pyntcli 0.1.29__py3-none-any.whl → 0.1.31__py3-none-any.whl

build/lib/build/lib/build/lib/tests/auth/test_login.py

@@ -0,0 +1,96 @@
+from urllib.parse import urlparse
+import json
+from _pytest.monkeypatch import monkeypatch
+import pytest
+import requests
+import requests_mock
+import datetime
+import jwt
+import os
+from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives import serialization
+
+from pyntcli.auth.login import Login, Timeout, InvalidTokenInEnvVarsException, is_jwt_expired, should_login, PYNT_CREDENTIALS
+from pyntcli.store import CredStore
+
+
+class TestLogin():
+    @pytest.fixture
+    def mock_webbrowser(self, mocker):
+        try:
+            mocker.patch("webbrowser.open", return_value=None)
+            yield
+        finally:
+            pass
+    
+    def get_request_url_parameters(self, req: requests.PreparedRequest) :
+        u = req.url
+        parsed_url = urlparse(u)
+        return parsed_url.query
+
+    def poll_matcher(self, request: requests.PreparedRequest):
+        assert "request_id" in self.get_request_url_parameters(request)
+
+        resp = requests.Response()
+        self.login_request_cnt += 1
+        if self.login_request_cnt < 2:
+            resp.status_code = 404
+            return resp
+        
+        resp.status_code = 200
+        resp._content = json.dumps({"token": "testToken"}).encode()
+        return resp
+
+    def test_login(self, mock_webbrowser, mock_sleep, mock_expanduser):
+        l = Login()
+        self.login_request_cnt = 0
+        with requests_mock.mock() as m: 
+            m.add_matcher(self.poll_matcher)
+            l.login() 
+
+        assert self.login_request_cnt == 2
+        c = CredStore()
+        assert c.get("token") == {"token": "testToken"}
+
+    def test_login_timeout(self, mock_webbrowser, mock_sleep, mock_expanduser):
+        l = Login() 
+        l.login_wait_period = 0
+        self.login_request_cnt = 0
+        with pytest.raises(Timeout):
+            with requests_mock.mock() as m:
+                m.add_matcher(self.poll_matcher)
+                l.get_token_using_request_id("some_id")
+    
+    
+    def test_is_jwt_expired(self):
+
+        private_key = rsa.generate_private_key(
+            public_exponent=65537,
+            key_size=2048
+        ).private_bytes(encoding=serialization.Encoding.PEM,
+                        format=serialization.PrivateFormat.PKCS8, 
+                        encryption_algorithm=serialization.NoEncryption())
+
+
+        token_data = {
+                "exp": int((datetime.datetime.now() - datetime.timedelta(days=1)).timestamp())
+                }
+
+        token = jwt.encode(token_data, private_key.decode(), algorithm="RS256").decode("utf-8")
+        assert is_jwt_expired(token) == True
+
+        token_data = {
+                "exp": int((datetime.datetime.now() + datetime.timedelta(days=1)).timestamp())
+                }
+
+        token = jwt.encode(token_data, private_key.decode(), algorithm="RS256").decode("utf-8")
+        assert is_jwt_expired(token) == False
+
+    def test_login_using_env_vars(self, mocker, mock_expanduser):
+        creds = json.dumps({"token": {"refresh_token": "some data"}})
+        mocker.patch.dict(os.environ, {PYNT_CREDENTIALS: creds})
+        assert should_login() == False 
+        
+        os.environ[PYNT_CREDENTIALS] = "some bad credentials"
+        with pytest.raises(InvalidTokenInEnvVarsException):
+            should_login()

build/lib/build/lib/build/lib/tests/conftest.py

@@ -0,0 +1,24 @@
+import tempfile
+import pytest
+import shutil
+
+import sys 
+sys.path.append("../")
+
+@pytest.fixture
+def mock_expanduser( mocker):
+    dir = tempfile.mkdtemp() 
+    try:
+        mocker.patch("os.path.expanduser", return_value=dir)
+        yield
+    finally:
+        shutil.rmtree(dir)
+
+@pytest.fixture
+def mock_sleep( mocker):
+    try:
+        mocker.patch("time.sleep", return_value=None)
+        yield
+    finally:
+        pass
+

build/lib/build/lib/build/lib/tests/store/test_cred_store.py

@@ -0,0 +1,11 @@
+import tempfile
+import shutil
+import pytest
+
+from pyntcli.store import CredStore
+
+class TestCredStore():
+    def test_get_credentials(self, mock_expanduser):
+        c = CredStore()
+        c.put("data", "value")
+        assert c.get("data") == "value" 

