-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathapi.py
More file actions
68 lines (56 loc) · 2.43 KB
/
api.py
File metadata and controls
68 lines (56 loc) · 2.43 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
from fastapi import FastAPI, HTTPException, Depends
from fastapi.security import HTTPBearer, HTTPAuthorizationCredentials
from cryptography.fernet import Fernet, InvalidToken
import jwt
from jwt.exceptions import InvalidTokenError
import ucip_pb2 # Compiled Protobuf
from google.protobuf.json_format import MessageToJson, Parse
import uvicorn
import logging
app = FastAPI(title="UCIP API")
security = HTTPBearer()
# Demo secrets (replace in production)
ENCRYPTION_KEY = Fernet.generate_key() # Or load from env
JWT_SECRET = "your_jwt_secret"
fernet = Fernet(ENCRYPTION_KEY)
# In-memory DB (replace with encrypted DB)
user_contexts = {} # {user_id: encrypted_binary}
logging.basicConfig(level=logging.INFO)
def decode_jwt(token: str):
try:
return jwt.decode(token, JWT_SECRET, algorithms=["HS256"])
except InvalidTokenError:
raise HTTPException(401, "Invalid token")
@app.get("/getContext/{user_id}")
def get_context(user_id: str, credentials: HTTPAuthorizationCredentials = Depends(security)):
payload = decode_jwt(credentials.credentials)
if user_id != payload.get("user_id"):
raise HTTPException(403, "Unauthorized")
if user_id not in user_contexts:
raise HTTPException(404, "Not found")
encrypted_data = user_contexts[user_id]
try:
decrypted = fernet.decrypt(encrypted_data)
ucip = ucip_pb2.UCIP()
ucip.ParseFromString(decrypted)
logging.info(f"Accessed UCIP for {user_id}")
return {"data": MessageToJson(ucip)} # Return JSON for LLM compatibility
except InvalidToken:
raise HTTPException(400, "Decryption failed")
@app.post("/updateContext/{user_id}")
def update_context(user_id: str, data: dict, credentials: HTTPAuthorizationCredentials = Depends(security)):
payload = decode_jwt(credentials.credentials)
if user_id != payload.get("user_id"):
raise HTTPException(403, "Unauthorized")
# Validate consent and scopes (example)
if not data.get("consent", {}).get("granted"):
raise HTTPException(400, "Consent required")
ucip = ucip_pb2.UCIP()
Parse(MessageToJson(data), ucip) # From JSON to Protobuf (for input flexibility)
binary = ucip.SerializeToString()
encrypted = fernet.encrypt(binary)
user_contexts[user_id] = encrypted
logging.info(f"Updated UCIP for {user_id}")
return {"message": "Updated"}
if __name__ == "__main__":
uvicorn.run(app, host="0.0.0.0", port=8000)