code styling
- replaced 'json.loads' with 'json_loads' - shortened 'JSONResponse' to 'JSONr' - shortened 'HTMLResponse' to 'HTMLr' - replaced HTTPException with JsonResponses - added some error handing for invalid tokens
This commit is contained in:
parent
8bd37c0ead
commit
b839e6c2b3
80
app/main.py
80
app/main.py
@ -6,16 +6,16 @@ from os.path import join, dirname
|
|||||||
from os import getenv as env
|
from os import getenv as env
|
||||||
|
|
||||||
from dotenv import load_dotenv
|
from dotenv import load_dotenv
|
||||||
from fastapi import FastAPI, HTTPException
|
from fastapi import FastAPI
|
||||||
from fastapi.requests import Request
|
from fastapi.requests import Request
|
||||||
import json
|
from json import loads as json_loads
|
||||||
from datetime import datetime
|
from datetime import datetime
|
||||||
from dateutil.relativedelta import relativedelta
|
from dateutil.relativedelta import relativedelta
|
||||||
from calendar import timegm
|
from calendar import timegm
|
||||||
from jose import jws, jwk, jwt
|
from jose import jws, jwk, jwt, JWTError
|
||||||
from jose.constants import ALGORITHMS
|
from jose.constants import ALGORITHMS
|
||||||
from starlette.middleware.cors import CORSMiddleware
|
from starlette.middleware.cors import CORSMiddleware
|
||||||
from starlette.responses import StreamingResponse, JSONResponse, HTMLResponse, Response, RedirectResponse
|
from starlette.responses import StreamingResponse, JSONResponse as JSONr, HTMLResponse as HTMLr, Response, RedirectResponse
|
||||||
from sqlalchemy import create_engine
|
from sqlalchemy import create_engine
|
||||||
from sqlalchemy.orm import sessionmaker
|
from sqlalchemy.orm import sessionmaker
|
||||||
|
|
||||||
@ -78,12 +78,12 @@ async def _index():
|
|||||||
|
|
||||||
@app.get('/-/health', summary='* Health')
|
@app.get('/-/health', summary='* Health')
|
||||||
async def _health(request: Request):
|
async def _health(request: Request):
|
||||||
return JSONResponse({'status': 'up'})
|
return JSONr({'status': 'up'})
|
||||||
|
|
||||||
|
|
||||||
@app.get('/-/config', summary='* Config', description='returns environment variables.')
|
@app.get('/-/config', summary='* Config', description='returns environment variables.')
|
||||||
async def _config():
|
async def _config():
|
||||||
return JSONResponse({
|
return JSONr({
|
||||||
'VERSION': str(VERSION),
|
'VERSION': str(VERSION),
|
||||||
'COMMIT': str(COMMIT),
|
'COMMIT': str(COMMIT),
|
||||||
'DEBUG': str(DEBUG),
|
'DEBUG': str(DEBUG),
|
||||||
@ -91,7 +91,7 @@ async def _config():
|
|||||||
'DLS_PORT': str(DLS_PORT),
|
'DLS_PORT': str(DLS_PORT),
|
||||||
'SITE_KEY_XID': str(SITE_KEY_XID),
|
'SITE_KEY_XID': str(SITE_KEY_XID),
|
||||||
'INSTANCE_REF': str(INSTANCE_REF),
|
'INSTANCE_REF': str(INSTANCE_REF),
|
||||||
'ALLOTMENT_REF': [ALLOTMENT_REF],
|
'ALLOTMENT_REF': [str(ALLOTMENT_REF)],
|
||||||
'TOKEN_EXPIRE_DELTA': str(TOKEN_EXPIRE_DELTA),
|
'TOKEN_EXPIRE_DELTA': str(TOKEN_EXPIRE_DELTA),
|
||||||
'LEASE_EXPIRE_DELTA': str(LEASE_EXPIRE_DELTA),
|
'LEASE_EXPIRE_DELTA': str(LEASE_EXPIRE_DELTA),
|
||||||
'LEASE_RENEWAL_PERIOD': str(LEASE_RENEWAL_PERIOD),
|
'LEASE_RENEWAL_PERIOD': str(LEASE_RENEWAL_PERIOD),
|
||||||
@ -103,7 +103,7 @@ async def _config():
|
|||||||
async def _readme():
|
async def _readme():
|
||||||
from markdown import markdown
|
from markdown import markdown
|
||||||
content = load_file('../README.md').decode('utf-8')
|
content = load_file('../README.md').decode('utf-8')
|
||||||
