def get_subscriptions(cookies, application_name, sanitize=True):
"""
Returns the subscriptions for an application.
"""
url = settings.APIM_STORE_SERVICES_BASE_URL + settings.STORE_LIST_SUBS_URL
params = {'action': 'getAllSubscriptions', 'selectedApp': application_name}
try:
r = requests.get(url, cookies=cookies, params=params, verify=False)
except Exception as e:
raise Error("Unable to retrieve subscriptions; " + str(e))
if not r.status_code == 200:
raise Error("Unable to retrieve subscriptions; status code:" +
str(r.status_code))
if r.json().get("error"):
raise Error("Unable to retrieve subscriptions; error:" +
str(r.json().get("message")))
if not r.json().get("subscriptions"):
raise Error("Unable to retrieve subscriptions; content: " +
str(r.content))
# WSO2 actually returns a list of applications, so we need to filter by the application_name
apps = r.json().get("subscriptions").get('applications')
for app in apps:
logger.info("app:" + app.get("name"))
if app.get('name') == application_name:
subscriptions = app.get("subscriptions")
for sub in subscriptions:
add_sub_hyperlinks(sub, application_name)
if sanitize:
sanitize_subscription(sub)
return subscriptions
def handle(self, response, original_data, filter_key, table_name):
print('{}: {}'.format(response.status_code, response.url))
if response.status_code == 200:
res_data = response.json()
status_code = res_data['status']
"""
200 成功
201 写入数据部分成功
202 写入数据全部失败
400 请求路径不正确
500 服务器未知错误
501 请求超时
900 业务逻辑错误
901 Token验证失败
902 Token失效
903 请求格式不对
"""
if status_code == 200:
pass
elif status_code == 201:
result = self.filter_data(original_data, res_data['response'],
filter_key)
mongo_store.save(table_name, result)
Error(response.text, response.url).save()
else:
mongo_store.save(table_name, original_data)
Error(response.text, response.url).save()
else:
mongo_store.save(table_name, original_data)
Error(response.text, response.url).save()
def generate_credentials(cookies, application_name, callbackUrl=None):
"""
Generates credentials for a given application. Application must be subscribed to at least one API.
"""
url = settings.APIM_STORE_SERVICES_BASE_URL + settings.STORE_SUBSCRIPTION_URL
data = {
'action': 'generateApplicationKey',
'application': application_name,
'keytype': 'PRODUCTION',
'authorizedDomains': 'ALL',
'validityTime': '14400',
}
logger.info("application name: " + application_name)
if callbackUrl:
data['callbackUrl'] = callbackUrl
try:
rsp = requests.post(url, cookies=cookies, data=data, verify=False)
logger.info("Status code:" + str(rsp.status_code) + "content: " +
str(rsp.content))
except Exception as e:
raise Error("Unable to generate credentials for " +
str(application_name) + "; message: " + str(e))
if not rsp.status_code == 200:
raise Error("Unable to generate credentials for " + application_name +
"; status code: " + str(rsp.status_code))
if not rsp.json().get("data"):
raise Error("Unable to generate credentials for " + application_name)
return rsp.json().get('data').get('key')
def get_applications(cookies, username, sanitize=True):
"""
Retrieve the list of applications for the user of a session.
