def __init__(self, msg, html_template=None, text_template=None):
self._text = None
self._html = None
self._html_template = html_template
self._text_template = text_template
self._attachments = []
self._inline = []
if msg.is_multipart():
for part in msg.walk():
attachment = parse_attachment(part)
# skip any text/plain (txt) attachments
if attachment:
self._attachments.append(attachment)
else:
body = part.get_payload(decode=True) # decode
if body is not None:
if 'html' in part.get_content_type():
self._html = if_bytes_to_unicode(body)
elif 'text/plain' in part.get_content_type():
self._text = if_bytes_to_unicode(body)
# not multipart - i.e. plain text, no attachments,
# keeping fingers crossed
else:
if 'text/html' == msg.get_content_type():
self._html = if_bytes_to_unicode(msg.get_payload(decode=True))
elif 'text/plain' == msg.get_content_type():
self._text = if_bytes_to_unicode(msg.get_payload(decode=True))
def load_pem_key(self, pem_key, password=None):
"""Method to load the key from string.
Args:
pem_key (str): Key to be loaded.
password (str): Password for the key.
"""
for key in private_key_re.findall(if_bytes_to_unicode(pem_key)):
key = if_unicode_to_bytes(key)
password = if_unicode_to_bytes(password)
self._private_key = serialization.load_pem_private_key(
key,
password=password,
backend=default_backend()
)
return
for key in public_key_re.findall(if_bytes_to_unicode(pem_key)):
key = if_unicode_to_bytes(key)
password = if_unicode_to_bytes(password)
self._public_key = serialization.load_pem_public_key(
key,
backend=default_backend()
)
return
raise ValueError('Invalid PEM Key')
def build_doc(root_path, venv_path, src_path, ref, doc_dir, name):
os.chdir(src_path)
log.info("Checkout '%s/%s'" % (
name,
ref,
))
execute(["git", "checkout", ref])
metadata_py = src_path + '/' + name + '/metadata.py'
exec_globals = {}
exec(open(metadata_py).read(), exec_globals, exec_globals)
confpy = venv_path + '/conf.py'
if os.path.exists(confpy):
os.remove(confpy)
with resource_stream('tachweb', 'github/conf.py.tpl') as tpl_file:
template = Template(if_bytes_to_unicode(tpl_file.read()))
with open(confpy, 'w') as real_file:
real_file.write(template.safe_substitute(**exec_globals))
buildsh = venv_path + '/build.sh'
if os.path.exists(buildsh):
os.remove(buildsh)
with resource_stream('tachweb', 'github/build.sh.tpl') as tpl_file:
template = Template(if_bytes_to_unicode(tpl_file.read()))
with open(buildsh, 'w') as real_file:
real_file.write(
template.safe_substitute(virtualenv=venv_path,
src_path=src_path,
doc_dir=doc_dir))
os.chmod(buildsh, 0o700)
execute([
"/usr/bin/env", venv_path + "/build.sh", venv_path, src_path, doc_dir
])
def __init__(self, name, path=None, ini=None, defaults=True):
# Set Application Name
self._name = name
# Prepare configuration object
self._config = Config()
# Config Path
self._config_path = ini
# Attempt to determine application root.
self._path = path = determine_app_root(name, path).rstrip('/')
if defaults:
self._config.read_dict(default_config)
if ini is not False:
if ini is None:
if is_file(path + '/settings.ini'):
self._config.load(path + '/settings.ini')
self._config_path = path + '/settings.ini'
else:
luxon_config = Module('luxon').read('settings.ini')
self._config.read_string(if_bytes_to_unicode(luxon_config))
else:
self._config_path = ini
if is_file(ini):
self._config.load(ini)
else:
log.critical("Unable to load config '%s'" % ini)
luxon_config = Module('luxon').read('settings.ini')
self._config.read_string(if_bytes_to_unicode(luxon_config))
