def os(self, os, version):
'''
Endpoint that allows to filter by ios family version
'''
if self.token != None:
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer ' + self.token
}
try:
loggerService.info(self.api + '/' + os + '?version=' +
str(version))
response = requests.get(self.api + '/' + os + '?version=' +
str(version),
headers=headers,
verify=False)
if response.status_code == 200:
data = [response.json()]
else:
return response.status_code
except Exception as e:
loggerService.error('Error trying to get data: ' + str(e))
data = str(e)
return data
else:
loggerService.error('No valid token available for query')
def get_token(self):
if self.token is None:
return self.request_token()
if self.token is not None and self.is_token_expired():
loggerService.info('Refresh token needed')
return self.request_token()
loggerService.info('No reason for token refresh')
return self.token
def is_token_expired(self):
'''
Method that returns boolean and check if access
token should be refreshed
'''
diff = datetime.now() - self.token_time
refresh_condition = diff.seconds >= config['api']['token_time']
if refresh_condition:
loggerService.info('Refresh token needed! ' + str(diff.seconds) +
's since last refresh')
return refresh_condition
def show_advisories(self, advisories):
'''
Creates a clean output of advisories JSON data structure
'''
for advisorie in advisories['advisories']:
print('------------------------------------')
for key, value in advisorie.items():
if key != 'productNames':
loggerService.info(key + ': ' + str(value[0:100]))
print('------------------------------------')
loggerService.info(
f"This version has a total of {len(advisories['advisories'])} advisories..."
)
def request_token(self):
'''
Get a token from API and make it available for other
methods within the class
'''
headers = {'Content-Type': 'application/x-www-form-urlencoded'}
login_info = {
'client_id': self.key,
'client_secret': self.secret,
'grant_type': 'client_credentials'
}
try:
response = requests.post(config['api']['oauth'],
data=login_info,
headers=headers)
loggerService.info(response)
if response.status_code == 200 and 'access_token' in response.json(
):
loggerService.info('Token success!')
loggerService.info('Token:' +
str(response.json()['access_token']))
self.token_time = datetime.now()
loggerService.info('Token time:' + str(self.token_time))
self.token = response.json()['access_token']
return self.token
except Exception as e:
loggerService.error('Error getting token')
return None
def request(self, endpoint, params=''):
'''
Make generic http request
'''
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer ' + tokenService.get_token()
}
try:
loggerService.info(self.api + '/' + endpoint + params)
response = requests.get(self.api + '/' + endpoint + params,
headers=headers,
verify=False)
if response.status_code == 200:
data = [response.json()]
else:
loggerService.error('Error: ' + str(response.json()))
return response.status_code
except Exception as e:
loggerService.error('Error trying to get data: ' + str(e))
data = str(e)
return data
def all(self):
'''
Gets all information available from Cisco Vuln API
'''
if self.token != None:
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer ' + self.token
}
try:
loggerService.info(self.api + '/all')
response = requests.get(self.api + '/all',
headers=headers,
verify=False)
if response.status_code == 200:
data = [response.json()]
else:
return response.status_code
except Exception as e:
loggerService.error('Error trying to get data: ' + str(e))
data = str(e)
return data
else:
loggerService.error('No valid token available for query')