def parse_cookie(name, seed, kaka):
"""Parses and verifies a cookie value
:param seed: A seed used for the HMAC signature
:param kaka: The cookie
:return: A tuple consisting of (payload, timestamp)
"""
if not kaka:
return None
cookie_obj = SimpleCookie(kaka)
morsel = cookie_obj.get(name)
if morsel:
parts = morsel.value.split("|")
if len(parts) != 3:
return None
# verify the cookie signature
sig = cookie_signature(seed, parts[0], parts[1])
if sig != parts[2]:
raise SAMLError("Invalid cookie signature")
try:
return parts[0].strip(), parts[1]
except KeyError:
return None
else:
return None
def make_cookie(name, load, seed, expire=0, domain="", path="",
timestamp=""):
"""
Create and return a cookie
:param name: Cookie name
:param load: Cookie load
:param seed: A seed for the HMAC function
:param expire: Number of minutes before this cookie goes stale
:param domain: The domain of the cookie
:param path: The path specification for the cookie
:return: A tuple to be added to headers
"""
cookie = SimpleCookie()
if not timestamp:
timestamp = str(int(time.mktime(time.gmtime())))
signature = cookie_signature(seed, load, timestamp)
cookie[name] = "|".join([load, timestamp, signature])
if path:
cookie[name]["path"] = path
if domain:
cookie[name]["domain"] = domain
if expire:
cookie[name]["expires"] = _expiration(expire,
"%a, %d-%b-%Y %H:%M:%S GMT")
return tuple(cookie.output().split(": ", 1))
def cookie_parts(name, kaka):
cookie_obj = SimpleCookie(kaka)
morsel = cookie_obj.get(name)
if morsel:
return morsel.value.split("|")
else:
return None
def getSession(self):
"""Return the existing session or a new session"""
if self.session is not None:
return self.session
# Get value of cookie header that was sent
cookie_str = self.headers.get('Cookie')
if cookie_str:
cookie_obj = SimpleCookie(cookie_str)
sid_morsel = cookie_obj.get(self.SESSION_COOKIE_NAME, None)
if sid_morsel is not None:
sid = sid_morsel.value
else:
sid = None
else:
sid = None
# If a session id was not set, create a new one
if sid is None:
sid = randomString(16, '0123456789abcdef')
session = None
else:
session = self.server.sessions.get(sid)
# If no session exists for this session ID, create one
if session is None:
session = self.server.sessions[sid] = {}
session['id'] = sid
self.session = session
return session
def get_cookie_dict(environ):
"""Return a *plain* dictionary of cookies as found in the request.
Unlike ``get_cookies`` this returns a dictionary, not a
``SimpleCookie`` object. For incoming cookies a dictionary fully
represents the information. Like ``get_cookies`` this caches and
checks the cache.
"""
header = environ.get('HTTP_COOKIE')
if not header:
return {}
if 'paste.cookies.dict' in environ:
cookies, check_header = environ['paste.cookies.dict']
if check_header == header:
return cookies
cookies = SimpleCookie()
try:
cookies.load(header)
except CookieError:
pass
result = {}
for name in cookies:
result[name] = cookies[name].value
environ['paste.cookies.dict'] = (result, header)
return result
def parse_cookies(self):
from http.cookies import SimpleCookie, CookieError
if not self._headers_history:
self._parse_headers_raw()
# Get cookies from endpoint
cookies = []
for header in chain(*self._headers_history):
if len(header) > 2:
continue
key, value = header[0], header[1]
if key.lower().startswith("set-cookie"):
try:
cookie = SimpleCookie()
cookie.load(value)
cookies.extend(list(cookie.values()))
# update cookie jar
for morsel in list(cookie.values()):
if isinstance(self._cookies_jar, CookieJar):
self._cookies_jar.set_cookie(morsel_to_cookie(morsel))
except CookieError as e:
logger.warn(e)
self._cookies = dict([(cookie.key, cookie.value) for cookie in cookies])
return self._cookies
def set_cookie(name, _, *args):
cookie = SimpleCookie()
cookie[name] = base64.b64encode(":".join(args))
cookie[name]['path'] = "/"
cookie[name]["expires"] = _expiration(5) # 5 minutes from now
logger.debug("Cookie expires: %s" % cookie[name]["expires"])
return tuple(cookie.output().split(": ", 1))
def raw_cookies(self):
"""Raw access to cookies"""
cookie_data = self.environ.get("HTTP_COOKIE", "")
cookies = SimpleCookie()
if not cookie_data:
return cookies
cookies.load(cookie_data)
return cookies
def cookies(self) -> HTTPCookies:
if not hasattr(self, "_cookies"):
cookies = HTTPCookies()
if "set-cookie" in self.headers:
for cookie_header in self.headers.get_list("set-cookie"):
cookies.load(cookie_header)
self._cookies = cookies
return self._cookies
def cookies(self):
"""A dictionary of Cookie.Morsel objects."""