return HTMLResponse(markdown(text=content, extensions=['tables', 'fenced_code', 'md_in_html', 'nl2br', 'toc']))
|
return HTMLr(markdown(text=content, extensions=['tables', 'fenced_code', 'md_in_html', 'nl2br', 'toc']))
|
||||||
|
|
||||||
|
|
||||||
@app.get('/-/manage', summary='* Management UI')
|
@app.get('/-/manage', summary='* Management UI')
|
||||||
@ -137,7 +137,7 @@ async def _manage(request: Request):
|
|||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
'''
|
'''
|
||||||
return HTMLResponse(response)
|
return HTMLr(response)
|
||||||
|
|
||||||
|
|
||||||
@app.get('/-/origins', summary='* Origins')
|
@app.get('/-/origins', summary='* Origins')
|
||||||
@ -150,7 +150,7 @@ async def _origins(request: Request, leases: bool = False):
|
|||||||
x['leases'] = list(map(lambda _: _.serialize(), Lease.find_by_origin_ref(db, origin.origin_ref)))
|
x['leases'] = list(map(lambda _: _.serialize(), Lease.find_by_origin_ref(db, origin.origin_ref)))
|
||||||
response.append(x)
|
response.append(x)
|
||||||
session.close()
|
session.close()
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
@app.delete('/-/origins', summary='* Origins')
|
@app.delete('/-/origins', summary='* Origins')
|
||||||
@ -170,14 +170,14 @@ async def _leases(request: Request, origin: bool = False):
|
|||||||
x['origin'] = session.query(Origin).filter(Origin.origin_ref == lease.origin_ref).first().serialize()
|
x['origin'] = session.query(Origin).filter(Origin.origin_ref == lease.origin_ref).first().serialize()
|
||||||
response.append(x)
|
response.append(x)
|
||||||
session.close()
|
session.close()
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
@app.delete('/-/lease/{lease_ref}', summary='* Lease')
|
@app.delete('/-/lease/{lease_ref}', summary='* Lease')
|
||||||
async def _lease_delete(request: Request, lease_ref: str):
|
async def _lease_delete(request: Request, lease_ref: str):
|
||||||
if Lease.delete(db, lease_ref) == 1:
|
if Lease.delete(db, lease_ref) == 1:
|
||||||
return Response(status_code=201)
|
return Response(status_code=201)
|
||||||
raise HTTPException(status_code=404, detail='lease not found')
|
return JSONr(status_code=404, content={'status': 404, 'detail': 'lease not found'})
|
||||||
|
|
||||||
|
|
||||||
# venv/lib/python3.9/site-packages/nls_core_service_instance/service_instance_token_manager.py
|
# venv/lib/python3.9/site-packages/nls_core_service_instance/service_instance_token_manager.py
|
||||||
@ -229,7 +229,7 @@ async def _client_token():
|
|||||||
# venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py
|
# venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py
|
||||||
@app.post('/auth/v1/origin', description='find or create an origin')
|
@app.post('/auth/v1/origin', description='find or create an origin')
|
||||||
async def auth_v1_origin(request: Request):
|
async def auth_v1_origin(request: Request):
|
||||||
j, cur_time = json.loads((await request.body()).decode('utf-8')), datetime.utcnow()
|
j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
|
||||||
|
|
||||||
origin_ref = j.get('candidate_origin_ref')
|
origin_ref = j.get('candidate_origin_ref')
|
||||||
logging.info(f'> [ origin ]: {origin_ref}: {j}')
|
logging.info(f'> [ origin ]: {origin_ref}: {j}')
|
||||||
@ -253,13 +253,13 @@ async def auth_v1_origin(request: Request):
|
|||||||
"sync_timestamp": cur_time.isoformat()
|
"sync_timestamp": cur_time.isoformat()
|
||||||
}
|
}
|
||||||
|
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
# venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py
|
