Loading services/TS29222_CAPIF_API_Invoker_Management_API/requirements.txt +5 −4 Original line number Original line Diff line number Diff line connexion[flask, swagger-ui, uvicorn] == 3.1.0; python_version>="3.6" connexion[flask, swagger-ui, uvicorn] == 3.1.0; python_version>="3.6" swagger-ui-bundle >= 0.0.2 swagger-ui-bundle >= 0.0.2 python_dateutil >= 2.6.0 python_dateutil >= 2.6.0 setuptools == 80.9.0 urllib3 >= 2.6.0 setuptools == 74.0.0 Flask == 3.0.3 Flask == 3.0.3 pymongo == 4.7.3 pymongo == 4.7.3 redis == 4.5.4 redis == 4.5.4 flask_jwt_extended == 4.6.0 flask_jwt_extended == 4.6.0 cryptography == 46.0.1 cryptography == 43.0.1 rfc3987 == 1.3.8 rfc3987 == 1.3.8 opentelemetry-instrumentation == 0.41b0 opentelemetry-instrumentation == 0.41b0 opentelemetry-instrumentation-flask == 0.41b0 opentelemetry-instrumentation-flask == 0.41b0 opentelemetry-instrumentation-redis == 0.41b0 opentelemetry-instrumentation-redis == 0.41b0 opentelemetry-instrumentation-pymongo == 0.41b0 opentelemetry-instrumentation-pymongo == 0.41b0 opentelemetry-exporter-otlp == 1.20.0 opentelemetry-exporter-otlp == 1.20.0 opentelemetry-exporter-jaeger == 1.21.0 opentelemetry-exporter-jaeger == 1.20.0 fluent == 0.10.0 fluent == 0.10.0 fluent-logger == 0.10.0 fluent-logger == 0.10.0 opentelemetry-api == 1.20.0 opentelemetry-api == 1.20.0 opentelemetry-sdk == 1.20.0 opentelemetry-sdk == 1.20.0 flask_executor == 1.0.0 flask_executor == 1.0.0 Flask-APScheduler == 1.13.1 Flask-APScheduler == 1.13.1 werkzeug == 3.1.3 werkzeug == 3.0.6 gunicorn == 23.0.0 gunicorn == 23.0.0 packaging == 24.0 packaging == 24.0 No newline at end of file services/TS29222_CAPIF_API_Provider_Management_API/api_provider_management/controllers/individual_api_provider_enrolment_details_controller.py +33 −9 Original line number Original line Diff line number Diff line from functools import wraps from api_provider_management.models.api_provider_enrolment_details import \ APIProviderEnrolmentDetails # noqa: E501 from api_provider_management.models.api_provider_enrolment_details_patch import \ APIProviderEnrolmentDetailsPatch # noqa: E501 from api_provider_management.models.problem_details import \ ProblemDetails # noqa: E501 from flask import current_app, request from flask import current_app, request from cryptography import x509 from cryptography.hazmat.backends import default_backend from ..core.provider_enrolment_details_api import ProviderManagementOperations from ..core.provider_enrolment_details_api import ProviderManagementOperations from ..core.validate_user import ControlAccess from ..models.api_provider_enrolment_details_patch import \ from ..models.api_provider_enrolment_details_patch import \ APIProviderEnrolmentDetailsPatch # noqa: E501 APIProviderEnrolmentDetailsPatch # noqa: E501 provider_management_ops = ProviderManagementOperations() provider_management_ops = ProviderManagementOperations() valid_user = ControlAccess() def cert_validation(): def _cert_validation(f): @wraps(f) def __cert_validation(*args, **kwargs): args = request.view_args cert_tmp = request.headers['X-Ssl-Client-Cert'] cert_raw = cert_tmp.replace('\t', '') cert = x509.load_pem_x509_certificate(str.encode(cert_raw), default_backend()) cn = cert.subject.get_attributes_for_oid(x509.OID_COMMON_NAME)[0].value.strip() if cn != "superadmin": cert_signature = cert.signature.hex() result = valid_user.validate_user_cert(args["registrationId"], cert_signature) if result is not None: return result