def post(self, account_id, source_slr_id, sink_slr_id):
try:
endpoint = str(
api.url_for(self,
account_id=account_id,
source_slr_id=source_slr_id,
sink_slr_id=sink_slr_id))
except Exception as exp:
endpoint = str(__name__)
try:
api_key = request.headers.get('Api-Key')
except Exception as exp:
logger.error("No ApiKey in headers")
logger.debug("No ApiKey in headers: " + repr(repr(exp)))
return provideApiKey(endpoint=endpoint)
try:
account_id = str(account_id)
except Exception as exp:
raise ApiError(code=400,
title="Unsupported account_id",
detail=repr(exp),
source=endpoint)
try:
source_slr_id = str(source_slr_id)
except Exception as exp:
raise ApiError(code=400,
title="Unsupported source_slr_id",
detail=repr(exp),
source=endpoint)
try:
sink_slr_id = str(sink_slr_id)
except Exception as exp:
raise ApiError(code=400,
title="Unsupported sink_slr_id",
detail=repr(exp),
source=endpoint)
# load JSON
json_data = request.get_json()
if not json_data:
error_detail = {
'0': 'Set application/json as Content-Type',
'1': 'Provide json payload'
}
raise ApiError(code=400,
title="No input data provided",
detail=error_detail,
source=endpoint)
else:
logger.debug("json_data: " + json.dumps(json_data))
# Validate payload content
schema = NewConsent()
schema_validation_result = schema.load(json_data)
# Check validation errors
if schema_validation_result.errors:
logger.error("Invalid payload")
raise ApiError(code=400,
title="Invalid payload",
detail=dict(schema_validation_result.errors),
source=endpoint)
else:
logger.debug("JSON validation -> OK")
######
# Source
######
# Consent Record
try:
source_cr_payload = json_data['data']['source'][
'consentRecordPayload']['attributes']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch source_cr_payload from json",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got source_cr_payload: " +
json.dumps(source_cr_payload))
# Consent Status Record
try:
source_csr_payload = json_data['data']['source'][
'consentStatusRecordPayload']['attributes']
except Exception as exp:
raise ApiError(
code=400,
title="Could not fetch source_csr_payload from json",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got source_csr_payload: " +
json.dumps(source_csr_payload))
######
# Sink
######
# Consent Record
try:
sink_cr_payload = json_data['data']['sink'][
'consentRecordPayload']['attributes']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch sink_cr_payload from json",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got sink_cr_payload: " + json.dumps(sink_cr_payload))
# Consent Status Record
try:
sink_csr_payload = json_data['data']['sink'][
'consentStatusRecordPayload']['attributes']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch sink_csr_payload from json",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got sink_csr_payload: " +
json.dumps(sink_csr_payload))
#####
# IDs from CR and CSR payloads
#####
try:
# Source CR
try:
source_cr_cr_id = source_cr_payload['common_part']['cr_id']
source_cr_rs_id = source_cr_payload['common_part'][
'rs_description']['resource_set']['rs_id']
source_cr_slr_id = source_cr_payload['common_part']['slr_id']
source_cr_subject_id = source_cr_payload['common_part'][
'subject_id']
source_cr_surrogate_id = source_cr_payload['common_part'][
'surrogate_id']
source_cr_role = source_cr_payload['common_part']['role']
except Exception as exp:
error_title = "Could not fetch IDs from Source CR payload"
raise
# Source CSR
try:
source_csr_surrogate_id = source_csr_payload['surrogate_id']
source_csr_cr_id = source_csr_payload['cr_id']
source_csr_prev_record_id = source_csr_payload[
'prev_record_id']
source_csr_record_id = source_csr_payload['record_id']
source_csr_consent_status = source_csr_payload[
'consent_status']
source_csr_issued = source_csr_payload['iat']
except Exception as exp:
error_title = "Could not fetch IDs from Source CSR payload"
raise
# Sink CR
try:
sink_cr_cr_id = sink_cr_payload['common_part']['cr_id']
sink_cr_rs_id = sink_cr_payload['common_part'][
'rs_description']['resource_set']['rs_id']
sink_cr_slr_id = sink_cr_payload['common_part']['slr_id']
sink_cr_subject_id = sink_cr_payload['common_part'][
'subject_id']
sink_cr_surrogate_id = sink_cr_payload['common_part'][
'surrogate_id']
sink_cr_role = sink_cr_payload['common_part']['role']
except Exception as exp:
error_title = "Could not fetch IDs from Sink CR payload"
raise
# Sink CSR
try:
sink_csr_surrogate_id = sink_csr_payload['surrogate_id']
sink_csr_cr_id = sink_csr_payload['cr_id']
sink_csr_prev_record_id = sink_csr_payload['prev_record_id']
sink_csr_record_id = sink_csr_payload['record_id']
sink_csr_consent_status = sink_csr_payload['consent_status']
sink_csr_issued = sink_csr_payload['iat']
except Exception as exp:
error_title = "Could not fetch IDs from Sink CSR payload"
raise
except Exception as exp:
logger.error(error_title)
raise ApiError(code=400,
title=error_title,
detail=repr(exp),
source=endpoint)
else:
logger.info("IDs fetched from CR and CSR payloads")
######
# Sign
####
# Sign Source CR
try:
source_cr_signed = sign_cr(account_id=account_id,
payload=source_cr_payload,
endpoint=endpoint)
except Exception as exp:
logger.error("Could not sign Source's CR: " + repr(exp))
raise
else:
logger.info("Source CR signed")
logger.debug("source_cr_signed: " + json.dumps(source_cr_signed))
# Sign Source CSR
try:
source_csr_signed = sign_csr(account_id=account_id,
payload=source_csr_payload,
endpoint=endpoint)
except Exception as exp:
logger.error("Could not sign Source's CSR: " + repr(exp))
raise
else:
logger.info("Source CSR signed")
logger.debug("source_csr_signed: " + json.dumps(source_csr_signed))
# Sign Sink CR
try:
sink_cr_signed = sign_cr(account_id=account_id,
payload=sink_cr_payload,
endpoint=endpoint)
except Exception as exp:
logger.error("Could not sign Source's CR: " + repr(exp))
raise
else:
logger.info("Sink's CR signed")
logger.debug("sink_cr_signed: " + json.dumps(sink_cr_signed))
# Sign Sink CSR
try:
sink_csr_signed = sign_csr(account_id=account_id,
payload=sink_csr_payload,
endpoint=endpoint)
except Exception as exp:
logger.error("Could not sign Sink's CSR: " + repr(exp))
raise
else:
logger.info("Sink's CSR signed")
logger.debug("sink_csr_signed: " + json.dumps(sink_csr_signed))
#########
# Store #
#########
logger.info("Creating objects to store")
# Source SLR
try:
logger.info("Creating Source SLR")
source_slr_entry = ServiceLinkRecord(
surrogate_id=source_cr_surrogate_id,
account_id=account_id,
service_link_record_id=source_cr_slr_id)
except Exception as exp:
error_title = "Failed to create Source's Service Link Record object"
logger.error(error_title + ": " + repr(exp))
raise ApiError(code=500,
title=error_title,
detail=repr(exp),
source=endpoint)
else:
logger.info("source_slr_entry created")
logger.info("source_slr_entry: " + source_slr_entry.log_entry)
# Sink SLR
try:
logger.info("Creating Sink SLR")
sink_slr_entry = ServiceLinkRecord(
surrogate_id=sink_cr_surrogate_id,
account_id=account_id,
service_link_record_id=sink_cr_slr_id)
except Exception as exp:
error_title = "Failed to create Sink's Service Link Record object"
logger.error(error_title + ": " + repr(exp))
raise ApiError(code=500,
title=error_title,
detail=repr(exp),
source=endpoint)
else:
logger.info("sink_slr_entry created")
logger.info("sink_slr_entry: " + sink_slr_entry.log_entry)
# Source CR
try:
logger.info("Creating Source CR")
source_cr_entry = ConsentRecord(
consent_record=source_cr_signed,
consent_id=source_cr_cr_id,
surrogate_id=source_cr_surrogate_id,
resource_set_id=source_cr_rs_id,
service_link_record_id=source_cr_slr_id,
subject_id=source_cr_subject_id,
role=source_cr_role)
except Exception as exp:
error_title = "Failed to create Source's Consent Record object"
logger.error(error_title + ": " + repr(exp))
raise ApiError(code=500,
title=error_title,
detail=repr(exp),
source=endpoint)
else:
logger.info("source_cr_entry created")
logger.info("source_cr_entry: " + source_cr_entry.log_entry)
# Sink CR
try:
logger.info("Creating Sink CR")
sink_cr_entry = ConsentRecord(
consent_record=sink_cr_signed,
consent_id=sink_cr_cr_id,
surrogate_id=sink_cr_surrogate_id,
resource_set_id=sink_cr_rs_id,
service_link_record_id=sink_cr_slr_id,
subject_id=sink_cr_subject_id,
role=sink_cr_role)
except Exception as exp:
error_title = "Failed to create Sink's Consent Record object"
logger.error(error_title + ": " + repr(exp))
raise ApiError(code=500,
title=error_title,
detail=repr(exp),
source=endpoint)
else:
logger.info("sink_cr_entry created")
logger.info("sink_cr_entry: " + sink_cr_entry.log_entry)
# Source CSR
try:
logger.info("Creating Source CSR")
source_csr_entry = ConsentStatusRecord(
