fixed JSON parsing error + replaced md5 with sha1 (non-crypto purpose)

Author: eshaan7

flask_shell2http/api.py

@@ -36,27 +36,27 @@ class shell2httpAPI(MethodView):
 
     def get(self):
         try:
-            md5: str = request.args.get("key")
-            logger.info(f"Report requested for key:'{md5}'.")
-            if not md5:
+            key: str = request.args.get("key")
+            logger.info(f"Report requested for key:'{key}'.")
+            if not key:
                 raise Exception("No key provided in arguments.")
             # check if job has been finished
-            future = self.executor.get_job(md5)
+            future = self.executor.get_job(key)
             if future:
                 if not future.done:
-                    return make_response(jsonify(status="running", md5=md5), 200)
+                    return make_response(jsonify(status="running", key=key), 200)
 
                 # pop future object since it has been finished
-                self.executor.pop_job(md5)
+                self.executor.pop_job(key)
 
             # if yes, get result from store
-            report = self.store.get_one(md5)
+            report = self.store.get_one(key)
             if not report:
-                raise Exception(f"Report does not exist for key:{md5}.")
+                raise Exception(f"Report does not exist for key:{key}.")
 
-            resp = report.to_json()
+            resp = report.to_dict()
             logger.debug(f"Requested report: {resp}")
-            return make_response(resp, HTTPStatus.OK)
+            return make_response(jsonify(resp), HTTPStatus.OK)
 
         except Exception as e:
             logger.exception(e)
@@ -66,12 +66,12 @@ def post(self):
         try:
             logger.info(f"Received request for endpoint: '{request.url_rule}'.")
             # Check if command is correct and parse it
-            cmd, md5 = self.request_parser.parse_req(request)
+            cmd, key = self.request_parser.parse_req(request)
 
             # run executor job in background
-            job_key = JobExecutor.make_key(md5)
+            job_key = JobExecutor.make_key(key)
             future = self.executor.new_job(
-                future_key=job_key, fn=self.executor.run_command, cmd=cmd, md5=md5
+                future_key=job_key, fn=self.executor.run_command, cmd=cmd, key=key
             )
             # callback that adds result to store
             future.add_done_callback(self.store.save_result)
@@ -80,7 +80,7 @@ def post(self):
 
             logger.info(f"Job: '{job_key}' added to queue for command: {cmd}")
             return make_response(
-                jsonify(status="running", key=md5), HTTPStatus.ACCEPTED,
+                jsonify(status="running", key=key), HTTPStatus.ACCEPTED,
             )
 
         except Exception as e:

flask_shell2http/classes.py

@@ -22,18 +22,17 @@ class Report:
     Internal use only.
     """
 
-    def __init__(self, md5, report, error, start_time, status="failed"):
+    def __init__(self, key, report, error, start_time, status="failed"):
         self.start_time = start_time
         self.end_time = time.time()
         self.process_time = self.end_time - self.start_time
-        self.md5 = md5
+        self.key = key
         self.report = report
         self.error = error
         self.status = status
 
-    def to_json(self):
+    def to_dict(self):
         resp = self.__dict__
-        # resp["report"] = json.loads(self.report)
         return resp
 
 
@@ -46,36 +45,36 @@ class JobExecutor:
     executor: Executor
 
     @staticmethod
-    def make_key(md5) -> str:
-        return f"job_{md5}"
+    def make_key(k) -> str:
+        return f"job_{k}"
 
-    def get_job(self, md5):
-        key = self.make_key(md5)
+    def get_job(self, k):
+        key = self.make_key(k)
         return self.executor.futures._futures.get(key, None)
 
-    def cancel_job(self, md5):
-        key = self.make_key(md5)
+    def cancel_job(self, k):
+        key = self.make_key(k)
         return self.executor.futures._futures.get(key).cancel()
 
     def new_job(self, **kwargs):
         return self.executor.submit_stored(**kwargs)
 
-    def pop_job(self, md5):
-        key = self.make_key(md5)
+    def pop_job(self, k):
+        key = self.make_key(k)
         return self.executor.futures.pop(key)
 
     def __init__(self, executor) -> None:
         self.executor = executor
 
-    def run_command(self, cmd, md5) -> Report:
+    def run_command(self, cmd, key) -> Report:
         """
         This function is called by the executor to run given command
         using a subprocess asynchronously.
 
         :returns:
             A ConcurrentFuture object where future.result = Report()
         """
-        job_key: str = self.make_key(md5)
+        job_key: str = self.make_key(key)
         start_time = time.time()
         try:
             proc = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
@@ -89,10 +88,9 @@ def run_command(self, cmd, md5) -> Report:
             else:
                 status = "failed"
 
-            stdout = {"result": stdout}
             logger.info(f"Job: '{job_key}' finished with status: '{status}'.")
             return Report(
-                md5=md5,
+                key=key,
                 report=stdout,
                 error=stderr,
                 start_time=start_time,
@@ -101,10 +99,10 @@ def run_command(self, cmd, md5) -> Report:
 
         except Exception as e:
             str_err = str(e)
-            self.cancel_job(md5)
+            self.cancel_job(key)
             logger.error(f"Job: '{job_key}' failed. Reason: {str_err}.")
             return Report(
-                md5=md5,
+                key=key,
                 report=None,
                 error=str_err,
                 start_time=start_time,
@@ -125,7 +123,7 @@ def save_result(self, future) -> None:
         """
         # get job result from future
         job_res = future.result()
-        self.__results.update({job_res.md5: job_res})
+        self.__results.update({job_res.key: job_res})
 
     def get_all(self):
         return self.__results

flask_shell2http/helpers.py

@@ -17,10 +17,12 @@ def list_replace(lst: list, old, new) -> None:
 def calc_hash(lst: list) -> str:
     """
     Internal use only.
-    Calculates md5sum of given command with it's byte-string.
+    Calculates sha1sum of given command with it's byte-string.
+    This is for non-cryptographic purpose,
+    that's why a faster and insecure hashing algorithm is chosen.
     """
     to_hash = " ".join(lst).encode("ascii")
-    return __import__("hashlib").md5(to_hash).hexdigest()
+    return __import__("hashlib").sha1(to_hash).hexdigest()
 
 
 def get_logger() -> logging.Logger: