illumio-pylo 0.3.4__tar.gz → 0.3.6__tar.gz

{illumio_pylo-0.3.4/illumio_pylo.egg-info → illumio_pylo-0.3.6}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: illumio_pylo
-Version: 0.3.4
+Version: 0.3.6
 Summary: A set of tools and library for working with Illumio PCE
 Home-page: https://github.com/cpainchaud/pylo
 Author: Christophe Painchaud

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/API/APIConnector.py

@@ -625,12 +625,14 @@ class APIConnector:
         return None
 
     def objects_ven_get(self,
-                             include_deleted=False,
-                             filter_by_ip: str = None,
-                             filter_by_label: Optional[WorkloadsGetQueryLabelFilterJsonStructure] = None,
-                             filter_by_name: str = None,
-                             max_results: int = None,
-                             async_mode=True) -> List[VenObjectJsonStructure]:
+                        include_deleted=False,
+                        filter_by_ip: str = None,
+                        filter_by_label: Optional[WorkloadsGetQueryLabelFilterJsonStructure] = None,
+                        filter_by_name: str = None,
+                        max_results: int = None,
+                        async_mode=True,
+                        representation: Optional[Literal['ven_labels']] = None
+                        ) -> List[VenObjectJsonStructure]:
         path = '/vens'
         data = {}
 
@@ -647,12 +649,14 @@ class APIConnector:
         if filter_by_name is not None:
             data['name'] = filter_by_name
 
+        if representation is not None:
+            data['representation'] = representation
+
         if max_results is not None:
             data['max_results'] = max_results
 
         return self.do_get_call(path=path, async_call=async_mode, params=data)
 
-
     def objects_workload_get(self,
                              include_deleted=False,
                              filter_by_ip: str = None,
@@ -935,18 +939,20 @@ class APIConnector:
 
         return self.do_get_call(path=path, async_call=False, include_org_id=False )
 
-    def object_network_device_endpoint_create(self, network_device_href: str, name: str, endpoint_type: Literal['switch_port'], workloads_href: List[str]) -> List[NetworkDeviceEndpointObjectJsonStructure]:
+    def object_network_device_endpoint_create(self, network_device_href: str, name: str,
+                                              endpoint_type: Literal['switch_port'], workloads_href: List[str]) \
+            -> List[NetworkDeviceEndpointObjectJsonStructure]:
+
         path = '{}/network_endpoints'.format(network_device_href)
 
-        worklaods_href_objects = []
+        workloads_href_objects = []
         for workload_href in workloads_href:
-            worklaods_href_objects.append({'href': workload_href})
+            workloads_href_objects.append({'href': workload_href})
 
-        data = { 'config': { 'name': name, 'endpoint_type': endpoint_type }, 'workloads': worklaods_href_objects}
+        data = {'config': {'name': name, 'endpoint_type': endpoint_type}, 'workloads': workloads_href_objects}
 
         return self.do_post_call(path=path, async_call=False, include_org_id=False, json_arguments=data, json_output_expected=True)
 
-
     def objects_ruleset_get(self, max_results: int = None, async_mode=True) -> List[RulesetObjectJsonStructure]:
         path = '/sec_policy/draft/rule_sets'
         data = {}
@@ -1069,7 +1075,7 @@ class APIConnector:
             'ingress_services': services_json
         }
 
-        path = ruleset_href+'/sec_rules'
+        path = ruleset_href + '/sec_rules'
 
         return self.do_post_call(path, json_arguments=data, json_output_expected=True, include_org_id=False)
 

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/API/CredentialsManager.py

@@ -4,6 +4,7 @@ from typing import Dict, TypedDict, Union, List, Optional
 import json
 import os
 from cryptography.fernet import Fernet
+from cryptography.hazmat.primitives.ciphers.aead import ChaCha20Poly1305
 from ..Exception import PyloEx
 from .. import log
 
@@ -122,7 +123,7 @@ def get_credentials_from_file(fqdn_or_profile_name: str = None,
 
     if fail_with_an_exception:
         raise PyloEx("No profile found in credential file '{}' with fqdn: {}".
-                    format(credential_file, fqdn_or_profile_name))
+                     format(credential_file, fqdn_or_profile_name))
 
     return None
 
@@ -133,8 +134,8 @@ def list_potential_credential_files() -> List[str]:
     :return:
     """
     potential_credential_files = []
-    if os.environ.get('Pylo_CREDENTIAL_FILE', None) is not None:
-        potential_credential_files.append(os.environ.get('Pylo_CREDENTIAL_FILE'))
+    if os.environ.get('PYLO_CREDENTIAL_FILE', None) is not None:
+        potential_credential_files.append(os.environ.get('PYLO_CREDENTIAL_FILE'))
     potential_credential_files.append(os.path.expanduser("~/.pylo/credentials.json"))
     potential_credential_files.append(os.path.join(os.getcwd(), "credentials.json"))
 
