def test_03_check_token_upload(self):
g.logged_in_user = {"username": "******",
"role": "admin"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
req = Request(env)
req.all_data = {"filename": "token.xml"}
# Set a policy, that does allow the action
set_policy(name="pol1",
scope=SCOPE.ADMIN,
action="enrollTOTP, enrollHOTP, %s" % ACTION.IMPORT,
client="10.0.0.0/8")
g.policy_object = PolicyClass()
# Try to import tokens
r = check_token_upload(req)
self.assertTrue(r)
# The admin can not upload from another IP address
# An exception is raised
env["REMOTE_ADDR"] = "192.168.0.1"
req = Request(env)
req.all_data = {"filename": "token.xml"}
self.assertRaises(PolicyError,
check_token_upload, req)
# finally delete policy
delete_policy("pol1")
def test_16_init_token_defaults(self):
g.logged_in_user = {"username": "******",
"role": "user"}
builder = EnvironBuilder(method='POST',
data={'type': "totp",
"genkey": "1"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
# Set a policy that defines the default totp settings
set_policy(name="pol1",
scope=SCOPE.USER,
action="totp_otplen=8,totp_hashlib=sha256,totp_timestep=60")
g.policy_object = PolicyClass()
# request, that matches the policy
req.all_data = {
"type": "totp",
"genkey": "1"}
init_token_defaults(req)
# Check, if the token defaults were added
self.assertEqual(req.all_data.get("totp.hashlib"), "sha256")
self.assertEqual(req.all_data.get("otplen"), "8")
self.assertEqual(req.all_data.get("timeStep"), "60")
# finally delete policy
delete_policy("pol1")
def test_06_set_tokenlabel(self):
g.logged_in_user = {"username": "******",
"role": "admin"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
req = Request(env)
# Set a policy that defines the tokenlabel
set_policy(name="pol1",
scope=SCOPE.ENROLL,
action="%s=%s" % (ACTION.TOKENLABEL, "<u>@<r>"))
set_policy(name="pol2",
scope=SCOPE.ENROLL,
action="%s=%s" % (ACTION.TOKENISSUER, "myPI"))
g.policy_object = PolicyClass()
# request, that matches the policy
req.all_data = {
"user": "******",
"realm": "home"}
init_tokenlabel(req)
# Check, if the tokenlabel was added
self.assertEqual(req.all_data.get("tokenlabel"), "<u>@<r>")
# Check, if the tokenissuer was added
self.assertEqual(req.all_data.get("tokenissuer"), "myPI")
# finally delete policy
delete_policy("pol1")
delete_policy("pol2")
def test_14_required_email(self):
g.logged_in_user = {"username": "******",
"role": "admin"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
req = Request(env)
# Set a mangle policy to change the username
# and only use the last 4 characters of the username
set_policy(name="email1",
scope=SCOPE.REGISTER,
action="%s=/.*@mydomain\..*" % ACTION.REQUIREDEMAIL)
g.policy_object = PolicyClass()
# request, that matches the policy
req.all_data = {"email": "*****@*****.**"}
# This emails is allowed
r = required_email(req)
self.assertTrue(r)
# This email is not allowed
req.all_data = {"email": "*****@*****.**"}
# This emails is allowed
self.assertRaises(RegistrationError, required_email, req)
delete_policy("email1")
g.policy_object = PolicyClass()
# Without a policy, this email can register
req.all_data = {"email": "*****@*****.**"}
# This emails is allowed
r = required_email(req)
self.assertTrue(r)
def test_10_check_external(self):
g.logged_in_user = {"username": "******",
"role": "user"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
req = Request(env)
g.policy_object = PolicyClass()
req.all_data = {
"user": "******",
"realm": "home"}
# Check success on no definition
r = check_external(req)
self.assertTrue(r)
# Check success with external function
current_app.config["PI_INIT_CHECK_HOOK"] = \
"privacyidea.api.lib.prepolicy.mock_success"
r = check_external(req)
self.assertTrue(r)
# Check exception with external function
current_app.config["PI_INIT_CHECK_HOOK"] = \
"privacyidea.api.lib.prepolicy.mock_fail"
self.assertRaises(Exception, check_external, req)
def test_15_reset_password(self):
builder = EnvironBuilder(method='POST',
data={'user': "******",
"realm": self.realm1},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
req = Request(env)
# Set a mangle policy to change the username
# and only use the last 4 characters of the username
set_policy(name="recover",
scope=SCOPE.USER,
action="%s" % ACTION.RESYNC)
g.policy_object = PolicyClass()
req.all_data = {"user": "******", "realm": self.realm1}
# There is a user policy without password reset, so an exception is
# raised
self.assertRaises(PolicyError, check_anonymous_user, req,
ACTION.PASSWORDRESET)
# The password reset is allowed
set_policy(name="recover",
scope=SCOPE.USER,
action="%s" % ACTION.PASSWORDRESET)
g.policy_object = PolicyClass()
r = check_anonymous_user(req, ACTION.PASSWORDRESET)
self.assertEqual(r, True)
def test_01a_admin_realms(self):
admin1 = {"username": "******",
"role": "admin",
"realm": "realm1"}
admin2 = {"username": "******",
"role": "admin",
"realm": "realm2"}
set_policy(name="pol",
scope=SCOPE.ADMIN,
action="*", adminrealm="realm1")
g.policy_object = PolicyClass()
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
req = Request(env)
req.all_data = {}
# admin1 is allowed to do everything
g.logged_in_user = admin1
r = check_base_action(req, action="delete")
self.assertTrue(r)