cookies = SimpleCookie()
try:
cookies.load(self.headers["Cookie"])
except Exception:
pass
return cookies
def cookies(self):
"""Container of request cookies
"""
cookies = SimpleCookie()
cookie = self.environ.get('HTTP_COOKIE')
if cookie:
cookies.load(cookie)
return cookies
def test_default_timeout(self):
# Default timeout should be 30 mins
self.login()
response = self.client.get('/next-after-login', follow_redirects=False)
cookies = SimpleCookie()
[cookies.load(item[1]) for item in response.headers
if item[0] == 'Set-Cookie']
assert int(cookies['SS_INACTIVITY_TIMEOUT'].value) == 30 * 60
def pull_cookies(environ):
"""
Pulls and formats cookies stored by user for domain.
<http://pwp.stevecassidy.net/wsgi/cookies.html>
"""
cookie = SimpleCookie(environ.get('HTTP_COOKIE', ''))
return {key: morsel.value for key, morsel in cookie.items()}
def cookie_dict_from_cookie_str(cookie_str):
"""cookie_dict_from_str Cookie字符串返回成dict
:param cookie_str: cookies string
"""
cookie = SimpleCookie()
cookie.load(cookie_str)
return {key: morsel.value for key, morsel in cookie.items()}
def logout(_request):
body = base_body % ('<p>Logged out </p>')
res = Response()
c = SimpleCookie()
c['authhash'] = ''
res.set_header(*c.output().split(': '))
res.set_body(body)
return res
def user2kaka(self, user):
uid = rndbytes(32)
self.uid2user[uid] = user
cookie = SimpleCookie()
cookie[self.cookie_name] = uid
cookie[self.cookie_name]['path'] = "/"
cookie[self.cookie_name]["expires"] = _expiration(480)
logger.debug("Cookie expires: %s" % cookie[self.cookie_name]["expires"])
return tuple(cookie.output().split(": ", 1))
def cookies(self):
"""Return request cookies.
A read-only dictionary-like object.
"""
raw = self.headers.get(hdrs.COOKIE, '')
parsed = SimpleCookie(raw)
return MappingProxyType(
{key: val.value for key, val in parsed.items()})
def get_cookie(self, key):
cookie_string = self.req_env.get('HTTP_COOKIE', None)
if cookie_string is None:
return
cookie = SimpleCookie()
cookie.load(cookie_string)
return cookie.get(key, None).value
def application1(environ,start_response):
try:
request_body_size = remainbytes = int(environ.get('CONTENT_LENGTH',0))
except ValueError:
request_body_size = remainbytes = 0
if remainbytes > 0:
CONTENT_TYPE = environ.get('CONTENT_TYPE','')
boundary = re.findall('multipart/form-data.*boundary=(.*)',CONTENT_TYPE)[0].encode('ascii')
wsgi_input = environ['wsgi.input']
line = wsgi_input.readline()
remainbytes -= len(line)
if not boundary in line:
return (False,"Content NOT begin with boundary")
line = wsgi_input.readline()
remainbytes -= len(line)
line = line.decode('ascii')
fn = re.findall(r'Content-Disposition.*name="file"; filename="(.*)"', line)[0]
line = wsgi_input.readline()
remainbytes -= len(line)
line = wsgi_input.readline()
remainbytes -= len(line)
blocksize = 8192
out = open(fn,'wb')
preline = wsgi_input.readline()
remainbytes -= len(line)
while remainbytes > 0:
line = wsgi_input.readline()
remainbytes -= len(line)
if boundary in line:
preline = preline[0:-1]
if preline.endswith(b'\r'):
preline = preline[0:-1]
out.write(preline)
out.close()
break
else:
out.write(preline)
preline = line
cookie = SimpleCookie(environ.get('HTTP_COOKIE',''))
if 'sid' in cookie:
sid = cookie['sid'].value
message = 'already session'
else:
sid = hashlib.sha224(repr(time.time()).encode('ascii')).hexdigest()
cookie['sid'] = sid
message = 'new session'
cookie['sid']['expires'] = 60
response_body = html % ("OK" if request_body_size else "Empty",message,sid)
status = '200 OK'
response_headers = [('Set-Cookie',cookie.output(header="")),
('Content-Type','text/html'),
('Content-Length',str(len(response_body)))
]
start_response(status,response_headers)
#response_body = response_body.encode('ascii')
return [response_body.encode('ascii')]
def cookie_parts(name, kaka):
if not isinstance(kaka, SimpleCookie):
cookie_obj = SimpleCookie(str(kaka))
else:
cookie_obj = kaka
morsel = cookie_obj.get(name)
if morsel:
return morsel.value.split("|")
else:
return None
def start_response(status, headers):
ret["status"] = status
ret["headers"] = headers
ret["cookies"] = {}
cookies = SimpleCookie()
for k, v in headers:
if k == 'Set-Cookie':
cookies.load(v)
for key in cookies.keys():
ret["cookies"][key] = cookies[key]
def wsgi_filter(environ, start_response):
# set REMOTE_USER from cookie
cookies = SimpleCookie()
cookies.load(environ.get('HTTP_COOKIE', ''))
if 'REMOTE_USER' in cookies:
user = cookies['REMOTE_USER'].value
else:
user = '******'
environ['REMOTE_USER'] = user
return app(environ, start_response)
def _loadSessionFromCookie(self, environ):
"""
Attempt to load the associated session using the identifier from
the cookie.
