def decrypt_data(): aes_cipher = AESCipher(client.secret_key) encrypted_uri = self.handler.request.headers.get('X-Api-Encrypted-Uri') if encrypted_uri: request.uri = aes_cipher.decrypt(utf8(encrypted_uri)) logger.debug('decrypted uri %s' % request.uri) # 因为修改了 uri,需要重新生成 query_arguments request.path, sep, request.query = request.uri.partition('?') request.arguments = parse_qs_bytes(request.query, keep_blank_values=True) request.query_arguments = copy.deepcopy(request.arguments) encrypted_headers = self.handler.request.headers.get('X-Api-Encrypted-Headers') if encrypted_headers: headers_str = aes_cipher.decrypt(utf8(encrypted_headers)) headers = dict(json_decode(headers_str)) # logger.debug('raw headers %s' % request.headers) for k, v in iteritems(headers): # 要全部使用 text_type,否则会出现有的为 str,有的为 unicode # 导致422错误 request.headers[text_type(k)] = text_type(v) # logger.debug('decrypted headers %s' % request.headers) if request.body and len(request.body) > 0: logger.debug('解密 body') logger.debug(request.body) request.body = aes_cipher.decrypt(utf8(request.body)) # 因为修改了 body,需要重新 _parse_body request._parse_body()
def decrypt_data(): aes_cipher = AESCipher(client.secret_key) encrypted_uri = self.handler.request.headers.get( 'X-Api-Encrypted-Uri') if encrypted_uri: request.uri = aes_cipher.decrypt(utf8(encrypted_uri)) logger.debug('decrypted uri %s' % request.uri) encrypted_headers = self.handler.request.headers.get( 'X-Api-Encrypted-Headers') if encrypted_headers: headers_str = aes_cipher.decrypt(utf8(encrypted_headers)) headers = dict(json.loads(headers_str)) logger.debug('raw headers %s' % request.headers) for k, v in headers.iteritems(): # 要全部使用 text_type,否则会出现有的为 str,有的为 unicode # 导致422错误 request.headers[text_type(k)] = text_type(v) logger.debug('decrypted headers %s' % request.headers) if request.body and len(request.body) > 0: logger.debug('解密 body') logger.debug(request.body) request.body = aes_cipher.decrypt(utf8(request.body))
def _clean_headers(self): """ 清理headers中不需要的部分,以及替换值 :return: """ headers = self.request.headers # 更新host字段为后端访问网站的host headers['Host'] = self.client.request['endpoint']['netloc'] new_headers = {} # 如果 header 有的是 str,有的是 unicode # 会出现 422 错误 for name, value in headers.iteritems(): # 过滤 x-api 开头的,这些只是发给 api-gateway l_name = name.lower() if l_name.startswith('x-api-') and l_name != 'x-api-user-json': pass # 不需要提供 Content-Length, 自动计算 # 如果 Content-Length 不正确, 请求后端网站会出错, # 太大会出现超时问题, 太小会出现内容被截断 elif l_name == 'content-length': pass else: new_headers[text_type(name)] = text_type(value) return new_headers
def process_response(self, *args, **kwargs): logger.debug('process_response') auth_handler = HMACAuthHandler(self.handler.client) headers = { 'X-Api-Timestamp': text_type(int(time.time())), 'X-Api-Nonce': text_type(random.random()), } for k, v in headers.iteritems(): self.handler.set_header(k, v) response_body = b''.join(self.handler.get_write_buffer()) response_headers = self.handler.get_response_headers() # logger.debug(response_body.decode('utf-8')) # logger.debug(dict(self.handler.get_response_headers())) signature = auth_handler.signature_response( response_headers, self.handler.request, response_body) # 对返回结果进行签名 self.handler.set_header('X-Api-Signature', signature) self.handler.response['headers'] = response_headers self.handler.response['body'] = response_body logger.debug('process_response_done')
def get_auth_headers(self): headers = { 'X-Api-Timestamp': text_type(int(time.time())), 'X-Api-Nonce': text_type(random.random()), 'X-Api-Access-Key': text_type(self.access_key), 'X-Api-Encrypt-Type': text_type(self.encrypt_type) } return headers
def get_auth_headers(self): headers = { 'X-Api-Timestamp': text_type(int(time.time())), 'X-Api-Nonce': text_type(random.random()), 'X-Api-Access-Key': text_type(self.access_key), 'X-Api-Encrypt-Type': text_type(self.encrypt_type) } # 检查是否需要返回结果的签名 if self.require_response_sign: headers['X-Api-Require-Response-Signature'] = 'true' return headers
def load_middleware(self): """ 从 settings.MIDDLEWARE_CLASSES 载入中间件 """ for middleware_path in settings.MIDDLEWARE_CLASSES: mw_class = import_string(middleware_path) self.middleware_list.append(mw_class) logger.debug('middleware_list: \n%s' % '\n'.join([text_type(m) for m in self.middleware_list]))
def process_response(self, *args, **kwargs): logger.debug('process_response') auth_handler = HMACAuthHandler(self.handler.client) headers = { 'X-Api-Timestamp': text_type(int(time.time())), 'X-Api-Nonce': text_type(random.random()), } for k, v in headers.iteritems(): self.handler.set_header(k, v) response_body = b''.join(self.handler.get_write_buffer()) # logger.debug(response_body.decode('utf-8')) # logger.debug(dict(self.handler.get_response_headers())) signature = auth_handler.signature_response( self.handler.get_response_headers(), self.handler.request, response_body) # 对返回结果进行签名 self.handler.set_header('X-Api-Signature', signature) logger.debug('process_response_done')
def load_builtin_endpoints(self): """ 从 settings.BUILTIN_ENDPOINTS 载入内置的 endpoints """ handlers = [] for endpoint in settings.BUILTIN_ENDPOINTS: c = endpoint['config'] for url, handler_path in endpoint['handlers']: h_class = import_string(handler_path) handlers.append((r'/%s/%s%s' % (c['name'], c['version'], url), h_class)) logger.debug('builtin_endpoints: \n%s' % '\n'.join([text_type(h) for h in handlers])) return handlers
def load_builtin_endpoints(self): """ 从 settings.BUILTIN_ENDPOINTS 载入内置的 endpoints """ handlers = [] for endpoint in settings.BUILTIN_ENDPOINTS: c = endpoint['config'] for url, handler_path in endpoint['handlers']: h_class = import_string(handler_path) handlers.append( (r'/%s/%s%s' % (c['name'], c['version'], url), h_class)) logger.debug('builtin_endpoints: \n%s' % '\n'.join([text_type(h) for h in handlers])) return handlers
def encrypt_data(self): aes_cipher = AESCipher(self.secret_key) headers_str = json_util.dumps(self.request_data.headers) # 加密 Headers 和 url self.request_data.headers = { 'Content-Type': 'application/octet-stream', 'X-Api-Encrypted-Headers': aes_cipher.encrypt(utf8(headers_str)), 'X-Api-Encrypted-Uri': aes_cipher.encrypt(utf8(self.request_data.uri)) } self.request_data.uri = '/?_t=%d&_nonce=%s' % \ (int(time.time()), text_type(random.random())) # 设置一个新的 url url = self.api_server.strip() + self.request_data.uri if self.request_data.body is not None and len(self.request_data.body) > 0: self.request_data.body = aes_cipher.encrypt(utf8(self.request_data.body)) logger.debug(self.request_data.body) return url
def encrypt_data(self): aes_cipher = AESCipher(self.secret_key) headers_str = json_util.dumps(self.request_data.headers) # 加密 Headers 和 url self.request_data.headers = { 'Content-Type': 'application/octet-stream', 'X-Api-Encrypted-Headers': aes_cipher.encrypt(utf8(headers_str)), 'X-Api-Encrypted-Uri': aes_cipher.encrypt(utf8(self.request_data.uri)) } self.request_data.uri = '/?_t=%d&_nonce=%s' % \ (int(time.time()), text_type(random.random())) # 设置一个新的 url url = self.api_server.strip() + self.request_data.uri if self.request_data.body is not None and len( self.request_data.body) > 0: self.request_data.body = aes_cipher.encrypt( utf8(self.request_data.body)) logger.debug(self.request_data.body) return url
def get_exc_message(e): return e.log_message if \ hasattr(e, 'log_message') else text_type(e)