# When application is called directly from another directory,
# still want to be able to detect the app_root by providing
# __name__ = __main__, but allowing settings.ini to specify
# a better name for the application.
if self._config.has_section('application') and self.config.get(
'application', 'name') and name == "__main__":
self._name = self.config.get('application', 'name')
# Configure Logger.
log.configure(self.config)
# Load Templating Engine
self._jinja = Environment(loader=TachyonicLoader(path))
self._jinja.globals['G'] = g
self._jinja.globals['format_datetime'] = format_datetime
self._jinja.globals['now'] = now
self._jinja.globals['theme'] = Theme(self)
# Set APP globally.
g.app = self
def load_pem_key(self, pem_key, password=None):
for key in private_key_re.findall(if_bytes_to_unicode(pem_key)):
key = if_unicode_to_bytes(key)
password = if_unicode_to_bytes(password)
self._private_key = serialization.load_pem_private_key(
key, password=password, backend=default_backend())
return
for key in public_key_re.findall(if_bytes_to_unicode(pem_key)):
key = if_unicode_to_bytes(key)
password = if_unicode_to_bytes(password)
self._public_key = serialization.load_pem_public_key(
key, backend=default_backend())
return
raise ValueError('Invalid PEM Key')
def decrypt(self, message):
"""Method to decrypt a message with the secret Key.
Args:
message (str): message encrypted with the secret key.
Returns:
Unicode encoded decrypted message.
"""
if self._key is None and self._iv is None:
raise ValueError('No Key and Initialization vector Loaded')
_unpadder = self._padding.unpadder()
_cipher = Cipher(self._algorithm(self._key),
self._modes(self._iv),
backend=self._backend)
message = base64.b64decode(message)
_decryptor = _cipher.decryptor()
_cleartext = _decryptor.update(message) + _decryptor.finalize()
return if_bytes_to_unicode(
_unpadder.update(_cleartext) + _unpadder.finalize())
def encrypt(self, message):
"""Method to encrypt a message with the symmetric Key.
Args:
message (str): Cleartext message to be encrypted.
Returns:
base64 encoded encrypted message.
"""
if self._key is None and self._iv is None:
raise ValueError('No Key and Initialization vector Loaded')
_padder = self._padding.padder()
message = if_unicode_to_bytes(message)
padded_data = _padder.update(message) + _padder.finalize()
_cipher = Cipher(self._algorithm(self._key),
self._modes(self._iv),
backend=self._backend)
_encryptor = _cipher.encryptor()
_ct = _encryptor.update(padded_data) + _encryptor.finalize()
return if_bytes_to_unicode(base64.b64encode(_ct))
def encrypt(self, message):
"""Method to encrypt a message with the public Key.
Args:
message (str): Cleartext message to be encrypted.
Returns:
base64 encoded encrypted message.
"""
if self._public_key is None and self._private_key is None:
raise ValueError('No Public or Private Key Loaded')
if self._public_key is None:
self._public_key = self._private_key.public_key()
message = if_unicode_to_bytes(message)
enc = self._public_key.encrypt(
message,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None
)
)
return if_bytes_to_unicode(base64.b64encode(enc))
def generate_private_key(self, bits=4096, password=None):
"""Method to generate a private RSA key.
Args:
bits (int): Key bit length.
password (str): Key password.
Returns:
Unicode encoded private key.
"""
self._private_key = rsa.generate_private_key(
public_exponent=65537,
key_size=bits,
backend=default_backend()
)
self._public_key = None
if password is not None:
password = if_unicode_to_bytes(password)
encryption_algorithm = serialization.BestAvailableEncryption(
password
)
else:
encryption_algorithm = serialization.NoEncryption()
return if_bytes_to_unicode(self._private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=encryption_algorithm
))
def text(self):
if self.encoding is None:
encoding = 'ISO-8859-1'
else:
encoding = self.encoding
return if_bytes_to_unicode(self.content, encoding)
def main(argv):
script = Script(__name__, app_root='.')
