common/api.py

import jwt
import os
import requests
from datetime import datetime, timedelta, UTC
from openpilot.system.hardware.hw import Paths
from openpilot.system.version import get_version

API_HOST = os.getenv('API_HOST', 'https://api.commadotai.com')

# name: jwt signature algorithm
KEYS = {"id_rsa": "RS256",
        "id_ecdsa": "ES256"}


class Api:
  def __init__(self, dongle_id):
    self.dongle_id = dongle_id
    self.jwt_algorithm, self.private_key, _ = get_key_pair()

  def get(self, *args, **kwargs):
    return self.request('GET', *args, **kwargs)

  def post(self, *args, **kwargs):
    return self.request('POST', *args, **kwargs)

  def request(self, method, endpoint, timeout=None, access_token=None, **params):
    return api_get(endpoint, method=method, timeout=timeout, access_token=access_token, **params)

  def get_token(self, payload_extra=None, expiry_hours=1):
    now = datetime.now(UTC).replace(tzinfo=None)
    payload = {
      'identity': self.dongle_id,
      'nbf': now,
      'iat': now,
      'exp': now + timedelta(hours=expiry_hours)
    }
    if payload_extra is not None:
      payload.update(payload_extra)
    token = jwt.encode(payload, self.private_key, algorithm=self.jwt_algorithm)
    if isinstance(token, bytes):
      token = token.decode('utf8')
    return token


def api_get(endpoint, method='GET', timeout=None, access_token=None, **params):
  headers = {}
  if access_token is not None:
    headers['Authorization'] = "JWT " + access_token

  headers['User-Agent'] = "openpilot-" + get_version()

  return requests.request(method, API_HOST + "/" + endpoint, timeout=timeout, headers=headers, params=params)


def get_key_pair() -> tuple[str, str, str] | tuple[None, None, None]:
  for key in KEYS:
    if os.path.isfile(Paths.persist_root() + f'/comma/{key}') and os.path.isfile(Paths.persist_root() + f'/comma/{key}.pub'):
      with open(Paths.persist_root() + f'/comma/{key}') as private, open(Paths.persist_root() + f'/comma/{key}.pub') as public:
        return KEYS[key], private.read(), public.read()
  return None, None, None
common folder old-commit-hash: e8d888c45b5cb84bf38bdb96cae579a10f7ae281 2020-01-17 10:28:44 -08:00			`import jwt`
api: use API_HOST env variable everywhere (#21814) * api base url to global constant * update api/__init__.py old-commit-hash: 543e019f715a7e485c7402d1e145dc8e81d43611 2021-08-03 19:49:49 +08:00			`import os`
common folder old-commit-hash: e8d888c45b5cb84bf38bdb96cae579a10f7ae281 2020-01-17 10:28:44 -08:00			`import requests`
Update to Python 3.12 (#32548) * 3.12 * pprofile is broken * use modified metadrivepy3-12 * 0.3.0 metadrive * add metadrive/commaai git dependency * metadrive git set * pin sounddevice 0.4.6 * datetime.utcnow() deprecation * poetry lock * make datetime not aware * poetry lock * pin pytools * google_crc32c wheel * unpin sounddevice * clean metadrive * use python crc * mypy * 3.12.4 * allow python3.11 * test * no pip * poetry * better * better * merge * remove * try * test * try this * snok * python * simpler * setuptools * lower * try * try * work? * ubuntu deps * ubuntu * try * remove * move * remove this * names * Update .github/workflows/tools_tests.yaml Co-authored-by: Adeeb Shihadeh <adeebshihadeh@gmail.com> * python<4 * <3.13 --------- Co-authored-by: Adeeb Shihadeh <adeebshihadeh@gmail.com> Co-authored-by: Maxime Desroches <desroches.maxime@gmail.com> old-commit-hash: 148eaf8fa6c9b23cdd346e926f58fad61f79ff1d 2024-06-11 13:45:15 -07:00			`from datetime import datetime, timedelta, UTC`
Pytest: more post-test path cleanup (#30556) * test cleanup * missed this one * remove that * static class old-commit-hash: 4086795c29bacd245a7cc372a16730e1a6ff974f 2023-11-30 09:55:48 -08:00			`from openpilot.system.hardware.hw import Paths`
add openpilot prefix to imports (#29498) * add openpilot prefix to imports * more * more * fix docs * fix linter * bump submodules * fix patched tests * update dynamic imports * debug * Revert "debug" This reverts commit db5e13b9911cc74438bee123bc3430da6c31b24b. * fix pm test old-commit-hash: a9626f95b69af19306143fc4def02fb5769405d2 2023-08-20 20:49:55 -07:00			`from openpilot.system.version import get_version`
common folder old-commit-hash: e8d888c45b5cb84bf38bdb96cae579a10f7ae281 2020-01-17 10:28:44 -08:00
api: use API_HOST env variable everywhere (#21814) * api base url to global constant * update api/__init__.py old-commit-hash: 543e019f715a7e485c7402d1e145dc8e81d43611 2021-08-03 19:49:49 +08:00			`API_HOST = os.getenv('API_HOST', 'https://api.commadotai.com')`

