Security hardening: fix RCE, auth and SSRF issues

Critical: - backup: prevent Zip Slip path traversal and zip bombs in restore/convert via safe_extract(); serialize get_backup() with backup_lock and always restore CWD so concurrent requests can't corrupt the os.chdir state - app: only enable the Werkzeug debugger/reloader when ENVIRONMENT=dev; always init rate limits (also under WSGI), not just under __main__ - apikey: fix create_key never committing (session.commit -> commit()), validate roles against an allowlist, and fix revoke_key/update_last_used operating on detached instances so revocation actually persists - env_provider: redact DB_PASSWORD and SESSION_SECRET_KEY in summerize() High: - markdown: filter private/protected docs for non-admins in the listing, get_home, get_index and search endpoints (was an anonymous data leak); escape LIKE metacharacters and cap search results - webhooks: validate target URL to block SSRF (loopback/private/link-local/ metadata IPs), disable redirects, safely parse additional_header - auth: validate JWT issuer and require exp/iat; add timeout to JWKS fetch; harden Authorization header parsing against malformed values - log: require admin for GET /api/log and auth for POST; bound entry size Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-16 16:12:43 +01:00
parent 1f4ca52a10
commit 58f23ddcb8
8 changed files with 225 additions and 35 deletions
--- a/api/init.py
+++ b/api/init.py
@@ -37,7 +37,8 @@ def x5c_to_public_key(x5c):

 def get_jwks():
    url = f"{env_provider.KC_HOST}/realms/{env_provider.KC_REALM}/protocol/openid-connect/certs"
-    response = requests.get(url)
+    response = requests.get(url, timeout=5)
+    response.raise_for_status()
    jwks = response.json()
    return jwks

@@ -72,7 +73,9 @@ def verify_token(token):
            token,
            public_key,
            algorithms=["RS256"],
-            audience=env_provider.KC_CLIENT_ID
+            audience=env_provider.KC_CLIENT_ID,
+            issuer=f"{env_provider.KC_HOST}/realms/{env_provider.KC_REALM}",
+            options={"require": ["exp", "iat"]},
        )
        return decoded
    except ExpiredSignatureError as e:
@@ -86,7 +89,10 @@ def is_user_admin():
    is_admin = False
    auth_header = request.headers.get('Authorization')
    if auth_header and auth_header.startswith('Bearer'):
-        token = auth_header.split(" ")[1]
+        parts = auth_header.split(" ", 1)
+        if len(parts) != 2 or not parts[1].strip():
+            return is_admin
+        token = parts[1].strip()
        decoded = verify_token(token)
        if decoded:
            user_roles = decoded.get("resource_access", {}).get(env_provider.KC_CLIENT_ID, {}).get("roles", [])
@@ -124,7 +130,10 @@ def require_auth(roles=[]):
            if not auth_header or not auth_header.startswith('Bearer'):
                return jsonify({"error": "Unauthorized"}), 401

-            token = auth_header.split(" ")[1]
+            parts = auth_header.split(" ", 1)
+            if len(parts) != 2 or not parts[1].strip():
+                return jsonify({"error": "Unauthorized"}), 401
+            token = parts[1].strip()

            decoded = verify_token(token)
            if not decoded:
@@ -207,6 +216,11 @@ def get_api_key(key):
        return session.query(APIKey).filter_by(key=key, is_active=True).first()

 def update_last_used(api_key):
+    # api_key comes from get_api_key()'s (now closed) session, so it is
+    # detached. Update by key in a fresh session instead of mutating the
+    # detached instance, which would never be persisted.
    with get_db() as session:
-        api_key.last_used_at = datetime.now(UTC)
+        session.query(APIKey).filter_by(key=api_key.key).update(
+            {APIKey.last_used_at: datetime.now(UTC)}
+        )
        session.commit()