DelineaXPM · gaurava-delinea · Nov 19, 2024 · Nov 12, 2024 · Nov 13, 2024
diff --git a/server/secret_template_test.go b/server/secret_template_test.go
@@ -7,12 +7,26 @@ import (
 // TestSecretTemplate tests SecretTemplate. Referred to as
 // "Test #6" in the README.
 func TestSecretTemplate(t *testing.T) {
-	tss, err := initServer()
-	if err != nil {
-		t.Error("configuring the Server:", err)
-		return
-	}
+	t.Run("SecretServer_TestSecretTemplate", func(t *testing.T) {
+		tss, err := initServer()
+		if err != nil {
+			t.Error("configuring the Server:", err)
+			return
+		}
+		VerifySecretTemplate(t, tss)
+	})
+
+	t.Run("Platform_TestSecretTemplate", func(t *testing.T) {
+		tss, err := initPlatformServer()
+		if err != nil {
+			t.Error("configuring the Platform Server:", err)
+			return
+		}
+		VerifySecretTemplate(t, tss)
+	})
+}
 
+func VerifySecretTemplate(t *testing.T, tss *Server) {
 	id := initIntegerFromEnv("TSS_TEMPLATE_ID", t)
 	if id < 0 {
 		return

diff --git a/server/server.go b/server/server.go
@@ -316,63 +316,29 @@ func (s *Server) checkPlatformDetails() (string, error) {
 	} else {
 		isHealthy := checkJSONResponse(platformHelthCheckUrl)
 		if isHealthy {
-			requestData := map[string]string{
-				"User":    s.Credentials.Username,
-				"Version": "1.0",
-			}
-			jsonData, err := json.Marshal(requestData)
-			if err != nil {
-				log.Print("Error marshaling JSON:", err)
-				return "", err
-			}
+			requestData := url.Values{}
+			requestData.Set("grant_type", "client_credentials")
+			requestData.Set("client_id", s.Credentials.Username)
+			requestData.Set("client_secret", s.Credentials.Password)
+			requestData.Set("scope", "xpmheadless")
 
-			req, err := http.NewRequest("POST", fmt.Sprintf("%s/%s", strings.Trim(baseURL, "/"), "identity/Security/StartAuthentication"), bytes.NewBuffer(jsonData))
+			req, err := http.NewRequest("POST", fmt.Sprintf("%s/%s", strings.Trim(baseURL, "/"), "identity/api/oauth2/token/xpmplatform"), bytes.NewBufferString(requestData.Encode()))
 			if err != nil {
 				log.Print("Error creating HTTP request:", err)
 				return "", err
 			}
 
-			data, _, err := handleResponse((&http.Client{}).Do(req))
-			if err != nil {
-				log.Print("[ERROR] start authetication response error:", err)
-				return "", err
-			}
-
-			var startAuthjsonResponse StartAuthResponse
-			if err = json.Unmarshal(data, &startAuthjsonResponse); err != nil {
-				log.Print("[ERROR] parsing start auth response:", err)
-				return "", err
-			}
-
-			requestData = map[string]string{
-				"Answer":      s.Credentials.Password,
-				"MechanismId": findMechanismId(startAuthjsonResponse),
-				"Action":      "Answer",
-				"SessionId":   startAuthjsonResponse.Result.SessionId,
-				"TenantId":    startAuthjsonResponse.Result.TenantId,
-			}
-
-			jsonData, err = json.Marshal(requestData)
-			if err != nil {
-				log.Print("Error marshaling JSON:", err)
-				return "", err
-			}
-
-			req, err = http.NewRequest("POST", fmt.Sprintf("%s/%s", strings.Trim(baseURL, "/"), "identity/Security/AdvanceAuthentication"), bytes.NewBuffer(jsonData))
-			if err != nil {
-				log.Print("Error creating HTTP request:", err)
-				return "", err
-			}
+			req.Header.Set("Content-Type", "application/x-www-form-urlencoded")
 
-			data, _, err = handleResponse((&http.Client{}).Do(req))
+			data, _, err := handleResponse((&http.Client{}).Do(req))
 			if err != nil {
-				log.Print("[ERROR] advance authetication response error:", err)
+				log.Print("[ERROR] get token response error:", err)
 				return "", err
 			}
 
-			var advanceAuthJsonResponse AdvanceAuthResponse
-			if err = json.Unmarshal(data, &advanceAuthJsonResponse); err != nil {
-				log.Print("[ERROR] parsing advance auth response:", err)
+			var tokenjsonResponse OAuthTokens
+			if err = json.Unmarshal(data, &tokenjsonResponse); err != nil {
+				log.Print("[ERROR] parsing get token response:", err)
 				return "", err
 			}
 
