Splunk_Deploiement/apps/pusher_app_prem/bin/license_generator.py

#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
Git Pusher - License Generator
Génère des clés de licence basées sur le hostname Splunk
"""

import hashlib
import hmac
import base64
import socket
from datetime import datetime, timedelta
import json

# Secret key pour générer les licences (À CHANGER !)
SECRET_KEY = "git_pusher_license_secret_2024"

def get_hostname():
    """Récupérer le hostname du serveur"""
    return socket.gethostname()

def generate_license(hostname, days_valid=365, max_pushes=None):
    """
    Générer une clé de licence
    
    Args:
        hostname: nom d'hôte Splunk
        days_valid: nombre de jours de validité
        max_pushes: nombre maximum de pushes (None = illimité)
    
    Returns:
        license_key: clé de licence formatée
    """
    
    # Créer la date d'expiration
    expiration_date = datetime.now() + timedelta(days=days_valid)
    expiration_str = expiration_date.strftime("%Y-%m-%d")
    
    # Créer le payload
    payload = {
        "hostname": hostname,
        "expiration": expiration_str,
        "max_pushes": max_pushes,
        "issued": datetime.now().strftime("%Y-%m-%d")
    }
    
    # Convertir en JSON et encoder en base64
    payload_json = json.dumps(payload, separators=(',', ':'))
    payload_b64 = base64.b64encode(payload_json.encode()).decode()
    
    # Créer la signature HMAC
    signature = hmac.new(
        SECRET_KEY.encode(),
        payload_b64.encode(),
        hashlib.sha256
    ).hexdigest()[:16]  # Prendre les 16 premiers caractères
    
    # Formater la clé de licence
    license_key = f"{signature}-{payload_b64}"
    
    return license_key, payload

def validate_license(license_key, hostname):
    """
    Valider une clé de licence
    
    Args:
        license_key: clé à valider
        hostname: hostname Splunk actuel
    
    Returns:
        dict: {valid: bool, error: str, expiration: str, max_pushes: int}
    """
    
    try:
        # Séparer signature et payload
        parts = license_key.split('-', 1)
        if len(parts) != 2:
            return {
                'valid': False,
                'error': 'Format de clé invalide'
            }
        
        signature, payload_b64 = parts
        
        # Vérifier la signature
        expected_signature = hmac.new(
            SECRET_KEY.encode(),
            payload_b64.encode(),
            hashlib.sha256
        ).hexdigest()[:16]
        
        if signature != expected_signature:
            return {
                'valid': False,
                'error': 'Signature invalide - clé corrompue ou falsifiée'
            }
        
        # Décoder le payload
        try:
            payload_json = base64.b64decode(payload_b64).decode()
            payload = json.loads(payload_json)
        except Exception as e:
            return {
                'valid': False,
                'error': f'Erreur de décodage: {str(e)}'
            }
        
        # Vérifier le hostname
        if payload.get('hostname') != hostname:
            return {
                'valid': False,
                'error': f'Cette licence est pour {payload.get("hostname")}, pas {hostname}'
            }
        
        # Vérifier l'expiration
        expiration = datetime.strptime(payload.get('expiration'), '%Y-%m-%d')
        if datetime.now() > expiration:
            return {
                'valid': False,
                'error': f'Licence expirée le {payload.get("expiration")}'
            }
        
        return {
            'valid': True,
            'expiration': payload.get('expiration'),
            'max_pushes': payload.get('max_pushes'),
            'days_remaining': (expiration - datetime.now()).days
        }
    
    except Exception as e:
        return {
            'valid': False,
            'error': f'Erreur de validation: {str(e)}'
        }

if __name__ == '__main__':
    import sys
    
    hostname = get_hostname()
    print("=" * 60)
    print("Git Pusher - License Generator")
    print("=" * 60)
    print(f"\nHostname détecté: {hostname}")
    
    if len(sys.argv) > 1 and sys.argv[1] == 'validate':
        # Mode validation
        license_key = sys.argv[2] if len(sys.argv) > 2 else input("Entrez la clé de licence: ")
        result = validate_license(license_key, hostname)
        
        print("\nRésultat de validation:")
        print(json.dumps(result, indent=2, ensure_ascii=False))
    else:
        # Mode génération
        days = int(sys.argv[1]) if len(sys.argv) > 1 else 365
        max_pushes = int(sys.argv[2]) if len(sys.argv) > 2 else None
        
        license_key, payload = generate_license(hostname, days, max_pushes)
        
        print(f"\n📋 Payload:")
        print(json.dumps(payload, indent=2, ensure_ascii=False))
        
        print(f"\n🔑 Clé de licence générée:")
        print(license_key)
        
        print(f"\n✓ Valide pour: {days} jours")
        if max_pushes:
            print(f"✓ Pushes limités à: {max_pushes}")
        
        # Tester la validation
        print(f"\n✔️ Test de validation:")
        result = validate_license(license_key, hostname)
        print(json.dumps(result, indent=2, ensure_ascii=False))