Browse Source

Move under Msf::WebServices namespace

Matthew Kienow 11 months ago
parent
commit
e144cc6738
No account linked to committer's email address

+ 49
- 47
lib/msf/core/web_services/json_rpc_app.rb View File

@@ -8,60 +8,62 @@ require 'msf/core/web_services/servlet_helper'
8 8
 require 'msf/core/web_services/servlet/auth_servlet'
9 9
 require 'msf/core/web_services/servlet/json_rpc_servlet'
10 10
 
11
-class JsonRpcApp < Sinatra::Base
12
-  helpers ServletHelper
13
-  helpers Msf::RPC::JSON::DispatcherHelper
11
+module Msf::WebServices
12
+  class JsonRpcApp < Sinatra::Base
13
+    helpers ServletHelper
14
+    helpers Msf::RPC::JSON::DispatcherHelper
14 15
 
15
-  # Servlet registration
16
-  register AuthServlet
17
-  register JsonRpcServlet
16
+    # Servlet registration
17
+    register AuthServlet
18
+    register JsonRpcServlet
18 19
 
19
-  set :framework, Msf::Simple::Framework.create({})
20
-  set :dispatchers, {}
20
+    set :framework, Msf::Simple::Framework.create({})
21
+    set :dispatchers, {}
21 22
 
22
-  configure do
23
-    set :sessions, {key: 'msf-ws.session', expire_after: 300}
24
-    set :session_secret, ENV.fetch('MSF_WS_SESSION_SECRET') { SecureRandom.hex(16) }
25
-  end
23
+    configure do
24
+      set :sessions, {key: 'msf-ws.session', expire_after: 300}
25
+      set :session_secret, ENV.fetch('MSF_WS_SESSION_SECRET') { SecureRandom.hex(16) }
26
+    end
26 27
 
27
-  before do
28
-    # store DBManager in request environment so that it is available to Warden
29
-    request.env['msf.db_manager'] = get_db
30
-    # store flag indicating whether authentication is initialized in the request environment
31
-    @@auth_initialized ||= get_db.users({}).count > 0
32
-    request.env['msf.auth_initialized'] = @@auth_initialized
33
-  end
28
+    before do
29
+      # store DBManager in request environment so that it is available to Warden
30
+      request.env['msf.db_manager'] = get_db
31
+      # store flag indicating whether authentication is initialized in the request environment
32
+      @@auth_initialized ||= get_db.users({}).count > 0
33
+      request.env['msf.auth_initialized'] = @@auth_initialized
34
+    end
34 35
 
35
-  use Warden::Manager do |config|
36
-    # failed authentication is handled by this application
37
-    config.failure_app = self
38
-    # don't intercept 401 responses since the app will provide custom failure messages
39
-    config.intercept_401 = false
40
-    config.default_scope = :api
36
+    use Warden::Manager do |config|
37
+      # failed authentication is handled by this application
38
+      config.failure_app = self
39
+      # don't intercept 401 responses since the app will provide custom failure messages
40
+      config.intercept_401 = false
41
+      config.default_scope = :api
41 42
 
42
-    config.scope_defaults :user,
43
-                          # whether to persist the result in the session or not
44
-                          store: true,
45
-                          # list of strategies to use
46
-                          strategies: [:password],
47
-                          # action (route) of the failure application
48
-                          action: "#{AuthServlet.api_unauthenticated_path}/user"
43
+      config.scope_defaults :user,
44
+                            # whether to persist the result in the session or not
45
+                            store: true,
46
+                            # list of strategies to use
47
+                            strategies: [:password],
48
+                            # action (route) of the failure application
49
+                            action: "#{AuthServlet.api_unauthenticated_path}/user"
49 50
 
