def himawari8(target):
last_updatetime = bottle.request.query.get("updatetime")
baseUrl = bottle.request.url[0:bottle.request.url.find("/hi8")]
key = "himawari8.{}".format(target)
result = None
getcaps = None
if uwsgi.cache_exists("himawari8"):
if uwsgi.cache_exists(key):
result = json.loads(uwsgi.cache_get(key))
else:
getcaps = uwsgi.cache_get("himawari8")
else:
res = requests.get("{}{}".format(baseUrl, FIREWATCH_GETCAPS),
verify=FIREWATCH_HTTPS_VERIFY)
res.raise_for_status()
getcaps = res.content
getcaps = getcaps.decode("utf-8")
uwsgi.cache_set("himawari8", getcaps, 60 * 10) # cache for 10 mins
if not result:
layernames = re.findall("\w+HI8\w+{}\.\w+".format(target), getcaps)
layers = []
for layer in layernames:
layers.append([
settings.PERTH_TIMEZONE.localize(
datetime.datetime.strptime(
re.findall("\w+_(\d+)_\w+", layer)[0], "%Y%m%d%H%M")),
layer
])
layers = sorted(layers, key=lambda layer: layer[0])
for layer in layers:
layer[0] = (layer[0]).strftime("%a %b %d %Y %H:%M:%S AWST")
result = {
"servers": [baseUrl + FIREWATCH_SERVICE],
"layers": layers,
"updatetime": layers[len(layers) - 1][0]
}
uwsgi.cache_set(key, json.dumps(result), 60 * 10) # cache for 10 mins
if len(result["layers"]) == 0:
return bottle.HTTPResponse(status=404)
elif last_updatetime and last_updatetime == result["updatetime"]:
bottle.response.status = 290
return "{}"
else:
return result
def res_image():
jmark = False
if bottle.request.query.jmark in ("on", True, 1):
jmark = True
o_image = mangasheet.gen_comicbase(int(bottle.request.query.dpi),
int(bottle.request.query.margin),
bottle.request.query.comment, jmark)
image_writer = io.BytesIO()
o_image.save(image_writer, format="png")
res = bottle.HTTPResponse(status=200, body=image_writer.getvalue())
res.set_header("Content-Type", "image/png")
return res
def restore_session(self):
try:
session_id = dict(bottle.request.query.decode()).get('session_id')
session = self.__sessions_client.get_session_by_id(
None, session_id)
# If session closed then return null
if session and not session.active:
session = None
if session:
return JsonConverter.to_json(session)
else:
return bottle.HTTPResponse(status=204)
except Exception as err:
return self._send_error(err)
def get_certificate():
username = post_get('username')
if not username:
raise bottle.HTTPError(500, "Username missing")
password = post_get('password', default=None)
days = int(post_get('days', default=None))
cert_gen = CertificateGenerator()
log_certificate_create(username, days)
cert_gen.generate(password, username, days)
openvpn_config = cert_gen.get_openvpn_config()
headers = {
'Content-Type': 'text/plain;charset=UTF-8',
'Content-Disposition':
'attachment; filename="softfire-vpn_%s.ovpn"' % username,
"Content-Length": len(openvpn_config)
}
return bottle.HTTPResponse(openvpn_config, 200, **headers)
def rtt():
mon_table = RTTMANAGER.get_table()
logger.debug("MonitorTable: %s" % (mon_table))
body = {"text": "", "color": "red"}
tmp = []
for entry in mon_table:
body["text"] += "%s: <b>%s</b> ms<br>" % (entry['name'], entry['rtt'])
if entry['rtt'] != 0:
tmp.append(1)
if len(tmp) == len(mon_table):
body["color"] = "green"
elif len(tmp) > 0:
body["color"] = "yellow"
return bottle.HTTPResponse(body=body, status=200)
def data(db):
data = request.body.read()
data2 = str(data)
data_hash = hashlib.sha256(data2.encode())
row = db.execute("SELECT Hash FROM Hashes WHERE Hash='" +
data_hash.hexdigest() + "'")
row = row.fetchall()
if (row):
return bottle.HTTPResponse(status=403)
db.execute("INSERT INTO Hashes (Hash) VALUES (\"" + data_hash.hexdigest() +
"\")")
data = str(data.decode('utf-8'))
data = data.split(',')
arr = []
for i in data:
arr.append(i[1:-1])
def logs(self):
'''
All server logs.
