def delete(self, *args, **kwargs):
filename = urlsafe_b64encode(self.get_argument('filename').encode()).decode()
app_id = self.get_argument('app')
name = urlsafe_b64encode(self.get_argument('name').encode()).decode()
node = os.path.join(self.application.options.root, app_id, filename, name)
self.application.zk.delete(node)
self.jsonify(code=200, message='deleted')
def generate_jwt():
"""Generates a signed JSON Web Token using the Google App Engine default
service account."""
now = int(time.time())
header_json = json.dumps({
"typ": "JWT",
"alg": "RS256"})
payload_json = json.dumps({
'iat': now,
# expires after one hour.
"exp": now + 3600,
# iss is the Google App Engine default service account email.
'iss': DEFAULT_SERVICE_ACCOUNT,
'sub': DEFAULT_SERVICE_ACCOUNT,
# aud must match 'audience' in the security configuration in your
# swagger spec.It can be any string.
'aud': 'echo.endpoints.sample.google.com',
"email": DEFAULT_SERVICE_ACCOUNT
})
headerAndPayload = '{}.{}'.format(
base64.urlsafe_b64encode(header_json),
base64.urlsafe_b64encode(payload_json))
(key_name, signature) = app_identity.sign_blob(headerAndPayload)
signed_jwt = '{}.{}'.format(
headerAndPayload,
base64.urlsafe_b64encode(signature))
return signed_jwt
def encode(signer, payload, header=None, key_id=None):
"""Make a signed JWT.
Args:
signer (google.auth.crypt.Signer): The signer used to sign the JWT.
payload (Mapping[str, str]): The JWT payload.
header (Mapping[str, str]): Additional JWT header payload.
key_id (str): The key id to add to the JWT header. If the
signer has a key id it will be used as the default. If this is
specified it will override the signer's key id.
Returns:
bytes: The encoded JWT.
"""
if header is None:
header = {}
if key_id is None:
key_id = signer.key_id
header.update({'typ': 'JWT', 'alg': 'RS256'})
if key_id is not None:
header['kid'] = key_id
segments = [
base64.urlsafe_b64encode(json.dumps(header).encode('utf-8')),
base64.urlsafe_b64encode(json.dumps(payload).encode('utf-8')),
]
signing_input = b'.'.join(segments)
signature = signer.sign(signing_input)
segments.append(base64.urlsafe_b64encode(signature))
return b'.'.join(segments)
def rows_func(rows):
try:
bson_data = bson.decode_all(rows)[0]
rows_data = bson_data['array']
#key_indices = bson_data['keyindices']
acc_wrapper._set_data(list(init_acc_values))
for row in rows_data:
row_wrapper.load_row(row)
aggregator_function(acc_wrapper, row_wrapper)
result = []
for key_index in key_indices_wrapper:
answer = rows_data[0][key_index]
result.append(answer)
result.extend(acc_wrapper._get_data())
return numpy_to_bson_friendly(result)
except Exception as e:
try:
e_msg = unicode(e)
except:
e_msg = u'<unable to get exception message>'
try:
e_row = unicode(bson.decode_all(rows)[0]['array'])
except:
e_row = u'<unable to get row data>'
try:
msg = base64.urlsafe_b64encode((u'Exception: %s running UDF on row: %s' % (e_msg, e_row)).encode('utf-8'))
except:
msg = base64.urlsafe_b64encode(u'Exception running UDF, unable to provide details.'.encode('utf-8'))
raise IaPyWorkerError(msg)
def sign_request(self, request):
"""Sign request per PBSAuth specifications.
Keyword arguments:
`request` -- instance of `urllib2.Request`
Returns:
instance of `urllib2.Request` (signed)
"""
timestamp = str(time.time())
try:
nonce = urlsafe_b64encode(urandom(32)).strip("=")
except TypeError:
nonce = urlsafe_b64encode(urandom(32)).decode('utf-8').strip("=")
query = request.get_full_url()
to_be_signed = 'GET%s%s%s%s' % (query, timestamp,
self.api_app_id, nonce)
signature = hmac.new(self.api_app_secret.encode('utf-8'),
to_be_signed.encode('utf-8'),
sha1).hexdigest()
request.add_header('X-PBSAuth-Timestamp', timestamp)
request.add_header('X-PBSAuth-Consumer-Key', self.api_app_id)
request.add_header('X-PBSAuth-Signature', signature)
request.add_header('X-PBSAuth-Nonce', nonce)
return request
def write_xml(self):
# Created Salmon decrypted header
decrypted_header = "<decrypted_header>\n\
<iv>%s</iv>\n\
<aes_key>%s</aes_key>\n\
<author>\n\
<name>%s</name>\n\
<uri>acct:%s</uri>\n\
</author>\n\
</decrypted_header>\n" % (base64.urlsafe_b64encode(self.aes_key[1]),base64.urlsafe_b64encode(self.aes_key[0]),self.author,self.author_uri)
# Encrypt decrypted_header
key = aes_helper.get_random_key()
ciphertext = base64.b64encode(aes_helper.encrypt(decrypted_header,key))
# Encrypt AES session-key with the receivers public key
key_hash = simplejson.dumps({'key':base64.b64encode(key[0]),'iv':base64.b64encode(key[1])})
encrypted_key = base64.b64encode(rsa_helper.encrypt(key_hash,self.public_key))
# Pack encrypted header
encrypted_header = base64.b64encode(simplejson.dumps({'aes_key':encrypted_key,'ciphertext':ciphertext}))
# Put it all together to a nice Salmon-friendly atom XML
xml = "<?xml version='1.0' encoding='UTF-8'?>\n\
<entry xmlns='http://www.w3.org/2005/Atom'>\n\
<encrypted_header>%s</encrypted_header>\n\
%s\n\
</entry>" % (encrypted_header,self.envelope)
return xml
def get_new_token(self):
"""
Get a new token using the email address and RSA Key.
