pyntcli 0.1.111__py3-none-any.whl → 0.1.113__py3-none-any.whl

ignoreTests/auth/login.py

@@ -59,7 +59,7 @@ class TestLogin():
         with pytest.raises(Timeout):
             with requests_mock.mock() as m:
                 m.add_matcher(self.poll_matcher)
-                l.get_token_using_request_id("some_id")
+                l.claim_token_using_device_code("some_id")
 
     def test_is_jwt_expired(self):
 

pyntcli/__init__.py

@@ -1 +1 @@
-__version__ = "0.1.111"
+__version__ = "0.1.113"

pyntcli/auth/login.py

@@ -1,6 +1,7 @@
+import random
+import string
 from base64 import b64decode
 import webbrowser
-import uuid
 import urllib.parse
 import datetime
 import time
@@ -28,6 +29,8 @@ PYNT_ID = "PYNT_ID"
 PYNT_CREDENTIALS = "PYNT_CREDENTIALS"
 PYNT_SAAS = os.environ.get("PYNT_SAAS_URL") if os.environ.get(
     "PYNT_SAAS_URL") else "https://api.pynt.io/v1"
+PYNT_APP_URL = os.environ.get("PYNT_APP_URL") if os.environ.get(
+    "PYNT_APP_URL") else "https://app.pynt.io"
 PYNT_BUCKET_NAME = os.environ.get(
     "PYNT_BUCKET_NAME") if os.environ.get("PYNT_BUCKET_NAME") else ""
 PYNT_PARAM1 = os.environ.get(
@@ -36,41 +39,47 @@ PYNT_PARAM2 = os.environ.get(
     "PYNT_PARAM2") if os.environ.get("PYNT_PARAM2") else ""
 
 
+def generate_device_code() -> str:
+    """
+    Generates a random 8 alphanumeric string of pattern `XXXX-XXXX`
+    """
+    part_one = ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(4))
+    part_two = ''.join(random.choice(string.ascii_uppercase + string.digits) for _ in range(4))
+    return f"{part_one}-{part_two}"
+
+
 class Login():
     def __init__(self) -> None:
         self.delay = 5
-        self.base_authorization_url = "https://pynt.io/login?"
-        self.poll_url = "https://n592meacjj.execute-api.us-east-1.amazonaws.com/default/cli_validate_login"
         self.login_wait_period = (60 * 3)  # 3 minutes
 
-    def create_login_request(self):
-        request_id = uuid.uuid4()
-        request_url = self.base_authorization_url + \
-            urllib.parse.urlencode(
-                {"request_id": request_id, "utm_source": "cli"})
+    def create_login_request(self) -> str:
+        device_code = generate_device_code()
+        request_url = f"{PYNT_APP_URL}/login?" + urllib.parse.urlencode(
+            {"device_code": device_code, "utm_source": "cli"})
         webbrowser.open(request_url)
 
         ui_thread.print(ui_thread.PrinterText("To continue, you need to log in to your account.")
-                                 .with_line("You will now be redirected to the login page.")
-                                 .with_line("")
-                                 .with_line("If you are not automatically redirected, please click on the link provided below (or copy to your web browser)")
-                                 .with_line(request_url))
-        return request_id
-
-    def get_token_using_request_id(self, request_id):
+                        .with_line("You will now be redirected to the login page.")
+                        .with_line("")
+                        .with_line("If you are not automatically redirected, please click on the link provided below (or copy to your web browser)")
+                        .with_line(request_url))
+        return device_code
+
+    def claim_token_using_device_code(self, device_code: str):
+        poll_url = f"{PYNT_SAAS}/auth/device-code/{device_code}"
         with ui_thread.spinner("Waiting...", "point"):
             start = time.time()
             while start + self.login_wait_period > time.time():
-                response = pynt_requests.get(self.poll_url, params={
-                                             "request_id": request_id})
+                response = pynt_requests.get(poll_url)
                 if response.status_code == 200:
                     return response.json()
                 time.sleep(self.delay)
             raise Timeout()
 
     def login(self):
-        id = self.create_login_request()
-        token = self.get_token_using_request_id(id)
+        device_code = self.create_login_request()
+        token = self.claim_token_using_device_code(device_code)
         with CredStore() as store:
             store.put("token", token)
 