# admin2 is not allowed.
g.logged_in_user = admin2
self.assertRaises(PolicyError, check_base_action, req, action="delete")
delete_policy("pol")
def test_08_encrypt_pin(self):
g.logged_in_user = {"username": "******",
"role": "admin"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
req = Request(env)
# Set a policy that defines the PIN to be encrypted
set_policy(name="pol1",
scope=SCOPE.ENROLL,
action=ACTION.ENCRYPTPIN)
g.policy_object = PolicyClass()
# request, that matches the policy
req.all_data = {
"user": "******",
"realm": "home"}
encrypt_pin(req)
# Check, if the tokenlabel was added
self.assertEqual(req.all_data.get("encryptpin"), "True")
# finally delete policy
delete_policy("pol1")
def test_10_api_endpoint(self):
fixed = "ebedeeefegeheiej"
otpkey = "cc17a4d77eaed96e9d14b5c87a02e718"
uid = "000000000000"
otps = ["ebedeeefegeheiejtjtrutblehenfjljrirgdihrfuetljtt",
"ebedeeefegeheiejlekvlrlkrcluvctenlnnjfknrhgtjned",
"ebedeeefegeheiejktudedbktcnbuntrhdueikggtrugckij",
"ebedeeefegeheiejjvjncbnffdrvjcvrbgdfufjgndfetieu",
"ebedeeefegeheiejdruibhvlvktcgfjiruhltketifnitbuk"
]
token = init_token({"type": "yubikey",
"otpkey": otpkey,
"otplen": len(otps[0]),
"yubikey.prefix": fixed,
"serial": "UBAM12345678_1"})
builder = EnvironBuilder(method='GET',
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
nonce = "random nonce"
apiid = "hallo"
apikey = "1YMEbMZijD3DzL21UfKGnOOI13c="
set_privacyidea_config("yubikey.apiid.{0!s}".format(apiid), apikey)
req.all_data = {'id': apiid,
"otp": otps[0],
"nonce": nonce}
text_type, result = YubikeyTokenClass.api_endpoint(req, g)
self.assertEqual(text_type, "plain")
self.assertTrue("status=OK" in result, result)
self.assertTrue("nonce={0!s}".format(nonce) in result, result)
def test_07_set_random_pin(self):
g.logged_in_user = {"username": "******",
"role": "admin"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
req = Request(env)
# Set a policy that defines the tokenlabel
set_policy(name="pol1",
scope=SCOPE.ENROLL,
action="%s=%s" % (ACTION.OTPPINRANDOM, "12"))
set_policy(name="pinhandling",
scope=SCOPE.ENROLL,
action="%s=privacyidea.lib.pinhandling.base.PinHandler" %
ACTION.PINHANDLING)
g.policy_object = PolicyClass()
# request, that matches the policy
req.all_data = {
"user": "******",
"realm": "home"}
init_random_pin(req)
# Check, if the tokenlabel was added
self.assertEqual(len(req.all_data.get("pin")), 12)
# finally delete policy
delete_policy("pol1")
delete_policy("pinhandling")
def test_07_sign_response(self):
builder = EnvironBuilder(method='POST',
data={},
headers={})
env = builder.get_environ()
env["REMOTE_ADDR"] = "192.168.0.1"
req = Request(env)
req.values = {"user": "******",
"pass": "******",
"nonce": "12345678"}
res = {"jsonrpc": "2.0",
"result": {"status": True,
"value": True},
"version": "privacyIDEA test",
"id": 1}
resp = Response(json.dumps(res))
from privacyidea.lib.crypto import Sign
g.sign_object = Sign("tests/testdata/private.pem",
"tests/testdata/public.pem")
new_response = sign_response(req, resp)
jresult = json.loads(new_response.data)
self.assertEqual(jresult.get("nonce"), "12345678")
self.assertEqual(jresult.get("signature"), "7220461805369685253863294214862525311437731987121534735993146952136348520396812489782945679627890785973634896605293523175424850299832912878523161817380029213546063467888018205435416020286712762804412024065559270543774578319469096483246637875013247101135063221604113204491121777932147776087110152414627230087278622508771143940031542890514380486863296102037208395371717795767683973979032142677315402422403254992482761563612174177151960004042109847122772813717599078313600692433727690239340230353616318691769042290314664126975201679642739717702497638318611217001361093950139025744740660953017413716736691777322916588328")
def test_04_check_max_token_user(self):
g.logged_in_user = {"username": "******",
"role": "admin"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
req.all_data = {"user": "******",
"realm": self.realm1}
# Set a policy, that allows two tokens per user
set_policy(name="pol1",
scope=SCOPE.ENROLL,
action="{0!s}={1!s}".format(ACTION.MAXTOKENUSER, 2))
g.policy_object = PolicyClass()
# The user has one token, everything is fine.
self.setUp_user_realms()
tokenobject = init_token({"serial": "NEW001", "type": "hotp",
"otpkey": "1234567890123456"},
user=User(login="******",
realm=self.realm1))
tokenobject_list = get_tokens(user=User(login="******",
realm=self.realm1))
self.assertTrue(len(tokenobject_list) == 1)
self.assertTrue(check_max_token_user(req))
# Now the user gets his second token
tokenobject = init_token({"serial": "NEW002", "type": "hotp",
"otpkey": "1234567890123456"},
user=User(login="******",
realm=self.realm1))
tokenobject_list = get_tokens(user=User(login="******",
realm=self.realm1))
self.assertTrue(len(tokenobject_list) == 2)
# The user has two tokens. The check that will run in this case,
# before the user would be assigned the 3rd token, will raise a
# PolicyError
self.assertRaises(PolicyError,
check_max_token_user, req)