# venv/lib/python3.9/site-packages/nls_services_auth/test/test_origins_controller.py
|
||||||
@app.post('/auth/v1/origin/update', description='update an origin evidence')
|
@app.post('/auth/v1/origin/update', description='update an origin evidence')
|
||||||
async def auth_v1_origin_update(request: Request):
|
async def auth_v1_origin_update(request: Request):
|
||||||
j, cur_time = json.loads((await request.body()).decode('utf-8')), datetime.utcnow()
|
j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
|
||||||
|
|
||||||
origin_ref = j.get('origin_ref')
|
origin_ref = j.get('origin_ref')
|
||||||
logging.info(f'> [ update ]: {origin_ref}: {j}')
|
logging.info(f'> [ update ]: {origin_ref}: {j}')
|
||||||
@ -279,14 +279,14 @@ async def auth_v1_origin_update(request: Request):
|
|||||||
"sync_timestamp": cur_time.isoformat()
|
"sync_timestamp": cur_time.isoformat()
|
||||||
}
|
}
|
||||||
|
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
# venv/lib/python3.9/site-packages/nls_services_auth/test/test_auth_controller.py
|
# venv/lib/python3.9/site-packages/nls_services_auth/test/test_auth_controller.py
|
||||||
# venv/lib/python3.9/site-packages/nls_core_auth/auth.py - CodeResponse
|
# venv/lib/python3.9/site-packages/nls_core_auth/auth.py - CodeResponse
|
||||||
@app.post('/auth/v1/code', description='get an authorization code')
|
@app.post('/auth/v1/code', description='get an authorization code')
|
||||||
async def auth_v1_code(request: Request):
|
async def auth_v1_code(request: Request):
|
||||||
j, cur_time = json.loads((await request.body()).decode('utf-8')), datetime.utcnow()
|
j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
|
||||||
|
|
||||||
origin_ref = j.get('origin_ref')
|
origin_ref = j.get('origin_ref')
|
||||||
logging.info(f'> [ code ]: {origin_ref}: {j}')
|
logging.info(f'> [ code ]: {origin_ref}: {j}')
|
||||||
@ -311,22 +311,27 @@ async def auth_v1_code(request: Request):
|
|||||||
"prompts": None
|
"prompts": None
|
||||||
}
|
}
|
||||||
|
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
# venv/lib/python3.9/site-packages/nls_services_auth/test/test_auth_controller.py
|
# venv/lib/python3.9/site-packages/nls_services_auth/test/test_auth_controller.py
|
||||||
# venv/lib/python3.9/site-packages/nls_core_auth/auth.py - TokenResponse
|
# venv/lib/python3.9/site-packages/nls_core_auth/auth.py - TokenResponse
|
||||||
@app.post('/auth/v1/token', description='exchange auth code and verifier for token')
|
@app.post('/auth/v1/token', description='exchange auth code and verifier for token')
|
||||||
async def auth_v1_token(request: Request):
|
async def auth_v1_token(request: Request):
|
||||||
j, cur_time = json.loads((await request.body()).decode('utf-8')), datetime.utcnow()
|
j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
|
||||||
|
|
||||||
|
try:
|
||||||
payload = jwt.decode(token=j.get('auth_code'), key=jwt_decode_key)
|
payload = jwt.decode(token=j.get('auth_code'), key=jwt_decode_key)
|
||||||
|
except JWTError as e:
|
||||||
|
return JSONr(status_code=400, content={'status': 400, 'title': 'invalid token', 'detail': str(e)})
|
||||||
|
|
||||||
origin_ref = payload.get('origin_ref')
|
origin_ref = payload.get('origin_ref')
|
||||||
logging.info(f'> [ auth ]: {origin_ref}: {j}')
|
logging.info(f'> [ auth ]: {origin_ref}: {j}')
|
||||||
|
|
||||||
# validate the code challenge
|
# validate the code challenge
|
||||||
if payload.get('challenge') != b64enc(sha256(j.get('code_verifier').encode('utf-8')).digest()).rstrip(b'=').decode('utf-8'):
