Update report_user_by_email.py example to use get_user_by_email() method instead of json_api_call()

examples/Accounts API/create_child_account.py

@@ -0,0 +1,63 @@
+"""
+Example of Duo Accounts API child account creation
+"""
+
+import duo_client
+import os
+import sys
+import getpass
+
+from pprint import pprint
+
+
+argv_iter = iter(sys.argv[1:])
+
+
+def _get_next_arg(prompt, secure=False):
+    """Read information from STDIN, using getpass when sensitive information should not be echoed to tty"""
+    try:
+        return next(argv_iter)
+    except StopIteration:
+        if secure is True:
+            return getpass.getpass(prompt)
+        else:
+            return input(prompt)
+
+
+def prompt_for_credentials() -> dict:
+    """Collect required API credentials from command line prompts
+
+    :return: dictionary containing Duo Accounts API ikey, skey and hostname strings
+    """
+
+    ikey = _get_next_arg('Duo Accounts API integration key ("DI..."): ')
+    skey = _get_next_arg('Duo Accounts API integration secret key: ', secure=True)
+    host = _get_next_arg('Duo Accounts API hostname ("api-....duosecurity.com"): ')
+    account_name = _get_next_arg('Name for new child account: ')
+
+    return {"IKEY": ikey, "SKEY": skey, "APIHOST": host, "ACCOUNT_NAME": account_name}
+
+
+def main():
+    """Main program entry point"""
+
+    inputs = prompt_for_credentials()
+
+    account_client = duo_client.Accounts(
+            ikey=inputs['IKEY'],
+            skey=inputs['SKEY'],
+            host=inputs['APIHOST']
+    )
+
+    print(f"Creating child account with name [{inputs['ACCOUNT_NAME']}]")
+    child_account = account_client.create_account(inputs['ACCOUNT_NAME'])
+
+    if 'account_id' in child_account:
+        print(f"Child account for [{inputs['ACCOUNT_NAME']}] created successfully.")
+    else:
+        print(f"An unexpected error occurred while creating child account for {inputs['ACCOUNT_NAME']}")
+    print(child_account)
+
+
+if __name__ == '__main__':
+    main()

examples/Accounts API/delete_child_account.py

@@ -0,0 +1,70 @@
+"""
+Example of Duo Accounts API child account deletiom
+"""
+
+import duo_client
+import os
+import sys
+import getpass
+
+from pprint import pprint
+
+
+argv_iter = iter(sys.argv[1:])
+
+
+def _get_next_arg(prompt, secure=False):
+    """Read information from STDIN, using getpass when sensitive information should not be echoed to tty"""
+    try:
+        return next(argv_iter)
+    except StopIteration:
+        if secure is True:
+            return getpass.getpass(prompt)
+        else:
+            return input(prompt)
+
+
+def prompt_for_credentials() -> dict:
+    """Collect required API credentials from command line prompts
+
+    :return: dictionary containing Duo Accounts API ikey, skey and hostname strings
+    """
+
+    ikey = _get_next_arg('Duo Accounts API integration key ("DI..."): ')
+    skey = _get_next_arg('Duo Accounts API integration secret key: ', secure=True)
+    host = _get_next_arg('Duo Accounts API hostname ("api-....duosecurity.com"): ')
+    account_id = _get_next_arg('ID of child account to delete: ')
+
+    return {"IKEY": ikey, "SKEY": skey, "APIHOST": host, "ACCOUNT_ID": account_id}
+
+
+def main():
+    """Main program entry point"""
+
+    inputs = prompt_for_credentials()
+
+    account_client = duo_client.Accounts(
+            ikey=inputs['IKEY'],
+            skey=inputs['SKEY'],
+            host=inputs['APIHOST']
+    )
+
+    account_name = None
+    child_account_list = account_client.get_child_accounts()
+    for account in child_account_list:
+        if account['account_id'] == inputs['ACCOUNT_ID']:
+            account_name = account['name']
+    if account_name is None:
+        print(f"Unable to find account with ID [{inputs['ACCOUNT_ID']}]")
+        sys.exit()
+
+    print(f"Deleting child account with name [{account_name}]")
+    deleted_account = account_client.delete_account(inputs['ACCOUNT_ID'])
+    if deleted_account == '':
+        print(f"Account {inputs['ACCOUNT_ID']} was deleted successfully.")
+    else:
+        print(f"An unexpected error occurred while deleting account [{account_name}: {deleted_account}]")
+
+
+if __name__ == '__main__':
+    main()

examples/Accounts API/retrieve_account_list.py

@@ -0,0 +1,64 @@
+"""
+Example of Duo account API uaer accountentication with synchronous request/response
+"""
+
+import duo_client
+import os
+import sys
+import getpass
+
+from pprint import pprint
+
+
+argv_iter = iter(sys.argv[1:])
+
+
+def _get_next_arg(prompt, secure=False):
+    """Read information from STDIN, using getpass when sensitive information should not be echoed to tty"""
+    try:
+        return next(argv_iter)
+    except StopIteration:
+        if secure is True:
+            return getpass.getpass(prompt)
+        else:
+            return input(prompt)
+
+
+def prompt_for_credentials() -> dict:
+    """Collect required API credentials from command line prompts
+
+    :return: dictionary containing Duo Accounts API ikey, skey and hostname strings
+    """
+
+    ikey = _get_next_arg('Duo Accounts API integration key ("DI..."): ')
+    skey = _get_next_arg('Duo Accounts API integration secret key: ', secure=True)
+    host = _get_next_arg('Duo Accounts API hostname ("api-....duosecurity.com"): ')
+
+    return {"IKEY": ikey, "SKEY": skey, "APIHOST": host}
+
+
+def main():
+    """Main program entry point"""
+
+    inputs = prompt_for_credentials()
+
+    account_client = duo_client.Accounts(
+            ikey=inputs['IKEY'],
+            skey=inputs['SKEY'],
+            host=inputs['APIHOST']
+    )
+
+    child_accounts = account_client.get_child_accounts()
+
+    if isinstance(child_accounts, list):
+        # Expected list of child accounts returned
+        for child_account in child_accounts:
+            print(child_account)
+
+    if isinstance(child_accounts, dict):
+        # Non-successful response returned
+        print(child_accounts)
+
+
+if __name__ == '__main__':
+    main()