:return: Dictionary containing token information
:rtype: ``dict``
"""
# The header is always the same
header = {'alg': 'RS256', 'typ': 'JWT'}
header_enc = base64.urlsafe_b64encode(b(json.dumps(header)))
# Construct a claim set
claim_set = {'iss': self.user_id,
'scope': self.scopes,
'aud': 'https://accounts.google.com/o/oauth2/token',
'exp': int(time.time()) + 3600,
'iat': int(time.time())}
claim_set_enc = base64.urlsafe_b64encode(b(json.dumps(claim_set)))
# The message contains both the header and claim set
message = b'.'.join((header_enc, claim_set_enc))
# Then the message is signed using the key supplied
key = RSA.importKey(self.key)
hash_func = SHA256.new(message)
signer = PKCS1_v1_5.new(key)
signature = base64.urlsafe_b64encode(signer.sign(hash_func))
# Finally the message and signature are sent to get a token
jwt = b'.'.join((message, signature))
request = {'grant_type': 'urn:ietf:params:oauth:grant-type:jwt-bearer',
'assertion': jwt}
return self._token_request(request)
def create(clz, user=None):
secret_key = base64.urlsafe_b64encode(os.urandom(64))
access_key = base64.urlsafe_b64encode(uuid.uuid4().bytes)\
.replace('=', '')
return APIAccessCredential.objects.create(
user=user, access_key=access_key, secret_key=secret_key)
def test_csrf_validation(self):
self.expectErrors()
h = SimpleAuthHandler()
token = h._generate_csrf_token()
token2 = h._generate_csrf_token()
self.assertTrue(h._validate_csrf_token(token, token))
self.assertFalse(h._validate_csrf_token(token, token2))
self.assertFalse(h._validate_csrf_token('', token))
self.assertFalse(h._validate_csrf_token(token, ''))
self.assertFalse(h._validate_csrf_token('', ''))
self.assertFalse(h._validate_csrf_token('invalid b64', 'invalid b64'))
# no timestamp
token = base64.urlsafe_b64encode('random')
self.assertFalse(h._validate_csrf_token(token, token))
token = base64.urlsafe_b64encode('random%s' % h.OAUTH2_CSRF_DELIMITER)
self.assertFalse(h._validate_csrf_token(token, token))
# no token key
token = '%s%d' % (h.OAUTH2_CSRF_DELIMITER, long(time.time()))
encoded = base64.urlsafe_b64encode(token)
self.assertFalse(h._validate_csrf_token(encoded, encoded))
# token timeout
timeout = long(time.time()) - h.OAUTH2_CSRF_TOKEN_TIMEOUT - 1
token = h._generate_csrf_token(_time=timeout)
self.assertFalse(h._validate_csrf_token(token, token))
def update_servers():
try:
# servers
global servers
servers = ss_free.main()
# subscription
global encoded
global full_encoded
global jsons
global full_jsons
jsons = list()
decoded = list()
full_decoded = list()
for website in servers:
for server in website['data']:
full_decoded.append(server['ssr_uri'])
full_jsons.append(server['json'])
if server['status'] is True:
decoded.append(server['ssr_uri'])
jsons.append(server['json'])
decoded = '\n'.join(decoded)
encoded = base64.urlsafe_b64encode(bytes(decoded, 'utf-8'))
full_decoded = '\n'.join(full_decoded)
full_encoded = base64.urlsafe_b64encode(bytes(full_decoded, 'utf-8'))
except Exception as e:
logging.exception(e, stack_info=True)
def post(self):
args = self.request.arguments
retval = {"query": None, "zip": None}
if "code" in args:
code = "".join(args["code"])
language = "".join(args.get("language", ["sage"]))
else:
self.send_error(400)
return
interacts = "".join(args.get("interacts", ["[]"]))
import zlib, base64
retval["zip"] = base64.urlsafe_b64encode(zlib.compress(code))
retval["query"] = yield gen.Task(self.application.db.new_exec_msg,
code.decode("utf8"), language, interacts.decode("utf8"))
if "interacts" in args:
retval["interacts"] = base64.urlsafe_b64encode(zlib.compress(interacts))
if "n" in args:
retval["n"] = int("".join(args["n"]))
if "frame" not in args:
self.set_header("Access-Control-Allow-Origin", self.request.headers.get("Origin", "*"))
self.set_header("Access-Control-Allow-Credentials", "true")
else:
retval = '<script>parent.postMessage(%r,"*");</script>' % (json.dumps(retval),)
self.set_header("Content-Type", "text/html")
self.write(retval)
self.finish()
def __init__(self, content, pubkey=None, privkey=None):
"""If key=None, the key should be in content dict already, else overwrite"""
self.as_dict = content
self.privkey = privkey
if pubkey:
self.pubkey = pubkey
self.as_dict['key'] = JsonCert.key_to_str(self.pubkey)
elif 'key' in self.as_dict:
self.pubkey = JsonCert.str_to_key(self.as_dict['key'])
else:
raise Exception("No public key in certificate")
if 'sig' in self.as_dict:
sig = self.as_dict['sig']
del self.as_dict['sig']
#verify:
self.keyid = hashlib.sha384(JsonCert.serialize(self.as_dict)).digest()
compkid = rsa_cbc_d(self.pubkey, base64.urlsafe_b64decode(sig))
if compkid != self.keyid:
raise Exception('Invalid self-signature in keyid %s' % \
base64.urlsafe_b64encode(self.keyid))
#things look good, put the signature back:
self.as_dict['sig'] = sig
else:
if not privkey:
raise Exception("Unsigned certificate without private key")
else:
self.keyid = hashlib.sha384(JsonCert.serialize(self.as_dict)).digest()
sigdata = rsa_cbc_e(self.privkey, self.keyid)
self.as_dict['sig'] = base64.urlsafe_b64encode(sigdata)
self.keyid64 = base64.urlsafe_b64encode(self.keyid)
def create_user(email, password):
'''
create a new user
'''
if not email:
return False
userid = email.split('@')[0].split('+')[0]
salt = getrandbytes(32)
salt_encode = urlsafe_b64encode(salt)
passhash = hash_password(salt, password)
passhash_encode = urlsafe_b64encode(passhash)
app.users[userid] = {'salt': salt_encode, 'passhash': passhash_encode}
user = {
'salt': salt_encode,
'passhash': passhash_encode,
'email': email,
'userid': userid}
###############################
# TOQU: save this stuff to a DB
with open('users.json', 'w+') as users_jsonfile_w:
users_jsonfile_w.write(json.dumps(app.users))
###############################
return user
def send(self, to):
"""Send a signed notif
Argument:
to -- notif address including agent
Returns:
Notification ID including agent
HTTP status code (200 for success, 404 if notification address unknown
"""
if self.signature == None:
raise ValueErr #Probably needs prepare()
url = IDtoURL(to)
print "POST to ",url # DEBUG
notifMsg = { "header": { "to": to },
"payload": base64.urlsafe_b64encode(self.protected).rstrip("=") + "." +
base64.urlsafe_b64encode(self.payload).rstrip("=") + "." + self.signature }
try:
r = requests.post(url, data=json.dumps(notifMsg))
except:
print "POST error to ", url, sys.exc_info()[0]
return ("", 0)
notID = None
if r.status_code == 200:
print r.text # DEBUG
rj = json.loads(r.text)
notID = rj["notid"] + "@" + to[string.index(to, "@")+1:]
return (notID, r.status_code)
def get_signed_request():
payload = {
'algorithm': 'HMAC-SHA256',
'user': {
'country': 'uk',
'locale': 'en_GB'
},
'oauth_token': 'ABCDE',
'expires': time() + 999999,
'issued_at': time(),
'user_id': 12345
}
encoded_payload = base64.urlsafe_b64encode(
json.dumps(payload, separators=(',', ':'))
)
encoded_signature = base64.urlsafe_b64encode(hmac.new(
TEST_APPLICATION_SECRET,
encoded_payload,
hashlib.sha256
).digest())
return '%(signature)s.%(payload)s' % {
'signature': encoded_signature,
'payload': encoded_payload
}
def get(self):
if get_current_user():
return self.redirect('/')
fbtoken=cgi.escape(self.request.get('token'))
if not fbtoken:
self.redirect("/")
return
profile=json.load(urllib.urlopen("https://graph.facebook.com/me?"+
urllib.urlencode({'access_token': fbtoken})))
fb_id=profile["id"]
# hack for joint account with me and dave
if fb_id == '609719725':
fb_id = '613397287'
first_name=profile["first_name"]
surname=profile["last_name"]
user=User.all().filter("fb_id =",fb_id).get()
if user:
rand_string=base64.urlsafe_b64encode(os.urandom(32))
session = Session()
session.user_id = user.key().id()
session.token = rand_string
session.save()
self.response.set_cookie("session",rand_string,expires=datetime.datetime.now()+datetime.timedelta(days=30));
user.put()
self.redirect("/")
return
else:
session = SignupSession(fb_id=fb_id)
session.token = base64.urlsafe_b64encode(os.urandom(32))
session.save()
template_values={'name':first_name + ' ' + surname,'session':session.token}
template=jinja_environment.get_template('templates/signup.html')
self.response.out.write(template.render(template_values))
def _upddel(self, notid, delete=False):
"""Common tasks for update and delete methods"""
if notid == None:
raise ValueErr
if self.signature == None:
raise ValueErr #Probably needs prepare()
url = IDtoURL(notid)
message = { "header": { "notid":notid },
"payload": base64.urlsafe_b64encode(self.protected).rstrip("=") + "." +
base64.urlsafe_b64encode(self.payload).rstrip("=") + "." + self.signature }
if delete:
print "DELE to ",url #DEBUG
try:
r = requests.delete(url, data=json.dumps(message))
return r
except:
print "DELE error to ", url, sys.exc_info()[0]
return None
else:
print "PUT to ",url #DEBUG
try:
r = requests.put(url, data=json.dumps(message))
return r
except:
print "PUT error to ", url, sys.exc_info()[0]
return None
def get_camo_url(image_url):
b_url = image_url.encode('utf-8')
b_key = settings.CAMO_KEY.encode('utf-8')
digest = hmac.new(b_key, b_url, hashlib.sha1).digest()
b64digest = base64.urlsafe_b64encode(digest).decode('utf-8').strip('=')
b64url = base64.urlsafe_b64encode(b_url).decode('utf-8').strip('=')
return '{}{}/{}'.format(settings.CAMO_PATH, b64digest, b64url)
def send_invites(self, new_emails):
self.emails = list(set(email.lower() for email in (self.emails + new_emails)))
secret_code = b64.urlsafe_b64encode(os.urandom(32))
self.hashed_code = b64.urlsafe_b64encode(hashlib.sha224(secret_code).digest())
url = APP_URL + reverse("dominationgame.views.connect_account") + '?c=' + secret_code
mailbody = """
L.S.
