logout()
-