From 9e814c2b677c3a4b33620ff6ab7f895929b558d8 Mon Sep 17 00:00:00 2001 From: Ren YanLin Date: Tue, 17 Oct 2023 13:26:37 +0800 Subject: [PATCH] pr: add password rotation method of session logon API Signed-off-by: Yanlin Ren --- pkg/zhmcclient/client.go | 68 +++++++++++++++++++++++++++++++---- pkg/zhmcclient/client_test.go | 21 +++++++++++ 2 files changed, 82 insertions(+), 7 deletions(-) diff --git a/pkg/zhmcclient/client.go b/pkg/zhmcclient/client.go index 3887e4b..b426ac4 100644 --- a/pkg/zhmcclient/client.go +++ b/pkg/zhmcclient/client.go @@ -1,4 +1,3 @@ - // Copyright 2021-2023 IBM Corp. All Rights Reserved. // // Licensed under the Apache License, Version 2.0 (the "License"); @@ -87,6 +86,12 @@ type LogonData struct { Password string `json:"password"` } +type ChangePasswordData struct { + Userid string `json:"userid"` + Password string `json:"password"` + NewPassword string `json:"new-password"` +} + // TODO, Use cache and use JobTopic, ObjectTopic to update cache type Session struct { MajorVersion int `json:"api-major-version,omitempty"` @@ -109,12 +114,7 @@ type Client struct { traceOutput io.Writer } -func NewClient(endpoint string, opts *Options, l Logger) (ClientAPI, *HmcError) { - - if l != nil { - logger = l - } - +func newClientStruct(endpoint string, opts *Options) (*Client, *HmcError) { tslConfig, err := SetCertificate(opts, &tls.Config{}) if err != nil { return nil, err @@ -146,6 +146,19 @@ func NewClient(endpoint string, opts *Options, l Logger) (ClientAPI, *HmcError) Password: opts.Password, }, } + return client, nil +} + +func NewClient(endpoint string, opts *Options, l Logger) (ClientAPI, *HmcError) { + + if l != nil { + logger = l + } + + client, err := newClientStruct(endpoint, opts) + if err != nil { + return nil, err + } err = client.Logon() if err != nil { @@ -266,6 +279,47 @@ func (c *Client) Logon() *HmcError { return GenerateErrorFromResponse(responseBody) } +// login and change password, then end session +func ChangePassword(endpoint string, opts *Options, newPassword string) *HmcError { + c, err := newClientStruct(endpoint, opts) + if err != nil { + return err + } + + c.clearSession() + url := c.CloneEndpointURL() + if url == nil { + return &HmcError{Reason: int(ERR_CODE_HMC_INVALID_URL), Message: ERR_MSG_EMPTY_JOB_URI} + } + url.Path = path.Join(url.Path, "/api/sessions") + + changePasswordData := ChangePasswordData{ + Userid: c.logondata.Userid, + Password: c.logondata.Password, + NewPassword: newPassword, + } + + status, responseBody, hmcErr := c.executeMethod(http.MethodPost, url.String(), changePasswordData, "") + + defer c.Logoff() + + if hmcErr != nil { + return hmcErr + } + + if status == http.StatusOK || status == http.StatusCreated { + session := &Session{} + err := json.Unmarshal(responseBody, session) + if err != nil { + return getHmcErrorFromErr(ERR_CODE_HMC_UNMARSHAL_FAIL, err) + } + c.session = session + return nil + } + + return GenerateErrorFromResponse(responseBody) +} + func (c *Client) LogonConsole() (sessionID string, status int, err *HmcError) { url := c.CloneEndpointURL() url.Path = path.Join(url.Path, "/api/sessions") diff --git a/pkg/zhmcclient/client_test.go b/pkg/zhmcclient/client_test.go index 1849439..60ef21d 100644 --- a/pkg/zhmcclient/client_test.go +++ b/pkg/zhmcclient/client_test.go @@ -185,6 +185,27 @@ var _ = Describe("client", func() { }) }) + Describe("ChangePassword", func() { + BeforeEach(func() { + hmcErr = &HmcError{ + Reason: int(ERR_CODE_HMC_BAD_REQUEST), + Message: "error message", + } + }) + Context("When ChangePassword is Executed", func() { + It("Check the result of ChangePassword", func() { + var endpoint string + opts := &Options{ + SkipCert: false, + Username: "", + Password: "", + } + err := ChangePassword(endpoint, opts, "") + Expect(err.Error()).ToNot(BeNil()) + }) + }) + }) + Describe("SetCertificate", func() { Context("When skipcert is false", func() { It("returns tls config without CaCert", func() {