Skip to content

Commit a4602f2

Browse files
chkp-roylchkp-royl
authored
Add support to api key (#86)
1 parent fc6a56b commit a4602f2

File tree

3 files changed

+59
-30
lines changed

3 files changed

+59
-30
lines changed

import_export_package.py

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -41,8 +41,12 @@ def get_version(client):
4141
payload["read-only"] = "true" if args.operation == "export" else "false"
4242
if args.session_timeout:
4343
payload["session-timeout"] = args.session_timeout
44-
login_reply = client.login(username=args.username, password=args.password, domain=args.domain,
45-
payload=payload)
44+
if args.api_key:
45+
login_reply = client.login_with_api_key(api_key=args.api_key, domain=args.domain,
46+
payload=payload)
47+
else:
48+
login_reply = client.login(username=args.username, password=args.password, domain=args.domain,
49+
payload=payload)
4650
handle_login_fail(not login_reply.success, "Login to management server failed. " + str(login_reply))
4751
elif args.login == '2':
4852
if args.session_timeout:

menu.py

Lines changed: 48 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -59,16 +59,16 @@ def build(self):
5959
self.lowest_level = 2
6060
display = False
6161
elif self.level == 2:
62-
if not (self.args.username or self.args.password or
63-
self.args.session_id or self.args.session_file or self.args.root):
62+
if not (self.args.api_key or self.args.username or self.args.password or
63+
self.args.session_id or self.args.session_file or self.args.root):
6464
self.title = "Please select a login method:"
6565
self.options = ["Enter user credentials manually", "Login as Root",
6666
"Use an existing session file", "Use an existing session UID"]
6767
self.last_option = "Back"
6868
else:
6969
if self.args.root:
7070
self.self_args.login = '2'
71-
elif self.args.username or self.args.password:
71+
elif self.args.username or self.args.password or self.args.api_key:
7272
self.self_args.login = '1'
7373
elif self.args.session_file:
7474
self.self_args.login = '3'
@@ -80,10 +80,13 @@ def build(self):
8080
elif self.level == 3 and self.export:
8181
if not self.args.force:
8282
self.title = "The script will run with the following parameters:\n" + \
83-
"Export Access-Control layers = " + str(self.self_args.access or self.self_args.all) + "\n" + \
83+
"Export Access-Control layers = " + str(
84+
self.self_args.access or self.self_args.all) + "\n" + \
8485
"Export NAT layers = " + str(self.self_args.nat or self.self_args.all) + "\n" + \
85-
"Export Threat-Prevention layers = " + str(self.self_args.threat or self.self_args.all) + "\n" + \
86-
"Export HTTPS Inspection layers = " + str(self.self_args.https or self.self_args.all) + "\n" + \
86+
"Export Threat-Prevention layers = " + str(
87+
self.self_args.threat or self.self_args.all) + "\n" + \
88+
"Export HTTPS Inspection layers = " + str(
89+
self.self_args.https or self.self_args.all) + "\n" + \
8790
"Output-file name = " + str(self.self_args.output_file) + "\n" + \
8891
"Management Server IP = " + str(self.self_args.management) + "\n" + \
8992
"Management Server Port = " + str(self.self_args.port) + "\n" + \
@@ -129,19 +132,14 @@ def build(self):
129132
"Change Management Server Port", "Change the domain name"]
130133
self.last_option = "Exit" if self.level == self.lowest_level else "Back"
131134
elif self.level == 5:
132-
if not self.args.username:
133-
self.title = "Please enter your username:"
134-
self.options = []
135+
if not self.self_args.api_key and not self.self_args.username and not self.self_args.password:
136+
self.title = "Please select authentication method:"
137+
self.options = ["Username & Password",
138+
"API Key"]
139+
self.last_option = "Exit" if self.level == self.lowest_level else "Back"
135140
else:
136-
self.level = 6
137-
display = False
138-
elif self.level == 6:
139-
if not self.args.password:
140-
# The menu title will be provided at the password prompt
141141
self.title = ""
142142
self.options = []
143-
else:
144-
return
145143
if display:
146144
self.display()
147145
else:
@@ -212,7 +210,8 @@ def handle_input(self):
212210
elif choice == 2:
213211
self.self_args.threat = not self.self_args.threat
214212
self.menu_print(
215-
"Exporting of Threat-Prevention layers " + "enabled" if self.self_args.threat else "disabled", 2)
213+
"Exporting of Threat-Prevention layers " + "enabled" if self.self_args.threat else "disabled",
214+
2)
216215
elif choice == 3:
217216
self.self_args.nat = not self.self_args.nat
218217
self.menu_print(
@@ -255,17 +254,39 @@ def handle_input(self):
255254
except ValueError:
256255
self.display_wrong_choice()
257256
elif self.level == 5:
258-
if not self.self_args.username:
259-
self.self_args.username = input()
260-
self.level = 6
261-
elif self.level == 6:
262-
if not self.self_args.password:
263-
if sys.stdin.isatty():
264-
self.self_args.password = getpass.getpass("Please enter your password:\n")
257+
try:
258+
choice = None
259+
if self.self_args.username or self.self_args.password:
260+
choice = 1
261+
elif self.self_args.api_key:
262+
choice = 2
265263
else:
266-
print("Attention! Your password will be shown on the screen!", file=sys.stderr)
267-
self.self_args.password = input("Please enter your password:\n")
268-
return
264+
choice = int(input())
265+
if choice == 1:
266+
if not self.self_args.username:
267+
self.menu_print("Please enter your username:", 0)
268+
self.self_args.username = input()
269+
if not self.self_args.password:
270+
if sys.stdin.isatty():
271+
self.self_args.password = getpass.getpass("Please enter your password:\n")
272+
else:
273+
print("Attention! Your password will be shown on the screen!", file=sys.stderr)
274+
self.self_args.password = input("Please enter your password:\n")
275+
return
276+
elif choice == 2:
277+
if not self.self_args.api_key:
278+
if sys.stdin.isatty():
279+
self.self_args.api_key = getpass.getpass("Please enter your API key:\n")
280+
else:
281+
print("Attention! Your API key will be shown on the screen!", file=sys.stderr)
282+
self.self_args.api_key = input("Please enter your API key:\n")
283+
return
284+
elif choice == 99:
285+
self.level = 3
286+
else:
287+
self.display_wrong_choice()
288+
except ValueError:
289+
self.display_wrong_choice()
269290
self.build()
270291