register_middleware(Auth)
val = script(metadata).read()
if val:
val = if_bytes_to_unicode(val)
print(val)
def format_body_only(html):
html = if_bytes_to_unicode(html)
body_match = re.compile(r"\<!\-\-DOC\-\-\>.*\<\!\-\-DOC\-\-\>",
re.IGNORECASE | re.MULTILINE | re.DOTALL)
for body in body_match.findall(html):
return body
return "No content/body"
def _perm_to_octal(perms):
if isinstance(perms, (str, bytes,)):
perms = if_bytes_to_unicode(perms)
perms = _perm_str_to_octal(perms)
else:
perms = _perm_int_to_octal(perms)
return perms
def parse(self, value):
value = if_bytes_to_unicode(value)
if not isinstance(value, str):
self.error('Text/String value required) %s' % value, value)
value = super().parse(value)
if self.lower:
value = value.lower()
if self.upper:
value = value.upper()
return value
def sign(self, message):
if self._private_key is None:
raise ValueError('No Private Key Loaded')
message = if_unicode_to_bytes(message)
signature = self._private_key.sign(
message,
padding.PSS(mgf=padding.MGF1(hashes.SHA512()),
salt_length=padding.PSS.MAX_LENGTH), hashes.SHA512())
return if_bytes_to_unicode(base64.b64encode(signature))
def public_key(self):
if self._public_key is None and self._private_key is None:
raise ValueError('No Public or Private Key Loaded')
if self._public_key is None:
self._public_key = self._private_key.public_key()
return if_bytes_to_unicode(
self._public_key.public_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo))
def decrypt(self, message):
if self._private_key is None:
raise ValueError('No Private Key Loaded')
message = base64.b64decode(message)
dec = self._private_key.decrypt(
message,
padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
return if_bytes_to_unicode(dec)
def __init__(self, expire=86400):
self._req = g.current_request
self._cookie_name = self._req.host
self._path = '/' + self._req.app.lstrip('/')
self._expire = expire
if (self._cookie_name in self._req.cookies
and self._req.cookies[self._cookie_name].strip() != ''):
self._session_id = if_bytes_to_unicode(
self._req.cookies[self._cookie_name], 'ISO-8859-1')
else:
self._session_id = self._req.id
def format_msg(msg):
"""Format Message.
Ensure message is str and not binary data.
"""
if is_text(msg):
return if_bytes_to_unicode(msg)
else:
if isinstance(msg, bytes):
return 'BINARY BYTES'
else:
return str(msg)
def encrypt(self, message):
if self._public_key is None and self._private_key is None:
raise ValueError('No Public or Private Key Loaded')
if self._public_key is None:
self._public_key = self._private_key.public_key()
message = if_unicode_to_bytes(message)
enc = self._public_key.encrypt(
message,
padding.OAEP(mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None))
return if_bytes_to_unicode(base64.b64encode(enc))
def save(self):
req = g.current_request
content = if_unicode_to_bytes(js.dumps(self._session))
content = base64.b64encode(content)
content = if_bytes_to_unicode(content)
if len(content) > 1920:
raise ValueError('SessionCookie size exceeded 15KB')
cookie = self._session_id
path = '/' + req.app.lstrip('/')
req.response.set_cookie(cookie,
content,
path=path,
domain=req.host,
max_age=self._expire)
def execute(*args, check=True, virtualenv=False):
from luxon import GetLogger
log = GetLogger(__name__)
loginfo = TemporaryFile()
logerr = TemporaryFile()
log_id = string_id(length=6)
try:
env = os.environ.copy()
if virtualenv is False:
if '__PYVENV_LAUNCHER__' in env:
del env['__PYVENV_LAUNCHER__']
log.info("Execute '%s'" % " ".join(args[0]), log_id=log_id)
subprocess.run(*args,
stdout=loginfo,
stderr=logerr,
check=True,
env=env)
loginfo.seek(0)
logerr.seek(0)
log.info(if_bytes_to_unicode(loginfo.read()), log_id=log_id)
log.error(if_bytes_to_unicode(logerr.read()), log_id=log_id)
loginfo.seek(0)
return if_bytes_to_unicode(loginfo.read())
except subprocess.CalledProcessError:
logerr.seek(0)
loginfo.seek(0)
if check is True:
cmd = " ".join(*args)
log.error(if_bytes_to_unicode(loginfo.read()), log_id=log_id)
raise ExecuteError(cmd,
if_bytes_to_unicode(logerr.read())) from None
log.info(if_bytes_to_unicode(loginfo.read()), log_id=log_id)
log.error(if_bytes_to_unicode(logerr.read()), log_id=log_id)
logerr.seek(0)
return if_bytes_to_unicode(logerr.read())
finally:
loginfo.close()
logerr.close()
def token(self):
