def queue(self, event, context): # print("Event: {}, context: {}".format(event, context.invoked_function_arn)) source_event = Event(event, context) data = source_event.parse() if data: target = Target(data.get('target')) if not target: self.logger.error("Target validation failed of: {}".format(target.name)) return Response({ "statusCode": 400, "body": json.dumps({'error': 'Target was not valid or missing'}) }).with_security_headers() scan_uuid = str(uuid.uuid4()) self.sqs_client.send_message( QueueUrl=self.queueURL, MessageBody="portscan|" + target.name + "|" + scan_uuid ) # Use a UUID for the scan type and return it return Response({ "statusCode": 200, "body": json.dumps({'uuid': scan_uuid}) }).with_security_headers() else: self.logger.error("Unrecognized payload: {}".format(data)) return Response({ "statusCode": 400, "body": json.dumps({'error': 'Unrecognized payload'}) }).with_security_headers()
def downloadResults(self, event, context): # This is a lambda function called from API GW # Event type will always be "api-gw" source_event = Event(event, context) data = source_event.parse() if data: target = Target(data.get('target')) if not target: self.logger.error("Target validation failed of: {}".format( target.name)) return Response({ "statusCode": 400, "body": json.dumps({'error': 'Target was not valid or missing'}) }).with_security_headers() results = Results(target.name, self.s3_client, self.bucket, self.base_results_path) # Always use the download route scan_results, status = results.download() if scan_results: return Response({ "statusCode": status, "headers": { "Content-Type": "application/gzip", "Content-Disposition": "attachment; filename={}.tgz".format(target.name) }, "body": base64.b64encode(scan_results.getvalue()).decode("utf-8"), "isBase64Encoded": True }).with_security_headers() else: if status == 404: resp_body = 'No results found for target' elif status == 500: resp_body = 'Unable to download scan results' else: resp_body = 'Unknown error' return Response({ "statusCode": status, "body": json.dumps({'error': resp_body}) }).with_security_headers() else: self.logger.error("Unrecognized payload: {}".format(data)) return Response({ "statusCode": 400, "body": json.dumps({'error': 'Unrecognized payload'}) }).with_security_headers()
def test_without_security_headers(self): original_response = { "statusCode": 200, "body": json.dumps({'foo': 'bar'}) } response = Response(original_response) assert type(Response(original_response)) == Response assert response.without_security_headers() == { 'body': '{"foo": "bar"}', 'statusCode': 200 }
def process_connection(self, connection): with connection: r = b'' while True: content = connection.recv(1024) r += content if len(content) != 1024: break log('request log:\n <{}>'.format(r)) r = r.decode() if r: request = Request(r) response = Response() m_num = len(self.middlewares) if m_num > 0: # 下一个中间件的 index next_i = 0 def next(): nonlocal next_i if next_i == m_num: self.handle_path(request, response) else: m = self.middlewares[next_i] next_i += 1 m(request, response, next) next() else: self.handle_path(request, response) # 把响应发送给客户端 connection.sendall(response.toHttp())
def test_movie_insert(api): response = Response() request_data = { 'companys': ['카카오', '토스'], 'directors': ['김택윤', '이운기'], 'genreAlt': '테스트', 'movieCd': '2', 'movieNm': '포스트테스트', 'movieNmEn': 'POSTTEST', 'nationAlt': '테스트', 'openDt': '20200101', 'prdtStatNm': '테스트', 'prdtYear': '2020', 'typeNm': '장편', } api_response = api.post( '/movies', data=json.dumps(request_data), content_type="application/json" ) assert api_response.status_code == 200 api_response = api.get( '/movies/2' ) payload = json.loads(api_response.data.decode('utf-8')) payload = {key: value for key, value in dict(payload).items()} assert api_response.status_code == 200 response_data = { 'companys': [{'id': 2, 'name': '카카오'}, {'id': 3, 'name': '토스'}], 'directors': [{'id': 2, 'name': '김택윤'}, {'id': 3, 'name': '이운기'}], 'genreAlt': '테스트', 'movieCd': '2', 'movieNm': '포스트테스트', 'movieNmEn': 'POSTTEST', 'nationAlt': '테스트', 'openDt': '20200101', 'prdtStatNm': '테스트', 'prdtYear': '2020', 'typeNm': '장편' } assert payload == response(status='NORMAL', data=response_data, unit_test=True)
