ifxlookup/plugins/bluecat.py

from servicebase import ServiceBase
import ipaddress
import requests
import json

class ServiceDelegate(ServiceBase) :

	current_auth_header = None
	_return_payload = {}
	_host = None

	def get_arguments(cls) :
		return ['-b', '--bluecat', 'store_true', 'Return network information about the subject (bluecat)']

	def startup(self) :
		for requirement in ['host','username','key'] :
			if requirement not in self._config or (requirement in self._config and (self._config[requirement] == '' or type(self._config[requirement]) != str)):
				self._error.append('Missing required config option ' + requirement)
				return
		self._host = self._config['host']
		self._current_auth_header = self.get_bc_auth_header(self._config['host'],self._config['username'],self._config['key'])
		self.debug('Logged into BlueCat',1)

	def lookup(self,subject) :
		self._return_payload = {}
		if self._current_auth_header :
			objects = self.search_bc_objects(subject)
			if objects :
				if type(objects) == list :
					object_list = []
					for object in objects :
						result = {'object':object}
						parent = self.search_bc_parent_object(object)
						if parent :
							result.update({'parent':parent})
						object_list.append(result)
					if len(object_list) > 0 :
						return object_list
				else :
					self._return_payload.update({'object':objects})
					parent = self.search_bc_parent_object(subject)
				if parent :
					self._return_payload.update({'parent':parent})
				if len(self._return_payload) > 0 :
					return self._return_payload
				else :
					return None
		else :
			return None

	def shutdown(self) :
		if self._host and self._current_auth_header :
			logout = requests.get('https://' + self._host + '/Services/REST/v1/logout',headers=self._current_auth_header)
			if not logout.text.endswith('successfully logged out.\"') :
				self._error.append('Unable to log out of BlueCat API session')


	def get_bc_auth_header(self,host,username,password) :
		auth_token = requests.get('https://' + host + '/Services/REST/v1/login?username=' + username + '&password=' + password).text[17:71]
		if auth_token.startswith('BAMAuthToken') :
			return { 'Authorization' : auth_token }
		else :
			return None

	def search_bc_objects(self,subject) :
		"""Searches BC for the subject."""
		# Search by IP
		response = requests.get('https://' + self._host + '/Services/REST/v1/searchByObjectTypes?keyword=' + subject + '&types=IP4Address,IP6Address&start=0&count=10',headers=self._current_auth_header)
		return self.clean_response(response)

	def search_bc_parent_object(self,object) :
		"""Search for and return information about the objects parent, if any"""
		if type(object) == dict and 'id' in object :
			response =  requests.get('https://' + self._host + '/Services/REST/v1/getParent?entityId=' + str(object['id']), headers=self._current_auth_header)
			return self.clean_response(response)
		# Make a guess that it belongs to a static net that hasn't been put in bluecat
		elif object != '' :
			for net in ['/27', '/26', '/25', '/24', '/23', '/22'] :
				try :
					ip = ipaddress.IPv4Network(subject + net,strict=False)
					network = str(ip.network_address)
					response = requests.get('https://' + self._host + '/Services/REST/v1/searchByObjectTypes?keyword=' + network + '&types=IP4Network,IP4Block&start=0&count=10',headers=self._current_auth_header)
					if not response.text.startswith('[]') :
						return self.clean_response(response)
				except:
					pass


	def clean_response(self,response) :
		def clean(item) :
			if 'properties' in item :
				item['properties'] = item['properties'][:-1]
				bad_delim_props = [x for x in item['properties'].split('|') if x.count('=') > 1]
				if len(bad_delim_props) > 0 :
					item.update({'unknown':bad_delim_props})
				attributes = dict(x.split('=') for x in item['properties'].split('|') if x.count('=') == 1)
				item.pop('properties', None)
				item.update(attributes)
			return item
		parsed = {}
		try :
			parsed = json.loads(response.text)
		except Exception :
			return parsed
		if type(parsed) == list and len(parsed) > 0 :
			for item in parsed:
				item = clean(item)
			return parsed
		if type(parsed) == dict :
			return clean(parsed)
Finally making some progress here. We have basic plugin loading and IP/hostname distribution. We need to be careful about not consuming too much plugin functionality in the main file. 2019-12-03 20:27:13 +00:00			`from servicebase import ServiceBase`
Added Bluecat guessing parent on empty lookup Crap I'm on the aruba branch 2019-12-11 17:13:53 +00:00			`import ipaddress`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`import requests`
			`import json`
Finally making some progress here. We have basic plugin loading and IP/hostname distribution. We need to be careful about not consuming too much plugin functionality in the main file. 2019-12-03 20:27:13 +00:00
			`class ServiceDelegate(ServiceBase) :`

Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`current_auth_header = None`
More code cleanup 2020-05-26 18:26:01 +00:00			`_return_payload = {}`
			`_host = None`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00
Let's work on some plugins\! 2019-12-04 19:00:50 +00:00			`def get_arguments(cls) :`
More improvements 2020-05-22 18:28:13 +00:00			`return ['-b', '--bluecat', 'store_true', 'Return network information about the subject (bluecat)']`
Finally making some progress here. We have basic plugin loading and IP/hostname distribution. We need to be careful about not consuming too much plugin functionality in the main file. 2019-12-03 20:27:13 +00:00
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`def startup(self) :`
			`for requirement in ['host','username','key'] :`
Removed CPython equalities (is, is not) for 3.8 compatibility 2020-07-14 21:36:46 +00:00			`if requirement not in self._config or (requirement in self._config and (self._config[requirement] == '' or type(self._config[requirement]) != str)):`
More code cleanup 2020-05-26 18:26:01 +00:00			`self._error.append('Missing required config option ' + requirement)`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`return`
More code cleanup 2020-05-26 18:26:01 +00:00			`self._host = self._config['host']`
			`self._current_auth_header = self.get_bc_auth_header(self._config['host'],self._config['username'],self._config['key'])`
Improved Bluecat plugin search results 2020-06-19 20:52:26 +00:00			`self.debug('Logged into BlueCat',1)`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00
Some good progress on making it a module 2020-05-22 02:34:56 +00:00			`def lookup(self,subject) :`
More code cleanup 2020-05-26 18:26:01 +00:00			`self._return_payload = {}`
			`if self._current_auth_header :`
Improved Bluecat plugin search results 2020-06-19 20:52:26 +00:00			`objects = self.search_bc_objects(subject)`
			`if objects :`
Removed CPython equalities (is, is not) for 3.8 compatibility 2020-07-14 21:36:46 +00:00			`if type(objects) == list :`
Improved Bluecat plugin search results 2020-06-19 20:52:26 +00:00			`object_list = []`
			`for object in objects :`
			`result = {'object':object}`
			`parent = self.search_bc_parent_object(object)`
			`if parent :`
			`result.update({'parent':parent})`
			`object_list.append(result)`
			`if len(object_list) > 0 :`
			`return object_list`
			`else :`
			`self._return_payload.update({'object':objects})`
			`parent = self.search_bc_parent_object(subject)`
			`if parent :`
			`self._return_payload.update({'parent':parent})`
			`if len(self._return_payload) > 0 :`
			`return self._return_payload`
			`else :`
			`return None`
I feel like I'm writing more bugs than features 2019-12-06 18:14:19 +00:00			`else :`
More improvements 2020-05-22 18:28:13 +00:00			`return None`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00
			`def shutdown(self) :`
More code cleanup 2020-05-26 18:26:01 +00:00			`if self._host and self._current_auth_header :`
			`logout = requests.get('https://' + self._host + '/Services/REST/v1/logout',headers=self._current_auth_header)`
More improvements 2020-05-22 18:28:13 +00:00			`if not logout.text.endswith('successfully logged out.\"') :`
More code cleanup 2020-05-26 18:26:01 +00:00			`self._error.append('Unable to log out of BlueCat API session')`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00

			`def get_bc_auth_header(self,host,username,password) :`
More improvements 2020-05-22 18:28:13 +00:00			`auth_token = requests.get('https://' + host + '/Services/REST/v1/login?username=' + username + '&password=' + password).text[17:71]`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`if auth_token.startswith('BAMAuthToken') :`
More improvements 2020-05-22 18:28:13 +00:00			`return { 'Authorization' : auth_token }`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`else :`
			`return None`