50
-    config.scope_defaults :api,
51
-                          # whether to persist the result in the session or not
52
-                          store: false,
53
-                          # list of strategies to use
54
-                          strategies: [:api_token],
55
-                          # action (route) of the failure application
56
-                          action: AuthServlet.api_unauthenticated_path
51
+      config.scope_defaults :api,
52
+                            # whether to persist the result in the session or not
53
+                            store: false,
54
+                            # list of strategies to use
55
+                            strategies: [:api_token],
56
+                            # action (route) of the failure application
57
+                            action: AuthServlet.api_unauthenticated_path
57 58
 
58
-    config.scope_defaults :admin_api,
59
-                          # whether to persist the result in the session or not
60
-                          store: false,
61
-                          # list of strategies to use
62
-                          strategies: [:admin_api_token],
63
-                          # action (route) of the failure application
64
-                          action: AuthServlet.api_unauthenticated_path
65
-  end
59
+      config.scope_defaults :admin_api,
60
+                            # whether to persist the result in the session or not
61
+                            store: false,
62
+                            # list of strategies to use
63
+                            strategies: [:admin_api_token],
64
+                            # action (route) of the failure application
65
+                            action: AuthServlet.api_unauthenticated_path
66
+    end
66 67
 
68
+  end
67 69
 end

+ 28
- 26
lib/msf/core/web_services/servlet/json_rpc_servlet.rb View File

@@ -1,34 +1,36 @@
1 1
 require 'msf/core/rpc'
2 2
 
3
-module JsonRpcServlet
3
+module Msf::WebServices
4
+  module JsonRpcServlet
4 5
 
5
-  def self.api_path
6
-    '/api/:version/json-rpc'
7
-  end
6
+    def self.api_path
7
+      '/api/:version/json-rpc'
8
+    end
8 9
 
9
-  def self.registered(app)
10
-    app.post JsonRpcServlet.api_path, &post_rpc
11
-  end
10
+    def self.registered(app)
11
+      app.post JsonRpcServlet.api_path, &post_rpc
12
+    end
12 13
 
13
-  #######
14
-  private
15
-  #######
14
+    #######
15
+    private
16
+    #######
16 17
 
17
-  # Process JSON-RPC request
18
-  def self.post_rpc
19
-    lambda {
20
-      warden.authenticate!
21
-      begin
22
-        body = request.body.read
23
-        tmp_params = sanitize_params(params)
24
-        data = get_dispatcher(settings.dispatchers, tmp_params[:version].to_sym, settings.framework).process(body)
25
-        set_raw_response(data)
26
-      rescue => e
27
-        print_error("There was an error executing the RPC: #{e.message}.", e)
28
-        error = Msf::RPC::JSON::Dispatcher.create_error_response(Msf::RPC::JSON::InternalError.new(e))
29
-        data = Msf::RPC::JSON::Dispatcher.to_json(error)
30
-        set_raw_response(data, code: 500)
31
-      end
32
-    }
18
+    # Process JSON-RPC request
19
+    def self.post_rpc
20
+      lambda {
21
+        warden.authenticate!
22
+        begin
23
+          body = request.body.read
24
+          tmp_params = sanitize_params(params)
25
+          data = get_dispatcher(settings.dispatchers, tmp_params[:version].to_sym, framework).process(body)
26
+          set_raw_response(data)
27
+        rescue => e
28
+          print_error("There was an error executing the RPC: #{e.message}.", e)
29
+          error = Msf::RPC::JSON::Dispatcher.create_error_response(Msf::RPC::JSON::InternalError.new(e))
30
+          data = Msf::RPC::JSON::Dispatcher.to_json(error)
31
+          set_raw_response(data, code: 500)
32
+        end
33
+      }
34
+    end
33 35
   end
34 36
 end

+ 1
- 1
msf-json-rpc.ru View File

@@ -18,4 +18,4 @@ end
18 18
 # Note: setup Rails environment before calling require
19 19
 require 'msf/core/web_services/json_rpc_app'
20 20
 
21
-run JsonRpcApp
21
+run Msf::WebServices::JsonRpcApp

Loading…
Cancel
Save