def test_with_security_headers(self): original_response = { "statusCode": 200, "body": json.dumps({'foo': 'bar'}) } new_headers_expectation = Response.SECURITY_HEADERS response = Response(original_response) assert type(Response(original_response)) == Response assert response.with_security_headers() == { 'body': '{"foo": "bar"}', 'headers': new_headers_expectation, 'statusCode': 200 }
def test_ping(api): response = Response() api_response = api.get('/ping') payload = json.loads(api_response.data.decode('utf-8')) assert api_response.status_code == 200 assert payload == response(status='NORMAL', data=payload['data'], unit_test=True)
def test_get_formatted_content_success(self): resp = Response(SUCCESS, "id:13~result:success~ip:127.0.0.1") self.assertEquals(resp.get_formatted_content(), { 'id': '13', 'result': 'success', 'ip': '127.0.0.1' })
def decorate_function(*args, **kwargs): response = Response() if request.method in ['PUT', 'POST']: content_type = request.headers.get('Content-Type') if str(content_type) != 'application/json': return response(status='NOT_ACCEPTABLE', data='None') return f(*args, **kwargs)
def test_with_security_headers_preexisting_sec(self): original_headers = {'Content-Security-Policy': 'nope'} original_response = { "statusCode": 200, "body": json.dumps({'foo': 'bar'}), # We're adding to make sure it's not overwritten 'headers': original_headers } new_headers_expectation = {} new_headers_expectation.update(Response.SECURITY_HEADERS) new_headers_expectation['Content-Security-Policy'] = 'nope' response = Response(original_response) assert type(Response(original_response)) == Response assert response.with_security_headers() == { 'body': '{"foo": "bar"}', 'headers': new_headers_expectation, 'statusCode': 200 }
def create_endpoints(app, services): response = Response() movie_service = services.movie_service @app.route('/ping', methods=['GET']) def ping(): status, data = movie_service.ping() return response(status=status, data=data) @app.route('/movies', methods=['GET', 'POST', 'PUT']) @content_type_check def movie_list(): if request.method == 'GET': pagination_data = { 'page': int(request.args.get('page', 1)), 'per_page': int(request.args.get('per_page', 20)), } status, data, pagination = movie_service.get_movie_list(pagination_data) return response(status=status, data=data, pagination=pagination) elif request.method == 'POST': new_movie_data = request.json status, data = movie_service.post_movie_list(new_movie_data) return response(status=status, data=data) elif request.method == 'PUT': print(request.json) modify_movie_data = request.json status, data = movie_service.put_movie_list(modify_movie_data) return response(status=status, data=data) @app.route('/movies/<int:movie_cd>', methods=['GET', 'DELETE']) @content_type_check def movie_detail(movie_cd): if request.method == 'GET': status, data = movie_service.get_movie_detail(movie_cd) return response(status=status, data=data) elif request.method == 'DELETE': status, data = movie_service.delete_movie_detail(movie_cd) return response(status=status, data=data) @app.errorhandler(405) def error_handler(error): return response(status='METHOD_NOT_ALLOWED', data='None')
def test_movie_delete(api): response = Response() api_response = api.delete( '/movies/1', ) assert api_response.status_code == 200 api_response = api.get( '/movies/1', ) payload = json.loads(api_response.data.decode('utf-8')) payload = {key: value for key, value in dict(payload).items()} assert api_response.status_code == 200 assert payload == response(status='NOT_FOUND', data='None', unit_test=True)
def test_movie_list(api): response = Response() api_response = api.get('/movies') payload = json.loads(api_response.data.decode('utf-8')) payload = {key: value for key, value in dict(payload).items()} # status 상태 확인: assert api_response.status_code == 200 data = { 'movies': [{ 'movieCd': '1', 'genreAlt': '테스트', 'movieNm': '테스트', 'movieNmEn': 'TEST', 'nationAlt': '테스트', 'openDt': '20200101' }] } pagination = {'page': 1, 'per_page': 20, 'limit': 1} assert payload == response(status='NORMAL', data=data, pagination=pagination, unit_test=True)
