bitbot-3.11-fork/modules/rest_api.py

#--depends-on commands
#--depends-on config
#--depends-on permissions

import binascii, http.server, json, os, socket, ssl, threading, urllib.parse
from src import ModuleManager, utils

DEFAULT_PORT = 5001
DEFAULT_PUBLIC_PORT = 5000

class Response(object):
    def __init__(self, compact=False):
        self._compact = compact
        self._headers = {}
        self._data = b""
        self.code = 200
        self.content_type = "text/plain"
    def write(self, data):
        self._data += data
    def write_text(self, data):
        self._data += data.encode("utf8")
    def write_json(self, obj):
        if self._compact:
            data = json.dumps(obj, separators=(",", ":"))
        else:
            data = json.dumps(obj, sort_keys=True, indent=4)
        self._data += data.encode("utf8")

    def set_header(self, key: str, value: str):
        self._headers[key] = value
    def get_headers(self):
        headers = {}
        has_content_type = False
        for key, value in self._headers.items():
            if key.lower() == "content-type":
                has_content_type = True
            headers[key] = value
        if not has_content_type:
            headers["Content-Type"] = self.content_type
        headers["Content-Length"] = len(self._data)
        return headers

    def get_data(self):
        return self._data

_module = None
_bot = None
_events = None
_log = None
class Handler(http.server.BaseHTTPRequestHandler):
    timeout = 10

    def _path_data(self):
        path = urllib.parse.urlparse(self.path).path
        _, _, endpoint = path[1:].partition("/")
        endpoint, _, args = endpoint.partition("/")
        args = list(filter(None, args.split("/")))
        return path, endpoint, args

    def _url_params(self):
        parsed = urllib.parse.urlparse(self.path)
        query = urllib.parse.parse_qs(parsed.query)
        return dict([(k, v[0]) for k, v in query.items()])

    def _body(self):
        content_length = int(self.headers.get("content-length", 0))
        return self.rfile.read(content_length)

    def _respond(self, response):
        self.send_response(response.code)
        for key, value in response.get_headers().items():
            self.send_header(key, value)
        self.end_headers()
        self.wfile.write(response.get_data())

    def _key_settings(self, key):
        return _bot.get_setting("api-key-%s" % key, {})
    def _minify_setting(self):
        return _bot.get_setting("rest-api-minify", False)

    def _url_for(self, headers):
        return (lambda route, endpoint, args=[], get_params={}:
            _module._url_for(route, endpoint, args, get_params,
            headers.get("Host", None)))

    def _handle(self, method, path, endpoint, args):
        headers = utils.CaseInsensitiveDict(dict(self.headers.items()))
        params = self._url_params()
        data = self._body()

        response = Response(compact=self._minify_setting())
        response.code = 404

        hooks = _events.on("api").on(method).on(endpoint).get_hooks()
        if hooks:
            response.code = 200
            hook = hooks[0]
            authenticated = hook.get_kwarg("authenticated", True)
            key = params.get("key", None)
            key_setting = self._key_settings(key)
            permissions = key_setting.get("permissions", [])

            if key_setting:
                _log.debug("[HTTP] %s from API key %s (%s)",
                    [method, key, key_setting["comment"]])

            if not authenticated or path in permissions or "*" in permissions:
                if path.startswith("/api/"):
                    event_response = None
                    try:
                        event_response = _events.on("api").on(method).on(
                            endpoint).call_for_result_unsafe(params=params,
                            args=args, data=data, headers=headers,
                            response=response, url_for=self._url_for(headers))
                    except Exception as e:
                        _log.error("failed to call API endpoint \"%s\"",
                            [path], exc_info=True)
                        response.code = 500

                    if not event_response == None:
                        response.write_json(event_response)
                        response.content_type = "application/json"
            else:
                response.code = 401
        return response

    def _handle_wrap(self, method):
        path, endpoint, args = self._path_data()
        _log.debug("[HTTP] starting _handle for %s from %s:%d: %s",
            [method, self.client_address[0], self.client_address[1], path])

        response = _bot.trigger(lambda: self._handle(method, path, endpoint,
            args))
        self._respond(response)

