def _request(self,
method: str,
url: str,
params: Dict[str, Any] = None,
data: Any = None,
headers: Dict[str, str] = None,
cookies: Dict[str, str] = None,
files=None,
auth=None,
timeout=None,
allow_redirects=True,
proxies=None,
hooks=None,
stream=None,
verify=None,
cert=None,
json=None) -> requests.Response:
if '://' not in url:
url = self._api_url + url
if self._insecure_tls and not verify:
verify = False
urllib3.disable_warnings()
else:
urllib3.warnings.resetwarnings()
headers = headers or dict()
headers['Accept'] = 'application/json'
response = requests.request(method=method,
url=url,
params=params,
data=data,
headers=headers,
cookies=cookies,
files=files,
auth=auth or self._http.auth,
timeout=timeout,
allow_redirects=allow_redirects,
proxies=proxies,
hooks=hooks,
stream=stream,
verify=verify,
cert=cert,
json=json)
if response.status_code >= 400:
try:
content = response.json()
if 'Message' in content:
raise BanyanError(
f'{response.status_code} Client Error: {response.reason} for '
f'url: {response.url}: {content["Message"]}')
elif 'error' in content:
raise BanyanError(
f'{response.status_code} Client Error: {response.reason} for '
f'url: {response.url}: {content["error_code"]}: {content["error"]}'
)
except ValueError:
raise BanyanError(
f'{response.status_code} Client Error: {response.reason} for url: {response.url}'
)
return response
def get_otk(self):
shield_name = self.app.pargs.shield_name
shield = self._client.find(shield_name)
if self._client.status(shield_name) == 'INACTIVE':
raise BanyanError(f'Shield {shield_name} status is INACTIVE')
if not shield.otk_enabled:
raise BanyanError(f'Shield {shield_name} is not enabled for OTK')
self.app.print(str(shield.one_time_key))
def __init__(self, api_server_url: str = None, refresh_token: str = None, debug: bool = False,
log: logging.Logger = None) -> None:
self._debug = debug
self._log = log
self._progress_callback = None
self._access_token = None
self._api_url = self._normalize_url(api_server_url or os.getenv('BANYAN_API_URL')
or BanyanApiClient.DEFAULT_API_URL)
self._refresh_token = refresh_token or os.getenv('BANYAN_REFRESH_TOKEN')
if not self._refresh_token:
raise BanyanError("Refresh token must be set")
if self._debug:
requests_log = logging.getLogger('requests.packages.urllib3')
requests_log.setLevel(logging.DEBUG)
requests_log.propagate = True
self._http = self._create_session()
self._services = ServiceAPI(self)
self._policies = PolicyAPI(self)
self._attach = AttachmentAPI(self)
self._roles = RoleAPI(self)
self._shields = ShieldAPI(self)
self._agents = NetagentAPI(self)
self._users = UserAPI(self)
self._devices = DeviceAPI(self)
self._events = EventV2API(self)
self._audit = AuditAPI(self)
def create(self, obj: BanyanApiObject):
if not self.Meta.insert_uri:
raise BanyanError(
f'{self.Meta.obj_name} API does not support creating objects')
self._ensure_does_not_exist(obj.name)
response_json = self._client.api_request('POST',
self.Meta.insert_uri,
json=obj.Schema().dump(obj))
return self.Meta.info_class.Schema().load(response_json)
def delete(self, obj: ResourceOrName):
if not self.Meta.delete_uri:
raise BanyanError(
f'{self.Meta.obj_name} API does not support deleting objects')
obj = self.find(obj)
json_response = self._client.api_request(
'DELETE',
self.Meta.delete_uri,
params={self.Meta.uri_param: str(obj.id)})
return json_response['Message']
def __getitem__(self, key: str):
self._ensure_cache()
try:
return self._by_name[key.lower()]
except KeyError:
try:
return self._by_id[key.lower()]
except KeyError:
raise BanyanError(
f'{self.Meta.obj_name} name or ID does not exist: {key}')
def create(self, obj: Device):
"""
Raises an exception. Devices cannot be created via API. They must be registered by installing the
Banyan App on a device.
:param obj: A device which will definitely not be created.
:type obj: Device
:raises: :py:exc:`BanyanError`
"""
raise BanyanError('devices cannot be created via the API')
def _request(self,
method: str,
url: str,
params: Dict[str, Any] = None,
data: Any = None,
headers: Dict[str, str] = None,
cookies: Dict[str, str] = None,
files=None,
auth=None,
timeout=None,
allow_redirects=True,
proxies=None,
hooks=None,
stream=None,
verify=None,
cert=None,
json=None) -> requests.Response:
if '://' not in url:
url = self._api_url + url
response = self._http.request(method, url, params, data, headers,
cookies, files, auth or self._http.auth,
timeout, allow_redirects, proxies, hooks,
stream, verify, cert, json)
# logging.debug(response.content)
if response.status_code >= 400:
try:
content = response.json()
if 'Message' in content:
raise BanyanError(
f'{response.status_code} Client Error: {response.reason} for '
f'url: {response.url}: {content["Message"]}')
elif 'error' in content:
raise BanyanError(
f'{response.status_code} Client Error: {response.reason} for '
f'url: {response.url}: {content["error_code"]}: {content["error"]}'
)
except ValueError:
raise BanyanError(
f'{response.status_code} Client Error: {response.reason} for url: {response.url}'
)
return response
def create(self, obj: Resource) -> Resource:
if not self.Meta.insert_uri:
raise BanyanError(
f'{self.Meta.obj_name} API does not support creating objects')
self._ensure_does_not_exist(obj.name)
response_json = self._client.api_request('POST',
self.Meta.insert_uri,
json=obj.Schema().dump(obj))
new_obj = self.Meta.info_class.Schema().load(response_json)
if self._cache:
self._cache.append(new_obj)
self._by_name[new_obj.name.lower()] = new_obj
self._by_id[str(new_obj.id).lower()] = new_obj
return new_obj
def delete(self, obj: ResourceOrName) -> str:
if not self.Meta.delete_uri:
raise BanyanError(
f'{self.Meta.obj_name} API does not support deleting objects')
obj = self.find(obj)
assert isinstance(obj, Resource)
json_response = self._client.api_request(
'DELETE',
self.Meta.delete_uri,
params={self.Meta.uri_param: str(obj.id)})
if self._cache:
self._cache.remove(obj)
del self._by_name[obj.name.lower()]
del self._by_id[str(obj.id).lower()]
return json_response['Message']
def update(self, obj: Resource) -> Resource:
if not self.Meta.insert_uri:
raise BanyanError(
f'{self.Meta.obj_name} API does not support updating objects')
self._ensure_exists(obj.name)
response_json = self._client.api_request('POST',
self.Meta.insert_uri,
json=obj.Schema().dump(obj))
updated_obj = self.Meta.info_class.Schema().load(response_json)
if self._cache:
old_obj = self._by_id[str(obj.id).lower()]
self._cache.remove(old_obj)
self._cache.append(updated_obj)
self._by_name[updated_obj.name.lower()] = updated_obj
self._by_id[str(updated_obj.id).lower()] = updated_obj
return updated_obj
def id(self) -> str:
raise BanyanError('not implemented')
def _ensure_does_not_exist(self, name: str) -> None:
if self.exists(name):
raise BanyanError(
f'{self.Meta.obj_name} name already exists: {name}')
def _ensure_exists(self, name: str) -> None:
if not self.exists(name):
raise BanyanError(
f'{self.Meta.obj_name} name does not exist: {name}')
