Skip to content

Commit

Permalink
vcsim: add ssoadmin GetTrustedCertificates method
Browse files Browse the repository at this point in the history
Signed-off-by: Doug MacEachern <dougm@broadcom.com>
dougm committed Jan 16, 2025
1 parent 6ac4eab commit f9e80d2
Showing 4 changed files with 70 additions and 47 deletions.
7 changes: 6 additions & 1 deletion simulator/simulator.go
Original file line number Diff line number Diff line change
@@ -140,7 +140,12 @@ func (s *Service) call(ctx *Context, method *Method) soap.HasFault {

if session == nil {
switch method.Name {
case "RetrieveServiceContent", "PbmRetrieveServiceContent", "Fetch", "List", "Login", "LoginByToken", "LoginExtensionByCertificate", "RetrieveProperties", "RetrievePropertiesEx", "CloneSession":
case
"Login", "LoginByToken", "LoginExtensionByCertificate", "CloneSession", // SessionManager
"RetrieveServiceContent", "RetrieveInternalContent", "PbmRetrieveServiceContent", // ServiceContent
"Fetch", "RetrieveProperties", "RetrievePropertiesEx", // PropertyCollector
"List", // lookup service
"GetTrustedCertificates": // ssoadmin
// ok for now, TODO: authz
default:
fault := &types.NotAuthenticated{
31 changes: 16 additions & 15 deletions ssoadmin/client.go
Original file line number Diff line number Diff line change
@@ -1,18 +1,6 @@
/*
Copyright (c) 2018-2024 VMware, Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// © Broadcom. All Rights Reserved.
// The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.
// SPDX-License-Identifier: Apache-2.0

package ssoadmin

@@ -588,3 +576,16 @@ func (c *Client) UpdateLdapAuthnType(ctx context.Context, name string, auth type
_, err := methods.UpdateLdapAuthnType(ctx, c, &req)
return err
}

func (c *Client) GetTrustedCertificates(ctx context.Context) ([]string, error) {
req := types.GetTrustedCertificates{
This: c.ServiceContent.ConfigurationManagementService,
}

res, err := methods.GetTrustedCertificates(ctx, c, &req)
if err != nil {
return nil, err
}

return res.Returnval, nil
}
36 changes: 20 additions & 16 deletions ssoadmin/client_test.go
Original file line number Diff line number Diff line change
@@ -1,23 +1,12 @@
/*
Copyright (c) 2018-2023 VMware, Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// © Broadcom. All Rights Reserved.
// The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.
// SPDX-License-Identifier: Apache-2.0

package ssoadmin_test

import (
"context"
"fmt"
"os"
"testing"

@@ -57,6 +46,22 @@ func TestClient(t *testing.T) {
verifyClient(t, ctx, c)
}, model)
})
t.Run("System.Anonymous methods", func(t *testing.T) {
simulator.Test(func(ctx context.Context, client *vim25.Client) {
c, err := ssoadmin.NewClient(ctx, client)
require.NoError(t, err)

c.Jar = nil // session cookie will not be sent

_, err = c.FindUser(ctx, "testuser")
require.Error(t, err) // NotAuthenticated

certs, err := c.GetTrustedCertificates(ctx)
require.NoError(t, err)
fmt.Println(certs[0])
require.NotEmpty(t, certs)
})
})
}

func verifyClient(t *testing.T, ctx context.Context, c *ssoadmin.Client) {
@@ -66,5 +71,4 @@ func verifyClient(t *testing.T, ctx context.Context, c *ssoadmin.Client) {
user, err := c.FindUser(ctx, "testuser")
require.NoError(t, err)
require.Equal(t, &types.AdminUser{Id: types.PrincipalId{Name: "testuser", Domain: "vsphere.local"}, Kind: "person"}, user)

}
43 changes: 28 additions & 15 deletions ssoadmin/simulator/simulator.go
Original file line number Diff line number Diff line change
@@ -1,18 +1,6 @@
/*
Copyright (c) 2022-2023 VMware, Inc. All Rights Reserved.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
// © Broadcom. All Rights Reserved.
// The term “Broadcom” refers to Broadcom Inc. and/or its subsidiaries.
// SPDX-License-Identifier: Apache-2.0

package simulator

@@ -24,6 +12,7 @@ import (
"github.com/vmware/govmomi/ssoadmin"
"github.com/vmware/govmomi/ssoadmin/methods"
"github.com/vmware/govmomi/ssoadmin/types"
"github.com/vmware/govmomi/vim25"
"github.com/vmware/govmomi/vim25/soap"
vim "github.com/vmware/govmomi/vim25/types"
)
@@ -111,6 +100,10 @@ type SessionManager struct {
vim.ManagedObjectReference
}

type ConfigurationManagementService struct {
vim.ManagedObjectReference
}

type IdentitySourceManagementService struct {
vim.ManagedObjectReference
}
@@ -161,6 +154,10 @@ func New(vc *simulator.Registry, u *url.URL) *simulator.Registry {
ManagedObjectReference: content.SessionManager,
})

r.Put(&ConfigurationManagementService{
ManagedObjectReference: content.ConfigurationManagementService,
})

r.Put(&IdentitySourceManagementService{
ManagedObjectReference: content.IdentitySourceManagementService,
})
@@ -246,6 +243,22 @@ func (s *SessionManager) Logout(ctx *simulator.Context, req *types.Logout) soap.
}
}

func (*ConfigurationManagementService) GetTrustedCertificates(ctx *simulator.Context, _ *types.GetTrustedCertificates) soap.HasFault {
m := ctx.For(vim25.Path).Map.SessionManager()

var res []string

if m.TLSCert != nil {
res = append(res, m.TLSCert())
}

return &methods.GetTrustedCertificatesBody{
Res: &types.GetTrustedCertificatesResponse{
Returnval: res,
},
}
}

func (s *IdentitySourceManagementService) Get(ctx *simulator.Context, _ *types.Get) soap.HasFault {
sources := IdentitySources
sources.All = nil

0 comments on commit f9e80d2

Please sign in to comment.