"""
C = SimpleCookie(environ.get('HTTP_COOKIE'))
morsel = C.get(self._cookieName, None)
if morsel is not None:
self._session = self._store.checkOutSession(morsel.value)
self._expired = self._session is None
def _set_common_domain_cookie(self, internal_response, http_args, context):
"""
"""
# Find any existing common domain cookie and deconsruct it to
# obtain the list of IdPs.
cookie = SimpleCookie(context.cookie)
if '_saml_idp' in cookie:
common_domain_cookie = cookie['_saml_idp']
satosa_logging(logger, logging.DEBUG, "Found existing common domain cookie {}".format(common_domain_cookie), context.state)
space_separated_b64_idp_string = unquote(common_domain_cookie.value)
b64_idp_list = space_separated_b64_idp_string.split()
idp_list = [urlsafe_b64decode(b64_idp).decode('utf-8') for b64_idp in b64_idp_list]
else:
satosa_logging(logger, logging.DEBUG, "No existing common domain cookie found", context.state)
idp_list = []
satosa_logging(logger, logging.DEBUG, "Common domain cookie list of IdPs is {}".format(idp_list), context.state)
# Identity the current IdP just used for authentication in this flow.
this_flow_idp = internal_response.auth_info.issuer
# Remove all occurrences of the current IdP from the list of IdPs.
idp_list = [idp for idp in idp_list if idp != this_flow_idp]
# Append the current IdP.
idp_list.append(this_flow_idp)
satosa_logging(logger, logging.DEBUG, "Added IdP {} to common domain cookie list of IdPs".format(this_flow_idp), context.state)
satosa_logging(logger, logging.DEBUG, "Common domain cookie list of IdPs is now {}".format(idp_list), context.state)
# Construct the cookie.
b64_idp_list = [urlsafe_b64encode(idp.encode()).decode("utf-8") for idp in idp_list]
space_separated_b64_idp_string = " ".join(b64_idp_list)
url_encoded_space_separated_b64_idp_string = quote(space_separated_b64_idp_string)
cookie = SimpleCookie()
cookie['_saml_idp'] = url_encoded_space_separated_b64_idp_string
cookie['_saml_idp']['path'] = '/'
# Use the domain from configuration if present else use the domain
# from the base URL for the front end.
domain = urlparse(self.base_url).netloc
if isinstance(self.config['common_domain_cookie'], dict):
if 'domain' in self.config['common_domain_cookie']:
domain = self.config['common_domain_cookie']['domain']
# Ensure that the domain begins with a '.'
if domain[0] != '.':
domain = '.' + domain
cookie['_saml_idp']['domain'] = domain
cookie['_saml_idp']['secure'] = True
# Set the cookie.
satosa_logging(logger, logging.DEBUG, "Setting common domain cookie with {}".format(cookie.output()), context.state)
http_args['headers'].append(tuple(cookie.output().split(": ", 1)))
def _set_cookies(self, appid, headers):
if appid not in self.cookies:
self._init_cookies(appid)
for sc in headers.get_list("Set-Cookie"):
c = SimpleCookie(sc)
for morsel in c.values():
if morsel.key not in ['data_bizuin', 'slave_user', 'bizuin']:
if morsel.value and morsel.value != 'EXPIRED':
self.cookies[appid][morsel.key] = morsel.value
else:
self.cookies[appid].pop(morsel.key, None)
def parse_cookies( self, headers ):
""":meth:`pluggdapps.web.interfaces.IHTTPCookie.parse_cookies`
interface method."""
cookies = SimpleCookie()
cookie = headers.get( 'cookie', '' )
try :
cookies.load( cookie )
return cookies
except CookieError :
self.pa.logwarn( "Unable to parse cookie: %s" % cookie )
return None
def cookies(self) -> HTTPCookies:
"""
Parse cookies and return cookies in a `HTTPCookies` instance.
