From 524d8755164318dc76fb8176667f0c0a15120f57 Mon Sep 17 00:00:00 2001 From: Pascal Vizeli Date: Mon, 12 Mar 2018 23:40:06 +0100 Subject: [PATCH] Update aioHttp3 (#403) * Update aioHttp3 * fix line ending * fix close session --- hassio/api/__init__.py | 8 ++-- hassio/api/proxy.py | 2 +- hassio/api/security.py | 61 +++++++++++++----------- hassio/core.py | 12 ++--- setup.py | 106 ++++++++++++++++++++--------------------- 5 files changed, 97 insertions(+), 92 deletions(-) diff --git a/hassio/api/__init__.py b/hassio/api/__init__.py index e7297e961..18f742bb1 100644 --- a/hassio/api/__init__.py +++ b/hassio/api/__init__.py @@ -13,7 +13,7 @@ from .proxy import APIProxy from .supervisor import APISupervisor from .snapshots import APISnapshots from .services import APIServices -from .security import security_layer +from .security import SecurityMiddleware from ..coresys import CoreSysAttributes _LOGGER = logging.getLogger(__name__) @@ -25,16 +25,14 @@ class RestAPI(CoreSysAttributes): def __init__(self, coresys): """Initialize docker base wrapper.""" self.coresys = coresys + self.security = SecurityMiddleware(coresys) self.webapp = web.Application( - middlewares=[security_layer], loop=self._loop) + middlewares=[self.security.token_validation], loop=self._loop) # service stuff self._handler = None self.server = None - # middleware - self.webapp['coresys'] = coresys - async def load(self): """Register REST API Calls.""" self._register_supervisor() diff --git a/hassio/api/proxy.py b/hassio/api/proxy.py index 5929b771f..62bb22dc8 100644 --- a/hassio/api/proxy.py +++ b/hassio/api/proxy.py @@ -83,7 +83,7 @@ class APIProxy(CoreSysAttributes): if not data: await response.write_eof() break - response.write(data) + await response.write(data) except aiohttp.ClientError: await response.write_eof() diff --git a/hassio/api/security.py b/hassio/api/security.py index 2b1da39b8..de29f227e 100644 --- a/hassio/api/security.py +++ b/hassio/api/security.py @@ -6,6 +6,7 @@ from aiohttp.web import middleware from aiohttp.web_exceptions import HTTPUnauthorized from ..const import HEADER_TOKEN, REQUEST_FROM +from ..coresys import CoreSysAttributes _LOGGER = logging.getLogger(__name__) @@ -16,35 +17,41 @@ NO_SECURITY_CHECK = set(( )) -@middleware -async def security_layer(request, handler): - """Check security access of this layer.""" - coresys = request.app['coresys'] - hassio_token = request.headers.get(HEADER_TOKEN) +class SecurityMiddleware(CoreSysAttributes): + """Security middleware functions.""" - # Ignore security check - for rule in NO_SECURITY_CHECK: - if rule.match(request.path): - _LOGGER.debug("Passthrough %s", request.path) + def __init__(self, coresys): + """Initialize security middleware.""" + self.coresys = coresys + + @middleware + async def token_validation(self, request, handler): + """Check security access of this layer.""" + hassio_token = request.headers.get(HEADER_TOKEN) + + # Ignore security check + for rule in NO_SECURITY_CHECK: + if rule.match(request.path): + _LOGGER.debug("Passthrough %s", request.path) + return await handler(request) + + # Need to be removed later + if not hassio_token: + _LOGGER.warning("Invalid token for access %s", request.path) + request[REQUEST_FROM] = 'UNKNOWN' return await handler(request) - # Need to be removed later - if not hassio_token: - _LOGGER.warning("Invalid token for access %s", request.path) - request[REQUEST_FROM] = 'UNKNOWN' - return await handler(request) + # Home-Assistant + if hassio_token == self._homeassistant.uuid: + _LOGGER.debug("%s access from Home-Assistant", request.path) + request[REQUEST_FROM] = 'homeassistant' + return await handler(request) - # Home-Assistant - if hassio_token == coresys.homeassistant.uuid: - _LOGGER.debug("%s access from Home-Assistant", request.path) - request[REQUEST_FROM] = 'homeassistant' - return await handler(request) + # Add-on + addon = self._addons.from_uuid(hassio_token) + if addon: + _LOGGER.info("%s