|
challenge = b64enc(sha256(j.get('code_verifier').encode('utf-8')).digest()).rstrip(b'=').decode('utf-8')
|
||||||
raise HTTPException(status_code=401, detail='expected challenge did not match verifier')
|
if payload.get('challenge') != challenge:
|
||||||
|
raise JSONr(status_code=401, content={'status': 401, 'detail': 'expected challenge did not match verifier'})
|
||||||
|
|
||||||
access_expires_on = cur_time + TOKEN_EXPIRE_DELTA
|
access_expires_on = cur_time + TOKEN_EXPIRE_DELTA
|
||||||
|
|
||||||
@ -349,13 +354,18 @@ async def auth_v1_token(request: Request):
|
|||||||
"sync_timestamp": cur_time.isoformat(),
|
"sync_timestamp": cur_time.isoformat(),
|
||||||
}
|
}
|
||||||
|
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
# venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
|
# venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
|
||||||
@app.post('/leasing/v1/lessor', description='request multiple leases (borrow) for current origin')
|
@app.post('/leasing/v1/lessor', description='request multiple leases (borrow) for current origin')
|
||||||
async def leasing_v1_lessor(request: Request):
|
async def leasing_v1_lessor(request: Request):
|
||||||
j, token, cur_time = json.loads((await request.body()).decode('utf-8')), __get_token(request), datetime.utcnow()
|
j, token, cur_time = json_loads((await request.body()).decode('utf-8')), __get_token(request), datetime.utcnow()
|
||||||
|
|
||||||
|
try:
|
||||||
|
token = __get_token(request)
|
||||||
|
except JWTError:
|
||||||
|
return JSONr(status_code=401, content={'status': 401, 'detail': 'token is not valid'})
|
||||||
|
|
||||||
origin_ref = token.get('origin_ref')
|
origin_ref = token.get('origin_ref')
|
||||||
scope_ref_list = j.get('scope_ref_list')
|
scope_ref_list = j.get('scope_ref_list')
|
||||||
@ -364,7 +374,7 @@ async def leasing_v1_lessor(request: Request):
|
|||||||
lease_result_list = []
|
lease_result_list = []
|
||||||
for scope_ref in scope_ref_list:
|
for scope_ref in scope_ref_list:
|
||||||
# if scope_ref not in [ALLOTMENT_REF]:
|
# if scope_ref not in [ALLOTMENT_REF]:
|
||||||
# raise HTTPException(status_code=500, detail=f'no service instances found for scopes: ["{scope_ref}"]')
|
# raise JSONr(status_code=500, detail=f'no service instances found for scopes: ["{scope_ref}"]')
|
||||||
|
|
||||||
lease_ref = str(uuid4())
|
lease_ref = str(uuid4())
|
||||||
expires = cur_time + LEASE_EXPIRE_DELTA
|
expires = cur_time + LEASE_EXPIRE_DELTA
|
||||||
@ -391,7 +401,7 @@ async def leasing_v1_lessor(request: Request):
|
|||||||
"prompts": None
|
"prompts": None
|
||||||
}
|
}
|
||||||
|
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
# venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
|
# venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
|
||||||
@ -411,7 +421,7 @@ async def leasing_v1_lessor_lease(request: Request):
|
|||||||
"prompts": None
|
"prompts": None
|
||||||
}
|
}
|
||||||
|
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
# venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_single_controller.py
|
# venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_single_controller.py
|
||||||
@ -425,7 +435,7 @@ async def leasing_v1_lease_renew(request: Request, lease_ref: str):
|
|||||||
|
|
||||||
entity = Lease.find_by_origin_ref_and_lease_ref(db, origin_ref, lease_ref)
|
entity = Lease.find_by_origin_ref_and_lease_ref(db, origin_ref, lease_ref)
|
||||||
if entity is None:
|
if entity is None:
|
||||||
