def encode_jwt(payload: dict, token_type: TokenType) -> str:
exp = (settings.JWT_EXPIRATION_DELTA if token_type is TokenType.ACCESS else
settings.JWT_REFRESH_EXPIRATION_DELTA)
jti_size = (settings.JWT_JTI_SIZE if settings.JWT_BLACKLIST_ENABLED
and token_type.value in settings.JWT_BLACKLIST_TOKEN_CHECKS
else 0)
payload["type"] = token_type.value
token = generate_jwt(
payload,
_secret_key,
algorithm=settings.JWT_ALGORITHM,
lifetime=exp,
jti_size=jti_size,
)
if settings.JWT_ENCRYPT:
token = JWE(
plaintext=token.encode("utf-8"),
protected={
"alg": settings.JWE_ALGORITHM,
"enc": settings.JWE_ENCRYPTION,
"typ": "JWE",
},
)
token.add_recipient(_encryption_key)
token = token.serialize()
return token
def decrypt(self, ciphertext):
try:
jwe = JWE()
jwe.deserialize(ciphertext, key=self._private_jwk)
plaintext = jwe.payload.decode('utf-8')
except Exception:
raise ValueError("Couldn't decrypt message.")
return plaintext
def set(self, key, value, replace=False):
self.protected_header = {'alg': 'dir', 'enc': self.master_enctype}
if self.secret_protection != 'encrypt':
self.protected_header['custodia.key'] = key
protected = json_encode(self.protected_header)
jwe = JWE(value, protected)
jwe.add_recipient(self.mkey)
cvalue = jwe.serialize(compact=True)
return self.store.set(key, cvalue, replace)
def validate(self, ciphertext):
try:
jwe = JWE()
jwe.deserialize(ciphertext)
if jwe.jose_header != {'alg': 'RSA-OAEP', 'enc': 'A256GCM'}:
return False
except Exception:
return False
return True
def get(self, key):
value = self.store.get(key)
if value is None:
return None
try:
jwe = JWE()
jwe.deserialize(value, self.mkey)
return jwe.payload.decode('utf-8')
except Exception as err:
self.logger.error("Error parsing key %s: [%r]" % (key, repr(err)))
raise CSStoreError('Error occurred while trying to parse key')
def encrypt(message: str, encryption_certificate: JWK) -> str:
"""Encrypt a message for DCS"""
protected_header = {
"alg": "RSA-OAEP-256",
"enc": "A128CBC-HS256",
"typ": "JWE"
}
jwetoken = JWE(plaintext=message,
recipient=encryption_certificate,
protected=protected_header)
return jwetoken.serialize(compact=True)
def get(self, key):
value = super(EncryptedStore, self).get(key)
if value is None:
return None
try:
jwe = JWE()
jwe.deserialize(value, self.mkey)
return jwe.payload.decode('utf-8')
except Exception:
self.logger.exception("Error parsing key %s", key)
raise CSStoreError('Error occurred while trying to parse key')
def encrypt(self,
plaintext,
_protected='{"alg":"RSA-OAEP","enc":"A256GCM"}',
_public_jwk=None):
try:
jwe = JWE(plaintext=plaintext, protected=_protected)
_public_jwk = _public_jwk if _public_jwk else self._public_jwk
jwe.add_recipient(_public_jwk)
ciphertext = jwe.serialize(compact=True)
except Exception:
raise ValueError("Couldn't encrypt message.")
return ciphertext
def deserialize(self, jwt, key=None):
"""Deserialize a JWT token.
NOTE: Destroys any current status and tries to import the raw
token provided.
:param jwt: a 'raw' JWT token.
:param key: A (:class:`jwcrypto.jwk.JWK`) verification or
decryption key, or a (:class:`jwcrypto.jwk.JWKSet`) that
contains a key indexed by the 'kid' header.
