diff options
Diffstat (limited to 'osdf')
| -rwxr-xr-x | osdf/__init__.py | 5 | ||||
| -rw-r--r-- | osdf/adapters/aaf/sms.py | 41 | ||||
| -rw-r--r-- | osdf/apps/baseapp.py | 27 | ||||
| -rw-r--r-- | osdf/cmd/encryptionUtil.py | 50 | ||||
| -rw-r--r-- | osdf/optimizers/licenseopt/__init__.py | 17 | ||||
| -rw-r--r-- | osdf/optimizers/pciopt/__init__.py | 0 | ||||
| -rw-r--r-- | osdf/optimizers/placementopt/__init__.py | 17 | ||||
| -rw-r--r-- | osdf/optimizers/routeopt/__init__.py | 17 | ||||
| -rw-r--r-- | osdf/utils/cipherUtils.py | 59 | ||||
| -rw-r--r-- | osdf/utils/file_utils.py (renamed from osdf/optimizers/__init__.py) | 19 | ||||
| -rw-r--r-- | osdf/utils/mdc_utils.py | 11 | ||||
| -rw-r--r-- | osdf/webapp/appcontroller.py | 20 |
12 files changed, 190 insertions, 93 deletions
diff --git a/osdf/__init__.py b/osdf/__init__.py index c33639e..8036d89 100755 --- a/osdf/__init__.py +++ b/osdf/__init__.py @@ -20,11 +20,12 @@ from jinja2 import Template - end_point_auth_mapping = { # map a URL endpoint to auth group "cmscheduler": "CMScheduler", "placement": "Placement", - "pci": "PCIOpt" + "pci": "PCIOpt", + "optmodel": "OptEngine", + "optengine": "OptEngine" } userid_suffix, passwd_suffix = "Username", "Password" diff --git a/osdf/adapters/aaf/sms.py b/osdf/adapters/aaf/sms.py index 25ae7f2..0168ba0 100644 --- a/osdf/adapters/aaf/sms.py +++ b/osdf/adapters/aaf/sms.py @@ -1,6 +1,7 @@ # # ------------------------------------------------------------------------- # Copyright (c) 2018 Intel Corporation Intellectual Property +# Copyright (C) 2020 Wipro Limited. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -20,12 +21,12 @@ '''Secret Management Service Integration''' from onapsmsclient import Client - import osdf.config.base as cfg_base import osdf.config.credentials as creds import osdf.config.loader as config_loader from osdf.config.base import osdf_config from osdf.logging.osdf_logging import debug_log +from osdf.utils import cipherUtils config_spec = { "preload_secrets": "config/preload_secrets.yaml" @@ -70,40 +71,48 @@ def retrieve_secrets(): debug_log.debug("Secret Dictionary Retrieval Success") return secret_dict - def load_secrets(): config = osdf_config.deployment secret_dict = retrieve_secrets() config['soUsername'] = secret_dict['so']['UserName'] - config['soPassword'] = secret_dict['so']['Password'] + config['soPassword'] = decrypt_pass(secret_dict['so']['Password']) config['conductorUsername'] = secret_dict['conductor']['UserName'] - config['conductorPassword'] = secret_dict['conductor']['Password'] + config['conductorPassword'] = decrypt_pass(secret_dict['conductor']['Password']) config['policyPlatformUsername'] = secret_dict['policyPlatform']['UserName'] - config['policyPlatformPassword'] = secret_dict['policyPlatform']['Password'] - config['policyClientUsername'] = secret_dict['policyClient']['UserName'] - config['policyClientPassword'] = secret_dict['policyClient']['Password'] + config['policyPlatformPassword'] = decrypt_pass(secret_dict['policyPlatform']['Password']) + config['policyClientUsername'] = secret_dict['policyPlatform']['UserName'] + config['policyClientPassword'] = decrypt_pass(secret_dict['policyPlatform']['Password']) config['messageReaderAafUserId'] = secret_dict['dmaap']['UserName'] - config['messageReaderAafPassword'] = secret_dict['dmaap']['Password'] + config['messageReaderAafPassword'] = decrypt_pass(secret_dict['dmaap']['Password']) config['sdcUsername'] = secret_dict['sdc']['UserName'] - config['sdcPassword'] = secret_dict['sdc']['Password'] + config['sdcPassword'] = decrypt_pass(secret_dict['sdc']['Password']) config['osdfPlacementUsername'] = secret_dict['osdfPlacement']['UserName'] - config['osdfPlacementPassword'] = secret_dict['osdfPlacement']['Password'] + config['osdfPlacementPassword'] = decrypt_pass(secret_dict['osdfPlacement