# The check for a token, that has no username in it, must not
# succeed. I.e. in the realm new tokens must be enrollable.
req.all_data = {}
self.assertTrue(check_max_token_user(req))
req.all_data = {"realm": self.realm1}
self.assertTrue(check_max_token_user(req))
# finally delete policy
delete_policy("pol1")
remove_token("NEW001")
remove_token("NEW002")
def test_05_autoassign_any_pin(self):
# init a token, that does has no uwser
self.setUp_user_realms()
tokenobject = init_token({"serial": "UASSIGN1", "type": "hotp",
"otpkey": "3132333435363738393031"
"323334353637383930"},
tokenrealms=[self.realm1])
user_obj = User("autoassignuser", self.realm1)
# unassign all tokens from the user autoassignuser
try:
unassign_token(None, user=user_obj)
except Exception:
print("no need to unassign token")
# The request with an OTP value and a PIN of a user, who has not
# token assigned
builder = EnvironBuilder(method='POST',
data={},
headers={})
env = builder.get_environ()
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
req.all_data = {"user": "******", "realm": self.realm1,
"pass": "******"}
# The response with a failed request
res = {"jsonrpc": "2.0",
"result": {"status": True,
"value": False},
"version": "privacyIDEA test",
"id": 1}
resp = Response(json.dumps(res))
# Set the autoassign policy
# to "any_pin"
set_policy(name="pol2",
scope=SCOPE.ENROLL,
action="{0!s}={1!s}".format(ACTION.AUTOASSIGN, AUTOASSIGNVALUE.NONE),
client="10.0.0.0/8")
g.policy_object = PolicyClass()
new_response = autoassign(req, resp)
jresult = json.loads(new_response.data)
self.assertTrue(jresult.get("result").get("value"), jresult)
self.assertEqual(jresult.get("detail").get("serial"), "UASSIGN1")
# test the token with test287082 will fail
res, dict = check_user_pass(User("autoassignuser", self.realm1),
"test287082")
self.assertFalse(res)
# test the token with test359152 will succeed
res, dict = check_user_pass(User("autoassignuser", self.realm1),
"test359152")
self.assertTrue(res)
delete_policy("pol2")
def test_08_get_webui_settings(self):
# Test that a machine definition will return offline hashes
self.setUp_user_realms()
serial = "offline01"
tokenobject = init_token({"serial": serial, "type": "hotp",
"otpkey": "3132333435363738393031"
"323334353637383930",
"pin": "offline",
"user": "******"})
# Set the Machine and MachineToken
resolver1 = save_resolver({"name": "reso1",
"type": "hosts",
"filename": HOSTSFILE})
mt = attach_token(serial, "offline", hostname="gandalf")
self.assertEqual(mt.token.serial, serial)
self.assertEqual(mt.token.machine_list[0].machine_id, "192.168.0.1")
# The request with an OTP value and a PIN of a user, who has not
# token assigned
builder = EnvironBuilder(method='POST',
data={},
headers={})
env = builder.get_environ()
env["REMOTE_ADDR"] = "192.168.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
req.all_data = {"user": "******",
"pass": "******"}
res = {"jsonrpc": "2.0",
"result": {"status": True,
"value": {"role": "user",
"username": "******"}},
"version": "privacyIDEA test",
"detail": {"serial": serial},
"id": 1}
resp = Response(json.dumps(res))
new_response = get_webui_settings(req, resp)
jresult = json.loads(new_response.data)
self.assertEqual(jresult.get("result").get("value").get(
"token_wizard"), False)
# Set a policy. User has not token, so "token_wizard" will be True
set_policy(name="pol_wizard",
scope=SCOPE.WEBUI,
action=ACTION.TOKENWIZARD)
g.policy_object = PolicyClass()
new_response = get_webui_settings(req, resp)
jresult = json.loads(new_response.data)
self.assertEqual(jresult.get("result").get("value").get(
"token_wizard"), True)
delete_policy("pol_wizard")
def test_authorization_raises_exception_if_user_is_not_valid(self):
"Should raise an Unauthorized exception if is_valid_user function returns False"
is_valid_mock = mock.MagicMock(return_value=False)
builder = EnvironBuilder()
request = Request(builder.get_environ())
request.authorization = {'username': '******', 'password': '******'}
with self.assertRaises(Unauthorized):
BasicAuth(is_valid_user=is_valid_mock).authenticate(request)
is_valid_mock.assert_called_once_with('john', 'xxx')
def test_authorization_raises_exception_if_authorization_is_not_set(self):
"Should raise an exception and the is_valid_user function should never be invoked"
is_valid_mock = mock.MagicMock(return_value=False)
builder = EnvironBuilder()
request = Request(builder.get_environ())
request.authorization = None
with self.assertRaises(Unauthorized):
BasicAuth(is_valid_user=is_valid_mock).authenticate(request)
self.assertEqual(is_valid_mock.call_count, 0)
def test_authorization_passes_if_is_valid_user_returns_True(self):
"Should return None if the user is valid"
is_valid_mock = mock.MagicMock(return_value=True)
builder = EnvironBuilder()
request = Request(builder.get_environ())
request.authorization = {'username': '******', 'password': '******'}
result = BasicAuth(is_valid_user=is_valid_mock).authenticate(request)
self.assertEqual(result, None)
is_valid_mock.assert_called_once_with('john', 'xxx')
def test_06_offline_auth(self):
# Test that a machine definition will return offline hashes
self.setUp_user_realms()
serial = "offline01"
tokenobject = init_token({"serial": serial, "type": "hotp",
"otpkey": "3132333435363738393031"
"323334353637383930",
"pin": "offline",
"user": "******"})
# Set the Machine and MachineToken
resolver1 = save_resolver({"name": "reso1",
"type": "hosts",
"filename": HOSTSFILE})
mt = attach_token(serial, "offline", hostname="gandalf")
self.assertEqual(mt.token.serial, serial)
self.assertEqual(mt.token.machine_list[0].machine_id, "192.168.0.1")
# The request with an OTP value and a PIN of a user, who has not
# token assigned
builder = EnvironBuilder(method='POST',
data={},
headers={})
env = builder.get_environ()
env["REMOTE_ADDR"] = "192.168.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
req.all_data = {"user": "******",
"pass": "******"}
res = {"jsonrpc": "2.0",
"result": {"status": True,
"value": True},
"version": "privacyIDEA test",
"detail": {"serial": serial},
"id": 1}
resp = Response(json.dumps(res))
new_response = offline_info(req, resp)
jresult = json.loads(new_response.data)
self.assertTrue(jresult.get("result").get("value"), jresult)
self.assertEqual(jresult.get("detail").get("serial"), serial)
# Check the hashvalues in the offline tree
auth_items = jresult.get("auth_items")
self.assertEqual(len(auth_items), 1)
response = auth_items.get("offline")[0].get("response")