"""
c = jwt.count('.')
if c == 2:
self.token = JWS()
elif c == 4:
self.token = JWE()
else:
raise ValueError("Token format unrecognized")
# Apply algs restrictions if any, before performing any operation
if self._algs:
self.token.allowed_algs = self._algs
# now deserialize and also decrypt/verify (or raise) if we
# have a key
if key is None:
self.token.deserialize(jwt, None)
elif isinstance(key, JWK):
self.token.deserialize(jwt, key)
elif isinstance(key, JWKSet):
self.token.deserialize(jwt, None)
if 'kid' not in self.token.jose_header:
raise JWTMissingKeyID('No key ID in JWT header')
token_key = key.get_key(self.token.jose_header['kid'])
if not token_key:
raise JWTMissingKey('Key ID %s not in key set' %
self.token.jose_header['kid'])
if isinstance(self.token, JWE):
self.token.decrypt(token_key)
elif isinstance(self.token, JWS):
self.token.verify(token_key)
else:
raise RuntimeError("Unknown Token Type")
else:
raise ValueError("Unrecognized Key Type")
if key is not None:
self.header = self.token.jose_header
self.claims = self.token.payload.decode('utf-8')
self._check_provided_claims()
def make_encrypted_token(self, key):
"""Encrypts the payload.
Creates a JWE token with the header as the JWE protected header and
the claims as the plaintext. See (:class:`jwcrypto.jwe.JWE`) for
details on the exceptions that may be reaised.
:param key: A (:class:`jwcrypto.jwk.JWK`) key.
"""
t = JWE(self.claims, self.header)
t.add_recipient(key)
self.token = t
def encrypt_raw_event(evt, public_key, is_dict=False):
payload = evt.to_jsonld()
if is_dict is True:
public_key = JWK.from_json(json_encode(public_key))
protected_header = {
"alg": "RSA-OAEP-256",
"enc": "A256CBC-HS512",
"typ": "JWE",
"kid": public_key.thumbprint(),
}
data = JWE(payload.encode('utf-8'),
recipient=public_key,
protected=protected_header)
return data.serialize()
def resetpass(request):
if request.user:
# already logged in, redirect to home
return HTTPFound(location=request.route_url('home'))
jwe = request.matchdict.get('jwe')
if not jwe:
request.session.flash("d|Invalid link.")
raise HTTPFound(location=request.route_url('forgotpass'))
# decode
key = JWK(**loads(request.registry.settings["jwt.secret"]))
jwetoken = JWE()
try:
jwetoken.deserialize(jwe)
jwetoken.decrypt(key)
except InvalidJWEData:
request.session.flash("d|Invalid link?")
raise HTTPFound(location=request.route_url('forgotpass'))
payload = loads(jwetoken.payload)
# check timestamp.
nowdt = timegm(gmtime())
if (nowdt - payload["dt"]) > (
int(request.registry.settings["jwt.expire"]) * 60):
request.session.flash("d|Link has expired.")
raise HTTPFound(location=request.route_url('forgotpass'))
# load user...
item = request.dbsession.query(User).filter_by(id=payload["id"]).first()
if not item:
request.session.flash("d|User not found.")
raise HTTPFound(location=request.route_url('forgotpass'))
# check if password already changed:
if item.password_hash != unhexlify(payload["hash"]):
request.session.flash("d|Link has expired..")
raise HTTPFound(location=request.route_url('forgotpass'))
# if submitted:
if 'form.submitted' in request.params:
password = request.params.get('password')
password2 = request.params.get('password2')
if modifyUser(
request, item, "", "", password, password2,
passwordonly=True) is False:
return dict(url=request.route_url("resetpass", jwe=jwe))
# if success:
request.session.flash("s|Password reset successfully.")
return HTTPFound(location=request.route_url('login'))
return dict(url=request.route_url("resetpass", jwe=jwe))
def forgotpass(request):
if request.user:
# already logged in, redirect to home
return HTTPFound(location=request.route_url('home'))
next_url = request.params.get('next', None)
if not next_url:
next_url = request.route_url('home')
login = ''
if 'form.submitted' in request.params:
login = request.params.get('email')
item = request.dbsession.query(User).filter_by(email=login).first()
if item is not None:
# Generate link:
key = JWK(**loads(request.registry.settings["jwt.secret"]))
mins = request.registry.settings["jwt.expire"]
payload = dumps({
"id": item.id,
"dt": timegm(gmtime()),
"hash": hexlify(item.password_hash).decode("utf-8")
})
token = JWE(payload.encode('utf-8'),
json_encode({
"alg": "A256KW",
"enc": "A256CBC-HS512"
}))
token.add_recipient(key)
link = request.route_url("resetpass", jwe=token.serialize(True))
message = Message(
subject="VS Leaderboard - Reset Password",
recipients=[item.email],
body="To reset your password, please click: \n{0}\n".format(
link) +
"This link will expire in {0} minutes.".format(mins))
request.mailer.send(message)
request.session.flash(
"s|If that e-mail address is used it will receive a password reset link."