def dispatch(self): cookie = Cookie.SimpleCookie(self.environ.get("HTTP_COOKIE","")) if 'authToken' in cookie: token = cookie["authToken"].value self.checkAuthByToken(token) if not self.loggedUser: self.checkAuth() path = os.path.join(os.path.dirname(__file__), "..", "templates", "login.html") htmlFile = open(path, "r") content = htmlFile.read() htmlFile.close() r = Response(content, encoder=None) r.setHeaders([ ('Content-type', "text/html") ]) return r
def _post_index(self): """ 请求Customer的列表数据 """ result = { 'total': 0, # 当前页面的customer数量 'page': 0, # 当面页码 'pages': 0, # 总页码 'customers': list() # 当前customer的数据 } # argument的获取与校验 self.parser.add_argument('page', type=int, default=1) self.parser.add_argument('per_page', type=int, default=20) args = self.parser.parse_args() page = args.get('page', 1) per_page = args.get('per_page', 20) # 如果page小于等于0,返回错误 if page <= 0: return Response(*CommonPrompt.INVALID_PAGE) # 获取customer数据 try: customers_page = Customer.query.order_by(Customer.id) \ .paginate(page=page, per_page=per_page) pages = customers_page.pages customers_data = customers_page.items customers_json = [ customer.to_json() for customer in customers_data ] # 构造result result['total'] = len(customers_json) result['page'] = page result['pages'] = pages result['customers'] = customers_json except Exception as e: return Response.error('请求出错', str(e)) return result
def test_movie_detail(api): response = Response() api_response = api.get('/movies/1') payload = json.loads(api_response.data.decode('utf-8')) payload = {key: value for key, value in dict(payload).items()} assert api_response.status_code == 200 data = { 'companys': [{'id': 1, 'name': '테스트 컴패니'}], 'directors': [{'id': 1, 'name': '테스트 디렉터'}], 'genreAlt': '테스트', 'movieCd': '1', 'movieNm': '테스트', 'movieNmEn': 'TEST', 'nationAlt': '테스트', 'openDt': '20200101', 'prdtStatNm': '테스트', 'prdtYear': '2020', 'typeNm': '장편' } assert payload == response(status='NORMAL', data=data, unit_test=True) ## 없는 데이터 조회 했을때 api_response = api.get('/movies/2') payload = json.loads(api_response.data.decode('utf-8')) assert api_response.status_code == 200 assert payload == response(status='NOT_FOUND', data='None', unit_test=True)
def request(self): try: requests.packages.urllib3.disable_warnings() response = self.session.get(self.url, headers=self.headers, proxies=self.proxy, allow_redirects=False, verify=False, cookies=self.cookies) except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema): # if something wrong in schema print("*Wrong schema*:", self.url) return None except (requests.exceptions.ConnectionError): print("*Connection refused*:", self.url) return None result = Response(response.status_code, response.headers, response.text, response.content, self.url) return result
def test_get_formatted_content_doublecolon(self): resp = Response(SUCCESS, "id:13~key:this:contains:double:colon") self.assertEquals(resp.get_formatted_content(), { 'id': '13', 'key': 'this:contains:double:colon' })
def test_get_formatted_content_empty(self): resp = Response(SUCCESS, "id:13~novaluekey") self.assertEquals(resp.get_formatted_content(), { 'id': '13', 'novaluekey': '' })
def test_response_successful(self): resp = Response(SUCCESS, "OK") self.assertEquals(resp.is_success(), SUCCESS) self.assertEquals(resp.get_status(), SUCCESS) self.assertEquals(resp.get_content(), "OK")
def home(req): print(req.headers) print(req.method) return Response(html="<h1>hi</h1>", status=200)
def test_get_formatted_content_failure(self): resp = Response(FAILURE, "Any error test") self.assertEquals(resp.get_formatted_content(), {})