self.assertEqual(len(response), 100)
# check if the counter of the token was increased to 100
tokenobject = get_tokens(serial=serial)[0]
self.assertEqual(tokenobject.token.count, 101)
delete_policy("pol2")
def delete_post(uid):
if know_post(uid):
if not Request.get_json(request):
req = Request.get_Json(request)
if not 'password' in req:
abort(400)
req = Request.get_json(request)
tmp_post = post_factory.post_factory(uid)
if not tmp_post.password == req['password']:
abort(401)
else:
tmp_post.delete_post()
return Response(json.dumps({'message': 'Your post deleted ;)'}), 200)
def res_post(uid: str):
if know_post(uid):
if not Request.get_json(request):
apo_post = post_factory.post_factory(uid)
apo_post.apothanasia()
return Response(json.dumps(vars(apo_post)), 200)
req = Request.get_json(request)
tmp_post = response_post.ResponsePost(link=uid, content=req['content'],
password=req['password'] if 'password' in Request.get_json(request) else '',
lang=req['lang'] if 'lang' in Request.get_json(request) else 'und')
tmp_post.post_contribution()
return Response(json.dumps(vars(tmp_post)), 200)
def test_05_check_max_token_realm(self):
g.logged_in_user = {"username": "******",
"role": "admin"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
req.all_data = {"realm": self.realm1}
# Set a policy, that allows two tokens per realm
set_policy(name="pol1",
scope=SCOPE.ENROLL,
action="max_token_per_realm=2",
realm=self.realm1)
g.policy_object = PolicyClass()
self.setUp_user_realms()
# Add the first token into the realm
tokenobject = init_token({"serial": "NEW001", "type": "hotp",
"otpkey": "1234567890123456"})
set_realms("NEW001", [self.realm1])
# check the realm, only one token is in it the policy condition will
# pass
tokenobject_list = get_tokens(realm=self.realm1)
self.assertTrue(len(tokenobject_list) == 1)
self.assertTrue(check_max_token_realm(req))
# add a second token to the realm
tokenobject = init_token({"serial": "NEW002", "type": "hotp",
"otpkey": "1234567890123456"})
set_realms("NEW002", [self.realm1])
tokenobject_list = get_tokens(realm=self.realm1)
self.assertTrue(len(tokenobject_list) == 2)
# request with a user object, not with a realm
req.all_data = {"user": "******".format(self.realm1)}
# Now a new policy check will fail, since there are already two
# tokens in the realm
self.assertRaises(PolicyError,
check_max_token_realm, req)
# finally delete policy
delete_policy("pol1")
remove_token("NEW001")
remove_token("NEW002")
def test_09_pin_policies(self):
g.logged_in_user = {"username": "******",
"role": "user"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
req = Request(env)
# Set a policy that defines PIN policy
set_policy(name="pol1",
scope=SCOPE.USER,
action="%s=%s,%s=%s,%s=%s" % (ACTION.OTPPINMAXLEN, "10",
ACTION.OTPPINMINLEN, "4",
ACTION.OTPPINCONTENTS, "cn"))
g.policy_object = PolicyClass()
req.all_data = {"realm": "somerealm",
"user": "******",
"realm": "home"}
# The minimum OTP length is 4
self.assertRaises(PolicyError, check_otp_pin, req)
req.all_data = {"realm": "somerealm",
"user": "******",
"realm": "home",
"pin": "12345566890012"}
# Fail maximum OTP length
self.assertRaises(PolicyError, check_otp_pin, req)
req.all_data = {"realm": "somerealm",
"user": "******",
"realm": "home",
"pin": "123456"}
# Good OTP length, but missing character A-Z
self.assertRaises(PolicyError, check_otp_pin, req)
req.all_data = {"realm": "somerealm",
"user": "******",
"realm": "home",
"pin": "abc123"}
# Good length and goot contents
self.assertTrue(check_otp_pin(req))
# finally delete policy
delete_policy("pol1")
def post_content():
if not Request.get_json(request):
abort(400)
req = Request.get_json(request)
if not 'content' in req:
abort(400)
if len(req['content']) <= 0:
abort(123)
tmp_post = post.Post(content=req['content'],
password=req['password'] if 'password' in Request.get_json(request) else '',
lang=req['lang'] if 'lang' in Request.get_json(request) else 'und')
tmp_post.post_contribution()
return Response(json.dumps(vars(tmp_post)), 200)
def test_06_set_realm(self):
g.logged_in_user = {"username": "******",
"role": "admin"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
# Set a policy, that allows two tokens per realm
set_policy(name="pol1",
scope=SCOPE.AUTHZ,
action="{0!s}={1!s}".format(ACTION.SETREALM, self.realm1),
realm="somerealm")
g.policy_object = PolicyClass()
# request, that matches the policy
req.all_data = {"realm": "somerealm"}
set_realm(req)
# Check, if the realm was modified to the realm specified in the policy
self.assertTrue(req.all_data.get("realm") == self.realm1)
# A request, that does not match the policy:
req.all_data = {"realm": "otherrealm"}
set_realm(req)
# Check, if the realm is still the same
self.assertEqual(req.all_data.get("realm"), "otherrealm")
# If there are several policies, which will produce different realms,
# we get an exception
set_policy(name="pol2",
scope=SCOPE.AUTHZ,
action="{0!s}={1!s}".format(ACTION.SETREALM, "ConflictRealm"),
realm="somerealm")
g.policy_object = PolicyClass()
# This request will trigger two policies with different realms to set
req.all_data = {"realm": "somerealm"}
self.assertRaises(PolicyError, set_realm, req)
# finally delete policy
delete_policy("pol1")
delete_policy("pol2")
def test_11_api_key_required(self):
g.logged_in_user = {}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
g.policy_object = PolicyClass()
# No policy and no Auth token
req.all_data = {}
r = api_key_required(req)
# The request was not modified
self.assertTrue(r)
# Set a policy, that allows two tokens per realm
set_policy(name="pol_api",
scope=SCOPE.AUTHZ,
action=ACTION.APIKEY)
g.policy_object = PolicyClass()
# A request with no API Key fails
self.assertRaises(PolicyError, api_key_required, req)
# A request with an API key succeeds
secret = current_app.config.get("SECRET_KEY")
token = jwt.encode({"role": ROLE.VALIDATE,
"exp": datetime.utcnow() + timedelta(hours=1)},
secret)
req.headers = {"Authorization": token}
r = api_key_required(req)
self.assertTrue(r)
# A request with a valid Admin Token does not succeed
token = jwt.encode({"role": ROLE.ADMIN,
"username": "******",
"exp": datetime.utcnow() + timedelta(hours=1)},
secret)
req.headers = {"Authorization": token}
self.assertRaises(PolicyError, api_key_required, req)
delete_policy("pol_api")
def test_03_sendsms(self):
# setup realms
self.setUp_user_realms()
r = set_smsgateway(identifier="myGW",
providermodule="privacyidea.lib.smsprovider."