        _log.debug("[HTTP] finishing _handle for %s from %s:%d (%d)",
            [method, self.client_address[0], self.client_address[1],
            response.code])

    def do_GET(self):
        self._handle_wrap("GET")

    def do_POST(self):
        self._handle_wrap("POST")

    def log_message(self, format, *args):
        return

class BitBotIPv6HTTPd(http.server.HTTPServer):
    address_family = socket.AF_INET6

@utils.export("botset",
    utils.BoolSetting("rest-api", "Enable/disable REST API"))
@utils.export("botset",
    utils.BoolSetting("rest-api-minify", "Enable/disable REST API minifying"))
@utils.export("botset",
    utils.Setting("rest-api-host", "Public hostname:port for the REST API"))
class Module(ModuleManager.BaseModule):
    _name = "REST"

    def on_load(self):
        global _module
        _module = self

        global _bot
        _bot = self.bot

        global _events
        _events = self.events

        global _log
        _log = self.log

        self.httpd = None
        if self.bot.get_setting("rest-api", False):
            self._start_httpd()

    def _start_httpd(self):
        port = int(self.bot.config.get("api-port", str(DEFAULT_PORT)))
        self.httpd = BitBotIPv6HTTPd(("::1", port), Handler)

        self.thread = threading.Thread(target=self.httpd.serve_forever)
        self.thread.daemon = True
        self.thread.start()
    def _stop_httpd(self):
        if self.httpd:
            self.httpd.shutdown()

    def on_resume(self):
        self._start_httpd()

    def unload(self):
        self._stop_httpd()
    def on_pause(self):
        self._stop_httpd()

    @utils.hook("received.command.apikey")
    @utils.kwarg("private_only", True)
    @utils.spec("!'list ?<alias>wordlower")
    @utils.spec("!'add !<alias>wordlower ?<endpoints>words")
    @utils.spec("!'remove !<alias>wordlower")
    @utils.kwarg("permission", "apikey")
    def apikey(self, event):
        subcommand = event["spec"][0]
        alias = event["spec"][1]
        found = None

        api_keys = {}
        for key, value in self.bot.find_settings(prefix="api-key-"):
            api_keys[key] = value
            if alias and value["comment"].lower() == alias:
                found = key

        if subcommand == "list":
            aliases = {v["comment"]: v for v in api_keys.values()}
            if alias:
                if not alias in aliases:
                    event["stderr"].write("API key '%s' not found" % alias)
                event["stdout"].write("API key %s ('%s') can access: %s" %
                    (key, alias, " ".join(aliases[alias]["permissions"])))
            else:
                event["stdout"].write("API keys: %s"
                    % ", ".join(sorted(aliases.keys())))
        elif subcommand == "add":
            if found == None:
                new_key = binascii.hexlify(os.urandom(16)).decode("ascii")
                self.bot.set_setting("api-key-%s" % new_key, {
                    "comment": alias, "permissions": event["spec"][2] or []
                })
                event["stdout"].write("New API key '%s': %s" %
                    (alias, new_key))
            else:
                event["stderr"].write("API key alias '%s' already exists" %
                    alias)
        elif subcommand == "remove":
            if not len(event["args_split"]) > 1:
                raise utils.EventError("Please provide a key alias to remove")

            if not found == None:
                self.bot.del_setting(found)
                key = found.replace("api-key-", "", 1)
                event["stdout"].write("Deleted API key %s ('%s')" %
                    (key, alias))
            else:
                event["stderr"].write("Count not find API key '%s'" % alias)