@@ -85,6 +94,7 @@ def refresh_token():
         token = store.get("token")
 
     if not token:
+        ui_thread.print_verbose("Token not found, logging in")
         Login().login()
 
     access_token = token.get("access_token")
@@ -93,11 +103,13 @@ def refresh_token():
 
     refresh = token.get("refresh_token", None)
     if not refresh:
+        ui_thread.print_verbose("Refresh token not found, logging in")
         Login().login()
         return
 
     refresh_response = refresh_request(refresh)
     if refresh_response.status_code != 200:
+        ui_thread.print_verbose("Failed to refresh token, logging in")
         Login().login()
         return
 
@@ -172,9 +184,11 @@ def should_login():
         token = store.get("token")
 
         if not token or token == store.connector.default_value:
+            ui_thread.print_verbose("Token is default or not found")
             return True
 
         if not token.get("refresh_token"):
+            ui_thread.print_verbose("Refresh token not found")
             return True
 
         return False

pyntcli/commands/burp.py

@@ -151,6 +151,7 @@ def burp_usage():
         .with_line("\t--application-id - Attach the scan to an application, you can find the ID in your applications area at app.pynt.io")
         .with_line("\t--host-ca - Path to the CA file in PEM format to enable SSL certificate verification for pynt when running through a VPN.")
         .with_line("\t--severity-level - 'all', 'medium', 'high', 'critical', 'none' (default) ")
+        .with_line("\t--tag - Tag the scan. Repeat for multiple tags")
         .with_line("\t--verbose - Use to get more detailed information about the run")
     )
 

pyntcli/commands/command.py

@@ -40,6 +40,7 @@ def command_usage():
         .with_line("\t--application-id - Attach the scan to an application, you can find the ID in your applications area at app.pynt.io")
         .with_line("\t--host-ca - Path to the CA file in PEM format to enable SSL certificate verification for pynt when running through a VPN.")
         .with_line("\t--severity-level - 'all', 'medium', 'high', 'critical', 'none' (default) ")
+        .with_line("\t--tag - Tag the scan. Repeat for multiple tags")
         .with_line("\t--verbose - Use to get more detailed information about the run")
     )
 

pyntcli/commands/har.py

@@ -29,6 +29,7 @@ def har_usage():
             "\t--host-ca - Path to the CA file in PEM format to enable SSL certificate verification for pynt when running through a VPN."
         )
         .with_line("\t--severity-level - 'all', 'medium', 'high', 'critical', 'none' (default) ")
+        .with_line("\t--tag - Tag the scan. Repeat for multiple tags")
         .with_line("\t--verbose - Use to get more detailed information about the run")
         .with_line("")
     )

pyntcli/commands/listen.py

@@ -34,6 +34,7 @@ def listen_usage():
         .with_line("\t--insecure - use when target uses self signed certificates")
         .with_line("\t--host-ca - path to the CA file in PEM format to enable SSL certificate verification for pynt when running through a VPN.")
         .with_line("\t--severity-level - 'all', 'medium', 'high', 'critical', 'none' (default) ")
+        .with_line("\t--tag - Tag the scan. Repeat for multiple tags")
         .with_line("\t--verbose - Use to get more detailed information about the run")
     )
 

pyntcli/commands/newman.py

@@ -29,6 +29,7 @@ def newman_usage():
             "\t--application-id - Attach the scan to an application, you can find the ID in your applications area at app.pynt.io"
         )
         .with_line("\t--severity-level - 'all', 'medium', 'high', 'critical', 'none' (default) ")
+        .with_line("\t--tag - Tag the scan. Repeat for multiple tags")
         .with_line("\t--verbose - Use to get more detailed information about the run")
     )
 

pyntcli/commands/postman.py

@@ -36,6 +36,7 @@ def postman_usage():
         .with_line("\t--port - set the port pynt will listen to (DEFAULT: 5001)") \
         .with_line("\t--insecure - use when target uses self signed certificates") \
         .with_line("\t--host-ca - path to the CA file in PEM format to enable SSL certificate verification for pynt when running through a VPN.") \
+        .with_line("\t--tag - Tag the scan. Repeat for multiple tags") \
         .with_line("\t--verbose - Use to get more detailed information about the run")
 
