Flask Application

File location

• Bundled implementation: source/server/python/daemon.py

• Cluster implementation: cluster/daemon/python/daemon.py

URL Routing

daemon.root()

Route

/api

Methods

GET

Display help message __help__.

daemon.help_()

Route

/api/v1.0

Methods

GET

Display help message HELP_v1_0.

daemon.list_()

Route

/api/v1.0/list

Methods

GET

List of detection process information.

0. Information of running processes from RUNNING:

{
  "id": "...",
  "initied": null,
  "scanned": true,
  "reported: null,
  "deleted": false
}

1. Information of finished processes from SCANNED:

   • If the process exited on success:

     {
       "id": "...",
       "initied": null,
       "scanned": true,
       "reported: true,
       "deleted": false
     }
     

   • If the process exited on failure:

     {
       "id": "...",
       "initied": null,
       "scanned": true,
       "reported: false,
       "deleted": false
     }
     

get_none()

Route

/api/v1.0/report

Methods

GET

Display help message:

ID Required: /api/v1.0/report/<id>

get(id_: str)

Route

/api/v1.0/report/<id>

Methods

GET

Fetch detection status of id_.

0. If id_ in RUNNING:

   {
     "id": "...",
     "initied": null,
     "scanned": false,
     "reported: null,
     "deleted": false
   }
   

1. If id_ in SCANNED:

   • If the process exited on success:

     {
       "id": "...",
       "initied": null,
       "scanned": true,
       "reported: true,
       "deleted": false
     }
     

   • If the process exited on failure:

     {
       "id": "...",
       "initied": null,
       "scanned": true,
       "reported: false,
       "deleted": false
     }
     

2. If id_ not found, raises 404 Not Found with id_not_found().

daemon.scan()

Route

/api/v1.0/scan

Methods

POST

Perform remote detection on target file.

The POST data should be a JSON object with following fields:

Parameters

• name (string) – path to the extracted file

• mime (string) – MIME type

• uuid (string) – unique identifier

• report (string | string[]) – report generation commands

• shared (string) – shared detection API identifier

• inited (boolean) – API initialised

• workdir (string) – working directory

• environ (object) – environment variables

• install (string | string[]) – initialisation commands

• scripts (string | string[]) – detection commands

If NO JSON data provided, raises 400 Bad Request with invalid_info().

After performing detection process.process() on the target file, returns a JSON object containing detection report:

0. If detection exits on success:

   {
     "id": "...",
     "initied": true,
     "scanned": true,
     "reported: true,
     "deleted": false
   }
   

1. If detection exists on failure:

   • If detection fails when initialising:

     {
       "id": "...",
       "initied": false,
       "scanned": true,
       "reported: false,
       "deleted": false
     }
     

   • If detection fails when processing:

     {
       "id": "...",
       "initied": true,
       "scanned": true,
       "reported: false,
       "deleted": false
     }
     

delete_none()

Route

/api/v1.0/delete

Methods

DELETE

Display help message:

ID Required: /api/v1.0/delete/<id>

delete(id_: str)

Route

/api/v1.0/delete/<id>

Methods

DELETE

Delete detection status of id_.

0. If id_ in RUNNING:

   {
     "id": "...",
     "initied": null,
     "scanned": false,
     "reported: null,
     "deleted": true
   }
   

1. If id_ in SCANNED:

   • If the process exited on success:

     {
       "id": "...",
       "initied": null,
       "scanned": true,
       "reported: true,
       "deleted": true
     }
     

   • If the process exited on failure:

     {
       "id": "...",
       "initied": null,
       "scanned": true,
       "reported: false,
       "deleted": true
     }
     

2. If id_ not found:

   {
     "id": "...",
     "initied": null,
     "scanned": null,
     "reported: null,
     "deleted": true
   }
   

Error Handlers

daemon.invalid_id(error: Exception)

Handler of ValueError.

{
  "status": 400,
  "error": "...",
  "message": "invalid ID format"
}

daemon.invalid_info(error: Exception)

Handler of 400 Bad Request and KeyError.

{
  "status": 400,
  "error": "...",
  "message": "invalid info format"
}

daemon.id_not_found(error: Exception)

Handler of 404 Not Found.

{
  "status": 404,
  "error": "...",
  "message": "ID not found"
}

Dataclasses

class daemon.INFO

A dataclass for requested detection API information.

name: str

Path to the extracted file.

uuid: str

Unique identifier of current process.

mime: str

MIME type.

report: str

Report generation command.

inited: manager.Value

Initied flag.

locked: multiprocessing.Lock

Multiprocessing runtime lock.

workdir: str

API working directory.

environ: Dict[str, Any]

API runtime environment variables.

install: List[Union[str, List[str]]]

List of installation commands.

scripts: List[Union[str, List[str]]]

List of detection commands.

Constants

daemon.app = flask.Flask(__name__)

Flask application.

daemon.HELP_v1_0: str

BroAPT Daemon APIv1.0 Usage:

- GET    /api/v1.0/list
- GET    /api/v1.0/report/<id>
- POST   /api/v1.0/scan data={"key": "value"}
- DELETE /api/v1.0/delete/<id>

daemon.__help__: str

BroAPT Daemon API Usage:

# v1.0

- GET    /api/v1.0/list
- GET    /api/v1.0/report/<id>
- POST   /api/v1.0/scan data={"key": "value"}
- DELETE /api/v1.0/delete/<id>

daemon.manager = multiprocessing.Manager()

Multiprocessing manager instanace.

daemon.RUNNING = manager.list()

Type

List[uuid.UUID]

List of running detection processes.

daemon.SCANNED = manager.dict()

Type

Dict[uuid.UUID, bool]

Record of finished detection processes and exit on success.

daemon.APILOCK = manager.dict()

Type

Dict[str, multiprocessing.Lock]

Record of API multiprocessing locks.

daemon.APIINIT = manager.dict()

Type

Dict[str, multiprocessing.Value]

Record of API initialised flags.