    @utils.export("url-for")
    def _url_for(self, route, endpoint, args=[], get_params={},
            host_override=None):
        host = host_override or self.bot.get_setting("rest-api-host", None)

        host, _, port = host.partition(":")
        if not port:
            port = str(_bot.config.get("api-port", DEFAULT_PUBLIC_PORT))
        host = "%s:%s" % (host, port)

        if host:
            args_str = ""
            if args:
                args_str = "/%s" % "/".join(args)
            get_params_str = ""
            if get_params:
                get_params_str = "?%s" % urllib.parse.urlencode(get_params)
            return "%s/%s/%s%s%s" % (host, route, endpoint, args_str,
                get_params_str)
        else:
            return None
Add `depends-on` hashflags to relevant modules 2019-05-25 20:40:06 +00:00			`#--depends-on commands`
			`#--depends-on config`
			`#--depends-on permissions`
Require modules/rest_api.py has tls cert/key 2018-10-05 22:16:34 +00:00
expand `apikey` command to list, add, remove and info closes #123 2019-10-04 11:39:36 +00:00			`import binascii, http.server, json, os, socket, ssl, threading, urllib.parse`
Pass context-wrapped timers to each module, add ModuleManager.BaseModule.on_load 2018-10-12 17:07:23 +00:00			`from src import ModuleManager, utils`
Add basics of (by-default disabled) REST API 2018-10-04 15:01:13 +00:00
allow configuring REST API Host, have default public and local ports 2019-09-15 10:37:32 +00:00			`DEFAULT_PORT = 5001`
			`DEFAULT_PUBLIC_PORT = 5000`

refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`class Response(object):`
			`def __init__(self, compact=False):`
			`self._compact = compact`
			`self._headers = {}`
			`self._data = b""`
			`self.code = 200`
			`self.content_type = "text/plain"`
			`def write(self, data):`
			`self._data += data`
			`def write_text(self, data):`
			`self._data += data.encode("utf8")`
			`def write_json(self, obj):`
			`if self._compact:`
don't bother sorting json keys when the json is minified 2019-09-10 14:08:06 +00:00			`data = json.dumps(obj, separators=(",", ":"))`
refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`else:`
'event_response' -> 'obj' (copypaste error) 2019-09-10 12:39:59 +00:00			`data = json.dumps(obj, sort_keys=True, indent=4)`
refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`self._data += data.encode("utf8")`

			`def set_header(self, key: str, value: str):`
			`self._headers[key] = value`
			`def get_headers(self):`
			`headers = {}`
			`has_content_type = False`
			`for key, value in self._headers.items():`
			`if key.lower() == "content-type":`
			`has_content_type = True`
			`headers[key] = value`
			`if not has_content_type:`
			`headers["Content-Type"] = self.content_type`
force content-length on to REST API responses 2019-09-11 10:00:55 +00:00			`headers["Content-Length"] = len(self._data)`
refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`return headers`

			`def get_data(self):`
			`return self._data`

expose url-for logic on Exports too 2019-09-16 13:55:29 +00:00			`_module = None`
Add basics of (by-default disabled) REST API 2018-10-04 15:01:13 +00:00			`_bot = None`
			`_events = None`
Log errors caught when trying to execute API endpoints 2018-11-06 17:22:50 +00:00			`_log = None`
Add basics of (by-default disabled) REST API 2018-10-04 15:01:13 +00:00			`class Handler(http.server.BaseHTTPRequestHandler):`
Timeout REST API requests after 10 seconds 2018-10-04 16:10:05 +00:00			`timeout = 10`
Simplify/refactor REST API request parsing code (rest_api.py) 2019-02-08 21:52:24 +00:00
			`def _path_data(self):`
			`path = urllib.parse.urlparse(self.path).path`
Support POST through modules/rest_api.py 2018-10-05 21:49:06 +00:00			`_, _, endpoint = path[1:].partition("/")`
			`endpoint, _, args = endpoint.partition("/")`
			`args = list(filter(None, args.split("/")))`
Return `path` from `_path_data()` (rest_api.py) 2019-02-08 21:56:58 +00:00			`return path, endpoint, args`
Simplify/refactor REST API request parsing code (rest_api.py) 2019-02-08 21:52:24 +00:00
			`def _url_params(self):`
			`parsed = urllib.parse.urlparse(self.path)`
Typo, 'utils.parse' -> 'urllib.parse' (rest_api.py) 2019-02-08 21:55:42 +00:00			`query = urllib.parse.parse_qs(parsed.query)`
Simplify/refactor REST API request parsing code (rest_api.py) 2019-02-08 21:52:24 +00:00			`return dict([(k, v[0]) for k, v in query.items()])`

