Create a DualShield Class

class DualShield:

    headers = {"Content-Type": "application/json"}
    app_context = "/das5/rest/"

    def _init_(self, host, port, keyFile, certFile):
        self.keyFile = keyFile
        self.certFile = certFile
        self.conn = HTTPSConnection(host, port, keyFile, certFile)

    def execute(self, method, params):
        data = json.dumps(params)
        self.conn.request("POST", self.app_context + method, data, self.headers)
        response = self.conn.getresponse()
        data = response.read()
        return json.loads(data.decode('utf-8'))

    def close(self):
        self.conn.close()
        self.conn = None


Initialize DualShield Variables

host = 'dualshield.deepnetlabs.com'
port = 8071
keyFile = 'apikey.pem'
certFile = 'apicert.pem'
domainname='deepnetlabs.com'

Replace the values of these variable with your own.
host: the host name (FQDN) of your DualShield server
port: the port number of the DualShield authentication server
keyFile: Your agent's private key file
certFile: Your agent's certificate file
domainname: The name of the domain that your agent is connected to

Create a Test Class

class TestDualShield(unittest.TestCase):

    def setUp(self):
        self.auth=DualShield(host, port, keyFile, certFile)

    def tearDown(self):
        self.auth.close()


Check the Connection

Call the"Hello" method in DualShield to check the connection

    def test_1_hello(self):
        r=self.auth.execute("auth/hello", {})

Static Password Authentication

The authentication method for verifying Static Password is "SPASS"

    def test_2_staticpass(self):
        #logon with 'static password' credential
        username=raw_input('Please enter your login name:')
        password=raw_input('Please enter your AD password:')
        params = {
            'user':{'loginName':username, 'domain.name':domainname},
            'credential':{'method':'SPASS', 'password':password}
        }
        r=self.auth.execute("auth/verify", params)


One-Time Password Authentication

The authentication method for verifying Static Password is "OTP"

    def test_3_verifySafeID(self):
        otp=raw_input('Please enter you SafeIDotp:')
        params = {
            'user':{'loginName':username, 'domain.name':domainname},
            'credential':{'method':'OTP', 'otp':otp}
        }
        r=self.auth.execute("auth/verify", params)


Deliver On-Demand Password

To deliver an on-demand password to a user via email message (SMTP)

    def test_4_sendOTP(self):
        username=raw_input('Please enter your login name:')
        params = {
            'user':{'loginName':username, 'domain.name':domainname},
            'options':{'channel':'SMTP'}
        }
        r=self.auth.execute("auth/sendOTP", params)


On-Demand Password Authentication

The authentication method for verifying On-Demand Password is "OTPoD"

    def test_5_verifyODP(self):
        username=raw_input('Please enter your login name:')
        otp=raw_input('Please enter you otp:')
        params = {
            'user':{'loginName':username, 'domain.name':domainname},
            'credential':{'method':'OTPoD', 'otp':otp}
        }
        r=self.auth.execute("auth/verify", params)
  • No labels