"""
url = settings.APIM_STORE_SERVICES_BASE_URL + settings.STORE_APPS_URL
params = {'action': 'getApplications'}
try:
r = requests.get(url, cookies=cookies, params=params, verify=False)
except Exception as e:
raise Error("Unable to retrieve clients; " + str(e))
if not r.status_code == 200:
raise Error("Unable to retrieve clients; status code:" +
str(r.status_code))
if not r.json().get("applications"):
raise Error("Unable to retrieve clients; content: " + str(r.content))
apps = r.json().get("applications")
for app in apps:
application_name = app.get("name")
try:
application_key = retrieve_application_key(cookies, app.get("id"),
application_name)
app['consumerKey'] = application_key
except Exception as e:
# It is valid for applications to not have credentials;
logger.error("Unable to retrieve credentials for " +
application_name + " in get_applications: " + str(e))
# raise Error("Unable to retrieve credentials for " + application_name)
# app.update(credentials)
add_hyperlinks(app, username)
if sanitize:
sanitize_app(app)
return apps
def delete_client(cookies, application_name):
url = settings.APIM_STORE_SERVICES_BASE_URL + settings.STORE_REMOVE_APP_URL
params = {
'action': 'removeApplication',
'application': application_name,
}
try:
r = requests.post(url, cookies=cookies, params=params, verify=False)
except Exception as e:
raise Error("Unable to create application; " + str(e))
if not r.status_code == 200:
raise Error("Unable to create application; status code:" +
str(r.status_code))
logger.info("response: " + str(r) + "json: " + str(r.json()))
def parse(self):
# we only care about warnings, the fatals will be caught by a compiler
pattern = re.compile("(.*):(\d*):\d*: warning: (.*)")
# execute clang, need to execute on files individually
ret = []
for subdir, _, files in os.walk(self.targetDir):
for f in files:
for suffix in self.VALID_CPP_FILES:
if f.endswith(suffix):
result = run([
'clang', '-fsyntax-only',
os.path.join(subdir, f)
],
stdout=PIPE,
stderr=PIPE)
error = result.stderr.decode("utf-8")
if (len(error) > 0):
err = re.findall(pattern, error)
for res in err:
result = Error(int(res[1]), res[0], res[2],
'clang')
ret.append(result)
return ret
def get_application_id(cookies,
username,
application_name="DefaultApplication"):
"""
Gets the application id in WSO2 for the application with name application_name
"""
applications = get_applications(cookies, username, sanitize=False)
for app in applications:
if app.get("name") == application_name:
return app.get("id")
raise Error("Application not found")
def get_parms_from_request(request_dict, parms):
"""
Helper method to pull required parameters out of a request.
"""
parm_values = {}
for parm in parms:
value = request_dict.get(parm)
if not value:
raise Error(message=parm + " is required")
parm_values[parm] = value
return parm_values
def remove_api(cookies, client_name, api_name, api_version, api_provider):
url = settings.APIM_STORE_SERVICES_BASE_URL + settings.STORE_REMOVE_SUB_URL
data = {
'action': 'removeSubscription',
'name': api_name,
'version': api_version,
'provider': api_provider,
'applicationName': client_name
}
try:
r = requests.post(url, cookies=cookies, data=data, verify=False)
logger.info("remove_api response:" + str(r.json()))
logger.info("data:" + str(data))
except Exception as e:
raise Error("Unable to remove API " + api_name + "; message: " +
str(e))
if not r.status_code == 200:
raise Error("Unable to remove API " + api_name + "; status code: " +
str(r.status_code))
if r.json().get('error'):
raise Error("Unable to remove API " + +api_name)
def add_api(cookies,
client_name,
api_name,
api_version,
api_provider,
tier=settings.DEFAULT_TIER):
url = settings.APIM_STORE_SERVICES_BASE_URL + settings.STORE_SUBSCRIPTION_URL
data = {
'action': 'addAPISubscription',
'name': api_name,
'version': api_version,
'provider': api_provider,
'tier': tier,
'applicationName': client_name
}
try:
r = requests.post(url, cookies=cookies, data=data, verify=False)
logger.info("add_api response:" + str(r.json()))
logger.info("data:" + str(data))
except Exception as e:
raise Error("Unable to subscribe to API " + api_name + "; message: " +
str(e))
try:
json_rsp = r.json()
except Exception as e:
raise Error("Unable to subscribe to API " + api_name +
"; no JSON received.")