"SmtpSMSProvider.SmtpSMSProvider",
options={"SMTPIDENTIFIER": "myserver",
"MAILTO": "*****@*****.**"})
self.assertTrue(r > 0)
smtpmock.setdata(response={"*****@*****.**": (200, "OK")},
support_tls=False)
g = FakeFlaskG()
audit_object = FakeAudit()
audit_object.audit_data["serial"] = "123456"
g.logged_in_user = {"user": "******",
"role": "admin",
"realm": ""}
g.audit_object = audit_object
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
req.all_data = {"serial": "SomeSerial",
"user": "******"}
options = {"g": g,
"request": req,
"smsconfig": "myGW"}
un_handler = UserNotificationEventHandler()
res = un_handler.do("sendsms", options=options)
self.assertTrue(res)
def test_valid_authentication(self):
is_valid_mock = mock.MagicMock(return_value=True)
builder = EnvironBuilder()
request = Request(builder.get_environ())
request.authorization = {'username': '******', 'password': '******'}
dummy = DummyAuthentication(valid_auth=True)
dummy_auth_mock = mock.MagicMock(return_value=True)
dummy.authenticate = dummy_auth_mock
auth = And(
BasicAuth(is_valid_user=is_valid_mock),
dummy
)
result = auth.authenticate(request)
self.assertEqual(result, None)
is_valid_mock.assert_called_once_with('john', 'xxx')
dummy_auth_mock.assert_called_once_with(request)
def test_not_valid_authentication_second_auth_not_invoked(self):
"Should raise an Unthorized exception and avoid invoking other auth strategies"
is_valid_mock = mock.MagicMock(return_value=False)
builder = EnvironBuilder()
request = Request(builder.get_environ())
request.authorization = {'username': '******', 'password': '******'}
dummy = DummyAuthentication(valid_auth=True)
dummy_auth_mock = mock.MagicMock(return_value=True)
dummy.authenticate = dummy_auth_mock
auth = And(
BasicAuth(is_valid_user=is_valid_mock),
dummy
)
with self.assertRaises(Unauthorized):
auth.authenticate(request)
is_valid_mock.assert_called_once_with('john', 'xxx')
self.assertEqual(dummy_auth_mock.call_count, 0)
def test_12_mangle(self):
g.logged_in_user = {"username": "******",
"role": "admin"}
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
# Set a mangle policy to change the username
# and only use the last 4 characters of the username
set_policy(name="mangle1",
scope=SCOPE.AUTH,
action="{0!s}=user/.*(.{{4}}$)/\\1/".format(ACTION.MANGLE))
g.policy_object = PolicyClass()
# request, that matches the policy
req.all_data = {"user": "******"}
mangle(req)
# Check if the user was modified
self.assertEqual(req.all_data.get("user"), "user")
# Set a mangle policy to remove blanks from realm name
set_policy(name="mangle2",
scope=SCOPE.AUTH,
action="{0!s}=realm/\\s//".format(ACTION.MANGLE))
g.policy_object = PolicyClass()
# request, that matches the policy
req.all_data = {"realm": "lower Realm"}
mangle(req)
# Check if the realm was modified
self.assertEqual(req.all_data.get("realm"), "lowerRealm")
# finally delete policy
delete_policy("mangle1")
delete_policy("mangle2")
def test_02_sendmail(self):
# setup realms
self.setUp_user_realms()
r = add_smtpserver(identifier="myserver", server="1.2.3.4", tls=False)
self.assertTrue(r > 0)
smtpmock.setdata(response={"*****@*****.**": (200, "OK")},
support_tls=False)
g = FakeFlaskG()
audit_object = FakeAudit()
audit_object.audit_data["serial"] = "123456"
g.logged_in_user = {"user": "******",
"role": "admin",
"realm": ""}
g.audit_object = audit_object
builder = EnvironBuilder(method='POST',
data={'serial': "OATH123456"},
headers={})
env = builder.get_environ()
# Set the remote address so that we can filter for it
env["REMOTE_ADDR"] = "10.0.0.1"
g.client_ip = env["REMOTE_ADDR"]
req = Request(env)
req.all_data = {"serial": "SomeSerial",
"user": "******"}
options = {"g": g,
"request": req,
"emailconfig": "myserver"}
un_handler = UserNotificationEventHandler()
res = un_handler.do("sendmail", options=options)
self.assertTrue(res)
def handle_batch_request(self, request: flask.Request):
from bentoml.marshal.utils import DataLoader
requests = DataLoader.split_requests(request.get_data())
if ZIPKIN_API_URL:
from bentoml.server.trace import trace
with trace(
ZIPKIN_API_URL,
service_name=self.__class__.__name__,
span_name=f"call `{self.handler.__class__.__name__}`",
):
responses = self.handler.handle_batch_request(requests, self.func)
else:
responses = self.handler.handle_batch_request(requests, self.func)
return DataLoader.merge_responses(responses)
def handle(req: Request):
"""handle a request to the function.
Your response is immediately passed to the caller, unmodified.
This allows you full control of the response, e.g. you can set
the status code by returning a tuple (str, int). A detailed
description of how responses are handled is found here:
http://flask.pocoo.org/docs/1.0/quickstart/#about-responses
Args:
req (Request): Flask request object
"""
return json.dumps({
"echo": req.get_data().decode('utf-8'),
"random": np.random.random_sample(),
})
def tucker_stop(req: flask.Request) -> Tuple[str, int]:
if not req.method == 'POST':
return 'request must be POST', 415
body = req.get_json(silent=True)
if not body or body['token'] != API_TOKEN:
return 'bad or missing auth', 403
api = sucks.EcoVacsAPI(SUCKS_DEVICE_ID, SUCKS_EMAIL, SUCKS_PASSWORD_HASH,
SUCKS_COUNTRY, SUCKS_CONTINENT)
tucker = api.devices()[0]
vacbot = sucks.VacBot(api.uid, api.REALM, api.resource,
api.user_access_token, tucker, SUCKS_CONTINENT)
vacbot.connect_and_wait_until_ready()
vacbot.run(sucks.Charge())
vacbot.disconnect()
return 'ok', 200
def __call__(self, environ, start_response):
request = Request(environ)
if (request.method == 'OPTIONS'):
return self.__app(environ, start_response)
token = request.headers.get('Authorization')
if (token is None):
return self.send_unauthorized_response(environ, start_response)
[tokentype, token] = token.split(' ')
if (tokentype is None or tokentype != self.BEARER_TOKEN_TYPE
or token is None):
return self.send_unauthorized_response(environ, start_response)
if (not AuthServiceRepository().validate_token(token)):
return self.send_unauthorized_response(environ, start_response)
else:
return self.__app(environ, start_response)
def test_echo_signature(self):
response = self.client.open("/datetime/v1/echo", method="GET")
request = Request.from_values(
base_url="http://localhost",
path="/datetime/v1/echo",
method="GET",
)
self.assert200(response,
"Response body is : " + response.data.decode("utf-8"))
s_header = response.headers.get("Signature")
assert s_header, response.headers
p = parse_signature_header(s_header)
ss = Signature(**p)
sstring = ss.signature_string(request.method, request.path,
response.headers)
verify_string(load_pubkey(Path("rsa.pub").read_bytes()), sstring,
p["signature"])
def my_gateway_func(request: flask.Request):
try:
data = cleanup_func(request.get_json(force=True))
if 'message' in data:
return data
topic = set_topic_by_env(data['environment'])
data['topic_name'] = set_compute_topic_by_env(data['environment'])
publisher = pubsub_v1.PublisherClient()
try:
response = publisher.publish(topic=topic,
data=json.dumps(data).encode('utf-8'))
id = response.running()
except:
raise
else:
return {'status': f'topic successfully added: {id}'}
except json.decoder.JSONDecodeError:
return {'message': 'json formatting is incorrect'}
def load_bitmex_orders_data(request: flask.Request):
"""Responds to any HTTP request.