consent_status_record_id=source_csr_record_id,
status=source_csr_consent_status,
consent_status_record=source_csr_signed,
consent_record_id=source_csr_cr_id,
issued_at=source_csr_issued,
prev_record_id=source_csr_prev_record_id)
except Exception as exp:
error_title = "Failed to create Source's Consent Status Record object"
logger.error(error_title + ": " + repr(exp))
raise ApiError(code=500,
title=error_title,
detail=repr(exp),
source=endpoint)
else:
logger.info("source_csr_entry created")
logger.info("source_csr_entry: " + source_csr_entry.log_entry)
# Sink CSR
try:
logger.info("Creating Sink CSR")
sink_csr_entry = ConsentStatusRecord(
consent_status_record_id=sink_csr_record_id,
status=sink_csr_consent_status,
consent_status_record=sink_csr_signed,
consent_record_id=sink_csr_cr_id,
issued_at=sink_csr_issued,
prev_record_id=sink_csr_prev_record_id)
except Exception as exp:
error_title = "Failed to create Sink's Consent Status Record object"
logger.error(error_title + ": " + repr(exp))
raise ApiError(code=500,
title=error_title,
detail=repr(exp),
source=endpoint)
else:
logger.info("sink_csr_entry created")
logger.info("sink_csr_entry: " + sink_csr_entry.log_entry)
# Store CRs and CSRs
try:
logger.info(
"About to store Consent Records and Consent Status Records")
stored_source_cr_entry, stored_source_csr_entry, stored_sink_cr_entry, stored_sink_csr_entry = store_cr_and_csr(
source_slr_entry=source_slr_entry,
sink_slr_entry=sink_slr_entry,
source_cr_entry=source_cr_entry,
source_csr_entry=source_csr_entry,
sink_cr_entry=sink_cr_entry,
sink_csr_entry=sink_csr_entry,
endpoint=endpoint)
except Exception as exp:
error_title = "Could not store Consent Record and Consent Status Record"
logger.error(error_title + ": " + repr(exp))
raise
else:
logger.info("Stored Consent Record and Consent Status Record")
logger.info("Source CR: " + stored_source_cr_entry.log_entry)
logger.info("Source CSR: " + stored_source_csr_entry.log_entry)
logger.info("Sink CR: " + stored_sink_cr_entry.log_entry)
logger.info("Sink CSR: " + stored_sink_csr_entry.log_entry)
# Response data container
try:
response_data = {}
response_data['data'] = {}
response_data['data']['source'] = {}
response_data['data']['source']['consentRecord'] = {}
response_data['data']['source']['consentRecord'][
'type'] = "ConsentRecord"
response_data['data']['source']['consentRecord']['attributes'] = {}
response_data['data']['source']['consentRecord']['attributes'][
'cr'] = stored_source_cr_entry.to_record_dict
response_data['data']['source']['consentStatusRecord'] = {}
response_data['data']['source']['consentStatusRecord'][
'type'] = "ConsentStatusRecord"
response_data['data']['source']['consentStatusRecord'][
'attributes'] = {}
response_data['data']['source']['consentStatusRecord'][
'attributes']['csr'] = stored_source_csr_entry.to_record_dict
response_data['data']['sink'] = {}
response_data['data']['sink']['consentRecord'] = {}
response_data['data']['sink']['consentRecord'][
'type'] = "ConsentRecord"
response_data['data']['sink']['consentRecord']['attributes'] = {}
response_data['data']['sink']['consentRecord']['attributes'][
'cr'] = stored_sink_cr_entry.to_record_dict
response_data['data']['sink']['consentStatusRecord'] = {}
response_data['data']['sink']['consentStatusRecord'][
'type'] = "ConsentStatusRecord"
response_data['data']['sink']['consentStatusRecord'][
'attributes'] = {}
response_data['data']['sink']['consentStatusRecord']['attributes'][
'csr'] = stored_sink_csr_entry.to_record_dict
except Exception as exp:
logger.error('Could not prepare response data: ' + repr(exp))
raise ApiError(code=500,
title="Could not prepare response data",
detail=repr(exp),
source=endpoint)
else:
logger.info('Response data ready')
logger.debug('response_data: ' + json.dumps(response_data))
response_data_dict = dict(response_data)
logger.debug('response_data_dict: ' + json.dumps(response_data_dict))
return make_json_response(data=response_data_dict, status_code=201)
def post(self):
"""
Example JSON
{
"username": "******",
"password": "******",
"firstName": "string",
"lastName": "string",
"email": "*****@*****.**",
"dateOfBirth": "18-08-2016",
"acceptTermsOfService": "True"
}
:return:
"""
try:
endpoint = str(api.url_for(self))
except Exception as exp:
endpoint = str(__name__)