			`def _body(self):`
			`content_length = int(self.headers.get("content-length", 0))`
			`return self.rfile.read(content_length)`

refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`def _respond(self, response):`
			`self.send_response(response.code)`
			`for key, value in response.get_headers().items():`
Abstract away sending response to REST API request (rest_api.py) 2019-02-08 22:04:39 +00:00			`self.send_header(key, value)`
			`self.end_headers()`
refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`self.wfile.write(response.get_data())`
Abstract away sending response to REST API request (rest_api.py) 2019-02-08 22:04:39 +00:00
move more REST API code on to the main thread 2019-09-10 12:55:06 +00:00			`def _key_settings(self, key):`
			`return _bot.get_setting("api-key-%s" % key, {})`
			`def _minify_setting(self):`
			`return _bot.get_setting("rest-api-minify", False)`
Remove default logging, show request path in our own _handle logging 2019-03-11 12:16:56 +00:00
first draft of ActivityPub webfinger 2019-09-10 14:40:01 +00:00			`def _url_for(self, headers):`
support path-arg variables in url_for 2019-09-20 09:41:52 +00:00			`return (lambda route, endpoint, args=[], get_params={}:`
			`_module._url_for(route, endpoint, args, get_params,`
add missing ")" 2019-09-20 09:43:23 +00:00			`headers.get("Host", None)))`
first draft of ActivityPub webfinger 2019-09-10 14:40:01 +00:00
move more REST API code on to the main thread 2019-09-10 12:55:06 +00:00			`def _handle(self, method, path, endpoint, args):`
Switch to using a case insensitive dictionary for headers instead of doing .title() on each header key 2018-12-08 09:00:12 +00:00			`headers = utils.CaseInsensitiveDict(dict(self.headers.items()))`
Simplify/refactor REST API request parsing code (rest_api.py) 2019-02-08 21:52:24 +00:00			`params = self._url_params()`
			`data = self._body()`
Add basics of (by-default disabled) REST API 2018-10-04 15:01:13 +00:00
move more REST API code on to the main thread 2019-09-10 12:55:06 +00:00			`response = Response(compact=self._minify_setting())`
refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`response.code = 404`
Allow API endpoints to not request authentication 2018-10-04 16:59:24 +00:00
Support POST through modules/rest_api.py 2018-10-05 21:49:06 +00:00			`hooks = _events.on("api").on(method).on(endpoint).get_hooks()`
			`if hooks:`
set response.code=200 as soon as we know there's a hook waiting for it 2019-09-10 12:45:14 +00:00			`response.code = 200`
Support POST through modules/rest_api.py 2018-10-05 21:49:06 +00:00			`hook = hooks[0]`
			`authenticated = hook.get_kwarg("authenticated", True)`
			`key = params.get("key", None)`
move more REST API code on to the main thread 2019-09-10 12:55:06 +00:00			`key_setting = self._key_settings(key)`
Typo in modules/rest_api.py, 'seting' -> 'setting' 2018-11-12 18:18:07 +00:00			`permissions = key_setting.get("permissions", [])`
Add basic access controls to modules/rest_api.py 2018-11-10 21:54:08 +00:00
INFO log when we get a HTTP request with an API key (including the key's comment) (rest_api.py) 2019-01-23 22:08:26 +00:00			`if key_setting:`
Move logging API key from INFO to DEBUG (rest_api.py) 2019-01-23 22:23:21 +00:00			`_log.debug("[HTTP] %s from API key %s (%s)",`
Logging shouldn't use `%` string formatting (rest_api.py) 2019-01-23 22:10:32 +00:00			`[method, key, key_setting["comment"]])`
INFO log when we get a HTTP request with an API key (including the key's comment) (rest_api.py) 2019-01-23 22:08:26 +00:00
typo in modules/rest_api.py, 'permimssions' -> 'permissions' 2018-11-11 08:53:37 +00:00			`if not authenticated or path in permissions or "*" in permissions:`
Support POST through modules/rest_api.py 2018-10-05 21:49:06 +00:00			`if path.startswith("/api/"):`
Typo in modules/github.py ('command' -> 'commit') and declare event_response outside of try/except in modules/rest_api.py 2018-10-06 08:24:43 +00:00			`event_response = None`
Return 500 when an exception is thrown, never try to .encode None 2018-10-06 08:22:11 +00:00			`try:`
move more REST API code on to the main thread 2019-09-10 12:55:06 +00:00			`event_response = _events.on("api").on(method).on(`
'call_unsafe_for_result' -> 'call_for_result_unsafe' 2019-06-26 10:04:41 +00:00			`endpoint).call_for_result_unsafe(params=params,`
'path' -> 'args' on REST API events 2019-09-20 09:48:24 +00:00			`args=args, data=data, headers=headers,`
first draft of ActivityPub webfinger 2019-09-10 14:40:01 +00:00			`response=response, url_for=self._url_for(headers))`
Log errors caught when trying to execute API endpoints 2018-11-06 17:22:50 +00:00			`except Exception as e:`
			`_log.error("failed to call API endpoint \"%s\"",`
			`[path], exc_info=True)`
refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`response.code = 500`
Add basics of (by-default disabled) REST API 2018-10-04 15:01:13 +00:00
Only count a `None` response from an API event hook to be a 404 2018-11-06 14:09:13 +00:00			`if not event_response == None:`
refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`response.write_json(event_response)`
			`response.content_type = "application/json"`
Add basic access controls to modules/rest_api.py 2018-11-10 21:54:08 +00:00			`else:`
refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`response.code = 401`
move more REST API code on to the main thread 2019-09-10 12:55:06 +00:00			`return response`