 

pyntcli/commands/root.py

@@ -96,6 +96,14 @@ class BaseCommand:
             type=str,
             help=argparse.SUPPRESS,
         )
+        parser.add_argument(
+            "--tag",
+            default=[],
+            required=False,
+            nargs="+",
+            action="append",
+            help=argparse.SUPPRESS,
+        )
 
     def get_subparser(self) -> argparse._SubParsersAction:
         if self.subparser is None:
@@ -107,6 +115,7 @@ class BaseCommand:
         analytics.emit(analytics.LOGIN_START)
 
         if login.should_login():
+            ui_thread.print_verbose("User should login")
             l = login.Login().login()
         else:
             login.refresh_token()

pyntcli/commands/template.py

@@ -26,6 +26,7 @@ def template_usage():
         .with_line("\t--urls - Path to the file containing the base URLs (with new line separator) for the attacks")
         .with_line("\t--reporters - Output results to json")
         .with_line("\t--severity-level - 'all', 'medium', 'high', 'critical', 'none' (default)")
+        .with_line("\t--tag - Tag the scan. Repeat for multiple tags")
         .with_line("\t--verbose - Use to get more detailed information about the run")
         .with_line("")
     )

pyntcli/pynt_docker/pynt_container.py

@@ -167,6 +167,10 @@ def build_docker_args(integration_name: str, args: argparse.Namespace, port_args
     if "verbose" in args and args.verbose:
         docker_arguments.append("--verbose")
 
+    if "tag" in args and args.tag:
+        for tag in args.tag:
+            docker_arguments += ["--tag", tag[0]]
+            
     for port_arg in port_args:
         docker_arguments += [port_arg.name, str(port_arg.port)]
 

{pyntcli-0.1.111.dist-info → pyntcli-0.1.113.dist-info}/METADATA

@@ -1,6 +1,6 @@
-Metadata-Version: 2.1
+Metadata-Version: 2.2
 Name: pyntcli
-Version: 0.1.111
+Version: 0.1.113
 Summary: Command line utility to handle all of Pynt's different integrations
 Author-email: Pynt-io <support@pynt.io>
 Project-URL: Homepage, https://pynt.io

