async def test_no_strategy(aiohttp_server, aiohttp_client, loop):
async def public_view(request):
return web.Response(text='Public view')
async def secret_view(request):
return web.Response(text='Secret view')
app = web.Application()
app.router.add_route('GET', '/public', public_view)
app.router.add_route('GET', '/secret', secret_view)
app.middlewares.append(
basic_auth_middleware(
('/secret', ),
{'user': '******'},
))
server = await aiohttp_server(app)
client = await aiohttp_client(server)
response = await client.get('/public')
assert response.status == 200
response = await client.get('/secret')
assert response.status == 401
response = await client.get(
'/secret',
headers={'Authorization': generate_header('user', 'password')},
)
assert response.status == 200
async def test_ok_auth(aiohttp_server, aiohttp_client, loop):
server = await aiohttp_server(get_app(loop, {'test': 'secret'}))
client = await aiohttp_client(server)
response = await client.get(
'/admin/hello',
headers={'Authorization': generate_header('test', 'secret')},
)
assert response.status == 200
async def test_strategy(aiohttp_server, aiohttp_client, loop):
server = await aiohttp_server(
get_app(
loop,
{
'test': '5f4dcc3b5aa765d61d8327deb882cf99',
},
lambda x: hashlib.md5(bytes(x, encoding='utf-8')).hexdigest(),
)
)
client = await aiohttp_client(server)
response = await client.get(
'/admin/hello',
headers={'Authorization': generate_header('test', 'password')},
)
assert response.status == 200
def waf_login():
requests.packages.urllib3.disable_warnings()
waf_ip=input("What is the WAF's management ip(Typically the WAN IP): ")
waf_login_passwd=getpass.getpass("\nWAF login password: "******"\nConnecting to the WAF on port 8443 as 'admin'...")
waf_url="https://"+waf_ip+":8443/restapi/v3.1/login"
headers={"Content-Type": "application/json"}
payload={"username":"******","password":waf_login_passwd}
requests.packages.urllib3.disable_warnings()
token_req_json=requests.post(waf_url, data=json.dumps(payload), headers=headers, verify=False)
token_output=token_req_json.text
token_split=token_output.split(":")
token_rstrip=token_split[1].rstrip("}")
token=token_rstrip.replace('"','')
auth_header=generate_header('',token)
payload_headers={"Content-Type":"application/json", "Authorization": auth_header}
return waf_ip, waf_login_passwd, payload_headers
def token(waf_host):
logs = logger()
waf_info = open('wafcreds.json', 'r')
waf_info_dict = json.load(waf_info)
waf = (waf_info_dict[waf_host])
if (waf["secure"]) == "yes":
logs.debug("HTTPS Protocol will be used for all transactions")
login_proto = "https://"
if (waf["secure"]) == "no":
logs.debug("HTTP Protocol will be used for all transactions")
login_proto = "http://"
else:
logs.debug(
"Configure the secure attribute as 'yes' or 'no'. Defaulting to HTTPS"
)
login_proto = "https://"
pass
waf_login_ip = (waf["waf_ip"])
logs.debug("waf host is " + waf_login_ip)
waf_login_port = (waf["waf_port"])
url = login_proto + waf_login_ip + ":" + waf_login_port + "/restapi/v3/login"
headers = {"Content-Type": "application/json"}
data = {"username": waf["waf_admin"], "password": waf["waf_password"]}
login_request = requests.post(url,
data=json.dumps(data),
headers=headers,
verify=False)
token_str = login_request.text.split(':')
token1 = token_str[1].replace('"', '').rstrip('}') + ':'
basic_auth_token = generate_header('', token1)
req_headers = {
"Content-Type": "application/json",
'Authorization': basic_auth_token
}
return req_headers, waf_login_ip, waf_login_port, login_proto
def waf_login():
with open("/etc/waf/waf.json", "r") as waf:
waf_dict = json.loads(waf.read())
waf_ip = waf_dict['waf1']['waf_ip']
waf_port = waf_dict['waf1']['waf_port']
waf_admin = waf_dict['waf1']['waf_admin']
waf_password = waf_dict['waf1']['waf_password']
login_url = "http://" + waf_ip + ":" + waf_port + "/restapi/v3.1/login"
api_headers = {"Content-Type": "application/json"}
login_payload = {"username": waf_admin, "password": waf_password}
login_request = requests.post(login_url,
headers=api_headers,
data=json.dumps(login_payload))
token_output = login_request.text
token_split = token_output.split(":")
token_rstrip = token_split[1].rstrip("}")
token = token_rstrip.replace('"', '')
auth_header = generate_header('', token)
waf_url = "http://" + waf_ip + ":" + waf_port + "/restapi/v3.1"
headers = {
"Content-Type": "application/json",
"Authorization": auth_header
}
return waf_url, headers, waf_ip
print(waf_ip)
waf_password = waf_info["waf_password"]
print(waf_password)
waf_json.close()
headers = {"Content-Type": "application/json"}
login_url = "http://" + waf_ip + ":8000/restapi/v3.1/login"
login_payload = {"username": "******", "password": waf_password}
login_request = requests.post(login_url,
headers=headers,
data=json.dumps(login_payload))
token_output = login_request.text
token_split = token_output.split(":")
token_rstrip = token_split[1].rstrip("}")
token = token_rstrip.replace('"', '')
auth_header = generate_header('', token)
api_headers = {
"Content-Type": "application/json",
"Authorization": auth_header
}
#Creating the Service
hostname = socket.gethostname()
server = socket.gethostbyname(hostname)
#Create certificate
certificate_url = "http://" + waf_ip + ":8000/restapi/v3.1/certificates/self-signed-certificate"
cert_payload = {
"state": "CA",
"key-size": "2048",
"common-name": "training.petstore.com",
"city": "San Francisco",
def test_header_gen_utf8_default(token, login_password):
assert token == generate_header(*login_password)
def test_header_gen(token, login_password):
assert token == generate_header(*login_password, coding='utf-8')