			`def _handle_wrap(self, method):`
			`path, endpoint, args = self._path_data()`
			`_log.debug("[HTTP] starting _handle for %s from %s:%d: %s",`
			`[method, self.client_address[0], self.client_address[1], path])`
Abstract away sending response to REST API request (rest_api.py) 2019-02-08 22:04:39 +00:00
move more REST API code on to the main thread 2019-09-10 12:55:06 +00:00			`response = _bot.trigger(lambda: self._handle(method, path, endpoint,`
			`args))`
refactor REST API to use a Response object 2019-09-10 12:38:25 +00:00			`self._respond(response)`
Abstract away sending response to REST API request (rest_api.py) 2019-02-08 22:04:39 +00:00
Show returned status code when _handle finishes 2019-03-13 13:33:53 +00:00			`_log.debug("[HTTP] finishing _handle for %s from %s:%d (%d)",`
'code' -> 'response.code' 2019-09-10 12:45:55 +00:00			`[method, self.client_address[0], self.client_address[1],`
			`response.code])`
Add basics of (by-default disabled) REST API 2018-10-04 15:01:13 +00:00
Support POST through modules/rest_api.py 2018-10-05 21:49:06 +00:00			`def do_GET(self):`
move more REST API code on to the main thread 2019-09-10 12:55:06 +00:00			`self._handle_wrap("GET")`
Support POST through modules/rest_api.py 2018-10-05 21:49:06 +00:00
			`def do_POST(self):`
move more REST API code on to the main thread 2019-09-10 12:55:06 +00:00			`self._handle_wrap("POST")`
Support POST through modules/rest_api.py 2018-10-05 21:49:06 +00:00
Log HTTP events through regular logging 2018-11-14 23:01:22 +00:00			`def log_message(self, format, *args):`
Remove default logging, show request path in our own _handle logging 2019-03-11 12:16:56 +00:00			`return`
Log HTTP events through regular logging 2018-11-14 23:01:22 +00:00
Change REST API to listen on IPv6 2019-08-13 11:58:23 +00:00			`class BitBotIPv6HTTPd(http.server.HTTPServer):`
			`address_family = socket.AF_INET6`

