async def test_no_strategy(aiohttp_server, aiohttp_client, loop):
    async def public_view(request):
        return web.Response(text='Public view')

    async def secret_view(request):
        return web.Response(text='Secret view')

    app = web.Application()
    app.router.add_route('GET', '/public', public_view)
    app.router.add_route('GET', '/secret', secret_view)
    app.middlewares.append(
        basic_auth_middleware(
            ('/secret', ),
            {'user': '******'},
        ))

    server = await aiohttp_server(app)
    client = await aiohttp_client(server)

    response = await client.get('/public')
    assert response.status == 200

    response = await client.get('/secret')
    assert response.status == 401

    response = await client.get(
        '/secret',
        headers={'Authorization': generate_header('user', 'password')},
    )
    assert response.status == 200
async def test_ok_auth(aiohttp_server, aiohttp_client, loop):
    server = await aiohttp_server(get_app(loop, {'test': 'secret'}))
    client = await aiohttp_client(server)

    response = await client.get(
        '/admin/hello',
        headers={'Authorization': generate_header('test', 'secret')},
    )
    assert response.status == 200
async def test_strategy(aiohttp_server, aiohttp_client, loop):
    server = await aiohttp_server(
        get_app(
            loop,
            {
                'test': '5f4dcc3b5aa765d61d8327deb882cf99',
            },
            lambda x: hashlib.md5(bytes(x, encoding='utf-8')).hexdigest(),
        )
    )
    client = await aiohttp_client(server)

    response = await client.get(
        '/admin/hello',
        headers={'Authorization': generate_header('test', 'password')},
    )
    assert response.status == 200
Ejemplo n.º 4
0
def waf_login():
    requests.packages.urllib3.disable_warnings()
    waf_ip=input("What is the WAF's management ip(Typically the WAN IP): ")
    waf_login_passwd=getpass.getpass("\nWAF login password: "******"\nConnecting to the WAF on port 8443 as 'admin'...")
    waf_url="https://"+waf_ip+":8443/restapi/v3.1/login"
    headers={"Content-Type": "application/json"}
    payload={"username":"******","password":waf_login_passwd}
    requests.packages.urllib3.disable_warnings()
    token_req_json=requests.post(waf_url, data=json.dumps(payload), headers=headers, verify=False)
    token_output=token_req_json.text
    token_split=token_output.split(":")
    token_rstrip=token_split[1].rstrip("}")
    token=token_rstrip.replace('"','')
    auth_header=generate_header('',token)
    payload_headers={"Content-Type":"application/json", "Authorization": auth_header}
    return waf_ip, waf_login_passwd, payload_headers
Ejemplo n.º 5
0
def token(waf_host):

    logs = logger()

    waf_info = open('wafcreds.json', 'r')
    waf_info_dict = json.load(waf_info)
    waf = (waf_info_dict[waf_host])

    if (waf["secure"]) == "yes":
        logs.debug("HTTPS Protocol will be used for all transactions")
        login_proto = "https://"
    if (waf["secure"]) == "no":
        logs.debug("HTTP Protocol will be used for all transactions")
        login_proto = "http://"
    else:
        logs.debug(
            "Configure the secure attribute as 'yes' or 'no'. Defaulting to HTTPS"
        )
        login_proto = "https://"
        pass

    waf_login_ip = (waf["waf_ip"])
    logs.debug("waf host is " + waf_login_ip)
    waf_login_port = (waf["waf_port"])
    url = login_proto + waf_login_ip + ":" + waf_login_port + "/restapi/v3/login"

    headers = {"Content-Type": "application/json"}
    data = {"username": waf["waf_admin"], "password": waf["waf_password"]}

    login_request = requests.post(url,
                                  data=json.dumps(data),
                                  headers=headers,
                                  verify=False)
    token_str = login_request.text.split(':')
    token1 = token_str[1].replace('"', '').rstrip('}') + ':'
    basic_auth_token = generate_header('', token1)
    req_headers = {
        "Content-Type": "application/json",
        'Authorization': basic_auth_token
    }
    return req_headers, waf_login_ip, waf_login_port, login_proto
def waf_login():
    with open("/etc/waf/waf.json", "r") as waf:
        waf_dict = json.loads(waf.read())
    waf_ip = waf_dict['waf1']['waf_ip']
    waf_port = waf_dict['waf1']['waf_port']
    waf_admin = waf_dict['waf1']['waf_admin']
    waf_password = waf_dict['waf1']['waf_password']
    login_url = "http://" + waf_ip + ":" + waf_port + "/restapi/v3.1/login"
    api_headers = {"Content-Type": "application/json"}
    login_payload = {"username": waf_admin, "password": waf_password}
    login_request = requests.post(login_url,
                                  headers=api_headers,
                                  data=json.dumps(login_payload))
    token_output = login_request.text
    token_split = token_output.split(":")
    token_rstrip = token_split[1].rstrip("}")
    token = token_rstrip.replace('"', '')
    auth_header = generate_header('', token)
    waf_url = "http://" + waf_ip + ":" + waf_port + "/restapi/v3.1"
    headers = {
        "Content-Type": "application/json",
        "Authorization": auth_header
    }
    return waf_url, headers, waf_ip
    print(waf_ip)
    waf_password = waf_info["waf_password"]
    print(waf_password)
    waf_json.close()

headers = {"Content-Type": "application/json"}
login_url = "http://" + waf_ip + ":8000/restapi/v3.1/login"
login_payload = {"username": "******", "password": waf_password}
login_request = requests.post(login_url,
                              headers=headers,
                              data=json.dumps(login_payload))
token_output = login_request.text
token_split = token_output.split(":")
token_rstrip = token_split[1].rstrip("}")
token = token_rstrip.replace('"', '')
auth_header = generate_header('', token)
api_headers = {
    "Content-Type": "application/json",
    "Authorization": auth_header
}
#Creating the Service
hostname = socket.gethostname()

server = socket.gethostbyname(hostname)
#Create certificate
certificate_url = "http://" + waf_ip + ":8000/restapi/v3.1/certificates/self-signed-certificate"
cert_payload = {
    "state": "CA",
    "key-size": "2048",
    "common-name": "training.petstore.com",
    "city": "San Francisco",
Ejemplo n.º 8
0
def test_header_gen_utf8_default(token, login_password):
    assert token == generate_header(*login_password)
Ejemplo n.º 9
0
def test_header_gen(token, login_password):
    assert token == generate_header(*login_password, coding='utf-8')