VMware Cloud Community
Hazenet
Enthusiast
Enthusiast
‎09-13-2016 02:36 PM

Save base64 encoded File Attachment from a SOAP service, as the original file

Hi all

I am doing som work with Thycotic's Secret Server product, for a customer.

Among other things, they are using Secret Server, to store certificate's in p12 format, as attachments to "Secrets" inside Secret Server.

Secret Server have a SOAP API (and a not full feature REST API).

The SOAP API can deliver the attachments, as base64 encode strings.

I have a base64 javascript encoder/decoder action, which seems to work.

I have so far tested it with a simple TXT attachment in the Secret Server, and are able to convert those back to clear text.

Now the question:

What is the best way to decode a base64 encode file attachment, delivered as a string, back to it's originally file format, and save that to a vRO local file?

(the certificate is to be transferred from vRO into vRA deployed VMs and be installed there)

Hope somebody can give me some pointers, so I don't have to figure this out completely by my self 🙂

0 Kudos
2 Replies
tschoergez
Leadership
Leadership
‎09-14-2016 01:16 PM

No idea about the encoding pieces, but check out the Download-Plugin from here: https://communities.vmware.com/docs/DOC-31015

It allows to get binary files via HTTP and store them locally on vRO.

If you need to do it generic, File.write() is your friend, combined with the System.createTempFile() (or so) method.

Regards,

Joerg

0 Kudos
Hazenet
Enthusiast
Enthusiast
‎09-14-2016 02:11 PM

Thanks for the inout Joerg.

First issue, is that I can't download via HTTP.

The SOAP APi just returns a roughly 5.000 character long string, which is the actual representation of the file in base64 encoded format.

The solution I have come up with so far is this:

Adjust file permissions on vRO Appliance:

Edit /etc/vco/app-server/js-io-rights.conf

Add line:

+rwx /vro-file-temp/


Enable Operation System Commands for Command Class in vRO Javascript:


Edit /etc/vco/app-server/vmo.properties

Add line:

com.vmware.js.allow-local-process=true

Restart vRO Server Service, e.g. "service vco-server restart"


When the SOAP API returns that 5.000 character base64 string, save it as a variable like "base64FileAttachment".

Then in a Scriptable Task to the following:

var filePath = "/vro-file-temp/" + vmName + ".txt";




var myFileWriter = new FileWriter(filePath);


myFileWriter.open();


myFileWriter.clean();


myFileWriter.write(base64FileAttachment);


myFileWriter.close;





var cmd = "/usr/bin/openssl base64 -A -d -in /vro-file-temp/" + vmName + ".txt -out /vro-file-temp/" + vmName +".p12";




var command = new Command(cmd);


command.execute(true);




var myTxtFile = new File("/vro-file-temp/" + vmName + ".txt");


myTxtFile.deleteFile();

This creates a file in the "vro-file-temp" directory, named with the vmName name, as a TXT file.

Write the "base64FileAttachment" to that file.

Use openssl to decode the base64 TXT file into the original p12 file.

It then deletes the base64 encoded TXT file version, as that is not needed further done the "workflow-line".

This works, although it lowers the security some on the vRO system, do to enabling the "Operation System Commands for Command Class".

0 Kudos