# load JSON
json_data = request.get_json()
if not json_data:
error_detail = {'0': 'Set application/json as Content-Type', '1': 'Provide json payload'}
raise ApiError(code=400, title="No input data provided", detail=error_detail, source=endpoint)
else:
logger.debug("json_data: " + json.dumps(json_data))
# Validate payload content
schema = AccountSchema2()
schema_validation_result = schema.load(json_data)
# Check validation errors
if schema_validation_result.errors:
logger.error("Invalid payload")
raise ApiError(code=400, title="Invalid payload", detail=dict(schema_validation_result.errors), source=endpoint)
else:
logger.debug("JSON validation -> OK")
try:
username = json_data['username']
password = json_data['password']
firstName = json_data['firstName']
lastName = json_data['lastName']
email_address = json_data['email']
dateOfBirth = json_data['dateOfBirth']
acceptTermsOfService = json_data['acceptTermsOfService']
global_identifier = str(uuid.uuid4())
salt_str = str(bcrypt.gensalt())
pwd_hash = bcrypt.hashpw(str(password), salt_str)
except Exception as exp:
error_title = "Could not prepare Account data"
logger.error(error_title)
raise ApiError(code=400, title=error_title, detail=repr(exp), source=endpoint)
# DB cursor
cursor = get_db_cursor()
try:
###
# Accounts
logger.debug('Accounts')
account = Account(global_identifyer=global_identifier)
account.to_db(cursor=cursor)
###
# localIdentityPWDs
logger.debug('localIdentityPWDs')
local_pwd = LocalIdentityPWD(password=pwd_hash)
local_pwd.to_db(cursor=cursor)
###
# localIdentities
logger.debug('localIdentities')
local_identity = LocalIdentity(
username=username,
pwd_id=local_pwd.id,
accounts_id=account.id
)
local_identity.to_db(cursor=cursor)
###
# salts
logger.debug('salts')
salt = Salt(
salt=salt_str,
identity_id=local_identity.id
)
salt.to_db(cursor=cursor)
###
# Particulars
logger.debug('particulars')
particulars = Particulars(
firstname=firstName,
lastname=lastName,
date_of_birth=dateOfBirth,
account_id=account.id
)
logger.debug("to_dict: " + repr(particulars.to_dict))
cursor = particulars.to_db(cursor=cursor)
###
# emails
logger.debug('emails')
email = Email(
email=email_address,
type="Personal",
prime=1,
account_id=account.id
)
email.to_db(cursor=cursor)
###
# Commit
db.connection.commit()
except Exception as exp:
error_title = "Could not create Account"
logger.debug('commit failed: ' + repr(exp))
logger.debug('--> rollback')
logger.error(error_title)
db.connection.rollback()
raise ApiError(code=500, title=error_title, detail=repr(exp), source=endpoint)
else:
logger.debug('Account commited')
try:
logger.info("Generating Key for Account")
kid = gen_account_key(account_id=account.id)
except Exception as exp:
error_title = "Could not generate Key for Account"
logger.debug(error_title + ': ' + repr(exp))
#raise ApiError(code=500, title=error_title, detail=repr(exp), source=endpoint)
else:
logger.info("Generated Key for Account with Key ID: " + str(kid))
try:
logger.info("Generating API Key for Account")
api_key = gen_account_api_key(account_id=account.id)
except Exception as exp:
error_title = "Could not generate API Key for Account"
logger.debug(error_title + ': ' + repr(exp))
#raise ApiError(code=500, title=error_title, detail=repr(exp), source=endpoint)
else:
logger.info("Generated API Key: " + str(api_key))
data = cursor.fetchall()
logger.debug('data: ' + repr(data))
# Response data container
try:
response_data = {}
response_data['meta'] = {}
response_data['meta']['activationInstructions'] = "Account activated already"
response_data['data'] = {}
response_data['data']['type'] = "Account"
response_data['data']['id'] = str(account.id)
response_data['data']['attributes'] = {}
response_data['data']['attributes']['username'] = username
response_data['data']['attributes']['firstName'] = firstName
response_data['data']['attributes']['lastName'] = lastName
response_data['data']['attributes']['email'] = email_address
response_data['data']['attributes']['dateOfBirth'] = dateOfBirth
response_data['data']['attributes']['acceptTermsOfService'] = acceptTermsOfService
except Exception as exp:
logger.error('Could not prepare response data: ' + repr(exp))
raise ApiError(code=500, title="Could not prepare response data", detail=repr(exp), source=endpoint)
else:
logger.info('Response data ready')
