Merge pull request nccgroup#7 from lmx-outscale/osc_provider_auth

Multiple fixes, still WIP and not working
outscale · Aug 6, 2020 · 8329639 · 8329639
2 parents 306aa5e + daa49f0
commit 8329639
Show file tree

Hide file tree

Showing 9 changed files with 89 additions and 35 deletions.
diff --git a/ScoutSuite/providers/osc/facade/base.py b/ScoutSuite/providers/osc/facade/base.py
@@ -1,11 +1,17 @@
 from ScoutSuite.providers.osc.facade.basefacade import OSCBaseFacade
 from ScoutSuite.providers.osc.facade.api import ApiFacade
+from ScoutSuite.providers.osc.facade.fcu import FCUFacade
 import requests
 
 class OSCFacade(OSCBaseFacade):
     def __init__(self, credentials=None):
         super(OSCFacade, self).__init__()
-        self.session = credentials.session
+        import logging
+        logging.getLogger('scout').critical("OSC ::: OSCFacade::__init__()")
+        logging.getLogger('scout').critical(f"credentials {credentials}")
+        logging.getLogger('scout').critical(f"session {credentials.session}")
+        # self.session = credentials.session
+        self.session = credentials
         self._instantiate_facades()
 
     async def build_region_list(self, service: str, chosen_regions=None,
@@ -15,7 +21,18 @@ async def build_region_list(self, service: str, chosen_regions=None,
         regions_list = []
         for region in regions:
             regions_list.append(region["RegionName"])
+
+        not_opted_in_regions = []
+        # TODO
+
+        if chosen_regions:
+            regions = [r for r in regions if r in chosen_regions]
+        if excluded_regions:
+            regions = [r for r in regions if r not in excluded_regions]
+        if not_opted_in_regions:
+            regions = [r for r in regions if r not in not_opted_in_regions]
         return regions
 
     def _instantiate_facades(self):
-        self.api = ApiFacade(self.session)
+        self.api = ApiFacade(self.session)
+        self.fcu = FCUFacade(self.session)
diff --git a/ScoutSuite/providers/osc/facade/basefacade.py b/ScoutSuite/providers/osc/facade/basefacade.py
@@ -3,5 +3,4 @@
 
 class OSCBaseFacade(object):
     def __init__(self, session: Gateway = None):
-        logging.getLogger('scout').critical(f"Gateway :: {Gateway}")
         self.session = session
diff --git a/ScoutSuite/providers/osc/facade/fcu.py b/ScoutSuite/providers/osc/facade/fcu.py
@@ -10,18 +10,21 @@
 from ScoutSuite.providers.utils import run_concurrently
 
 
-class FcuFacade(OSCBaseFacade):
-    regional_flow_logs_cache_locks = {}
-    flow_logs_cache = {}
+class FCUFacade(OSCBaseFacade):
+    def __init__(self, session: Gateway):
+    # def __init__(self, session: Gateway, owner_id: str):
+        # self.owner_id = owner_id
+        self.session = session
+        super(FCUFacade, self).__init__(session)
 
-    def __init__(self, session: Gateway, owner_id: str):
-        self.owner_id = owner_id
-
-        super(FcuFacade, self).__init__(session)
-
-    async def get_security_groups(self):
+    async def get_security_groups(self, region: str, vpc: str = None):
+        import logging
+        logging.getLogger('scout').critical("OSC ::: FCUFacade::get_security_groups()")
         try:
+            # return await OSCFacadeUtils.get_all_pages(
+            #     'fcu', region, self.session, 'describe_security_groups', 'SecurityGroups', Filters=filters
+            # )
             return await OSCFacadeUtils.get_all_security_groups(self.session)
         except Exception as e:
-            print_exception('Failed to describe Fcu security groups: {}'.format(e))
+            print_exception('Failed to describe FCU security groups: {}'.format(e))
             return []
diff --git a/ScoutSuite/providers/osc/facade/utils.py b/ScoutSuite/providers/osc/facade/utils.py
@@ -1,8 +1,14 @@
+from osc_sdk_python import Gateway
+
 
