Merge pull request #230 from eclecticiq/nest-taxii2-urls

Nest taxii2 endpoints under `/taxii2/`

CHANGES.rst

@@ -1,7 +1,11 @@
 Changelog
 =========
 
-0.6.0 (2022-05-25
+0.7.0 (2022-05-27)
+------------------
+* Nest taxii2 endpoints under `/taxii2/`
+
+0.6.0 (2022-05-25)
 ------------------
 * Add `public_discovery` option to taxii2 config
 * Add support for publicly readable taxii 2 api roots

opentaxii/_version.py

@@ -3,4 +3,4 @@
 This module defines the package version for use in __init__.py and setup.py.
 """
 
-__version__ = '0.6.0'
+__version__ = '0.7.0'

opentaxii/server.py

@@ -480,11 +480,11 @@ def discovery_handler(self):
                 response[key] = self.config.get(key)
         default_api_root, api_roots = self.persistence.get_api_roots()
         if default_api_root:
-            response["default"] = f"/{default_api_root.id}/"
-        response["api_roots"] = [f"/{api_root.id}/" for api_root in api_roots]
+            response["default"] = f"/taxii2/{default_api_root.id}/"
+        response["api_roots"] = [f"/taxii2/{api_root.id}/" for api_root in api_roots]
         return make_taxii2_response(response)
 
-    @register_handler(r"^/(?P<api_root_id>[^/]+)/$", handles_own_auth=True)
+    @register_handler(r"^/taxii2/(?P<api_root_id>[^/]+)/$", handles_own_auth=True)
     def api_root_handler(self, api_root_id):
         try:
             api_root = self.persistence.get_api_root(api_root_id=api_root_id)
@@ -503,7 +503,7 @@ def api_root_handler(self, api_root_id):
             response["description"] = api_root.description
         return make_taxii2_response(response)
 
-    @register_handler(r"^/(?P<api_root_id>[^/]+)/status/(?P<job_id>[^/]+)/$")
+    @register_handler(r"^/taxii2/(?P<api_root_id>[^/]+)/status/(?P<job_id>[^/]+)/$")
     def job_handler(self, api_root_id, job_id):
         try:
             job, job_details = self.persistence.get_job_and_details(
@@ -531,7 +531,7 @@ def job_handler(self, api_root_id, job_id):
         }
         return make_taxii2_response(response)
 
-    @register_handler(r"^/(?P<api_root_id>[^/]+)/collections/$", handles_own_auth=True)
+    @register_handler(r"^/taxii2/(?P<api_root_id>[^/]+)/collections/$", handles_own_auth=True)
     def collections_handler(self, api_root_id):
         try:
             api_root = self.persistence.get_api_root(api_root_id=api_root_id)
@@ -561,7 +561,7 @@ def collections_handler(self, api_root_id):
         return make_taxii2_response(response)
 
     @register_handler(
-        r"^/(?P<api_root_id>[^/]+)/collections/(?P<collection_id_or_alias>[^/]+)/$",
+        r"^/taxii2/(?P<api_root_id>[^/]+)/collections/(?P<collection_id_or_alias>[^/]+)/$",
         handles_own_auth=True,
     )
     def collection_handler(self, api_root_id, collection_id_or_alias):
@@ -589,7 +589,7 @@ def collection_handler(self, api_root_id, collection_id_or_alias):
         return make_taxii2_response(response)
 
     @register_handler(
-        r"^/(?P<api_root_id>[^/]+)/collections/(?P<collection_id_or_alias>[^/]+)/manifest/$",
+        r"^/taxii2/(?P<api_root_id>[^/]+)/collections/(?P<collection_id_or_alias>[^/]+)/manifest/$",
         handles_own_auth=True,
     )
     def manifest_handler(self, api_root_id, collection_id_or_alias):
@@ -634,7 +634,7 @@ def manifest_handler(self, api_root_id, collection_id_or_alias):
         )
 
     @register_handler(
-        r"^/(?P<api_root_id>[^/]+)/collections/(?P<collection_id_or_alias>[^/]+)/objects/$",
+        r"^/taxii2/(?P<api_root_id>[^/]+)/collections/(?P<collection_id_or_alias>[^/]+)/objects/$",
         ("GET", "POST"),
         valid_content_types=("application/taxii+json;version=2.1",),
         handles_own_auth=True,
@@ -726,7 +726,7 @@ def objects_post_handler(self, api_root_id, collection_id_or_alias):
         )
 