logger.debug('response_data: ' + repr(response_data))
response_data_dict = dict(response_data)
logger.debug('response_data_dict: ' + repr(response_data_dict))
return make_json_response(data=response_data_dict, status_code=201)
def get(self, sink_cr_id):
try:
endpoint = str(api.url_for(self, sink_cr_id=sink_cr_id))
except Exception as exp:
endpoint = str(__name__)
try:
api_key = request.headers.get('Api-Key')
except Exception as exp:
logger.error("No ApiKey in headers")
logger.debug("No ApiKey in headers: " + repr(repr(exp)))
return provideApiKey(endpoint=endpoint)
try:
sink_cr_id = str(sink_cr_id)
except Exception as exp:
raise ApiError(code=400,
title="Unsupported sink_cr_id",
detail=repr(exp),
source=endpoint)
else:
logger.debug("sink_cr_id: " + repr(sink_cr_id))
# Init Sink's Consent Record Object
try:
sink_cr_entry = ConsentRecord(consent_id=sink_cr_id, role="Sink")
except Exception as exp:
error_title = "Failed to create Sink's Consent Record object"
logger.error(error_title + ": " + repr(exp))
raise ApiError(code=500,
title=error_title,
detail=repr(exp),
source=endpoint)
else:
logger.debug("sink_cr_entry: " + sink_cr_entry.log_entry)
try:
source_cr, sink_slr = get_auth_token_data(
sink_cr_object=sink_cr_entry)
except Exception as exp:
error_title = "Failed to get Authorization token data"
logger.error(error_title + ": " + repr(exp))
raise ApiError(code=500,
title=error_title,
detail=repr(exp),
source=endpoint)
else:
logger.debug("source_cr: " + source_cr.log_entry)
logger.debug("sink_slr: " + sink_slr.log_entry)
# Response data container
try:
response_data = {}
response_data['data'] = {}
response_data['data']['source'] = {}
response_data['data']['source']['consentRecord'] = {}
response_data['data']['source']['consentRecord'][
'type'] = "ConsentRecord"
response_data['data']['source']['consentRecord']['attributes'] = {}
response_data['data']['source']['consentRecord']['attributes'][
'cr'] = source_cr.to_record_dict
response_data['data']['sink'] = {}
response_data['data']['sink']['serviceLinkRecord'] = {}
response_data['data']['sink']['serviceLinkRecord'][
'type'] = "ServiceLinkRecord"
response_data['data']['sink']['serviceLinkRecord'][
'attributes'] = {}
response_data['data']['sink']['serviceLinkRecord']['attributes'][
'slr'] = sink_slr.to_record_dict
except Exception as exp:
logger.error('Could not prepare response data: ' + repr(exp))
raise ApiError(code=500,
title="Could not prepare response data",
detail=repr(exp),
source=endpoint)
else:
logger.info('Response data ready')
logger.debug('response_data: ' + json.dumps(response_data))
response_data_dict = dict(response_data)
logger.debug('response_data_dict: ' + json.dumps(response_data_dict))
return make_json_response(data=response_data_dict, status_code=200)
def handle_apierror(error):
error_dict = error.to_dict()
logger = get_custom_logger(logger_name="ApiError")
logger.error(json.dumps(error_dict))
return make_json_response(errors=error_dict,
status_code=str(error_dict['code']))
def post(self, account_id):
try:
endpoint = str(api.url_for(self, account_id=account_id))
except Exception as exp:
endpoint = str(__name__)
try:
api_key = request.headers.get('Api-Key')
except Exception as exp:
logger.error("No ApiKey in headers")
logger.debug("No ApiKey in headers: " + repr(repr(exp)))
return provideApiKey(endpoint=endpoint)
try:
account_id = str(account_id)
except Exception as exp:
raise ApiError(code=400,
title="Unsupported account_id",
detail=repr(exp),
source=endpoint)
# load JSON
json_data = request.get_json()
if not json_data:
error_detail = {
'0': 'Set application/json as Content-Type',
'1': 'Provide json payload'
}
raise ApiError(code=400,
title="No input data provided",
detail=error_detail,
source=endpoint)
else:
logger.debug("json_data: " + json.dumps(json_data))
# Validate payload content
schema = NewServiceLink()
schema_validation_result = schema.load(json_data)
# Check validation errors
if schema_validation_result.errors:
logger.error("Invalid payload")
raise ApiError(code=400,
title="Invalid payload",
detail=dict(schema_validation_result.errors),
source=endpoint)
else:
logger.debug("JSON validation -> OK")
# Get slr payload
try:
slr_payload = json_data['data']['slr']['attributes']
except Exception as exp:
logger.error("Could not fetch slr payload from json")
raise ApiError(code=400,