athenad: get ES256 key (#36845) * fix * why not format * fix typing * cast 2025-12-11 18:00:43 -08:00			`# name: jwt signature algorithm`
			`KEYS = {"id_rsa": "RS256",`
			`"id_ecdsa": "ES256"}`

support ECDSA (#36555) * keys * remove * remove * too small 2025-11-03 22:45:00 -08:00
ruff: enable UP old-commit-hash: b2e4c64cf8fe3256d1e411e8715c29e2eb6f4f00 2024-05-20 17:43:54 -07:00			`class Api:`
common folder old-commit-hash: e8d888c45b5cb84bf38bdb96cae579a10f7ae281 2020-01-17 10:28:44 -08:00			`def __init__(self, dongle_id):`
			`self.dongle_id = dongle_id`
support ECDSA (#36555) * keys * remove * remove * too small 2025-11-03 22:45:00 -08:00			`self.jwt_algorithm, self.private_key, _ = get_key_pair()`
common folder old-commit-hash: e8d888c45b5cb84bf38bdb96cae579a10f7ae281 2020-01-17 10:28:44 -08:00
			`def get(self, args, *kwargs):`
			`return self.request('GET', args, *kwargs)`

			`def post(self, args, *kwargs):`
			`return self.request('POST', args, *kwargs)`

			`def request(self, method, endpoint, timeout=None, access_token=None, **params):`
			`return api_get(endpoint, method=method, timeout=timeout, access_token=access_token, **params)`