"""
if not hasattr(self, "_cookies"):
cookies = HTTPCookies()
if "set-cookie" in self.headers:
for cookie_header in self.headers.get_list("set-cookie"):
cookies.load(cookie_header)
self._cookies = cookies
return self._cookies
def cookies(self):
if self._cookies is None:
cookie = self.headers.get('Cookie') or self.headers.get('cookie')
if cookie is not None:
cookies = SimpleCookie()
cookies.load(cookie)
self._cookies = {name: cookie.value
for name, cookie in cookies.items()}
else:
self._cookies = {}
return self._cookies
def COOKIES(self):
if self._cookies is None:
try:
c = SimpleCookie(self.ENV.get('HTTP_COOKIE', ''))
except CookieError: # pragma: no cover
self._cookies = {}
else:
res = {}
for name, value in c.items():
res[name] = value.value
self._cookies = res
return self._cookies
def delete_cookie(environ, name):
kaka = environ.get("HTTP_COOKIE", '')
logger.debug("delete KAKA: %s" % kaka)
if kaka:
cookie_obj = SimpleCookie(kaka)
morsel = cookie_obj.get(name, None)
cookie = SimpleCookie()
cookie[name] = ""
cookie[name]['path'] = "/"
logger.debug("Expire: %s" % morsel)
cookie[name]["expires"] = _expiration("dawn")
return tuple(cookie.output().split(": ", 1))
return None
def set_cookie_header(header: str) -> None:
"""Like set_cookie, but you can set the header directly."""
c = SimpleCookie()
c.load(header)
session.cookies.update(c)
#!/usr/local/bin/python3
from cgitb import enable
enable()
from cgi import FieldStorage
from os import environ
from hashlib import sha256
from time import time
from shelve import open
from http.cookies import SimpleCookie
result = ''
redirect = ''
try:
cookie = SimpleCookie()
http_cookie_header = environ.get('HTTP_COOKIE')
if not http_cookie_header:
sid = sha256(repr(time()).encode()).hexdigest()
cookie['sid'] = sid
else:
cookie.load(http_cookie_header)
sid = cookie['sid'].value
session_store = open('sess_' + sid, writeback=True)
# Get the id of the item being added to the cart
form_data = FieldStorage()
book_id = form_data.getfirst('book_id')
qty = session_store.get(book_id)
if not qty:
def make_redirect_cookie(self, scope):
"""cookie to tell browser where to redirect post authentication"""
redirect_cookie = SimpleCookie()
redirect_cookie[self.redirect_cookie_name] = scope["path"]
redirect_cookie[self.redirect_cookie_name]["path"] = "/"
return redirect_cookie
def _set_common_domain_cookie(self, internal_response, http_args, context):
"""
"""
# Find any existing common domain cookie and deconsruct it to
# obtain the list of IdPs.
cookie = SimpleCookie(context.cookie)
if '_saml_idp' in cookie:
common_domain_cookie = cookie['_saml_idp']
satosa_logging(
logger, logging.DEBUG,
"Found existing common domain cookie {}".format(
common_domain_cookie), context.state)
space_separated_b64_idp_string = unquote(
common_domain_cookie.value)
b64_idp_list = space_separated_b64_idp_string.split()
idp_list = [
urlsafe_b64decode(b64_idp).decode('utf-8')
for b64_idp in b64_idp_list
]
else:
satosa_logging(logger, logging.DEBUG,
"No existing common domain cookie found",
context.state)
idp_list = []
satosa_logging(
logger, logging.DEBUG,
"Common domain cookie list of IdPs is {}".format(idp_list),
context.state)
# Identity the current IdP just used for authentication in this flow.
this_flow_idp = internal_response.auth_info.issuer
# Remove all occurrences of the current IdP from the list of IdPs.
idp_list = [idp for idp in idp_list if idp != this_flow_idp]
# Append the current IdP.
idp_list.append(this_flow_idp)
satosa_logging(
logger, logging.DEBUG,
"Added IdP {} to common domain cookie list of IdPs".format(
this_flow_idp), context.state)
satosa_logging(
logger, logging.DEBUG,
"Common domain cookie list of IdPs is now {}".format(idp_list),
context.state)
# Construct the cookie.
b64_idp_list = [
urlsafe_b64encode(idp.encode()).decode("utf-8") for idp in idp_list
]
space_separated_b64_idp_string = " ".join(b64_idp_list)
url_encoded_space_separated_b64_idp_string = quote(
space_separated_b64_idp_string)
cookie = SimpleCookie()
cookie['_saml_idp'] = url_encoded_space_separated_b64_idp_string
cookie['_saml_idp']['path'] = '/'
