def get_details(self):
if self.use_S3:
if not self.user_details:
self.user_details = read_S3state(
BUCKET_USERDB, self.user_id + KEY_USER_DETAILS)
else:
try:
self.user_details = USER_DETAILS[self.user_id]
except KeyError:
log_error("Could not find user %s in static files",
self.user_id)
return self.user_details
def get(self):
if self.use_S3:
self.device_details = read_S3state(
BUCKET_GLOBALDB, self.manufacturer + "-" + self.device)
else:
try:
self.device_details = DEVICE_DB[self.manufacturer][self.device]
except KeyError:
log_error(
"Could not find device %s from manufacturer %s in static files",
self.device, self.manufacturer)
return self.device_details
def read_S3state(bucket, key):
state = {}
blob, version = read_object(BUCKET_ROOT + bucket, KEY_ROOT + key)
if version != S3_SCHEMA_VERSION:
log_error("Schema mismatch: read %s, code at %s", version,
S3_SCHEMA_VERSION)
else:
state = pickle.loads(blob)
log_debug("Read %s/%s state from S3: %s", bucket, key,
pp.pformat(state))
return state
def get_user_from_token(token):
log_debug("Token is %s", token)
url = LWA_PROFILE_URL + urllib.parse.urlencode({'access_token': token})
r = requests.get(url=url)
if r.status_code == 200:
log_debug("Amazon profile returned is:")
log_debug(json.dumps(r.json(), indent=4))
body = r.json()
user = body['user_id']
else:
log_error("Amazon look up returned an error %d", r.status_code)
log_error(json.dumps(r.json(), indent=4))
user = "******"
return user
def verify_devices(devices, database):
# Check we recognise the list of devices the user has. As we'er running
# as a lambda, don't worry too much about raising and catching exceptions;
# the important thing is to log it.
log_debug("Validate user devices exist in DB")
bad_device = False
for device in devices:
log_debug("Check user device %s", device['friendly_name'])
manu = device['manufacturer']
model = device['model']
if manu in database:
if model in database[manu]:
log_debug("Manu %s, model %s found OK", manu, model)
else:
log_error("Device %s with manu %s has incorrect model %s", device['friendly_name'], manu, model)
bad_device = True
else:
log_error("Device %s has incorrect manu %s", device['friendly_name'], manu)
bad_device = True
def read_object(bucket_name, key_name):
blob = b''
version = ""
s3 = boto3.client('s3')
# Check if bucket exists
try:
response = s3.get_object(Bucket=bucket_name, Key=key_name)
blob = response['Body'].read()
version = response['Metadata']['schema_version']
log_debug(
"Returned %d bytes of schema version %s reading object %s from bucket %s",
len(blob), version, key_name, bucket_name)
except botocore.exceptions.ClientError as e:
log_error("Error %s reading object %s from bucket %s", pp.pformat(e),
key_name, bucket_name)
return blob, version
def write_object(bucket_name, key_name, blob, version):
s3 = boto3.client('s3')
# Check if bucket exists
try:
s3.head_bucket(Bucket=bucket_name)
log_debug("Bucket %s exists", bucket_name)
except botocore.exceptions.ClientError as e:
error_code = int(e.response['Error']['Code'])
if error_code == 403:
log_error("Denied access to bucket %s", bucket_name)
elif error_code == 404:
log_debug("Bucket %s does not exist - creating", bucket_name)
bucket = s3.create_bucket(
ACL='public-read-write',
Bucket=bucket_name,
CreateBucketConfiguration={'LocationConstraint': REGION})
else:
log_error("Error %d checking bucket %s", error_code, bucket_name)
try:
metadata = {"schema_version": version}
s3.put_object(Bucket=bucket_name,
Key=key_name,
Body=blob,
ACL='public-read-write',
Metadata=metadata)
log_debug("Written object %s to bucket %s", key_name, bucket_name)
except botocore.exceptions.ClientError as e:
error_code = int(e.response['Error']['Code'])
log_error("Error %d writing object %s to bucket %s", error_code,
key_name, bucket_name)
def verify_request(primitives, endpoint, capability, directive):
# Check we know about this endpoint
if endpoint in primitives:
log_debug("Recognise endpoint %s", endpoint)
if capability in primitives[endpoint]:
log_debug("Recognise capability %s", capability)
if directive in primitives[endpoint][capability]:
log_debug("Recognise directive %s", directive)
else:
log_error("Don't recognise directive %s", directive)
else:
log_error("Don't recognise capability %s", capability)
else:
log_error("Don't recognise endpoint %s", endpoint)
def set(self, details):
if self.use_S3:
write_S3state(BUCKET_GLOBALDB,
self.manufacturer + "-" + self.device, details)
else:
log_error("Called to write device details but using static files")
def verify_static_user(user):
# Check we know about this user
#if user in USER_DETAILS:
# log_debug("Recognise user %s", user)
#else:
log_error("Don't recognise user %s", user)