Пример #1
0
    def __init__(self, host, port=443, ssl_verify=False, cert=None, adapter=None,
                 scheme='https', retries=None, backoff=None, ua_identity=None,
                 session=None, proxies=None):
        # As we will always be passing a URL to the APISession class, we will
        # want to construct a URL that APISession (and further requests)
        # understands.
        base = '{}://{}:{}'.format(scheme, host, port)
        url = '{}/rest'.format(base)

        # Now lets pass the relevent parts off to the APISession's constructor
        # to make sure we have everything lined up as we expect.
        APISession.__init__(self, url,
            retries=retries,
            backoff=backoff,
            ua_identity=ua_identity,
            session=session,
            proxies=proxies)

        # Also, as Tenable.sc is generally installed without a certificate
        # chain that we can validate, we will want to turn off verification
        # and the associated warnings unless told to otherwise:
        self._session.verify = ssl_verify
        if not ssl_verify:
            warnings.filterwarnings('ignore', 'Unverified HTTPS request')

        # If a client-side certificate is specified, then we will want to add
        # it into the session object as well.  The cert parameter is expecting
        # a path pointing to the client certificate file.
        if cert:
            self._session.cert = cert

        # If an adapter for requests was provided, we should pull that in as
        # well.
        if adapter:
            self._session.mount(base, adapter)

        # We will attempt to make the first call to the Tenable.sc instance
        # and get the system information.  If this call fails, then we likely
        # aren't pointing to a SecurityCenter at all and should throw an error
        # stating this.
        try:
            self.info = self.system.details()
        except:
            raise ConnectionError('No Tenable.sc Instance at {}:{}'.format(host, port))

        # Now we will try to interpret the Tenable.sc information into
        # something usable.
        try:
            self.version = self.info['version']
            self.build_id = self.info['buildID']
            self.license = self.info['licenseStatus']
            self.uuid = self.info['uuid']
            if 'token' in self.info:
                # if a token was passed in the system info page, then we should
                # update the X-SecurityCenter header with the token info.
                self._session.headers.update({
                    'X-SecurityCenter': str(d['response']['token'])
                })
        except:
            raise ConnectionError('Invalid Tenable.sc Instance')
Пример #2
0
 def __init__(self, access_key, secret_key, 
              url=None, retries=None, backoff=None, registry=None):
     self._access_key = access_key
     self._secret_key = secret_key
     if registry:
         self._registry = registry
     APISession.__init__(self, url, retries, backoff)
Пример #3
0
    def __init__(self,
                 access_key=None,
                 secret_key=None,
                 url=None,
                 retries=None,
                 backoff=None,
                 ua_identity=None,
                 session=None,
                 proxies=None):
        if access_key:
            self._access_key = access_key
        else:
            self._access_key = os.getenv('TIO_ACCESS_KEY')

        if secret_key:
            self._secret_key = secret_key
        else:
            self._secret_key = os.getenv('TIO_SECRET_KEY')

        if not self._access_key or not self._secret_key:
            raise UnexpectedValueError('No valid API Keypair Defined')

        APISession.__init__(self,
                            url,
                            retries=retries,
                            backoff=backoff,
                            ua_identity=ua_identity,
                            session=session,
                            proxies=proxies)
Пример #4
0
 def _build_session(self, session=None):
     APISession._build_session(self, session)
     # As Tenable.sc is generally installed without a certificate chain that
     # we can validate, we will want to turn off verification and the
     # associated warnings unless told to otherwise:
     self._session.verify = self._ssl_verify
     if not self._ssl_verify:
         warnings.filterwarnings('ignore', 'Unverified HTTPS request')
Пример #5
0
 def _build_session(self, session):
     '''
     Build the session and add the API Keys into the session
     '''
     APISession._build_session(self, session)
     self._session.trust_env = False
     self._session.headers.update(
         {'Authorization': 'Bearer {}'.format(self._api_key)})
Пример #6
0
    def __init__(self,
                 host,
                 port=443,
                 ssl_verify=False,
                 cert=None,
                 scheme='https',
                 retries=None,
                 backoff=None):
        '''SecurityCenter 5 API Wrapper
        This class is designed to handle authentication management for the
        SecurityCenter 5.x API.  This is by no means a complete model of
        everything that the API can handle, it is simply meant to be a thin
        wrapper into the API.  Convenience functions will be added as time
        passes and there is a desire to develop them.
        For more information, please See Tenable's official API documentation
        at: https://support.tenable.com/support-center/cerberus-support-center/includes/widgets/sc_api/index.html
        '''

        # As we will always be passing a URL to the APISession class, we will
        # want to construct a URL that APISession (and further requests)
        # understands.
        url = '{}://{}:{}/rest'.format(scheme, host, port)

        # Now lets pass the relevent parts off to the APISession's constructor
        # to make sure we have everything lined up as we expect.
        APISession.__init__(self, url, retries, backoff)