# Use the domain from configuration if present else use the domain
# from the base URL for the front end.
domain = urlparse(self.base_url).netloc
if isinstance(self.config['common_domain_cookie'], dict):
if 'domain' in self.config['common_domain_cookie']:
domain = self.config['common_domain_cookie']['domain']
# Ensure that the domain begins with a '.'
if domain[0] != '.':
domain = '.' + domain
cookie['_saml_idp']['domain'] = domain
cookie['_saml_idp']['secure'] = True
# Set the cookie.
satosa_logging(
logger, logging.DEBUG,
"Setting common domain cookie with {}".format(cookie.output()),
context.state)
http_args['headers'].append(tuple(cookie.output().split(": ", 1)))
async def test_filter_cookie_with_unicode_domain(loop) -> None:
jar = CookieJar()
jar.update_cookies(
SimpleCookie("idna-domain-first=first; Domain=xn--9caa.com; Path=/; "))
assert len(jar.filter_cookies(URL("http://éé.com"))) == 1
assert len(jar.filter_cookies(URL("http://xn--9caa.com"))) == 1
class ClientResponse(HeadersMixin):
# from the Status-Line of the response
version = None # HTTP-Version
status = None # Status-Code
reason = None # Reason-Phrase
content = None # Payload stream
headers = None # Response headers, CIMultiDictProxy
raw_headers = None # Response raw headers, a sequence of pairs
_connection = None # current connection
flow_control_class = StreamReader # reader flow control
_reader = None # input stream
_source_traceback = None
# setted up by ClientRequest after ClientResponse object creation
# post-init stage allows to not change ctor signature
_loop = None
_closed = True # to allow __del__ for non-initialized properly response
_session = None
def __init__(self, method, url, *,
writer=None, continue100=None, timer=None,
request_info=None, auto_decompress=True):
assert isinstance(url, URL)
self.method = method
self.headers = None
self.cookies = SimpleCookie()
self._url = url
self._content = None
self._writer = writer
self._continue = continue100
self._closed = True
self._history = ()
self._request_info = request_info
self._timer = timer if timer is not None else TimerNoop()
self._auto_decompress = auto_decompress
self._cache = {} # reqired for @reify method decorator
@property
def url(self):
return self._url
@property
def url_obj(self):
warnings.warn(
"Deprecated, use .url #1654", DeprecationWarning, stacklevel=2)
return self._url
@property
def host(self):
return self._url.host
@property
def _headers(self):
return self.headers
@property
def request_info(self):
return self._request_info
@reify
def content_disposition(self):
raw = self._headers.get(hdrs.CONTENT_DISPOSITION)
if raw is None:
return None
disposition_type, params = multipart.parse_content_disposition(raw)
params = MappingProxyType(params)
filename = multipart.content_disposition_filename(params)
return ContentDisposition(disposition_type, params, filename)
def _post_init(self, loop, session):
self._loop = loop
self._session = session # store a reference to session #1985
if loop.get_debug():
self._source_traceback = traceback.extract_stack(sys._getframe(1))
def __del__(self, _warnings=warnings):
if self._loop is None:
return # not started
if self._closed:
return
if self._connection is not None:
self._connection.release()
self._cleanup_writer()
if self._loop.get_debug():
if PY_36:
kwargs = {'source': self}
else:
kwargs = {}
_warnings.warn("Unclosed response {!r}".format(self),
ResourceWarning,
**kwargs)
context = {'client_response': self,
'message': 'Unclosed response'}
if self._source_traceback:
context['source_traceback'] = self._source_traceback
self._loop.call_exception_handler(context)
def __repr__(self):
out = io.StringIO()
ascii_encodable_url = str(self.url)
if self.reason:
ascii_encodable_reason = self.reason.encode('ascii',
'backslashreplace') \
.decode('ascii')
else:
ascii_encodable_reason = self.reason
print('<ClientResponse({}) [{} {}]>'.format(
ascii_encodable_url, self.status, ascii_encodable_reason),
file=out)
print(self.headers, file=out)
return out.getvalue()
@property
def connection(self):
return self._connection
@property
def history(self):
"""A sequence of of responses, if redirects occurred."""
return self._history
async def start(self, connection, read_until_eof=False):
"""Start response processing."""
