|
|
|
@ -7,6 +7,7 @@
|
|
|
|
|
# self.OpenRPAResponseDict = lResponseDict
|
|
|
|
|
|
|
|
|
|
#from http.client import HTTPException
|
|
|
|
|
from email import header
|
|
|
|
|
from http.server import BaseHTTPRequestHandler, HTTPServer
|
|
|
|
|
from socketserver import ThreadingMixIn
|
|
|
|
|
import threading
|
|
|
|
@ -48,6 +49,10 @@ from pydantic import BaseModel
|
|
|
|
|
import uvicorn
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
import io
|
|
|
|
|
from starlette.responses import StreamingResponse
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
gCacheDict = {}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@ -111,8 +116,10 @@ def UserAccessCheckBefore(inMethod, inRequest):
|
|
|
|
|
lAuthToken = inRequest.OpenRPA["AuthToken"]
|
|
|
|
|
#go next if user is identified
|
|
|
|
|
lUserDict = None
|
|
|
|
|
print(f"lAuthToken: {lAuthToken}")
|
|
|
|
|
if lAuthToken:
|
|
|
|
|
lUserDict = gSettingsDict["ServerDict"]["AccessUsers"]["AuthTokensDict"][lAuthToken]
|
|
|
|
|
print(f"lUserDict: {lUserDict}")
|
|
|
|
|
#pdb.set_trace()
|
|
|
|
|
########################################
|
|
|
|
|
########################################
|
|
|
|
@ -189,6 +196,7 @@ class HTTPRequestOld():
|
|
|
|
|
mRequest:Request = None
|
|
|
|
|
mResponse:Response = None
|
|
|
|
|
OpenRPA: dict = {}
|
|
|
|
|
headers={}
|
|
|
|
|
|
|
|
|
|
def __init__(self,inRequest,inResponse,inAuthDict):
|
|
|
|
|
self.mRequest = inRequest
|
|
|
|
@ -200,6 +208,7 @@ class HTTPRequestOld():
|
|
|
|
|
self.OpenRPA["Domain"] = None
|
|
|
|
|
self.OpenRPA["User"] = None
|
|
|
|
|
else: self.OpenRPA = inAuthDict
|
|
|
|
|
self.headers=inRequest.headers
|
|
|
|
|
|
|
|
|
|
# Def to check User Role access grants
|
|
|
|
|
def UACClientCheck(self, inRoleKeyList): # Alias
|
|
|
|
@ -387,16 +396,20 @@ class HTTPRequestOld():
|
|
|
|
|
def do_GET(self, inBodyStr):
|
|
|
|
|
try:
|
|
|
|
|
gSettingsDict = __Orchestrator__.GSettingsGet()
|
|
|
|
|
try:
|
|
|
|
|
self.OpenRPA["DefUserRoleAccessAsk"]=self.UserRoleAccessAsk # Alias for def
|
|
|
|
|
self.OpenRPA["DefUserRoleHierarchyGet"]=self.UserRoleHierarchyGet # Alias for def
|
|
|
|
|
except Exception as e:
|
|
|
|
|
pass
|
|
|
|
|
# Prepare result dict
|
|
|
|
|
lResponseDict = {"Headers": {}, "SetCookies": {}, "Body": b"", "StatusCode": None}
|
|
|
|
|
lResponseDict = {"Headers": {}, "SetCookies": {}, "Body": b"", "StatusCode": None, "BodyIsText":True}
|
|
|
|
|
self.OpenRPAResponseDict = lResponseDict
|
|
|
|
|
#Check the user access (if flag, UAC)
|
|
|
|
|
####################################
|
|
|
|
|
lFlagUserAccess = True
|
|
|
|
|
#If need user authentication
|
|
|
|
|
if gSettingsDict.get("ServerDict", {}).get("AccessUsers", {}).get("FlagCredentialsAsk", False):
|
|
|
|
|
if self.OpenRPA["AuthToken"] != None:
|
|
|
|
|
lFlagUserAccess = UserAccessCheckBefore("GET", self)
|
|
|
|
|
######################################
|
|
|
|
|
if lFlagUserAccess:
|
|
|
|
@ -431,17 +444,21 @@ class HTTPRequestOld():
|
|
|
|
|
try:
|
|
|
|
|
gSettingsDict = __Orchestrator__.GSettingsGet()
|
|
|
|
|
lL = gSettingsDict["Logger"]
|
|
|
|
|