Useful for debugging only.
Would not let this page see the light of day in production w/o
an authentication-authorization protocols in place.
:return:
'''
self.l.debug('Request for "logs".')
if self.debug:
return bottle.template('logs', log_buffer=self.l.pbh.buffer)
else:
return bottle.HTTPResponse(
status=403,
body=
'Please use the "--debug" flag when starting this webapp to enable world-visible logs:('
)
def poll(id):
# ensure that https is used
url = bottle.request.url
if ("http" in url and "https" not in url) or "herokuapp.com" in url:
return bottle.HTTPResponse(status=301, headers={"Location": url.replace("http", "https") if "herokuapp.com" not in url else "https://www.pollsquickly.com"})
# get all data from redis and render template
data = con.hgetall(id)
# check that poll is valid
if len(data.keys()) == 0:
raise bottle.HTTPError(status=404, body=f"Not found '{'/'+'/'.join(str(bottle.request.url).split('/')[-2:])}'")
# get voted cookie information
voted = bottle.request.get_cookie(f"{id}_voted", default=False)
return bottle.template("poll.html", data=data, id=id, voted=voted)
def handle_response(self, response):
"""Handle both responses and redirects"""
# Always close the connection after the request
bottle.response.set_header('Connection', 'close')
if type(response) is bottle.HTTPResponse:
# Direct HTTP response like a static file already served
# (shouldn't happen)
return response
elif isinstance(response, StringIO.StringIO):
# Direct StringIO response like a static file already served
return response
elif type(response) is dict:
# Direct dictionary response
return response
elif type(response) is list:
# Direct list response
return json.dumps(response)
elif response.startswith('REDIRECT:'):
# Redirect to another page
bottle.redirect(response[9:])
return
elif response.startswith('STATIC:'):
# Static file served without the download option
name, path = response[7:].split(':', 1)
return bottle.static_file(name, root=path)
elif response.startswith('DOWNLOAD:'):
# Static file served with the download option
name, path = response[9:].split(':', 1)
return bottle.static_file(name, root=path, download=name)
elif response.startswith('ABORT:'):
# Error page
code, message = response[6:].split(':', 1)
bottle.abort(int(code), message)
elif response.startswith('ERROR:'):
# Error page without format
code, message = response[6:].split(':', 1)
return bottle.HTTPResponse(message, int(code))
elif response.startswith('CSV:'):
bottle.response.set_header('Content-Type', 'text/csv')
return response[4:]
elif response.startswith('TEXT:'):
bottle.response.set_header('Content-Type', 'text/plain')
return response[5:]
else:
return response
def options(**kwargs):
"""
Defined from w3.org:
"The OPTIONS method represents a request for information about the communication
options available on the request/response chain identified by the Request-URI.
This method allows the client to determine the options and/or requirements
associated with a resource, or the capabilities of a server, without implying
a resource action or initiating a resource retrieval."
The clusto-apiserver team plans to roll this out to individual resources once
it has been used a proper amount, but for now we will return OPTIONS with
the minimum amount of required headers (and an empty content) no matter what
resource is requested.
.. code:: bash
$ ${head} -X OPTIONS ${server_url}/
HTTP/1.0 204 No Content
...
Content-Length: 0
$ ${head} -X OPTIONS ${server_url}/return/headers/no/matter/where
HTTP/1.0 204 No Content
...
Content-Length: 0
The same applies to any mounted application:
.. code:: bash
$ ${head} -X OPTIONS ${server_url}/entity/
HTTP/1.0 204 No Content
...