Refactor set/channelset/serverset/botset in to 'utils.Setting' objects 2019-06-28 22:16:05 +00:00			`@utils.export("botset",`
			`utils.BoolSetting("rest-api", "Enable/disable REST API"))`
			`@utils.export("botset",`
duplicate 'rest-api' setting - copypaste issue for rest-api-minify 2019-09-10 14:00:47 +00:00			`utils.BoolSetting("rest-api-minify", "Enable/disable REST API minifying"))`
allow configuring REST API Host, have default public and local ports 2019-09-15 10:37:32 +00:00			`@utils.export("botset",`
			`utils.Setting("rest-api-host", "Public hostname:port for the REST API"))`
Pass context-wrapped timers to each module, add ModuleManager.BaseModule.on_load 2018-10-12 17:07:23 +00:00			`class Module(ModuleManager.BaseModule):`
expand `apikey` command to list, add, remove and info closes #123 2019-10-04 11:39:36 +00:00			`_name = "REST"`

Pass context-wrapped timers to each module, add ModuleManager.BaseModule.on_load 2018-10-12 17:07:23 +00:00			`def on_load(self):`
expose url-for logic on Exports too 2019-09-16 13:55:29 +00:00			`global _module`
			`_module = self`

Add basics of (by-default disabled) REST API 2018-10-04 15:01:13 +00:00			`global _bot`
Pass context-wrapped timers to each module, add ModuleManager.BaseModule.on_load 2018-10-12 17:07:23 +00:00			`_bot = self.bot`
Add basics of (by-default disabled) REST API 2018-10-04 15:01:13 +00:00
			`global _events`
Pass context-wrapped timers to each module, add ModuleManager.BaseModule.on_load 2018-10-12 17:07:23 +00:00			`_events = self.events`
Add basics of (by-default disabled) REST API 2018-10-04 15:01:13 +00:00
Log errors caught when trying to execute API endpoints 2018-11-06 17:22:50 +00:00			`global _log`
			`_log = self.log`

Check whether we actually have a httpd running when unloading rest_api.py 2018-12-08 08:56:47 +00:00			`self.httpd = None`
Pass context-wrapped timers to each module, add ModuleManager.BaseModule.on_load 2018-10-12 17:07:23 +00:00			`if self.bot.get_setting("rest-api", False):`
add on_pause() and on_resume() for module - use in rest_api.py 2019-11-04 10:52:41 +00:00			`self._start_httpd()`
Use newly abstracted away ssl_wrap (rest_api.py) 2019-02-10 12:38:53 +00:00
add on_pause() and on_resume() for module - use in rest_api.py 2019-11-04 10:52:41 +00:00			`def _start_httpd(self):`
			`port = int(self.bot.config.get("api-port", str(DEFAULT_PORT)))`
			`self.httpd = BitBotIPv6HTTPd(("::1", port), Handler)`
Add basics of (by-default disabled) REST API 2018-10-04 15:01:13 +00:00
add on_pause() and on_resume() for module - use in rest_api.py 2019-11-04 10:52:41 +00:00			`self.thread = threading.Thread(target=self.httpd.serve_forever)`
			`self.thread.daemon = True`
			`self.thread.start()`
			`def _stop_httpd(self):`
Check whether we actually have a httpd running when unloading rest_api.py 2018-12-08 08:56:47 +00:00			`if self.httpd:`
			`self.httpd.shutdown()`
Implement api keys in modules/rest_api.py 2018-10-04 16:09:35 +00:00
add on_pause() and on_resume() for module - use in rest_api.py 2019-11-04 10:52:41 +00:00			`def on_resume(self):`
			`self._start_httpd()`

			`def unload(self):`
			`self._stop_httpd()`
			`def on_pause(self):`
			`self._stop_httpd()`

expand `apikey` command to list, add, remove and info closes #123 2019-10-04 11:39:36 +00:00			`@utils.hook("received.command.apikey")`
			`@utils.kwarg("private_only", True)`
update !apikey to use command spec 2020-02-05 16:40:15 +00:00			`@utils.spec("!'list ?<alias>wordlower")`
			`@utils.spec("!'add !<alias>wordlower ?<endpoints>words")`
			`@utils.spec("!'remove !<alias>wordlower")`
major security fix: adding api keys should be admin-only 2019-10-18 14:17:04 +00:00			`@utils.kwarg("permission", "apikey")`
expand `apikey` command to list, add, remove and info closes #123 2019-10-04 11:39:36 +00:00			`def apikey(self, event):`
update !apikey to use command spec 2020-02-05 16:40:15 +00:00			`subcommand = event["spec"][0]`
			`alias = event["spec"][1]`
expand `apikey` command to list, add, remove and info closes #123 2019-10-04 11:39:36 +00:00			`found = None`

