def process_headers(self):
self.params = http.parse_query_string(self.query_string)
# Process the headers into self.headers
headers = self.headers
for name, value in self.header_list:
# Call title() now (and use dict.__method__(headers))
# so title doesn't have to be called twice.
name = name.title()
value = value.strip()
# Warning: if there is more than one header entry for cookies (AFAIK,
# only Konqueror does that), only the last one will remain in headers
# (but they will be correctly stored in request.cookie).
if "=?" in value:
dict.__setitem__(headers, name, http.decode_TEXT(value))
else:
dict.__setitem__(headers, name, value)
# Handle cookies differently because on Konqueror, multiple
# cookies come on different lines with the same key
if name == 'Cookie':
self.cookie.load(value)
if not dict.__contains__(headers, 'Host'):
# All Internet-based HTTP/1.1 servers MUST respond with a 400
# (Bad Request) status code to any HTTP/1.1 request message
# which lacks a Host header field.
if self.protocol >= (1, 1):
msg = "HTTP/1.1 requires a 'Host' request header."
raise cherrypy.HTTPError(400, msg)
host = dict.__getitem__(headers, 'Host')
if not host:
host = self.local.name or self.local.ip
self.base = "%s://%s" % (self.scheme, host)
def append_getpar_to_url(url=None, add_par_dict=None, del_par_list=None):
''' Appends HTTP GET parameters to url from add_par_dict
and deletes HTTP GET parameters of name given in del_par_list.
If url is not specified, current url is taken
'''
if url == None:
url = cherrypy.request.path_info
get_pars = dict(http.parse_query_string(
cherrypy.request.query_string)) # copy params of current url
else:
get_pars = {}
raise NotImplementedError(
'Appending parametr to custom url was not yet added (need to parse url)'
)
if add_par_dict:
get_pars.update(add_par_dict)
if del_par_list:
for par_name in del_par_list:
if get_pars.has_key(par_name):
get_pars.pop(par_name)
url += '?' + '&'.join(['%s=%s' % par for par in get_pars.items()])
return url
def GET(self, redirect_to=None):
cherrypy.response.headers['content-type'] = 'application/xml'
login_form = file(os.path.join(current_dir, 'loginGET.xml')).read()
login = ''
if redirect_to:
urlqs = parse_query_string(unquote(redirect_to))
uname = urlqs.get('uname', None)
if uname:
login = uname.split('%s/' % OID_HOST)[-1]
return login_form % (quote(redirect_to or ''), quote(login))
def process_headers(self):
"""Parse HTTP header data into Python structures. (Core)"""
self.params = http.parse_query_string(self.query_string)
# Process the headers into self.headers
headers = self.headers
for name, value in self.header_list:
# Call title() now (and use dict.__method__(headers))
# so title doesn't have to be called twice.
name = name.title()
value = value.strip()
# Warning: if there is more than one header entry for cookies (AFAIK,
# only Konqueror does that), only the last one will remain in headers
# (but they will be correctly stored in request.cookie).
if "=?" in value:
dict.__setitem__(headers, name, http.decode_TEXT(value))
else:
dict.__setitem__(headers, name, value)
# Handle cookies differently because on Konqueror, multiple
# cookies come on different lines with the same key
if name == 'Cookie':
try:
self.cookie.load(value)
except Cookie.CookieError:
msg = "Illegal cookie name %s" % value.split('=')[0]
raise cherrypy.HTTPError(400, msg)
if not dict.__contains__(headers, 'Host'):
# All Internet-based HTTP/1.1 servers MUST respond with a 400
# (Bad Request) status code to any HTTP/1.1 request message
# which lacks a Host header field.
if self.protocol >= (1, 1):
msg = "HTTP/1.1 requires a 'Host' request header."
raise cherrypy.HTTPError(400, msg)
host = dict.get(headers, 'Host')
if not host:
host = self.local.name or self.local.ip
self.base = "%s://%s" % (self.scheme, host)
def append_getpar_to_url(url=None, add_par_dict = None, del_par_list = None):
''' Appends HTTP GET parameters to url from add_par_dict
and deletes HTTP GET parameters of name given in del_par_list.