raise HTTPException(status_code=404, detail='requested lease not available')
|
return JSONr(status_code=404, content={'status': 404, 'detail': 'requested lease not available'})
|
||||||
|
|
||||||
expires = cur_time + LEASE_EXPIRE_DELTA
|
expires = cur_time + LEASE_EXPIRE_DELTA
|
||||||
response = {
|
response = {
|
||||||
@ -439,7 +449,7 @@ async def leasing_v1_lease_renew(request: Request, lease_ref: str):
|
|||||||
|
|
||||||
Lease.renew(db, entity, expires, cur_time)
|
Lease.renew(db, entity, expires, cur_time)
|
||||||
|
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
# venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_single_controller.py
|
# venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_single_controller.py
|
||||||
@ -452,12 +462,12 @@ async def leasing_v1_lease_delete(request: Request, lease_ref: str):
|
|||||||
|
|
||||||
entity = Lease.find_by_lease_ref(db, lease_ref)
|
entity = Lease.find_by_lease_ref(db, lease_ref)
|
||||||
if entity.origin_ref != origin_ref:
|
if entity.origin_ref != origin_ref:
|
||||||
raise HTTPException(status_code=403, detail='access or operation forbidden')
|
return JSONr(status_code=403, content={'status': 403, 'detail': 'access or operation forbidden'})
|
||||||
if entity is None:
|
if entity is None:
|
||||||
raise HTTPException(status_code=404, detail='requested lease not available')
|
return JSONr(status_code=404, content={'status': 404, 'detail': 'requested lease not available'})
|
||||||
|
|
||||||
if Lease.delete(db, lease_ref) == 0:
|
if Lease.delete(db, lease_ref) == 0:
|
||||||
raise HTTPException(status_code=404, detail='lease not found')
|
return JSONr(status_code=404, content={'status': 404, 'detail': 'lease not found'})
|
||||||
|
|
||||||
response = {
|
response = {
|
||||||
"lease_ref": lease_ref,
|
"lease_ref": lease_ref,
|
||||||
@ -465,7 +475,7 @@ async def leasing_v1_lease_delete(request: Request, lease_ref: str):
|
|||||||
"sync_timestamp": cur_time.isoformat(),
|
"sync_timestamp": cur_time.isoformat(),
|
||||||
}
|
}
|
||||||
|
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
# venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
|
# venv/lib/python3.9/site-packages/nls_services_lease/test/test_lease_multi_controller.py
|
||||||
@ -486,12 +496,12 @@ async def leasing_v1_lessor_lease_remove(request: Request):
|
|||||||
"prompts": None
|
"prompts": None
|
||||||
}
|
}
|
||||||
|
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
@app.post('/leasing/v1/lessor/shutdown', description='shutdown all leases')
|
@app.post('/leasing/v1/lessor/shutdown', description='shutdown all leases')
|
||||||
async def leasing_v1_lessor_shutdown(request: Request):
|
async def leasing_v1_lessor_shutdown(request: Request):
|
||||||
j, cur_time = json.loads((await request.body()).decode('utf-8')), datetime.utcnow()
|
j, cur_time = json_loads((await request.body()).decode('utf-8')), datetime.utcnow()
|
||||||
|
|
||||||
token = j.get('token')
|
token = j.get('token')
|
||||||
token = jwt.decode(token=token, key=jwt_decode_key, algorithms=ALGORITHMS.RS256, options={'verify_aud': False})
|
token = jwt.decode(token=token, key=jwt_decode_key, algorithms=ALGORITHMS.RS256, options={'verify_aud': False})
|
||||||
@ -508,7 +518,7 @@ async def leasing_v1_lessor_shutdown(request: Request):
|
|||||||
"prompts": None
|
"prompts": None
|
||||||
}
|
}
|
||||||
|
|
||||||
return JSONResponse(response)
|
return JSONr(response)
|
||||||
|
|
||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
|
Loading…
Reference in New Issue
Block a user