from app.mod_api_auth.controllers import requires_api_auth_user, get_account_id_by_api_key, provideApiKey, \ requires_api_auth_sdk from app.mod_blackbox.controllers import sign_jws_with_jwk, generate_and_sign_jws, get_account_public_key, \ verify_jws_signature_with_jwk from app.mod_database.helpers import get_db_cursor from app.mod_database.models import ServiceLinkRecord, ServiceLinkStatusRecord, ConsentRecord, ConsentStatusRecord from app.mod_authorization.controllers import sign_cr, sign_csr, store_cr_and_csr, get_auth_token_data, \ get_last_cr_status, add_csr, get_csrs from app.mod_authorization.models import NewConsent, NewConsentStatus mod_authorization_api = Blueprint('authorization_api', __name__, template_folder='templates') # create logger with 'spam_application' logger = get_custom_logger(__name__) # Resources class ConsentSignAndStore(Resource): @requires_api_auth_sdk def post(self, account_id, source_slr_id, sink_slr_id): try: endpoint = str( api.url_for(self, account_id=account_id, source_slr_id=source_slr_id, sink_slr_id=sink_slr_id)) except Exception as exp: endpoint = str(__name__)
from app.helpers import get_custom_logger, make_json_response, ApiError from app.mod_api_auth.controllers import requires_api_auth_user, get_account_id_by_api_key, provideApiKey, \ requires_api_auth_sdk from app.mod_blackbox.controllers import sign_jws_with_jwk, generate_and_sign_jws, get_account_public_key, \ verify_jws_signature_with_jwk from app.mod_database.helpers import get_db_cursor from app.mod_database.models import ServiceLinkRecord, ServiceLinkStatusRecord from app.mod_service.controllers import sign_slr, store_slr_and_ssr, sign_ssr, get_surrogate_id_by_account_and_service from app.mod_service.models import NewServiceLink, VerifyServiceLink mod_service_api = Blueprint('service_api', __name__, template_folder='templates') # create logger with 'spam_application' logger = get_custom_logger('mod_service_view_api') # Resources class ServiceLinkSign(Resource): @requires_api_auth_sdk def get(self, account_id): try: endpoint = str(api.url_for(self, account_id=account_id)) except Exception as exp: endpoint = str(__name__) try: api_key = request.headers.get('Api-Key') except Exception as exp: logger.error("No ApiKey in headers")
__maintainer__ = "Jani Yli-Kantola" __contact__ = "https://github.com/HIIT/mydata-stack" __status__ = "Development" __date__ = 26.5.2016 """ from flask import Blueprint, render_template, make_response, flash, session, request from flask_restful import Resource, Api, reqparse from app import api from app.helpers import get_custom_logger, make_json_response, ApiError from app.mod_api_auth.controllers import get_account_api_key, get_api_key_sdk from app.mod_api_auth.helpers import ApiKeyNotFoundError from app.mod_auth.helpers import get_account_id_by_username_and_password logger = get_custom_logger('mod_api_auth_view_api') # Define the blueprint: 'auth', set its url prefix: app.url/auth mod_api_auth = Blueprint('api_auth', __name__, template_folder='templates') class ApiKeyUser(Resource): account_id = None username = None api_key = None def check_basic_auth(self, username, password): """ This function is called to check if a username password combination is valid. """ logger.info("Checking username and password")
# -*- coding: utf-8 -*- # Import dependencies from app.helpers import get_custom_logger logger = get_custom_logger('mod_auth_models') # Define a User model for Flask-Login # https://flask-login.readthedocs.org/en/latest/#your-user-class class User(): account_id = "" identity_id = "" username = "" firstname = "" lastname = "" email = "" avatar = "" date_of_birth = "" active = False def __init__(self, account_id, identity_id, username, firstname="", lastname="", email="", img_url="",
# Import dependencies import uuid import bcrypt # https://github.com/pyca/bcrypt/, https://pypi.python.org/pypi/bcrypt/2.0.0 # Import the database object from the main app module from flask import json from app import login_manager, app # create logger with 'spam_application' from app.helpers import get_custom_logger from app.mod_auth.models import User from app.mod_database.helpers import get_db_cursor logger = get_custom_logger('mod_auth_helpers') def get_account_by_id(cursor=None, account_id=None): try: ### # User info by acoount_id logger.debug('User info by acoount_id') if app.config["SUPER_DEBUG"]: logger.debug('account_id: ' + repr(account_id)) sql_query = "SELECT " \ "MyDataAccount.Accounts.id, " \ "MyDataAccount.LocalIdentities.id, " \ "MyDataAccount.LocalIdentities.username, " \
def handle_apierror(error): error_dict = error.to_dict() logger = get_custom_logger(logger_name="ApiError") logger.error(json.dumps(error_dict)) return make_json_response(errors=error_dict, status_code=str(error_dict['code']))
from app.mod_api_auth.services import clear_apikey_sqlite_db from app.mod_auth.controllers import SignUp from app.mod_auth.helpers import get_account_by_username_and_password # Import Resources from app.mod_blackbox.controllers import gen_account_key from app.mod_blackbox.services import clear_blackbox_sqlite_db from app.mod_database.helpers import get_db_cursor, drop_table_content from app.mod_database.models import Particulars, Account, LocalIdentityPWD, LocalIdentity, Salt, Email from app.mod_account.view_html import Home # Define the blueprint: 'auth', set its url prefix: app.url/auth mod_system = Blueprint('system', __name__, template_folder='templates') # create logger with 'spam_application' logger = get_custom_logger('mod_system_controllers') # Resources class InitDb(Resource): def get(self, secret=None): # Verifying secret logger.debug("Provided secret: " + str(secret)) if secret is None: logger.debug("No secret provided --> terminating") raise ApiError(code=403, title="Provide correct secret!") if secret != 'salainen': logger.debug("Wrong secret provided --> terminating") raise ApiError(code=403, title="Provide correct secret!")
