-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
NutanixPrismChains.xml
200 lines (192 loc) · 8.12 KB
/
NutanixPrismChains.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
<!--
Vendor: Nutanix
Product: Prism
Version: {Version}
Plugin: v1.0.1
Reference: https://github.com/benwa/CyberArk-Nutanix-Prism
File: Chains
-->
<WSChains name="NutanixPrism">
<GlobalSettings></GlobalSettings>
<!-- All of the requests that will be used in the chains below. (These should follow the format of WSInvoker, name is a required attribute) -->
<Requests>
<RequestWrapper>
<request name="ListUser">
<version>2</version>
<general>
<endpoint>/api/iam/v4.0.b1/authn/users?$limit=1&$filter=username eq '{{username}}'</endpoint>
<method>GET</method>
</general>
<header>
<Accept>application/json</Accept>
<Authorization>Basic {{username}}:{{pmpass}}</Authorization>
<User-Agent>Integration/1.0 (CyberArk, CPM, 1)</User-Agent>
</header>
<body></body>
</request>
</RequestWrapper>
<RequestWrapper>
<request name="ListUserNewPassword">
<version>2</version>
<general>
<endpoint>/api/iam/v4.0.b1/authn/users?$limit=1&$filter=username eq '{{username}}'</endpoint>
<method>GET</method>
</general>
<header>
<Accept>application/json</Accept>
<Authorization>Basic {{username}}:{{pmnewpass}}</Authorization>
<User-Agent>Integration/1.0 (CyberArk, CPM, 1)</User-Agent>
</header>
<body></body>
</request>
</RequestWrapper>
<RequestWrapper>
<request name="ReconcileListUser">
<version>2</version>
<general>
<endpoint>/api/iam/v4.0.b1/authn/users?$limit=1&$filter=username eq '{{username}}'</endpoint>
<method>GET</method>
</general>
<header>
<Accept>application/json</Accept>
<Authorization>Basic {{extrapass3\username}}:{{pmextrapass3}}</Authorization>
<User-Agent>Integration/1.0 (CyberArk, CPM, 1)</User-Agent>
</header>
<body></body>
</request>
</RequestWrapper>
<RequestWrapper>
<request name="ChangePassword">
<version>2</version>
<general>
<endpoint>/api/iam/v4.0.b1/authn/users/$actions/change-password</endpoint>
<method>POST</method>
</general>
<header>
<Accept>application/json</Accept>
<Content-Type>application/json</Content-Type>
<Authorization>Basic {{username}}:{{pmpass}}</Authorization>
<User-Agent>Integration/1.0 (CyberArk, CPM, 1)</User-Agent>
</header>
<body>
<json> { "username": "{{username}}", "oldPassword": "{{pmpass}}", "newPassword": "{{pmnewpass}}" } </json>
</body>
</request>
</RequestWrapper>
<RequestWrapper>
<request name="ResetPassword">
<version>2</version>
<general>
<endpoint>/api/iam/v4.0.b1/authn/users/{{parsed/extId}}/$actions/reset-password</endpoint>
<method>POST</method>
</general>
<header>
<Accept>application/json</Accept>
<Content-Type>application/json</Content-Type>
<Authorization>Basic {{extrapass3\username}}:{{pmextrapass3}}</Authorization>
<User-Agent>Integration/1.0 (CyberArk, CPM, 1)</User-Agent>
</header>
<body>
<json> { "newPassword": "{{pmnewpass}}" } </json>
</body>
</request>
</RequestWrapper>
</Requests>
<!-- Fails are similar to a link with the next state of END except it ends unsuccessfully. Here you can specify the return code and pvwaMessage -->
<Fails>
<Fail name="FAILBadRequest" rc="8101" message="Status Code = 400. Bad Request" />
<Fail name="FAILUnauthorized" rc="8102" message="Status Code = 401. The request sent by the CPM could not be authenticated" />
<Fail name="FAILForbidden" rc="8103" message="Status Code = 403. Access to the requested (valid) URL by the client is forbidden" />
<Fail name="FAILNotFound" rc="8104" message="Status Code = 404. Resource not found." />
<Fail name="FAILMethodNotFound" rc="8105" message="Status Code = 405. Method not allowed." />
<Fail name="FAILRequestConflict" rc="8106" message="Status Code = 409. Request conflict with current state of the server" />
<Fail name="FAILInternalServerError" rc="8107" message="Status Code = 500. The server cannot process the request for an unknown reason" />
