feat(api): assist credentials generator

ee/api/.chalice/config.json

@@ -64,7 +64,8 @@
         "invitation_link": "/api/users/invitation?token=%s",
         "change_password_link": "/reset-password?invitation=%s&&pass=%s",
         "iosBucket": "openreplay-ios-images",
-        "version_number": "1.4.0"
+        "version_number": "1.3.6",
+        "assist_secret": ""
       },
       "lambda_timeout": 150,
       "lambda_memory_size": 400,

ee/api/chalicelib/blueprints/bp_ee.py

@@ -1,8 +1,16 @@
+import base64
+import hashlib
+import hmac
+from time import time
+
 from chalice import Blueprint
 
 from chalicelib import _overrides
+from chalicelib.blueprints import bp_authorizers
 from chalicelib.core import roles
 from chalicelib.core import unlock
+from chalicelib.utils import helper
+from chalicelib.utils.helper import environ
 
 app = Blueprint(__name__)
 _overrides.chalice_app(app)
@@ -50,3 +58,17 @@ def delete_role(roleId, context):
     return {
         'data': data
     }
+
+
+@app.route('/assist/credentials', methods=['GET'], authorizer=bp_authorizers.api_key_authorizer)
+def get_assist_credentials(context):
+    user = helper.generate_salt()
+    secret = environ["assist_secret"]
+    ttl = int(environ.get("assist_ttl", 48)) * 3600
+    timestamp = int(time()) + ttl
+    username = str(timestamp) + ':' + user
+    dig = hmac.new(bytes(secret, 'utf-8'), bytes(username, 'utf-8'), hashlib.sha1)
+    dig = dig.digest()
+    password = base64.b64encode(dig).decode()
+
+    return {"data": {'username': username, 'password': password}}

scripts/helm/app/chalice.yaml

@@ -63,3 +63,4 @@ env:
   idp_sso_url: ''
   idp_x509cert: ''
   idp_sls_url: ''
+  assist_secret: ''