build/lib/build/lib/pyntcli/__init__.py

@@ -0,0 +1 @@
+__version__ = "0.1.31"

build/lib/build/lib/pyntcli/analytics/send.py

@@ -0,0 +1,70 @@
+import requests
+import time
+import platform
+
+from pyntcli import __version__
+
+PYNT_DEFAULT_USER_ID = "d9e3b82b-2900-43bf-8c8f-7ffe2f0cda36"
+MIXPANEL_TOKEN = "05c26edb86084bbbb803eed6818cd8aa"
+MIXPANEL_URL = "https://api-eu.mixpanel.com/track?ip=1"
+
+def stop():
+    if not AnalyticsSender._instance:
+        return
+    AnalyticsSender.instance().done()
+
+def emit(event, properties=None):
+    AnalyticsSender.instance().emit(event, properties)
+
+def set_user_id(user_id):
+    AnalyticsSender.instance().set_user_id(user_id)
+
+CLI_START = "cli_start"
+LOGIN_START = "cli_login_start"
+LOGIN_DONE = "cli_login_done"
+ERROR = "error"
+
+class AnalyticsSender():
+    _instance = None
+
+    def __init__(self, user_id=PYNT_DEFAULT_USER_ID) -> None:
+        self.user_id = user_id
+        self.version = __version__
+        self.events = []
+    
+    @staticmethod
+    def instance():
+        if not AnalyticsSender._instance:
+            AnalyticsSender._instance = AnalyticsSender()
+
+        return AnalyticsSender._instance
+
+    def base_event(self, event_type):
+        return { 
+        "event": event_type,
+        "properties":  {
+            "time": time.time(),
+            "distinct_id": self.user_id,
+            "$os": platform.platform(),
+            "cli_version": self.version,
+            "token": MIXPANEL_TOKEN
+            }
+        }
+
+    def emit(self, event, properties):
+        base_event = self.base_event(event)
+        
+        if properties:
+            for k,v in properties.items():
+                base_event["properties"][k] = v
+
+        self.events.append(base_event)
+
+    def set_user_id(self, user_id):
+        self.user_id = user_id
+        for i, _ in enumerate(self.events): 
+            self.events[i]["properties"]["distinct_id"] = user_id
+
+    def done(self):
+        requests.post(MIXPANEL_URL, json=self.events)
+        self.events = []

