Updated core API to support calls that require authorization via the 'Cookie' header

marknca · marknca · commit 8a89c71029a1 · 2016-08-11T21:26:57.000-04:00
diff --git a/deepsecurity/core.py b/deepsecurity/core.py
@@ -76,11 +76,12 @@ def _set_logging(self):
 
     return logger
 
-  def _get_request_format(self, api=None, call=None):
+  def _get_request_format(self, api=None, call=None, use_cookie_auth=False):
     if not api: api = self.API_TYPE_SOAP
     return {
       'api': api,
       'call': call,
+      'use_cookie_auth': use_cookie_auth,
       'query': None,
       'data': None,
     }
@@ -108,6 +109,9 @@ def _request(self, request, auth_required=True):
         REST API calls this will be a dict converted to JSON automatically 
         by this method
 
+      use_cookie_auth
+        Whether or not to use an HTTP Cookie in lieu of a querystring for authorization
+
     ## Output
 
     Returns a dict:
@@ -139,9 +143,9 @@ def _request(self, request, auth_required=True):
     # add the authentication parameters
     if auth_required:
       if request['api'] == self.API_TYPE_REST:
-        # sID is a query string
-        if not request['query']: request['query'] = {}
-        request['query']['sID'] = self._sessions[self.API_TYPE_REST]
+        if not request['use_cookie_auth']: # sID is a query string
+          if not request['query']: request['query'] = {}
+          request['query']['sID'] = self._sessions[self.API_TYPE_REST]
       elif request['api'] == self.API_TYPE_SOAP:
         # sID is part of the data
         if not request['data']: request['data'] = {}
@@ -182,6 +186,11 @@ def _request(self, request, auth_required=True):
 
     # authentication calls don't accept the Accept header
     if request['call'].startswith('authentication'): del(headers['Accept'])
+    
+    # some rest calls use a cookie to pass the sID
+    if request['api'] == self.API_TYPE_REST and request['use_cookie_auth']:
+      headers['Cookie'] = 'sID="{}"'.format(self._sessions[self.API_TYPE_REST])
+
     if request['api'] == self.API_TYPE_REST and request['call'] in [
       'apiVersion',
       'status/manager/ping'
@@ -262,6 +271,7 @@ def _request(self, request, auth_required=True):
           # report the exception as 'info' because it's not fatal and the data is 
           # still captured in result['raw']
           self.log("Could not convert response from call {} to JSON. Threw exception:\n\t{}".format(request['call'], json_err), level='info')
+          
     return result
 
   def _prefix_keys(self, prefix, d):
@@ -458,7 +468,6 @@ def to_dict(self):
 
     return result
 
-
 class CoreList(list):
   def __init__(self, *args):
     super(CoreList, self).__init__(args)