examples/Admin API/report_user_by_email.py

@@ -0,0 +1,46 @@
+#!/usr/bin/env python
+
+""" Script to illustrate how to retrieve a user from the Duo Admin API using the associated email address"""
+
+from __future__ import absolute_import, print_function
+import sys
+import getpass
+
+import duo_client
+from six.moves import input
+
+argv_iter = iter(sys.argv[1:])
+
+
+def get_next_arg(prompt, secure=False):
+    """Read information from STDIN, using getpass when sensitive information should not be echoed to tty"""
+    try:
+        return next(argv_iter)
+    except StopIteration:
+        if secure is True:
+            return getpass.getpass(prompt)
+        else:
+            return input(prompt)
+
+
+def main():
+    """ Primary script execution code """
+    # Configuration and information about objects to create.
+    admin_api = duo_client.Admin(
+            ikey=get_next_arg('Admin API integration key ("DI..."): '),
+            skey=get_next_arg('integration secret key: ', secure=True),
+            host=get_next_arg('API hostname ("api-....duosecurity.com"): '),
+    )
+
+    # Retrieve user info from API:
+    email_address = get_next_arg('E-mail address of user to retrieve: ')
+    user = admin_api.get_user_by_email(email_address)
+
+    if user:
+        print(user)
+    else:
+        print(f"User with email [{email_address}] could not be found.")
+
+
+if __name__ == '__main__':
+    main()

examples/Auth API/async_basic_user_mfa.py

@@ -0,0 +1,96 @@
+"""
+Example of Duo Auth API user authentication using asynchronous resquest/response methods
+"""
+
+import duo_client
+import os
+import sys
+import getpass
+
+
+argv_iter = iter(sys.argv[1:])
+
+
+def _get_next_arg(prompt, secure=False):
+    """Read information from STDIN, using getpass when sensitive information should not be echoed to tty"""
+    try:
+        return next(argv_iter)
+    except StopIteration:
+        if secure is True:
+            return getpass.getpass(prompt)
+        else:
+            return input(prompt)
+
+
+def prompt_for_credentials() -> dict:
+    """Collect required API credentials from command line prompts
+
+    :return: dictionary containing Duo Auth API ikey, skey and hostname strings
+    """
+
+    ikey = _get_next_arg('Duo Auth API integration key ("DI..."): ')
+    skey = _get_next_arg('Duo Auth API integration secret key: ', secure=True)
+    host = _get_next_arg('Duo Auth API hostname ("api-....duosecurity.com"): ')
+    username = _get_next_arg('Duo Username: ')
+
+    return {"USERNAME": username, "IKEY": ikey, "SKEY": skey, "APIHOST": host}
+
+
+def main():
+    """Main program entry point"""
+
+    inputs = prompt_for_credentials()
+
+    auth_client = duo_client.Auth(
+            ikey=inputs['IKEY'],
+            skey=inputs['SKEY'],
+            host=inputs['APIHOST']
+    )
+
+    # Verify that the Duo service is available
+    duo_ping = auth_client.ping()
+    if 'time' in duo_ping:
+        print("\nDuo service check completed successfully.")
+    else:
+        print(f"Error: {duo_ping}")
+
+    # Verify that IKEY and SKEY information provided are valid
+    duo_check= auth_client.check()
+    if 'time' in duo_check:
+        print("IKEY and SKEY provided have been verified.")
+    else:
+        print(f"Error: {duo_check}")
+
+    # Execute pre-authentication for given user
+    print(f"\nExecuting pre-authentication for {inputs['USERNAME']}...")
+    pre_auth = auth_client.preauth(username=inputs['USERNAME'])
+
+    if pre_auth['result'] == "auth":
+        try:
+            print(f"Executing authentication action for {inputs['USERNAME']}...")
+            auth = auth_client.auth(factor="push", username=inputs['USERNAME'], device="auto", async_txn=True)
+            if 'txid' in auth:
+                waiting = True
+                # Collect the authentication result
+                print("Getting authentication result...")
+                # Repeat long polling for async authentication status until no longer in a 'waiting' state
+                while waiting is True:
+                    # Poll Duo Auth API for the status of the async authentication based upon transaction ID
+                    auth_status = auth_client.auth_status(auth['txid'])
+                    print(f"Auth status: {auth_status}")
+                    if auth_status['waiting'] is not True:
+                        # Waiting for response too async authentication is no longer 'True', so break the loop
+                        waiting = False
+                # Parse response for the 'status' dictionary key to determine whether to allow or deny
+                print(auth_status)
+            else:
+                # Some kind of unexpected error occurred
+                print(f"Error: an unknown error occurred attempting authentication for [{inputs['USERNAME']}]")
+        except Exception as e_str:
+            print(e_str)
+    else:
+        print(pre_auth['status_msg'])
+
+
+if __name__ == '__main__':
+    main()