Skip to content

Return headers on request exception #23

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 7 commits into from
Feb 27, 2025
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 11 additions & 6 deletions socketdev/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
from socketdev.dependencies import Dependencies
from socketdev.export import Export
from socketdev.fullscans import FullScans
from socketdev.historical import Historical
from socketdev.npm import NPM
from socketdev.openapi import OpenAPI
from socketdev.org import Orgs
Expand All @@ -14,6 +15,7 @@
from socketdev.repositories import Repositories
from socketdev.sbom import Sbom
from socketdev.settings import Settings
from socketdev.triage import Triage
from socketdev.utils import Utils, IntegrationType, INTEGRATION_TYPES
from socketdev.version import __version__

Expand All @@ -23,7 +25,6 @@
__all__ = ["socketdev", "Utils", "IntegrationType", "INTEGRATION_TYPES"]



global encoded_key
encoded_key: str

Expand All @@ -32,6 +33,8 @@
log = logging.getLogger("socketdev")
log.addHandler(logging.NullHandler())

# TODO: Add debug flag to constructor to enable verbose error logging for API response parsing.


class socketdev:
def __init__(self, token: str, timeout: int = 1200):
Expand All @@ -41,18 +44,20 @@ def __init__(self, token: str, timeout: int = 1200):
self.api.set_timeout(timeout)

self.dependencies = Dependencies(self.api)
self.export = Export(self.api)
self.fullscans = FullScans(self.api)
self.historical = Historical(self.api)
self.npm = NPM(self.api)
self.openapi = OpenAPI(self.api)
self.org = Orgs(self.api)
self.purl = Purl(self.api)
self.quota = Quota(self.api)
self.report = Report(self.api)
self.sbom = Sbom(self.api)
self.purl = Purl(self.api)
self.fullscans = FullScans(self.api)
self.export = Export(self.api)
self.repositories = Repositories(self.api)
self.repos = Repos(self.api)
self.repositories = Repositories(self.api)
self.sbom = Sbom(self.api)
self.settings = Settings(self.api)
self.triage = Triage(self.api)
self.utils = Utils()

@staticmethod
Expand Down
75 changes: 52 additions & 23 deletions socketdev/core/api.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,16 @@
import requests
from socketdev.core.classes import Response
from socketdev.exceptions import (
APIKeyMissing, APIFailure, APIAccessDenied, APIInsufficientQuota,
APIResourceNotFound, APITimeout, APIConnectionError, APIBadGateway,
APIInsufficientPermissions, APIOrganizationNotAllowed
APIKeyMissing,
APIFailure,
APIAccessDenied,
APIInsufficientQuota,
APIResourceNotFound,
APITimeout,
APIConnectionError,
APIBadGateway,
APIInsufficientPermissions,
APIOrganizationNotAllowed,
)
from socketdev.version import __version__
from requests.exceptions import Timeout, ConnectionError
Expand All @@ -24,7 +31,12 @@ def set_timeout(self, timeout: int):
self.request_timeout = timeout

def do_request(
self, path: str, headers: dict | None = None, payload: [dict, str] = None, files: list = None, method: str = "GET"
self,
path: str,
headers: dict | None = None,
payload: [dict, str] = None,
files: list = None,
method: str = "GET",
) -> Response:
if self.encoded_key is None or self.encoded_key == "":
raise APIKeyMissing
Expand All @@ -36,33 +48,39 @@ def do_request(
"accept": "application/json",
}
url = f"{self.api_url}/{path}"

def format_headers(headers_dict):
return "\n".join(f"{k}: {v}" for k, v in headers_dict.items())

try:
start_time = time.time()
response = requests.request(
method.upper(), url, headers=headers, data=payload, files=files, timeout=self.request_timeout
)
request_duration = time.time() - start_time


headers_str = f"\n\nHeaders:\n{format_headers(response.headers)}" if response.headers else ""
path_str = f"\nPath: {url}"

if response.status_code == 401:
raise APIAccessDenied("Unauthorized")
raise APIAccessDenied(f"Unauthorized{path_str}{headers_str}")
if response.status_code == 403:
try:
error_message = response.json().get('error', {}).get('message', '')
error_message = response.json().get("error", {}).get("message", "")
if "Insufficient permissions for API method" in error_message:
raise APIInsufficientPermissions(error_message)
raise APIInsufficientPermissions(f"{error_message}{path_str}{headers_str}")
elif "Organization not allowed" in error_message:
raise APIOrganizationNotAllowed(error_message)
raise APIOrganizationNotAllowed(f"{error_message}{path_str}{headers_str}")
elif "Insufficient max quota" in error_message:
raise APIInsufficientQuota(error_message)
raise APIInsufficientQuota(f"{error_message}{path_str}{headers_str}")
else:
raise APIAccessDenied(error_message or "Access denied")
raise APIAccessDenied(f"{error_message or 'Access denied'}{path_str}{headers_str}")
except ValueError:
# If JSON parsing fails
raise APIAccessDenied("Access denied")
raise APIAccessDenied(f"Access denied{path_str}{headers_str}")
if response.status_code == 404:
raise APIResourceNotFound(f"Path not found {path}")
raise APIResourceNotFound(f"Path not found {path}{path_str}{headers_str}")
if response.status_code == 429:
retry_after = response.headers.get('retry-after')
retry_after = response.headers.get("retry-after")
if retry_after:
try:
seconds = int(retry_after)
Expand All @@ -73,23 +91,34 @@ def do_request(
time_msg = f" Retry after: {retry_after}"
else:
time_msg = ""
raise APIInsufficientQuota(f"Insufficient quota for API route.{time_msg}")
raise APIInsufficientQuota(f"Insufficient quota for API route.{time_msg}{path_str}{headers_str}")
if response.status_code == 502:
raise APIBadGateway("Upstream server error")
raise APIBadGateway(f"Upstream server error{path_str}{headers_str}")
if response.status_code >= 400:
raise APIFailure(f"Bad Request: HTTP {response.status_code}")