access from %s", request.path, addon.slug) + request[REQUEST_FROM] = addon.slug + return await handler(request) - # Add-on - addon = coresys.addons.from_uuid(hassio_token) - if addon: - _LOGGER.info("%s access from %s", request.path, addon.slug) - request[REQUEST_FROM] = addon.slug - return await handler(request) - - raise HTTPUnauthorized() + raise HTTPUnauthorized() diff --git a/hassio/core.py b/hassio/core.py index d2a47f32d..c90a74019 100644 --- a/hassio/core.py +++ b/hassio/core.py @@ -108,10 +108,10 @@ class HassIO(CoreSysAttributes): # don't process scheduler anymore self._scheduler.suspend = True - # process stop tasks - self._websession.close() - self._websession_ssl.close() - # process async stop tasks - await asyncio.wait( - [self._api.stop(), self._dns.stop()], loop=self._loop) + await asyncio.wait([ + self._api.stop(), + self._dns.stop(), + self._websession.close(), + self._websession_ssl.close() + ], loop=self._loop) diff --git a/setup.py b/setup.py index 2eb19533e..fb13f6294 100644 --- a/setup.py +++ b/setup.py @@ -1,53 +1,53 @@ -from setuptools import setup - -from hassio.const import HASSIO_VERSION - - -setup( - name='HassIO', - version=HASSIO_VERSION, - license='BSD License', - author='The Home Assistant Authors', - author_email='hello@home-assistant.io', - url='https://home-assistant.io/', - description=('Open-source private cloud os for Home-Assistant' - ' based on ResinOS'), - long_description=('A maintainless private cloud operator system that' - 'setup a Home-Assistant instance. Based on ResinOS'), - classifiers=[ - 'Intended Audience :: End Users/Desktop', - 'Intended Audience :: Developers', - 'License :: OSI Approved :: Apache Software License', - 'Operating System :: OS Independent', - 'Topic :: Home Automation' - 'Topic :: Software Development :: Libraries :: Python Modules', - 'Topic :: Scientific/Engineering :: Atmospheric Science', - 'Development Status :: 5 - Production/Stable', - 'Intended Audience :: Developers', - 'Programming Language :: Python :: 3.6', - ], - keywords=['docker', 'home-assistant', 'api'], - zip_safe=False, - platforms='any', - packages=[ - 'hassio', - 'hassio.docker', - 'hassio.addons', - 'hassio.api', - 'hassio.misc', - 'hassio.utils', - 'hassio.snapshots' - ], - include_package_data=True, - install_requires=[ - 'async_timeout==2.0.0', - 'aiohttp==2.3.10', - 'docker==3.1.0', - 'colorlog==3.1.2', - 'voluptuous==0.11.1', - 'gitpython==2.1.8', - 'pytz==2018.3', - 'pyudev==0.21.0', - 'pycryptodome==3.4.11' - ] -) +from setuptools import setup + +from hassio.const import HASSIO_VERSION + + +setup( + name='HassIO', + version=HASSIO_VERSION, + license='BSD License', + author='The Home Assistant Authors', + author_email='hello@home-assistant.io', + url='https://home-assistant.io/', + description=('Open-source private cloud os for Home-Assistant' + ' based on ResinOS'), + long_description=('A maintainless private cloud operator system that' + 'setup a Home-Assistant instance. Based on ResinOS'), + classifiers=[ + 'Intended Audience :: End Users/Desktop', + 'Intended Audience :: Developers', + 'License :: OSI Approved :: Apache Software License', + 'Operating System :: OS Independent', + 'Topic :: Home Automation' + 'Topic :: Software Development :: Libraries :: Python Modules', + 'Topic :: Scientific/Engineering :: Atmospheric Science', + 'Development Status :: 5 - Production/Stable', + 'Intended Audience :: Developers', + 'Programming Language :: Python :: 3.6', + ], + keywords=['docker', 'home-assistant', 'api'], + zip_safe=False, + platforms='any', + packages=[ + 'hassio', + 'hassio.docker', + 'hassio.addons', + 'hassio.api', + 'hassio.misc', + 'hassio.utils', + 'hassio.snapshots' + ], + include_package_data=True, + install_requires=[ + 'async_timeout==2.0.0', + 'aiohttp==3.0.7', + 'docker==3.1.1', + 'colorlog==3.1.2', + 'voluptuous==0.11.1', + 'gitpython==2.1.8', + 'pytz==2018.3', + 'pyudev==0.21.0', + 'pycryptodome==3.4.11' + ] +)