Add encrypt_response functionality

SAIC-iSmart-API · Sep 27, 2024 · a6b62fe · a6b62fe
1 parent 5e9657d
commit a6b62fe
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 2 deletions.
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,7 +1,7 @@
 [tool.poetry]
 name = "saic_ismart_client_ng"
 homepage = "https://github.com/SAIC-iSmart-API/saic-python-client-ng"
-version = "0.2.3"
+version = "0.3.0"
 description = "SAIC next gen client library (MG iSMART)"
 authors = [
     "Giovanni Condello <[email protected]>",

diff --git a/src/saic_ismart_client_ng/net/crypto.py b/src/saic_ismart_client_ng/net/crypto.py
@@ -107,8 +107,8 @@ def encrypt_request(
         request_content,
         user_token
     )
-    original_request_headers["ORIGINAL-CONTENT-TYPE"] = modified_content_type
     original_request_headers["APP-VERIFICATION-STRING"] = app_verification_string
+    original_request_headers["ORIGINAL-CONTENT-TYPE"] = modified_content_type
     return new_content, original_request_headers
 
 
@@ -142,6 +142,55 @@ def decrypt_request(
     return original_request_content.encode(charset)
 
 
+def encrypt_response(
+        *,
+        original_request_url: str,
+        original_response_headers: dict,
+        original_response_content: str,
+        response_timestamp_ms: int,
+        base_uri: str,
+        tenant_id: str,
+        user_token: '',
+):
+    request_content = ""
+    request_path = str(original_request_url).replace(base_uri, "/")
+    original_content_type = original_response_headers.get("Content-Type")  # 'application/x-www-form-urlencoded'
+    if not original_content_type:
+        modified_content_type = "application/json"
+    else:
+        modified_content_type = original_content_type  # 'application/x-www-form-urlencoded'
+    current_ts = str(response_timestamp_ms)
+    request_body = original_response_content
+    new_content = original_response_content
+    if request_body and "multipart" not in original_content_type:
+        modified_content_type = normalize_content_type(original_content_type)
+        request_content = request_body.strip()
+        if request_content:
+            key_hex = md5_hex_digest(
+                current_ts + "1" + modified_content_type,
+                False
+            )
+            iv_hex = md5_hex_digest(current_ts, False)
+            if key_hex and iv_hex:
+                new_content = encrypt_aes_cbc_pkcs5_padding(request_content, key_hex, iv_hex).encode('utf-8')
+
+    original_response_headers["Content-Type"] = f"{modified_content_type};charset=utf-8"
+    original_response_headers["APP-CONTENT-ENCRYPTED"] = "1"
+    original_response_headers["APP-SEND-DATE"] = current_ts
+    original_response_headers["ORIGINAL-CONTENT-TYPE"] = modified_content_type
+    app_verification_string = get_app_verification_string(
+        '',
+        request_path,
+        current_ts,
+        tenant_id,
+        modified_content_type,
+        request_content,
+        user_token
+    )
+    original_response_headers["APP-VERIFICATION-STRING"] = app_verification_string
+    return new_content, original_response_headers
+
+
 def decrypt_response(
         *,
         original_response_content: str,