@@ -153,7 +154,7 @@ def get_all_credentials() -> List[CredentialProfile]:
     return credentials
 
 
-def create_credential_in_file(file_full_path: str, data: CredentialFileEntry, overwrite_existing_profile = False) -> str:
+def create_credential_in_file(file_full_path: str, data: CredentialFileEntry, overwrite_existing_profile=False) -> str:
     """
     Create a credential in a file and return the full path to the file
     :param file_full_path:
@@ -173,7 +174,10 @@ def create_credential_in_file(file_full_path: str, data: CredentialFileEntry, ov
                 for profile in credentials:
                     if profile['name'].lower() == data['name'].lower():
                         if overwrite_existing_profile:
-                            profile = data
+                            # profile is a dict, remove of all its entries
+                            for key in list(profile.keys()):
+                                del profile[key]
+                            profile.update(data)
                             break
                         else:
                             raise PyloEx("Profile with name {} already exists in file {}".format(data['name'], file_full_path))
@@ -187,7 +191,7 @@ def create_credential_in_file(file_full_path: str, data: CredentialFileEntry, ov
                 else:
                     credentials = [credentials, data]
     else:
-            credentials = [data]
+        credentials = [data]
 
     # write to the file
     with open(file_full_path, 'w') as f:
@@ -195,6 +199,7 @@ def create_credential_in_file(file_full_path: str, data: CredentialFileEntry, ov
 
     return file_full_path
 
+
 def create_credential_in_default_file(data: CredentialFileEntry) -> str:
     """
     Create a credential in the default credential file and return the full path to the file
@@ -206,32 +211,20 @@ def create_credential_in_default_file(data: CredentialFileEntry) -> str:
     return file_path
 
 
-def encrypt_api_key_with_paramiko_ssh_key_fernet(ssh_key: paramiko.AgentKey, api_key: str) -> str:
-    def encrypt(raw: str, key: bytes) -> bytes:
-        """
-
-        :param raw:
-        :param key:
-        :return: base64 encoded encrypted string
-        """
-        f = Fernet(base64.urlsafe_b64encode(key))
-        token = f.encrypt(bytes(raw, 'utf-8'))
-        return token
-
-
-    # generate a random 128bit key
-    session_key_to_sign = os.urandom(32)
+def encrypt_api_key_with_paramiko_ssh_key_chacha20poly1305(ssh_key: paramiko.AgentKey, api_key: str) -> str:
+    seed_key_to_be_signed = os.urandom(32)
+    signed_seed_key = ssh_key.sign_ssh_data(seed_key_to_be_signed)
+    encryption_key = sha256(signed_seed_key).digest()
 
-    signed_message = ssh_key.sign_ssh_data(session_key_to_sign)
+    nonce = seed_key_to_be_signed[:12]
+    chacha20_object = ChaCha20Poly1305(encryption_key)
 
-    # use SHA256 to hash the signed message and use it as final AES 256 key
-    encryption_key = sha256(signed_message).digest()
-    #print("Encryption key: {}".format(encryption_key.hex()))
-    encrypted_text = encrypt(api_key, encryption_key)
+    encrypted_text = chacha20_object.encrypt(nonce, bytes(api_key, 'utf-8'), ssh_key.get_fingerprint())
 
-    api_key = "$encrypted$:ssh-Fernet:{}:{}:{}".format(base64.urlsafe_b64encode(ssh_key.get_fingerprint()).decode('utf-8'),
-                                                       base64.urlsafe_b64encode(session_key_to_sign).decode('utf-8'),
-                                                       encrypted_text.decode('utf-8'))
+    api_key = "$encrypted$:ssh-ChaCha20Poly1305:{}:{}:{}".format(
+        base64.urlsafe_b64encode(ssh_key.get_fingerprint()).decode('utf-8'),
+        base64.urlsafe_b64encode(seed_key_to_be_signed).decode('utf-8'),
+        base64.urlsafe_b64encode(encrypted_text).decode('utf-8'))
 
     return api_key
 
@@ -251,36 +244,62 @@ def decrypt_api_key_with_paramiko_ssh_key_fernet(encrypted_api_key_payload: str)
     session_key = base64.urlsafe_b64decode(api_key_parts[3])
     encrypted_api_key = api_key_parts[4]
 
