Resolve "Automatic token generation"

2021-07-18 13:40:03 +00:00 · 2021-07-18 13:40:03 +00:00 · 57a85158b3
commit 57a85158b3
parent a30d4b70ea
7 changed files with 338 additions and 27 deletions
--- a/transip_client/main.py
+++ b/transip_client/main.py
@ -1,11 +1,18 @@
+import base64
 import json
 import logging
 import subprocess
+import time

 from concurrent.futures import ThreadPoolExecutor, as_completed

 import requests

+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.asymmetric.padding import PKCS1v15
+from cryptography.hazmat.primitives.hashes import SHA512
+

 logger = logging.getLogger(__name__)

@ -22,6 +29,43 @@ def _get_ip(resolvers):
    return output.decode("utf-8").strip()


+def _get_token(private_key_path, login, api_url):
+    request = requests.Request(
+        "POST",
+        f"{api_url}/auth",
+        json={
+            "login": login,
+            "nonce": str(int(time.time() * 1000)),
+            "read_only": False,
+            "expiration_time": "30 minutes",
+            "label": "Custom token",
+            "global_key": True,
+        },
+    )
+
+    prepped_request = request.prepare()
+
+    with open(private_key_path, "rb") as file:
+        private_key = serialization.load_pem_private_key(
+            file.read(), password=None, backend=default_backend()
+        )
+
+    signature = private_key.sign(prepped_request.body, PKCS1v15(), SHA512())
+    signature = base64.b64encode(signature)
+
+    prepped_request.headers["Signature"] = signature.decode("ascii")
+
+    with requests.Session() as session:
+        response = session.send(prepped_request)
+
+    if not response.ok:
+        response.raise_for_status()
+
+    response_data = response.json()
+
+    return response_data["token"]
+
+
 def _get_domain(domain, token, api_url):
    headers = {"Authorization": f"Bearer {token}"}

@ -79,11 +123,15 @@ def _update_domains(updated_domains, api_url, token, read_only):
            logger.info(f"Updated domain {domain}")


-def detect(domains, resolvers, api_url, token, read_only):
+def detect(domains, resolvers, credentials, token, api_url, read_only):
    ip = _get_ip(resolvers)
-    domain_data = _get_domain_data(domains, token, api_url)
    updated_domains = {}

+    if all(credentials):
+        token = _get_token(*credentials, api_url)
+
+    domain_data = _get_domain_data(domains, token, api_url)
+
    for data in domain_data:
        dns_entries = data["dnsEntries"]
        domain = data["domain"]