Skip to content

Feature 449943 Safeguard Custom Platform Script for Wikipedia.com #57

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
PrabhaQuest wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Feature 449943 Safeguard Custom Platform Script for Wikipedia.com #57

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
81394c8
Added the custom platform script for Wikipedia.
PrabhaQuest Mar 21, 2024
228192e
Feature 449943 Safeguard Custom Platform Script for Wikipedia.com
PrabhaQuest Mar 28, 2024
88538af
Feature 449943 Safeguard Custom Platform Script for Wikipedia.com
PrabhaQuest Mar 28, 2024
cfa10f1
Feature 449943 Safeguard Custom Platform Script for Wikipedia.com
PrabhaQuest Mar 28, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
206 changes: 206 additions & 0 deletions SupportedScripts/CustomWikipedia.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,206 @@
{
"Id": "CustomWikipedia",
"BackEnd": "Scriptable",
"Meta": {
"Author": "Prabha S, One Identity",
"ScriptVersion": "1.0",
"Last Updated": "2024-03-18",
"Description": "Platform script to support Wikipedia web application, this is tested with SPP version 7.5 and above."
},
"CheckPassword": {
"Parameters": [
{ "Timeout": { "Type": "Integer", "Required": false, "DefaultValue": 30 } },
{ "AccountUserName": { "Type": "String", "Required": true } },
{ "AccountPassword": { "Type": "Secret", "Required": true } },
{ "AssetName": { "Type": "String", "Required": false, "DefaultValue": "Wikipedia" } },
{ "HttpProxyAddress": { "Type": "String", "Description": "HTTP Proxy Address", "Required": false } },
{ "HttpProxyPort": { "Type": "Integer", "Description": "HTTP Proxy Port", "Required": false, "DefaultValue": 443 } },
{ "HttpProxyUserName": { "Type": "String", "Description": "HTTP Proxy UserName", "Required": false } },
{ "HttpProxyPassword": { "Type": "Secret", "Description": "HTTP Proxy Password", "Required": false } }
],
"Do": [
{ "Status": { "Type": "Checking", "Percent": 10, "Message": { "Name": "VerifyingPassword", "Parameters": [ "%AssetName%", "%AccountUserName%" ] } } },
{ "Function": { "Name": "Login", "ResultVariable": "IsLoggedIn" } },
{ "Return": { "Value": "%IsLoggedIn%" } }
]
},
"ChangePassword": {
"Parameters": [
{ "Timeout": { "Type": "Integer", "Required": false, "DefaultValue": 30 } },
{ "AccountUserName": { "Type": "String", "Required": true } },
{ "AccountPassword": { "Type": "Secret", "Required": true } },
{ "NewPassword": { "Type": "Secret", "Required": true } },
{ "AssetName": { "Type": "String", "Required": false, "DefaultValue": "Wikipedia" } },
{ "HttpProxyAddress": { "Type": "String", "Description": "HTTP Proxy Address", "Required": false } },
{ "HttpProxyPort": { "Type": "Integer", "Description": "HTTP Proxy Port", "Required": false, "DefaultValue": 443 } },
{ "HttpProxyUserName": { "Type": "String", "Description": "HTTP Proxy UserName", "Required": false } },
{ "HttpProxyPassword": { "Type": "Secret", "Description": "HTTP Proxy Password", "Required": false } }
],
"Do": [
{ "Status": { "Type": "Changing", "Percent": 10, "Message": { "Name": "ChangingPassword", "Parameters": [ "%AccountUserName%" ] } } },
{ "Condition": {
"If": "AccountPassword.Equals(NewPassword)", "Then":
[
{ "Status": { "Type": "Changing", "Percent": 80, "Message": { "Name": "CurrentAndNewPasswordsAreIdentical", "Parameters": [ "%AccountUserName%" ] } } },
{ "Log": { "Text": "The current and new password are identical." } },
{ "Return": { "Value": false } }
]
}
},
{ "Status": { "Type": "Changing", "Percent": 20, "Message": { "Name": "LoggingInToService", "Parameters": [ "%AssetName%", "%AccountUserName%" ] } } },
{ "Function": { "Name": "Login", "ResultVariable": "LoginResult" } },
{ "Condition": {
"If": "!LoginResult", "Then":
[
{ "Return": { "Value": false } }
]
}
},
{ "Function": { "Name": "ChangeUserPassword", "ResultVariable": "CheckResult" } },
{ "Return": { "Value": "%CheckResult%" } }
]
},
"Functions": [
{
"Name": "Login",
"Do": [
{ "BaseAddress": { "Address": "https://en.wikipedia.org" } },
{ "NewHttpRequest": { "ObjectName": "Global:SystemRequest" } },
{ "Request": {
"Verb": "Get",
"Url": "w/api.php?action=query&meta=tokens&type=login&format=json",
"RequestObjectName": "SystemRequest",
"ResponseObjectName": "Global:LoginTokenResponse",
"AllowRedirect": false,
"ProxyIp": "%HttpProxyAddress%",
"ProxyPort": "%HttpProxyPort%",
"ProxyUser": "%HttpProxyUserName%",
"ProxyPassword": "%HttpProxyPassword%"
}
},
{ "ExtractJsonObject": { "JsonObjectName": "LoginTokenResponse", "Name": "LoginTokenJson" } },
{ "SetItem": { "Name": "LoginToken", "Value": "%{ LoginTokenJson.query.tokens.logintoken.Value }%" } },