)
return dict(
url=request.route_url('forgotpass'),
next_url=next_url,
login=login,
)
def decode_jwt(jwt: str) -> Tuple:
"""Decode JSON web token.
Args:
auth_token (str): The JSON web token
Raises:
JSONWebTokenError: Raised if the signature has expired or if the token is invalid
Returns:
int: The user id
"""
if settings.JWT_ENCRYPT:
token = JWE()
try:
token.deserialize(jwt.replace("\\", ""))
except InvalidJWEData as error:
raise JWEInvalidToken from error
try:
token.decrypt(_encryption_key)
except InvalidJWEData as error:
raise JWEDecryptionError from error
jwt = token.payload.decode("utf-8")
if not settings.JWT_VERIFY:
return process_jwt(jwt)
try:
return verify_jwt(
jwt,
_secret_key,
checks_optional=settings.JWT_VERIFY_EXPIRATION,
iat_skew=settings.JWT_LEEWAY,
allowed_algs=[settings.JWT_ALGORITHM],
)
except (InvalidJWSObject, UnicodeDecodeError) as error:
raise JWTDecodeError from error
except InvalidJWSSignature as error:
raise JWTInvalidSignature from error
except Exception as error:
raise JWTExpired from error
def get(self, key):
value = self.store.get(key)
if value is None:
return None
try:
jwe = JWE()
jwe.deserialize(value, self.mkey)
value = jwe.payload.decode('utf-8')
except Exception as err:
self.logger.error("Error parsing key %s: [%r]" % (key, repr(err)))
raise CSStoreError('Error occurred while trying to parse key')
if self.secret_protection == 'encrypt':
return value
if 'custodia.key' not in jwe.jose_header:
if self.secret_protection == 'migrate':
self.set(key, value, replace=True)
else:
raise CSStoreError('Secret Pinning check failed!'
+ 'Missing custodia.key element')
elif jwe.jose_header['custodia.key'] != key:
raise CSStoreError(
'Secret Pinning check failed! Expected {} got {}'.format(
key, jwe.jose_header['custodia.key']))
return value
def set(self, key, value, replace=False):
protected = json_encode({'alg': 'dir', 'enc': self.master_enctype})
jwe = JWE(value, protected)
jwe.add_recipient(self.mkey)
cvalue = jwe.serialize(compact=True)
return self.store.set(key, cvalue, replace)
def ServerMain(q,tport):
filu = 'serverdaemon.ini'
HOST = '0.0.0.0' #change to None if wanted listen from IPv6 address
try:
fp = open(filu, 'r+')
Config.readfp(fp)
url = Config.get('REST','url')
header = Config.get('REST','header')
if tport==0:
tport = int(Config.get('DAEMON','port'))
PORT = int(Config.get('DAEMON','port'))
fp.close()
except:
url = input('anna url:')
header = input('anna header:')
port = input('anna port:')
cfgfile = open(filu,'w')
try:
Config.add_section('REST')
Config.add_section('DAEMON')
print("*** Created sections")
except:
print('*** sections already exists')
Config.set('REST','url',url)
Config.set('REST','header', header)
Config.set('DAEMON','port',port)
Config.write(cfgfile)
cfgfile.close()
tport = int(Config.get('DAEMON','port'))
url = Config.get('REST','url')
header = Config.get('REST','header')
PORT = int(Config.get('DAEMON','port'))
print("*** Created information.")
