def __init__(
self,
appid,
api_key,
mch_id,
sub_mch_id=None,
mch_cert=None,
mch_key=None,
timeout=None,
sandbox=False,
sub_appid=None,
):
self.appid = appid
self.sub_appid = sub_appid
self.api_key = api_key
self.mch_id = mch_id
self.sub_mch_id = sub_mch_id
self.mch_cert = mch_cert
self.mch_key = mch_key
self._using_pkcs12_cert = False
self.timeout = timeout
self.sandbox = sandbox
self._sandbox_api_key = None
self._http = requests.Session()
if mch_cert and mch_cert.endswith(".p12"):
from requests_pkcs12 import Pkcs12Adapter
# 商户 .p12 格式证书,证书密码默认为商户 ID
self._http.mount(
self.API_BASE_URL, Pkcs12Adapter(pkcs12_filename=self.mch_cert, pkcs12_password=self.mch_id)
)
self._using_pkcs12_cert = True
def __init__(self, config):
"""
Set up proxy information if configuration contains proxyURL
:param config: Object contains all certificate configurations
"""
self.config = config
self.agentConfig = config
self.last_auth_time = 0
self.session_token = None
self.key_manager_token = None
self.auth_session = requests.Session()
self.kmAuth_session = requests.Session()
if (self.config.data['truststorePath']):
logging.debug("Setting trusstorePath for auth to {}".format(
self.config.data['truststorePath']))
self.auth_session.verify = self.config.data['truststorePath']
self.kmAuth_session.verify = self.config.data['truststorePath']
if self.config.data['completeProxyURL']:
self.auth_session.proxies.update({
"http":
self.config.data['completeProxyURL'],
"https":
self.config.data['completeProxyURL']
})
else:
self.proxies = {}
self.auth_session.mount(
self.config.data['sessionAuthHost'],
Pkcs12Adapter(pkcs12_filename=self.config.data['p.12'],
pkcs12_password=self.config.data['botCertPassword']))
self.auth_session.mount(
self.config.data['keyAuthHost'],
Pkcs12Adapter(pkcs12_filename=self.config.data['p.12'],
pkcs12_password=self.config.data['botCertPassword']))
self.kmAuth_session.mount(
self.config.data['sessionAuthHost'],
Pkcs12Adapter(pkcs12_filename=self.config.data['p.12'],
pkcs12_password=self.config.data['botCertPassword']))
self.kmAuth_session.mount(
self.config.data['keyAuthHost'],
Pkcs12Adapter(pkcs12_filename=self.config.data['p.12'],
pkcs12_password=self.config.data['botCertPassword']))
self.kmAuth_session.proxies.update({})
def open_session():
session = Session()
# every request starting with `server_url` will use the Pkcs12Adapter
# http://docs.python-requests.org/en/master/user/advanced/#transport-adapters
pkcs12_adapter = Pkcs12Adapter(pkcs12_filename=KEYSTORE_PATH,
pkcs12_password=environ[FDA_SIEM_CERT_PASS])
session.mount(url, pkcs12_adapter)
session.headers.update(MY_HEADERS)
return session
def __init__(self, config):
"""
Set up proxy information if configuration contains proxyURL
:param config: Object contains all certificate configurations
"""
self.config = config
self.agentConfig = config
self.last_auth_time = 0
self.session_token = None
self.key_manager_token = None
self.auth_session = requests.Session()
self.key_manager_auth_session = requests.Session()
#proxy infomation set in config loader, set to empty object if there is no proxy set in config.json
self.auth_session.proxies.update(
self.config.data['podProxyRequestObject'])
self.key_manager_auth_session.proxies.update(
self.config.data['keyManagerProxyRequestObject'])
if 'truststorePath' in self.config.data:
logging.debug("Setting trusstorePath for auth to {}".format(
self.config.data['truststorePath']))
self.auth_session.verify = self.config.data['truststorePath']
self.key_manager_auth_session.verify = self.config.data[
'truststorePath']
self.auth_session.mount(
self.config.data['sessionAuthHost'],
Pkcs12Adapter(pkcs12_filename=self.config.data['p.12'],
pkcs12_password=self.config.data['botCertPassword']))
self.auth_session.mount(
self.config.data['keyAuthHost'],
Pkcs12Adapter(pkcs12_filename=self.config.data['p.12'],
pkcs12_password=self.config.data['botCertPassword']))
self.key_manager_auth_session.mount(
self.config.data['sessionAuthHost'],
Pkcs12Adapter(pkcs12_filename=self.config.data['p.12'],
pkcs12_password=self.config.data['botCertPassword']))
self.key_manager_auth_session.mount(
self.config.data['keyAuthHost'],
Pkcs12Adapter(pkcs12_filename=self.config.data['p.12'],
pkcs12_password=self.config.data['botCertPassword']))
def __init__(
self,
mode: Dict[str, str],
version: str,
session: Session,
pkcs12_filename: Union[str, Path],
pkcs12_password: str,
) -> None:
self.mode = mode
self.version = version
self.session = session
self.session.mount(
mode["base_url"],
Pkcs12Adapter(pkcs12_filename=pkcs12_filename,
pkcs12_password=pkcs12_password),
)
def adapt_connection(conn, conn_params, env=os.environ):
"""Adapt connection to use passphrase-protected PKCS#12 certificate.