This is an invitation to join a team for the Domination game.
You've been invited to join %s.
Use the following link to confirm:
%s
Regards,
Your TA
"""%(str(self), url)
logging.info(mailbody)
for email in new_emails:
mail.send_mail(sender="noreply@%s.appspotmail.com"%get_application_id(),
to=email,
subject="Invitation to join a team for %s"%(self.group.name),
body=mailbody)
self.put()
def generate_expiring_request(lifetime, plaintext):
"""
Generate the parameters needed for an expiring email request with the given payload.
Payload should be comma-delimited, and the consumer should expect to find and verify
a timestamp and nonce appended to the given plaintext.
"""
# Add nonce
rng = Random.new()
nonce = ''.join(choice(string.ascii_uppercase + string.digits) for _ in range(256))
expiry = str(time.time() + lifetime)
plaintext = (plaintext + "," + expiry + "," + nonce).encode('utf-8')
# Pad the plaintext to the next full block with commas, because I can't be arsed to
# write an actually clever parser.
bs = Blowfish.block_size
paddinglen = bs - (len(plaintext) % bs)
plaintext += b',' * paddinglen
# Generate random IV of size one block.
iv = rng.read(bs)
cipher = Blowfish.new(VERIFICATION_SECRET_KEY, Blowfish.MODE_CBC, iv)
ciphertext = cipher.encrypt(plaintext)
# Generate the verification hash.
verification = hashlib.sha256()
verification.update(plaintext + VERIFICATION_HASH_SECRET.encode('utf-8'))
verify_hex = verification.hexdigest()
return base64.urlsafe_b64encode(iv), base64.urlsafe_b64encode(ciphertext), verify_hex
def create_signed_request(data, secret):
data['method'] = 'HMAC-SHA256'
data['ts'] = int(time.time())
# Convert data into JSON
datastr = json.dumps(data)
# base64 encode json data
dataenc = urlsafe_b64encode(datastr)
# HMAC can only handle ascii (byte) strings
# http://bugs.python.org/issue5285
secret = secret.encode('ascii')
payload = dataenc.encode('ascii')
# Generate payload signature
datasig = urlsafe_b64encode(
hmac.new(secret,
msg=payload,
digestmod=hashlib.sha256).digest()
)
signed_request = '.'.join((datasig, dataenc))
# print "datastr: %r" % datastr
# print "dataenc: %r" % dataenc
# print "datasig: %r" % datasig
# print "signed_request=%s" % signed_request
return signed_request
def update_pg_hba_conf_on_segments(gparr, standby_host, is_hba_hostnames=False):
"""
Updates the pg_hba.conf on all of the segments
present in the array
"""
logger.debug('Updating pg_hba.conf file on segments...')
standby_pg_hba_info = get_standby_pg_hba_info(standby_host, is_hba_hostnames)
pickled_standby_pg_hba_info = base64.urlsafe_b64encode(pickle.dumps(standby_pg_hba_info))
host_to_seg_map = defaultdict(list)
for seg in gparr.getDbList():
if not seg.isSegmentMaster() and not seg.isSegmentStandby():
host_to_seg_map[seg.getSegmentHostName()].append(seg.getSegmentDataDirectory())
pool = WorkerPool(numWorkers=DEFAULT_BATCH_SIZE)
try:
for host, data_dirs_list in host_to_seg_map.items():
pickled_data_dirs_list = base64.urlsafe_b64encode(pickle.dumps(data_dirs_list))
cmdStr = "$GPHOME/lib/python/gppylib/operations/initstandby.py -p %s -d %s" % (pickled_standby_pg_hba_info, pickled_data_dirs_list)
cmd = Command('Update the pg_hba.conf on remote hosts', cmdStr=cmdStr, ctxt=REMOTE, remoteHost=host)
pool.addCommand(cmd)
pool.join()
for item in pool.getCompletedItems():
result = item.get_results()
if result.rc != 0:
logger.error('Unable to update pg_hba.conf %s' % str(result.stderr))
logger.error('Please check the segment log file for more details')
finally:
pool.haltWork()
pool.joinWorkers()
pool = None
def _getFilename(self, name, expire = None, uid=None, gid=None, suffix=".png"):
old_mask = os.umask(0)
basename = base64.urlsafe_b64encode(name.encode("utf-8"))
pathname = os.path.join(siteconfig.htdocs_dir, "generated_images")
user = base64.urlsafe_b64encode(self._user.login.encode("utf-8"))
pathname = os.path.normpath(os.path.join(pathname, user))
try:
os.mkdir(pathname, 0755)
except: pass
if uid != None and gid != None:
os.lchown(pathname, uid, gid)
self._remove_old_chart_files(os.path.join(pathname, basename), expire)
fd, self._filename = tempfile.mkstemp(prefix = basename + "_", suffix = suffix, dir = pathname)
if uid != None and gid != None:
os.lchown(self._filename, uid, gid)
os.chmod(self._filename, 0644)
self._href = urllib.quote("confutatis/generated_images/%s" % (user or "") + "/" + os.path.basename(self._filename))
os.umask(old_mask)
return self._filename
def encrypt(self, data):
encrypted = self.aes_encrypt(json.dumps(data))
expected_mac = base64.urlsafe_b64encode(
hmac.new(self.api_secret, encrypted, hashlib.sha256).digest())
message = base64.urlsafe_b64encode(encrypted)
return '{expected_mac}.{message}'.format(expected_mac=expected_mac, message=message)
def _generate_applicationkeysecret(self, deviceid):
deviceid = deviceid.encode("utf-8") # for python3
# plus 1 hour and drop minute and secs
# for python3 : floor division
ts_1hour = (int(time.time()) + 60 * 60) // 3600 * 3600
time_struct = time.gmtime(ts_1hour)
ts_1hour_str = str(ts_1hour).encode("utf-8")
h = hmac.new(self.SECRETKEY, digestmod=hashlib.sha256)
h.update(self.SECRETKEY)
tmp = h.digest()
for i in range(time_struct.tm_mon):
h = hmac.new(self.SECRETKEY, digestmod=hashlib.sha256)
h.update(tmp)
tmp = h.digest()
h = hmac.new(self.SECRETKEY, digestmod=hashlib.sha256)
h.update(urlsafe_b64encode(tmp).rstrip(b"=") + deviceid)
tmp = h.digest()
for i in range(time_struct.tm_mday % 5):
h = hmac.new(self.SECRETKEY, digestmod=hashlib.sha256)
h.update(tmp)
tmp = h.digest()
h = hmac.new(self.SECRETKEY, digestmod=hashlib.sha256)
h.update(urlsafe_b64encode(tmp).rstrip(b"=") + ts_1hour_str)
tmp = h.digest()
for i in range(time_struct.tm_hour % 5): # utc hour
h = hmac.new(self.SECRETKEY, digestmod=hashlib.sha256)
h.update(tmp)
tmp = h.digest()
return urlsafe_b64encode(tmp).rstrip(b"=").decode("utf-8")
def encode(self, data):
"""Encrypt the data.