271292
def display_wrong_choice(self):

utils.py

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,11 @@ def populate_parser(parser):
3535
parser.add_argument("-u", "--username", required=False, default=os.getenv('MGMT_CLI_USER'),
3636
help="The management administrator's user name.\nEnvironment variable: MGMT_CLI_USER")
3737
parser.add_argument("-p", "--password", required=False,
38-
help="The management administrator's password.\nEnvironment variable: MGMT_CLI_PASSWORD")
38+
help="The management administrator's password.\nEnvironment variable: MGMT_CLI_PASSWORD",
39+
default=os.getenv('MGMT_CLI_PASSWORD'))
40+
parser.add_argument("--api-key", required=False,
41+
help="The management administrator's API Key.\nEnvironment variable: MGMT_CLI_API_KEY",
42+
default=os.getenv('MGMT_CLI_API_KEY'))
3943
parser.add_argument("-m", "--management", required=False, default=os.getenv('MGMT_CLI_MANAGEMENT', "127.0.0.1"),
4044
help="The management server's IP address (In the case of a Multi-Domain Environment, use the IP address of the MDS domain).\nDefault: 127.0.0.1\nEnvironment variable: MGMT_CLI_MANAGEMENT")
4145
parser.add_argument("--port", "--server-port", required=False, default=os.getenv('MGMT_CLI_PORT', 443),

0 commit comments

Comments
 (0)