build/lib/build/lib/pyntcli/auth/login.py

@@ -0,0 +1,156 @@
+from base64 import b64decode
+import requests
+import webbrowser
+import uuid
+import urllib.parse
+import datetime
+import time
+import json
+import os
+
+from pyntcli.ui import ui_thread
+from pyntcli.store import CredStore
+
+class LoginException(Exception):
+    pass
+
+class Timeout(LoginException):
+    pass
+
+class InvalidTokenInEnvVarsException(LoginException):
+    pass
+
+PYNT_CREDENTIALS = "PYNT_CREDENTIALS"
+
+class Login():
+    def __init__(self) -> None:
+        self.delay = 5
+        self.base_authorization_url = "https://pynt.io/login?"
+        self.poll_url = "https://n592meacjj.execute-api.us-east-1.amazonaws.com/default/cli_validate_login"
+        self.login_wait_period = (60 *3) #3 minutes
+
+    def create_login_request(self): 
+        request_id = uuid.uuid4()
+        request_url = self.base_authorization_url + urllib.parse.urlencode({"request_id": request_id, "utm_source": "cli"})
+        webbrowser.open(request_url)
+
+        ui_thread.print(ui_thread.PrinterText("To continue, you need to log in to your account.")\
+                                 .with_line("You will now be redirected to the login page.") \
+                                 .with_line("") \
+                                 .with_line("If you are not automatically redirected, please click on the link provided below (or copy to your web browser)") \
+                                 .with_line(request_url))
+        return request_id
+
+    def get_token_using_request_id(self, request_id):
+        with ui_thread.spinner("Waiting...", "point"):
+            start = time.time()
+            while start + self.login_wait_period > time.time():
+                response = requests.get(self.poll_url, params={"request_id": request_id})
+                if response.status_code == 200:
+                    return response.json()
+                time.sleep(self.delay)
+            raise Timeout()
+    
+    def login(self):
+        id = self.create_login_request()
+        token = self.get_token_using_request_id(id)
+        with CredStore() as store: 
+            store.put("token", token)
+
+
+def refresh_request(refresh_token):
+    return requests.post("https://auth.pynt.io/default/refresh", json={"refresh_token": refresh_token})
+
+def refresh_token():
+    token = None
+    with CredStore() as store: 
+        token = store.get("token")
+
+    if not token: 
+        Login().login()
+    
+    access_token = token.get("access_token")
+    if access_token and not is_jwt_expired(access_token):
+        return
+
+    refresh = token.get("refresh_token", None)
+    if not refresh:
+        Login().login()
+        return
+
+    refresh_response = refresh_request(refresh) 
+    if refresh_response.status_code != 200:
+        Login().login()
+        return 
+
+    with CredStore() as store:
+        token["access_token"] = refresh_response.json()["token"]
+        store.put("token", token)
+
+def decode_jwt(jwt_token):
+    splited = jwt_token.split(".")
+    if len(splited) != 3: 
+        return None
+
+    return json.loads(b64decode(splited[1] + '=' * (-len(splited[1]) % 4)))
+
+def user_id():
+    with CredStore() as store:
+        token = store.get("token")
+        if not token:
+            return None 
+
+        decoded = decode_jwt(token["access_token"])
+        if not decoded:
+            return None
+        
+        return decoded.get("sub", None)
+
+    return None
+
+def is_jwt_expired(jwt_token):
+    decoded = decode_jwt(jwt_token)
+    if not decoded:
+        return True
+
+    exp = decoded.get("exp", None)
+    if not exp: 
+        return True 
+    
+    return datetime.datetime.fromtimestamp(exp) < datetime.datetime.now() + datetime.timedelta(minutes=1) 
+
+def validate_creds_structure(data):
+    try: 
+        creds = json.loads(data.replace("\n", ""))
+        token = creds.get("token", None)
+        if not token:
+            raise InvalidTokenInEnvVarsException()
+        if not isinstance(token, dict):
+            raise InvalidTokenInEnvVarsException()
+        
+        refresh_token = token.get("refresh_token", None)
+        if not refresh_token:
+            raise InvalidTokenInEnvVarsException()
+        
+        return token
+    except json.JSONDecodeError:    
+        raise InvalidTokenInEnvVarsException()
+  
+
+def should_login(): 
+    env_creds = os.environ.get(PYNT_CREDENTIALS, None)
+    if env_creds:
+        validated_creds = validate_creds_structure(env_creds)
+        with CredStore() as store:
+            store.put("token", validated_creds)
+
+    with CredStore() as store:
+        token = store.get("token")
+
+        if not token or token == store.connector.default_value:
+            return True
+            
+        if not token.get("refresh_token"):
+            return True 
+        
+        return False

build/lib/build/lib/pyntcli/commands/har.py

@@ -0,0 +1,68 @@
+import argparse
+import time
+import os
+
+from pyntcli.store.store import CredStore
+from pyntcli.pynt_docker import pynt_container
+from pyntcli.ui import ui_thread
+from pyntcli.ui.progress import connect_progress_ws, wrap_ws_progress
+from pyntcli.commands import sub_command, util
+
+def har_usage():
+    return ui_thread.PrinterText("Integration with static har file testing") \
+            .with_line("") \
+            .with_line("Usage:", style=ui_thread.PrinterText.HEADER) \
+            .with_line("\tpynt har [OPTIONS]") \
+            .with_line("") \
+            .with_line("Options:", style=ui_thread.PrinterText.HEADER) \
+            .with_line("\t--har - Path to har file") 
+
+class HarSubCommand(sub_command.PyntSubCommand):
+    def __init__(self, name) -> None:
+        super().__init__(name)
+
+    def usage(self, *args):
+        ui_thread.print(har_usage())
+
+    def add_cmd(self, parent: argparse._SubParsersAction) -> argparse.ArgumentParser:
+        har_cmd = parent.add_parser(self.name)
+        har_cmd.add_argument("--har", type=str, required=True)
+        har_cmd.print_usage = self.usage
+        har_cmd.print_help = self.usage
+        return har_cmd
+    
+    def run_cmd(self, args: argparse.Namespace):
+        port = str(util.find_open_port())
+        docker_type , docker_arguments = pynt_container.get_container_with_arguments(pynt_container.PyntDockerPort(src=port, dest=port, name="--port"))
+        mounts = []
+
+        if not os.path.isfile(args.har): 
+            ui_thread.print(ui_thread.PrinterText("Could not find the provided har path, please provide with a valid har path", ui_thread.PrinterText.WARNING))
+            return
+
+        har_name = os.path.basename(args.har)
+        docker_arguments += ["--har", har_name]
+        mounts.append(pynt_container.create_mount(os.path.abspath(args.har), "/etc/pynt/{}".format(har_name)))
+
+        mounts.append(pynt_container.create_mount(CredStore().get_path(), "/app/creds.json"))
+
+        if "insecure" in args and args.insecure:
+            docker_arguments.append("--insecure")
+        
+        if "dev_flags" in args: 
+            docker_arguments += args.dev_flags.split(" ")
+        
+        har_docker = pynt_container.PyntContainer(image_name=pynt_container.PYNT_DOCKER_IMAGE,
+                                                     tag="har-latest",
+                                                     detach=True,
+                                                     mounts=mounts,
+                                                     args=docker_arguments)
+
+        har_docker.run(docker_type)
+    
+        util.wait_for_healthcheck("http://localhost:{}".format(port))
+        ui_thread.print_generator(ui_thread.AnsiText.wrap_gen(har_docker.stdout))
+    
+        with ui_thread.progress(wrap_ws_progress(connect_progress_ws("ws://localhost:{}/progress".format(port))), "scan in progress..."):
+            while har_docker.is_alive():
+                time.sleep(1)

