From f8201c118d75c99db25d2c4c1ff356344ed2e79b Mon Sep 17 00:00:00 2001 From: Andrew Beard Date: Mon, 9 Jan 2023 13:48:13 -0500 Subject: [PATCH 1/2] =?UTF-8?q?Added=20a=20default=20of=20False=20for=20th?= =?UTF-8?q?e=20taxii2=20=E2=80=9Cpublic=5Fdiscovery=E2=80=9D=20config=20fi?= =?UTF-8?q?eld?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- opentaxii/server.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/opentaxii/server.py b/opentaxii/server.py index 928ae033..01b4bbc4 100644 --- a/opentaxii/server.py +++ b/opentaxii/server.py @@ -476,7 +476,7 @@ def handle_request(self, endpoint: Callable[[], Response]): @register_handler(r"^/taxii2/$", handles_own_auth=True) def discovery_handler(self): - if context.account is None and not self.config["public_discovery"]: + if context.account is None and not self.config.get("public_discovery", False): raise Unauthorized() response = { "title": self.config["title"], From c4b3dc3b171491fe4e03094b30e98acc7269845f Mon Sep 17 00:00:00 2001 From: Andrew Beard Date: Mon, 9 Jan 2023 13:48:36 -0500 Subject: [PATCH 2/2] Described missing taxii2 config fields that have already been implemented --- docs/configuration.rst | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/docs/configuration.rst b/docs/configuration.rst index f6899e9f..28275226 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -120,8 +120,12 @@ Properties - ``db_connection`` — the database connetion string - ``create_tables`` — boolean, if true, create tables on startup - - ``max_content_length`` — the maximum size of the request body in bytes that the server can support + - ``max_content_length`` — the maximum size of the request body in bytes that the server can support. Required field - ``allow_custom_properties`` — boolean, if true, allow custom stix2 properties when posting objects (default: true) + - ``public_discovery`` - boolean, if true, do not require authentication for discovery of api roots (default: false) + - ``title`` - title of the server, returned as part of the discovery of api roots. Required field + - ``contact`` - contact for the server, returned as part of the discovery of api roots + - ``description`` - description of the server, returned as part of the discovery of api roots - ``logging`` — logging configuration.