Example message {"since_date": "2021-01-04"}
Returns:
The response text or any set of values that can be turned into a Response object using
`make_response <https://flask.palletsprojects.com/en/1.1.x/api/#flask.Flask.make_response>`.
"""
request_json = request.get_json()
exchange = 'bitmex'
source = 'orders'
operation_key_field = 'orderID'
operation_timestamp_field = 'transactTime'
topic_id = TopicId.JOB_ORDER_DATA_IMPORT.value
count = import_exchange_data(exchange, operation_key_field,
operation_timestamp_field, request_json,
source, topic_id, agg.bitmex_load_orders)
return flask.jsonify(count=count)
def start_batch(request: Request):
request_json = request.get_json(silent=True)
print(request_json)
with ThreadPoolExecutor(max_workers=len(IMSI_LIST)) as executor:
def call_up(imsi):
data = {"body": "message"}
headers = {
"X-Soracom-API-Key": os.getenv("SORACOM_API_KEY"),
"X-Soracom-Token": os.getenv("SORACOM_TOKEN")
}
res = requests.post(
f"https://g.api.soracom.io/v1/subscribers/{imsi}/send_sms",
json=data,
headers=headers)
print(json.loads(res.content))
return res
features = [executor.submit(call_up, imsi) for imsi in IMSI_LIST]
for feature in features:
print(f"result:{feature.result()}")
sensors = []
def callback(message: Message):
print(f"Received {message}.")
data = json.loads(message.data.decode("utf-8"))
sensors.append(data)
message.ack()
subscriber = pubsub_v1.SubscriberClient()
subscription_path = subscriber.subscription_path(PROJECT_ID,
SUBSCRIPTION_ID)
future = subscriber.subscribe(subscription_path, callback=callback)
with subscriber:
try:
future.result(timeout=TIMEOUT)
except TimeoutError:
future.cancel()
print(mean([sensor["temperature"] for sensor in sensors]))
return json.dumps(sensors)
def request_to_comment(request: flask.Request):
try:
json_str = request.get_json()["data"]
comment_json = json.loads(json_str, encoding="utf8")
except Exception as e:
print(e)
return None
if "author" in comment_json.keys() and "email" in comment_json.keys(
) and "text" in comment_json.keys():
return {
"author": comment_json["author"],
"email": comment_json["email"],
"text": comment_json["text"],
"date_posted": datetime.now(),
"id": shortuuid.uuid(),
"votes": 0,
}
return None
def delete_policy_from_storage(request: flask.Request) -> bool:
"""Delete a policy from storage.
Args:
The function uses HTTP request directly. These argument must be contained in the request:
uid (str): uid of the policy
location (str): location the policy is stored
Returns:
True if the removal is successful.
"""
request_json = request.get_json()
uid = request_json['uid']
location = request_json['location']
client = MongoClient()
storage = MongoStorage(client, db_name=location)
storage.delete(uid)
return True
def callback(name):
endpoint, view_args, req_args = recall_own_flow()
if request.args.get('error'):
return auth_server.create_authorization_response() # access_denied error response
fed_client = federation.get(name)
try:
fed_client.authorize_access_token()
except OAuthError:
return auth_server.create_authorization_response()
user_info = fed_client.fetch_user_info()
user = User(user_info.sub, user_info)
auth_url = url_for(endpoint,**view_args,**req_args,_external=True)
base_url, query_string = auth_url.split('?',1)
auth_req = Request.from_values(base_url=base_url, query_string=query_string.encode())
# g.redirect_uri = req_args.get('redirect_uri')
return auth_server.create_authorization_response(auth_req, grant_user=user)
def run_typecheck(request: Request) -> Response:
if request.method != "POST":
abort_api(405, "Only POST method is supported.")
data = request.get_json()
if data is None:
abort_api(400, "Failed to parse JSON payload.")
if not isinstance(data, dict):
abort_api(400, "JSON object must be provided.")
source = data.get("source")
if not isinstance(source, str):
abort_api(400, "'source' field must contain a string.")
options = data.get("options", [])
if not isinstance(options, list):
abort_api(400, "'options' field must be a list.")
for option in options:
if not isinstance(option, str):
abort_api(400, "'options' field must be a list of strings.")
return jsonify(run_mypy(source, options))
def update_leaderboard_stats(req: Request):
connection = DatabaseConnection('userbase.db')
cursor = connection.get_connection().cursor()
jsonData = (req.get_json())
if jsonData is None:
return {'serverCode': 400}
else:
username = jsonData['username']
mostplayedgame = jsonData['mostPlayedGame']
mostplayedsystem = jsonData['mostPlayedSystem']
cursor.execute(
'UPDATE USER SET mostplayedgame=?, mostplayedsystem=? WHERE username=?;',
(mostplayedgame, mostplayedsystem, username))
connection.conn.commit()
return {'serverCode': 200}
def _parse_request(request: Request) -> dict:
if not request.is_json:
raise InvalidRequestException(422, {"status": "failed", "message": "invalid data"})
request_data = request.get_json()
for key in [KEY_USER_ID, KEY_PLATFORM, KEY_OS_VERSION, KEY_DEVICE_TYPE, KEY_APP_VERSION, KEY_LANG, KEY_ENCOUNTERS]:
if key not in request_data:
raise InvalidRequestException(422, {"status": "failed", "message": f"missing field: {key}"})
if not request_data[key]:
raise InvalidRequestException(422, {"status": "failed", "message": f"empty field: {key}"})
for encounter in request_data[KEY_ENCOUNTERS]:
for key in [KEY_ENCOUNTER_DATE, KEY_BEACON_ID, KEY_SIGNAL_STRENGTH]:
if key not in encounter:
raise InvalidRequestException(
422, {"status": "failed", "message": f"missing field in {KEY_ENCOUNTERS}: {key}"}
)
return request_data
def is_json_request(request: flask.Request, properties: list = []) -> bool:
"""Check whether the request's body could be parsed to JSON format, and all necessary properties specified by `properties` are in the JSON object
Args:
request (flask.Request): the flask request object wrapping the real HTTP request data
properties (list[str]): list of property names to check. By default its an empty list
Returns:
boolean: whether the request is a JSON-content request and contains all the properties
"""
try:
body = request.get_json()
except TypeError:
return False
if body is None:
return False
for prop in properties:
if prop not in body:
return False
return True
def post_get_tasks(request: Request) -> Response:
userid: str = ""
password: str = ""
request_json = request.get_json(silent=True)
request_args = request.args
if request_json and 'userid' in request_json and 'password' in request_json:
userid = request_json['userid']
password = request_json['password']
elif request_args and 'userid' in request_args and 'password' in request_args:
userid = request_args['userid']
password = request_args['password']
else:
return jsonify({"result": ""})
# {"userid": userid, "password": password}
time.sleep(0.5)
return jsonify(manaba.get_tasks(userid, password))
def _is_valid_github_request(self, request: flask.Request) -> bool:
header_signature = request.headers['X-Hub-Signature']
sig_type, signature = header_signature.split('=', 1)
if sig_type != 'sha1':
logger.error('Got a unknown signature type from GitHub',
signature_type=signature)
return False
assert self.secret
mac = hmac.new(
key=self.secret.encode(),
msg=request.get_data(),
digestmod=sig_type,
)
if hmac.compare_digest(mac.hexdigest(), signature):
return True
logger.info('Got wrong signature', received_signature=signature)
return False
def entities_builder(request: flask.Request):
"""HTTP Cloud Function that create and update entities in Dialogflow.