-    # find the key in the agent
-    keys = paramiko.Agent().get_keys()
-    found_key = None
-    for key in keys:
-        if key.get_fingerprint() == fingerprint:
-            found_key = key
-            break
-
-    if found_key is None:
+    ssh_key = find_ssh_key_from_fingerprint(fingerprint)
+    if ssh_key is None:
         raise PyloEx("No key found in the agent with fingerprint {}".format(fingerprint.hex()))
 
     # sign the session key
-    signed_session_key = found_key.sign_ssh_data(session_key)
+    signed_session_key = ssh_key.sign_ssh_data(session_key)
     encryption_key = sha256(signed_session_key).digest()
-    #print("Encryption key: {}".format(encryption_key.hex()))
-    #print("Encrypted from KEY fingerprint: {}".format(fingerprint.hex()))
+    # print("Encryption key: {}".format(encryption_key.hex()))
+    # print("Encrypted from KEY fingerprint: {}".format(fingerprint.hex()))
 
     return decrypt(token_b64_encoded=encrypted_api_key,
                    key=encryption_key
                    )
 
+
+def decrypt_api_key_with_paramiko_ssh_key_chacha20poly1305(encrypted_api_key_payload: str) -> str:
+    api_key_parts = encrypted_api_key_payload.split(":")
+    if len(api_key_parts) != 5:
+        raise PyloEx("Invalid encrypted API key format")
+
+    fingerprint = base64.urlsafe_b64decode(api_key_parts[2])
+    seed_key_to_be_signed = base64.urlsafe_b64decode(api_key_parts[3])
+    encrypted_api_key = base64.urlsafe_b64decode(api_key_parts[4])
+
+    ssh_key = find_ssh_key_from_fingerprint(fingerprint)
+    if ssh_key is None:
+        raise PyloEx("No key found in the agent with fingerprint {}".format(fingerprint.hex()))
+
+    signed_session_key = ssh_key.sign_ssh_data(seed_key_to_be_signed)
+    encryption_key = sha256(signed_session_key).digest()
+
+    chacha20_object = ChaCha20Poly1305(encryption_key)
+    nonce = seed_key_to_be_signed[:12]
+
+    return chacha20_object.decrypt(nonce, encrypted_api_key, ssh_key.get_fingerprint()).decode('utf-8')
+
+
 def decrypt_api_key(encrypted_api_key_payload: str) -> str:
     # detect the encryption method
     if not encrypted_api_key_payload.startswith("$encrypted$:"):
         raise PyloEx("Invalid encrypted API key format")
     if encrypted_api_key_payload.startswith("$encrypted$:ssh-Fernet:"):
         return decrypt_api_key_with_paramiko_ssh_key_fernet(encrypted_api_key_payload)
+    elif encrypted_api_key_payload.startswith("$encrypted$:ssh-ChaCha20Poly1305:"):
+        return decrypt_api_key_with_paramiko_ssh_key_chacha20poly1305(encrypted_api_key_payload)
 
     raise PyloEx("Unsupported encryption method: {}".format(encrypted_api_key_payload.split(":")[1]))
 
 
 def is_api_key_encrypted(encrypted_api_key_payload: str) -> bool:
-    return encrypted_api_key_payload.startswith("$encrypted$:")
+    return encrypted_api_key_payload.startswith("$encrypted$:")
+
+
+def find_ssh_key_from_fingerprint(fingerprint: bytes) -> Optional[paramiko.AgentKey]:
+    keys = paramiko.Agent().get_keys()
+    for key in keys:
+        if key.get_fingerprint() == fingerprint:
+            return key
+    return None

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/AgentStore.py

@@ -12,6 +12,9 @@ from typing import *
 
 class VENAgent(pylo.ReferenceTracker):
 
+    __slots__ = ['href', 'owner', 'workload', 'software_version', '_last_heartbeat', '_status_security_policy_sync_state',
+                 '_status_security_policy_applied_at', '_status_rule_count', 'mode', 'raw_json']
+
     def __init__(self, href: str, owner: 'pylo.AgentStore', workload: 'pylo.Workload' = None):
         pylo.ReferenceTracker.__init__(self)
         self.href: str = href

