import { Observable } from 'rxjs'; import { AppContext } from '../data/app-context'; import { ClientRoleConfiguration, ConfigurationStatus, Credentials, GatewayLocalPowerShellConfig, ServerRoleConfiguration } from '../rpc/credssp/rpc-credssp-model'; import { Rpc } from '../rpc/rpc'; /** * CredSPP Manager class. Handles detecting and configuring CredSSP on a set of servers. */ export declare class CredSSPManager { private rpc; private strings; private watcher; private gatewayInventoryCache; /** * Initializes a new instance of the Authorization Manager class. * * @param rpc The rpc to forward auth requests to a parent window */ constructor(rpc: Rpc); initialize(appContext: AppContext): void; /** * New Enable CredSSP on the passed in server. * * @param serverName This server on which CredSSP should be enabled * @param verbose (Optional) Specify whether a solution (if any) should be returned if CredSSP errored */ wsmanEnableManagedServer(serverName: string, verbose?: boolean): Observable; /** * New Disable CredSSP for the passed in server. * * @param serverName This server on which CredSSP should be disabled * @param verbose (Optional) Specify whether a solution (if any) should be returned if CredSSP errored */ wsmanDisableManagedServer(serverName: string, verbose?: boolean): Observable; /** * New Enable CredSSP client role for the gateway and delegate to the list of servers. * * @param serverNames This list of servers where CredSSP should be enabled. * @param verbose (Optional) Specify whether a solution (if any) should be returned if CredSSP errored */ wsmanEnableClientRole(serverNames: string[], verbose?: boolean): Observable; /** * New Disable CredSSP client role for the gateway and remove all delegated servers. * * @param serverNames This list of servers where CredSSP should be disabled * @param verbose (Optional) Specify whether a solution (if any) should be returned if CredSSP errored */ wsmanDisableClientRole(serverNames: string[], verbose?: boolean): Observable; /** * @deprecated * Use tryGatewayLocalPowershellConfig instead which will only enable CredSSP when the gateway is making * a double hop to a remote node. This method will enable CredSSP every time, even in cases where * it is not needed. * * New Enable the server as a CredSSP server, and enable the gateway as a CredSSP client of the server. * * @param serverName The server where CredSSP delegation should be enabled * @param verbose (Optional) Specify whether a solution (if any) should be returned if CredSSP errored */ wsmanEnableDelegation(serverName: string, verbose?: boolean): Observable; /** * Check to see if given servers contain the gateway machine. If not, enable CredSSP on index 0 of serverNames, * otherwise, do nothing. * * Note: Will only check if local runspace can be used if msft.sme.shell.localRunspace experiment key is set * or gateway is running as WAC in Portal. Otherwise will fall back to calling {@link wsmanEnableDelegation}. * This is because old installs of WAC do not have the necessary shell RPC endpoint or PowerShell API functionality. * * @param serverNames String array of server names to check for a match with the gateway server name. * If not found, CredSSP will be enabled between the gateway machine and the server name at index 0. * @param verbose (Optional) Specify whether a solution (if any) should be returned if CredSSP errored. * @returns GatewayLocalPowerShellConfig object if success. * @throws If call is made from shell, serverNames is empty or contains empty values, or unable to enable CredSSP. */ tryGatewayLocalPowerShellConfig(serverNames: string[], verbose?: boolean): Observable; /** * Test WSMan CredSSP connection from gateway to server(s) * * @param serverNames the servers to test connection to from gateway * @param credentials explicit credentials(username and password) to be used to WSMan CredSSP test * @param verbose (Optional) Specify whether a solution (if any) should be returned if CredSSP errored * @returns true if we can safely connect to all server without isssues otherwise returns false */ testCredSSP(serverNames: string[], credentials: Credentials, verbose?: boolean): Observable; /** * Get the CredSSP client role configuration of the gateway, including: * 1. Client role of gateway to delegate fresh credentials * 2. Which servers can be delegated fresh credentials * * @param serverNames The list of servers to check credential delegation status * @param verbose (Optional) Specify whether a solution (if any) should be returned if CredSSP errored * @returns ClientRoleConfiguration object of the gateway client role configuration */ wsmanGetClientConfigurationOnGateway(serverNames: string[], verbose?: boolean): Observable; /** * Get the CredSSP