header = ast.literal_eval(header)
try:
conn = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
while True:
print("*** Main ***")
#print("*" * 60)
conn = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
try:
conn.bind((HOST, PORT))
except:
print("Main *** Ei onnistunut")
ServerMain(q,tport)
info = conn.recvfrom(1024)
#print(info)
data = info[0].decode("utf-8")
#print (data)
addr = info[1]
#print (addr)
#datan tarkistus ja säikeen aloitus
if data=="I am Client":
#print("Main *** Right start message")
#lähetetään julkinen avain
key = JWK(generate="RSA",public_exponent=29,size=1000)
public_key = key.export_public()
conn.sendto(public_key.encode("utf-8"),addr)
#otetaan viesti vastaan ja avataan
encrypted_signed_token = conn.recv(1024).decode("utf-8")
#print(encrypted_signed_token)
E = JWE()
E.deserialize(encrypted_signed_token, key)
raw_payload = E.payload
#print("*** raw payload:",raw_payload)
string = raw_payload.decode("utf-8")
#print("*** received str:", string)
Payload = json.loads(string)
#print("*** JSON:",Payload)
#print("*** received payload:", Payload['exp'])
#käydään REST app kysymässä Kumokselta
mac = str(Payload['exp'])
myResponse = requests.get(url + mac,header)
#print(url + mac,header)
#print("REST:", myResponse.status_code)
if(myResponse.ok):
print("main *** Found!")
jData = json.loads(myResponse.content.decode("utf-8"))
#print("The response contains {0} properties".format(len(jData)))
# Konrollerille yhteys
#Haetaan "listalta"
if not q.empty():
tport = q.get()
conn.sendto(tport.encode("utf-8"),addr)
else:
tport = str(int(tport)+1)
conn.sendto(tport.encode("utf-8"),addr)
#Aloitetaan stringissä uusi yhteys
thread.start_new_thread(Listen_Client,(url,data,tport,q,header,))
else:
print("Main *** Not found")
answer="Good try <3"
conn.sendto(answer.encode("utf-8"),addr)
else:
conn.close()
print("*" * 60)
conn.close()
print("*" * 60)
except:
conn.close()
print("Main *** Frong message. Start again")
ServerMain(q,tport)
def Listen_Client(url,data,tport,q,header):
try:
while True:
#print("---Thread---")
HOST = '0.0.0.0'
PORT = int(tport)
conn = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
try:
conn.bind((HOST, PORT))
print("Thread *** Bind is ready", PORT)
except:
print("Thread *** Connection bind failed")
Listen_Client(url,data,PORT,q,header)
info = conn.recvfrom(1024)
#print(info)
data = info[0].decode("utf-8")
#print (data)
addr = info[1]
#print (addr)
#print("-" * 60)
#print('Thread *** connected by', addr)
key = JWK(generate="RSA",public_exponent=29,size=1000)
public_key = key.export_public()
#print('Thread *** public key',public_key)
conn.sendto(public_key.encode("utf-8"),addr)
#otetaan viesti vastaan ja avataan
try:
conn.settimeout(60)
encrypted_signed_token_info = conn.recvfrom(1024)
encrypted_signed_token = encrypted_signed_token_info[0].decode("utf-8")
#print(encrypted_signed_token)
except:
print('Thread *** time out')
break
E = JWE()
E.deserialize(encrypted_signed_token, key)
raw_payload = E.payload
string = raw_payload.decode("utf-8")
Payload = json.loads(string)
#print("Thread *** received payload:", Payload['exp'])
#käydään REST app kysymässä Kumokselta
mac = str(Payload['exp'])
myResponse = requests.get(url + mac,header)
#print(url + mac,header)
#print("Thread *** REST:", myResponse.status_code)
#tarkistus
if(myResponse.ok):
print("Thread *** Found!")
jData = json.loads(myResponse.content.decode("utf-8"))
#print("The response contains {0} properties".format(len(jData)))
conn.close()
else:
print("Thread *** Not found")
answer="Good try <3"
conn.send(answer.encode("utf-8"))
#SDN irrottaa kyseisen laitteen verkosta
break
conn.close()
#conn.close()
print("Thread *** end")
q.put(tport)
except:
#conn.close()
q.put(tport)
print("Thread *** Forced end")
def deserialize(self, jwt, key=None):
"""Deserialize a JWT token.
NOTE: Destroys any current status and tries to import the raw
token provided.
:param jwt: a 'raw' JWT token.
:param key: A (:class:`jwcrypto.jwk.JWK`) verification or
decryption key, or a (:class:`jwcrypto.jwk.JWKSet`) that
contains a key indexed by the 'kid' header.
