def render_POST(self, request):
try:
HEADER_NAME = "X-Hub-Signature"
has_signature = request.requestHeaders.hasHeader(HEADER_NAME)
if self.http.hmac_secret and has_signature:
# modern method: hmac of request body
body = request.content.read()
expected_hash = hmac.new(self.http.hmac_secret, body,
hashlib.sha1).hexdigest()
header = request.requestHeaders.getRawHeaders(HEADER_NAME)[0]
hashes = urlparse.parse_qs(header)
actual_hash = hashes["sha1"][0]
if not constant_time_compare(expected_hash, actual_hash):
raise AuthenticationError
else:
# no further authentication methods
raise AuthenticationError
except AuthenticationError:
request.setResponseCode(403)
else:
self._handle_request(request)
return ""
def render_POST(self, request):
try:
HEADER_NAME = "X-Hub-Signature"
has_signature = request.requestHeaders.hasHeader(HEADER_NAME)
if self.http.hmac_secret and has_signature:
# modern method: hmac of request body
body = request.content.read()
expected_hash = hmac.new(
self.http.hmac_secret, body, hashlib.sha1).hexdigest()
header = request.requestHeaders.getRawHeaders(HEADER_NAME)[0]
hashes = urlparse.parse_qs(header)
actual_hash = hashes["sha1"][0]
if not constant_time_compare(expected_hash, actual_hash):
raise AuthenticationError
else:
# no further authentication methods
raise AuthenticationError
except AuthenticationError:
request.setResponseCode(403)
else:
self._handle_request(request)
return ""
def render_GET(self, request):
header_name = "X-Signature"
if not request.requestHeaders.hasHeader(header_name):
request.setResponseCode(401)
return ""
try:
header_value = request.requestHeaders.getRawHeaders(header_name)[0]
timestamp, sep, signature = header_value.partition(":")
if sep != ":":
raise Exception("unparseable")
expected = hmac.new(self.secret, timestamp,
hashlib.sha256).hexdigest()
if not constant_time_compare(signature, expected):
raise Exception("invalid signature")
if abs(time.time() - int(timestamp)) > MAX_SKEW_SECONDS:
raise Exception("too much skew")
except:
request.setResponseCode(403)
return ""
request.setHeader("Content-Type", "application/json")
return json.dumps({
"time_status": self.monitor.current_time_status(),
"busy": bool(self.monitor.deploys),
"hold": self.monitor.current_hold,
})
def render_GET(self, request):
header_name = "X-Signature"
if not request.requestHeaders.hasHeader(header_name):
request.setResponseCode(401)
return ""
try:
header_value = request.requestHeaders.getRawHeaders(header_name)[0]
timestamp, sep, signature = header_value.partition(":")
if sep != ":":
raise Exception("unparseable")
expected = hmac.new(self.secret, timestamp,
hashlib.sha256).hexdigest()
if not constant_time_compare(signature, expected):
raise Exception("invalid signature")
if abs(time.time() - int(timestamp)) > MAX_SKEW_SECONDS:
raise Exception("too much skew")
except:
request.setResponseCode(403)
return ""
salon_name = request.args["salon"][0]
salons_deferred = self.monitor.salons.by_name(salon_name)
def send_response(salon):
request.setHeader("Content-Type", "application/json")
request.write(
json.dumps({
"time_status": salon.current_time_status(),
"busy": bool(salon.deploys),
"hold": salon.current_hold,
}))
request.finish()
salons_deferred.addCallback(send_response)
return server.NOT_DONE_YET
def render_GET(self, request):
header_name = "X-Signature"
if not request.requestHeaders.hasHeader(header_name):
request.setResponseCode(401)
return ""
try:
header_value = request.requestHeaders.getRawHeaders(header_name)[0]
timestamp, sep, signature = header_value.partition(":")
if sep != ":":
raise Exception("unparseable")
expected = hmac.new(self.secret, timestamp, hashlib.sha256).hexdigest()
if not constant_time_compare(signature, expected):
raise Exception("invalid signature")
if abs(time.time() - int(timestamp)) > MAX_SKEW_SECONDS:
raise Exception("too much skew")
except:
request.setResponseCode(403)
return ""
salon_name = request.args["salon"][0]
salons_deferred = self.monitor.salons.by_name(salon_name)
def send_response(salon):
request.setHeader("Content-Type", "application/json")
request.write(json.dumps({
"time_status": current_time_status(),
"busy": bool(salon.deploys),
"hold": salon.current_hold,
}))
request.finish()
salons_deferred.addCallback(send_response)
return server.NOT_DONE_YET