@@ -381,7 +347,7 @@ func (s *Server) checkPlatformDetails() (string, error) {
 				log.Print("Error creating HTTP request:", err)
 				return "", err
 			}
-			req.Header.Add("Authorization", "Bearer "+advanceAuthJsonResponse.Result.OAuthTokens.AccessToken)
+			req.Header.Add("Authorization", "Bearer "+tokenjsonResponse.AccessToken)
 
 			data, _, err = handleResponse((&http.Client{}).Do(req))
 			if err != nil {
@@ -408,7 +374,7 @@ func (s *Server) checkPlatformDetails() (string, error) {
 				return "", fmt.Errorf("no configured vault found")
 			}
 
-			return advanceAuthJsonResponse.Result.OAuthTokens.AccessToken, nil
+			return tokenjsonResponse.AccessToken, nil
 		}
 	}
 	return "", fmt.Errorf("invalid URL")
@@ -437,17 +403,6 @@ func checkJSONResponse(url string) bool {
 	}
 }
 
-func findMechanismId(saResponse StartAuthResponse) string {
-	for _, challenge := range saResponse.Result.Challenges {
-		for _, mechanism := range challenge.Mechanisms {
-			if mechanism.PromptSelectMech == "Password" {
-				return mechanism.MechanismId
-			}
-		}
-	}
-	return ""
-}
-
 type Response struct {
 	Healthy               bool `json:"healthy"`
 	DatabaseHealthy       bool `json:"databaseHealthy"`
@@ -456,48 +411,6 @@ type Response struct {
 	ScheduledForDeletion  bool `json:"scheduledForDeletion"`
 }
 
-type ClientHints struct {
-	PersistDefault      bool   `json:"PersistDefault"`
-	AllowPersist        bool   `json:"AllowPersist"`
-	AllowForgotPassword bool   `json:"AllowForgotPassword"`
-	StartingPoint       string `json:"StartingPoint"`
-	RequestedUsername   string `json:"RequestedUsername"`
-}
-
-type Mechanism struct {
-	AnswerType       string `json:"AnswerType"`
-	Name             string `json:"Name"`
-	PromptMechChosen string `json:"PromptMechChosen"`
-	PromptSelectMech string `json:"PromptSelectMech"`
-	MechanismId      string `json:"MechanismId"`
-}
-
-type Challenge struct {
-	Mechanisms []Mechanism `json:"Mechanisms"`
-}
-
-type Result struct {
-	ClientHints        ClientHints `json:"ClientHints"`
-	Version            string      `json:"Version"`
-	SessionId          string      `json:"SessionId"`
-	AllowLoginMfaCache bool        `json:"AllowLoginMfaCache"`
-	Challenges         []Challenge `json:"Challenges"`
-	Summary            string      `json:"Summary"`
-	TenantId           string      `json:"TenantId"`
-}
-
-type StartAuthResponse struct {
-	Success         bool        `json:"success"`
-	Result          Result      `json:"Result"`
-	Message         interface{} `json:"Message"`
-	MessageID       interface{} `json:"MessageID"`
-	Exception       interface{} `json:"Exception"`
-	ErrorID         interface{} `json:"ErrorID"`
-	ErrorCode       interface{} `json:"ErrorCode"`
-	IsSoftError     bool        `json:"IsSoftError"`
-	InnerExceptions interface{} `json:"InnerExceptions"`
-}
-
 type OAuthTokens struct {
 	AccessToken      string `json:"access_token"`
 	RefreshToken     string `json:"refresh_token"`
@@ -508,34 +421,6 @@ type OAuthTokens struct {
 	Scope            string `json:"scope"`
 }
 
-type AdvanceAuthResult struct {
-	AuthLevel     string      `json:"AuthLevel"`
-	DisplayName   string      `json:"DisplayName"`
-	OAuthTokens   OAuthTokens `json:"OAuthTokens"`
-	UserId        string      `json:"UserId"`
-	EmailAddress  string      `json:"EmailAddress"`
-	UserDirectory string      `json:"UserDirectory"`
-	StartingPoint string      `json:"StartingPoint"`
-	PodFqdn       string      `json:"PodFqdn"`
-	User          string      `json:"User"`
-	CustomerID    string      `json:"CustomerID"`
-	SystemID      string      `json:"SystemID"`
-	SourceDsType  string      `json:"SourceDsType"`
-	Summary       string      `json:"Summary"`
-}
-
-type AdvanceAuthResponse struct {
-	Success         bool              `json:"success"`
-	Result          AdvanceAuthResult `json:"Result"`
-	Message         interface{}       `json:"Message"`
-	MessageID       interface{}       `json:"MessageID"`
-	Exception       interface{}       `json:"Exception"`
-	ErrorID         interface{}       `json:"ErrorID"`
-	ErrorCode       interface{}       `json:"ErrorCode"`
-	IsSoftError     bool              `json:"IsSoftError"`
-	InnerExceptions interface{}       `json:"InnerExceptions"`
-}
-
 type Connection struct {
 	Url            string `json:"url"`
 	OAuthProfileId string `json:"oAuthProfileId"`