self._closed = False
self._protocol = connection.protocol
self._connection = connection
connection.protocol.set_response_params(
timer=self._timer,
skip_payload=self.method.lower() == 'head',
read_until_eof=read_until_eof,
auto_decompress=self._auto_decompress)
with self._timer:
while True:
# read response
try:
(message, payload) = await self._protocol.read()
except http.HttpProcessingError as exc:
raise ClientResponseError(
self.request_info, self.history,
code=exc.code,
message=exc.message, headers=exc.headers) from exc
if (message.code < 100 or
message.code > 199 or message.code == 101):
break
if self._continue is not None:
set_result(self._continue, True)
self._continue = None
# payload eof handler
payload.on_eof(self._response_eof)
# response status
self.version = message.version
self.status = message.code
self.reason = message.reason
# headers
self.headers = CIMultiDictProxy(message.headers)
self.raw_headers = tuple(message.raw_headers)
# payload
self.content = payload
# cookies
for hdr in self.headers.getall(hdrs.SET_COOKIE, ()):
try:
self.cookies.load(hdr)
except CookieError as exc:
client_logger.warning(
'Can not load response cookies: %s', exc)
return self
def _response_eof(self):
if self._closed:
return
if self._connection is not None:
# websocket, protocol could be None because
# connection could be detached
if (self._connection.protocol is not None and
self._connection.protocol.upgraded):
return
self._connection.release()
self._connection = None
self._closed = True
self._cleanup_writer()
@property
def closed(self):
return self._closed
def close(self):
if self._closed:
return
self._closed = True
if self._loop is None or self._loop.is_closed():
return
if self._connection is not None:
self._connection.close()
self._connection = None
self._cleanup_writer()
self._notify_content()
def release(self):
if self._closed:
return noop()
self._closed = True
if self._connection is not None:
self._connection.release()
self._connection = None
self._cleanup_writer()
self._notify_content()
return noop()
def raise_for_status(self):
if 400 <= self.status:
raise ClientResponseError(
self.request_info,
self.history,
code=self.status,
message=self.reason,
headers=self.headers)
def _cleanup_writer(self):
if self._writer is not None:
self._writer.cancel()
self._writer = None
self._session = None
def _notify_content(self):
content = self.content
if content and content.exception() is None and not content.is_eof():
content.set_exception(
ClientConnectionError('Connection closed'))
async def wait_for_close(self):
if self._writer is not None:
try:
await self._writer
finally:
self._writer = None
self.release()
async def read(self):
"""Read response payload."""
if self._content is None:
try:
self._content = await self.content.read()
except BaseException:
self.close()
raise
return self._content
def get_encoding(self):
ctype = self.headers.get(hdrs.CONTENT_TYPE, '').lower()
mimetype = helpers.parse_mimetype(ctype)
encoding = mimetype.parameters.get('charset')
if encoding:
try:
codecs.lookup(encoding)
except LookupError:
encoding = None
if not encoding:
if mimetype.type == 'application' and mimetype.subtype == 'json':
# RFC 7159 states that the default encoding is UTF-8.
encoding = 'utf-8'
else:
encoding = chardet.detect(self._content)['encoding']
if not encoding:
encoding = 'utf-8'
return encoding
async def text(self, encoding=None, errors='strict'):
"""Read response payload and decode."""
if self._content is None:
await self.read()
if encoding is None:
encoding = self.get_encoding()
return self._content.decode(encoding, errors=errors)
async def json(self, *, encoding=None, loads=json.loads,
content_type='application/json'):
"""Read and decodes JSON response."""
if self._content is None:
await self.read()
if content_type:
ctype = self.headers.get(hdrs.CONTENT_TYPE, '').lower()
if content_type not in ctype:
raise ContentTypeError(
self.request_info,
self.history,
message=('Attempt to decode JSON with '
'unexpected mimetype: %s' % ctype),
headers=self.headers)
stripped = self._content.strip()
if not stripped:
return None
if encoding is None:
encoding = self.get_encoding()
return loads(stripped.decode(encoding))
async def __aenter__(self):
return self
async def __aexit__(self, exc_type, exc_val, exc_tb):
# similar to _RequestContextManager, we do not need to check
# for exceptions, response object can closes connection
# is state is broken
self.release()
def get_cookies(raw_cookie):
"""extract cookies from raw cookie data"""
cookie = SimpleCookie(raw_cookie)
result = dict([(k, cookie[k].value) for k in cookie])
return result
def _serve_websocket (self):
self.close_connection = 1
# I think you technically need HTTP/1.1 to be able to upgrade or
# something like that. Firefox and Chrome don't seem to mind if
# we reply with HTTP/1.0, but at least one (Epiphany) will fail.
self.protocol_version = "HTTP/1.1"
log.debug("Upgrading to websocket")
self.send_response(101, "Switching Protocols")
k = self.headers.get("Sec-WebSocket-Key", "")
k += "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
k = base64.b64encode(hashlib.sha1(k.encode()).digest()).decode()
self.send_header("Sec-WebSocket-Accept", k)
self.send_header("Upgrade", "websocket")
self.send_header("Connection", "Upgrade")
do_cg = getattr(self, "ws_pox_cookieguard", None)
if do_cg is None: do_cg = getattr(self.parent, "pox_cookieguard", True)
if not do_cg:
cg_ok = True
else:
cookies = SimpleCookie(self.headers.get('Cookie'))
cgc = cookies.get(self.parent._pox_cookieguard_cookie_name)
if cgc and cgc.value == self.parent._get_cookieguard_cookie():
cg_ok = True
else:
# Cookieguard failed.
cookie = ("%s=%s; SameSite=Strict; HttpOnly; path=/"
% (self.parent._pox_cookieguard_cookie_name,
self.parent._get_cookieguard_cookie()))
self.send_header("Set-Cookie", cookie)
self.send_header("POX", "request-reconnect")
cg_ok = False
self.end_headers()
# Now stop using wfile and use raw socket
self.wfile.flush()
self.connection.settimeout(0)
if not cg_ok:
log.info("Bad POX CookieGuard cookie -- closing connection")
return
self._websocket_open = True
self._queue_call(self._on_start)
def feeder ():
data = b''
old_op = None
hdr = b''
while self._websocket_open:
while len(hdr) < 2:
newdata = yield True
if newdata: hdr += newdata
flags_op,len1 = struct.unpack_from("!BB", hdr, 0)
op = flags_op & 0x0f
flags = flags_op >> 4
fin = flags & 0x8
if (len1 & 0x80) == 0: raise RuntimeError("No mask set")
len1 &= 0x7f
hdr = hdr[2:]
while True:
if len1 <= 0x7d:
length = len1
break
elif len1 == 0x7e and len(hdr) >= 2:
length = struct.unpack_from("!H", hdr, 0)
hdr = hdr[2:]
break
elif len1 == 0x7f and len(hdr) >= 8:
length = struct.unpack_from("!Q", hdr, 0)
hdr = hdr[8:]
break
else:
raise RuntimeError("Bad length")
hdr += yield True
while len(hdr) < 4:
hdr += yield True
mask = [x for x in hdr[:4]]
hdr = hdr[4:]
while len(hdr) < length:
hdr += yield True
d = hdr[:length]
hdr = hdr[length:]
d = bytes((c ^ mask[i % 4]) for i,c in enumerate(d))
if not fin:
if op == self.WS_CONTINUE:
if old_op is None: raise RuntimeError("Continuing unknown opcode")
else:
if old_op is not None: raise RuntimeError("Discarded partial message")
old_op = op
data += d
else: # fin
if op == self.WS_CONTINUE:
if old_op is None: raise RuntimeError("Can't continue unknown frame")
op = old_op
d = data + d
old_op = None
data = b''
if op == self.WS_TEXT: d = d.decode('utf8')
if op in (self.WS_TEXT, self.WS_BINARY):
self._ws_message(op, d)
elif op == self.WS_PING:
msg = self._frame(self.WS_PONG, d)
self._send_real(msg)
elif op == self.WS_CLOSE:
if self.disconnect():
#TODO: Send close frame?
pass
elif op == self.WS_PONG:
pass
else:
pass # Do nothing for unknown type
deframer = feeder()
try:
deframer.send(None)
except StopIteration:
pass # PEP 479?
# This is nutso, but it just might work.
# *Try* to read individual bytes from rfile in case it has some
# buffered. When it fails, switch to reading from connection.
while True:
try:
d = self.rfile.read(1)
if not d: break
deframer.send(d)
except Exception:
break
import select
while self._websocket_open and core.running:
try:
(rx, tx, xx) = select.select([self.connection], [], [self.connection],
self.READ_TIMEOUT)
except Exception:
# sock died
log.warn("Websocket died")
break
if len(xx):
#TODO: reopen?
log.warn("Websocket exceptional")
break
if len(rx):
try:
r = self.connection.recv(4096)
if not r: break
deframer.send(r)
except Exception as e:
#TODO: reopen
break
log.debug("Done reading websocket")
#NOTE: We should probably send a close frame, but don't.
self.disconnect()
async def auth_callback(self, scope, receive, send):
# Look for ?code=
qs = dict(parse_qsl(scope["query_string"].decode("utf8")))
if not qs.get("code"):
await send_html(send, "Authentication failed, no code")
return
# Exchange that code for a token
github_response = (await self.http_request(
"https://github.com/login/oauth/access_token",
body=urlencode({
"client_id": self.client_id,
"client_secret": self.client_secret,
"code": qs["code"],
}).encode("utf-8"),
)).text
parsed = dict(parse_qsl(github_response))
# b'error=bad_verification_code&error_description=The+code+passed...'
if parsed.get("error"):
await send_html(
send,
"{}<h1>GitHub authentication error</h1><p>{}</p><p>{}</p>".