try:
|
|
|
|
|
self.OpenRPA["DefUserRoleAccessAsk"]=self.UserRoleAccessAsk # Alias for def
|
|
|
|
|
self.OpenRPA["DefUserRoleHierarchyGet"]=self.UserRoleHierarchyGet # Alias for def
|
|
|
|
|
except Exception as e:
|
|
|
|
|
pass
|
|
|
|
|
# Prepare result dict
|
|
|
|
|
#pdb.set_trace()
|
|
|
|
|
lResponseDict = {"Headers": {}, "SetCookies":{}, "Body": b"", "StatusCode": None}
|
|
|
|
|
lResponseDict = {"Headers": {}, "SetCookies": {}, "Body": b"", "StatusCode": None, "BodyIsText":True}
|
|
|
|
|
self.OpenRPAResponseDict = lResponseDict
|
|
|
|
|
#Check the user access (if flag)
|
|
|
|
|
####################################
|
|
|
|
|
lFlagUserAccess = True
|
|
|
|
|
#If need user authentication
|
|
|
|
|
if gSettingsDict.get("ServerDict", {}).get("AccessUsers", {}).get("FlagCredentialsAsk", False):
|
|
|
|
|
if self.OpenRPA["AuthToken"] != None:
|
|
|
|
|
lFlagUserAccess = UserAccessCheckBefore("POST", self)
|
|
|
|
|
######################################
|
|
|
|
|
if lFlagUserAccess:
|
|
|
|
@ -496,6 +513,7 @@ def IdentifyAuthorize(inRequest:Request, inResponse:Response,
|
|
|
|
|
inCookiesStr: Union[str, None] = Header(default=None,alias="Cookie"),
|
|
|
|
|
inAuthorizationStr: Union[str, None] = Header(default="",alias="Authorization")):
|
|
|
|
|
lResult={"Domain": "", "User": ""}
|
|
|
|
|
print("IdentifyAuthorize")
|
|
|
|
|
######################################
|
|
|
|
|
#Way 1 - try to find AuthToken
|
|
|
|
|
lCookies = cookies.SimpleCookie(inCookiesStr) # inRequest.headers.get("Cookie", "")
|
|
|
|
@ -511,14 +529,14 @@ def IdentifyAuthorize(inRequest:Request, inResponse:Response,
|
|
|
|
|
lResult["User"] = gSettingsDict["ServerDict"]["AccessUsers"]["AuthTokensDict"][lCookieAuthToken]["User"]
|
|
|
|
|
#Set auth token
|
|
|
|
|
mOpenRPA={}
|
|
|
|
|
mOpenRPA["AuthToken"] = lAuthToken
|
|
|
|
|
mOpenRPA["AuthToken"] = lCookieAuthToken
|
|
|
|
|
mOpenRPA["Domain"] = lResult["Domain"]
|
|
|
|
|
mOpenRPA["User"] = lResult["User"]
|
|
|
|
|
mOpenRPA["IsSuperToken"] = gSettingsDict.get("ServerDict", {}).get("AccessUsers", {}).get("AuthTokensDict", {}).get(mOpenRPA["AuthToken"], {}).get("FlagDoNotExpire", False)
|
|
|
|
|
return mOpenRPA
|
|
|
|
|
######################################
|
|
|
|
|
#Way 2 - try to logon
|
|
|
|
|
elif len(lHeaderAuthorization) == 2:
|
|
|
|
|
if len(lHeaderAuthorization) == 2:
|
|
|
|
|
llHeaderAuthorizationDecodedUserPasswordList = base64.b64decode(lHeaderAuthorization[1]).decode("utf-8").split(
|
|
|
|
|
":")
|
|
|
|
|
lUser = llHeaderAuthorizationDecodedUserPasswordList[0]
|
|
|
|
@ -555,32 +573,49 @@ def IdentifyAuthorize(inRequest:Request, inResponse:Response,
|
|
|
|
|
######################################
|
|
|
|
|
else:
|
|
|
|
|
raise HTTPException(status_code=401, detail="here is the details", headers={'Content-type':'text/html', 'WWW-Authenticate':'Basic'})
|
|
|
|
|
return True
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
def BackwardCompatibityWrapperAuth(inRequest:Request, inResponse:Response, inBodyStr:str = Body(...),
|
|
|
|
|
inAuthDict:bool=Depends(IdentifyAuthorize)): # Old from v1.3.1 (updated to FastAPI)
