d"·V ddlZddlZddlZddlZddlZ ddlZddlZdZej j Z n#e $rdZGdde Z YnwxYwddlZddlmZmZddlmZddlmZddlZddlZdd lmZmZmZmZmZdd lmZdd l m!Z!dd l"m#Z#dd l$m%Z%m&Z&ddl'm(Z(m)Z)ddl*m+Z+ddl,m-Z-ee.Z/e(Z0e(Z1de ddfdZ2GddeeZ3Gdde3Z4Gdde4Z5GddZ6dS)NTFceZdZdS)_NATSMaxPayloadErrorN)__name__ __module__ __qualname__\/opt/imunify360/venv/lib/python3.11/site-packages/defence360agent/api/server/send_message.pyrrs r r)ABCabstractmethod) getLogger)Optional)APIAPIError APITokenErrorFGWSendMessgeExceptionNATSSendMessageException)Core)Message)g)IndependentAgentIDAPIIAIDTokenError)Gen publisher) AsyncIterate)ServerJSONEncoderexreturnc@Ktd|dS)aDowngrade nats-py internal errors to DEBUG. Transient errors (ConnectionRefused, AuthorizationViolation) are expected during agent restarts. Our code already logs a WARNING with context, so the nats-py default ERROR + traceback is noise. znats: %sN)loggerdebug)rs r _nats_error_cbr"2s" LLR     r cReZdZdZedefdZdeddfdZdede ddfd Z dS) BaseSendMessageAPIz/api/v2/send-message/{method}rc KdSNr)selfmessage_methodheaders post_datas r _send_requestz BaseSendMessageAPI._send_request?s  r resultNcd|vr"td||ddkr5td|ddS)Nstatusz unexpected server response: {!r}okzserver error: {}msg)rformatget)r'r,s r check_responsez!BaseSendMessageAPI.check_responseCsk 6 ! !=DDVLLMM M ( t # #-44VZZ5F5FGGHH H $ #r methodr*cK tjd{V}n$#t$r}td|d}~wwxYwd|d}||||d{V}||dS)NzIAID token error occurred zapplication/json)z Content-TypezX-Auth)r get_tokenrrr+r3)r'r4r*tokener)r,s r send_datazBaseSendMessageAPI.send_dataIs B/9;;;;;;;;EE B B B @Q @ @AA A B/  ))&'9EEEEEEEE F#####s ?:?) rrrURLr dictr+r3strbytesr9rr r r$r$<s )C    ^ ITIdIIII $c $e $ $ $ $ $ $ $r r$ceZdZejZddedefdZdeddfdZde eddfd Z d e ddfd Z d Z d eddfdZdS)SendMessageAPINrpm_verbase_urlcz||_||_d|_d|_i|_|r ||_dS|j|_dS)N) _executorr@ product_name server_idlicenserA _BASE_URL)r'r@rAexecutors r __init__zSendMessageAPI.__init__YsF!   +$DMMM NDMMMr rErc||_dSr&)rE)r'rEs r set_product_namezSendMessageAPI.set_product_nameds(r rFc||_dSr&)rF)r'rFs r set_server_idzSendMessageAPI.set_server_idgs "r rGc||_dSr&)rG)r'rGs r set_licensezSendMessageAPI.set_licensejs  r cKtj|j|j|z||d}|||jd{VS)Nr4POST)datar)r4)rI)urllibrequestRequestrAr:r1 async_requestrD)r'r(r)r*rVs r r+zSendMessageAPI._send_requestmst.(( MDHOO>OBB B )   ''$.'IIIIIIIIIr messageclKd|vrtj|d<d|vrtjj|d<d|vrd|d<|j|j|j|j|jd}tj |t }| |j|d{VdS)N timestamp message_idr4 INCIDENT_LIST)payloadr@r\rFname)cls)timeuuiduuid4hexr^r@r\rFrEjsondumpsrencoder9r4)r'rY data2sendr*s r send_messagezSendMessageAPI.send_messagevs g % %#'9;;GK w & &$(JLL$4GL ! 