search

cyberark / ansible-security-automation-collection

CyberArk Ansible Security Automation Collection
MIT License
60 stars 37 forks source link

Unbound Error with use_ldap_authentication in cyberark_authentication Module #29

Open jamesmarshall24 opened 3 years ago

jamesmarshall24 commented 3 years ago

Summary

Unbound error when using use_ldap_authentication parameter for cyberark_authentication.py

Steps to Reproduce

ansible-galaxy collection install cyberark.pas:1.0.7
ansible localhost -m cyberark.pas.cyberark_authentication -a "use_ldap_authentication=yes api_base_url=127.0.0.1 username=test password=test"

Expected Results

attempt to auth against the api_base_url with LDAP auth

Actual Results

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: UnboundLocalError: local variable 'payload_dict' referenced before assignment
localhost | FAILED! => {
    "changed": false,
    "module_stderr": "Traceback (most recent call last):\n  File \"/var/tmp/ansible-tmp-1623278552.1340837-70470-37906186035002/AnsiballZ_cyberark_authentication.py\", line 102, in <module>\n    _ansiballz_main()\n  File \"/var/tmp/ansible-tmp-1623278552.1340837-70470-37906186035002/AnsiballZ_cyberark_authentication.py\", line 94, in _ansiballz_main\n    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)\n  File \"/var/tmp/ansible-tmp-1623278552.1340837-70470-37906186035002/AnsiballZ_cyberark_authentication.py\", line 40, in invoke_module\n    runpy.run_module(mod_name='ansible_collections.cyberark.pas.plugins.modules.cyberark_authentication', init_globals=None, run_name='__main__', alter_sys=True)\n  File \"/usr/lib64/python3.9/runpy.py\", line 210, in run_module\n    return _run_module_code(code, init_globals, run_name, mod_spec)\n  File \"/usr/lib64/python3.9/runpy.py\", line 97, in _run_module_code\n    _run_code(code, mod_globals, init_globals,\n  File \"/usr/lib64/python3.9/runpy.py\", line 87, in _run_code\n    exec(code, run_globals)\n  File \"/tmp/ansible_cyberark.pas.cyberark_authentication_payload_lqtqizuk/ansible_cyberark.pas.cyberark_authentication_payload.zip/ansible_collections/cyberark/pas/plugins/modules/cyberark_authentication.py\", line 374, in <module>\n  File \"/tmp/ansible_cyberark.pas.cyberark_authentication_payload_lqtqizuk/ansible_cyberark.pas.cyberark_authentication_payload.zip/ansible_collections/cyberark/pas/plugins/modules/cyberark_authentication.py\", line 368, in main\n  File \"/tmp/ansible_cyberark.pas.cyberark_authentication_payload_lqtqizuk/ansible_cyberark.pas.cyberark_authentication_payload.zip/ansible_collections/cyberark/pas/plugins/modules/cyberark_authentication.py\", line 213, in processAuthentication\nUnboundLocalError: local variable 'payload_dict' referenced before assignment\n",
    "module_stdout": "",
    "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",
    "rc": 1
}

module_stderr:

Traceback (most recent call last):
  File "/var/tmp/ansible-tmp-1623278552.1340837-70470-37906186035002/AnsiballZ_cyberark_authentication.py", line 102, in <module>
    _ansiballz_main()
  File "/var/tmp/ansible-tmp-1623278552.1340837-70470-37906186035002/AnsiballZ_cyberark_authentication.py", line 94, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File "/var/tmp/ansible-tmp-1623278552.1340837-70470-37906186035002/AnsiballZ_cyberark_authentication.py", line 40, in invoke_module
    runpy.run_module(mod_name='ansible_collections.cyberark.pas.plugins.modules.cyberark_authentication', init_globals=None, run_name='__main__', alter_sys=True)
  File "/usr/lib64/python3.9/runpy.py", line 210, in run_module
    return _run_module_code(code, init_globals, run_name, mod_spec)
  File "/usr/lib64/python3.9/runpy.py", line 97, in _run_module_code
    _run_code(code, mod_globals, init_globals,
  File "/usr/lib64/python3.9/runpy.py", line 87, in _run_code
    exec(code, run_globals)
  File "/tmp/ansible_cyberark.pas.cyberark_authentication_payload_lqtqizuk/ansible_cyberark.pas.cyberark_authentication_payload.zip/ansible_collections/cyberark/pas/plugins/modules/cyberark_authentication.py", line 374, in <module>
  File "/tmp/ansible_cyberark.pas.cyberark_authentication_payload_lqtqizuk/ansible_cyberark.pas.cyberark_authentication_payload.zip/ansible_collections/cyberark/pas/plugins/modules/cyberark_authentication.py", line 368, in main
  File "/tmp/ansible_cyberark.pas.cyberark_authentication_payload_lqtqizuk/ansible_cyberark.pas.cyberark_authentication_payload.zip/ansible_collections/cyberark/pas/plugins/modules/cyberark_authentication.py", line 213, in processAuthentication
UnboundLocalError: local variable 'payload_dict' referenced before assignment

Reproducible

Version/Tag number

1.0.7

Additional Information

Potentially an accidental indent here? https://github.com/cyberark/ansible-security-automation-collection/blob/master/plugins/modules/cyberark_authentication.py#L201

The payload_dict from above hasn't changed in 2 years, but it looks like the conditionals around it have changed quite a bit in the last year: https://github.com/cyberark/ansible-security-automation-collection/blame/ccea4d8d31e9514ca54c7b494dbf1177f66d81f3/plugins/modules/cyberark_authentication.py#L201

L201 might be out of place and indented to the wrong level based on the new conditionals in the module.

hyclak commented 3 years ago

Ran into the same issue and un-indenting seems to have resolved the issue for me in my testing.