For instructions for getting a certificate, see
https://ebmdatalab.github.io/datalab-team-manual/opensafely/accessing-emis-data/
"""
session = requests.Session()
crt = env.get("PRESTO_TLS_CERT")
key = env.get("PRESTO_TLS_KEY")
pfx_pass = env.get("PFX_PASSWORD_PATH")
pfx_path = env.get("PFX_PATH")
# unencrypted cert in env
if crt and key:
session.cert = (
write_to_temp_file(crt, prefix="presto_cert"),
write_to_temp_file(key, prefix="presto_key"),
)
# support encyrpted cert
elif pfx_pass and pfx_path:
from requests_pkcs12 import Pkcs12Adapter
with open(pfx_pass, "rb") as f:
pkcs12_password = f.read().strip()
mount_prefix = "{http_scheme}://{host}:{port}".format(**conn_params)
mount_adaptor = Pkcs12Adapter(
pkcs12_filename=pfx_path,
pkcs12_password=pkcs12_password,
)
session.mount(mount_prefix, mount_adaptor)
else:
raise Exception(
"Could not load certificate for presto connection from environment"
)
conn._http_session = session
def get_conn():
conn = prestodb.dbapi.connect(
host="directoraccess-cert.emishealthinsights.co.uk",
port=443,
user=os.environ["USER"],
catalog="hive",
schema="extract_oxford_datalabs",
http_scheme="https",
)
with open(os.environ["PFX_PASSWORD_PATH"], "rb") as f:
pkcs12_password = f.read().strip()
session = Session()
session.mount(
"https://directoraccess-cert.emishealthinsights.co.uk:443",
Pkcs12Adapter(
pkcs12_filename=os.environ["PFX_PATH"],
pkcs12_password=pkcs12_password,
),
)
session.verify = False
conn._http_session = session
return ConnectionProxy(conn)
def __init__(self,
discord_integration,
ctf_name,
ctfd_url=None,
ctfd_api_key=None,
refresh_interval=None,
max_refresh=None,
start_time=None):
self.ctf_name = ctf_name
self.ctfd_url = ctfd_url
self.ctfd_api_key = ctfd_api_key
if refresh_interval:
self.refresh_interval = refresh_interval
if max_refresh:
self.refreshes_left = max_refresh
if start_time:
self.start_time = start_time
if self.ctfd_url != None and self.ctfd_api_key != None:
self.ctfd_session = requests.session()
self.ctfd_session.headers = {
'Content-Type': 'application/json',
'Authorization': 'token ' + self.ctfd_api_key
}
self.ctfpad_session = requests.session()
self.ctfpad_session.headers = {"X-Apikey": CTFPAD_API_KEY}
self.ctfpad_url = CTFPAD_URL
self.ctfpad_session.mount(
self.ctfpad_url,
Pkcs12Adapter(pkcs12_filename='user.pfx', pkcs12_password=''))
try:
ctfpad_ctfs = self.ctfpad_session.get(
f'{self.ctfpad_url}/ctfs').json()['ctfs']
except:
raise ConnectionError(
f'Could not connect to CTFPad on {self.ctfpad_url}. Please verify URL and token.'
)
self.etherpad_session = requests.session()
self.etherpad_url = ETHERPAD_URL
self.etherpad_session.mount(
self.ctfpad_url,
Pkcs12Adapter(pkcs12_filename='user.pfx', pkcs12_password=''))
self.etherpad_session.params['apikey'] = ETHERPAD_API_KEY
try:
self.etherpad_session.post(f'{self.ctfpad_url}/login',
data={
'name': ETHERPAD_USER,
'password': ETHERPAD_PASS
})
except:
raise ConnectionError(
f'Could not get session token from Etherpad-Lite on {self.etherpad_url}. Please verify bot credentials.'
)
self.ctfpad_ctf = next(
(ctfd_challenge for ctfd_challenge in ctfpad_ctfs
if ctfd_challenge['name'].lower() == self.ctf_name.lower()), None)
if not self.ctfpad_ctf:
try:
self.ctfpad_ctf = self.ctfpad_session.post(
f'{self.ctfpad_url}/ctfs',
json={
"name": f"{self.ctf_name}"
}).json()['ctf']
except:
raise ConnectionError(
f'Could not create pad with name "{self.ctf_name}" on {self.ctfpad_url}. Please verify token access rights.'
)
self.discord_integration = discord_integration
self.ctfd_ctfpad_thread = Thread(target=self.ctfd_ctfpad_integration)
self.ctfd_ctfpad_thread.start()
import prestodb
from requests import Session
from requests_pkcs12 import Pkcs12Adapter
conn = prestodb.dbapi.connect(
host="providerplus.emishealthinsights.co.uk",
port=443,
user=os.environ["USER"],
catalog="hive",
schema="extract_oxford_datalabs",
http_scheme="https",
)
if "CERTIFICATE_PASSWORD_PATH" in os.environ:
with open(os.environ["CERTIFICATE_PASSWORD_PATH"], "rb") as f:
pkcs12_password = f.read().strip()
else:
pkcs12_password = getpass()
session = Session()
session.mount(
"https://providerplus.emishealthinsights.co.uk:443",
Pkcs12Adapter(pkcs12_filename=os.environ["CERTIFICATE_PATH"],
pkcs12_password=pkcs12_password),
)
session.verify = False
conn._http_session = session
cursor = conn.cursor()
cursor.execute("select 123")
print(cursor.fetchall())