SkillAegis/misp_api.py

#!/usr/bin/env python3

import json
from datetime import timedelta
from typing import Union
from urllib.parse import urljoin
import asyncio
import requests # type: ignore
import requests.adapters # type: ignore
from requests_cache import CachedSession
from requests.packages.urllib3.exceptions import InsecureRequestWarning # type: ignore
requests.packages.urllib3.disable_warnings(InsecureRequestWarning)

from config import misp_url, misp_apikey, misp_skipssl
from appConfig import logger, misp_settings

requestSession = CachedSession(cache_name='misp_cache', expire_after=timedelta(seconds=5))
adapterCache = requests.adapters.HTTPAdapter(pool_connections=50, pool_maxsize=50)
requestSession.mount('https://', adapterCache)
requestSession.mount('http://', adapterCache)


async def get(url, data={}, api_key=misp_apikey):
    headers = {
        'User-Agent': 'misp-exercise-dashboard',
        "Authorization": api_key,
        "Accept": "application/json",
        "Content-Type": "application/json"
    }
    full_url = urljoin(misp_url, url)
    try:
        loop = asyncio.get_event_loop()
        job = lambda: requestSession.get(full_url, data=data, headers=headers, verify=not misp_skipssl)
        runningJob = loop.run_in_executor(None, job)
        response = await runningJob
    except requests.exceptions.ConnectionError as e:
        logger.info('Could not perform request on MISP. %s', e)
        return None
    except Exception as e:
        logger.warning('Could not perform request on MISP. %s', e)
    try:
        return response.json() if response.headers['content-type'].startswith('application/json') else response.text
    except requests.exceptions.JSONDecodeError:
        return response.text


async def post(url, data={}, api_key=misp_apikey):
    headers = {
        'User-Agent': 'misp-exercise-dashboard',
        "Authorization": api_key,
        "Accept": "application/json",
        "Content-Type": "application/json"
    }
    full_url = urljoin(misp_url, url)
    try:
        loop = asyncio.get_event_loop()
        job = lambda: requestSession.post(full_url, data=json.dumps(data), headers=headers, verify=not misp_skipssl)
        runningJob = loop.run_in_executor(None, job)
        response = await runningJob
    except requests.exceptions.ConnectionError as e:
        logger.info('Could not perform request on MISP. %s', e)
        return None
    except Exception as e:
        logger.warning('Could not perform request on MISP. %s', e)
    try:
        return response.json() if response.headers['content-type'].startswith('application/json') else response.text
    except requests.exceptions.JSONDecodeError:
        return response.text


async def getEvent(event_id: int) -> Union[None, dict]:
    return await get(f'/events/view/{event_id}')


async def doRestQuery(authkey: str, request_method: str, url: str, payload: dict = {}) -> Union[None, dict]:
    if request_method == 'POST':
        return await post(url, payload, api_key=authkey)
    else:
        return await get(url, payload, api_key=authkey)


async def getVersion() -> Union[None, dict]:
    return await get(f'/servers/getVersion.json')


async def getSettings() -> Union[None, dict]:
    settings = await get(f'/servers/serverSettings.json')
    if not settings:
        return None
    data = {}
    for settingName, expectedSettingValue in misp_settings.items():
        data[settingName] = {
            'expected_value': expectedSettingValue,
            'value': None
        }
    for setting in settings.get('finalSettings', []):
        if setting['setting'] in misp_settings:
            data[setting['setting']]['value'] = setting['value']
    return data


async def remediateSetting(setting) ->dict:
    if setting in misp_settings:
        payload = {
            'value': misp_settings[setting],
            'force': 1,
        }
        return await post(f'/servers/serverSettingsEdit/{setting}', payload)
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00			`#!/usr/bin/env python3`

			`import json`
new: [backend:misp_api] Added request caching 2024-07-02 11:44:01 +00:00			`from datetime import timedelta`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00			`from typing import Union`
			`from urllib.parse import urljoin`
chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`import asyncio`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00			`import requests # type: ignore`
			`import requests.adapters # type: ignore`
new: [backend:misp_api] Added request caching 2024-07-02 11:44:01 +00:00			`from requests_cache import CachedSession`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00			`from requests.packages.urllib3.exceptions import InsecureRequestWarning # type: ignore`
			`requests.packages.urllib3.disable_warnings(InsecureRequestWarning)`

new: [app] Better setting split and added misp setting remediation 2024-07-10 08:14:44 +00:00			`from config import misp_url, misp_apikey, misp_skipssl`
			`from appConfig import logger, misp_settings`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00
new: [backend:misp_api] Added request caching 2024-07-02 11:44:01 +00:00			`requestSession = CachedSession(cache_name='misp_cache', expire_after=timedelta(seconds=5))`
			`adapterCache = requests.adapters.HTTPAdapter(pool_connections=50, pool_maxsize=50)`
			`requestSession.mount('https://', adapterCache)`
			`requestSession.mount('http://', adapterCache)`