Content-Length: 0
$ ${head} -X OPTIONS ${server_url}/attribute/who/knows/where
HTTP/1.0 204 No Content
...
Content-Length: 0
"""
return bottle.HTTPResponse('', status=204)
def start():
"""
Called every time a new Battlesnake game starts and your snake is in it.
Your response will control how your snake is displayed on the board.
"""
data = bottle.request.json
print("START:", json.dumps(data))
response = {
"color": "#00FF00",
"headType": "regular",
"tailType": "regular"
}
return bottle.HTTPResponse(
status=200,
headers={"Content-Type": "application/json"},
body=json.dumps(response),
)
def fetch_http_endpoint():
"""Thrift RPC endpoint for Concrete FetchCommunicationService
"""
itrans = TTransport.TFileObjectTransport(bottle.request.body)
itrans = TTransport.TBufferedTransport(
itrans, int(bottle.request.headers['Content-Length']))
otrans = TTransport.TMemoryBuffer()
iprot = QuicklimeServer.TSERVER.inputProtocolFactory.getProtocol(itrans)
oprot = QuicklimeServer.TSERVER.outputProtocolFactory.getProtocol(otrans)
QuicklimeServer.TSERVER.processor.process(iprot, oprot)
bytestring = otrans.getvalue()
headers = dict()
headers['Content-Length'] = len(bytestring)
headers['Content-Type'] = "application/x-thrift"
return bottle.HTTPResponse(bytestring, **headers)
def thrift_endpoint(tserver):
"""Thrift RPC endpoint
"""
itrans = TTransport.TFileObjectTransport(bottle.request.body)
itrans = TTransport.TBufferedTransport(
itrans, int(bottle.request.headers['Content-Length']))
otrans = TTransport.TMemoryBuffer()
iprot = tserver.inputProtocolFactory.getProtocol(itrans)
oprot = tserver.outputProtocolFactory.getProtocol(otrans)
tserver.processor.process(iprot, oprot)
bytestring = otrans.getvalue()
headers = dict()
headers['Content-Length'] = len(bytestring)
headers['Content-Type'] = "application/x-thrift"
return bottle.HTTPResponse(bytestring, **headers)
def internal_redirect(app, path_depth):
"""A version of bottle's mountpoint_wrapper() that we call explicitly.
Bottle supports a mount() method that allows on to install an application on
a subpath of the main application. However, it does this on a fixed path. We
want to manually intercept the lazy creation or fetching of a view and call
for a redirect explicitly (via bottle's mountpoint_wrapper() function).
However, this function is hidden within the scope of a the Bottle.mount()
method; if it were defined globally we would just use it, but it is not. So
we copy if here. This is directly lifted from Bottle.mount() and edited
minimally.
Args:
app: A Bottle instance.
path_depth: The number of request path components to skip for the mount.
For example, if our subapplication is mount on /view/all, then the path
depth is 2.
Returns:
A Bottle HTTPResponse objet.
Raises:
Exception: Any exception, depending on the callback.
"""
# pylint: disable=invalid-name
try:
request.path_shift(path_depth)
rs = bottle.HTTPResponse([])
def start_response(status, headerlist, exc_info=None):
if exc_info:
try:
_raise(*exc_info)
finally:
exc_info = None
rs.status = status
for name, value in headerlist:
rs.add_header(name, value)
return rs.body.append
body = app(request.environ, start_response)
if body and rs.body: body = itertools.chain(rs.body, body)
rs.body = body or rs.body
return rs
finally:
request.path_shift(-path_depth)
def submit():
if 'application/json' not in bottle.request.headers['content-type']:
bottle.abort(500, "Application Type must be json!")