 class OSCFacadeUtils:
     @staticmethod
-    def get_all_security_groups(session):
+    async def get_all_security_groups(session: Gateway):
+        import logging
+        logging.getLogger('scout').critical("OSC ::: OSCFacadeUtils::get_security_groups()")
+        logging.getLogger('scout').critical(f"session ::: {session}")
         return session.ReadSecurityGroups()
+
     @staticmethod
     def _get_outscale_endpoint(region, version, action):
         return "https://api.{}.outscale.com/api/{}/{}".format(

diff --git a/ScoutSuite/providers/osc/resources/api/base.py b/ScoutSuite/providers/osc/resources/api/base.py
@@ -2,15 +2,16 @@
 #from ScoutSuite.providers.osc.resources.api.volumes import Volumes
 #from ScoutSuite.providers.osc.resources.api.vpcs import Vpcs
 #from ScoutSuite.providers.osc.resources.api.instances import Instances
+from ScoutSuite.providers.osc.resources.fcu.securitygroups import SecurityGroups
 from ScoutSuite.providers.osc.resources.regions import Regions
 
 
 class Api(Regions):
     _children = [
         #(Vpcs, 'vpcs'),
         #(Instances, 'instances'),
-        (Snapshots, 'snapshots'),
-       # (Volumes, 'volumes')
+        #(Snapshots, 'snapshots'),
+        #(Volumes, 'volumes')
     ]
 
     def __init__(self, facade):

diff --git a/ScoutSuite/providers/osc/resources/api/snapshots.py b/ScoutSuite/providers/osc/resources/api/snapshots.py
@@ -9,7 +9,8 @@ def __init__(self, facade: OSCFacade, region: str):
         self.region = region
 
     async def fetch_all(self):
-        raw_snapshots = await self.facade.api.list_snapshots()
+        # raw_snapshots = await self.facade.api.list_snapshots()
+        raw_snapshots = []
         for raw_snapshot in raw_snapshots:
             name, resource = self._parse_snapshot(raw_snapshot)
             self[name] = resource
diff --git a/ScoutSuite/providers/osc/resources/fcu/base.py b/ScoutSuite/providers/osc/resources/fcu/base.py
@@ -2,10 +2,12 @@
 # from ScoutSuite.providers.osc.resources.fcu.snapshots import Snapshots
 # from ScoutSuite.providers.osc.resources.fcu.volumes import Volumes
 # from ScoutSuite.providers.osc.resources.fcu.vpcs import FcuVpcs
+from ScoutSuite.providers.osc.resources.fcu.securitygroups import SecurityGroups
 from ScoutSuite.providers.osc.resources.regions import Regions
 
 class FCU(Regions):
     _children = [
+        (SecurityGroups, 'security_groups')
         # (FcuVpcs, 'vpcs'),
         # (OutscaleMachineImages, 'omis'),
         # (Snapshots, 'snapshots'),
@@ -14,19 +16,31 @@ class FCU(Regions):
 
     def __init__(self, facade):
         super(FCU, self).__init__('fcu', facade)
+        import logging
+        logging.getLogger("scout").critical("OSC ::: Ressource FCU\n\n\n\n\n")
 
     async def fetch_all(self, regions=None, excluded_regions=None, partition_name='osc', **kwargs):
         # await super(FCU, self).fetch_all(regions, excluded_regions, partition_name)
+        import logging
+        logging.getLogger("scout").critical("OSC ::: FCU.fetch_all()\n\n\n")
         await super(FCU, self).fetch_all(regions, excluded_regions)
+        logging.getLogger("scout").critical("OSC ::: ! FCU.fetch_all()\n\n\n")
 