Args:
request (flask.Request): The request object. More info:
<http://flask.pocoo.org/docs/1.0/api/#flask.Request>
"""
request_json = request.get_json(silent=True)
arguments = Arguments(**request_json)
project_id = arguments.project_id
client = get_dialogflow_client()
parent = get_agent(client, project_id)
if request_json and arguments.entities:
# Create entities one by one.
create_entities_type(client, arguments.entities, parent)
return
elif request_json and arguments.entities_batch:
# Create in batch using entity_type_batch_inline.
arguments.pre_process_entities_batch_name()
client.batch_update_entity_types(
parent=parent, entity_type_batch_inline=arguments.entities_batch)
return
else:
# Create in batch using entity_type_batch_uri.
response = client.batch_update_entity_types(
parent=parent, entity_type_batch_uri=arguments.bucket)
def callback(operation_future):
"""Returns a callback.
This example uses futures for long-running operations returned from Google Cloud APIs.
These futures are used asynchronously using callbacks and Operation.add_done_callback
More info: https://googleapis.dev/python/google-api-core/1.14.3/futures.html
"""
operation_future.result()
response.add_done_callback(callback)
def commit(self, session_request: FlaskRequest, session_response: FlaskResponse):
method = session_request.method
session_request_data = {
"date": self.create_time,
"method": method,
"url": session_request.path,
"headers": dict(session_request.headers),
"query": session_request.args,
}
session_response_data = {
"date": datetime.utcnow().isoformat()+'Z',
"status": session_response.status_code,
"headers": dict(session_response.headers),
}
if method == "GET":
if len(session_response.data) > self.LOG_LIMIT:
data = "<content too large for logging>"
# Webship images are unnecessary and large
elif session_request.path.startswith("/webshop/image/"):
data = "<skipping image content>"
else:
data = byte_decode(session_response.data)
session_response_data["data"] = data
if method != "GET":
if (session_request.content_length or 0) > self.LOG_LIMIT:
data = "<content too large for logging>"
else:
data = session_request.get_data(as_text=True)
session_request_data["data"] = data
traffic_data = {
"ip": session_request.remote_addr,
"host": session_request.host,
"request": session_request_data,
"service_traffic": self.service_traffic,
"response": session_response_data
}
with open(f"/work/logs/{self.create_time}_{session_request.remote_addr}_{method}.json", "w") as file:
json.dump(traffic_data, file, ensure_ascii=False)
def process_proxy(request: Request) -> Response:
url = request.url.replace(request.host_url, HABRA_HOST)
headers = {
k: v
for k, v in request.headers if k.lower() not in REQUEST_HEADERS_EXCLUDE
}
habra_resp = requests.request(method=request.method,
url=url,
headers=headers,
data=request.get_data(),
cookies=request.cookies)
headers = [(key, habra_resp.raw.headers[key])
for key in habra_resp.raw.headers
if key.lower() not in RESPONSE_HEADERS_EXCLUDE]
# modify content only for text/html response
if habra_resp.raw.headers.get('Content-Type', '').startswith('text/html'):
processed_content = _modify_habra_content(habra_resp.text,
request.host_url)
return Response(processed_content, habra_resp.status_code, headers)
else:
return Response(habra_resp.content, habra_resp.status_code, headers)
def __call__(self, environ: Dict, start_response: Callable) -> Callable:
response = None
request = Request(environ)
session = self.session_interface.open_session( # type: ignore
self.proxy_app, request)
# handle callback request
if request.base_url == self.callback_url:
response = self.callback(session, request)
# handle unauthorized requests
if (request.base_url != self.callback_url) and ("user" not in session):
response = self.login(session)
if response:
self.session_interface.save_session(self.proxy_app, session,
response)
return response(environ, start_response)
# handle authorized requests
return self.app(environ, start_response)
def __call__(self, environ, start_response):
request = Request(environ)
for i in self.public_prefixes:
if i.match(request.path):
return self.app(environ, start_response)
user_dict = decode_cookie(request.cookies.get(COOKIE_NAME, ''))
if not user_dict and\
os.environ['ENVIRONMENT_TYPE'] == 'development' and\
os.environ.get('REMOTE_USER_ID', ''):
user_dict = {'REMOTE_USER_ID': os.environ['REMOTE_USER_ID']}
if user_dict:
environ['myauthmiddleware'] = user_dict
return self.app(environ, start_response)
is_json = False
for i in self.json_prefixes:
if i.match(request.path):
is_json = True
break
else:
is_json = (request.headers.get('HTTP-ACCEPT')
or '').find('application/json') >= 0
if is_json:
response = Response(mimetype='application/json')
response.status_code = 401
response.set_data(
json.dumps({
'error':
_('authentication required to access requested url')
}))
return response(environ, start_response)
url = self.authentication_url + '?r=' + \
urllib.quote(base64.b64encode(request.url))
return redirect(url, code=303)(environ, start_response)
def _is_request_valid(request: Request) -> Tuple[bool, Optional[Tuple[Response, int]]]:
if request.method != "POST":
return False, (jsonify(
{
"status": "failed",
"message": "Invalid method"
}
), 405)
if not request.is_json:
return False, (jsonify(
{
"status": "failed",
"message": "Invalid data"
}
), 422)
request_data = request.get_json()
if "msisdn" not in request_data or not _check_phone_number(request_data["msisdn"]):
return False, (jsonify(
{
"status": "failed",
"message": "Invalid phone number"
}
), 422)
msisdn = request_data["msisdn"]
ip = request.headers.get('X-Forwarded-For')
if _is_too_many_requests_for("ip", ip, limit=INVALID_REGS_PER_IP_LIMIT) \
or _is_too_many_requests_for("msisdn", msisdn, limit=INVALID_REGS_PER_MSISDN_LIMIT):
return False, (jsonify(
{
"status": "failed",