result = f(**kwargs) return result return __cert_validation return _cert_validation @cert_validation() def modify_ind_api_provider_enrolment(registration_id, body): # noqa: E501 def modify_ind_api_provider_enrolment(registration_id, body): # noqa: E501 """modify_ind_api_provider_enrolment """modify_ind_api_provider_enrolment Loading @@ -29,6 +53,6 @@ def modify_ind_api_provider_enrolment(registration_id, body): # noqa: E501 if request.is_json: if request.is_json: body = APIProviderEnrolmentDetailsPatch.from_dict(request.get_json()) # noqa: E501 body = APIProviderEnrolmentDetailsPatch.from_dict(request.get_json()) # noqa: E501 res = provider_management_ops.update_api_provider_enrolment_details(registration_id, body) res = provider_management_ops.patch_api_provider_enrolment_details(registration_id, body) return res return res services/helper/helper_service/app.py +0 −1 Original line number Original line Diff line number Diff line Loading @@ -120,7 +120,6 @@ for name, pkg in package_paths.items(): openapi_file, # relative to specification_dir (SERVICES_DIR) openapi_file, # relative to specification_dir (SERVICES_DIR) arguments={"title": title}, arguments={"title": title}, pythonic_params=True, pythonic_params=True, # base_path=base_path base_path="/helper/" + base_path base_path="/helper/" + base_path ) ) Loading services/nginx/policies/helper-mtls.conf +1 −1 Original line number Original line Diff line number Diff line map "$endpoint:$method:$role" $helper_mtls_policy { map "$endpoint:$method:$role" $helper_mtls_policy { default "DENY"; default "DENY"; ~^helper_base_tree:.*:superadmin$ ALLOW; ~^helper_base_tree:.*:superadmin$ ALLOW; ~^helper_base_tree:.*:amf$ ALLOW; # ~^helper_base_tree:.*:amf$ ALLOW; } } Loading
services/TS29222_CAPIF_API_Invoker_Management_API/requirements.txt +5 −4 Original line number Original line Diff line number Diff line connexion[flask, swagger-ui, uvicorn] == 3.1.0; python_version>="3.6" connexion[flask, swagger-ui, uvicorn] == 3.1.0; python_version>="3.6" swagger-ui-bundle >= 0.0.2 swagger-ui-bundle >= 0.0.2 python_dateutil >= 2.6.0 python_dateutil >= 2.6.0 setuptools == 80.9.0 urllib3 >= 2.6.0 setuptools == 74.0.0 Flask == 3.0.3 Flask == 3.0.3 pymongo == 4.7.3 pymongo == 4.7.3 redis == 4.5.4 redis == 4.5.4 flask_jwt_extended == 4.6.0 flask_jwt_extended == 4.6.0 cryptography == 46.0.1 cryptography == 43.0.1 rfc3987 == 1.3.8 rfc3987 == 1.3.8 opentelemetry-instrumentation == 0.41b0 opentelemetry-instrumentation == 0.41b0 opentelemetry-instrumentation-flask == 0.41b0 opentelemetry-instrumentation-flask == 0.41b0 opentelemetry-instrumentation-redis == 0.41b0 opentelemetry-instrumentation-redis == 0.41b0 opentelemetry-instrumentation-pymongo == 0.41b0 opentelemetry-instrumentation-pymongo == 0.41b0 opentelemetry-exporter-otlp == 1.20.0 opentelemetry-exporter-otlp == 1.20.0 opentelemetry-exporter-jaeger == 1.21.0 opentelemetry-exporter-jaeger == 1.20.0 fluent == 0.10.0 fluent == 0.10.0 fluent-logger == 0.10.0 fluent-logger == 0.10.0 opentelemetry-api == 1.20.0 opentelemetry-api == 1.20.0 opentelemetry-sdk == 1.20.0 opentelemetry-sdk == 1.20.0 flask_executor == 1.0.0 flask_executor == 1.0.0 Flask-APScheduler == 1.13.1 Flask-APScheduler == 1.13.1 werkzeug == 3.1.3 werkzeug == 3.0.6 gunicorn == 23.0.0 gunicorn == 23.0.0 packaging == 24.0 packaging == 24.0 No newline at end of file