:param data: A serialized block of data (String, JSON, bit array,
etc.) Make sure that whatever you send, your client knows how
to understand it.
"""
# Salt is a random 16 byte array.
salt = os.urandom(16)
# The server key is an ephemeral ECDH key used only for this
# transaction
server_key = pyelliptic.ECC(curve="prime256v1")
# the ID is the base64 of the raw key, minus the leading "\x04"
# ID tag.
server_key_id = base64.urlsafe_b64encode(server_key.get_pubkey()[1:])
# http_ece requires that these both be set BEFORE encrypt or
# decrypt is called if you specify the key as "dh".
http_ece.keys[server_key_id] = server_key
http_ece.labels[server_key_id] = "P-256"
encrypted = http_ece.encrypt(
bytes_compat(data),
salt=salt,
keyid=server_key_id,
dh=self.receiver_key,
authSecret=self.auth_key)
return CaseInsensitiveDict({
'crypto_key': base64.urlsafe_b64encode(
server_key.get_pubkey()).strip(bytes_compat('=')),
'salt': base64.urlsafe_b64encode(salt).strip(bytes_compat("=")),
'body': encrypted,
})
def _get_urlsafe_from_hex(value):
"""
Convert a hex UUID to a URL-safe base 64 ID.
:type value: unicode
:rtype: unicode
"""
# Validate and normalise hex string
hexstring = uuid.UUID(hex=value).hex
is_flake_id = (
hexstring[12] == ES_FLAKE_MAGIC_BYTE[0]
and hexstring[16] == ES_FLAKE_MAGIC_BYTE[1]
)
if is_flake_id:
# The hex representation of the flake ID is simply the UUID without the
# two magic nibbles.
data = binascii.unhexlify(hexstring[0:12] + hexstring[13:16] + hexstring[17:32])
return base64.urlsafe_b64encode(data).decode()
# Encode UUID bytes and strip two bytes of padding
data = binascii.unhexlify(hexstring)
return base64.urlsafe_b64encode(data)[:-2].decode()
def move_bubble2(design, source, roleName):
design=base64.urlsafe_b64encode(design)
source=base64.urlsafe_b64encode(source).replace("=", "")
endpoint=config["buble_endpoint"]
postData = {
"design": design,
"source": source,
"from":{
"urn":source,
"filename":roleName
}
}
postData = {
"design": design,
"source": source
}
pprint(postData)
response = post_response(endpoint,'/derivativeservice/v2/registration',json.dumps(postData))
result=response
#print result
if(result=='{"Result":"Success"}'):
print "success"
else:
print "fail to move "+source
failed.append(source)
def add_request(self,num,uprefix,phone,pwprefix,desc):
psql_cmd = ['psql', '-U', 'accreq', '-h', 'localhost', 'accreq']
psql = subprocess.Popen(psql_cmd, stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE)
performer = os.getlogin()
firstname = "User"
lastname = "Account%s" %num
uname = "%s%s" %(uprefix,num)
org = "Tutorial"
title = "User"
email = "*****@*****.**" %(uname)
password = "******" %(pwprefix,num)
salt = base64.urlsafe_b64encode(uuid.uuid4().bytes)
t_sha = hashlib.sha512()
t_sha.update(password+salt)
pw_hash = base64.urlsafe_b64encode(t_sha.digest())
sql = ('INSERT into idp_account_request '
+ "(first_name,last_name,email,username_requested,phone,password_hash,organization,title,reason)"
+ " values ('%s','%s','%s','%s', '%s','%s','%s','%s', '%s');\n")
fullsql = sql %(firstname,lastname,email,uname,phone,pw_hash,org,title,desc)
print "%s" %fullsql
psql.stdin.write(fullsql)
def _sign(self, data_dict):
"""Sign data for a signed request"""
data = base64.urlsafe_b64encode(json.dumps(data_dict)).rstrip('=')
sig = base64.urlsafe_b64encode(
hmac.new(self._secret, msg=data, digestmod=hashlib.sha256).digest()
).rstrip('=')
return { 'data': data, 'sig': sig }
def encrypt(key, raw):
raw = pad(raw)
iv = Random.new().read(AES.block_size)
cipher = AES.new(key, AES.MODE_CBC, iv)
return base64.urlsafe_b64encode(iv + cipher.encrypt(raw))
def generate_urlsafe_hash(string):
return base64.urlsafe_b64encode(hashlib.md5(string).digest())[:-2]
def urlsafe(self):
# Documented in official Legacy NDB docs
return base64.urlsafe_b64encode(self.cursor)
def _string_to_base64(string):
"""Encodes string to utf-8 and then base64"""
utf8_encoded = string.encode('utf-8')
return base64.urlsafe_b64encode(utf8_encoded)
def random_name(bytes=60):
# type: (int) -> Text
return base64.urlsafe_b64encode(os.urandom(bytes)).decode('utf-8')
if len(sys.argv) < 2:
sys.stderr.write('Please include username as an argument.\n')
sys.exit(0)
username = sys.argv[1]
#This uses os.urandom() underneath
cryptogen = SystemRandom()
#Create 16 byte hex salt
salt_sequence = [cryptogen.randrange(256) for i in range(16)]
hexseq = list(map(hex, salt_sequence))
salt = "".join([x[2:] for x in hexseq])
#Create 32 byte b64 password
password = base64.urlsafe_b64encode(os.urandom(32))
digestmod = hashlib.sha256
if sys.version_info.major >= 3:
password = password.decode('utf-8')
digestmod = 'SHA256'
m = hmac.new(bytearray(salt, 'utf-8'), bytearray(password, 'utf-8'), digestmod)
result = m.hexdigest()
print("String to be appended to minerium.conf:")
print("rpcauth="+username+":"+salt+"$"+result)
print("Your password:\n"+password)
def salvar(request, hash):
db_slug = 'default'
try:
usuario_id = request.user.id
dict_hash = get_hash_url(hash)
s1005_inclusao_infocaepf_id = int(dict_hash['id'])
if 'tab' not in dict_hash.keys():
dict_hash['tab'] = ''
for_print = int(dict_hash['print'])
except:
usuario_id = False
return redirect('login')
usuario = get_object_or_404(Usuarios.objects.using(db_slug),
excluido=False,
id=usuario_id)
pagina = ConfigPaginas.objects.using(db_slug).get(
excluido=False, endereco='s1005_inclusao_infocaepf')
permissao = ConfigPermissoes.objects.using(db_slug).get(
excluido=False,
config_paginas=pagina,
config_perfis=usuario.config_perfis)
if s1005_inclusao_infocaepf_id:
s1005_inclusao_infocaepf = get_object_or_404(
s1005inclusaoinfoCaepf.objects.using(db_slug),
excluido=False,
id=s1005_inclusao_infocaepf_id)
dict_permissoes = json_to_dict(usuario.config_perfis.permissoes)
paginas_permitidas_lista = usuario.config_perfis.paginas_permitidas
modulos_permitidos_lista = usuario.config_perfis.modulos_permitidos
dados_evento = {}
dados_evento['status'] = 0
if s1005_inclusao_infocaepf_id:
dados_evento = s1005_inclusao_infocaepf.evento()
if dados_evento['status'] != 0:
dict_permissoes['s1005_inclusao_infocaepf_apagar'] = 0
dict_permissoes['s1005_inclusao_infocaepf_editar'] = 0
if permissao.permite_visualizar:
mensagem = None
if s1005_inclusao_infocaepf_id:
s1005_inclusao_infocaepf_form = form_s1005_inclusao_infocaepf(
request.POST or None,
instance=s1005_inclusao_infocaepf,
slug=db_slug)
else:
s1005_inclusao_infocaepf_form = form_s1005_inclusao_infocaepf(
request.POST or None, slug=db_slug, initial={})
if request.method == 'POST':
if s1005_inclusao_infocaepf_form.is_valid():
dados = s1005_inclusao_infocaepf_form.cleaned_data
import json
from django.forms.models import model_to_dict
if s1005_inclusao_infocaepf_id:
if dados_evento['status'] == 0:
dados['modificado_por_id'] = usuario_id
dados['modificado_em'] = datetime.datetime.now()
#s1005_inclusao_infocaepf_campos_multiple_passo1
s1005inclusaoinfoCaepf.objects.using(db_slug).filter(
id=s1005_inclusao_infocaepf_id).update(**dados)
obj = s1005inclusaoinfoCaepf.objects.using(
db_slug).get(id=s1005_inclusao_infocaepf_id)
#s1005_inclusao_infocaepf_editar_custom
#s1005_inclusao_infocaepf_campos_multiple_passo2
messages.success(request, 'Alterado com sucesso!')