raylib: fix pairing url 2025-09-18 17:03:16 -07:00			`def get_token(self, payload_extra=None, expiry_hours=1):`
Update to Python 3.12 (#32548) * 3.12 * pprofile is broken * use modified metadrivepy3-12 * 0.3.0 metadrive * add metadrive/commaai git dependency * metadrive git set * pin sounddevice 0.4.6 * datetime.utcnow() deprecation * poetry lock * make datetime not aware * poetry lock * pin pytools * google_crc32c wheel * unpin sounddevice * clean metadrive * use python crc * mypy * 3.12.4 * allow python3.11 * test * no pip * poetry * better * better * merge * remove * try * test * try this * snok * python * simpler * setuptools * lower * try * try * work? * ubuntu deps * ubuntu * try * remove * move * remove this * names * Update .github/workflows/tools_tests.yaml Co-authored-by: Adeeb Shihadeh <adeebshihadeh@gmail.com> * python<4 * <3.13 --------- Co-authored-by: Adeeb Shihadeh <adeebshihadeh@gmail.com> Co-authored-by: Maxime Desroches <desroches.maxime@gmail.com> old-commit-hash: 148eaf8fa6c9b23cdd346e926f58fad61f79ff1d 2024-06-11 13:45:15 -07:00			`now = datetime.now(UTC).replace(tzinfo=None)`
common folder old-commit-hash: e8d888c45b5cb84bf38bdb96cae579a10f7ae281 2020-01-17 10:28:44 -08:00			`payload = {`
			`'identity': self.dongle_id,`
			`'nbf': now,`
			`'iat': now,`
navd: rewrite in python (#24621) * navd: start python rewrite * use enum * send empty instruction packet * parse banner * cleanup * switch to coordinate class * add segment transition logic * add recompute logic * cleanup old navd code * split out helpers * cleanup release files * fix typo * fix docs * add typing to helpers * small fixes * move outside of ui * get last pos from param * add ui restart detection * check running * send route * set navInstruction to invalid with no active route * whitespace * do not overwrite response and use ratekeeper * reuse params object * remove navd exception old-commit-hash: e72d6b5689dd95f5fd7a6558c72c2e02b37f8b12 2022-05-30 15:15:51 +02:00			`'exp': now + timedelta(hours=expiry_hours)`
common folder old-commit-hash: e8d888c45b5cb84bf38bdb96cae579a10f7ae281 2020-01-17 10:28:44 -08:00			`}`
raylib: fix pairing url 2025-09-18 17:03:16 -07:00			`if payload_extra is not None:`
			`payload.update(payload_extra)`
support ECDSA (#36555) * keys * remove * remove * too small 2025-11-03 22:45:00 -08:00			`token = jwt.encode(payload, self.private_key, algorithm=self.jwt_algorithm)`
Fix jwt.encode return type (#19776) (#19958) * Fix for issue #19776 PyJWT 2.0.0 does not return `bytes` for `encode()` instead returns `str`. So converted the `str` to `bytes` and returned the resulting value * added check for jwt.encode return type * Update __init__.py * Updated with suggested change * Test to check return type of get_token() The `get_token()` must return a `str` but for PyJWT version < 2.0.0 the `jwt.encode()` returns `bytes`. This test is to make sure if token returned by `get_token()` is `str`. * Update test_get_token.py * Update test_get_token.py * Delete test_get_token.py Co-authored-by: Willem Melching <willem.melching@gmail.com> old-commit-hash: 236743a4e2499c29e6651f6231c5734ccc6d213f 2021-02-02 20:06:04 +05:30			`if isinstance(token, bytes):`
			`token = token.decode('utf8')`
			`return token`
Do not run code on version.py import (#23063) * Do not run code on version.py import * fix athena old-commit-hash: f7c46c694985456e569ce2313b29e43607c62a12 2021-11-29 19:38:55 +01:00
common folder old-commit-hash: e8d888c45b5cb84bf38bdb96cae579a10f7ae281 2020-01-17 10:28:44 -08:00
			`def api_get(endpoint, method='GET', timeout=None, access_token=None, **params):`
			`headers = {}`
			`if access_token is not None:`
Do not run code on version.py import (#23063) * Do not run code on version.py import * fix athena old-commit-hash: f7c46c694985456e569ce2313b29e43607c62a12 2021-11-29 19:38:55 +01:00			`headers['Authorization'] = "JWT " + access_token`
common folder old-commit-hash: e8d888c45b5cb84bf38bdb96cae579a10f7ae281 2020-01-17 10:28:44 -08:00
Do not run code on version.py import (#23063) * Do not run code on version.py import * fix athena old-commit-hash: f7c46c694985456e569ce2313b29e43607c62a12 2021-11-29 19:38:55 +01:00			`headers['User-Agent'] = "openpilot-" + get_version()`
common folder old-commit-hash: e8d888c45b5cb84bf38bdb96cae579a10f7ae281 2020-01-17 10:28:44 -08:00
api_get: keep same api (#21838) old-commit-hash: 267a0b343b0ad607ee0cddcf62de5e18966d4390 2021-08-03 15:33:41 +02:00			`return requests.request(method, API_HOST + "/" + endpoint, timeout=timeout, headers=headers, params=params)`
support ECDSA (#36555) * keys * remove * remove * too small 2025-11-03 22:45:00 -08:00
athenad: get ES256 key (#36845) * fix * why not format * fix typing * cast 2025-12-11 18:00:43 -08:00
			`def get_key_pair() -> tuple[str, str, str] \| tuple[None, None, None]:`
support ECDSA (#36555) * keys * remove * remove * too small 2025-11-03 22:45:00 -08:00			`for key in KEYS:`
			`if os.path.isfile(Paths.persist_root() + f'/comma/{key}') and os.path.isfile(Paths.persist_root() + f'/comma/{key}.pub'):`
			`with open(Paths.persist_root() + f'/comma/{key}') as private, open(Paths.persist_root() + f'/comma/{key}.pub') as public:`
			`return KEYS[key], private.read(), public.read()`
			`return None, None, None`