<Fail name="FAILWebServer" rc="8108" message="Status Code = 501. The server cannot process the request for an unknown reason" />
<Fail name="FAILGeneral" rc="8109" message="General Error. Check the logs for more information." />
</Fails>
<Chains>
<!-- Verify Action -->
<Chain name="verifypass">
<Link name="GetExternalIdentifierLink" request="ListUser">
<StatusCode value="200" next="END" />
<StatusCode value="400" next="FAILBadRequest" />
<StatusCode value="401" next="FAILUnauthorized" />
<StatusCode value="403" next="FAILForbidden" />
<StatusCode value="404" next="FAILNotFound" />
<StatusCode value="405" next="FAILMethodNotFound" />
<StatusCode value="409" next="FAILRequestConflict" />
<StatusCode value="500" next="FAILInternalServerError" />
<StatusCode value="501" next="FAILWebServer" />
<StatusCode value="*" next="FAILGeneral" />
</Link>
</Chain>
<!-- Change Action -->
<Chain name="changepass">
<Link name="ChangePasswordLink" request="ChangePassword">
<StatusCode value="200" next="VerifyNewPasswordLink" />
<StatusCode value="400" next="FAILBadRequest" />
<StatusCode value="401" next="FAILUnauthorized" />
<StatusCode value="403" next="FAILForbidden" />
<StatusCode value="404" next="FAILNotFound" />
<StatusCode value="405" next="FAILMethodNotFound" />
<StatusCode value="409" next="FAILRequestConflict" />
<StatusCode value="500" next="FAILInternalServerError" />
<StatusCode value="501" next="FAILWebServer" />
<StatusCode value="*" next="FAILGeneral" />
</Link>
<Link name="VerifyNewPasswordLink" request="ListUserNewPassword">
<StatusCode value="200" next="END" />
<StatusCode value="400" next="FAILBadRequest" />
<StatusCode value="401" next="FAILUnauthorized" />
<StatusCode value="403" next="FAILForbidden" />
<StatusCode value="404" next="FAILNotFound" />
<StatusCode value="405" next="FAILMethodNotFound" />
<StatusCode value="409" next="FAILRequestConflict" />
<StatusCode value="500" next="FAILInternalServerError" />
<StatusCode value="501" next="FAILWebServer" />
<StatusCode value="*" next="FAILGeneral" />
</Link>
</Chain>
<!-- Reconcile Action -->
<Chain name="reconcilepass">
<Link name="GetExternalIdentifierLink" request="ReconcileListUser">
<StatusCode value="200" next="ResetPasswordLink">
<Parse name="parsed/extId" type="json" value="data[0].extId" />
</StatusCode>
<StatusCode value="400" next="FAILBadRequest" />
<StatusCode value="401" next="FAILUnauthorized" />
<StatusCode value="403" next="FAILForbidden" />
<StatusCode value="404" next="FAILNotFound" />
<StatusCode value="405" next="FAILMethodNotFound" />
<StatusCode value="409" next="FAILRequestConflict" />
<StatusCode value="500" next="FAILInternalServerError" />
<StatusCode value="501" next="FAILWebServer" />
<StatusCode value="*" next="FAILGeneral" />
</Link>
<Link name="ResetPasswordLink" request="ResetPassword">
<StatusCode value="200" next="VerifyNewPasswordLink" />
<StatusCode value="400" next="FAILBadRequest" />
<StatusCode value="401" next="FAILUnauthorized" />
<StatusCode value="403" next="FAILForbidden" />
<StatusCode value="404" next="FAILNotFound" />
<StatusCode value="405" next="FAILMethodNotFound" />
<StatusCode value="409" next="FAILRequestConflict" />
<StatusCode value="500" next="FAILInternalServerError" />
<StatusCode value="501" next="FAILWebServer" />
<StatusCode value="*" next="FAILGeneral" />
</Link>
<Link name="VerifyNewPasswordLink" request="ListUserNewPassword">
<StatusCode value="200" next="END" />
<StatusCode value="400" next="FAILBadRequest" />
<StatusCode value="401" next="FAILUnauthorized" />
<StatusCode value="403" next="FAILForbidden" />
<StatusCode value="404" next="FAILNotFound" />
<StatusCode value="405" next="FAILMethodNotFound" />
<StatusCode value="409" next="FAILRequestConflict" />
<StatusCode value="500" next="FAILInternalServerError" />
<StatusCode value="501" next="FAILWebServer" />
<StatusCode value="*" next="FAILGeneral" />
</Link>
</Chain>
</Chains>
</WSChains>