new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00
chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`async def get(url, data={}, api_key=misp_apikey):`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00			`headers = {`
			`'User-Agent': 'misp-exercise-dashboard',`
			`"Authorization": api_key,`
			`"Accept": "application/json",`
			`"Content-Type": "application/json"`
			`}`
			`full_url = urljoin(misp_url, url)`
fix: [app:requests] Catch if request failed 2024-07-01 12:40:32 +00:00			`try:`
chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`loop = asyncio.get_event_loop()`
			`job = lambda: requestSession.get(full_url, data=data, headers=headers, verify=not misp_skipssl)`
			`runningJob = loop.run_in_executor(None, job)`
			`response = await runningJob`
chg: [backend] Print connection errors on terminal 2024-07-01 12:48:00 +00:00			`except requests.exceptions.ConnectionError as e:`
fix: [backend] Fixed correct usage of logging API 2024-07-02 11:56:10 +00:00			`logger.info('Could not perform request on MISP. %s', e)`
fix: [app:requests] Catch if request failed 2024-07-01 12:40:32 +00:00			`return None`
chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`except Exception as e:`
			`logger.warning('Could not perform request on MISP. %s', e)`
chg: [app] Better error catching and logging 2024-07-02 13:05:44 +00:00			`try:`
			`return response.json() if response.headers['content-type'].startswith('application/json') else response.text`
			`except requests.exceptions.JSONDecodeError:`
			`return response.text`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00

chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`async def post(url, data={}, api_key=misp_apikey):`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00			`headers = {`
			`'User-Agent': 'misp-exercise-dashboard',`
			`"Authorization": api_key,`
			`"Accept": "application/json",`
			`"Content-Type": "application/json"`
			`}`
			`full_url = urljoin(misp_url, url)`
fix: [app:requests] Catch if request failed 2024-07-01 12:40:32 +00:00			`try:`
chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`loop = asyncio.get_event_loop()`
			`job = lambda: requestSession.post(full_url, data=json.dumps(data), headers=headers, verify=not misp_skipssl)`
			`runningJob = loop.run_in_executor(None, job)`
			`response = await runningJob`
chg: [backend] Print connection errors on terminal 2024-07-01 12:48:00 +00:00			`except requests.exceptions.ConnectionError as e:`
fix: [backend] Fixed correct usage of logging API 2024-07-02 11:56:10 +00:00			`logger.info('Could not perform request on MISP. %s', e)`
fix: [app:requests] Catch if request failed 2024-07-01 12:40:32 +00:00			`return None`
chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`except Exception as e:`
			`logger.warning('Could not perform request on MISP. %s', e)`
chg: [app] Better error catching and logging 2024-07-02 13:05:44 +00:00			`try:`
			`return response.json() if response.headers['content-type'].startswith('application/json') else response.text`
			`except requests.exceptions.JSONDecodeError:`
			`return response.text`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00

chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`async def getEvent(event_id: int) -> Union[None, dict]:`
			`return await get(f'/events/view/{event_id}')`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00

chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`async def doRestQuery(authkey: str, request_method: str, url: str, payload: dict = {}) -> Union[None, dict]:`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00			`if request_method == 'POST':`
chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`return await post(url, payload, api_key=authkey)`
new: [app] Added v0.1 of the application 2024-06-26 13:30:47 +00:00			`else:`
chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`return await get(url, payload, api_key=authkey)`
new: [app] Added setting diagnostic and brief exercise validation 2024-07-01 11:12:23 +00:00

chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`async def getVersion() -> Union[None, dict]:`
			`return await get(f'/servers/getVersion.json')`
new: [app] Added instance up diagnostic 2024-07-01 12:31:29 +00:00

chg: [backend] Make everything async relying on asyncio 2024-07-03 09:51:44 +00:00			`async def getSettings() -> Union[None, dict]:`
			`settings = await get(f'/servers/serverSettings.json')`
new: [app] Added setting diagnostic and brief exercise validation 2024-07-01 11:12:23 +00:00			`if not settings:`
			`return None`
new: [app] Better setting split and added misp setting remediation 2024-07-10 08:14:44 +00:00			`data = {}`
			`for settingName, expectedSettingValue in misp_settings.items():`
			`data[settingName] = {`
			`'expected_value': expectedSettingValue,`
			`'value': None`
			`}`
			`for setting in settings.get('finalSettings', []):`
			`if setting['setting'] in misp_settings:`
			`data[setting['setting']]['value'] = setting['value']`
			`return data`


			`async def remediateSetting(setting) ->dict:`
			`if setting in misp_settings:`
			`payload = {`
			`'value': misp_settings[setting],`
chg: [app] Few improvements here and there 2024-07-16 10:04:36 +00:00			`'force': 1,`
new: [app] Better setting split and added misp setting remediation 2024-07-10 08:14:44 +00:00			`}`
			`return await post(f'/servers/serverSettingsEdit/{setting}', payload)`