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/IPList.py

@@ -8,13 +8,7 @@ from .Helpers import *
 
 class IPList(pylo.ReferenceTracker):
 
-    """
-    :type owner: IPListStore
-    :type description: str|None
-    :type raw_entries: dict[str,str]
-    """
-    name: str
-    href: str
+    __slots__ = ['owner', 'name', 'href', 'description', 'raw_json', 'raw_entries']
 
     def __init__(self, name: str, href: str, owner: 'pylo.IPListStore', description=None):
         """

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/IPMap.py

@@ -20,6 +20,9 @@ for i in range(32):
 
 
 class IP4Map:
+
+    __slots__ = ['_entries']
+
     def __init__(self):
         self._entries = []
 

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/LabelCommon.py

@@ -5,6 +5,8 @@ from .LabelStore import label_type_role, label_type_env, label_type_loc, label_t
 
 class LabelCommon:
 
+    __slots__ = ['owner', 'name', 'href', 'type']
+
     def __init__(self, name: str, href: str, label_type: str, owner: LabelStore):
         self.owner: LabelStore = owner
         self.name: str = name

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/LabelGroup.py

@@ -8,6 +8,8 @@ from .API.JsonPayloadTypes import LabelGroupObjectJsonStructure
 
 class LabelGroup(pylo.ReferenceTracker, pylo.LabelCommon):
 
+    __slots__ = ['_members_by_href', 'raw_json']
+
     def __init__(self, name: str, href: str, label_type: str, owner):
         pylo.ReferenceTracker.__init__(self)
         pylo.LabelCommon.__init__(self, name, href, label_type, owner)

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/LabelStore.py

@@ -47,6 +47,8 @@ class LabelStore:
                         result.append(label)
             return result
 
+    __slots__ = ['owner', '_items_by_href', 'label_types', 'label_types_as_set', 'label_resolution_cache']
+
     def __init__(self, owner: 'pylo.Organization'):
         self.owner: "pylo.Organization" = owner
         self._items_by_href: Dict[str, Union[pylo.Label, pylo.LabelGroup]] = {}

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/LabeledObject.py

@@ -4,6 +4,8 @@ import illumio_pylo as pylo
 
 class LabeledObject:
 
+    __slots__ = ['_labels']
+
     def __init__(self):
         self._labels: Dict[str, 'pylo.Label'] = {}
 

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/Organization.py

@@ -9,6 +9,9 @@ from .API.CredentialsManager import get_credentials_from_file
 
 class Organization:
 
+    __slots__ = ['id', 'connector', 'LabelStore', 'IPListStore', 'WorkloadStore', 'VirtualServiceStore', 'AgentStore',
+                 'ServiceStore', 'RulesetStore', 'SecurityPrincipalStore', 'pce_version']
+
     def __init__(self, org_id):
         self.id: int = org_id
         self.connector: Optional['pylo.APIConnector'] = None
@@ -58,7 +61,7 @@ class Organization:
         """
         Credentials files will be looked for in the following order:
         1. The path provided in the credential_file argument
-        2. The path provided in the Pylo_CREDENTIAL_FILE environment variable
+        2. The path provided in the PYLO_CREDENTIAL_FILE environment variable
         3. The path ~/.pylo/credentials.json
         4. Current working directory credentials.json
         :param fqdn_or_profile_name:

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/Rule.py

@@ -28,6 +28,9 @@ class RuleApiUpdateStack:
 
 class Rule:
 
+    __slots__ = ['owner', 'description', 'services', 'providers', 'consumers', 'consuming_principals', 'href', 'enabled',
+                 'secure_connect', 'unscoped_consumers', 'stateless', 'machine_auth', 'raw_json', 'batch_update_stack']
+
     def __init__(self, owner: 'Ruleset'):
         self.owner: Ruleset = owner
         self.description: Optional[str] = None
@@ -123,6 +126,9 @@ class Rule:
 
 
 class RuleSecurityPrincipalContainer(pylo.Referencer):
+
+    __slots__ = ['owner', '_items']
+
     def __init__(self, owner: 'pylo.Rule'):
         Referencer.__init__(self)
         self.owner = owner
@@ -140,6 +146,9 @@ class RuleSecurityPrincipalContainer(pylo.Referencer):
 
