cti-taxii-client
cti-taxii-client copied to clipboard
oasis-open
Data retrieval from the TAXII server with a TAXII client
I am currently experiencing the same problem currently. But with version 2.1 of Taxii. Except that for me, I have
Content-Type: 'text / plain' for Accept: 'application / taxii + json; version = 2.1' If you are trying to contact a TAXII 2.0 Server use 'from taxii2client.v20 import X' If you are trying to contact a TAXII 2.1 Server use 'from taxii2client.v21 import X'
Could someone help me please?
I am using the medallion for TAXII server configuration. As well as data extraction with the TAXII client developed by OASIS
Here is the data extraction code
` from django.shortcuts import render
from taxii2client.v21 import Server import requests from taxii2client.v21 import Collection, as_pages
HEADERS = { 'Accept: application/taxii+json;version=2.1'}
def getinfo(request): server = Server(url = 'http://127.0.0.1:5000/taxii2/', user='admin', password='Password0')
p = print(server.title)
p = print(server.description)
# Performing TAXII 2.0 Requests
# ---------------------------------------------------------------- #
# Performing TAXII 2.1 Requests
from taxii2client.v21 import Collection, as_pages
collection = Collection(url = 'http://127.0.0.1:5000/api2/collections/91a7b528-80eb-42ed-a74d-c6fbd5a26116', user='admin', password='Password0')
print(collection.get_object('indicator--252c7c11-daf2-42bd-843b-be65edca9f61'))
# For normal (no pagination) requests
print(collection.get_objects())
print(collection.get_manifest())
# For pagination requests.
# Use *args for other arguments to the call and **kwargs to pass filter information
for envelope in as_pages(collection.get_objects, per_request=50):
print(envelope)
for manifest_resource in as_pages(collection.get_manifest, per_request=50):
print(manifest_resource)
return render(request, 'home.htm')
`
TAXII Server : Medallion : server
TAXII Client : Client
Hi @ManuelZe,
Thanks for creating a new issue and expanding on this. I have a lot more info and can hopefully pinpoint the issue.
I assume the incorrect output you're getting is:
Content-Type: 'text / plain' for Accept: 'application / taxii + json; version = 2.1'
If you are trying to contact a TAXII 2.0 Server use 'from taxii2client.v20 import X'
If you are trying to contact a TAXII 2.1 Server use 'from taxii2client.v21 import X'
What line in your code is actually producing this output? Is it
p = print(server.title)
or is it
for envelope in as_pages(collection.get_objects, per_request=50):
print(envelope)
With that information I should be able to figure out your issue.
Thanks
@ManuelZe are you still having this issue? Could you indicate which line in the code is causing the error?
Hi, I am facing the same issue as described above, it's just that i am using a different URL (http://hailataxii.com/taxii-discovery-service). the error comes in the line "server.title". I tried with different feeds but got different errors like (HTTP 500, 406, 400) etc with different urls.
I tried with postman and i got same error HTTP 400
I am not sure what should be the value of the X-TAXII-Content-Type header
Console log when trying with taxii2client
Traceback (most recent call last):
File ".\script.py", line 5, in
taxii2client\v20_init_.py", line 733, in title
self.ensure_loaded()
File "C:\Users\Rohit Ranjan\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.7_qbz5n2kfra8p0\LocalCache\local-packages\Python37\site-packages
taxii2client\v20_init.py", line 769, in ensure_loaded
self.refresh()
File "C:\Users\Rohit Ranjan\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.7_qbz5n2kfra8p0\LocalCache\local-packages\Python37\site-packages
taxii2client\v20_init.py", line 805, in refresh
response = self.__raw = self._conn.get(self.url)
File "C:\Users\Rohit Ranjan\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.7_qbz5n2kfra8p0\LocalCache\local-packages\Python37\site-packages
taxii2client\common.py", line 310, in get
raise e
File "C:\Users\Rohit Ranjan\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.7_qbz5n2kfra8p0\LocalCache\local-packages\Python37\site-packages
taxii2client\common.py", line 300, in get
resp.raise_for_status()
File "C:\Users\Rohit Ranjan\AppData\Local\Packages\PythonSoftwareFoundation.Python.3.7_qbz5n2kfra8p0\LocalCache\local-packages\Python37\site-packages
requests\models.py", line 960, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: http://hailataxii.com/taxii-discovery-service/
Hi @rohits144, I believe this is a different issue. Hailataxii is a TAXII 1.x server, while this client is designed for TAXII 2.x. Cabby is a good TAXII 1.x client. If you're intending to use TAXII 2.x instead you'll need to connect to a TAXII 2.x server, such as medallion or FreeTAXII.
I am seeing this issue when trying to connect the taxii2client to an OpenCTI (5.3.10) instance. I can reproduce at any time. The issue specifically occurs when the client authenticates and verify/validate the content type. Within the get function of the Common Class:
https://github.com/oasis-open/cti-taxii-client/blob/2c73aa58c26c1c079a42ad6b93a73feca7d49e66/taxii2client/common.py#L249
@ManuelZe Let me know what I can do to help remediate this.
Traceback:
Error: Unexpected Response. Got Content-Type: 'application/taxii+json; charset=utf-8; version=2.1' for Accept: 'application/vnd.oasis.taxii+json; version=2.0' If you are trying to contact a TAXII 2.0 Server use 'from taxii2client.v20 import X' If you are trying to contact a TAXII 2.1 Server use 'from taxii2client.v21 import X' traceback: Traceback (most recent call last): File "
@TechBurn0ut you have a different issue. Looks like you are using the 2.0 client to connect to a 2.1 server. Try importing from taxii2client.v21 instead.
@TechBurn0ut i have same problem but i cant fix it can you help me? i use OpenCTI TAXII server collection
from taxii2client.v21 import Server
Initialize the TAXII server
server = Server(url='http://192.168.204.114:8080/taxii2/', user='user', password='password') collection_id = '3c42e325-611e-43ae-b789-3f2f8f275596'
api_root = server.api_roots[0] print(api_root.collections)
desired_collection = None for collection in api_root.collections: if collection.id == collection_id: desired_collection = collection break
response = desired_collection.get_object()
taxii2client.exceptions.TAXIIServiceException: Unexpected Response. Got Content-Type: 'application/json; charset=utf-8' for Accept: 'application/taxii+json;version=2.1' If you are trying to contact a TAXII 2.0 Server use 'from taxii2client.v20 import X' If you are trying to contact a TAXII 2.1 Server use 'from taxii2client.v21 import X'
Looks like the content type that the server sent you is not compliant with either TAXII 2.0 or 2.1.
TAXII 2.0 requires something like application/vnd.oasis.taxii+json [1].
TAXII 2.1 requires something like application/taxii+json [2].
Some of the API methods have an accept parameter, which you might use to override the default:
https://github.com/oasis-open/cti-taxii-client/blob/54dabadf1a67517e99e6a8f2961614a2a4f5ad2c/taxii2client/v21/init.py#L606
But it seems like their TAXII server should be sending spec compliant response headers!
[1] https://docs.oasis-open.org/cti/taxii/v2.0/taxii-v2.0.html#_Toc496542707 [2] https://docs.oasis-open.org/cti/taxii/v2.1/taxii-v2.1.html#_Toc31107504
Edit: I am just looking at the code, not running tests on non-compliant servers, but using a custom value for accept might not actually work. Looks like the client really must find application/taxii+json in the response Content-Type header, or it will reject the response:
https://github.com/oasis-open/cti-taxii-client/blob/54dabadf1a67517e99e6a8f2961614a2a4f5ad2c/taxii2client/common.py#L296-L297