{pyntcli-0.1.111.dist-info → pyntcli-0.1.113.dist-info}/RECORD

@@ -1,31 +1,31 @@
 ignoreTests/conftest.py,sha256=gToq5K74GtgeGQXjFvXSzMaE6axBYxAzcFG5XJPOXjI,427
-ignoreTests/auth/login.py,sha256=KFlzWhXBAuwdi7GXf16gCB3ya94LQG2wjcSChE149rQ,3798
+ignoreTests/auth/login.py,sha256=7GeBirHTD9t6EassLYsegCw1FZHkfjvVW1Z5uybHzgM,3801
 ignoreTests/store/cred_store.py,sha256=_7-917EtNC9eKEumO2_lt-7KuDmCwOZFaowCm7DbA_A,254
-pyntcli/__init__.py,sha256=lrG5YEJvZGvdRdN0nHdBVYBbeJk9t0y5VzK8HCgSUHk,24
+pyntcli/__init__.py,sha256=j3sjtalrZ7qzajUh_46Une0yUZprSFiTpVECCQnsaGI,24
 pyntcli/main.py,sha256=RD0W2_0ogYBCXubo-YewxHYkiIXxNv6NkZOh3n1VujE,5964
 pyntcli/analytics/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 pyntcli/analytics/send.py,sha256=0hJ0WJNFHLqyohtRr_xOg5WEXzxHrUOlcePPg-k65Hk,3846
 pyntcli/auth/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-pyntcli/auth/login.py,sha256=TljsRXbEkNI1YUrKm5mlTw4YiecYScYUsit8Z8vstss,5228
+pyntcli/auth/login.py,sha256=Oz1DtEZje0afgJcHSwEFHcH78X-QD5Mjn0CQ9ZgCfQU,5844
 pyntcli/commands/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-pyntcli/commands/burp.py,sha256=c3bqAAbrXdiy5aZlUQCWk3qhF_UjuZI_EOfWXJZzjgc,14102
-pyntcli/commands/command.py,sha256=mMf1_bU7IFbE54FN3S3FuPODjHSSSu8aHzHJX-MgEFA,10832
-pyntcli/commands/har.py,sha256=v6yWTuxPpXLlEi3yJ7gUDhFFGJZSpNQ3ehl2oaZJ-wc,4202
+pyntcli/commands/burp.py,sha256=AUJU2cIJ-PSUATxYoHRwDy0K5feqCs-mGdkGle2WcDw,14173
+pyntcli/commands/command.py,sha256=3egvDDr68sTUnyJpUE0bO9TfVy_rgeuM2C4zkMA-9GQ,10903
+pyntcli/commands/har.py,sha256=FKWgTOWwvYFJGazeuttsTJTFjP6g_PUJxzzNoDl8v28,4273
 pyntcli/commands/id_command.py,sha256=UBEgMIpm4vauTCsKyixltiGUolNg_OfHEJvJ_i5BpJY,943
-pyntcli/commands/listen.py,sha256=bsO7c3cHmZyxUTXspCcq_O9BR8tI2qYqOpHtJDb8hZY,8827
-pyntcli/commands/newman.py,sha256=68P1bCjSSjTWrzOwKN_-fGQC4j484KlVpMbezMJOCMo,5045
-pyntcli/commands/postman.py,sha256=ExfvG0iLRmK_rHcqIj8itcd3mh2-BdPuQEDm8viLP6Q,4891
+pyntcli/commands/listen.py,sha256=18D9OdW1EakkK1u54hiOjwAuT5J6nsYb2vqlP1nw8p4,8898
+pyntcli/commands/newman.py,sha256=ssMXY7VvYdMCXS38uLftF7uQ4HmDMYYHra4GvZhcR-g,5116
+pyntcli/commands/postman.py,sha256=kN1PkzPpcUnsbirg17AN9JwJZu6VBt6OeKYrLGrvtFc,4964
 pyntcli/commands/pynt_cmd.py,sha256=AeXxKy8dtZTdwWhTirHVvkPkeFUSoZNb3FRyuwkL6kg,7103
-pyntcli/commands/root.py,sha256=UtGky7LfbfQ6mELHoNJcdHznFrUVBlhXI47_8QdApfc,4068
+pyntcli/commands/root.py,sha256=Lr31nsx2sgM-o3OYEbfqakaxzXHY6irr9uj-X6QWiqk,4325
 pyntcli/commands/static_file_extensions.py,sha256=PZJb02BI-64tbU-j3rdCNsXzTh7gkIDGxGKbKNw3h5k,1995