+        logging.getLogger("scout").critical("Regions :::")
+        logging.getLogger("scout").critical(self['regions'])
         for region in self['regions']:
+            logging.getLogger("scout").critical(f"OSC ::: region :: {region}")
+            logging.getLogger("scout").critical(f"OSC ::: {self['regions'][region]}")
+            # logging.getLogger("scout").critical(self['regions'][region]['security_groups'].values())
+            # self['regions'][region]['security_groups_count'] =\
+            #     sum([len(sg) for sg in self['regions'][region]['security_groups'].values()])
             # self['regions'][region]['instances_count'] =\
             #     sum([len(vpc['instances']) for vpc in self['regions'][region]['vpcs'].values()])
-            self['regions'][region]['security_groups_count'] =\
-                sum([len(vpc['security_groups']) for vpc in self['regions'][region]['vpcs'].values()])
+            # self['regions'][region]['security_groups_count'] =\
+            #     sum([len(vpc['security_groups']) for vpc in self['regions'][region]['vpcs'].values()])
             # self['regions'][region]['network_interfaces_count'] =\
             #     sum([len(vpc['network_interfaces']) for vpc in self['regions'][region]['vpcs'].values()])
 
         # self['instances_count'] = sum([region['instances_count'] for region in self['regions'].values()])
-        self['security_groups_count'] = sum([region['security_groups_count'] for region in self['regions'].values()])
+        # self['security_groups_count'] = sum([region['security_groups_count'] for region in self['regions'].values()])
         # self['network_interfaces_count'] = sum([region['network_interfaces_count'] for region in self['regions'].values()])
diff --git a/ScoutSuite/providers/osc/resources/fcu/securitygroups.py b/ScoutSuite/providers/osc/resources/fcu/securitygroups.py
@@ -3,15 +3,22 @@
 from ScoutSuite.utils import manage_dictionary
 from ScoutSuite.core.fs import load_data
 
+import logging
 
 class SecurityGroups(OSCResources):
-    def __init__(self, facade: OSCFacade, region: str, vpc: str):
+    def __init__(self, facade: OSCFacade, region: str, vpc: str = None):
+        logging.getLogger("scout").critical("OSC ::: Security Groups\n\n\n\n\n")
         super(SecurityGroups, self).__init__(facade)
         self.region = region
         self.vpc = vpc
 
     async def fetch_all(self):
-        raw_security_groups = await self.facade.fcu.get_security_groups()
+        logging.getLogger("scout").critical("OSC ::: SecurityGroups.fetch_all()")
+        try:
+            raw_security_groups = await self.facade.fcu.get_security_groups(self.region)
+        except Exception as e:
+            logging.getLogger("scout").critical(f"OSC ::: Exception {e}")
+        logging.getLogger("scout").critical(f"OSC ::: security groups {raw_security_groups}")
         for raw_security_group in raw_security_groups:
             name, resource = self._parse_security_group(raw_security_group)
             self[name] = resource

diff --git a/ScoutSuite/providers/osc/resources/regions.py b/ScoutSuite/providers/osc/resources/regions.py
@@ -11,19 +11,25 @@ def __init__(self, service: str, facade: OSCFacade):
         self.service = service
 
     async def fetch_all(self, regions=None, excluded_regions=None, **kwargs):
-        self["region"] = {}
-        for region in await self.facade.build_region_list(self.service,
-                                                          regions, excluded_regions):
-            self["region"][region] = {
-                'id': region,
-                'region': region,
-                'name': region
-            }
-        await self._fetch_children_of_all_resources(
-            resources=self['regions'],
-            scopes={region: {'region': region} for region in self['regions']}
-        )
-        self._set_counts()
+        import logging
+        logging.getLogger("scout").critical("OSC ::: Regions::fetch_all()")
+        try:
+            self['regions'] = {}
+            for region in await self.facade.build_region_list(self.service, regions, excluded_regions):
+                self['regions'][region['RegionName']] = {
+                    'id': region['RegionName'],
+                    'region': region,
+                    'name': region['RegionName'],
+                    'endpoint': region['Endpoint']
+                }
+
+            await self._fetch_children_of_all_resources(
+                resources=self['regions'],
+                scopes={region: {'region': region} for region in self['regions']}
+            )
+            self._set_counts()
+        except Exception as e:
+            logging.getLogger("scout").critical(f"OSC ::: Exception ::: {e}")
 
     def _set_counts(self):
         self['regions_count'] = len(self['regions'])