gravar_auditoria(
json.dumps(model_to_dict(s1005_inclusao_infocaepf),
indent=4,
sort_keys=True,
default=str),
json.dumps(model_to_dict(obj),
indent=4,
sort_keys=True,
default=str),
's1005_inclusao_infocaepf',
s1005_inclusao_infocaepf_id, usuario_id, 2)
else:
messages.error(
request,
'Somente é possível alterar eventos com status "Cadastrado"!'
)
else:
dados['criado_por_id'] = usuario_id
dados['criado_em'] = datetime.datetime.now()
dados['excluido'] = False
#s1005_inclusao_infocaepf_cadastrar_campos_multiple_passo1
obj = s1005inclusaoinfoCaepf(**dados)
obj.save(using=db_slug)
#s1005_inclusao_infocaepf_cadastrar_custom
#s1005_inclusao_infocaepf_cadastrar_campos_multiple_passo2
messages.success(request, 'Cadastrado com sucesso!')
gravar_auditoria(
'{}',
json.dumps(model_to_dict(obj),
indent=4,
sort_keys=True,
default=str), 's1005_inclusao_infocaepf',
obj.id, usuario_id, 1)
if request.session['retorno_pagina'] not in (
's1005_inclusao_infocaepf_apagar',
's1005_inclusao_infocaepf_salvar',
's1005_inclusao_infocaepf'):
return redirect(request.session['retorno_pagina'],
hash=request.session['retorno_hash'])
if s1005_inclusao_infocaepf_id != obj.id:
url_hash = base64.urlsafe_b64encode(
'{"print": "0", "id": "%s"}' % (obj.id))
return redirect('s1005_inclusao_infocaepf_salvar',
hash=url_hash)
else:
messages.error(request, 'Erro ao salvar!')
s1005_inclusao_infocaepf_form = disabled_form_fields(
s1005_inclusao_infocaepf_form, permissao.permite_editar)
if s1005_inclusao_infocaepf_id:
if dados_evento['status'] != 0:
s1005_inclusao_infocaepf_form = disabled_form_fields(
s1005_inclusao_infocaepf_form, 0)
#s1005_inclusao_infocaepf_campos_multiple_passo3
for field in s1005_inclusao_infocaepf_form.fields.keys():
s1005_inclusao_infocaepf_form.fields[field].widget.attrs[
'ng-model'] = 's1005_inclusao_infocaepf_' + field
if int(dict_hash['print']):
s1005_inclusao_infocaepf_form = disabled_form_for_print(
s1005_inclusao_infocaepf_form)
#[VARIAVEIS_SECUNDARIAS_VAZIAS]
if s1005_inclusao_infocaepf_id:
s1005_inclusao_infocaepf = get_object_or_404(
s1005inclusaoinfoCaepf.objects.using(db_slug),
excluido=False,
id=s1005_inclusao_infocaepf_id)
pass
else:
s1005_inclusao_infocaepf = None
#s1005_inclusao_infocaepf_salvar_custom_variaveis#
tabelas_secundarias = []
#[FUNCOES_ESPECIAIS_SALVAR]
if dict_hash['tab'] or 's1005_inclusao_infocaepf' in request.session[
'retorno_pagina']:
request.session["retorno_hash"] = hash
request.session[
"retorno_pagina"] = 's1005_inclusao_infocaepf_salvar'
controle_alteracoes = Auditoria.objects.using(db_slug).filter(
identidade=s1005_inclusao_infocaepf_id,
tabela='s1005_inclusao_infocaepf').all()
context = {
'ocorrencias': dados_evento['ocorrencias'],
'validacao_precedencia': dados_evento['validacao_precedencia'],
'validacoes': dados_evento['validacoes'],
'status': dados_evento['status'],
'controle_alteracoes': controle_alteracoes,
's1005_inclusao_infocaepf': s1005_inclusao_infocaepf,
's1005_inclusao_infocaepf_form': s1005_inclusao_infocaepf_form,
'mensagem': mensagem,
's1005_inclusao_infocaepf_id': int(s1005_inclusao_infocaepf_id),
'usuario': usuario,
'hash': hash,
#[VARIAVEIS_SECUNDARIAS]
'modulos_permitidos_lista': modulos_permitidos_lista,
'paginas_permitidas_lista': paginas_permitidas_lista,
'permissao': permissao,
'data': datetime.datetime.now(),
'pagina': pagina,
'dict_permissoes': dict_permissoes,
'for_print': int(dict_hash['print']),
'tabelas_secundarias': tabelas_secundarias,
'tab': dict_hash['tab'],
#s1005_inclusao_infocaepf_salvar_custom_variaveis_context#
}
if for_print in (0, 1):
return render(request, 's1005_inclusao_infocaepf_salvar.html',
context)
elif for_print == 2:
from wkhtmltopdf.views import PDFTemplateResponse
response = PDFTemplateResponse(
request=request,
template='s1005_inclusao_infocaepf_salvar.html',
filename="s1005_inclusao_infocaepf.pdf",
context=context,
show_content_in_browser=True,
cmd_options={
'margin-top': 10,
'margin-bottom': 10,
'margin-right': 10,
'margin-left': 10,
'zoom': 1,
'dpi': 72,
'orientation': 'Landscape',
"viewport-size": "1366 x 513",
'javascript-delay': 1000,
'footer-center': '[page]/[topage]',
"no-stop-slow-scripts": True
},
)
return response
elif for_print == 3:
from django.shortcuts import render_to_response
response = render_to_response(
's1005_inclusao_infocaepf_salvar.html', context)
filename = "s1005_inclusao_infocaepf.xls"
response[
'Content-Disposition'] = 'attachment; filename=' + filename
response[
'Content-Type'] = 'application/vnd.ms-excel; charset=UTF-8'
return response
else:
context = {
'usuario': usuario,
'modulos_permitidos_lista': modulos_permitidos_lista,
'paginas_permitidas_lista': paginas_permitidas_lista,
'permissao': permissao,
'data': datetime.datetime.now(),
'pagina': pagina,
'dict_permissoes': dict_permissoes,
}
return render(request, 'permissao_negada.html', context)
def encoder(obj):
x = json.dumps(obj)
return base64.urlsafe_b64encode(x)
def _encode(self, filekey):
"""
Encode a normal filekey(or filename) to a kvdb key.