 pyntcli/commands/sub_command.py,sha256=GF3-rE_qk2L4jGPFqHLm9SdGINmu3EakhjJTFyWjRms,374
-pyntcli/commands/template.py,sha256=KocIH1T7occrrjaWJQaKKGgGWrU1bieTKEJbhFw3KLI,7976
+pyntcli/commands/template.py,sha256=wl-0GhIUUqdO39fyoO7mMsEKXnYqG32XkQdUJhLkdiA,8047
 pyntcli/commands/util.py,sha256=ev06aUlJ9tCSw1eAGVIsGlVVY4u0H6AJG9b5MB_bAzs,4594
 pyntcli/log/__init__.py,sha256=cOGwOYzMoshEbZiiasBGkj6wF0SBu3Jdpl-AuakDesw,19
 pyntcli/log/log.py,sha256=YXCvcCzuhQ5QUT2L02uQEdN_lTCzLEuet4OnLuEnjlM,112
 pyntcli/pynt_docker/__init__.py,sha256=PQIOVxc7XXtMLfEX7ojgwf_Z3mmTllO3ZvzUZTPOxQY,30
 pyntcli/pynt_docker/container_utils.py,sha256=_Onn7loInzyJAG2-Uk6CGpsuRyelmUFHOvtJj4Uzi9A,175
-pyntcli/pynt_docker/pynt_container.py,sha256=3rp9Z9q6pAM6RYuhVIn5f6l0G9tz4j4LRr616-kzLTE,13734
+pyntcli/pynt_docker/pynt_container.py,sha256=u87rBT52rxDYNg8gc0NAs3GhTDS1MFwKLpShJkPlKbA,13861
 pyntcli/store/__init__.py,sha256=1fP8cEAQCF_myja3gnhHH9FEqtBiOJ-2aBmUXSKBdFA,41
 pyntcli/store/json_connector.py,sha256=UGs3uORw3iyn0YJ8kzab-veEZToA6d-ByXYuqEleWsA,560
 pyntcli/store/store.py,sha256=Kl_HT9FJFdKlAH7SwAt3g4-bW-r-1ve_u13OPggQai0,2529
@@ -40,8 +40,8 @@ pyntcli/ui/report.py,sha256=W-icPSZrGLOubXgam0LpOvHLl_aZg9Zx9qIkL8Ym5PE,1930
 pyntcli/ui/ui_thread.py,sha256=XUBgLpYQjVhrilU-ofw7VSXgTiwneSdTxm61EvC3x4Q,5091
 tests/test_utils.py,sha256=t5fTQUk1U_Js6iMxcGYGqt4C-crzOJ0CqCKtLkRtUi0,2050
 tests/commands/test_pynt_cmd.py,sha256=BjGFCFACcSziLrNA6_27t6TjSmvdu54wx9njwLpRSJY,8379
-pyntcli-0.1.111.dist-info/METADATA,sha256=UFWXUEgPkYiQljEHLS2poC0J19AjL9W-GFFDkibWJoE,427
-pyntcli-0.1.111.dist-info/WHEEL,sha256=PZUExdf71Ui_so67QXpySuHtCi3-J3wvF4ORK6k_S8U,91
-pyntcli-0.1.111.dist-info/entry_points.txt,sha256=kcGmqAxXDttNk2EPRcqunc_LTVp61gzakz0v-GEE2SY,43
-pyntcli-0.1.111.dist-info/top_level.txt,sha256=64XSgBzSpgwjYjEKHZE7q3JH2a816zEeyZBXfJi3AKI,42
-pyntcli-0.1.111.dist-info/RECORD,,
+pyntcli-0.1.113.dist-info/METADATA,sha256=8sdhJod-t85esbW4yJ0okltq4ljGEX1_4sQ2u5p5Mhg,427
+pyntcli-0.1.113.dist-info/WHEEL,sha256=In9FTNxeP60KnTkGw7wk6mJPYd_dQSjEZmXdBdMCI-8,91
+pyntcli-0.1.113.dist-info/entry_points.txt,sha256=kcGmqAxXDttNk2EPRcqunc_LTVp61gzakz0v-GEE2SY,43
+pyntcli-0.1.113.dist-info/top_level.txt,sha256=64XSgBzSpgwjYjEKHZE7q3JH2a816zEeyZBXfJi3AKI,42
+pyntcli-0.1.113.dist-info/RECORD,,

{pyntcli-0.1.111.dist-info → pyntcli-0.1.113.dist-info}/WHEEL

@@ -1,5 +1,5 @@
 Wheel-Version: 1.0
-Generator: setuptools (75.6.0)
+Generator: setuptools (75.8.0)
 Root-Is-Purelib: true
 Tag: py3-none-any