"""
c = jwt.count('.')
if c == 2:
self.token = JWS()
elif c == 4:
self.token = JWE()
else:
raise ValueError("Token format unrecognized")
# Apply algs restrictions if any, before performing any operation
if self._algs:
self.token.allowed_algs = self._algs
self.deserializelog = list()
# now deserialize and also decrypt/verify (or raise) if we
# have a key
if key is None:
self.token.deserialize(jwt, None)
elif isinstance(key, JWK):
self.token.deserialize(jwt, key)
self.deserializelog.append("Success")
elif isinstance(key, JWKSet):
self.token.deserialize(jwt, None)
if 'kid' in self.token.jose_header:
kid_key = key.get_key(self.token.jose_header['kid'])
if not kid_key:
raise JWTMissingKey('Key ID %s not in key set'
% self.token.jose_header['kid'])
self.token.deserialize(jwt, kid_key)
else:
for k in key:
try:
self.token.deserialize(jwt, k)
self.deserializelog.append("Success")
break
except Exception as e: # pylint: disable=broad-except
keyid = k.key_id
if keyid is None:
keyid = k.thumbprint()
self.deserializelog.append('Key [%s] failed: [%s]' % (
keyid, repr(e)))
continue
if "Success" not in self.deserializelog:
raise JWTMissingKey('No working key found in key set')
else:
raise ValueError("Unrecognized Key Type")
if key is not None:
self.header = self.token.jose_header
self.claims = self.token.payload.decode('utf-8')
self._check_provided_claims()
def make_enc_kem(name, value, sig_key, alg, enc_key, enc):
plaintext = make_sig_kem(name, value, sig_key, alg)
eprot = {'kid': enc_key.key_id, 'alg': enc[0], 'enc': enc[1]}
jwe = JWE(plaintext, json_encode(eprot))
jwe.add_recipient(enc_key)
return jwe.serialize(compact=True)
def set(self, key, value, replace=False):
jwe = JWE(value, json_encode({'alg': 'dir', 'enc': self.enc}))
jwe.add_recipient(self.mkey)
cvalue = jwe.serialize(compact=True)
return super(EncryptedStore, self).set(key, cvalue, replace)
def mainServer(q):
filu = 'serverdaemon.ini'
HOST = '0.0.0.0' #change to None if wanted listen from IPv6 address
try:
fp = open(filu, 'r+')
Config.readfp(fp)
url = Config.get('REST', 'url')
header = Config.get('REST', 'header')
tport = int(Config.get('DAEMON', 'port'))
PORT = int(Config.get('DAEMON', 'port'))
fp.close()
except:
filu = input('anna kansion nimi:')
url = input('anna url:')
header = input('anna header:')
port = input('anna port:')
cfgfile = open(filu, 'w')
try:
Config.add_section('REST')
Config.add_section('DAEMON')
print("*** Created sections")
except:
print('*** sections already exists')
Config.set('REST', 'url', url)
Config.set('REST', 'header', header)
Config.set('DAEMON', 'port', port)
Config.write(cfgfile)
cfgfile.close()
tport = int(Config.get('DAEMON', 'port'))
url = Config.get('REST', 'url')
header = Config.get('REST', 'header')
PORT = int(Config.get('DAEMON', 'port'))
print("*** Created information.")
header = ast.literal_eval(header)
while True:
s = None
for res in socket.getaddrinfo(HOST, PORT, socket.AF_UNSPEC,
socket.SOCK_STREAM, 0,
socket.AI_PASSIVE):
af, socktype, proto, canonname, sa = res
try:
s = socket.socket(af, socktype, proto)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
except socket.error as msg:
s = None
continue
try:
#print('Main ***',sa)
s.bind(sa)
s.listen(1)
except socket.error as msg:
s.close()
s = None
continue
break
if s is None:
print('Main *** Could not open socket')
mainServer(q)
#sys.exit(1)
conn, addr = s.accept()
print("*" * 60)
print('Main *** Connected by', addr)
try:
conn.settimeout(5)
data = conn.recv(1024).decode("utf-8")
conn.settimeout(None)
except:
print("Main *** timeout")
mainServer(q)
print(data)
#datan tarkistus ja säikeen aloitus
if data == "I am Client":
print("Main*** Right start message")
#lähetetään julkinen avain
key = JWK(generate="RSA", public_exponent=29, size=1000)
public_key = key.export_public()
conn.send(public_key.encode("utf-8"))
#otetaan viesti vastaan ja avataan
encrypted_signed_token = conn.recv(1024).decode("utf-8")
print(encrypted_signed_token)
E = JWE()
E.deserialize(encrypted_signed_token, key)
raw_payload = E.payload
print("*** raw payload:", raw_payload)
string = raw_payload.decode("utf-8")
print("*** received str:", string)
Payload = json.loads(string)
print("*** JSON:", Payload)
print("*** received payload:", Payload['exp'])
while True:
try:
#käydään kysymässä onko listoilla
mac = str(Payload['exp'])
myResponse = requests.get(url + mac, header)
print(url + mac, header)
print("REST:", myResponse.status_code)
break
except:
print("Main *** REST failed")
if (myResponse.ok):
print("Main *** Found!")