 
 class DirectServiceInRule:
+
+    __slots__ = ['protocol', 'port', 'to_port']
+
     def __init__(self, proto: int, port: int = None, toport: int = None):
         self.protocol = proto
         self.port = port
@@ -245,6 +254,9 @@ class DirectServiceInRule:
 
 
 class RuleServiceContainer(pylo.Referencer):
+
+    __slots__ = ['owner', '_items', '_direct_services', '_cached_port_map']
+
     def __init__(self, owner: 'pylo.Rule'):
         Referencer.__init__(self)
         self.owner = owner
@@ -380,6 +392,9 @@ class RuleServiceContainer(pylo.Referencer):
 
 
 class RuleHostContainer(pylo.Referencer):
+
+    __slots__ = ['owner', '_items', 'name', '_hasAllWorkloads']
+
     def __init__(self, owner: 'pylo.Rule', name: str):
         Referencer.__init__(self)
         self.owner = owner

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/Ruleset.py

@@ -10,6 +10,8 @@ ruleset_id_extraction_regex = re.compile(r"^/orgs/([0-9]+)/sec_policy/([0-9]+)?(
 
 class RulesetScope:
 
+    __slots__ = ['owner', 'scope_entries']
+
     def __init__(self, owner: 'pylo.Ruleset'):
         self.owner: 'pylo.Ruleset' = owner
         self.scope_entries: Dict['pylo.RulesetScopeEntry', 'pylo.RulesetScopeEntry'] = {}
@@ -39,6 +41,8 @@ class RulesetScope:
 
 class RulesetScopeEntry:
 
+    __slots__ = ['owner', '_labels']
+
     def __init__(self, owner: 'pylo.RulesetScope'):
         self.owner: pylo.RulesetScope = owner
         self._labels: Dict[str, Union['pylo.Label', 'pylo.LabelGroup']] = {}
@@ -144,6 +148,8 @@ class RulesetScopeEntry:
 
 class Ruleset:
 
+    __slots__ = ['owner', 'href', 'name', 'description', 'scopes', '_rules_by_href', '_rules', 'disabled']
+
     def __init__(self, owner: 'pylo.RulesetStore'):
         self.owner: 'pylo.RulesetStore' = owner
         self.href: Optional[str] = None

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/RulesetStore.py

@@ -7,6 +7,8 @@ from .Helpers import nice_json
 
 class RulesetStore:
 
+    __slots__ = ['owner', '_items_by_href']
+
     def __init__(self, owner: 'pylo.Organization'):
         self.owner: pylo.Organization = owner
         self._items_by_href: Dict[str, 'pylo.Ruleset'] = {}

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/SecurityPrincipal.py

@@ -5,6 +5,9 @@ from illumio_pylo import log
 
 
 class SecurityPrincipal(pylo.ReferenceTracker):
+
+    __slots__ = ['owner', 'name', 'href', 'sid', 'deleted', 'raw_json']
+
     def __init__(self, name: str, href: str, owner: 'pylo.SecurityPrincipalStore'):
         pylo.ReferenceTracker.__init__(self)
         self.owner: 'pylo.SecurityPrincipalStore' = owner

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/Service.py

@@ -6,6 +6,9 @@ from typing import *
 
 
 class PortMap:
+
+    __slots__ = ['_tcp_map', '_udp_map', '_protocol_map']
+
     def __init__(self):
         self._tcp_map: List[List[2]] = []  # [start, end]
         self._udp_map: List[List[2]] = []  # [start, end]
@@ -99,6 +102,9 @@ class PortMap:
 
 
 class ServiceEntry:
+
+    __slots__ = ['protocol', 'port', 'to_port', 'icmp_code', 'icmp_type']
+
     def __init__(self, protocol: int, port: int = None, to_port: Optional[int] = None, icmp_code: Optional[int] = None,
                  icmp_type: Optional[int] = None):
         self.protocol = protocol
@@ -160,6 +166,8 @@ class ServiceEntry:
 
 class Service(pylo.ReferenceTracker):
 
+    __slots__ = ['name', 'href', 'owner', 'entries', 'description', 'processName', 'deleted', 'raw_json']
+
     def __init__(self, name: str, href: str, owner: 'pylo.ServiceStore'):
         pylo.ReferenceTracker.__init__(self)
 

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/SoftwareVersion.py

@@ -6,9 +6,7 @@ version_regex = re.compile(r"^(?P<major>[0-9]+)\.(?P<middle>[0-9]+)\.(?P<minor>[
 
 class SoftwareVersion:
 