"""
return '{}_{}'.format(self._prefix,
base64.urlsafe_b64encode(filekey))
def value_id(value):
value_bytes = value.encode('utf-8')
return base64.urlsafe_b64encode(value_bytes), value_bytes
def salvar(request, hash):
db_slug = 'default'
try:
usuario_id = request.session['usuario_id']
dict_hash = get_hash_url(hash)
s2399_detplano_id = int(dict_hash['id'])
if 'tab' not in dict_hash.keys():
dict_hash['tab'] = ''
except:
usuario_id = False
return redirect('login')
usuario = get_object_or_404(Usuarios.objects.using(db_slug),
excluido=False,
id=usuario_id)
pagina = ConfigPaginas.objects.using(db_slug).get(
excluido=False, endereco='s2399_detplano')
permissao = ConfigPermissoes.objects.using(db_slug).get(
excluido=False,
config_paginas=pagina,
config_perfis=usuario.config_perfis)
if s2399_detplano_id:
s2399_detplano = get_object_or_404(
s2399detPlano.objects.using(db_slug),
excluido=False,
id=s2399_detplano_id)
dict_permissoes = json_to_dict(usuario.config_perfis.permissoes)
paginas_permitidas_lista = usuario.config_perfis.paginas_permitidas
modulos_permitidos_lista = usuario.config_perfis.modulos_permitidos
if permissao.permite_visualizar:
mensagem = None
if s2399_detplano_id:
s2399_detplano_form = form_s2399_detplano(request.POST or None,
instance=s2399_detplano,
slug=db_slug)
else:
s2399_detplano_form = form_s2399_detplano(request.POST or None,
slug=db_slug,
initial={})
if request.method == 'POST':
if s2399_detplano_form.is_valid():
dados = s2399_detplano_form.cleaned_data
if s2399_detplano_id:
dados['modificado_por_id'] = usuario_id
dados['modificado_em'] = datetime.datetime.now()
#s2399_detplano_campos_multiple_passo1
s2399detPlano.objects.using(db_slug).filter(
id=s2399_detplano_id).update(**dados)
obj = s2399detPlano.objects.using(db_slug).get(
id=s2399_detplano_id)
#s2399_detplano_editar_custom
#s2399_detplano_campos_multiple_passo2
messages.success(request, 'Alterado com sucesso!')
else:
dados['criado_por_id'] = usuario_id
dados['criado_em'] = datetime.datetime.now()
dados['excluido'] = False
#s2399_detplano_cadastrar_campos_multiple_passo1
obj = s2399detPlano(**dados)
obj.save(using=db_slug)
#s2399_detplano_cadastrar_custom
#s2399_detplano_cadastrar_campos_multiple_passo2
messages.success(request, 'Cadastrado com sucesso!')
if request.session['retorno_pagina'] not in (
's2399_detplano_apagar', 's2399_detplano_salvar',
's2399_detplano'):
return redirect(request.session['retorno_pagina'],
hash=request.session['retorno_hash'])
if s2399_detplano_id != obj.id:
url_hash = base64.urlsafe_b64encode(
'{"print": "0", "id": "%s"}' % (obj.id))
return redirect('s2399_detplano_salvar', hash=url_hash)
else:
messages.error(request, 'Erro ao salvar!')
s2399_detplano_form = disabled_form_fields(s2399_detplano_form,
permissao.permite_editar)
#s2399_detplano_campos_multiple_passo3
for field in s2399_detplano_form.fields.keys():
s2399_detplano_form.fields[field].widget.attrs[
'ng-model'] = 's2399_detplano_' + field
if int(dict_hash['print']):
s2399_detplano_form = disabled_form_for_print(s2399_detplano_form)
#[VARIAVEIS_SECUNDARIAS_VAZIAS]
if s2399_detplano_id:
s2399_detplano = get_object_or_404(
s2399detPlano.objects.using(db_slug),
excluido=False,
id=s2399_detplano_id)
pass
else:
s2399_detplano = None
#s2399_detplano_salvar_custom_variaveis#
tabelas_secundarias = []
#[FUNCOES_ESPECIAIS_SALVAR]
if dict_hash['tab'] or 's2399_detplano' in request.session[
'retorno_pagina']:
request.session["retorno_hash"] = hash
request.session["retorno_pagina"] = 's2399_detplano_salvar'
context = {
's2399_detplano': s2399_detplano,
's2399_detplano_form': s2399_detplano_form,
'mensagem': mensagem,
's2399_detplano_id': int(s2399_detplano_id),
'usuario': usuario,
'hash': hash,
#[VARIAVEIS_SECUNDARIAS]
'modulos_permitidos_lista': modulos_permitidos_lista,
'paginas_permitidas_lista': paginas_permitidas_lista,
'permissao': permissao,
'data': datetime.datetime.now(),
'pagina': pagina,
'dict_permissoes': dict_permissoes,
'for_print': int(dict_hash['print']),
'tabelas_secundarias': tabelas_secundarias,
'tab': dict_hash['tab'],
#s2399_detplano_salvar_custom_variaveis_context#
}
return render(request, 's2399_detplano_salvar.html', context)
else:
context = {
'usuario': usuario,
'modulos_permitidos_lista': modulos_permitidos_lista,
'paginas_permitidas_lista': paginas_permitidas_lista,
'permissao': permissao,
'data': datetime.datetime.now(),
'pagina': pagina,
'dict_permissoes': dict_permissoes,
}
return render(request, 'permissao_negada.html', context)
def get_name(name, location):
name = self._sanitize(name)
hash = hashlib.sha256(location.encode()).digest()[:6]
encoded_hash = base64.urlsafe_b64encode(hash).decode()
return name, encoded_hash[:8]
class RandomUserAgent(object):
def process_request(self, request, spider):
useragent = UserAgent()
ua = useragent.chrome
request.headers['UserAgent'] = ua
# class ProxyMiddleware(object):
# def process_request(self,request,spider):
# proxy_list = ['http://120.78.59.193:8080','http://101.227.5.36:9000','http://221.2.174.3:8060']
# proxy = random.choice(proxy_list)
# request.meta['proxy'] = proxy
# 代理服务器
proxyServer = "http://http-cla.abuyun.com:9030"
# 代理隧道验证信息
proxyUser = "******"
proxyPass = "******"
proxyAuth = "Basic " + base64.urlsafe_b64encode(
bytes((proxyUser + ":" + proxyPass), "ascii")).decode("utf8")
class ProxyMiddleware(object):
def process_request(self, request, spider):
request.meta["proxy"] = proxyServer
request.headers["Proxy-Authorization"] = proxyAuth
def short_id(data):
hasher = hashlib.sha1(data)
return base64.urlsafe_b64encode(hasher.digest()[0:10]).rstrip('=')
def _basic_auth_header(username, password):
auth = "%s:%s" % (username, password)
if not isinstance(auth, bytes):
auth = auth.encode('ISO-8859-1')
return b'Basic ' + urlsafe_b64encode(auth)
pass
def generate_key(cls) -> bytes:
return base64.urlsafe_b64encode(os.urandom(32))
def gen_key(p):
digest = hashes.Hash(hashes.SHA256(), backend=default_backend())
digest.update(p)
return base64.urlsafe_b64encode(digest.finalize())
from io import StringIO
import os
from ruamel.yaml import YAML
from cryptography.fernet import Fernet
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
password = getpass.getpass('Please enter the password:'******'salt', 'wb') as w:
w.write(salt)
yaml = YAML()
content = yaml.load(open('galaxy.yaml', 'rt', encoding='utf-8'))
print(type(content), content)
output = StringIO()
yaml.dump(content, output)
print ('Encrypting:\n%s' % output.getvalue())
enc_output = fernet.encrypt(output.getvalue().encode())
def __call__(self, environ, start_response):
"""Handle incoming request. authenticate and send downstream."""
req = Request(environ)
self._logger.debug('Calling S3Token middleware.')
# Always drop auth headers if we're first in the pipeline
if 'keystone.token_info' not in req.environ:
req.headers.update({h: None for h in KEYSTONE_AUTH_HEADERS})
try:
parts = split_path(req.path, 1, 4, True)
version, account, container, obj = parts
except ValueError:
msg = 'Not a path query: %s, skipping.' % req.path
self._logger.debug(msg)
return self._app(environ, start_response)
# Read request signature and access id.
s3_auth_details = req.environ.get('s3api.auth_details')
if not s3_auth_details:
msg = 'No authorization details from s3api. skipping.'
self._logger.debug(msg)
return self._app(environ, start_response)
access = s3_auth_details['access_key']
if isinstance(access, six.binary_type):
access = access.decode('utf-8')
signature = s3_auth_details['signature']
if isinstance(signature, six.binary_type):
signature = signature.decode('utf-8')
string_to_sign = s3_auth_details['string_to_sign']
if isinstance(string_to_sign, six.text_type):
string_to_sign = string_to_sign.encode('utf-8')
token = base64.urlsafe_b64encode(string_to_sign).encode('ascii')
# NOTE(chmou): This is to handle the special case with nova
# when we have the option s3_affix_tenant. We will force it to
# connect to another account than the one
# authenticated. Before people start getting worried about
# security, I should point that we are connecting with
# username/token specified by the user but instead of
# connecting to its own account we will force it to go to an
# another account. In a normal scenario if that user don't
# have the reseller right it will just fail but since the
# reseller account can connect to every account it is allowed
# by the swift_auth middleware.
force_tenant = None
if ':' in access:
access, force_tenant = access.split(':')
# Authenticate request.
creds = {
'credentials': {
'access': access,
'token': token,
'signature': signature
}
}
creds_json = json.dumps(creds)
self._logger.debug('Connecting to Keystone sending this JSON: %s',
creds_json)
# NOTE(vish): We could save a call to keystone by having
# keystone return token, tenant, user, and roles
# from this call.
#
# NOTE(chmou): We still have the same problem we would need to
# change token_auth to detect if we already
# identified and not doing a second query and just
# pass it through to swiftauth in this case.
try:
# NB: requests.Response, not swob.Response
resp = self._json_request(creds_json)
except HTTPException as e_resp:
if self._delay_auth_decision:
msg = 'Received error, deferring rejection based on error: %s'
self._logger.debug(msg, e_resp.status)
return self._app(environ, start_response)
else:
msg = 'Received error, rejecting request with error: %s'
self._logger.debug(msg, e_resp.status)
# NB: swob.Response, not requests.Response
return e_resp(environ, start_response)
self._logger.debug('Keystone Reply: Status: %d, Output: %s',
resp.status_code, resp.content)
try:
token = resp.json()
if 'access' in token:
headers, token_id, tenant = parse_v2_response(token)
elif 'token' in token:
headers, token_id, tenant = parse_v3_response(token)
else:
raise ValueError
# Populate the environment similar to auth_token,
# so we don't have to contact Keystone again.
#
# Note that although the strings are unicode following json
# deserialization, Swift's HeaderEnvironProxy handles ensuring
# they're stored as native strings
req.headers.update(headers)
req.environ['keystone.token_info'] = token
except (ValueError, KeyError, TypeError):
if self._delay_auth_decision:
error = ('Error on keystone reply: %d %s - '
'deferring rejection downstream')
self._logger.debug(error, resp.status_code, resp.content)
return self._app(environ, start_response)
else:
error = ('Error on keystone reply: %d %s - '
'rejecting request')
self._logger.debug(error, resp.status_code, resp.content)
return self._deny_request('InvalidURI')(environ,
start_response)
req.headers['X-Auth-Token'] = token_id
tenant_to_connect = force_tenant or tenant['id']
if six.PY2 and isinstance(tenant_to_connect, six.text_type):
tenant_to_connect = tenant_to_connect.encode('utf-8')
self._logger.debug('Connecting with tenant: %s', tenant_to_connect)
new_tenant_name = '%s%s' % (self._reseller_prefix, tenant_to_connect)
environ['PATH_INFO'] = environ['PATH_INFO'].replace(
account, new_tenant_name)
return self._app(environ, start_response)
def base64_encode_me(text):
import base64
encode_to_url = base64.urlsafe_b64encode(text)
return encode_to_url
def __repr__(self) -> str:
base64_rlp = base64.urlsafe_b64encode(rlp.encode(self))
unpadded_base64_rlp = base64_rlp.rstrip(b"=")
return "".join((ENR_REPR_PREFIX, unpadded_base64_rlp.decode("ASCII")))
def auth_headers(self):
auth_str = '{0}:{1}'.format(*self.get_key_and_secret())
b64_auth_str = base64.urlsafe_b64encode(auth_str.encode()).decode()
return {'Authorization': 'Basic {0}'.format(b64_auth_str)}
def _read_response(self, response, boundary=None, buffer=None):
if boundary:
endboundary = boundary + b"--"
else:
ctype, pdict = cgi.parse_header(
response.headers['content-type'][0].decode('utf-8'))
boundary = "--{}".format(pdict['boundary']).encode('utf-8')
endboundary = "--{}--".format(pdict['boundary']).encode('utf-8')
on_boundary = False
in_header = False
in_payload = False
first_payload_block = False
content_type = None
content_id = None
def iter_lines(response, delimiter=None):
pending = None
for chunk in response.read_chunked():
# logger.debug("Chunk size is {}".format(len(chunk)))
if pending is not None:
chunk = pending + chunk
if delimiter:
lines = chunk.split(delimiter)
else:
lines = chunk.splitlines()
if lines and lines[-1] and chunk and lines[-1][-1] == chunk[-1]:
pending = lines.pop()
else:
pending = None
for line in lines:
yield line
if pending is not None:
yield pending
# cache them up to execute after we've downloaded any binary attachments
# so that they have the content available
directives = []
if isinstance(response, bytes):
buffer.seek(0)
lines = (buffer.read() + response).split(b"\r\n")
buffer.flush()
else:
lines = iter_lines(response, delimiter=b"\r\n")
for line in lines:
# logger.debug("iter_line is {}...".format(repr(line)[0:30]))
if line == boundary or line == endboundary:
# logger.debug("Newly on boundary")
on_boundary = True
if in_payload:
in_payload = False
if content_type == "application/json":
logger.info("Finished downloading JSON")
utf8_payload = payload.getvalue().decode('utf-8')
if utf8_payload:
json_payload = json.loads(utf8_payload)
logger.debug(json_payload)
if 'directive' in json_payload:
directives.append(json_payload['directive'])
else:
logger.info(
"Finished downloading {} which is {}".format(
content_type, content_id))
payload.seek(0)
# TODO, start to stream this to speakers as soon as we start getting bytes
# strip < and >
content_id = content_id[1:-1]
filename = base64.urlsafe_b64encode(content_id)
filename = hashlib.md5(filename).hexdigest()
with open(
os.path.join(tempfile.gettempdir(),
'{}.mp3'.format(filename)),
'wb') as f:
f.write(payload.read())
