Update cyberark_authentication.py

[wilfil]

Added the line 188, to send the payload with username and password.

The payload is empty when authenticating with LDAP, causing an error. When I added the payload, it authenticated as expected.

Desired Outcome

There's a bug with the authentication using LDAP. The payload with the username and password is not being sent (empty), and causing an error.

Implemented Changes

Is expected to receive a cyberark_session json file with the token and other parameters, but the execution fails because no payload is defined with the username and password for the authentication.

I added the line 188 in the cyberark_authentication.py file, to send the payload correctly. I tested, and it's working.

Definition of Done

To solve the issue: I just added the line 188:

payload_dict = {"username": username, "password": password}

Behavior

• After the insertion of the line 188, I received a cyberark_session json file with the token and other parameters, as expected.

[ydevnis]

Hello,

Same problem for me , please, someone can validate this push ? If I run with ldap I got this error:

/cyberark_authentication.py\", line 368, in main\n  File \"/tmp/ansible_cyberark_authentication_payload_j8s_s_qs/ansible_cyberark_authentication_payload.zip/ansible_collections/cyberark/pas/plugins/modules/cyberark_authentication.py\", line 213, in processAuthentication\nUnboundLocalError: local variable 'payload_dict' referenced before assignment\n",
  "msg": "MODULE FAILURE\nSee stdout/stderr for the exact error",

And if we take a look, the payload dict was not set if we choose ldap :

if state == "present": # Logon Action

# Different end_points based on the use of desired method of auth

if use_ldap:
end_point = "/PasswordVault/API/Auth/LDAP/Logon"

elif use_radius:
end_point = "/PasswordVault/API/Auth/radius/Logon"

elif use_windows:
end_point = "/PasswordVault/API/auth/Windows/Logon"

else:
use_cyberark = True
end_point = "/PasswordVault/API/Auth/CyberArk/Logon"

# The payload will contain username, password
# and optionally use_radius_authentication and new_password
payload_dict = {"username": username, "password": password}

if new_password is not None and use_cyberark:
payload_dict["newPassword"] = new_password

# COMMENT: I dont know what this is for and the old api seems like it didnt have this field
# if connection_number is not None:
# payload_dict["connectionNumber"] = connection_number

if concurrentSessions == True:
payload_dict["concurrentSessions"] = True

payload = json.dumps(payload_dict)

else: # Logoff Action

[mhyclak-silex]

I can confirm this is working for us as well. @cyberark-bizdev - this would be great to see merged in and an update bumped to galaxy so we don't have to keep using a custom version.