add: tlp:clear reports without apikey

Author: bilgehanertan

pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "python-catalyst"
-version = "0.1.0"
+version = "0.1.2"
 description = "Python client for the PRODAFT CATALYST API"
 readme = "README.md"
 license = { file = "LICENSE" }

python_catalyst/client.py

@@ -1,6 +1,7 @@
 """Client for the CATALYST API."""
 
 import logging
+import time
 import uuid
 from datetime import datetime
 from typing import Dict, List, Optional, Tuple
@@ -17,7 +18,7 @@ class CatalystClient:
 
     def __init__(
         self,
-        api_key: str,
+        api_key: str = None,
         base_url: str = "https://prod.blindspot.prodaft.com/api",
         proxy_url: Optional[str] = None,
         logger: Optional[logging.Logger] = None,
@@ -62,6 +63,7 @@ def __init__(
         # extra config params
         self.create_observables = create_observables
         self.create_indicators = create_indicators
+        self._last_request_time = 0
 
     def _handle_request(
         self, method: str, endpoint: str, params: Dict = None, data: Dict = None
@@ -83,6 +85,18 @@ def _handle_request(
         """
         url = f"{self.base_url}/{endpoint.lstrip('/')}"
 
+        if not self.catalyst_authenticated:
+            current_time = time.time()
+            time_since_last_request = current_time - self._last_request_time
+            if time_since_last_request < 20:
+                sleep_time = 20 - time_since_last_request
+                if self.logger:
+                    self.logger.debug(
+                        f"Sleeping for {sleep_time:.2f} seconds between requests"  # noqa: E231
+                    )
+                time.sleep(sleep_time)
+            self._last_request_time = time.time()
+
         try:
             self.logger.debug(f"Making {method} request to {url}")
             response = self.session.request(
@@ -499,7 +513,12 @@ def create_report_from_member_content_with_references(
                     entity_id = threat_actor.get("id")
                     entity_value = threat_actor.get("value")
                     context = threat_actor.get("context")
-
+                    if not self.catalyst_authenticated:
+                        if self.logger:
+                            self.logger.debug(
+                                f"Skipping threat actor {entity_value} because user is not authenticated... This will be implemented in the future."
+                            )
+                        continue
                     if entity_id and entity_value:
                         try:
                             # Fetch detailed information for the threat actor
@@ -518,101 +537,6 @@ def create_report_from_member_content_with_references(
                                 report_reference=external_reference,
                             )
 
-                            # Process relationships from detailed threat actor data regardless of type
-                            """
-                            # 1. Process attack patterns
-                            attack_pattern_data = detailed_threat_actor.get("attack_patterns", [])
-                            if isinstance(attack_pattern_data, list):
-                                for attack_pattern in attack_pattern_data:
-                                    pattern_id = attack_pattern.get("id")
-                                    pattern_name = attack_pattern.get("name")
-
-                                    if pattern_id and pattern_name:
-                                        # Create the attack pattern
-                                        attack_pattern_obj = self.converter.create_attack_pattern(
-                                            pattern_id,
-                                            pattern_name,
-                                            attack_pattern.get("description"),
-                                            report_reference=external_reference,
-                                        )
-                                        related_objects.append(attack_pattern_obj)
-                                        collected_object_refs.append(attack_pattern_obj.id)
-
-                                        # Create relationship
-                                        rel = self._create_relationship_objects(
-                                            ta_object.id,
-                                            attack_pattern_obj.id,
-                                            "uses",
-                                            external_reference
-                                        )
-                                        related_objects.append(rel)
-                                        collected_object_refs.append(rel.id)
-
-                                        if self.logger:
-                                            self.logger.debug(f"Added attack pattern {pattern_name} used by {entity_value}")
-
-                            # 2. Process campaigns
-                            campaign_data = detailed_threat_actor.get("campaigns", [])
-                            if isinstance(campaign_data, list):
-                                for campaign in campaign_data:
-                                    campaign_id = campaign.get("id")
-                                    campaign_name = campaign.get("name")
-
-                                    if campaign_id and campaign_name:
-                                        # Create the campaign
-                                        campaign_obj = self.converter.create_campaign(
-                                            campaign_id,
-                                            campaign_name,
-                                            campaign.get("description"),
-                                            report_reference=external_reference,
-                                        )
-                                        related_objects.append(campaign_obj)
-                                        collected_object_refs.append(campaign_obj.id)
-
-                                        # Create relationship with appropriate relationship type
-                                        rel = self._create_relationship_objects(
-                                            ta_object.id,
-                                            campaign_obj.id,
-                                            "attributed-to",
-                                            external_reference
-                                        )
-                                        related_objects.append(rel)
-                                        collected_object_refs.append(rel.id)
-
-                                        if self.logger:
-                                            self.logger.debug(f"Added campaign {campaign_name} attributed to {entity_value}")
-
-                            # 3. Process countries/suspected origins
-                            origin_data = detailed_threat_actor.get("suspected_origins", [])
-                            if isinstance(origin_data, list):
-                                for country in origin_data:
-                                    country_id = country.get("id")
-                                    country_name = country.get("name")
-
-                                    if country_id and country_name:
-                                        # Create the location
-                                        location_obj = self.converter.create_country_location(
-                                            country_id,
-                                            country_name,
-                                            None,
-                                            report_reference=external_reference,
-                                        )
-                                        related_objects.append(location_obj)
-                                        collected_object_refs.append(location_obj.id)
-
-                                        # Create relationship
-                                        rel = self._create_relationship_objects(
-                                            ta_object.id,
-                                            location_obj.id,
-                                            "originates-from",
-                                            external_reference
-                                        )
-                                        related_objects.append(rel)
-                                        collected_object_refs.append(rel.id)
-
-                                        if self.logger:
-                                            self.logger.debug(f"Added suspected origin {country_name} for {entity_value}")
-                            """
                             is_abstract = detailed_threat_actor.get(
                                 "is_abstract", False
                             )

setup.py

@@ -5,7 +5,7 @@
 
 setup(
     name="python-catalyst",
-    version="0.1.0",
+    version="0.1.2",
     description="Python client for the PRODAFT CATALYST API",
     long_description=long_description,
     long_description_content_type="text/markdown",