lauri/certidude
1
0
Fork 0
mirror of https://github.com/laurivosandi/certidude synced 2025-10-31 09:29:13 +00:00
Code Issues Activity

api.utils.firewall: Drop click usage and remove unneeded imports

Browse Source
This commit is contained in:
Priit Laes
2018-02-03 14:33:45 +02:00
parent 2f0569abb4
commit 7b6175ab37
1 changed files with 1 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
certidude/api/utils/firewall.py
View File

@@ -1,7 +1,6 @@
import falcon import falcon
import logging import logging
import click
from asn1crypto import pem, x509 from asn1crypto import pem, x509
logger = logging.getLogger("api") logger = logging.getLogger("api")
@@ -10,8 +9,6 @@ def whitelist_subnets(subnets):
""" """
Validate source IP address of API call against subnet list Validate source IP address of API call against subnet list
""" """
import falcon
def wrapper(func): def wrapper(func):
def wrapped(self, req, resp, *args, **kwargs): def wrapped(self, req, resp, *args, **kwargs):
# Check for administration subnet whitelist # Check for administration subnet whitelist
@@ -30,8 +27,6 @@ def whitelist_subnets(subnets):
return wrapper return wrapper
def whitelist_content_types(*content_types): def whitelist_content_types(*content_types):
import falcon
def wrapper(func): def wrapper(func):
def wrapped(self, req, resp, *args, **kwargs): def wrapped(self, req, resp, *args, **kwargs):
for content_type in content_types: for content_type in content_types:
@@ -58,7 +53,7 @@ def whitelist_subject(func):
header, _, der_bytes = pem.unarmor(buf.replace("\t", "").encode("ascii")) header, _, der_bytes = pem.unarmor(buf.replace("\t", "").encode("ascii"))
origin_cert = x509.Certificate.load(der_bytes) origin_cert = x509.Certificate.load(der_bytes)
if origin_cert.native == cert.native: if origin_cert.native == cert.native:
click.echo("Subject authenticated using certificates") logger.debug("Subject authenticated using certificates")
return func(self, req, resp, cn, *args, **kwargs) return func(self, req, resp, cn, *args, **kwargs)
# For backwards compatibility check source IP address # For backwards compatibility check source IP address
@@ -73,4 +68,3 @@ def whitelist_subject(func):
else: else:
return func(self, req, resp, cn, *args, **kwargs) return func(self, req, resp, cn, *args, **kwargs)
return wrapped return wrapped