Improved Bluecat plugin search results 2020-06-19 20:52:26 +00:00			`def search_bc_objects(self,subject) :`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`"""Searches BC for the subject."""`
Changed host_tuple to subject, and it works... ...mostly 2019-12-16 20:47:10 +00:00			`# Search by IP`
More code cleanup 2020-05-26 18:26:01 +00:00			`response = requests.get('https://' + self._host + '/Services/REST/v1/searchByObjectTypes?keyword=' + subject + '&types=IP4Address,IP6Address&start=0&count=10',headers=self._current_auth_header)`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`return self.clean_response(response)`
Finally making some progress here. We have basic plugin loading and IP/hostname distribution. We need to be careful about not consuming too much plugin functionality in the main file. 2019-12-03 20:27:13 +00:00
Improved Bluecat plugin search results 2020-06-19 20:52:26 +00:00			`def search_bc_parent_object(self,object) :`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`"""Search for and return information about the objects parent, if any"""`
Removed CPython equalities (is, is not) for 3.8 compatibility 2020-07-14 21:36:46 +00:00			`if type(object) == dict and 'id' in object :`
Improved Bluecat plugin search results 2020-06-19 20:52:26 +00:00			`response = requests.get('https://' + self._host + '/Services/REST/v1/getParent?entityId=' + str(object['id']), headers=self._current_auth_header)`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`return self.clean_response(response)`
Added Bluecat guessing parent on empty lookup Crap I'm on the aruba branch 2019-12-11 17:13:53 +00:00			`# Make a guess that it belongs to a static net that hasn't been put in bluecat`
Improved Bluecat plugin search results 2020-06-19 20:52:26 +00:00			`elif object != '' :`
Added Bluecat guessing parent on empty lookup Crap I'm on the aruba branch 2019-12-11 17:13:53 +00:00			`for net in ['/27', '/26', '/25', '/24', '/23', '/22'] :`
			`try :`
Changed host_tuple to subject, and it works... ...mostly 2019-12-16 20:47:10 +00:00			`ip = ipaddress.IPv4Network(subject + net,strict=False)`
Added Bluecat guessing parent on empty lookup Crap I'm on the aruba branch 2019-12-11 17:13:53 +00:00			`network = str(ip.network_address)`
More code cleanup 2020-05-26 18:26:01 +00:00			`response = requests.get('https://' + self._host + '/Services/REST/v1/searchByObjectTypes?keyword=' + network + '&types=IP4Network,IP4Block&start=0&count=10',headers=self._current_auth_header)`
Added Bluecat guessing parent on empty lookup Crap I'm on the aruba branch 2019-12-11 17:13:53 +00:00			`if not response.text.startswith('[]') :`
			`return self.clean_response(response)`
			`except:`
			`pass`

Finally making some progress here. We have basic plugin loading and IP/hostname distribution. We need to be careful about not consuming too much plugin functionality in the main file. 2019-12-03 20:27:13 +00:00
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`def clean_response(self,response) :`
Improved Bluecat plugin search results 2020-06-19 20:52:26 +00:00			`def clean(item) :`
			`if 'properties' in item :`
			`item['properties'] = item['properties'][:-1]`
			`bad_delim_props = [x for x in item['properties'].split('\|') if x.count('=') > 1]`
			`if len(bad_delim_props) > 0 :`
			`item.update({'unknown':bad_delim_props})`
			`attributes = dict(x.split('=') for x in item['properties'].split('\|') if x.count('=') == 1)`
			`item.pop('properties', None)`
			`item.update(attributes)`
			`return item`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`parsed = {}`
			`try :`
			`parsed = json.loads(response.text)`
			`except Exception :`
			`return parsed`
Removed CPython equalities (is, is not) for 3.8 compatibility 2020-07-14 21:36:46 +00:00			`if type(parsed) == list and len(parsed) > 0 :`
Improved Bluecat plugin search results 2020-06-19 20:52:26 +00:00			`for item in parsed:`
			`item = clean(item)`
Initial Support for BlueCat plugin 2019-12-05 16:52:32 +00:00			`return parsed`
Removed CPython equalities (is, is not) for 3.8 compatibility 2020-07-14 21:36:46 +00:00			`if type(parsed) == dict :`
Improved Bluecat plugin search results 2020-06-19 20:52:26 +00:00			`return clean(parsed)`