-    """
-    :type version_string: str
-    """
+    __slots__ = ['version_string', 'is_unknown', 'major', 'middle', 'minor', 'build']
 
     def __init__(self, version_string: str):
         self.version_string = version_string

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/VirtualService.py

@@ -4,6 +4,9 @@ import illumio_pylo as pylo
 
 
 class VirtualService(pylo.ReferenceTracker):
+
+    __slots__ = ['owner', 'name', 'href', 'raw_json']
+
     def __init__(self, name: str, href: str, owner: 'pylo.VirtualServiceStore'):
         pylo.ReferenceTracker.__init__(self)
         self.owner = owner

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/VirtualServiceStore.py

@@ -6,6 +6,8 @@ from .API.JsonPayloadTypes import VirtualServiceObjectJsonStructure
 
 class VirtualServiceStore:
 
+    __slots__ = ['owner', 'items_by_href', 'itemsByName']
+
     def __init__(self, owner: 'pylo.Organization'):
         self.owner: 'pylo.Organization' = owner
         self.items_by_href: Dict[str, 'pylo.VirtualService'] = {}

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/Workload.py

@@ -47,6 +47,9 @@ class WorkloadApiUpdateStack:
 
 class Workload(pylo.ReferenceTracker, pylo.Referencer, LabeledObject):
 
+    __slots__ = ['owner', 'name', 'href', 'forced_name', 'hostname', 'description', 'interfaces', 'online', 'os_id',
+                 'os_detail', 'ven_agent', 'unmanaged', 'temporary', 'deleted', 'raw_json', '_batch_update_stack']
+
     def __init__(self, name: str, href: str, owner: 'pylo.WorkloadStore'):
         ReferenceTracker.__init__(self)
         Referencer.__init__(self)

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/WorkloadStore.py

@@ -10,6 +10,8 @@ from .WorkloadStoreSubClasses import UnmanagedWorkloadDraft, UnmanagedWorkloadDr
 
 class WorkloadStore:
 
+    __slots__ = ['owner', 'itemsByHRef']
+
     def __init__(self, owner: 'Organization'):
         self.owner: Organization = owner
         self.itemsByHRef: Dict[str, Workload] = {}

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/WorkloadStoreSubClasses.py

@@ -66,6 +66,7 @@ class CreationTracker:
     workload: Optional[pylo.Workload] = None
     workload_href: Optional[str] = None
 
+
 class UnmanagedWorkloadDraftMultiCreatorManager:
     def __init__(self, owner: 'pylo.WorkloadStore'):
 

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/__init__.py

@@ -1,7 +1,5 @@
-__version__ = "0.3.4"
+__version__ = "0.3.6"
 
-import os
-import sys
 from typing import Callable
 
 from .tmp import *
@@ -60,7 +58,7 @@ def get_organization_using_credential_file(fqdn_or_profile_name: str = None,
     """
     Credentials files will be looked for in the following order:
     1. The path provided in the credential_file argument
-    2. The path provided in the Pylo_CREDENTIAL_FILE environment variable
+    2. The path provided in the PYLO_CREDENTIAL_FILE environment variable
     3. The path ~/.pylo/credentials.json
     4. Current working directory credentials.json
     :param fqdn_or_profile_name:
@@ -77,7 +75,6 @@ def get_organization_using_credential_file(fqdn_or_profile_name: str = None,
                                                            callback_api_objects_downloaded=callback_api_objects_downloaded)
 
 
-
 ignoreWorkloadsWithSameName = True
 
 objectNotFound = object()

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/cli/commands/credential_manager.py

@@ -9,8 +9,9 @@ import paramiko
 import illumio_pylo as pylo
 import click
 from illumio_pylo.API.CredentialsManager import get_all_credentials, create_credential_in_file, CredentialFileEntry, \
-    create_credential_in_default_file, encrypt_api_key_with_paramiko_ssh_key_fernet, decrypt_api_key_with_paramiko_ssh_key_fernet, \
-    get_credentials_from_file
+    create_credential_in_default_file,  \
+    get_credentials_from_file, encrypt_api_key_with_paramiko_ssh_key_chacha20poly1305, \
+    decrypt_api_key_with_paramiko_ssh_key_chacha20poly1305, decrypt_api_key_with_paramiko_ssh_key_fernet
 
 from illumio_pylo import log
 from . import Command
@@ -28,7 +29,6 @@ def fill_parser(parser: argparse.ArgumentParser):
     test_parser.add_argument('--name', required=False, type=str, default=None,
                              help='Name of the credential profile to test')
 