7 " " /GH |!,%   Jy.?@@@GGII nnW^Y77777777777r )NN)rrrrDEFAULT_SOCKET_TIMEOUT_SOCKET_TIMEOUTr<rJrLrrNr;rPr+rrirr r r?r?Vs1O + + +s + + + +)S)T))))#x}#####4DJJJ8'8d888888r r?cFeZdZdefdZdeeeefddfdZ dS)FileBasedGatewayAPIrcK|4d{Vtjtj|d{V}|dd|Ddcdddd{VS#1d{VswxYwYdS)Nr4c&i|]\}}|dk ||SrRr).0kvs r z8FileBasedGatewayAPI._prepare_message..s#JJJ$!QAMMAMMMr )r4rT)asyncio to_threadreloadsitems)r'rY semaphoreloadeds r _prepare_messagez$FileBasedGatewayAPI._prepare_messages        ",TZAAAAAAAAF *JJ&,,..JJJ                              sA A** A47A4messagesNcnKd}tj|fdt|2d{V}tj|d{V}|D]N}i|did|ddi}t j|tdOtjtj |d{V}tj dd }tj |d } | d d g} tj| tjjtjjtjjd d{V} t%j|} | | d{V\} }t-jdr*t.dt3|| || jdkr`t.d|t;t=d|dS)NcTKg|3d{V \}}|"6Sr&)rz)rp_r0r'rxs r z5FileBasedGatewayAPI.send_messages..sd         a  ! !#y 1 1    s(rTr4rCzagent-fgw-sendingstageI360_MESSAGE_GATEWAY_BIN_PATHz /usr/libexec/zimunify-message-gatewayz send-manyz"--producer=i360-agent-non-resident)stdinstdoutstderr)inputDEBUGzMessage sent to fgw: %s %s %srzError sending message: )rt Semaphorergatherr2rreport_reporter_gen_fgwrurerfosgetenvpathjoincreate_subprocess_exec subprocessPIPEbase64 b64encoderg communicaterr infolen returncodeerrordecoderr<)r'r{ max_threadstasksprepared_messagesr0flatdumped_messages bin_file_pathbin_filecommandprocessb64datarrrxs` @r send_messagesz!FileBasedGatewayAPI.send_messagess %k22      ,X 6 6         #*.%"8888888$  CKcggfb))K8SWWXr5J5JKKD  '/B     !( 1 J)! !        +_  7<< /HII   0   6 $)%*%*           "?#9#9#;#;<<&222AAAAAAAA 5>>  KK/X      " " LLD6==??DD E E E(?fmmoo??@@  # "r ) rrrr;rzlisttuplefloatr=rrr r rmrms_D/Due|1D,E/$//////r rmceZdZdZdZdZdZdZdZdZ dZ e dZ d Z d eeeefd d fd ZdZdZd S)NATSGatewayAPIzPublishes messages to the embedded NATS server via localhost TCP. Connects to nats://127.0.0.1: with an auth token read from a file written by the resident-agent on startup. z imunify.api.iz/var/run/imunify360/nats.tokenz/var/run/imunify360/nats.addrr}c"d|_d|_dS)Nr)_nc_last_connect_attemptr's r rJzNATSGatewayAPI.__init__s%&"""r ctjdtj} t |5}|}dddn #1swxYwY|r|Sn#t$rYnwxYwttjdttj }d|S)zBRead NATS listen address from addr file, fall back to env/default.I360_NATS_ADDR_PATHNI360_NATS_PORTz 127.0.0.1:) rrrDEFAULT_ADDR_PATHopenreadstripOSErrorintr< DEFAULT_PORT) addr_pathfaddrports r _read_addrzNATSGatewayAPI._read_addrsI !