jData = json.loads(myResponse.content.decode("utf-8"))
print("The response contains {0} properties".format(
len(jData)))
#Kontrollerille viestiä, id configuroitavissa
#{
#ip: string,
#valid: bool
#}
#POST /iot-service/:id
#Haetaan "listalta"
if not q.empty():
free_port = q.get()
conn.send(free_port.encode("utf-8"))
else:
tport = str(int(tport) + 1)
conn.send(tport.encode("utf-8"))
#Aloitetaan stringissä uusi yhteys
#conn.shutdown(socket.SHUT_RDWR)
conn.close()
thread.start_new_thread(Listen_Client, (
url,
data,
tport,
q,
header,
))
elif myResponse.status_code == 400:
print("Baasbox is down or configuration file is wrong")
break
else:
print("Not found")
answer = "Good try <3"
conn.send(answer.encode("utf-8"))
break
else:
conn.close()
print("*" * 60)
conn.close()
print("*" * 60)
def decrypt(message: str, encryption_key: JWK) -> str:
"""Decrypt a response from DCS"""
jwetoken = JWE()
jwetoken.deserialize(raw_jwe=message, key=encryption_key)
return jwetoken.payload.decode("utf-8")
def Listen_Client(url, data, tport, q, header):
try:
while True:
HOST = '0.0.0.0'
PORT = tport
s = None
for res in socket.getaddrinfo(HOST, PORT, socket.AF_UNSPEC,
socket.SOCK_STREAM, 0,
socket.AI_PASSIVE):
af, socktype, proto, canonname, sa = res
try:
s = socket.socket(af, socktype, proto)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
except socket.error as msg:
#print(PORT,"Thread *** error message:",msg)
s = None
sys.exit(1)
continue
try:
#print("Thread",sa)
s.bind(sa)
s.listen(1)
except socket.error as msg:
print(PORT, "Thread *** error message:", msg)
s.close()
s = None
sys.exit(1)
continue
break
if s is None:
print(PORT, "Thread *** could not open socket")
break
conn, addr = s.accept()
while True:
#print("-" * 60)
#print('Thread *** connected by', addr)
key = JWK(generate="RSA", public_exponent=29, size=1000)
public_key = key.export_public()
#print('Thread *** public key',public_key)
conn.send(public_key.encode("utf-8"))
#otetaan viesti vastaan ja avataan
try:
conn.settimeout(20)
encrypted_signed_token = conn.recv(1024).decode("utf-8")
#print(encrypted_signed_token)
except:
print(PORT, 'Thread *** time out')
q.put(tport)
break
try:
E = JWE()
E.deserialize(encrypted_signed_token, key)
except Exception as msg:
print(PORT, 'Thread *** Wrong key', encrypted_signed_token)
print(PORT, 'Thread *** Wrong key', public_key)
print(PORT, 'Thread *** Wrong key', msg)
break
raw_payload = E.payload
string = raw_payload.decode("utf-8")
Payload = json.loads(string)
#print("Thread *** received payload:", Payload['exp'])
while True:
try:
#käydään REST app kysymässä Kumokselta
mac = str(Payload['exp'])
#myResponse = requests.get(url + mac,header)
myResponse = Check_rest(url, mac, header)
break
except Exception as msg:
print(PORT, "Thread *** REST failed", msg)
#print(url + mac,header)
#print("Thread *** REST:", myResponse.status_code)
#tarkistus
if (myResponse == 200):
#if(mac=='mac=00-00-00-00-00-01'):
#print("Thread *** Found!")