"message": "Registration temporarily not available. Try again in an hour"
}
), 429)
return True, None
def __call__(self, environ, start_response):
req = Request(environ)
client_request_id = None
if self.resp_header_client_request_id in req.headers:
client_request_id = req.headers[self.resp_header_client_request_id]
req.environ[self.env_client_request_id] = client_request_id
if self.resp_header_request_id in req.headers:
req_id = req.headers[self.resp_header_request_id]
else:
req_id = generate_request_id()
environ[self.env_request_id] = req_id
def _start_response(status, response_headers, *args):
if client_request_id:
response_headers.append(
(self.resp_header_client_request_id, client_request_id))
if self.resp_header_request_id not in dict(
response_headers).keys():
response_headers.append((self.resp_header_request_id, req_id))
return start_response(status, response_headers, *args)
return self.app(environ, _start_response)
def request_validation(
self,
request: FlaskRequest,
query: Optional[Type[BaseModel]],
body: Optional[Request],
headers: Optional[Type[BaseModel]],
cookies: Optional[Type[BaseModel]],
):
req_query = request.args or {}
if request.content_type == "application/json":
parsed_body = request.get_json() or {}
else:
parsed_body = request.get_data() or {}
req_headers = request.headers or {}
req_cookies = request.cookies or {}
request.context = Context(
query=query.parse_obj(req_query) if query else None,
body=body.model.parse_obj(parsed_body)
if body and body.model else None,
headers=headers.parse_obj(req_headers) if headers else None,
cookies=cookies.parse_obj(req_cookies) if cookies else None,
)
def gordo_ml_server_callback(request):
"""
Redirect calls to a gordo server to reflect what the local testing app gives
will call the correct path (assuminng only single level paths) on the
gordo app.
"""
if request.method in ("GET", "POST"):
kwargs = dict()
if request.body:
flask_request = Request.from_values(
content_length=len(request.body),
input_stream=io.BytesIO(request.body),
content_type=request.headers["Content-Type"],
method=request.method,
)
if flask_request.json:
kwargs["json"] = flask_request.json
else:
kwargs["data"] = {
k: (io.BytesIO(f.read()), f.filename)
for k, f in flask_request.files.items()
}
with TEST_SERVER_MUTEXT:
resp = getattr(gordo_server_app, request.method.lower())(
request.path_url,
headers=dict(request.headers),
**kwargs)
if type(resp.headers) is not dict:
headers = dict(resp.headers.to_list())
else:
headers = resp.headers
return (
resp.status_code,
headers,
json.dumps(resp.json)
if resp.json is not None else resp.data,
)
def speak(request: flask.Request) -> str:
print(f"MDW: speak() called, request: {request}")
request_json = request.get_json(silent=True)
text = "You are a derp."
languageCode = "en-GB"
voice = "en-GB-Wavenet-F"
if request_json:
if "text" in request_json:
text = request_json["text"]
if "languageCode" in request_json:
languageCode = request_json["languageCode"]
if "voice" in request_json:
voice = request_json["voice"]
else:
text = "You are a derp."
print(f"MDW: text is: {text}")
print(f"MDW: languageCode is: {languageCode}")
print(f"MDW: voice is: {voice}")
client = texttospeech.TextToSpeechClient()
input = texttospeech.SynthesisInput(text=text)
voice = texttospeech.VoiceSelectionParams(
language_code=languageCode, name=voice
)
audio_config = texttospeech.AudioConfig(
audio_encoding=texttospeech.AudioEncoding.LINEAR16
)
response = client.synthesize_speech(
input=input, voice=voice, audio_config=audio_config
)
return (
response.audio_content,
200,
{"Content-Type": "application/octet-stream"},
)
def message_function(request: Request) -> Union[Response, None]:
engine = sqlalchemy.create_engine(
sqlalchemy.engine.url.URL(
drivername = driver_name,
username = db_user,
password = db_password,
database = db_name,
query = query_string,
),
pool_size = 5,
max_overflow = 2,
pool_timeout = 30,
pool_recycle = 1800
)
SessionClass = sessionmaker(engine)
session = SessionClass()
if request.method == 'POST':
request_json = request.get_json()
get_text = request_json['text']
get_kind = request_json['kind']
text_add = Message(text = get_text, kind = get_kind)
session.add(text_add)
session.commit()
return make_response('201 uploaded', 201)
elif request.method == 'GET':
response_date = {}
texts = session.query(Message)\
.order_by(desc(Message.id))\
.limit(20)\
.all()
response_date = jsonify({'texts': MessageSchema(many = True).dump(texts)})
response = make_response(response_date)
response.headers['Content-Type'] = 'application/json'
return response
def handle(req: Request):
"""handle a request to the function.
Your response is immediately passed to the caller, unmodified.
This allows you full control of the response, e.g. you can set
the status code by returning a tuple (str, int). A detailed
description of how responses are handled is found here:
http://flask.pocoo.org/docs/1.0/quickstart/#about-responses
Args:
req (Request): Flask request object
"""
predictions = []
# load molecule from smiles and calculate fp
mol = Chem.MolFromSmiles(req.get_json()["smiles"])
if mol:
# calc descriptors
descs = calc_descriptors(mol)
# predict
predictions = predict(descs)
return json.dumps(predictions)
def _request_loader(self, request: Request) -> Union[User, AnonymousUser]:
"""
Attempt to load the user from the request token.
"""
header_key = self.token_authentication_header
args_key = self.token_authentication_key
token = request.args.get(args_key,
request.headers.get(header_key, None))
if request.is_json:
data = request.get_json(silent=True) or {}
token = data.get(args_key, token)
try:
data = self.remember_token_serializer.loads(
token, max_age=self.token_max_age)
user = self.user_manager.get(data[0])
if user and self.security_utils_service.verify_hash(
data[1], user.password):
return user
except:
pass
return self.login_manager.anonymous_user()