raise APIFailure(
f"Bad Request: HTTP original_status_code:{response.status_code}{path_str}{headers_str}",
status_code=500,
)

return response

except Timeout:
request_duration = time.time() - start_time
raise APITimeout(f"Request timed out after {request_duration:.2f} seconds")
except ConnectionError as error:
request_duration = time.time() - start_time
raise APIConnectionError(f"Connection error after {request_duration:.2f} seconds: {error}")
except (APIAccessDenied, APIInsufficientQuota, APIResourceNotFound, APIFailure,
APITimeout, APIConnectionError, APIBadGateway, APIInsufficientPermissions,
APIOrganizationNotAllowed):
except (
APIAccessDenied,
APIInsufficientQuota,
APIResourceNotFound,
APIFailure,
APITimeout,
APIConnectionError,
APIBadGateway,
APIInsufficientPermissions,
APIOrganizationNotAllowed,
):
# Let all our custom exceptions propagate up unchanged
raise
except Exception as error:
Expand Down
14 changes: 9 additions & 5 deletions socketdev/dependencies/__init__.py
Original file line number Diff line number Diff line change
@@ -1,8 +1,12 @@
import json
from urllib.parse import urlencode

import logging
from socketdev.tools import load_files

log = logging.getLogger("socketdev")

# TODO: Add types for responses. Not currently used in the CLI.


class Dependencies:
def __init__(self, api):
Expand All @@ -17,8 +21,8 @@ def post(self, files: list, params: dict) -> dict:
result = response.json()
else:
result = {}
print(f"Error posting {files} to the Dependency API")
print(response.text)
log.error(f"Error posting {files} to the Dependency API")
log.error(response.text)
return result

def get(
Expand All @@ -34,6 +38,6 @@ def get(
result = response.json()
else:
result = {}
print("Unable to retrieve Dependencies")
print(response.text)
log.error("Unable to retrieve Dependencies")
log.error(response.text)
return result
47 changes: 30 additions & 17 deletions socketdev/export/__init__.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
from urllib.parse import urlencode
from dataclasses import dataclass, asdict
from typing import Optional
import logging

log = logging.getLogger("socketdev")


@dataclass
Expand All @@ -23,40 +26,50 @@ class Export:
def __init__(self, api):
self.api = api

def cdx_bom(self, org_slug: str, id: str, query_params: Optional[ExportQueryParams] = None) -> dict:
def cdx_bom(
self, org_slug: str, id: str, query_params: Optional[ExportQueryParams] = None, use_types: bool = False
) -> dict:
"""
Export a Socket SBOM as a CycloneDX SBOM
:param org_slug: String - The slug of the organization
:param id: String - The id of either a full scan or an sbom report
:param query_params: Optional[ExportQueryParams] - Query parameters for filtering
:return:
:param use_types: Optional[bool] - Whether to return typed responses
:return: dict
"""
path = f"orgs/{org_slug}/export/cdx/{id}"
if query_params:
path += query_params.to_query_params()
response = self.api.do_request(path=path)
try:
sbom = response.json()
sbom["success"] = True
except Exception as error:
sbom = {"success": False, "message": str(error)}
return sbom

def spdx_bom(self, org_slug: str, id: str, query_params: Optional[ExportQueryParams] = None) -> dict:

if response.status_code == 200:
return response.json()
# TODO: Add typed response when types are defined

log.error(f"Error exporting CDX BOM: {response.status_code}")
print(response.text)
return {}

def spdx_bom(
self, org_slug: str, id: str, query_params: Optional[ExportQueryParams] = None, use_types: bool = False
) -> dict:
"""
Export a Socket SBOM as an SPDX SBOM
:param org_slug: String - The slug of the organization
:param id: String - The id of either a full scan or an sbom report
:param query_params: Optional[ExportQueryParams] - Query parameters for filtering
:return:
:param use_types: Optional[bool] - Whether to return typed responses
:return: dict
"""
path = f"orgs/{org_slug}/export/spdx/{id}"
if query_params:
path += query_params.to_query_params()
response = self.api.do_request(path=path)
try:
sbom = response.json()
sbom["success"] = True
except Exception as error:
sbom = {"success": False, "message": str(error)}
return sbom

if response.status_code == 200:
return response.json()
# TODO: Add typed response when types are defined

log.error(f"Error exporting SPDX BOM: {response.status_code}")
print(response.text)
return {}
Loading
Loading