Merge pull request #6 from OneIdentity/feature/ktg/update_sps74

Custom auth provider
OneIdentity · Mar 21, 2024 · cedeed8 · cedeed8
2 parents d0a21fb + 23c9612
commit cedeed8
Show file tree

Hide file tree

Showing 6 changed files with 14 additions and 10 deletions.
diff --git a/LICENSE b/LICENSE
@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2021 One Identity
+Copyright (c) 2024 One Identity
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/MANIFEST b/MANIFEST
@@ -1,9 +1,9 @@
 name: SPS_AA_SRA_initiated
 description: SPP-SPS join plugin for Safeguard Remote Access
-version: 1.0.0
+version: 1.1.0
 type: aa
-api: 1.6
+api: 1.7.0
 entry_point: main.py
 author_name: One Identity Safeguard Remote Access
 author_email: [email protected]
-scb_max_version: 6.13.0~
+scb_max_version: 8.0.0~
diff --git a/Pipfile b/Pipfile
@@ -1,10 +1,10 @@
 [packages]
 requests_toolbelt = "*"
+yarl = "*"
 
 [dev-packages]
 oneidentity-safeguard-sessions-plugin-sdk = "*"
 
 [requires]
-python_version = "3.6"
-
+python_version = "3.10"
 
diff --git a/main.py b/main.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env pluginwrapper3
 #
-#   Copyright (c) 2019 One Identity
+#   Copyright (c) 2024 One Identity
 #
 # Permission is hereby granted, free of charge, to any person obtaining a copy
 # of this software and associated documentation files (the "Software"), to

diff --git a/plugin/plugin.py b/plugin/plugin.py
@@ -1,6 +1,6 @@
 #!/usr/bin/env pluginwrapper3
 #
-# Copyright (c) 2013-2021 Balabit
+# Copyright (c) 2024 One Identity
 # All Rights Reserved.
 #
 
@@ -46,13 +46,17 @@ def original_username(self):
     @cookie_property
     def spp_username(self):
         (username, domain) = split_username(self.username)
+        if self.spp_auth_provider.lower() == 'starling':
+            return self.username
+
         return username
 
     @cookie_property
     def spp_auth_provider(self):
         provider = self.plugin_configuration.get(PLUGIN_SECTION, 'spp_auth_provider')
         if provider:
             return provider
+
         (username, domain) = split_username(self.username)
         return domain if domain else 'Local'
 
@@ -98,6 +102,7 @@ def do_authenticate(self):
 
     # SPS initiated code path should be extracted. pylint: disable=too-many-return-statements
     def do_authorize(self):
+        self.session_cookie.setdefault("SessionId", self.connection.session_id)
         self.session_cookie["WorkflowStatus"] = "token-granted"
         key_value_pairs = self.connection.key_value_pairs
         if "token" not in key_value_pairs:

diff --git a/plugin/vault.py b/plugin/vault.py
@@ -1,5 +1,5 @@
 #
-# Copyright (c) 2013-2021 Balabit
+# Copyright (c) 2024 One Identity
 # All Rights Reserved.
 #
 
@@ -9,7 +9,6 @@
 
 from requests_toolbelt.adapters.source import SourceAddressAdapter
 
-
 class Vault:
     def __init__(self, spp_ip, sps_ip):
         self._session = requests.Session()