-
     create_parser = sub_parser.add_parser('create', help='Create a new credential')
     create_parser.add_argument('--name', required=False, type=str, default=None,
                      help='Name of the credential')
@@ -46,20 +46,18 @@ def fill_parser(parser: argparse.ArgumentParser):
 
 def __main(args, **kwargs):
     if args['sub_command'] == 'list':
+        table = PrettyTable(field_names=["Name", "URL", "API User", "Originating File"])
+        # all should be left justified
+        table.align = "l"
+
         credentials = get_all_credentials()
         # sort credentials by name
         credentials.sort(key=lambda x: x.name)
 
-        # print credentials in a nice table
-        table_template = " {:<19} {:<40} {:<22} {:<25}"
-        print(table_template.format("Name", "URL", "API User", "Originating File"))
-
         for credential in credentials:
-            print(table_template.format(credential.name,
-                                        credential.fqdn + ':' + str(credential.port),
-                                        credential.api_user,
-                                        credential.originating_file)
-                  )
+            table.add_row([credential.name, credential.fqdn, credential.api_user, credential.originating_file])
+
+        print(table)
 
     elif args['sub_command'] == 'create':
 
@@ -136,10 +134,11 @@ def __main(args, **kwargs):
                                                       selected_ssh_key.get_fingerprint().hex(),
                                                       selected_ssh_key.comment))
             print(" * encrypting API key with selected key (you may be prompted by your SSH agent for confirmation or PIN code) ...", flush=True, end="")
-            encrypted_api_key = encrypt_api_key_with_paramiko_ssh_key_fernet(ssh_key=selected_ssh_key, api_key=api_key)
+            # encrypted_api_key = encrypt_api_key_with_paramiko_ssh_key_fernet(ssh_key=selected_ssh_key, api_key=api_key)
+            encrypted_api_key = encrypt_api_key_with_paramiko_ssh_key_chacha20poly1305(ssh_key=selected_ssh_key, api_key=api_key)
             print("OK!")
             print(" * trying to decrypt the encrypted API key...", flush=True, end="")
-            decrypted_api_key = decrypt_api_key_with_paramiko_ssh_key_fernet(encrypted_api_key_payload=encrypted_api_key)
+            decrypted_api_key = decrypt_api_key_with_paramiko_ssh_key_chacha20poly1305(encrypted_api_key_payload=encrypted_api_key)
             if decrypted_api_key != api_key:
                 raise pylo.PyloEx("Decrypted API key does not match original API key")
             print("OK!")

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6}/illumio_pylo/tmp.py

@@ -37,14 +37,33 @@ def find_connector_or_die(obj) -> 'pylo.APIConnector':
     :param obj:
     :return:
     """
-    connector = obj.__dict__.get('connector')  # type: pylo.APIConnector
-    if connector is None:
-        owner = obj.__dict__.get('owner')
-        if owner is None:
-            raise Exception("Could not find a Connector object")
-        return find_connector_or_die(owner)
-
-    return connector
+
+    connector = None
+
+    # check if object has a __dict__ attribute
+    if not hasattr(obj, '__dict__'):
+        # check if it's in __slots__
+        if hasattr(obj, '__slots__'):
+            if 'connector' in obj.__slots__:
+                connector = obj.__getattribute__('connector')
+                if connector is not None:
+                    return connector
+                raise Exception("Could not find a Connector object")
+            if 'owner' in obj.__slots__:
+                owner = obj.__getattribute__('owner')
+                if owner is None:
+                    raise Exception("Could not find a Connector object")
+                return find_connector_or_die(owner)
+        raise Exception("Could not find a Connector object")
+    else:
+        connector = obj.__dict__.get('connector')  # type: pylo.APIConnector
+        if connector is None:
+            owner = obj.__dict__.get('owner')
+            if owner is None:
+                raise Exception("Could not find a Connector object")
+            return find_connector_or_die(owner)
+
+        return connector
 
 
 class IDTranslationTable:

{illumio_pylo-0.3.4 → illumio_pylo-0.3.6/illumio_pylo.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: illumio_pylo
-Version: 0.3.4
+Version: 0.3.6
 Summary: A set of tools and library for working with Illumio PCE
 Home-page: https://github.com/cpainchaud/pylo
 Author: Christophe Painchaud