format(LOGIN_CSS, parsed["error"],
parsed.get("error_description") or ""),
)
return
access_token = parsed.get("access_token")
if not access_token:
await send_html(send, "No valid access token")
return
# Use access_token to verify user
profile_url = "https://api.github.com/user?access_token={}".format(
access_token)
try:
profile = (await self.http_request(profile_url)).json()
except ValueError:
await send_html(send, "Could not load GitHub profile")
return
auth = {
"id": str(profile["id"]),
"name": profile["name"],
"username": profile["login"],
"email": profile["email"],
}
# Are they allowed?
if not (await self.user_is_allowed(auth, access_token)):
await send_html(
send,
"""{}<h1>Access forbidden</h1>""".format(LOGIN_CSS),
status=403)
return
# Set a signed cookie and redirect to homepage
signer = Signer(self.cookie_secret)
signed_cookie = signer.sign(
json.dumps(dict(auth, ts=int(time.time())), separators=(",", ":")))
redirect_to = cookies_from_scope(scope).get(
self.redirect_cookie_name) or "/"
headers = [["location", redirect_to]]
login_cookie = SimpleCookie()
login_cookie[self.cookie_name] = signed_cookie
login_cookie[self.cookie_name]["path"] = "/"
headers.append(["set-cookie", login_cookie.output(header="").lstrip()])
asgi_logout_cookie = SimpleCookie()
asgi_logout_cookie[self.logout_cookie_name] = ""
asgi_logout_cookie[self.logout_cookie_name]["path"] = "/"
asgi_logout_cookie[self.logout_cookie_name]["max-age"] = 0
asgi_logout_cookie[self.logout_cookie_name]["expires"] = 0
headers.append(
["set-cookie",
asgi_logout_cookie.output(header="").lstrip()])
await send_html(send, "", 302, headers)
async def test_preserving_quoted_cookies(loop) -> None:
jar = CookieJar(unsafe=True)
jar.update_cookies(SimpleCookie("ip-cookie=\"second\"; Domain=127.0.0.1;"))
cookies_sent = jar.filter_cookies(
URL("http://127.0.0.1/")).output(header='Cookie:')
assert cookies_sent == 'Cookie: ip-cookie=\"second\"'
else:
sha256_password = sha256(password.encode()).hexdigest()
try:
connection = db.connect()
cursor = connection.cursor(db.cursors.DictCursor)
cursor.execute(
"""SELECT max_points FROM users
WHERE username = %s
AND password = %s""",
(username, sha256_password))
if cursor.rowcount == 0:
result = '<p>Error: incorrect user name or password</p>'
else:
sql_points = cursor.fetchone()
current_points = sql_points['max_points']
cookie = SimpleCookie()
sid = sha256(repr(time()).encode()).hexdigest()
cookie['sid'] = sid
session_store = open('sess_' + sid, writeback=True)
session_store['authenticated'] = True
session_store['username'] = username
session_store['max_points'] = current_points
session_store.close()
result = """
<p>Succesfully logged in!</p>
<p>Welcome back to Space, Asteroids and Dinosaurs.</p>
<ul>
<li><a href="index.py">Home</a></li>
<li><a href="logout.py">Logout</a></li>
</ul>"""
print(cookie)
def cookie(self):
c = SimpleCookie()
for key in list(self.values.keys()):
c[key] = self.values[key]
c["session_id"] = self.session_id
return c
def parse_cookies(cookies_str):
cookies = SimpleCookie()
cookies.load(cookies_str)
logging.debug(cookies)
return {key: morsel.value for key, morsel in cookies.items()}
def setUp(self):
self.application_id = uuid.UUID
signer = TimestampSigner()
signed_email = signer.sign('*****@*****.**')
self.client.cookies = SimpleCookie({'_ofs': signed_email})
def get_cookie_header(cookies: SimpleCookie) -> str:
return ';'.join([
"{}={}".format(name, value.value)
for name, value in cookies.items()
])
enable()
from os import environ
from http.cookies import SimpleCookie
from shelve import open
import util
import pymysql as db
print('Content-Type: text/html')
print()
# Updates stats
# Write to d and session store
result = 'fail'
http_cookie = environ.get('HTTP_COOKIE')
if http_cookie:
cookie = SimpleCookie()
cookie.load(http_cookie)
if 'karols_sid' in cookie:
karols_sid = cookie['karols_sid'].value
#try:
session_store = open('sessions/sess_' + str(karols_sid),
writeback=True)
if session_store['authenticated']:
# Take in current status if sent
high_score = util.getInt('high_score', 0)
curr_balance = util.getInt('curr_balance', 0)
armour = util.getInt('armour', 0, 5)
health_regen = util.getInt('health_regen', 0, 5)
boost = util.getInt('boost', 0, 5)
def cookies(self) -> dict:
cookie_jar = SimpleCookie(self.headers.get("cookie") or "")
return {name: value.value for name, value in cookie_jar.items()}