title="Could not fetch slr payload from json",
detail=repr(exp),
source=endpoint)
# Get surrogate_id
try:
surrogate_id = json_data['data']['surrogate_id']
except Exception as exp:
logger.error("Could not fetch surrogate id from json")
raise ApiError(code=400,
title="Could not fetch surrogate id from json",
detail=repr(exp),
source=endpoint)
# Get code
try:
code = json_data['code']
except Exception as exp:
logger.error("Could not fetch code from json")
raise ApiError(code=400,
title="Could not fetch code from json",
detail=repr(exp),
source=endpoint)
# Sign SLR
try:
slr_signed_dict = sign_slr(account_id=account_id,
slr_payload=slr_payload,
endpoint=str(endpoint))
except Exception as exp:
logger.error("Could not sign SLR")
logger.debug("Could not sign SLR: " + repr(exp))
raise
# Response data container
try:
response_data = {}
response_data['code'] = code
response_data['data'] = {}
response_data['data']['slr'] = {}
response_data['data']['slr']['type'] = "ServiceLinkRecord"
response_data['data']['slr']['attributes'] = {}
response_data['data']['slr']['attributes']['slr'] = slr_signed_dict
response_data['data']['surrogate_id'] = surrogate_id
except Exception as exp:
logger.error('Could not prepare response data: ' + repr(exp))
raise ApiError(code=500,
title="Could not prepare response data",
detail=repr(exp),
source=endpoint)
else:
logger.info('Response data ready')
logger.debug('response_data: ' + repr(response_data))
response_data_dict = dict(response_data)
logger.debug('response_data_dict: ' + repr(response_data_dict))
return make_json_response(data=response_data_dict, status_code=201)
def get(self, account_id, service_id):
try:
endpoint = str(
api.url_for(self, account_id=account_id,
service_id=service_id))
except Exception as exp:
endpoint = str(__name__)
try:
api_key = request.headers.get('Api-Key')
except Exception as exp:
logger.error("No ApiKey in headers")
logger.debug("No ApiKey in headers: " + repr(repr(exp)))
return provideApiKey(endpoint=endpoint)
try:
account_id = str(account_id)
except Exception as exp:
raise ApiError(code=400,
title="Unsupported account_id",
detail=repr(exp),
source=endpoint)
try:
service_id = str(service_id)
except Exception as exp:
raise ApiError(code=400,
title="Unsupported service_id",
detail=repr(exp),
source=endpoint)
try:
surrogate_id = get_surrogate_id_by_account_and_service(
account_id=account_id,
service_id=service_id,
endpoint=endpoint)
except IndexError as exp:
raise ApiError(
code=404,
title="Nothing could not be found with provided information",
detail=repr(exp),
source=endpoint)
except Exception as exp:
logger.error('Could not get surrogate_id: ' + repr(exp))
raise ApiError(code=500,
title="Could not get surrogate_id",
detail=repr(exp),
source=endpoint)
else:
logger.debug('Got surrogate_id: ' + repr(surrogate_id))
# Response data container
try:
response_data = {}
response_data['data'] = {}
response_data['data']['surrogate_id'] = {}
response_data['data']['surrogate_id']['type'] = "SurrogateId"
response_data['data']['surrogate_id']['attributes'] = surrogate_id
except Exception as exp:
logger.error('Could not prepare response data: ' + repr(exp))
raise ApiError(code=500,
title="Could not prepare response data",
detail=repr(exp),
source=endpoint)
else:
logger.info('Response data ready')
logger.debug('response_data: ' + repr(response_data))
response_data_dict = dict(response_data)
logger.debug('response_data_dict: ' + repr(response_data_dict))
return make_json_response(data=response_data_dict, status_code=200)
def post(self, account_id):
try:
endpoint = str(api.url_for(self, account_id=account_id))
except Exception as exp:
endpoint = str(__name__)
try:
api_key = request.headers.get('Api-Key')
except Exception as exp:
logger.error("No ApiKey in headers")
logger.debug("No ApiKey in headers: " + repr(repr(exp)))
return provideApiKey(endpoint=endpoint)
try:
account_id = str(account_id)
except Exception as exp:
raise ApiError(code=400,
title="Unsupported account_id",
detail=repr(exp),
source=endpoint)
# load JSON
json_data = request.get_json()
if not json_data:
error_detail = {
'0': 'Set application/json as Content-Type',
'1': 'Provide json payload'
}
raise ApiError(code=400,
title="No input data provided",
detail=error_detail,
source=endpoint)
else:
logger.debug("json_data: " + json.dumps(json_data))