# -*- coding: utf-8 -*- # Import dependencies import logging # Import the database object from the main app module from app import db, app # create logger with 'spam_application' from app.helpers import get_custom_logger logger = get_custom_logger('mod_database_helpers') def get_db_cursor(): try: cursor = db.connection.cursor() except Exception as exp: logger.debug('db.connection.cursor(): ' + repr(exp)) raise RuntimeError('Could not get cursor for database connection') else: logger.debug('DB cursor at ' + repr(cursor)) return cursor def execute_sql_insert(cursor, sql_query): """ :param cursor: :param sql_query: :return: cursor: :return: last_id:
# -*- coding: utf-8 -*- # Import dependencies import uuid import logging import bcrypt # https://github.com/pyca/bcrypt/, https://pypi.python.org/pypi/bcrypt/2.0.0 # Import the database object from the main app module from app import db, api, login_manager, app # create logger with 'spam_application' from app.helpers import get_custom_logger from app.mod_database.helpers import execute_sql_select from app.mod_database.models import Contacts, Email, Telephone logger = get_custom_logger('mod_account_services') # # def get_service_link_record_count_by_account(cursor=None, account_id=None): # if app.config["SUPER_DEBUG"]: # logger.debug('account_id: ' + repr(account_id)) # # ### # logger.debug('get_consent_record_count(account_id)') # if app.config["SUPER_DEBUG"]: # logger.debug('account_id: ' + repr(account_id)) # # sql_query = "SELECT count(MyDataAccount.ServiceLinkRecords.id) " \ # "FROM MyDataAccount.ServiceLinkRecords " \ # "WHERE MyDataAccount.ServiceLinkRecords.Accounts_id = '%s'" % (account_id) #
# Import the database object from the main app module from app import db, api, login_manager, app # Import services from app.helpers import get_custom_logger from app.mod_account.controllers import get_service_link_record_count, get_consent_record_count, get_telephones, \ get_emails, get_contacts, get_passive_consents_count, get_potential_services_count, get_potential_consents_count from app.mod_api_auth.controllers import get_account_api_key from app.mod_database.helpers import get_db_cursor mod_account_html = Blueprint('account_html', __name__, template_folder='templates') # create logger with 'spam_application' logger = get_custom_logger('mod_account_view_html') # Resources class Home(Resource): @login_required def get(self): account_id = session['user_id'] logger.debug('Account id: ' + account_id) apikey = get_account_api_key(account_id=account_id) content_data = {'apikey': apikey} headers = {'Content-Type': 'text/html'}
# Import flask dependencies from flask import Blueprint, render_template, make_response, flash, session from flask.ext.login import login_user, login_required from flask_restful import Resource, Api, reqparse # Import the database object from the main app module from app import db, api, login_manager, app # Import services from app.helpers import get_custom_logger from app.mod_database.helpers import get_db_cursor from app.mod_account.services import get_contacts_by_account, get_emails_by_account, get_telephones_by_account, \ get_service_link_record_count_by_account, get_consent_record_count_by_account # create logger with 'spam_application' logger = get_custom_logger('mod_account_controllers') def check_account_id(account_id=None): # TODO: check that session[account_id] and account_id from path are matching if account_id is None: logger.debug('Account ID must be provided as call parameter.') raise AttributeError('Account ID must be provided as call parameter.') else: return True def get_potential_services_count(cursor=None, account_id=None): data = randint(10, 100) return cursor, data
from flask import Blueprint, render_template, make_response, flash, session from flask.ext.login import login_user, login_required from flask_restful import Resource, Api, reqparse # Import the database object from the main app module from app import db, api, login_manager, app # Import services from app.helpers import get_custom_logger, ApiError, get_utc_time from app.mod_blackbox.controllers import get_account_public_key, generate_and_sign_jws from app.mod_database.helpers import get_db_cursor # create logger with 'spam_application' from app.mod_database.models import SurrogateId logger = get_custom_logger('mod_service_controllers') def sign_slr(account_id=None, slr_payload=None, endpoint="sign_slr(account_id, slr_payload, endpoint)"): if account_id is None: raise AttributeError("Provide account_id as parameter") if slr_payload is None: raise AttributeError("Provide slr_payload as parameter") logger.info("Signing Service Link Record") # Get Account owner's public key try: account_public_key, account_kid = get_account_public_key(
# Import Models from app.helpers import get_custom_logger from app.mod_api_auth.controllers import gen_account_api_key from app.mod_auth.helpers import get_account_by_username_and_password # Import Resources from app.mod_blackbox.controllers import gen_account_key from app.mod_database.helpers import get_db_cursor from app.mod_database.models import Particulars, Account, LocalIdentityPWD, LocalIdentity, Salt, Email from app.mod_account.view_html import Home # Define the blueprint: 'auth', set its url prefix: app.url/auth mod_auth = Blueprint('auth', __name__, template_folder='templates') # create logger with 'spam_application' logger = get_custom_logger('mod_auth_controllers') # Resources class SignIn(Resource): def get(self): headers = {'Content-Type': 'text/html'} return make_response(render_template('auth/signin.html'), 200, headers) def post(self): parser = reqparse.RequestParser(bundle_errors=True) parser.add_argument('username', location='form', required=True) parser.add_argument('password', location='form', required=True)