{ "Condition": {
"If": "string.IsNullOrEmpty(LoginToken)", "Then":
[
{ "Log": { "Text": "Error, Login Token not found" } },
{ "Return": { "Value": false } }
]
}
},
{ "UrlEncode": {
"Source": "%LoginToken%",
"ResultVariable": "EncodedLoginToken"
}
},
{ "UrlEncode": {
"Source": "%AccountPassword%",
"ResultVariable": "EncodedPassword",
"IsSecret": true
}
},
{ "UrlEncode": {
"Source": "%AccountUserName%",
"ResultVariable": "EncodedUserName"
}
},
{ "SetItem": { "Name": "RequestBody", "Value": "lgpassword=%EncodedPassword%&lgtoken=%EncodedLoginToken%" , "IsSecret": true } },
{ "Request": {
"Verb": "Post",
"Url": "w/api.php?action=login&lgname=%{EncodedUserName}%&format=json",
"SubstitutionInUrl": true,
"RequestObjectName": "SystemRequest",
"ResponseObjectName": "Global:LoginPostResponse",
"AllowRedirect": false,
"Content": {
"ContentObjectName": "RequestBody",
"ContentType": "application/x-www-form-urlencoded"
},
"ProxyIp": "%HttpProxyAddress%",
"ProxyPort": "%HttpProxyPort%",
"ProxyUser": "%HttpProxyUserName%",
"ProxyPassword": "%HttpProxyPassword%"
}
},
{ "ExtractJsonObject": { "JsonObjectName": "LoginPostResponse", "Name": "LoginResultJson" } },
{ "Condition": {
"If": "LoginResultJson.login.result.Value.Equals(\"Success\")", "Then":
[
{ "Log": { "Text": "Authentication successful" } },
{ "Return": { "Value": true } }
]
}
},
{ "Log": { "Text": "%{ LoginResultJson.ToString() }%" } },
{ "Status": { "Type": "Checking", "Percent": 80, "Message": { "Name": "LoggingInWithAccountFailed", "Parameters": [ "%AssetName%", "%AccountUserName%" ] } } },
{ "Return": { "Value": false } }
]
},
{
"Name": "ChangeUserPassword",
"Do": [
{ "Request": {
"Verb": "Get",
"Url": "w/api.php?action=query&meta=tokens&format=json",
"RequestObjectName": "SystemRequest",
"ResponseObjectName": "Global:CsrfTokenResponse",
"AllowRedirect": false,
"ProxyIp": "%HttpProxyAddress%",
"ProxyPort": "%HttpProxyPort%",
"ProxyUser": "%HttpProxyUserName%",
"ProxyPassword": "%HttpProxyPassword%"
}
},
{ "ExtractJsonObject": { "JsonObjectName": "CsrfTokenResponse", "Name": "CsrfTokenJson" } },
{ "SetItem": { "Name": "CsrfToken", "Value": "%{ CsrfTokenJson.query.tokens.csrftoken.Value }%" } },
{ "Condition": {
"If": "!(CsrfToken.Length > 2)", "Then":
[
{ "Log": { "Text": "Error, Csrf Token not found" } },
{ "Throw": { "Value": "Error, Csrf Token not found" } }
]
}
},
{ "UrlEncode": {
"Source": "%CsrfToken%",
"ResultVariable": "EncodedCsrfToken"
}
},
{ "UrlEncode": {
"Source": "%NewPassword%",
"ResultVariable": "EncodedNewPassword",
"IsSecret": true
}
},
{ "SetItem": { "Name": "RequestBody", "Value": "changeauthtoken=%EncodedCsrfToken%&password=%EncodedNewPassword%&retype=%EncodedNewPassword%", "IsSecret": true} },
{ "Request": {
"Verb": "Post",
"Url": "w/api.php?action=changeauthenticationdata&changeauthrequest=MediaWiki%5CAuth%5CPasswordAuthenticationRequest&format=json",
"RequestObjectName": "SystemRequest",
"ResponseObjectName": "Global:ChangePasswordPostResponse",
"AllowRedirect": false,
"Content": {
"ContentObjectName": "RequestBody",
"ContentType": "application/x-www-form-urlencoded"
},
"ProxyIp": "%HttpProxyAddress%",
"ProxyPort": "%HttpProxyPort%",
"ProxyUser": "%HttpProxyUserName%",
"ProxyPassword": "%HttpProxyPassword%"
}
},
{ "ExtractJsonObject": { "JsonObjectName": "ChangePasswordPostResponse", "Name": "PasswordResponseJson" } },
{ "Condition": {
"If": "PasswordResponseJson.ToString().Contains(\"changeauthenticationdata\") && PasswordResponseJson.ToString().Contains(\"success\")", "Then":
[
{ "Log": { "Text": "Password changed successfully" } },
{ "Return": { "Value": true } }
]
}
},
{ "Log": { "Text": "%{ PasswordResponseJson.ToString() }%" } },
{ "Return": { "Value": false } }
]
}
]
}
12 changes: 12 additions & 0 deletions SupportedScripts/README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
These custom platform scripts have been tested and verified by One Identity to work with the specified version of Safeguard for Privileged Passwords, and to work against the target platform at the time of authoring.

To better understand the content of these sample scripts, read the <a href="../../../wiki">wiki documentation</a>.

For information on creating and adding a custom platforms, search for these topics in the SPP [Administration Guide](https://support.oneidentity.com/technical-documents/one-identity-safeguard/administration-guide):
- Custom Platforms
- Adding a custom platform </br>

For information on assets, search for these topics in the SPP [Administration Guide](https://support.oneidentity.com/technical-documents/one-identity-safeguard/administration-guide):
- Assets
- Adding an asset
- Connection tab (add asset)