# Validate payload content
schema = VerifyServiceLink()
schema_validation_result = schema.load(json_data)
# Check validation errors
if schema_validation_result.errors:
raise ApiError(code=400,
title="Invalid payload",
detail=dict(schema_validation_result.errors),
source=endpoint)
else:
logger.debug("JSON validation -> OK")
######
# SLR
######
#
# Get slr
try:
slr = json_data['data']['slr']['attributes']['slr']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch slr from json",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got slr: " + json.dumps(slr))
# Get surrogate_id
try:
surrogate_id = json_data['data']['surrogate_id']['attributes'][
'surrogate_id']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch surrogate id from json",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got surrogate_id: " + str(surrogate_id))
# Decode slr payload
try:
#print (json.dumps(json_data))
slr_payload_encoded = slr['payload']
slr_payload_encoded += '=' * (-len(slr_payload_encoded) % 4
) # Fix incorrect padding, base64
slr_payload_decoded = b64decode(slr_payload_encoded).replace(
'\\', '').replace('"{', '{').replace('}"', '}')
slr_payload_dict = json.loads(slr_payload_decoded)
except Exception as exp:
raise ApiError(code=400,
title="Could not decode slr payload",
detail=repr(exp),
source=endpoint)
else:
logger.debug("slr_payload_decoded: " + str(slr_payload_decoded))
# Get service_link_record_id
try:
slr_id = slr_payload_dict['link_id']
except Exception as exp:
raise ApiError(
code=400,
title="Could not fetch service link record id from json",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got slr_id: " + str(slr_id))
# Get service_id
try:
service_id = slr_payload_dict['service_id']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch service id from json",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got service_id: " + str(service_id))
# Get operator_id
try:
operator_id = slr_payload_dict['operator_id']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch operator id from json",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got operator_id: " + str(operator_id))
#######
# Ssr
#######
#
# Get ssr payload
try:
ssr_payload = json_data['data']['ssr']['attributes']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch ssr from json",
detail=repr(exp),
source=endpoint)
# Get ssr_id
try:
ssr_id = ssr_payload['record_id']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch record_id from ssr_payload",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got ssr_id: " + str(ssr_id))
# Get ssr_status
try:
ssr_status = ssr_payload['sl_status']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch sl_status from ssr_payload",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got ssr_status: " + str(ssr_status))
# Get slr_id_from_ssr
try:
slr_id_from_ssr = ssr_payload['slr_id']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch slr_id from ssr_payload",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got slr_id: " + str(slr_id))
# Get prev_ssr_id
try:
prev_ssr_id = ssr_payload['prev_record_id']
except Exception as exp:
raise ApiError(
code=400,
title="Could not fetch prev_ssr_id from ssr_payload",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got prev_ssr_id: " + str(prev_ssr_id))
# Get iat
try:
ssr_iat = int(ssr_payload['iat'])
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch iat from ssr_payload",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got iat: " + str(prev_ssr_id))
#
# Get code
try:
code = json_data['code']
except Exception as exp:
raise ApiError(code=400,
title="Could not fetch code from json",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Got code: " + str(code))
##
##
# Check that slr and ssr payload are matching # TODO: Jatka slr:n ja ssr:n keskinäistä vertailua ja validointia
if not slr_id == slr_id_from_ssr:
detail_data = {
'slr_id': str(slr_id),
'slr_id_from_ssr': str(slr_id_from_ssr)
}
raise ApiError(code=409,
title="Service Link Record ID's are not matching",
detail=detail_data,
source=endpoint)
##
##
# Verify Account owner's signature in Service Link Record
try:
slr_verified = verify_jws_signature_with_jwk(
account_id=account_id, jws_json_to_verify=json.dumps(slr))
except Exception as exp:
logger.error(
"Could not verify Account owner's signature in Service Link Record: "
