async def sign_certificate(self, request: Request) -> StreamResponse:
csr_bytes = await request.content.read()
cert, fingerprint = self.cert_handler.sign(csr_bytes)
headers = {"SHA256-Fingerprint": fingerprint}
return HTTPOk(headers=headers,
body=cert,
content_type="application/x-pem-file")
async def get(self):
await self.check_user_exists()
async with self.pg.transaction() as conn:
user = await self.get_user(conn, self.user_id)
# TODO Get features via one query
user = dict(user)
feature_ids = user.pop("feature_ids", [])
user["features"] = await self.get_features(conn, feature_ids)
return HTTPOk(body={"data": user})
async def certificate(self, _: Request) -> StreamResponse:
cert, fingerprint = self.cert_handler.authority_certificate
headers = {"SHA256-Fingerprint": fingerprint}
if self.args.psk:
headers["Authorization"] = "Bearer " + encode_jwt(
{"sha256_fingerprint": fingerprint}, self.args.psk)
return HTTPOk(headers=headers,
body=cert,
content_type="application/x-pem-file")
async def get(self):
await self.check_item_exists()
async with self.pg.transaction() as conn:
item = await self.get_item(conn, self.item_id)
# TODO Get features via one query
item = dict(item)
feature_ids = item.pop("feature_ids", [])
item["features"] = await self.get_features(conn, feature_ids)
return HTTPOk(body={"data": item})
async def get(self):
await self.check_user_exists()
items = await self.redis.lrange(f"{self.user_id}", 0, self.limit)
if not items:
items = await self.redis.srandmember("latest", self.limit)
items = [{"id": int(i.decode())} for i in items]
return HTTPOk(body={"data": items})
async def delete(self):
group_id = self.request.match_info.get('group_id')
group = get_object_or_404(Host, Host.id == group_id)
if group.delete_instance():
return HTTPOk()
return HTTPInternalServerError()
async def post(self):
data = await self.request.post()
if data and Group.filter(**data).exists():
raise HTTPBadRequest()
group = dict_to_model(Group, data)
group.save()
return HTTPOk()
async def logout(self, _: Request):
"""
Delete the authorization cookie.
Args:
_: input REST request
Returns: json REST response
"""
response = HTTPOk()
response.del_cookie('JWT_TOKEN')
return response
async def certificate(self, _: Request) -> StreamResponse:
cert, fingerprint = self.cert_handler.authority_certificate
headers = {
"SHA256-Fingerprint": fingerprint,
"Content-Disposition": 'attachment; filename="resoto_root_ca.pem"',
}
if self.config.args.psk:
headers["Authorization"] = "Bearer " + encode_jwt(
{"sha256_fingerprint": fingerprint}, self.config.args.psk)
return HTTPOk(headers=headers,
body=cert,
content_type="application/x-pem-file")
async def patch(self):
data = await self.request.post()
group_name = data.get('name')
group_id = self.request.match_info.get('group_id')
group = Host.get(Host.id == group_id)
if group and group_name == group.name:
raise HTTPBadRequest()
if Host.filter(Host.name == group_name).exists():
raise HTTPBadRequest()
group.name = group_name
if group.save():
return HTTPOk()
return HTTPInternalServerError()
async def post(self):
data = await self.request.post()
group_id = get_data_or_400(data, 'group_id', raise_exception=False)
hostname = get_data_or_400(data, 'hostname')
ip_address = get_data_or_400(data, 'ip_address')
username = get_data_or_400(data, 'username')
password = get_data_or_400(data, 'password')
ssh_key = get_data_or_400(data, 'ssh_key')
post_login_cmd = get_data_or_400(data, 'post_login_cmd')
if data and Host.filter(**data).exists():
raise HTTPBadRequest()
if group_id is not None and not Group.filter(Group.id == group_id).exists():
raise HTTPBadRequest()
host = dict_to_model(Host, data)
host.save()
return HTTPOk()
async def get(self):
await self.check_user_exists()
async with self.pg.transaction() as conn:
history = await self.get_history(conn, self.user_id, self.limit)
return HTTPOk(body={"data": history})
async def handler(self, request: Request) -> Response:
if request.method == 'GET' and request.path in self.challenges:
return HTTPOk(body=self.challenges[request.path])
else:
return HTTPMovedPermanently(
f'https://{request.host}{request.path_qs}')