>#C   i (Avvxx~~'' ( ( ( ( ( ( ( ( ( ( ( ( ( ( (       D  I&N,G(H(H I I  #D"""s4A3'A# A3#A''A3*A'+A33 B?BcK|j|jjrdStstdt j}||jz }||jkrtd|j|z dd||_|d{V| }tj d|j } t|5}|}dddn #1swxYwYt!jd|||jdt&d{V|_t(d |dS#t,$r}td ||d}~wwxYw) Nznats-py is not installedzNATS reconnect backoff (z.1fz s remaining)I360_NATS_TOKEN_PATHznats://r)r7connect_timeoutmax_reconnect_attemptserror_cbzConnected to NATS at %szFailed to connect to NATS: )r is_connected _has_natsrra monotonicrMIN_RECONNECT_INTERVAL_closerrrDEFAULT_TOKEN_PATHrrrnatsconnectCONNECT_TIMEOUTr"r r Exception)r'now since_lastr token_pathrr7r8s r _ensure_connectedz NATSGatewayAPI._ensure_connecteds  8 DH$9  F G*+EFF Fn455 3 3 3*P0:=OPPP &)"kkmm  Y5t7NOO  j!! )Q(( ) ) ) ) ) ) ) ) ) ) ) ) ) ) )!\ $   $ 4'(' DH KK14 8 8 8 8 8   *1a11  s=E'D8 EDE D AE E?'E::E?r{rNc K|d{Vd} |j}|D]\}} tj|}nC#tjt f$r*}td||dz }Yd}~Wd}~wwxYw| dd}| d} tj | } |j |z} i} | r| | d< || | | r| ndd{V} nQ#t$rD}td | | t#| || dd |dz }Yd}~0d}~wwxYwt%ji|d|it(d |dz }t+j d r'td| | j| jdS#t2$r^}|d{Vtd|t#||t7d|||d}~wwxYw)NrzSkipping malformed message: %sr4UNKNOWNr\z Nats-Msg-Id)r)zUDropping oversized NATS message: subject=%s message_id=%s size=%d error=%s preview=%rzagent-nats-sendingrrz"Published to %s, stream=%s, seq=%sz,NATS publish failed after %d/%d messages: %szFailed to publish messages: ) published)rr jetstreamrervJSONDecodeErrorUnicodeDecodeErrorr warningpopr2rfrgNATS_SUBJECT_PREFIXpublishrrrrr_reporter_gen_natsrr!streamseqrrr)r'r{rjsr msg_bytesryr8r4r\r^subjectr)acks r rzNATSGatewayAPI.send_messagess$$&&&&&&&&& @ ##%%B (0 0  9!Z 22FF,.@ANN#CQGGGNIHHHH Hi88#ZZ 55 *V,,33552V;8-7GM* " +2 <!+!!CC ,   LLE"G  NIHHHH  0v0x00&. Q 5>>LL<  W0 0 d   ++--        NN>H      +2q22#  sn!GAGB- B GBA'G?"D"!G" E0,9E+%G+E00A'G I#AH<<IcK|jF |jd{Vn#t$rYnwxYwd|_dS#d|_wxYwdSr&)rdrainrrs r rzNATSGatewayAPI._closeWs~ 8  hnn&&&&&&&&&&     4 s!+A 8A8A A c>K|d{VdSr&)rrs r closezNATSGatewayAPI.close`s,kkmmr )rrr__doc__rrrrrrrJ staticmethodrrrrrr=rrrrr r rrs )L97O'''##\#&###JDDue|1D,ED$DDDDL   r r)7rrerra urllib.errorrUr nats.errorsrerrorsMaxPayloadErrorr ImportErrorrurllib.requestabcr r loggingr typingrrtrbdefence360agent.api.serverrrrrr defence360agent.contracts.configr"defence360agent.contracts.messagesr&defence360agent.internals.global_scoperdefence360agent.internals.iaidrr2defence360agent.internals.message_status_publisherrr!defence360agent.utils.async_utilsrdefence360agent.utils.jsonrrr rrr"r$r?rmrrr r rs   KKKI;6   I     y      ######## 211111666666444444NMMMMMMM::::::888888 8  CEESUU!Y!4!!!!$$$$$c$$$42828282828'282828j88888.888v[[[[[[[[[[s-AA