     @register_handler(
-        r"^/(?P<api_root_id>[^/]+)/collections/(?P<collection_id_or_alias>[^/]+)/objects/(?P<object_id>[^/]+)/$",
+        r"^/taxii2/(?P<api_root_id>[^/]+)/collections/(?P<collection_id_or_alias>[^/]+)/objects/(?P<object_id>[^/]+)/$",
         ("GET", "DELETE"),
         handles_own_auth=True,
     )
@@ -807,7 +807,7 @@ def object_delete_handler(self, api_root_id, collection_id_or_alias, object_id):
 
     @register_handler(
         (
-            r"^/(?P<api_root_id>[^/]+)/collections/(?P<collection_id_or_alias>[^/]+)"
+            r"^/taxii2/(?P<api_root_id>[^/]+)/collections/(?P<collection_id_or_alias>[^/]+)"
             r"/objects/(?P<object_id>[^/]+)/versions/$"
         ),
         handles_own_auth=True,

tests/taxii2/test_taxii2_api_root.py

@@ -183,7 +183,7 @@ def test_api_root(
         ),
     ):
         func = getattr(authenticated_client, method)
-        response = func(f"/{api_root_id}/", headers=headers)
+        response = func(f"/taxii2/{api_root_id}/", headers=headers)
     assert response.status_code == expected_status
     assert {
         key: response.headers.get(key) for key in expected_headers
@@ -224,7 +224,7 @@ def test_api_root_unauthenticated(
     ):
         func = getattr(client, method)
         response = func(
-            f"/{api_root_id}/",
+            f"/taxii2/{api_root_id}/",
             headers={"Accept": "application/taxii+json;version=2.1"},
         )
     assert response.status_code == expected_status_code

tests/taxii2/test_taxii2_collection.py

@@ -189,7 +189,7 @@ def test_collection(
         },
     ):
         func = getattr(authenticated_client, method)
-        response = func(f"/{api_root_id}/collections/{collection_id}/", headers=headers)
+        response = func(f"/taxii2/{api_root_id}/collections/{collection_id}/", headers=headers)
     assert response.status_code == expected_status
     assert {
         key: response.headers.get(key) for key in expected_headers
@@ -234,7 +234,7 @@ def test_collection_unauthenticated(
     ):
         func = getattr(client, method)
         response = func(
-            f"/{API_ROOTS[0].id}/collections/{collection_id}/",
+            f"/taxii2/{API_ROOTS[0].id}/collections/{collection_id}/",
             headers={"Accept": "application/taxii+json;version=2.1"},
         )
     assert response.status_code == expected_status_code

tests/taxii2/test_taxii2_collections.py

@@ -213,7 +213,7 @@ def test_collections(
         },
     ):
         func = getattr(authenticated_client, method)
-        response = func(f"/{api_root_id}/collections/", headers=headers)
+        response = func(f"/taxii2/{api_root_id}/collections/", headers=headers)
     assert response.status_code == expected_status
     assert {
         key: response.headers.get(key) for key in expected_headers
@@ -258,7 +258,7 @@ def test_collections_unauthenticated(
     ):
         func = getattr(client, method)
         response = func(
-            f"/{api_root_id}/collections/",
+            f"/taxii2/{api_root_id}/collections/",
             headers={"Accept": "application/taxii+json;version=2.1"},
         )
     assert response.status_code == expected_status_code

tests/taxii2/test_taxii2_discovery.py

@@ -29,8 +29,8 @@
                 "title": "Some TAXII Server",
                 "description": "This TAXII Server contains a listing of...",
                 "contact": "string containing contact information",
-                "default": f"/{API_ROOTS_WITH_DEFAULT[0].id}/",
-                "api_roots": [f"/{item.id}/" for item in API_ROOTS_WITH_DEFAULT],
+                "default": f"/taxii2/{API_ROOTS_WITH_DEFAULT[0].id}/",
+                "api_roots": [f"/taxii2/{item.id}/" for item in API_ROOTS_WITH_DEFAULT],
             },
             id="good, with default api root",
         ),
@@ -45,7 +45,7 @@
                 "title": "Some TAXII Server",
                 "description": "This TAXII Server contains a listing of...",
                 "contact": "string containing contact information",
-                "api_roots": [f"/{item.id}/" for item in API_ROOTS_WITHOUT_DEFAULT],
+                "api_roots": [f"/taxii2/{item.id}/" for item in API_ROOTS_WITHOUT_DEFAULT],
             },
             id="good, without default api root",
         ),

