Jumpserver python sdk tools
Project description
# Jumpserver SDK
为 Jumpserver ssh terminal 和 web terminal封装了一个sdk, 完成和Jumpserver
交互的一些功能
### App service
这是为terminal app 提供的 class
- \__init__(self, app_name=None, endpoint=None)
app_name: app的名称
endpoint: Jumpserver api的地址
- auth(self, access_key_id=None, access_key_secret=None)
对app进行认证, 以后请求jumpserver api会使用这个access key
access_key_id: 认证使用的id
access_key_secret: 认证使用的secret
- check_auth(self)
检查用户access key是否合法, True or False
- terminal_heatbeat()
和Jumpserver保持心跳, True or False
- get_system_user_auth_info(self, system_user)
返回系统用户的密码和密钥
system_user = {
"id": 系统用户id,
"username": 系统用户的用户名,
"name": 系统用户的名称
}
- send_proxy_log(self, data)
用户登陆资产,向Jumpserver发送登录信息
data = {
"username": 用户名,
"name": 用户姓名,
"hostname": 登陆资产的hostname,
"ip": 登录资产的ip地址,
"system_user": 系统用户用户名,
"login_type": 登录方式['ST', 'WT'] ST: SSHTerminal, WT: WebTerminal
"was_failed": 是否成功登陆, 0或1
"date_start": 一个时间日期对象, 开始时间
}
返回成功的信息, 带有id
- finish_proxy_log(self, data)
用户登出, 向Jumpserver发送登出信息
data = {
"date_finished": 一个时间日期对象, 登出的时间,
"proxy_log_id": 上个send_proxy_log取到的id,
}
```
In [1]: from jms import AppService
In [2]: access_key_id = '600f6241-5574-407f-b39a-c616fb2b14eb'
In [3]: access_key_secret = '48496c51-08fd-4eca-8c47-68b18aad72e9'
In [4]: app_service = AppService(app_name='coco', endpoint='http://localhost:8080')
In [5]: app_service.auth(access_key_id=access_key_id, access_key_secret=access_key_secret)
In [6]: app_service.check_auth()
Out[6]: True
In [7]: app_service.terminal_heatbeat()
Out[7]: True
In [9]: system_user = {'id': 10, 'username': 'guang'}
In [10]: app_service.get_system_user_auth_info(system_user)
Out[10]: (u'sagittis', None)
In [14]: app_service.send_proxy_log(data)
Out[14]:
DotMap([(u'username', u'admin'),
(u'date_start', u'2012-12-12T12:12:11+08:00'),
(u'system_user', u'web'),
(u'name', u'admin'),
(u'date_finished', None),
(u'ip', u'192.168.1.2'),
(u'hostname', u'test'),
(u'command_length', 0),
(u'terminal', u'luna'),
(u'time', u''),
(u'was_failed', False),
(u'login_type', u'ST'),
(u'is_finished', False),
(u'log_file', None),
(u'id', 7)])
```
### User service
User service封装了用户调用的api, 如用户登录,获取授权的资产等
- login(self, username=None, password=None,
public_key=None, login_type='', remote_addr=''):
用户登录api
返回
({'username': 'test', ...}, 'token': 'Token String')
username: 用户名
password: 密码
public_key: 公钥
login_type: ['ST', 'WT'] SSHTerminal, WebTerminal
remote_addr: 用户的ip
- auth(self, token=None)
使用token签名请求, 用户请求api都需要使用签名, login例外
- is_authenticated(self):
判断认证是否有效, 返回 True或False
- get_my_assets(self)
返回该用户有权限的资产
[{'hostname': '192.168.1.1', 'ip': '192.168.1.1', ...}, {}]
- get_my_asset_groups(self)
返回该用户后权限的资产组, 这个资产组并非是直接授权资产组, 而是取出所有资产,
再取出每个资产所有的资产组,去重
[{'name': 'group1', 'comment': 'something'}, ... ]
- get_user_asset_group_assets(self, asset_group_id)
返回该用户授权这个资产组下的资产,并非所有该资产组下的资产,而是被授权的资产
[{'hostname': '192.168.1.1', 'ip': '192.168.1.1', ...}, {}]
```
In [1]: from jms import UserService
In [2]: username = 'ibuler'
In [3]: password = 'redhat'
In [4]: user_service = UserService(app_name='coco', endpoint='http://localhost:8080')
In [5]: user, token = user_service.login(username=username, password=password,
public_key=None, login_type='ST', remote_addr='2.2.2.2')
Out[10]: user
DotMap([(u'username', u'ibuler'),
(u'comment', u''),
(u'name', u'\u5e7f\u5b8f\u4f1f'),
(u'date_expired', u'2086-12-21 16:00:00'),
(u'is_superuser', False),
(u'is_active', True),
(u'email', u'ibuler@qq.com'),
(u'phone', u''),
(u'wechat', u''),
(u'groups', [u'asdfasdf']),
(u'role', u'User'),
(u'id', 99)])
In [11]: token
Out[11]: u'c47a9b0da67c47f3885efa92b6a3de28'
In [17]: user_service.is_authenticated()
Out[17]: True
In [18]: user_service.get_my_assets()
Out[18]:
[DotMap([(u'comment', u''),
(u'system_users_join', u'marilyn, sarah, gloria'),
(u'ip', u'48.48.48.48'),
(u'hostname', u'carolyn81'),
(u'is_active', True),
(u'port', 22),
(u'system_users', ...