']['Password']) config['osdfPlacementSOUsername'] = secret_dict['osdfPlacementSO']['UserName'] - config['osdfPlacementSOPassword'] = secret_dict['osdfPlacementSO']['Password'] + config['osdfPlacementSOPassword'] = decrypt_pass(secret_dict['osdfPlacementSO']['Password']) config['osdfPlacementVFCUsername'] = secret_dict['osdfPlacementVFC']['UserName'] - config['osdfPlacementVFCPassword'] = secret_dict['osdfPlacementVFC']['Password'] + config['osdfPlacementVFCPassword'] = decrypt_pass(secret_dict['osdfPlacementVFC']['Password']) config['osdfCMSchedulerUsername'] = secret_dict['osdfCMScheduler']['UserName'] - config['osdfCMSchedulerPassword'] = secret_dict['osdfCMScheduler']['Password'] + config['osdfCMSchedulerPassword'] = decrypt_pass(secret_dict['osdfCMScheduler']['Password']) config['configDbUserName'] = secret_dict['configDb']['UserName'] - config['configDbPassword'] = secret_dict['configDb']['Password'] + config['configDbPassword'] = decrypt_pass(secret_dict['configDb']['Password']) config['pciHMSUsername'] = secret_dict['pciHMS']['UserName'] - config['pciHMSPassword'] = secret_dict['pciHMS']['Password'] + config['pciHMSPassword'] = decrypt_pass(secret_dict['pciHMS']['Password']) config['osdfPCIOptUsername'] = secret_dict['osdfPCIOpt']['UserName'] - config['osdfPCIOptPassword'] = secret_dict['osdfPCIOpt']['Password'] + config['osdfPCIOptPassword'] = decrypt_pass(secret_dict['osdfPCIOpt']['Password']) + config['osdfOptEngineUsername'] = secret_dict['osdfOptEngine']['UserName'] + config['osdfOptEnginePassword'] = decrypt_pass(secret_dict['osdfOptEngine']['Password']) cfg_base.http_basic_auth_credentials = creds.load_credentials(osdf_config) cfg_base.dmaap_creds = creds.dmaap_creds() +def decrypt_pass(passwd): + if passwd == '' or passwd == 'NA': + return passwd + else: + return cipherUtils.AESCipher.get_instance().decrypt(passwd) + + def delete_secrets(): """ This is intended to delete the secrets for a clean initialization for testing Application. Actual deployment will have a preload script. diff --git a/osdf/apps/baseapp.py b/osdf/apps/baseapp.py index cfa7e5d..fd94c11 100644 --- a/osdf/apps/baseapp.py +++ b/osdf/apps/baseapp.py @@ -27,18 +27,17 @@ import time import traceback from optparse import OptionParser -import pydevd -from flask import Flask, request, Response, g -from requests import RequestException -from schematics.exceptions import DataError - import osdf.adapters.aaf.sms as sms import osdf.operation.responses +import pydevd +from flask import Flask, request, Response, g from osdf.config.base import osdf_config from osdf.logging.osdf_logging import error_log, debug_log from osdf.operation.error_handling import request_exception_to_json_body, internal_error_message from osdf.operation.exceptions import BusinessException -from osdf.utils.mdc_utils import clear_mdc, mdc_from_json, default_mdc +from osdf.utils.mdc_utils import clear_mdc, mdc_from_json, default_mdc, get_request_id +from requests import RequestException +from schematics.exceptions import DataError ERROR_TEMPLATE = osdf.ERROR_TEMPLATE @@ -89,18 +88,20 @@ def handle_data_error(e): @app.before_request def log_request(): - g.request_start = time.clock() - if request.get_json(): - - request_json = request.get_json() - g.request_id = request_json['requestInfo']['requestId'] - mdc_from_json(request_json) + g.request_start = time.process_time() + if request.data: + if request.get_json(): + request_json = request.get_json() + g.request_id = get_request_id(request_json) + mdc_from_json(request_json) + else: + g.request_id = "N/A" + default_mdc() else: g.request_id = "N/A" default_mdc() - @app.after_request def log_response(response): clear_mdc() diff --git a/osdf/cmd/encryptionUtil.py b/osdf/cmd/encryptionUtil.py new file mode 100644 index 0000000..6c0cae2 --- /dev/null +++ b/osdf/cmd/encryptionUtil.py @@ -0,0 +1,50 @@ +# +# ------------------------------------------------------------------------- +# Copyright (c) 2015-2018 AT&T Intellectual Property +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# ------------------------------------------------------------------------- +# +import sys +from osdf.utils import cipherUtils + + +def main(): + + if len(sys.argv) != 4: + print("Invalid input - usage --> (options(encrypt/decrypt) input-value with-key)") + return + + enc_dec = sys.argv[1] + valid_option_values = ['encrypt', 'decrypt'] + if enc_dec not in valid_option_values: + print("Invalid input - usage --> (options(encrypt/decrypt) input-value with-key)") + print("Option value can only be one of {}".format(valid_option_values)) + print("You entered '{}'".format(enc_dec)) + return + + input_string = sys.argv[2] + with_key = sys.argv[3] + + print("You've requested '{}' to be '{}ed' using key '{}'".format(input_string, enc_dec, with_key)) + print("You can always perform the reverse operation (encrypt/decrypt) using the same key" + "to be certain you get the same results back'") + + util = cipherUtils.AESCipher.get_instance(with_key) + if enc_dec.lower() == 'encrypt': + result = util.encrypt(input_string) + else: + result = util.decrypt(input_string) + + print("Your resultt: {}".format(result))
\ No newline at end of file diff --git a/osdf/optimizers/licenseopt/__init__.py b/osdf/optimizers/licenseopt/__init__.py deleted file mode 100644 index 4b25e5b..0000000 --- a/osdf/optimizers/licenseopt/__init__.py +++ /dev/null @@ -1,17 +0,0 @@ -# ------------------------------------------------------------------------- -# Copyright (c) 2017-2018 AT&T Intellectual Property -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# ------------------------------------------------------------------------- -# diff --git a/osdf/optimizers/pciopt/__init__.py b/osdf/optimizers/pciopt/__init__.py deleted file mode 100644 index e69de29..0000000 --- a/osdf/optimizers/pciopt/__init__.py +++ /dev/null diff --git a/osdf/optimizers/placementopt/__init__.py b/osdf/optimizers/placementopt/__init__.py deleted file mode 100644 index 4b25e5b..0000000 --- a/osdf/optimizers/placementopt/__init__.py +++ /dev/null @@ -1,17 +0,0 @@ -# ------------------------------------------------------------------------- -# Copyright (c) 2017-2018 AT&T Intellectual Property -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# ------------------------------------------------------------------------- -# diff --git a/osdf/optimizers/routeopt/__init__.py b/osdf/optimizers/routeopt/__init__.py deleted file mode 100644 index c235f2a..0000000 --- a/osdf/optimizers/routeopt/__init__.py +++ /dev/null @@ -1,17 +0,0 @@ -# ------------------------------------------------------------------------- -# Copyright (c) 2018 Huawei Intellectual Property -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# ------------------------------------------------------------------------- -# diff --git a/osdf/utils/cipherUtils.py b/osdf/utils/cipherUtils.py new file mode 100644 index 0000000..169f1a1 --- /dev/null +++ b/osdf/utils/cipherUtils.py @@ -0,0 +1,59 @@ +# +# ------------------------------------------------------------------------- +# Copyright (C) 2020 Wipro Limited. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# ------------------------------------------------------------------------- + +from Crypto.Cipher import AES +from osdf.config.base import osdf_config +from Crypto.Util.Padding import unpad +from Crypto.Util.Padding import pad + + +class AESCipher(object): + __instance = None + + @staticmethod + def get_instance(key = None): + if AESCipher.__instance is None: + print("Creating the singleton instance") + AESCipher(key) + return AESCipher.__instance + + def __init__(self, key=None): + if AESCipher.