Puppet Function: oracle_sso

Defined in:
lib/puppet/parser/functions/oracle_sso.rb
Function type:
Ruby 3.x API

Overview

oracle_sso()Any

Returns:

  • (Any) 


9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
 
# File 'lib/puppet/parser/functions/oracle_sso.rb', line 9

newfunction(:oracle_sso, :type => :rvalue) do |args|
  fileuri = args[0]
  ssousername = args[1]
  password = args[2]

  cookies = ['oraclelicense=accept-securebackup-cookie']

  #
  # Step 1: try unauthenticated download from given URI
  # Success: URI contains AuthParam parameter and HEAD request returns 200
  # Failure: 404 or redirect to Oracle SSO
  #

  begin
    uri, _, _ = PuppetX::Aco::Util.request(fileuri, 'HEAD', cookies)
    if uri.host == 'login.oracle.com'
      debug("Authentication required for #{fileuri}")
    elsif uri.query.include?('AuthParam=')
      debug("Authentication not required for #{fileuri}")
      return uri.to_s
    else
      raise "Unknown failure while fetching #{fileuri}"
    end
  rescue Net::HTTPServerException => e
    debug("File not found at #{fileuri}")
    debug('Trying authenticated download...')
    fileuri = fileuri.gsub!('otn-pub', 'otn')
  end

  #
  # Step 2: authenticate against Oracle SSO
  # Success: requested form contains OAM_REQ parameter and POST returns a redirect
  # Failure: POST returns 200 or http error
  #

  # retrieve SSO form and read OAM_REQ parameter value
  debug('Retrieving Oracle.com SSO form.')
  _, response, cookies = PuppetX::Aco::Util.request(fileuri, 'GET', cookies)
  matchdata = /name="OAM_REQ" value="(.+?)"/.match(response.body)
  if matchdata and !matchdata.captures.nil?
    oamreq = matchdata[1]
    debug('Found OAM_REQ parameter from Oracle.com SSO form.')
  else
    raise 'Could not retrieve OAM_REQ parameter from Oracle.com SSO form.'
  end

  # submit authentication form
  debug('Submitting Oracle.com SSO form.')
  ssouri = URI('https://login.oracle.com/oam/server/sso/auth_cred_submit')
  cookies.push('s_cc=true')

  request = Net::HTTP::Post.new(ssouri.request_uri, {'user-agent' => 'Mozilla/5.0 (Puppet)', 'cookie' => cookies.join('; ')})
  request.set_form_data('ssousername' => ssousername, 'password' => password)
  request.body += "&OAM_REQ=#{oamreq}"

  response = Net::HTTP.start(ssouri.host, ssouri.port, :use_ssl => true) { |http| http.request(request) }
  case response
  when Net::HTTPRedirection
    location = response['location']
    if URI(location).request_uri.start_with?('/osso_login_success')
      debug('Sign-on success.')
      response.get_fields('set-cookie').each { |c| cookies.push(c.split('; ')[0]) }
    else
      raise 'Sign-on failed. Check your Oracle.com credentials.'
    end
  else
    raise 'Sign-on failed. Check your Oracle.com credentials.'
  end

  #
  # Step 3: try authenticated download from transformed URI
  # Success: URI contains AuthParam parameter and HEAD request returns 200
  # Failure: 404 or redirect to Oracle SSO
  #

  begin
    uri, _, _ = PuppetX::Aco::Util.request(location, 'HEAD', cookies)
    if uri.query.include?('AuthParam=')
      return uri.to_s
    else
      raise "Unknown failure while fetching #{fileuri}"
    end
  rescue Net::HTTPServerException => e
    raise "File not found at #{fileuri}"
  end
end