If url is not specified, current url is taken
'''
if url == None:
url = cherrypy.request.path_info
get_pars = dict(http.parse_query_string(cherrypy.request.query_string)) # copy params of current url
else:
get_pars = {}
raise NotImplementedError('Appending parametr to custom url was not yet added (need to parse url)')
if add_par_dict:
get_pars.update(add_par_dict)
if del_par_list:
for par_name in del_par_list:
if get_pars.has_key(par_name):
get_pars.pop(par_name)
url += '?' + '&'.join(['%s=%s' % par for par in get_pars.items()])
return url
def before_handler(self, **kwargs):
from_request = oauth.OAuthRequest.from_request
headers = request.headers.copy()
# Some tools or dispatchers (Rest) may have altered the params, so we
# need to make sure we use the original parameters. To be sure, we
# reparse the query_string.
params = http.parse_query_string(request.query_string)
if request.body_params:
params.update(request.body_params)
# http_url must match exactly with what the client is requesting, and
# the best way to do that is to use the X-Forwarded-Host or Host
# headers.
path_info = cherrypy.request.path_info
scheme = request.base[:request.base.find("://")]
host = cherrypy.request.headers.get("X-Forwarded-Host") or \
cherrypy.request.headers.get("Host")
http_url = "%s://%s%s" % (scheme, host, path_info)
oauth_request = from_request(
http_method=request.method,
http_url=http_url,
headers=headers,
parameters=params,
query_string=request.query_string,
)
# If *any* Authorization header, params or query string is supplied,
# even with solely non-OAuth parameters, we'll get back an
# oauth_request object. Even if it entirely uselessly only has,
# for example, "forward_url" in its parameters.
request.oauth_request = oauth_request
request.oauth_server = self.oauth_server
if not oauth_request or not 'oauth_consumer_key' in oauth_request.parameters:
# If no useful oauth request, then we do nothing.
# Protected resources must be protected by GearShift identity
return
# Remove any oauth-related params from the request, so that
# those params don't get passed around and confuse handlers.
for key in request.params.keys():
if key.startswith('oauth_'):
del (request.params[key])
if request.path_info.endswith(self.request_token_url):
try:
# create a request token
token = self.oauth_server.fetch_request_token(oauth_request)
except oauth.OAuthError, err:
self.send_oauth_error(err)
return
# Tell CherryPy that we have processed the request
response.body = [token.to_string()]
request.handler = None
# Delete Content-Length header so finalize() recalcs it.
response.headers.pop("Content-Length", None)
def before_handler(self, **kwargs):
from_request = oauth.OAuthRequest.from_request
headers = request.headers.copy()
# Some tools or dispatchers (Rest) may have altered the params, so we
# need to make sure we use the original parameters. To be sure, we
# reparse the query_string.
params = http.parse_query_string(request.query_string)
if request.body_params:
params.update(request.body_params)
# http_url must match exactly with what the client is requesting, and
# the best way to do that is to use the X-Forwarded-Host or Host
# headers.
path_info = cherrypy.request.path_info
scheme = request.base[:request.base.find("://")]
host = cherrypy.request.headers.get("X-Forwarded-Host") or \
cherrypy.request.headers.get("Host")
http_url = "%s://%s%s" % (scheme, host, path_info)
oauth_request = from_request(
http_method=request.method,
http_url=http_url,
headers=headers,
parameters=params,
query_string=request.query_string,
)
# If *any* Authorization header, params or query string is supplied,
# even with solely non-OAuth parameters, we'll get back an
# oauth_request object. Even if it entirely uselessly only has,
# for example, "forward_url" in its parameters.
request.oauth_request = oauth_request
request.oauth_server = self.oauth_server
if not oauth_request or not 'oauth_consumer_key' in oauth_request.parameters:
# If no useful oauth request, then we do nothing.
# Protected resources must be protected by GearShift identity
return
# Remove any oauth-related params from the request, so that
# those params don't get passed around and confuse handlers.
for key in request.params.keys():
if key.startswith('oauth_'):
del(request.params[key])
if request.path_info.endswith(self.request_token_url):
try:
# create a request token
token = self.oauth_server.fetch_request_token(oauth_request)
except oauth.OAuthError, err:
self.send_oauth_error(err)
return
# Tell CherryPy that we have processed the request
response.body = [token.to_string()]
request.handler = None
# Delete Content-Length header so finalize() recalcs it.
response.headers.pop("Content-Length", None)
