From d8dcfd3e8ec42046a118200f5a7b365c0b9224d3 Mon Sep 17 00:00:00 2001
From: Wolfgang Hottgenroth <w.hottgenroth@krohne.com>
Date: Thu, 6 May 2021 17:19:08 +0200
Subject: [PATCH] changes

---
 Auth.py      | 13 +++++++++++++
 Entries.py   | 11 +++++++++++
 openapi.yaml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 72 insertions(+)
 create mode 100644 Auth.py

diff --git a/Auth.py b/Auth.py
new file mode 100644
index 0000000..5fbf66a
--- /dev/null
+++ b/Auth.py
@@ -0,0 +1,13 @@
+from jose import JWTError, jwt
+import os
+import werkzeug
+
+
+JWT_SECRET = os.environ['JWT_SECRET']
+
+def decodeToken(token):
+    try:
+        return jwt.decode(token, JWT_SECRET)
+    except JWTError as e:
+        print("ERROR: decodeToken: {}".format(e))
+        raise werkzeug.exceptions.Unauthorized()
diff --git a/Entries.py b/Entries.py
index 638f4ce..aa6f253 100644
--- a/Entries.py
+++ b/Entries.py
@@ -2,6 +2,7 @@ import logging
 import werkzeug
 from flask import request, Response
 import json
+import datetime
 
 class Entry(object):
     def __init__(self, d):
@@ -23,3 +24,13 @@ def insert(**args):
         raise werkzeug.exceptions.InternalServerError("Key Error: {}".format(e))
 
 
+def get(start, stop, token_info=None, location=None):
+    if 'read/mainscnt/entries' not in token_info['x-scope']:
+        raise werkzeug.exceptions.Forbidden()
+    res = [
+        { 
+            'timestamp': datetime.datetime.now(),
+            'frequency': 50.0
+        }
+    ]
+    return res
\ No newline at end of file
diff --git a/openapi.yaml b/openapi.yaml
index 9d68e89..2ad4e87 100644
--- a/openapi.yaml
+++ b/openapi.yaml
@@ -25,8 +25,56 @@ paths:
           description: Unauthorized
         404:
           description: Not found
+  /sc2/v1/entries:
+    get:
+      tags: [ "entry" ]
+      operationId: Entries.get
+      summary: Get entries from the database using a defined filter
+      parameters:
+        - name: start
+          in: query
+          required: true
+          schema:
+            type: string
+            format: date-time
+        - name: stop
+          in: query
+          required: true
+          schema:
+            type: string
+            format: date-time
+        - name: location
+          in: query
+          required: false
+          schema:
+            type: string
+      responses:
+        200:
+          description: List on selected entries
+          content:
+            application/json:
+              schema:
+                type: array
+                items: 
+                  $ref: "#/components/schemas/entry"
+        401:
+          description: Unauthorized
+        403:
+          description: Access denied
+        404:
+          description: Not found
+      security:
+      - jwt: ['secret']
+
+
 
 components:
+  securitySchemes:
+    jwt:
+      type: http
+      scheme: bearer
+      bearerFormat: JWT
+      x-bearerInfoFunc: Auth.decodeToken
   schemas:
     entry:
       description: Entry with timestamp and frequency