server role configuration of the server. * * @param serverName The server to get the CredSSP configuration * @param verbose (Optional) Specify whether a solution (if any) should be returned if CredSSP errored * @returns ServerRoleConfiguration object of the managed server server role configuration */ wsmanGetManagedServerConfiguration(serverNames: string[], verbose?: boolean): Observable; /** * Get the CredSSP delegation configuration, including: * 1. Client role of gateway to delegate fresh credentials * 2. Which servers can be delegated fresh credentials * 3. Server roles of each servers * * @param serverNames The list of servers to check credential delegation from gateway and to check server role status * @param verbose (Optional) Specify whether a solution (if any) should be returned if CredSSP errored * @returns ConfigurationData object of the client and server role configuation */ wsmanGetDelegationConfiguration(serverNames: string[], verbose?: boolean): Observable; /** * @deprecated * Notification message wouldn't be displayed from this call. Display the notification by own code, * and use wsmanEnableManagedServer instead. * * Enable CredSSP on the passed in server. * * @param alertTitle Title for notifications raised by this servers. Should be contextual to the scenario that is using this service * @param serverName This server on which CredSSP should be enabled * @param alertId Optional notification Id */ enableManagedServer(alertTitle: string, serverName: string, alertId?: string): Observable; /** * @deprecated * Notification message wouldn't be displayed from this call. Display the notification by own code, * and use wsmanDisableManagedServer instead. * * Disable CredSSP for the passed in server. * * @param alertTitle Title for notifications raised by this servers. Should be contextual to the scenario that is using this service * @param serverName This server on which CredSSP should be disabled * @param alertId Optional notification Id */ disableManagedServer(alertTitle: string, serverName: string, alertId?: string): Observable; /** * @deprecated * Notification message wouldn't be displayed from this call. Display the notification by own code, * and use wsmanEnableClientRole instead. * * Enable CredSSP client role for the gateway and delegate to the list of servers. * * @param alertTitle Title for notifications raised by this servers. Should be contextual to the scenario that is using this service * @param serverNames This list of servers where CredSSP should be enabled. * @param alertId Optional notification Id */ enableClientRole(alertTitle: string, serverNames: string[], alertId?: string): Observable; /** * @deprecated * Notification message wouldn't be displayed from this call. Display the notification by own code, * and use wsmanDisableClientRole instead. * * Disable CredSSP client role for the gateway and remove all delegated servers. * * @param alertTitle Title for notifications raised by this servers. Should be contextual to the scenario that is using this service * @param serverNames This list of servers where CredSSP should be disabled. * @param alertId Optional notification Id */ disableClientRole(alertTitle: string, serverNames: string[], alertId?: string): Observable; /** * @deprecated * Notification message wouldn't be displayed from this call. Display the notification by own code, * and use wsmanEnableDelegation instead. * * Enable the server as a CredSSP server, and enable the gateway as a CredSSP client of the server. * * @param alertTitle Title for notifications raised by this servers. Should be contextual to the scenario that is using this service * @param serverName The sever where CredSSP delegation should be enabled. * @param alertId Optional notification Id */ enableDelegation(alertTitle: string, serverName: string, alertId?: string): Observable; /** * @deprecated * This method is obsolete! * * Disable the server as a CredSSP server, and disable the gateway as a CredSSP client of the server. * * @param alertTitle Title for notifications raised by this servers. Should be contextual to the scenario that is using this service * @param serverName The sever where CredSSP delegation should be disabled. * @param alertId Optional notification Id */ disableDelegation(): Observable; /** * The RPC request to the CredSSPManagerShellService. * @param request The requested CredSSP manager operation * @param verbose Specify whether a solution (if any) should be returned if CredSSP errored * @param returnProperty The property of the RPC result object to return */ private sendRequest; /** * Process the RPC response from the CredSSPManagerShellService. * @param data The requested CredSSP manager operation result. */ private onRpcResponse; }