# APIM now throws an error if the API is subscribed to already.
if json_rsp.get(
'message') and 'Subscription already exists' in json_rsp.get(
'message'):
return
if not r.status_code == 200:
raise Error("Unable to subscribe to API " + api_name +
"; status code: " + str(r.status_code))
if r.json().get('error'):
raise Error("Unable to subscribe to API " + api_name + " error: " +
str(r.json().get('error')))
def get_application(cookies,
username,
application_name="DefaultApplication",
sanitize=True):
"""
Gets the application in WSO2 with name application_name
"""
logger.info("application name: " + application_name)
applications = get_applications(cookies, username, sanitize)
for app in applications:
if app.get("name") == application_name:
logger.info(str(app))
return app
raise Error("Application not found")
def parse(self):
# execute cpp check
result = run(['cppcheck', self.targetDir], stdout=PIPE, stderr=PIPE)
errors = str(result.stderr).split('\\n')
# get relevant information
ret = []
pattern = re.compile(".*\[(.*):(\d*)\]: *(.*)$")
for err in errors:
res = pattern.match(err)
if res:
result = Error(int(res.group(2)), res.group(1), res.group(3),
'cppcheck')
ret.append(result)
return ret
def job():
print('{}: 开始执行任务'.format(datetime.now().strftime('%Y-%m-%d %H:%M:%S')))
timestamp = current_milli_time()
try:
tac_task.send_question(timestamp)
tac_task.send_feedback(timestamp)
tac_task.send_repair(timestamp)
pac_task.send_question(timestamp)
lac_task.send_question(timestamp)
print('{}: 执行任务成功'.format(
datetime.now().strftime('%Y-%m-%d %H:%M:%S')))
except Exception as e:
error_str = get_error_str()
Error(error_str).save()
print('{}: 执行任务失败'.format(
datetime.now().strftime('%Y-%m-%d %H:%M:%S')))
print('Error:', e)
def parse(self):
# execute flaw finder
result = run([
'flawfinder', '--quiet', '--dataonly', '--singleline',
self.targetDir
],
stdout=PIPE,
stderr=PIPE)
errors = result.stdout.decode("utf-8")
# get relevant information
ret = []
pattern = re.compile("(.*):(\d*): *(.*)$")
for err in errors.split("\n"):
res = pattern.match(err)
if res:
result = Error(int(res.group(2)), res.group(1), res.group(3),
'flawfinder')
ret.append(result)
return ret
def create_client_application(cookies,
username,
application_name,
tier=settings.DEFAULT_TIER,
description=None,
callbackUrl=None):
"""
Create a client application with the given name, throttling tier, description and callbackUrl.
"""
url = settings.APIM_STORE_SERVICES_BASE_URL + settings.STORE_ADD_APP_URL
VALID_TIERS = ['Bronze', 'Gold', 'Unlimited', 'Silver']
found = False
for t in VALID_TIERS:
if t.lower() == tier.lower():
tier = t
found = True
if not found:
raise Error(
message=
"tier value must be one of: [Bronze, Gold, Unlimited, Silver].")
params = {
'action': 'addApplication',
'application': application_name,
'tier': tier,
'description': '',
'callbackUrl': ''
}
if description:
params['description'] = description
if callbackUrl:
params['callbackUrl'] = callbackUrl
try:
rsp = requests.post(url, cookies=cookies, params=params, verify=False)
except Exception as e:
raise Error("Unable to create application; " + str(e))
if not rsp.status_code == 200:
raise Error("Unable to create application; status code:" +
str(rsp.status_code))
if rsp.json().get('error'):
raise Error("Unable to create application: " +
str(rsp.json().get('message')))
logger.info("Response from WSO2 ADD_APP: " + str(rsp.json()) +
" Status code: " + str(rsp.status_code))
# nothing returned in the wso2 response and the client credentials are not generated,
# so we need to get the client just created and generate credentials for it.
# Need to generate credentials FIRST -- otherwise, get_application will end up generating them which
# will cause the consumerSecret to be lost.
credentials = generate_credentials(cookies, application_name, callbackUrl)
app = get_application(cookies, username, application_name, sanitize=False)
add_apis(cookies, application_name)
app.update(credentials)
logger.info(
"Inside create_client_application after updating with credentials; app: "
+ str(app) + "credentials: " + str(credentials))
# we now fix the record on the IDN_OAUTH_CONSUMER_APPS table in WSO2 db so that the Auth grant
# flow will work.
if callbackUrl:
try:
wso2_app = IdnOauthConsumerApps.objects.get(
consumer_key=app.get("consumerKey"))
wso2_app.callback_url = callbackUrl
wso2_app.save()
except Exception as e:
logger.info(
"Got an exception trying to update the callback URL. Exception type: "
+ str(type(e)) + " Exception: " + str(e))
return app