]
In [19]: user_service.get_my_asset_groups()
Out[19]:
[DotMap([(u'comment', u'In sagittis dui vel nisl.'),
(u'id', 51),
(u'name', u'Paula Berry'),
(u'assets_amount', 1)]),
DotMap([(u'comment', u'Mauris ullamcorper purus sit amet nulla.'),
(u'id', 67),
(u'name', u'Amanda Dunn'),
(u'assets_amount', 1)]), ...
]
In [20]: user_service.get_user_asset_group_assets(51)
Out[20]:
[DotMap([(u'comment', u''),
(u'system_users_join', u'jennifer, melissa, nancy, rebecca'),
(u'ip', u'1.1.1.1'),
(u'hostname', u'heather89'),
(u'is_active', True),
(u'port', 22),
(u'system_users',
[DotMap([(u'username', u'jennifer'),
(u'comment', u'Aenean sit amet justo.'),
(u'shell', u'/bin/bash'),
(u'protocol', u'ssh'),
(u'name', u'Angela Henry'),
(u'auto_update', True),
(u'sudo', u'/user/bin/whoami'),..
]
```
为 Jumpserver ssh terminal 和 web terminal封装了一个sdk, 完成和Jumpserver
交互的一些功能
### App service
这是为terminal app 提供的 class
- \__init__(self, app_name=None, endpoint=None)
app_name: app的名称
endpoint: Jumpserver api的地址
- auth(self, access_key_id=None, access_key_secret=None)
对app进行认证, 以后请求jumpserver api会使用这个access key
access_key_id: 认证使用的id
access_key_secret: 认证使用的secret
- check_auth(self)
检查用户access key是否合法, True or False
- terminal_heatbeat()
和Jumpserver保持心跳, True or False
- get_system_user_auth_info(self, system_user)
返回系统用户的密码和密钥
system_user = {
"id": 系统用户id,
"username": 系统用户的用户名,
"name": 系统用户的名称
}
- send_proxy_log(self, data)
用户登陆资产,向Jumpserver发送登录信息
data = {
"username": 用户名,
"name": 用户姓名,
"hostname": 登陆资产的hostname,
"ip": 登录资产的ip地址,
"system_user": 系统用户用户名,
"login_type": 登录方式['ST', 'WT'] ST: SSHTerminal, WT: WebTerminal
"was_failed": 是否成功登陆, 0或1
"date_start": 一个时间日期对象, 开始时间
}
返回成功的信息, 带有id
- finish_proxy_log(self, data)
用户登出, 向Jumpserver发送登出信息
data = {
"date_finished": 一个时间日期对象, 登出的时间,
"proxy_log_id": 上个send_proxy_log取到的id,
}
```
In [1]: from jms import AppService
In [2]: access_key_id = '600f6241-5574-407f-b39a-c616fb2b14eb'
In [3]: access_key_secret = '48496c51-08fd-4eca-8c47-68b18aad72e9'
In [4]: app_service = AppService(app_name='coco', endpoint='http://localhost:8080')
In [5]: app_service.auth(access_key_id=access_key_id, access_key_secret=access_key_secret)
In [6]: app_service.check_auth()
Out[6]: True
In [7]: app_service.terminal_heatbeat()
Out[7]: True
In [9]: system_user = {'id': 10, 'username': 'guang'}
In [10]: app_service.get_system_user_auth_info(system_user)
Out[10]: (u'sagittis', None)
In [14]: app_service.send_proxy_log(data)
Out[14]:
DotMap([(u'username', u'admin'),
(u'date_start', u'2012-12-12T12:12:11+08:00'),
(u'system_user', u'web'),
(u'name', u'admin'),
(u'date_finished', None),
(u'ip', u'192.168.1.2'),
(u'hostname', u'test'),
(u'command_length', 0),
(u'terminal', u'luna'),
(u'time', u''),
(u'was_failed', False),
(u'login_type', u'ST'),
(u'is_finished', False),
(u'log_file', None),
(u'id', 7)])
```
### User service
User service封装了用户调用的api, 如用户登录,获取授权的资产等