|
|
|
|
|
def BackwardCompatibityWrapperAuth(inRequest:Request, inResponse:Response, inBodyStr:str = Body(""),
|
|
|
|
|
inAuthDict:dict=Depends(IdentifyAuthorize)): # Old from v1.3.1 (updated to FastAPI)
|
|
|
|
|
print(f"{inRequest.url.path}, inAuthDict:{inAuthDict}")
|
|
|
|
|
lHTTPRequest = HTTPRequestOld(inRequest=inRequest, inResponse=inResponse, inAuthDict=inAuthDict)
|
|
|
|
|
lHTTPRequest.path = inRequest.url.path
|
|
|
|
|
lHTTPRequest.body = inBodyStr
|
|
|
|
|
threading.current_thread().request = lHTTPRequest
|
|
|
|
|
lResult = lHTTPRequest.do_GET(inBodyStr=inBodyStr)
|
|
|
|
|
if lResult is None:
|
|
|
|
|
lResult = lHTTPRequest.do_POST(inBodyStr=inBodyStr)
|
|
|
|
|
return lResult
|
|
|
|
|
#if lHTTPRequest.OpenRPAResponseDict['BodyIsText']==True: return lResult.decode("utf8")
|
|
|
|
|
#else: return StreamingResponse(io.BytesIO(lResult), media_type="image/png")
|
|
|
|
|
if lHTTPRequest.OpenRPAResponseDict["Headers"]["Content-type"] != None:
|
|
|
|
|
return StreamingResponse(io.BytesIO(lResult), media_type=lHTTPRequest.OpenRPAResponseDict["Headers"]["Content-type"])
|
|
|
|
|
|
|
|
|
|
def BackwardCompatibityWrapperNoAuth(inRequest:Request, inResponse:Response, inBodyStr:str = Body(...)): # Old from v1.3.1 (updated to FastAPI)
|
|
|
|
|
def BackwardCompatibityWrapperNoAuth(inRequest:Request, inResponse:Response, inBodyStr:str = Body("")): # Old from v1.3.1 (updated to FastAPI)
|
|
|
|
|
print(f"{inRequest.url.path}, BackwardCompatibityWrapperNoAuth")
|
|
|
|
|
lHTTPRequest = HTTPRequestOld(inRequest=inRequest, inResponse=inResponse, inAuthDict=None)
|
|
|
|
|
lHTTPRequest.path = inRequest.url.path
|
|
|
|
|
lHTTPRequest.body = inBodyStr
|
|
|
|
|
threading.current_thread().request = lHTTPRequest
|
|
|
|
|
lResult = lHTTPRequest.do_GET(inBodyStr=inBodyStr)
|
|
|
|
|
#print(f"RESULT VALUE: {lResult}")
|
|
|
|
|
if lResult is None:
|
|
|
|
|
lResult = lHTTPRequest.do_POST(inBodyStr=inBodyStr)
|
|
|
|
|
return lResult.decode("utf8")
|
|
|
|
|
#if lHTTPRequest.OpenRPAResponseDict['BodyIsText']==True: return lResult.decode("utf8")
|
|
|
|
|
#else: return StreamingResponse(io.BytesIO(lResult), media_type="image/png")
|
|
|
|
|
if lHTTPRequest.OpenRPAResponseDict["Headers"]["Content-type"] != None:
|
|
|
|
|
return StreamingResponse(io.BytesIO(lResult), media_type=lHTTPRequest.OpenRPAResponseDict["Headers"]["Content-type"])
|
|
|
|
|
|
|
|
|
|
def InitFastAPI():
|
|
|
|
|
global gSettingsDict
|
|
|
|
|
global app
|
|
|
|
|
ServerSettings.SettingsUpdate(gSettingsDict)
|
|
|
|
|
lL = gSettingsDict.get("Logger",None)
|
|
|
|
|
gSettingsDict["ServerDict"]["ServerThread"] = app
|
|
|
|
|
for lConnectItemDict in gSettingsDict["ServerDict"]["URLList"]:
|
|
|
|
|
if "ResponseFolderPath" in lConnectItemDict:
|
|
|
|
|
app.mount(lConnectItemDict["URL"],
|
|
|
|
|
StaticFiles(directory=CrossOS.PathStr(lConnectItemDict["ResponseFolderPath"])),
|
|
|
|
|
name=lConnectItemDict["URL"].replace('/',"_"))
|
|
|
|
|
else:
|
|
|
|
|
if lConnectItemDict.get("UACBool",True):
|
|
|
|
|
app.add_api_route(
|
|
|
|
|
path=lConnectItemDict["URL"],
|
|
|
|
|