feat(api): EE changed credentials logic

2021-11-30 18:02:21 +01:00 · 2021-11-30 18:02:21 +01:00 · 0419000b26
commit 0419000b26
parent 8c0b1ea630
3 changed files with 33 additions and 7 deletions
--- a/ee/api/chalicelib/blueprints/app/v1_api_ee.py
+++ b/ee/api/chalicelib/blueprints/app/v1_api_ee.py
@ -10,5 +10,7 @@ _overrides.chalice_app(app)

@app.route('/v1/assist/credentials', methods=['GET'], authorizer=bp_authorizers.api_key_authorizer)
 def get_assist_credentials(context):
-    username, credential = assist_helper.get_temporary_credentials()
-    return {"data": {'username': username, 'credential': credential}}
+    credentials = assist_helper.get_temporary_credentials()
+    if "errors" in credentials:
+        return credentials
+    return {"data": credentials}
--- a/ee/api/chalicelib/blueprints/bp_ee.py
+++ b/ee/api/chalicelib/blueprints/bp_ee.py
@ -55,5 +55,4 @@ def delete_role(roleId, context):

@app.route('/assist/credentials', methods=['GET'])
 def get_assist_credentials(context):
-    username, credential = assist_helper.get_temporary_credentials()
-    return {"data": {'username': username, 'credential': credential}}
+    return {"data": assist_helper.get_full_config()}
--- a/ee/api/chalicelib/utils/assist_helper.py
+++ b/ee/api/chalicelib/utils/assist_helper.py
@ -3,17 +3,42 @@ import hashlib
 import hmac
 from time import time

+from chalicelib.core import assist
 from chalicelib.utils import helper
 from chalicelib.utils.helper import environ


+def __get_secret():
+    return environ["assist_secret"] if environ["assist_secret"] is not None and len(
+        environ["assist_secret"]) > 0 else None
+
+
 def get_temporary_credentials():
+    secret = __get_secret()
+    if secret is None:
+        return {"errors": ["secret not defined"]}
    user = helper.generate_salt()
-    secret = environ["assist_secret"]
    ttl = int(environ.get("assist_ttl", 48)) * 3600
    timestamp = int(time()) + ttl
    username = str(timestamp) + ':' + user
    dig = hmac.new(bytes(secret, 'utf-8'), bytes(username, 'utf-8'), hashlib.sha1)
    dig = dig.digest()
-    password = base64.b64encode(dig).decode()
-    return user, password
+    credential = base64.b64encode(dig).decode()
+    return {'username': username, 'credential': credential}
+
+
+def get_full_config():
+    servers = assist.get_ice_servers()
+    servers = servers.split("|")
+    credentials = get_temporary_credentials()
+    if __get_secret() is not None:
+        servers = [{"url": s.split(",")[0], **credentials} for s in servers]
+    else:
+        for i in range(len(servers)):
+            s = servers[i].split("|")
+            if len(s) == 3:
+                servers[i] = {"url": s[0], "username": s[1], "credential": s[2]}
+            else:
+                servers[i] = {"url": s[0]}
+
+    return servers