build/lib/build/lib/pyntcli/commands/id_command.py

@@ -0,0 +1,28 @@
+import argparse
+
+from pyntcli.store.store import CredStore
+from pyntcli.commands import sub_command
+from pyntcli.ui import ui_thread
+
+def pyntid_usage():
+    return ui_thread.PrinterText("View your pynt-id to use when running pynt in CI pipeline") \
+        .with_line("") \
+        .with_line("Usage:",style=ui_thread.PrinterText.HEADER) \
+        .with_line("\tpynt pynt-id")
+
+class PyntShowIdCommand(sub_command.PyntSubCommand): 
+    def __init__(self, name) -> None:
+        super().__init__(name)
+
+    def usage(self, *args):
+        ui_thread.print(pyntid_usage())
+
+    def add_cmd(self, parent: argparse._SubParsersAction) -> argparse.ArgumentParser:
+        cmd = parent.add_parser(self.name)
+        cmd.print_usage = self.usage
+        cmd.print_help = self.usage
+        return cmd
+
+    def run_cmd(self, args: argparse.Namespace):
+        creds_path = CredStore().get_path() 
+        ui_thread.print(open(creds_path, "r").read())

build/lib/build/lib/pyntcli/commands/newman.py

@@ -0,0 +1,85 @@
+import argparse
+import time
+import os
+
+from pyntcli.store.store import CredStore
+from pyntcli.pynt_docker import pynt_container
+from pyntcli.commands import sub_command, util
+from pyntcli.ui import ui_thread
+from pyntcli.ui.progress import connect_progress_ws, wrap_ws_progress
+
+def newman_usage():
+    return ui_thread.PrinterText("Integration with newman, run scan using postman collection from the CLI") \
+            .with_line("") \
+            .with_line("Usage:", style=ui_thread.PrinterText.HEADER) \
+            .with_line("\tpynt newman [OPTIONS]") \
+            .with_line("") \
+            .with_line("Options:", style=ui_thread.PrinterText.HEADER) \
+            .with_line("\t--collection - Postman collection file name") \
+            .with_line("\t--environment - Postman environment file name") \
+            .with_line("\t--reporters output results to json")
+
+class NewmanSubCommand(sub_command.PyntSubCommand):
+    def __init__(self, name) -> None:
+        super().__init__(name)
+
+    def usage(self, *args): 
+        ui_thread.print(newman_usage())
+
+    def add_cmd(self, parent: argparse._SubParsersAction) -> argparse.ArgumentParser:
+        newman_cmd = parent.add_parser(self.name)
+        newman_cmd.add_argument("--collection", type=str, required=True) 
+        newman_cmd.add_argument("--environment", type=str, required=False) 
+        newman_cmd.add_argument("--reporters", type=bool, required=False) 
+        newman_cmd.print_usage = self.usage
+        newman_cmd.print_help = self.usage
+        return newman_cmd
+
+    def run_cmd(self, args: argparse.Namespace):
+        port = str(util.find_open_port())
+        docker_type , docker_arguments = pynt_container.get_container_with_arguments(pynt_container.PyntDockerPort(src=port, dest=port, name="--port"))
+        mounts = []
+
+        if not os.path.isfile(args.collection): 
+            ui_thread.print(ui_thread.PrinterText("Could not find the provided collection path, please provide with a valid collection path", ui_thread.PrinterText.WARNING))
+            return
+        
+        collection_name = os.path.basename(args.collection)
+        docker_arguments += ["-c", collection_name]
+        mounts.append(pynt_container.create_mount(os.path.abspath(args.collection), "/etc/pynt/{}".format(collection_name)))
+         
+        if "environment" in args and args.environment:
+            if not os.path.isfile(args.environment):
+                ui_thread.print(ui_thread.PrinterText("Could not find the provided environment path, please provide with a valid environment path", ui_thread.PrinterText.WARNING))
+                return
+            
+            env_name = os.path.basename(args.environment)
+            docker_arguments += ["-e", env_name]
+            mounts.append(pynt_container.create_mount(os.path.abspath(args.environment), "/etc/pynt/{}".format(env_name)))
+        
+        mounts.append(pynt_container.create_mount(CredStore().get_path(), "/app/creds.json"))
+
+        if "reporters" in args and args.reporters: 
+            open(os.path.join(os.getcwd(), "results.json"), "w").close()
+            mounts.append(pynt_container.create_mount(os.path.join(os.getcwd(), "results.json"), "/etc/pynt/results/results.json"))
+            docker_arguments.append("--reporters")
+
+        if "insecure" in args and args.insecure:
+            docker_arguments.append("--insecure")
+        
+        if "dev_flags" in args: 
+            docker_arguments += args.dev_flags.split(" ")
+        
+        newman_docker = pynt_container.PyntContainer(image_name=pynt_container.PYNT_DOCKER_IMAGE,
+                                                     tag="latest",
+                                                     detach=True,
+                                                     mounts=mounts,
+                                                     args=docker_arguments)
+
+        newman_docker.run(docker_type)
+        util.wait_for_healthcheck("http://localhost:{}".format(port))
+        ui_thread.print_generator(ui_thread.AnsiText.wrap_gen(newman_docker.stdout))
+    
+        with ui_thread.progress(wrap_ws_progress(connect_progress_ws("ws://localhost:{}/progress".format(port))), "scan in progress..."):
+            while newman_docker.is_alive():
+                time.sleep(1)