services/TS29222_CAPIF_API_Provider_Management_API/api_provider_management/controllers/individual_api_provider_enrolment_details_controller.py +33 −9 Original line number Original line Diff line number Diff line from functools import wraps from api_provider_management.models.api_provider_enrolment_details import \ APIProviderEnrolmentDetails # noqa: E501 from api_provider_management.models.api_provider_enrolment_details_patch import \ APIProviderEnrolmentDetailsPatch # noqa: E501 from api_provider_management.models.problem_details import \ ProblemDetails # noqa: E501 from flask import current_app, request from flask import current_app, request from cryptography import x509 from cryptography.hazmat.backends import default_backend from ..core.provider_enrolment_details_api import ProviderManagementOperations from ..core.provider_enrolment_details_api import ProviderManagementOperations from ..core.validate_user import ControlAccess from ..models.api_provider_enrolment_details_patch import \ from ..models.api_provider_enrolment_details_patch import \ APIProviderEnrolmentDetailsPatch # noqa: E501 APIProviderEnrolmentDetailsPatch # noqa: E501 provider_management_ops = ProviderManagementOperations() provider_management_ops = ProviderManagementOperations() valid_user = ControlAccess() def cert_validation(): def _cert_validation(f): @wraps(f) def __cert_validation(*args, **kwargs): args = request.view_args cert_tmp = request.headers['X-Ssl-Client-Cert'] cert_raw = cert_tmp.replace('\t', '') cert = x509.load_pem_x509_certificate(str.encode(cert_raw), default_backend()) cn = cert.subject.get_attributes_for_oid(x509.OID_COMMON_NAME)[0].value.strip() if cn != "superadmin": cert_signature = cert.signature.hex() result = valid_user.validate_user_cert(args["registrationId"], cert_signature) if result is not None: return result result = f(**kwargs) return result return __cert_validation return _cert_validation @cert_validation() def modify_ind_api_provider_enrolment(registration_id, body): # noqa: E501 def modify_ind_api_provider_enrolment(registration_id, body): # noqa: E501 """modify_ind_api_provider_enrolment """modify_ind_api_provider_enrolment Loading @@ -29,6 +53,6 @@ def modify_ind_api_provider_enrolment(registration_id, body): # noqa: E501 if request.is_json: if request.is_json: body = APIProviderEnrolmentDetailsPatch.from_dict(request.get_json()) # noqa: E501 body = APIProviderEnrolmentDetailsPatch.from_dict(request.get_json()) # noqa: E501 res = provider_management_ops.update_api_provider_enrolment_details(registration_id, body) res = provider_management_ops.patch_api_provider_enrolment_details(registration_id, body) return res return res
services/helper/helper_service/app.py +0 −1 Original line number Original line Diff line number Diff line Loading @@ -120,7 +120,6 @@ for name, pkg in package_paths.items(): openapi_file, # relative to specification_dir (SERVICES_DIR) openapi_file, # relative to specification_dir (SERVICES_DIR) arguments={"title": title}, arguments={"title": title}, pythonic_params=True, pythonic_params=True, # base_path=base_path base_path="/helper/" + base_path base_path="/helper/" + base_path ) ) Loading
services/nginx/policies/helper-mtls.conf +1 −1 Original line number Original line Diff line number Diff line map "$endpoint:$method:$role" $helper_mtls_policy { map "$endpoint:$method:$role" $helper_mtls_policy { default "DENY"; default "DENY"; ~^helper_base_tree:.*:superadmin$ ALLOW; ~^helper_base_tree:.*:superadmin$ ALLOW; ~^helper_base_tree:.*:amf$ ALLOW; # ~^helper_base_tree:.*:amf$ ALLOW; } }