- login(self, username=None, password=None,
public_key=None, login_type='', remote_addr=''):
用户登录api
返回
({'username': 'test', ...}, 'token': 'Token String')
username: 用户名
password: 密码
public_key: 公钥
login_type: ['ST', 'WT'] SSHTerminal, WebTerminal
remote_addr: 用户的ip
- auth(self, token=None)
使用token签名请求, 用户请求api都需要使用签名, login例外
- is_authenticated(self):
判断认证是否有效, 返回 True或False
- get_my_assets(self)
返回该用户有权限的资产
[{'hostname': '192.168.1.1', 'ip': '192.168.1.1', ...}, {}]
- get_my_asset_groups(self)
返回该用户后权限的资产组, 这个资产组并非是直接授权资产组, 而是取出所有资产,
再取出每个资产所有的资产组,去重
[{'name': 'group1', 'comment': 'something'}, ... ]
- get_user_asset_group_assets(self, asset_group_id)
返回该用户授权这个资产组下的资产,并非所有该资产组下的资产,而是被授权的资产
[{'hostname': '192.168.1.1', 'ip': '192.168.1.1', ...}, {}]
```
In [1]: from jms import UserService
In [2]: username = 'ibuler'
In [3]: password = 'redhat'
In [4]: user_service = UserService(app_name='coco', endpoint='http://localhost:8080')
In [5]: user, token = user_service.login(username=username, password=password,
public_key=None, login_type='ST', remote_addr='2.2.2.2')
Out[10]: user
DotMap([(u'username', u'ibuler'),
(u'comment', u''),
(u'name', u'\u5e7f\u5b8f\u4f1f'),
(u'date_expired', u'2086-12-21 16:00:00'),
(u'is_superuser', False),
(u'is_active', True),
(u'email', u'ibuler@qq.com'),
(u'phone', u''),
(u'wechat', u''),
(u'groups', [u'asdfasdf']),
(u'role', u'User'),
(u'id', 99)])
In [11]: token
Out[11]: u'c47a9b0da67c47f3885efa92b6a3de28'
In [17]: user_service.is_authenticated()
Out[17]: True
In [18]: user_service.get_my_assets()
Out[18]:
[DotMap([(u'comment', u''),
(u'system_users_join', u'marilyn, sarah, gloria'),
(u'ip', u'48.48.48.48'),
(u'hostname', u'carolyn81'),
(u'is_active', True),
(u'port', 22),
(u'system_users', ...
]
In [19]: user_service.get_my_asset_groups()
Out[19]:
[DotMap([(u'comment', u'In sagittis dui vel nisl.'),
(u'id', 51),
(u'name', u'Paula Berry'),
(u'assets_amount', 1)]),
DotMap([(u'comment', u'Mauris ullamcorper purus sit amet nulla.'),
(u'id', 67),
(u'name', u'Amanda Dunn'),
(u'assets_amount', 1)]), ...
]
In [20]: user_service.get_user_asset_group_assets(51)
Out[20]:
[DotMap([(u'comment', u''),
(u'system_users_join', u'jennifer, melissa, nancy, rebecca'),
(u'ip', u'1.1.1.1'),
(u'hostname', u'heather89'),
(u'is_active', True),
(u'port', 22),
(u'system_users',
[DotMap([(u'username', u'jennifer'),
(u'comment', u'Aenean sit amet justo.'),
(u'shell', u'/bin/bash'),
(u'protocol', u'ssh'),
(u'name', u'Angela Henry'),
(u'auto_update', True),
(u'sudo', u'/user/bin/whoami'),..
]
```
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for jumpserver-python-sdk-0.0.32.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | de0dbaba314edd4f1c5186ab545f179313a0fa93f613df980b21ff1f67bf736d |
|
MD5 | 3308fed2c38a0f41fa8ba257fbe7b279 |
|
BLAKE2b-256 | 5cb03187df999d9a5f6dfefabf77afbf423521f6f961c82a6e63dcc578c9dc87 |