logger.info('write audio to {}.mp3'.format(content_id))
continue
elif on_boundary:
# logger.debug("Now in header")
on_boundary = False
in_header = True
elif in_header and line == b"":
# logger.debug("Found end of header")
in_header = False
in_payload = True
first_payload_block = True
payload = io.BytesIO()
continue
if in_header:
# logger.debug(repr(line))
if len(line) > 1:
header, value = line.decode('utf-8').split(":", 1)
ctype, pdict = cgi.parse_header(value)
if header.lower() == "content-type":
content_type = ctype
if header.lower() == "content-id":
content_id = ctype
if in_payload:
# add back the bytes that our iter_lines consumed
logger.info("Found %s bytes of %s %s, first_payload_block=%s",
len(line), content_id, content_type,
first_payload_block)
if first_payload_block:
first_payload_block = False
else:
payload.write(b"\r\n")
# TODO write this to a queue.Queue in self._content_cache[content_id]
# so that other threads can start to play it right away
payload.write(line)
if buffer is not None:
if in_payload:
logger.info(
"Didn't see an entire directive, buffering to put at top of next frame"
)
buffer.write(payload.read())
else:
buffer.write(boundary)
buffer.write(b"\r\n")
for directive in directives:
self._handle_directive(directive)
def safeFileName(name):
""" convert to base64 encoding """
import base64
return base64.urlsafe_b64encode(name)
def iframe():
album_id = request.args.get("album")
playlist_id = request.args.get("playlist")
song_id = request.args.get("song")
program_id = request.args.get("program")
radio_id = request.args.get("radio")
mv_id = request.args.get("mv")
qssl = request.args.get("qssl")
qlrc = request.args.get("qlrc")
qnarrow = request.args.get("qnarrow")
max_width = request.args.get("max_width")
autoplay = request.args.get("autoplay")
if qnarrow is None:
qnarrow = "false"
else:
pass
if qlrc is None:
qlrc = "0"
else:
pass
if max_width is None:
max_width = "100%"
else:
pass
if autoplay is None:
autoplay = "true"
else:
pass
if album_id is not None:
album_info = netease.netease_cloud_music("album", album_id, 0)
songs_info = album_info["songs_info"]
title = "%s - %s" % (album_info["album"], album_info["artist"])
showlrc = "0"
elif playlist_id is not None:
playlist_info = netease.netease_cloud_music("playlist", playlist_id, 0)
songs_info = playlist_info["songs_info"]
title = playlist_info["playlist"]
showlrc = "0"
elif song_id is not None:
song_info = netease.netease_cloud_music("song", song_id, 1)
title = "%s - %s" % (song_info["title"], song_info["artist"])
songs_info = [song_info]
if qssl == "1":
songs_info[0][
"url_best"] = "https://music.daoapp.io/ssl/" + base64.urlsafe_b64encode(
songs_info[0]["url_best"].encode()).decode() + ".mp3"
songs_info[0][
"pic_url"] = "https://music.daoapp.io/ssl/" + base64.urlsafe_b64encode(
songs_info[0]["pic_url"].encode()).decode() + ".jpg"
else:
pass
showlrc = qlrc
elif program_id is not None:
song_info = netease.netease_cloud_music("program", program_id, 0)
title = song_info["album"]
songs_info = [song_info]
showlrc = "0"
elif radio_id is not None:
songs_info = netease.netease_cloud_music("radio", radio_id, 0)
title = songs_info[0]["artist"]
showlrc = "0"
elif mv_id is not None:
mv_info = netease.netease_cloud_music("mv", mv_id, 0)
mv_url = mv_info["url_best"]
title = mv_info["title"]
pic_url = mv_info["pic_url"]
return render_template("dplayer_iframe.html",
mv_url=mv_url,
title=title,
mv_id=mv_id,
pic_url=pic_url,
max_width=max_width)
else:
abort(404)
return render_template("aplayer_iframe.html",
songs_info=songs_info,
title=title,
showlrc=showlrc,
qnarrow=qnarrow,
max_width=max_width,
song_id=song_id,
autoplay=autoplay)
def post_table(self, params, files):
if files:
bottle.abort(400, 'Table does not support files')
params = dict((base64.b64decode(k), base64.b64decode(v))
for k, v in params.items())
path = params['path']
start_stop_rows = parse_slices()
if path in ('annotation/images/class', 'annotation/images/qa'):
data_table = get_table(self._auth_user, path.split('/')[1])
for start_row, stop_row in start_stop_rows:
data_table._slice_validate(start_row, stop_row, 'r')
# We never need to decode these, they just need to be
# random strings that can be in a url
secret = base64.urlsafe_b64encode(uuid.uuid4().bytes)[:-2]
p = {}
image_column = params['imageColumn']
ub64 = base64.urlsafe_b64encode
if path == 'annotation/images/class':
suffix = '/'.join(
ub64(x) + '/' + ub64(y) for x, y in start_stop_rows)
try:
p['class'] = params['class']
data = 'hbase://localhost:9090/images/%s?image=%s' % (
suffix, ub64(image_column))
except KeyError:
try:
class_column = params['classColumn']
except KeyError:
bottle.abort(400)
if not class_column.startswith('meta:'):
bottle.abort(400)
data = 'hbase://localhost:9090/images/%s?class=%s&image=%s' % (
suffix, ub64(class_column), ub64(image_column))
p['type'] = 'image_class'
try:
p['class_descriptions'] = params['classDescriptions']
except KeyError:
pass
try:
p['class_thumbnails'] = params['classThumbnails']
except KeyError:
pass
elif path == 'annotation/images/qa':
question_column = params['questionColumn']
assert question_column.startswith('meta:')
latitude_column = params['latitudeColumn']
assert latitude_column.startswith('meta:')
longitude_column = params['longitudeColumn']
assert longitude_column.startswith('meta:')
suffix = '/'.join(
ub64(x) + '/' + ub64(y) for x, y in start_stop_rows)
data = 'hbase://localhost:9090/images/%s?latitude=%s&longitude=%s&question=%s&image=%s' % (
suffix, ub64(latitude_column), ub64(longitude_column),
ub64(question_column), ub64(image_column))
p['type'] = 'image_qa'
else:
bottle.abort(500)
if 'instructions' in params:
p['instructions'] = params['instructions']
p['num_tasks'] = int(params['numTasks'])
assert 0 < p['num_tasks']
assert params['mode'] in ('standalone', 'amt')
p['mode'] = params['mode']
task = JOBS.add_task('annotation',
self.owner,
params=p,
secret_params={
'secret': secret,
'data': data
})
with thrift_lock() as thrift:
JOBS.get_annotation_manager(task,
data_connection=thrift,
sync=True)
return {'row': base64.b64encode(task)}
else:
bottle.abort(400, 'Invalid parameter value [path]')
def token_urlsafe(nbytes=None):
"""Taken from Python 2.6"""
DEFAULT_ENTROPY=16
tok = os.urandom(nbytes or DEFAULT_ENTROPY)
return base64.urlsafe_b64encode(tok).strip().replace('=', '').replace('-', '_')
def hash_path(path: str) -> str:
"""Generate a hash for the given path."""
return base64.urlsafe_b64encode(hashlib.md5(
path.encode()).digest()).decode()[:8]
def signature(self, url):
return base64.urlsafe_b64encode(hmac.new(self.security_key, unicode(url).encode('utf-8'), hashlib.sha1).digest())
# Base64是一种用64个字符来表示任意二进制数据的方法。
import base64
print(base64.b64encode(b'binary\x00string'))
print(base64.b64decode(b'YmluYXJ5AHN0cmluZw=='))
print(base64.b64encode(b'i\xb7\x1d\xfb\xef\xff'))
# url safe的base64编码,把字符+和/分别变成-和_:
print('url safe', base64.urlsafe_b64encode(b'i\xb7\x1d\xfb\xef\xff'))
# Base64是一种通过查表的编码方法,不能用于加密
# Base64是一种任意二进制到文本字符串的编码方法,常用于在URL、Cookie、网页中传输少量二进制数据。
