This tutorial guides you through the process of building a sample application using the REST API. The goals for the tutorial are to gain competence and familiarity with the process of developing a DualShield application.This tutorial uses Python as the programming language. It assumes:
- You have installed DualShield platform.
- You can write, test, and troubleshoot a Python application.
Building a DualShield API application is actually quite simple. There are only 3 basic steps:
- Register an API Agent
- Download the Agent Certificate
- Write your codes
...
...
Register an API Agent
To DualShield, your application is an API agent. Therefore, the very first step is to register your application as an API Agent in the DualShield authentication server.
To register an agent, you must first create the following objects in DualShield:
- A domain
- A realm
- A logon procedure
- An application
The type of the logon procedure should be set as "Web SSO"
Image Removed
And the logon procedure does not have to contain any logon steps.
...
As mentioned, the communication protocol between your application and the DualShield is always HTTPS. Therefore you need to download the agent's certificate which will be required in your application codes.
You can use either PKCS12 or PEM certificate in your code.
...
| Expand |
|---|
| Include Page |
|---|
| Register API Agent |
|---|
| Register API Agent |
|---|
|
|
Download the API Agent Certificate
| Expand |
|---|
| Include Page |
|---|
| Download API Agent Certificate |
|---|
| Download API Agent Certificate |
|---|
|
|
Write an API Application
Test API in Python
| Expand |
|---|
| Include Page |
|---|
| Test DualShield API in Python |
|---|
| Test DualShield API in Python |
|---|
|
|
Test API in Postman
| Expand |
|---|
| Include Page |
|---|
| Test DualShield API in Postman |
|---|
| Test DualShield API in Postman |
|---|
|
|
- Rename "My application.pem" to "apicert.pem"
- In the CMD console, execute:
...
host = 'dualshield.deepnetlabs.com'
port = 8071
keyFile = 'apikey.pem'
certFile = 'apicert.pem'
domainname='deepnetlabs.com' |
...
Call the"Hello" method in DualShieldto check the connection
def test_1_hello(self):
r=self.auth.execute("auth/hello", {})
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="e9129c09-948c-45d8-be42-50c5ca2ba70c"><ac:plain-text-body><![CDATA[ self.assertEqual(r['error'], 0) | ]]></ac:plain-text-body></ac:structured-macro> |
...
The authentication method for verifying Static Password is "SPASS"
def test_2_staticpass(self):
#logon with 'static password' credential
username=raw_input('Please enter your login name:')
password=raw_input('Please enter your AD password:')
params = {
'user':{'loginName':username, 'domain.name':domainname},
'credential':{'method':'SPASS', 'password':password}
}
r=self.auth.execute("auth/verify", params)
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="129f118b-60c0-4dd1-87c2-501151dc569c"><ac:plain-text-body><![CDATA[ self.assertEqual(r['error'], 0, r['message']) | ]]></ac:plain-text-body></ac:structured-macro> |
...
The authentication method for verifying Static Password is "OTP"
def test_3_verifySafeID(self):
otp=raw_input('Please enter you SafeIDotp:')
params = {
'user':{'loginName':username, 'domain.name':domainname},
'credential':{'method':'OTP', 'otp':otp}
}
r=self.auth.execute("auth/verify", params)
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="cb4bc08c-ecba-42e8-86a2-c4be5291ecc5"><ac:plain-text-body><![CDATA[ self.assertEqual(r['error'], 0, r['message']) | ]]></ac:plain-text-body></ac:structured-macro> |
...
To deliver an on-demand password to a user via email message (SMTP)
def test_4_sendOTP(self):
username=raw_input('Please enter your login name:')
params = {
'user':{'loginName':username, 'domain.name':domainname},
'options':{'channel':'SMTP'}
}
r=self.auth.execute("auth/sendOTP", params)
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="ebba0142-b6bb-49e0-9c64-67753c8fd5fb"><ac:plain-text-body><![CDATA[ self.assertEqual(r['error'], 0, r['message']) | ]]></ac:plain-text-body></ac:structured-macro> |
...
The authentication method for verifying On-Demand Password is "OTPoD"
def test_5_verifyODP(self):
username=raw_input('Please enter your login name:')
otp=raw_input('Please enter you otp:')
params = {
'user':{'loginName':username, 'domain.name':domainname},
'credential':{'method':'OTPoD', 'otp':otp}
}
r=self.auth.execute("auth/verify", params)
<ac:structured-macro ac:name="unmigrated-wiki-markup" ac:schema-version="1" ac:macro-id="b98d6860-1b76-46b0-bcfe-83c53914f56d"><ac:plain-text-body><![CDATA[ self.assertEqual(r['error'], 0, r['message']) | ]]></ac:plain-text-body></ac:structured-macro> |
...