logger.info("post-submit: %s" % (bottle.request.json))
owners = localize_file(bottle.request.json.get('file'))
logger.debug("Owners: %s" % (owners, ))
# path is a list of tuple, in which each element is a
# source/destination value
path = path_min_rtt(owners, bottle.request.json.get('host'))
logger.debug("Path with minimum RTT: %s" % (path))
body = []
for p in path:
# call the agent to make the copy
url = "http://%s/scp" % p[0]
payload = {
"data": [bottle.request.json.get('file')],
"username": bottle.request.json.get('username'),
"password": bottle.request.json.get('password'),
"host": p[1],
"destination": bottle.request.json.get('destination')
}
logger.debug("post %s: %s" % (
url,
payload,
))
r_ = requests.post(url=url,
headers={'content-type': 'application/json'},
data=json.dumps(payload))
if r_.status_code != requests.codes.ok:
logger.error(r_.text)
bottle.abort(500, r_.text)
else:
logger.debug("Response %s body: %s" % (x, r_.json()))
test = {
"source": p[0],
"destination": p[1],
"value": r_.json().get('scp')
}
body.append(test)
return bottle.HTTPResponse(body=pretty_dumps(body), status=201)
def create_sighting(db):
form_params = dict(
lat=float(request.forms.get('lat')),
lng=float(request.forms.get('lng')),
name=request.forms.get('name'),
country=request.forms.get('country'),
stateprov=request.forms.get('stateprov'),
city=request.forms.get('city'),
timestamp=float(request.forms.get('timestamp')),
photo=request.forms.get('photo')
)
sighting = Sighting(**form_params)
db.add(sighting)
db.commit()
return bottle.HTTPResponse(
status=201,
Location='/sightings/' + str(sighting.id)
)
def page_analysis(self):
""" Run page analysis for the POSTed concrete state.
:return: The page analysis output for the provided concrete state (element classifications).
"""
results = {}
concrete_state = json.load(request.body)
analysis = self._service.get_page_analysis(concrete_state)
LOGGER.info('Analysis completed...')
results["analysis"] = analysis
LOGGER.debug('Results built...')
return bottle.HTTPResponse(body=results, status=200)
def submit_many():
flags = bottle.request.json.get('flags')
exploit = bottle.request.json.get('exploit')
timestamp = bottle.request.forms.get('timestamp')
target = bottle.request.json.get('target')
valid_flags = []
for f in flags:
if re.match(Config.Flag.regex, f):
valid_flags.append(f)
else:
print('Regex fail') # TO DO
return bottle.HTTPResponse({'error': 'Flag was not correct'}, 400)
if len(valid_flags) > 0:
MongoConnection().db.flags.insert_many(
[{'flag': flag, 'exploit': exploit, 'target': target, 'timestamp': timestamp,
'status': Config.Flag.Status.Manual.unsubmitted.value['text']}
for flag in valid_flags])
def test(**kwargs):
query_dict = request.query.__dict__
param_dict = query_dict['dict']
data = param_dict['id'][0]
wait = int(param_dict['wait'][0])
tag = param_dict['tag'][0]
print "got request for {}-{} at {}".format(
tag, data,
datetime.now().strftime("%Y-%m-%d %H:%M:%S.%f"))
print "waiting for {}-{} for {} msec".format(tag, data, wait)
sec = wait / 1000
time.sleep(sec)
print "send response for {}-{} at {}".format(
tag, data,
datetime.now().strftime("%Y-%m-%d %H:%M:%S.%f"))
result = bottle.HTTPResponse(status=200, body={"message": data})
return result
def wrapper(*args, **kwargs):
try:
out = callback(*args, **kwargs)
if isinstance(out, dict):
if 'result' in out or 'error' in out:
return out
return dict(result = out)
elif isinstance(out, list):
return dict(result = out)
else:
return out
except bottle.HTTPResponse as e:
if isinstance(e.body, dict):
message = e.body
else:
message = dict(message = e.body, code = e.status_code)
headers = [(k,v) for k,v in e.headers.items()]
headers.append(('Content-Type', 'application/json'))
raise bottle.HTTPResponse(json.dumps(dict(error = message)), e.status_code, headers = headers)
def get_flows():
"""
Broadcast the POST request to the 'get_flows' endpoint of the workers
Aggregate the responses
Returns:
requests.models.Response: An HTTP Response with the aggregated
status codes and bodies of the broadcasted requests
"""
data = bottle.request.json
t_start = time.time()
reqs = m_util.broadcast_cmd(WORKER_IP_LIST, WORKER_PORT_LIST, 'get_flows',
data)
stat, bod = m_util.aggregate_broadcast_response(reqs)
get_flow_latency = time.time() - t_start
logging.info(
'[get_flows] Flow latency interval on master: {0} [sec]'.format(
get_flow_latency))
return bottle.HTTPResponse(status=stat, body=bod)
def test():
# retrieve the file and signature parameters from the query.
try:
filepath = bottle.request.query['file']
signature = bottle.request.query['signature']
except KeyError:
bottle.abort(400) # Bad Request
# read the requested file.
try:
fh = open(filepath, "r")
except IOError:
bottle.abort(404) # Not Found
content = fh.read()
fh.close()
# verify the given signature.
known_signature = hmac.new(config.key, content, hashlib.sha1).hexdigest()
match = insecure_compare(known_signature.upper(), signature.upper())
# OK if the signature is good, Internal Server Error otherwise.
status = 200 if match else 500
return bottle.HTTPResponse(status=status, body=known_signature)
def get_validation_error_response(
self,
error: ProcessValidationError,
http_code: HTTPStatus = HTTPStatus.BAD_REQUEST,
) -> typing.Any:
# TODO BS 20171010: Manage error schemas, see #4
from hapic.hapic import _default_global_error_schema
unmarshall = _default_global_error_schema.dump(error)
if unmarshall.errors:
raise OutputValidationException(
'Validation error during dump of error response: {}'.format(
str(unmarshall.errors)))
return bottle.HTTPResponse(
body=json.dumps(unmarshall.data),
headers=[
('Content-Type', 'application/json'),
],
status=int(http_code),
)
def catch_all(name):
"""Catch all requests, return a JSON response with the same url."""
name = name if name.startswith('/') else '/{}'.format(name)
request = bottle.request
method = request.method
headers = request.headers
headers_data = dict([(key, headers[key]) for key in headers])
query_data = dict([(key, request.query[key]) for key in request.query])
form_data = dict([(key, request.forms[key]) for key in request.forms])
body = {
'route': name,
'verb': method,
'headers': headers_data,
'form_data': form_data,
'query_data': query_data,
}
return bottle.HTTPResponse(status=200,
content_type='application/json',
body=json.dumps(body))
def portfolio(company = ""):
"""
Retrieves all stocks under one company
@params: Company from route.
@return: JSON payload with a list of stocks.
@h_resp: 200 OK, 404 Not Found
"""
status = 200
try:
res = { "Company": company }
data = api.read_document(res)
except Exception as e:
print_error(e)
return bottle.HTTPResponse(status = status, body = get_json(res))
def register():
if request.json is None:
return bottle.HTTPResponse(status=400, body="Invalid request");
data = request.json
if "email" not in data:
return bottle.HTTPResponse(status=400, body="Credentials not provided");
if "pin" not in data:
return bottle.HTTPResponse(status=400, body="4-digit code not provided");
if ' ' in data["email"]:
return bottle.HTTPResponse(status=400, body="Spaces are not allowed");
try:
int(data["pin"])
except ValueError:
return bottle.HTTPResponse(status=400, body="4-digit code must be numeric");
doc = cloudantDb.document(urllib.quote(data["email"]))
response = doc.get().result(10)
if response.status_code == 200:
print("User already registered: %s" % data["email"])
return bottle.HTTPResponse(status=409, body="User already registered");
else:
print("Creating new registration for %s" % data["email"])
# Create doc
options = {"org": organization, "id": str(uuid.uuid4()), "auth-method": authMethod, "auth-key": authKey, "auth-token": authToken}
registrationClient = ibmiotf.application.Client(options)
device = registrationClient.api.registerDevice("zone-sample", uuid.uuid4().hex, {"registeredTo": data["email"]} )