tests/taxii2/test_taxii2_manifest.py

@@ -726,7 +726,7 @@ def test_manifest(
         else:
             querystring = ""
         response = func(
-            f"/{api_root_id}/collections/{collection_id}/manifest/{querystring}",
+            f"/taxii2/{api_root_id}/collections/{collection_id}/manifest/{querystring}",
             headers=headers,
         )
     assert response.status_code == expected_status
@@ -773,7 +773,7 @@ def test_manifest_unauthenticated(
     ):
         func = getattr(client, method)
         response = func(
-            f"/{API_ROOTS[0].id}/collections/{collection_id}/manifest/",
+            f"/taxii2/{API_ROOTS[0].id}/collections/{collection_id}/manifest/",
             headers={"Accept": "application/taxii+json;version=2.1"},
         )
     assert response.status_code == expected_status_code

tests/taxii2/test_taxii2_object.py

@@ -826,7 +826,7 @@ def test_object(
             querystring = ""
         kwargs = {"headers": headers}
         response = func(
-            f"/{api_root_id}/collections/{collection_id}/objects/{object_id}/{querystring}",
+            f"/taxii2/{api_root_id}/collections/{collection_id}/objects/{object_id}/{querystring}",
             **kwargs,
         )
     assert response.status_code == expected_status
@@ -897,7 +897,7 @@ def test_object_unauthenticated(
     ):
         func = getattr(client, method)
         response = func(
-            f"/{API_ROOTS[0].id}/collections/{collection_id}/objects/{stix_id}/",
+            f"/taxii2/{API_ROOTS[0].id}/collections/{collection_id}/objects/{stix_id}/",
             headers={"Accept": "application/taxii+json;version=2.1"},
         )
     assert response.status_code == expected_status_code

tests/taxii2/test_taxii2_objects.py

@@ -1062,7 +1062,7 @@ def test_objects(
         if method == "post":
             kwargs["json"] = post_data
         response = func(
-            f"/{api_root_id}/collections/{collection_id}/objects/{querystring}",
+            f"/taxii2/{api_root_id}/collections/{collection_id}/objects/{querystring}",
             **kwargs,
         )
     assert response.status_code == expected_status
@@ -1147,7 +1147,7 @@ def test_objects_unauthenticated(
             }
         func = getattr(client, method)
         response = func(
-            f"/{API_ROOTS[0].id}/collections/{collection_id}/objects/",
+            f"/taxii2/{API_ROOTS[0].id}/collections/{collection_id}/objects/",
             **kwargs,
         )
     assert response.status_code == expected_status_code

tests/taxii2/test_taxii2_status.py

@@ -246,7 +246,7 @@ def test_status(
         ),
     ):
         func = getattr(authenticated_client, method)
-        response = func(f"/{api_root_id}/status/{job_id}/", headers=headers)
+        response = func(f"/taxii2/{api_root_id}/status/{job_id}/", headers=headers)
     assert response.status_code == expected_status
     assert {
         key: response.headers.get(key) for key in expected_headers
@@ -267,7 +267,7 @@ def test_status_unauthenticated(
     method,
 ):
     func = getattr(client, method)
-    response = func(f"/{API_ROOTS[0].id}/status/{JOBS[0].id}/")
+    response = func(f"/taxii2/{API_ROOTS[0].id}/status/{JOBS[0].id}/")
     assert response.status_code == 401
 
 

tests/taxii2/test_taxii2_versions.py

@@ -407,7 +407,7 @@ def test_versions(
             querystring = ""
         kwargs = {"headers": headers}
         response = func(
-            f"/{api_root_id}/collections/{collection_id}/objects/{object_id}/versions/{querystring}",
+            f"/taxii2/{api_root_id}/collections/{collection_id}/objects/{object_id}/versions/{querystring}",
             **kwargs,
         )
     assert response.status_code == expected_status
@@ -456,7 +456,7 @@ def test_versions_unauthenticated(
     ):
         func = getattr(client, method)
         response = func(
-            f"/{API_ROOTS[0].id}/collections/{collection_id}/objects/{stix_id}/versions/",
+            f"/taxii2/{API_ROOTS[0].id}/collections/{collection_id}/objects/{stix_id}/versions/",
             headers={"Accept": "application/taxii+json;version=2.1"},
         )
     assert response.status_code == expected_status_code