+ repr(exp))
raise ApiError(
code=500,
title=
"Failed to verify Account owner's signature in Service Link Record",
detail=repr(exp),
source=endpoint)
else:
logger.info('Service Link Record verified')
logger.info('Verification passed: ' + str(slr_verified))
# Sign Ssr
try:
ssr_signed = sign_ssr(account_id=account_id,
ssr_payload=ssr_payload,
endpoint=str(endpoint))
except Exception as exp:
logger.error("Could not sign Ssr")
logger.debug("Could not sign Ssr: " + repr(exp))
raise
# Store slr and ssr
logger.info(
"Storing Service Link Record and Service Link Status Record")
try:
slr_entry = ServiceLinkRecord(service_link_record=slr,
service_link_record_id=slr_id,
service_id=service_id,
surrogate_id=surrogate_id,
operator_id=operator_id,
account_id=account_id)
except Exception as exp:
logger.error('Could not create Service Link Record object: ' +
repr(exp))
raise ApiError(code=500,
title="Failed to create Service Link Record object",
detail=repr(exp),
source=endpoint)
try:
ssr_entry = ServiceLinkStatusRecord(
service_link_status_record_id=ssr_id,
status=ssr_status,
service_link_status_record=ssr_signed,
service_link_record_id=slr_id_from_ssr,
issued_at=ssr_iat,
prev_record_id=prev_ssr_id)
except Exception as exp:
logger.error(
'Could not create Service Link Status Record object: ' +
repr(exp))
raise ApiError(
code=500,
title="Failed to create Service Link Status Record object",
detail=repr(exp),
source=endpoint)
try:
stored_slr_entry, stored_ssr_entry = store_slr_and_ssr(
slr_entry=slr_entry,
ssr_entry=ssr_entry,
endpoint=str(endpoint))
except Exception as exp:
logger.error(
"Could not store Service Link Record and Service Link Status Record"
)
logger.debug("Could not store SLR and Ssr: " + repr(exp))
raise
else:
logger.info(
"Stored Service Link Record and Service Link Status Record")
logger.debug("stored_slr_entry: " + stored_slr_entry.log_entry)
logger.debug("stored_ssr_entry: " + stored_ssr_entry.log_entry)
# Response data container
try:
response_data = {}
response_data['code'] = code
response_data['data'] = {}
response_data['data']['slr'] = stored_slr_entry.to_record_dict
response_data['data']['ssr'] = stored_ssr_entry.to_record_dict
response_data['data']['surrogate_id'] = surrogate_id
except Exception as exp:
logger.error('Could not prepare response data: ' + repr(exp))
raise ApiError(code=500,
title="Could not prepare response data",
detail=repr(exp),
source=endpoint)
else:
logger.info('Response data ready')
logger.debug('response_data: ' + repr(response_data))
response_data_dict = dict(response_data)
logger.debug('response_data_dict: ' + repr(response_data_dict))
return make_json_response(data=response_data_dict, status_code=201)
def get(self, account_id):
"""
Verify that API Key belongs to specified user
:param account_id:
:param slr_id:
:return:
"""
try:
endpoint = str(api.url_for(self, account_id=account_id))
except Exception as exp:
endpoint = str(__name__)
finally:
logger.info("Request to: " + str(endpoint))
logger.info("Fetching User API Key")
api_key_user = get_user_api_key(endpoint=endpoint)
logger.debug("api_key_user: "******"Fetching SDK API Key")
api_key_sdk = get_sdk_api_key(endpoint=endpoint)
logger.debug("api_key_sdk: " + api_key_sdk)
try:
account_id = str(account_id)
except Exception as exp:
raise ApiError(code=400,
title="Unsupported account_id",
detail=repr(exp),
source=endpoint)
else:
logger.debug("Account ID from path: " + account_id)
# Check if Account IDs from path and ApiKey are matching
if verify_account_id_match(account_id=account_id,
api_key=api_key_user,
endpoint=endpoint):
logger.info("Account IDs are matching")
# Response data container
try:
response_data = {
"data": {
"type": "Account",
"id": account_id,
"attributes": {}
}
}
except Exception as exp:
logger.error('Could not prepare response data: ' + repr(exp))
raise ApiError(code=500,
title="Could not prepare response data",
detail=repr(exp),
source=endpoint)
else:
logger.info('Response data ready')
logger.debug('response_data: ' + repr(response_data))
create_event_log_entry(account_id=int(account_id),
actor="Operator",
action="GET",
resource=endpoint,
timestamp=get_utc_time())
response_data_dict = dict(response_data)
logger.debug('response_data_dict: ' + repr(response_data_dict))
return make_json_response(data=response_data_dict, status_code=200)