response = doc.put(params={
'id': data["email"],
'pin': data["pin"],
'device': {
'type': device['type'],
'id': device['id'],
'authtoken': device['password'],
'clientid': device['uuid'],
'orgid': organization
}
}).result(10)
if response.status_code == 201:
return HTTPResponse(status=201)
# Shouldn't get here, if we do an error has occurred
return bottle.HTTPResponse(status=500, body="Apologies - an internal error occurred :(");
def recommend():
if not clusterizer.processed:
return bottle.HTTPResponse(status=403)
try:
data = bottle.request.json
except Exception as e:
logging.error(e)
return
if data is None:
logging.error('User data is empty')
return
bottle.response.set_header('Content-Type', 'application/json')
return json.dumps({'users': [
user for tag in data['tags']
for user in clusterizer.recommend(tag['n'])
]})
def handler(event, context):
f = event["extensions"]["request"].files.file.file
imagedata = BytesIO(f.read())
thumbdata = BytesIO()
fmt = None
with Image.open(imagedata) as image:
fmt = image.format.lower().replace("e", "")
if not fmt in ("bmp", "jpg", "png"):
return bottle.HTTPResponse(
status=400,
body=json.dumps({"error": "invalid image format: " + fmt}))
thumb = image.copy()
thumb.thumbnail((300, 60), Image.LANCZOS)
thumb.save(thumbdata, format=image.format)
imagepath = hashlib.sha1(imagedata.getvalue()).hexdigest().upper()
thumbpath = hashlib.sha1(thumbdata.getvalue()).hexdigest().upper()
imagepath = imagepath[0:2] + "/" + imagepath[2:4] + "/" + imagepath[4:]
thumbpath = thumbpath[0:2] + "/" + thumbpath[2:4] + "/" + thumbpath[4:]
s3 = boto3.session.Session().resource(
"s3",
region_name="sfo2",
endpoint_url="https://sfo2.digitaloceanspaces.com",
aws_access_key_id=access_key,
aws_secret_access_key=access_secret,
)
s3.Object("diff-pics",
"images/" + imagepath).put(Body=imagedata.getvalue(),
ACL="public-read",
ContentType="image/" + fmt)
s3.Object("diff-pics",
"thumbs/" + thumbpath).put(Body=thumbdata.getvalue(),
ACL="public-read",
ContentType="image/" + fmt)
db.session.add(db.Image(path=imagepath, thumb=thumbpath, format=fmt))
db.session.commit()
return json.dumps({"image": imagepath, "thumb": thumbpath})
def locations():
body = {
'zoom':
3,
'centre': {
'longitude': "42.2807425",
'latitude': "43.289135"
},
'locations': [{
'name': "Nextworks Srl",
'longitude': "10.35997",
'latitude': "43.68397"
}, {
'name': 'i2CAT Fundation',
'longitude': "2.11112",
'latitude': "41.38727"
}, {
'name': "Poznan Supercomputing and Networking Center",
'longitude': "16.89988",
'latitude': "52.41387"
}, {
'name': "National Institute of Advanced Industrial " +
"Science and Technology",
'longitude': "139.75200",
'latitude': "35.67143"
}],
'coordinates': [{
'lat': 41.38727,
'lng': 2.11112
}, {
'lat': 52.41387,
'lng': 16.89988
}, {
'lat': 35.67143,
'lng': 139.75200
}, {
'lat': 41.38727,
'lng': 2.11112
}]
}
return bottle.HTTPResponse(body=pretty_dumps(body), status=200)
def predict(self):
""" Generates an abstract test flow given a precondition (e.g. Observe TextBox FirstName).
:return: A generated abstract test flow.
"""
results = {}
query = request.json
generated = self._service.predict(query, 1)
generated = self.remove_consecutive_dupes(generated)
LOGGER.info('Generation completed...')
results["sequences"] = generated
LOGGER.info('Results built...')
return bottle.HTTPResponse(body=results, status=200)