			`api_keys = {}`
combine find_setting() and find_setting_prefix() on user/channel/server/bot 2019-10-07 11:46:52 +00:00			`for key, value in self.bot.find_settings(prefix="api-key-"):`
expand `apikey` command to list, add, remove and info closes #123 2019-10-04 11:39:36 +00:00			`api_keys[key] = value`
update !apikey to use command spec 2020-02-05 16:40:15 +00:00			`if alias and value["comment"].lower() == alias:`
expand `apikey` command to list, add, remove and info closes #123 2019-10-04 11:39:36 +00:00			`found = key`

			`if subcommand == "list":`
update !apikey to use command spec 2020-02-05 16:40:15 +00:00			`aliases = {v["comment"]: v for v in api_keys.values()}`
			`if alias:`
			`if not alias in aliases:`
			`event["stderr"].write("API key '%s' not found" % alias)`
			`event["stdout"].write("API key %s ('%s') can access: %s" %`
			`(key, alias, " ".join(aliases[alias]["permissions"])))`
			`else:`
			`event["stdout"].write("API keys: %s"`
			`% ", ".join(sorted(aliases.keys())))`
expand `apikey` command to list, add, remove and info closes #123 2019-10-04 11:39:36 +00:00			`elif subcommand == "add":`
			`if found == None:`
			`new_key = binascii.hexlify(os.urandom(16)).decode("ascii")`
			`self.bot.set_setting("api-key-%s" % new_key, {`
update !apikey to use command spec 2020-02-05 16:40:15 +00:00			`"comment": alias, "permissions": event["spec"][2] or []`
expand `apikey` command to list, add, remove and info closes #123 2019-10-04 11:39:36 +00:00			`})`
			`event["stdout"].write("New API key '%s': %s" %`
update !apikey to use command spec 2020-02-05 16:40:15 +00:00			`(alias, new_key))`
expand `apikey` command to list, add, remove and info closes #123 2019-10-04 11:39:36 +00:00			`else:`
			`event["stderr"].write("API key alias '%s' already exists" %`
			`alias)`
			`elif subcommand == "remove":`
			`if not len(event["args_split"]) > 1:`
			`raise utils.EventError("Please provide a key alias to remove")`

			`if not found == None:`
			`self.bot.del_setting(found)`
			`key = found.replace("api-key-", "", 1)`
			`event["stdout"].write("Deleted API key %s ('%s')" %`
			`(key, alias))`
			`else:`
			`event["stderr"].write("Count not find API key '%s'" % alias)`
expose url-for logic on Exports too 2019-09-16 13:55:29 +00:00
utilise @utils.export for function exporting in more places 2020-02-19 17:29:10 +00:00			`@utils.export("url-for")`
support path-arg variables in url_for 2019-09-20 09:41:52 +00:00			`def _url_for(self, route, endpoint, args=[], get_params={},`
			`host_override=None):`
expose url-for logic on Exports too 2019-09-16 13:55:29 +00:00			`host = host_override or self.bot.get_setting("rest-api-host", None)`

			`host, _, port = host.partition(":")`
			`if not port:`
			`port = str(_bot.config.get("api-port", DEFAULT_PUBLIC_PORT))`
			`host = "%s:%s" % (host, port)`

			`if host:`
support path-arg variables in url_for 2019-09-20 09:41:52 +00:00			`args_str = ""`
			`if args:`
			`args_str = "/%s" % "/".join(args)`
expose url-for logic on Exports too 2019-09-16 13:55:29 +00:00			`get_params_str = ""`
			`if get_params:`
			`get_params_str = "?%s" % urllib.parse.urlencode(get_params)`
support path-arg variables in url_for 2019-09-20 09:41:52 +00:00			`return "%s/%s/%s%s%s" % (host, route, endpoint, args_str,`
			`get_params_str)`
expose url-for logic on Exports too 2019-09-16 13:55:29 +00:00			`else:`
			`return None`