def getResults(self, event, context): # print("Event: {}, context: {}".format(event, context)) source_event = Event(event, context) data = source_event.parse() print(source_event.type) if data: target = Target(data.get('target')) if not target: self.logger.error("Target validation failed of: {}".format( target.name)) return Response({ "statusCode": 400, "body": json.dumps({'error': 'Target was not valid or missing'}) }).with_security_headers() results = Results(target.name, self.s3_client, self.bucket, self.base_results_path) if source_event.type == "step-function": # Use generateURL route download_url, status = results.generateDownloadURL() if download_url: return Response({ "statusCode": status, "body": json.dumps({'url': download_url}) }).with_security_headers() else: if status == 404: resp_body = 'No results found for target' else: resp_body = 'Unknown error' return Response({ "statusCode": status, "body": json.dumps({'error': resp_body}) }).with_security_headers() else: # Use download route scan_results, status = results.download() if scan_results: return Response({ "statusCode": status, "headers": { "Content-Type": "application/gzip", "Content-Disposition": "attachment; filename={}.tgz".format(target.name) }, "body": base64.b64encode( scan_results.getvalue()).decode("utf-8"), "isBase64Encoded": True }).with_security_headers() else: if status == 404: resp_body = 'No results found for target' elif status == 500: resp_body = 'Unable to download scan results' else: resp_body = 'Unknown error' return Response({ "statusCode": status, "body": json.dumps({'error': resp_body}) }).with_security_headers() else: self.logger.error("Unrecognized payload: {}".format(data)) return Response({ "statusCode": 400, "body": json.dumps({'error': 'Unrecognized payload'}) }).with_security_headers()
def wrapper(*args, **kwargs): response = Response() response.set_header('nida', utils.nida()) return func(res=response, *args, **kwargs)
def wrapper(*args, **kwargs): response = Response() return func(res=response, *args, **kwargs)
def dispatch(self): #URL mapovani na objekty print "POST", self.post print "GET", self.get dispatcherMethod = None url = re.findall(r'([^/]+)', self.environ['PATH_INFO']) if len(url) == 0 or (len(url) == 1 and url[0] == "logout"): if len(url) == 1 and url[0] == "logout": cookie = Cookie.SimpleCookie( self.environ.get("HTTP_COOKIE", "")) if 'authToken' in cookie: token = cookie["authToken"].value conn = datasources.postgres.SQLTransaction() cursor = conn.cursor() cursor.execute( "DELETE FROM pim.users_tokens WHERE user_id = %s AND token = %s", (self.session['user_id'], token)) conn.commit() conn.close() self.session['user_id'] = None self.session.invalidate() path = os.path.join(os.path.dirname(__file__), "..", "templates", "index.html") htmlFile = open(path, "r") content = htmlFile.read() htmlFile.close() r = Response(content, encoder=None) r.setHeaders([('Content-type', "text/html")]) if 'authToken' in self.session: expiration = datetime.datetime.now() + datetime.timedelta( days=30) cookie = Cookie.SimpleCookie() cookie['authToken'] = self.session['authToken'] cookie['authToken']['expires'] = expiration.strftime( '%a, %d %b %Y %H:%M:%S GMT') r.addHeaders([('Set-Cookie', cookie['authToken'].OutputString())]) return r dispatcherClass = None dispatcherMethod = '__default__' #root node pointer = modules for part in url: if hasattr(pointer, part) and type(getattr( pointer, part)) in [types.ClassType, types.ModuleType]: pointer = getattr(pointer, part) dispatcherClass = pointer continue dispatcherMethod = part #deprecated if not dispatcherClass: dispatcherClass = errors dispatcherMethod = "notFound" dispatcher = dispatcherClass(self.session) calee = getattr(dispatcher, dispatcherMethod) attrs = inspect.getargspec(calee)[0] requestData = {} if 'request' in self.request: print self.request['request'].encode("utf8") requestData = json.loads(self.request['request'].encode("utf8")) print "REQUEST", requestData for parameter in requestData.keys(): if parameter not in attrs: del requestData[parameter] return Response(calee(**requestData), encoder=self.format)
def _application(self, environ, start_response): '''handle request for this router''' req = Request(environ) res = Response() pipeline = self.tree.build_pipeline(req) return pipeline.handler(req, res)(environ, start_response)
def test_response_failed(self): resp = Response(FAILURE, "Error here") self.assertEquals(resp.is_success(), FAILURE)