__instance is not None: + raise Exception("This class is a singleton!") + else: + AESCipher.__instance = self + + self.bs = 32 + if key is None: + key = osdf_config.deployment["appkey"] + + self.key = key.encode() + + def encrypt(self, data): + data = data.encode() + cipher = AES.new(self.key, AES.MODE_CBC) + ciphered_data = cipher.encrypt(pad(data, AES.block_size)) + enc = (cipher.iv.hex())+(ciphered_data.hex()) + return enc + + def decrypt(self, enc): + iv = bytes.fromhex(enc[:32]) + ciphered_data = bytes.fromhex(enc[32:]) + cipher = AES.new(self.key, AES.MODE_CBC, iv=iv) + original_data = unpad(cipher.decrypt(ciphered_data), AES.block_size).decode() + return original_data diff --git a/osdf/optimizers/__init__.py b/osdf/utils/file_utils.py index 4b25e5b..b12c17d 100644 --- a/osdf/optimizers/__init__.py +++ b/osdf/utils/file_utils.py @@ -1,5 +1,5 @@ # ------------------------------------------------------------------------- -# Copyright (c) 2017-2018 AT&T Intellectual Property +# Copyright (c) 2020 AT&T Intellectual Property # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -15,3 +15,20 @@ # # ------------------------------------------------------------------------- # + +# File related utilities + +import os +from shutil import rmtree + +from osdf.logging.osdf_logging import debug_log + + +def delete_file_folder(p): + if not p: + return + debug_log.debug('Deleting folder/file {}'.format(p)) + if os.path.isfile(p): + os.remove(p) + else: + rmtree(p, ignore_errors=True) diff --git a/osdf/utils/mdc_utils.py b/osdf/utils/mdc_utils.py index b98cbf0..14b726d 100644 --- a/osdf/utils/mdc_utils.py +++ b/osdf/utils/mdc_utils.py @@ -36,7 +36,7 @@ def default_server_info(): MDC.put('server', server) if MDC.get('serverIPAddress') is None: try: - server_ip_address = socket.gethostbyname(self._fields['server']) + server_ip_address = socket.gethostbyname(MDC.get('server')) except Exception: server_ip_address = "" MDC.put('serverIPAddress', server_ip_address) @@ -53,9 +53,16 @@ def default_mdc(): def mdc_from_json(request_json): default_mdc() - MDC.put('requestID', request_json['requestInfo']['requestId']) + MDC.put('requestID', get_request_id(request_json)) MDC.put('partnerName', request_json['requestInfo']['sourceId']) +def get_request_id(request_json): + request_id = request_json['requestInfo'].get('requestId') + if not request_id: + request_id = request_json['requestInfo'].get('requestID') + return request_id + + def clear_mdc(): MDC.clear() diff --git a/osdf/webapp/appcontroller.py b/osdf/webapp/appcontroller.py index 9714fb5..5db879a 100644 --- a/osdf/webapp/appcontroller.py +++ b/osdf/webapp/appcontroller.py @@ -16,14 +16,16 @@ # ------------------------------------------------------------------------- # +import json + +from flask import Response from flask import request from flask_httpauth import HTTPBasicAuth -from flask import Response -import json + import osdf import osdf.config.base as cfg_base -from osdf.config.base import osdf_config from osdf.adapters.aaf import aaf_authentication as aaf_auth +from osdf.config.base import osdf_config auth_basic = HTTPBasicAuth() @@ -35,12 +37,15 @@ error_body = { unauthorized_message = json.dumps(error_body) + @auth_basic.get_password def get_pw(username): - end_point = request.url.split('/')[-1] - auth_group = osdf.end_point_auth_mapping.get(end_point) - return cfg_base.http_basic_auth_credentials[auth_group].get( - username) if auth_group else None + auth_group = '' + for k in osdf.end_point_auth_mapping: + if k in request.url: + auth_group = osdf.end_point_auth_mapping.get(k) + return cfg_base.http_basic_auth_credentials[auth_group].get(username) if auth_group else None + @auth_basic.error_handler def auth_error(): @@ -58,4 +63,3 @@ def verify_pw(username, password): else: pw = get_pw(username) return pw == password - return False
\ No newline at end of file |