# Return serialized token.
if not self.authenticated:
raise AccessDeniedError("Credentials token missing")
utc_expire = utc(self._credentials['expire'])
if now() > utc_expire:
raise AccessDeniedError('Auth Token Expired')
bytes_token = if_unicode_to_bytes(
js.dumps(self._credentials, indent=None))
b64_token = base64.b64encode(bytes_token)
token_sig = if_unicode_to_bytes(self._rsakey.sign(b64_token))
token = if_bytes_to_unicode(token_sig + b'!!!!' + b64_token)
if len(token) > 1280:
raise ValueError("Auth Token exceeded 10KB" +
" - Revise Assignments for credentials")
return token
def generate_private_key(self, bits=4096, password=None):
self._private_key = rsa.generate_private_key(public_exponent=65537,
key_size=bits,
backend=default_backend())
self._public_key = None
if password is not None:
password = if_unicode_to_bytes(password)
encryption_algorithm = serialization.BestAvailableEncryption(
password)
else:
encryption_algorithm = serialization.NoEncryption()
return if_bytes_to_unicode(
self._private_key.private_bytes(
encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=encryption_algorithm))
def parse_id(node_id):
"""Validate node id and format to str.
Args:
node_id (str,int): node unique id.
Returns:
str: Correctly formatted node id.
Raises:
ValueError: Invalid node id.
"""
if isinstance(node_id, int):
node_id = str(node_id)
node_id = if_bytes_to_unicode(node_id)
if not isinstance(node_id, str):
raise ValueError("Invalid ID '%s'" % node_id)
return node_id
def parse_zone(zone):
"""Validate zone name and format to str.
Args:
zone (str,int): zone name.
Returns:
str: Correctly formatted zone name.
Raises:
ValueError: Invalid zone name.
"""
if isinstance(zone, int):
zone = str(zone).lower()
zone = if_bytes_to_unicode(zone)
if not isinstance(zone, str):
raise ValueError("Invalid Zone Name '%s'" % zone)
return zone
def parse(self, value):
if value is None:
value = False
elif isinstance(value, int):
if value == 0:
value = False
else:
value = True
elif isinstance(value, (
str,
bytes,
)):
value = if_bytes_to_unicode(value).lower()
if value == "1" or value == "on" or value == 'true':
value = True
else:
value = False
if not isinstance(value, bool):
self.error('Invalid True/False Boolean value', value)
return value
def sign(self, message):
"""Method to sign a message with the Private key.
Args:
message (str): Message to by cryptograpically signed
Returns:
base64 encoded signed message.
"""
if self._private_key is None:
raise ValueError('No Private Key Loaded')
message = if_unicode_to_bytes(message)
signature = self._private_key.sign(
message,
padding.PSS(
mgf=padding.MGF1(hashes.SHA512()),
salt_length=padding.PSS.MAX_LENGTH
),
hashes.SHA512()
)
return if_bytes_to_unicode(base64.b64encode(signature))
def decrypt(self, message):
"""Method to decrypt a message with the private Key.
Args:
message (str): message encrypted wit the public key.
Returns:
Unicode encoded decrypted message.
"""
if self._private_key is None:
raise ValueError('No Private Key Loaded')
message = base64.b64decode(message)
dec = self._private_key.decrypt(
message,
padding.OAEP(
mgf=padding.MGF1(algorithm=hashes.SHA256()),
algorithm=hashes.SHA256(),
label=None
)
)
return if_bytes_to_unicode(dec)
def text(self):
return if_bytes_to_unicode(self.content, self.encoding)
