def __init__(self, data=None): # If incoming is a string, ast eval it (exception will be caught with whatever is calling validator) if data: try: self.data = convert_to_datatype(data) except Exception, e: self.return_error(e.message)
def parse_normal_body(request, r_dict): if request.method == 'POST' or request.method == 'PUT': # If it is multipart/mixed we're expecting attachment data (also for signed statements) if 'multipart/mixed' in r_dict['headers']['CONTENT_TYPE']: parse_attachment(request, r_dict) # If it's any other content-type try parsing it out else: if request.body: # profile/states use the raw body r_dict['raw_body'] = request.body # Only for statements since document APIs don't have to be JSON if r_dict['auth']['endpoint'] == '/statements': try: r_dict['body'] = convert_to_datatype(request.body) except Exception: try: r_dict['body'] = QueryDict(request.body).dict() except Exception: raise BadRequest("Could not parse request body") else: # QueryDict will create {'foo':''} key for any string - does not care if valid query string or not for k, v in r_dict['body'].items(): if not v: raise BadRequest("Could not parse request body, no value for: %s" % k) else: r_dict['body'] = request.body else: raise BadRequest("No body in request") return r_dict
def set_agent_param(r_dict): # Convert agent to dict if get param for statements if 'agent' in r_dict['params'] and r_dict['auth']['endpoint'] == '/statements': try: r_dict['params']['agent'] = convert_to_datatype(r_dict['params']['agent']) except Exception: raise BadRequest("Agent param was not a valid JSON structure")
def parse_normal_body(request, r_dict): if request.method == 'POST' or request.method == 'PUT': # If it is multipart/mixed we're expecting attachment data (also for signed statements) if 'multipart/mixed' in r_dict['headers']['CONTENT_TYPE']: parse_attachment(request, r_dict) # If it's any other content-type try parsing it out else: if request.body: # profile/states use the raw body r_dict['raw_body'] = request.body # Only for statements since document APIs don't have to be JSON if r_dict['auth']['endpoint'] == '/statements': try: r_dict['body'] = convert_to_datatype(request.body) except Exception: try: r_dict['body'] = QueryDict(request.body).dict() except Exception: raise BadRequest("Could not parse request body") else: # QueryDict will create {'foo':''} key for any string - does not care if valid query string or not for k, v in r_dict['body'].items(): if not v: raise BadRequest( "Could not parse request body, no value for: %s" % k) else: r_dict['body'] = request.body else: raise BadRequest("No body in request") return r_dict
def parse_cors_request(request, r_dict): # Convert body to dict body = convert_post_body_to_dict(request.body) # 'content' is in body for the IE cors POST if 'content' in body: # Grab what the normal body would be since it's in content (unquote if necessary) str_body = urllib.unquote(body.pop('content')) r_dict['raw_body'] = str_body # Only for statements since document API bodies don't have to be JSON if r_dict['auth']['endpoint'] == '/statements': try: # Should convert to dict if data is in JSON format r_dict['body'] = convert_to_datatype(str_body) except Exception: try: # Convert to dict if data is in form format (foo=bar) r_dict['body'] = QueryDict(str_body).dict() except Exception: raise BadRequest( "Could not parse request body in CORS request") else: # QueryDict will create {'foo':''} key for any string - does not care if valid query string or not for k, v in r_dict['body'].items(): if not v: raise BadRequest( "Could not parse request body in CORS request, no value for: %s" % k) else: r_dict['body'] = str_body # Catch attachments early if 'attachments' in r_dict['body']: raise BadRequest(( "Attachments are not supported in cross origin requests since they require a " "multipart/mixed Content-Type")) # Remove extra headers from body that we already captured in get_headers body.pop('X-Experience-API-Version', None) body.pop('Content-Type', None) body.pop('If-Match', None) body.pop('If-None-Match', None) body.pop('HTTP_AUTHORIZATION', None) body.pop('Authorization', None) # all that should be left are params for the request, we add them to the params object r_dict['params'].update(body) # Add query string params for k in request.GET: # make sure the method param goes in the special method spot if k == 'method': r_dict[k] = request.GET[k].upper() else: r_dict['params'][k] = request.GET[k] #If it is a CORS PUT OR POST make sure it has content if (r_dict['method'] == 'PUT' or r_dict['method'] == 'POST') \ and 'body' not in r_dict: raise BadRequest("CORS PUT or POST both require content parameter") set_agent_param(r_dict)
def set_agent_param(r_dict): # Convert agent to dict if get param for statements if 'agent' in r_dict['params'] and r_dict['auth'][ 'endpoint'] == '/statements': try: r_dict['params']['agent'] = convert_to_datatype( r_dict['params']['agent']) except Exception: raise BadRequest("Agent param was not a valid JSON structure")
def parse_cors_request(request, r_dict): # Convert body to dict body = convert_post_body_to_dict(request.body) # 'content' is in body for the IE cors POST if 'content' in body: # Grab what the normal body would be since it's in content (unquote if necessary) str_body = urllib.unquote(body.pop('content')) r_dict['raw_body'] = str_body # Only for statements since document API bodies don't have to be JSON if r_dict['auth']['endpoint'] == '/statements': try: # Should convert to dict if data is in JSON format r_dict['body'] = convert_to_datatype(str_body) except Exception: try: # Convert to dict if data is in form format (foo=bar) r_dict['body'] = QueryDict(str_body).dict() except Exception: raise BadRequest("Could not parse request body in CORS request") else: # QueryDict will create {'foo':''} key for any string - does not care if valid query string or not for k, v in r_dict['body'].items(): if not v: raise BadRequest("Could not parse request body in CORS request, no value for: %s" % k) else: r_dict['body'] = str_body # Catch attachments early if 'attachments' in r_dict['body']: raise BadRequest(("Attachments are not supported in cross origin requests since they require a " "multipart/mixed Content-Type")) # Remove extra headers from body that we already captured in get_headers body.pop('X-Experience-API-Version', None) body.pop('Content-Type', None) body.pop('If-Match', None) body.pop('If-None-Match', None) body.pop('HTTP_AUTHORIZATION', None) body.pop('Authorization', None) # all that should be left are params for the request, we add them to the params object r_dict['params'].update(body) # Add query string params for k in request.GET: # make sure the method param goes in the special method spot if k == 'method': r_dict[k] = request.GET[k].upper() else: r_dict['params'][k] = request.GET[k] #If it is a CORS PUT OR POST make sure it has content if (r_dict['method'] == 'PUT' or r_dict['method'] == 'POST') \ and 'body' not in r_dict: raise BadRequest("CORS PUT or POST both require content parameter") set_agent_param(r_dict)