This repository has been archived by the owner on Jan 13, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
yatcc.py
84 lines (67 loc) · 2.48 KB
/
yatcc.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
#!/usr/bin/env python3
import base64
import hashlib
import hmac
import json
import time
from urllib.parse import urlparse
import requests
def custom_requests_user_agent(ua_str):
"""custom requests user agent with requests version"""
return "{} ({})".format(
ua_str,
requests.utils.default_headers().get('User-Agent', "python-requests")
)
class ThreatConnectClient:
"""TC API config setup and request methods"""
DEFAULT_ORG = "Common Community"
DEFAULT_LOGGING = "critical"
USER_AGENT = custom_requests_user_agent("yaTCc")
def __init__(self,
access_id,
secret_key,
api_url="https://api.threatconnect.com",
default_org=DEFAULT_ORG,
log_level=DEFAULT_LOGGING
):
self.access_id = access_id
self.secret_key = secret_key
self.api_url = api_url
self.default_org = default_org
self.log_level = log_level
def tc_auth_sig(self, url_path, method, timestamp):
message = "{}:{}:{}".format(url_path, method, timestamp)
signature = hmac.new(
self.secret_key.encode(),
message.encode(),
digestmod=hashlib.sha256
).digest()
return base64.b64encode(signature).decode()
def tc_request_headers(self, url_path, method):
timestamp = int(time.time())
signature = self.tc_auth_sig(url_path, method, timestamp)
return {
'Timestamp': str(timestamp),
'Authorization': "TC {}:{}".format(self.access_id, signature),
'User-Agent': self.USER_AGENT,
}
def tc_request(self, path, method):
url = self.api_url + path
# parse full path from config base url + request - required for supporting private API paths
url_path = urlparse(url).path
return requests.get(url, headers=self.tc_request_headers(url_path, method))
# https://docs.threatconnect.com/en/latest/rest_api/overview.html#api-overview
def tc_config_json(tc_config_file):
with open(tc_config_file, 'r') as f:
try:
conf = json.load(f)
except Exception as e:
print("Error reading TC config json file", e)
return -1
return ThreatConnectClient(
conf["api_access_id"],
conf["api_secret_key"],
conf["tc_api_path"],
conf.get("api_default_org", ThreatConnectClient.DEFAULT_ORG),
conf.get("tc_log_level", ThreatConnectClient.DEFAULT_LOGGING)
)