jData = "mac=00-00-00-00-00-01"
#jData = json.loads(myResponse.content.decode("utf-8"))
#print("The response contains {0} properties".format(len(jData)))
else:
print("Thread *** Not found")
answer = "Good try <3"
conn.send(answer.encode("utf-8"))
q.put(tport)
#SDN irrottaa kyseisen laitteen verkosta
break
conn.close()
#break
print(PORT, "Thread *** end")
print("-" * 60)
except Exception as msg:
print(PORT, "Thread *** Forced end", msg)
print("-" * 60)
def mainServer(kierros, PORT, q):
if (kierros == 0):
info = filu_checker()
print(info)
info = dict(info)
url = info['url']
header = info['header']
PORT = int(info['port'])
tport = int(info['port'])
kierros = 1
HOST = '0.0.0.0' #change to None if wanted listen from IPv6 address
while True:
s = None
for res in socket.getaddrinfo(HOST, PORT, socket.AF_UNSPEC,
socket.SOCK_STREAM, 0,
socket.AI_PASSIVE):
af, socktype, proto, canonname, sa = res
try:
s = socket.socket(af, socktype, proto)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
except socket.error as msg:
print("Main ***", msg)
s = None
continue
try:
#print('Main ***',sa)
s.bind(sa)
s.listen(1)
except socket.error as msg:
print("Main ***", msg)
s.close()
s = None
continue
break
if s is None:
print('Main *** Could not open socket')
time.sleep(10)
PORT = PORT + 1
mainServer(kierros, PORT, q)
#sys.exit(1)
conn, addr = s.accept()
#print("*" * 60)
#print('Main *** Connected by', addr)
try:
#conn.settimeout(5)
data = conn.recv(1024).decode("utf-8")
#conn.settimeout(None)
except:
print("Main *** timeout")
mainServer(kierros, PORT, q)
#print(data)
#datan tarkistus ja säikeen aloitus
if data == "I am Client":
#print("Main*** Right start message")
#lähetetään julkinen avain
key = JWK(generate="RSA", public_exponent=29, size=1000)
public_key = key.export_public()
conn.send(public_key.encode("utf-8"))
#otetaan viesti vastaan ja avataan
encrypted_signed_token = conn.recv(1024).decode("utf-8")
#print(encrypted_signed_token)
try:
E = JWE()
E.deserialize(encrypted_signed_token, key)
raw_payload = E.payload
#print("*** raw payload:",raw_payload)
string = raw_payload.decode("utf-8")
except Exception as msg:
print('Main *** Wrong key', encrypted_signed_token)
print('Main *** Wrong key', public_key)
print('Main *** Wrong key', msg)
break
#print("*** received str:", string)
Payload = json.loads(string)
#print("*** JSON:",Payload)
#print("*** received payload:", Payload['exp'])
while True:
try:
#käydään kysymässä onko listoilla
mac = str(Payload['exp'])
#Tähän kohti kysymys lähetetään request session ohjelmalle
myResponse = Check_rest(url, mac, header)
#myResponse = requests.get(url + mac,header)
#print(url + mac,header)
#print("REST:", myResponse.status_code)
break
except Exception as msg:
print("Main *** REST failed", msg)
sys.exit(1)
if (myResponse == 200):
#if(mac=='mac=00-00-00-00-00-01'):
#print("Main *** Found!")
#jData = json.loads(myResponse.content.decode("utf-8"))
#print("The response contains {0} properties".format(len(jData)))
jData = 'mac=00-00-00-00-00-01'
#Kontrollerille viestiä, id configuroitavissa
#{
#ip: string,
#valid: bool
#}
#POST /iot-service/:id
#Haetaan "listalta"
if not q.empty():
free_port = q.get()
conn.send(free_port.encode("utf-8"))
else:
tport = str(int(tport) + 1)
conn.send(tport.encode("utf-8"))
#Aloitetaan stringissä uusi yhteys
#conn.shutdown(socket.SHUT_RDWR)
conn.close()
thread.start_new_thread(Listen_Client, (
url,
data,
tport,
q,
header,
))
else:
print("Not found", myResponse.status_code)
answer = "Good try <3"
conn.send(answer.encode("utf-8"))
break
else:
conn.close()
print("*" * 60)
conn.close()
print("*" * 60)
def decrypt_and_decode(raw_string, key_pair):
token = JWE()
token.deserialize(raw_string, key=key_pair['private'])
return token.payload