build/lib/build/lib/pyntcli/commands/postman.py

@@ -0,0 +1,58 @@
+import argparse
+import time 
+
+from pyntcli.store.store import CredStore
+from . import sub_command, util
+from pyntcli.pynt_docker import pynt_container
+from pyntcli.ui import ui_thread
+
+def postman_usage():
+    return ui_thread.PrinterText("Integration with postman, run scan from pynt postman collection") \
+        .with_line("") \
+        .with_line("Usage:",style=ui_thread.PrinterText.HEADER) \
+        .with_line("\tpynt postman [OPTIONS]") \
+        .with_line("") \
+        .with_line("Options:",style=ui_thread.PrinterText.HEADER) \
+        .with_line("\t--port - set the port pynt will listen to (DEFAULT: 5001)") \
+        .with_line("\t--insecure - use when target uses self signed certificates")
+
+class PostmanSubCommand(sub_command.PyntSubCommand): 
+    def __init__(self, name) -> None:
+        super().__init__(name)
+
+    def usage(self, *args):
+        ui_thread.print(postman_usage())
+
+    def add_cmd(self, parent_command: argparse._SubParsersAction) -> argparse.ArgumentParser: 
+        postman_cmd = parent_command.add_parser(self.name)
+        postman_cmd.add_argument("--port", "-p", help="set the port pynt will listen to (DEFAULT: 5001)", type=int, default=5001)
+        postman_cmd.print_usage = self.usage
+        postman_cmd.print_help = self.usage
+        return postman_cmd
+
+    def run_cmd(self, args: argparse.Namespace):
+        docker_type, docker_arguments = pynt_container.get_container_with_arguments(pynt_container.PyntDockerPort("5001", args.port, "--port"))
+
+        creds_path = CredStore().get_path()
+        
+        if "insecure" in args and args.insecure:
+            docker_arguments.append("--insecure")
+        
+        if "dev_flags" in args: 
+            docker_arguments += args.dev_flags.split(" ")
+        
+        if util.is_port_in_use(args.port):
+            ui_thread.print(ui_thread.PrinterText("Port: {} already in use, please use a different one".format(args.port), ui_thread.PrinterText.WARNING))
+            return 
+
+        postman_docker = pynt_container.PyntContainer(image_name=pynt_container.PYNT_DOCKER_IMAGE, 
+                                            tag="postman-latest", 
+                                            mounts=[pynt_container.create_mount(creds_path, "/app/creds.json")],
+                                            detach=True, 
+                                            args=docker_arguments)
+
+        postman_docker.run(docker_type)
+        ui_thread.print_generator(postman_docker.stdout) 
+        
+        while postman_docker.is_alive():
+            time.sleep(1)