        # Also, as SecurityCenter is generally installed without a certificate
        # chain that we can validate, we will want to turn off verification
        # and the associated warnings unless told to otherwise:
        self._session.verify = ssl_verify
        if not ssl_verify:
            warnings.filterwarnings('ignore', 'Unverified HTTPS request')

        # If a client-side certificate is specified, then we will want to add
        # it into the session object as well.  The cert parameter is expecting
        # a path pointing to the client certificate file.
        if cert:
            self._session.cert = cert

        # We will attempt to make the first call to the SecurityCenter instance
        # and get the system information.  If this call fails, then we likely
        # aren't pointing to a SecurityCenter at all and should throw an error
        # stating this.
        try:
            d = self.get('system').json()
        except:
            raise ServerError('No SecurityCenter Instance at {}'.format(host))

        # Now we will try to interpret the SecurityCenter information into
        # something usable.
        try:
            self.version = d['response']['version']
            self.build_id = d['response']['buildID']
            self.license = d['response']['licenseStatus']
            self.uuid = d['response']['uuid']
        except:
            raise ServerError('Invalid SecurityCenter Instance')
Пример #7
0
 def _build_session(self):
     '''
     Build the session and add the API Keys into the session
     '''
     APISession._build_session(self)
     self._session.headers.update({
         'X-APIKeys': 'accessKey={}; secretKey={};'.format(
             self._access_key, self._secret_key)
     })
Пример #8
0
 def __init__(self,
              api_key=None,
              url=None,
              retries=None,
              backoff=None,
              ua_identity=None,
              session=None):
     self._api_key = api_key
     APISession.__init__(self, url, retries, backoff, ua_identity, session)
Пример #9
0
 def __init__(self,
              access_key,
              secret_key,
              url=None,
              retries=None,
              backoff=None,
              ua_identity=None,
              session=None):
     self._access_key = access_key
     self._secret_key = secret_key
     APISession.__init__(self, url, retries, backoff, ua_identity, session)
Пример #10
0
 def _build_session(self):
     '''
     Build the session and add the API Keys into the session
     '''
     APISession._build_session(self)
     self._session.headers.update({
         'X-APIKeys':
         'accessKey={}; secretKey={};'.format(self._access_key,
                                              self._secret_key)
     })
     '''
     Add SSL Verification flag
     '''
     self._session.verify = self._verify
Пример #11
0
    def __init__(self, host, port=443, ssl_verify=False, cert=None,
                 scheme='https', retries=None, backoff=None):
        # As we will always be passing a URL to the APISession class, we will
        # want to construct a URL that APISession (and further requests) 
        # understands.
        url = '{}://{}:{}/rest'.format(scheme, host, port)

        # Now lets pass the relevent parts off to the APISession's constructor
        # to make sure we have everything lined up as we expect.
        APISession.__init__(self, url, retries, backoff)

        # Also, as SecurityCenter is generally installed without a certificate
        # chain that we can validate, we will want to turn off verification 
        # and the associated warnings unless told to otherwise:
        self._session.verify = ssl_verify
        if not ssl_verify:
            warnings.filterwarnings('ignore', 'Unverified HTTPS request')

        # If a client-side certificate is specified, then we will want to add
        # it into the session object as well.  The cert parameter is expecting
        # a path pointing to the client certificate file.
        if cert:
            self._session.cert = cert

        # We will attempt to make the first call to the SecurityCenter instance
        # and get the system information.  If this call fails, then we likely
        # aren't pointing to a SecurityCenter at all and should throw an error
        # stating this.
        try:
            d = self.get('system').json()
        except:
            raise ServerError('No SecurityCenter Instance at {}'.format(host))

        # Now we will try to interpret the SecurityCenter information into
        # something usable.
        try:
            self.version = d['response']['version']
            self.build_id = d['response']['buildID']
            self.license = d['response']['licenseStatus']
            self.uuid = d['response']['uuid']
        except:
            raise ServerError('Invalid SecurityCenter Instance')
Пример #12
0
    def __init__(self,
                 access_key,
                 secret_key,
                 url=None,
                 retries=None,
                 backoff=None,
                 registry=None):
        if access_key:
            self._access_key = access_key
        else:
            self._access_key = os.getenv('TIO_ACCESS_KEY')

        if secret_key:
            self._secret_key = secret_key
        else:
            self._secret_key = os.getenv('TIO_SECRET_KEY')

        if not self._access_key or not self._secret_key:
            raise UnexpectedValueError('No valid API Keypair Defined')

        if registry:
            self._registry = registry
        APISession.__init__(self, url, retries, backoff)
Пример #13
0
 def __init__(self, keyfile, source_id):
     creds = service_account.Credentials.from_service_account_file(keyfile)
     scoped = creds.with_scopes(self._scopes)
     session = requests.AuthorizedSession(scoped)
     self.source_id = source_id
     APISession.__init__(self, session=session)