def runCase(self, caseDef):
"""
Start a new test run on all currently connected slaves.
"""
runId = newid()
self.runs[runId] = {}
workerRunCount = 0
for proto in self.protoToSlaves:
workerRunId = newid()
slaveId = proto.runCase(workerRunId, caseDef)
self.runs[runId][workerRunId] = {'slaveId': slaveId,
'results': []}
self.workerRunsToRuns[workerRunId] = runId
return runId
def create(self):
"""
Create a new cookie, returning the cookie ID and cookie header value.
"""
if self.debug:
log.msg("CookieStore.create()")
## http://tools.ietf.org/html/rfc6265#page-20
## 0: delete cookie
## -1: preserve cookie until browser is closed
id = util.newid(self._cookie_id_field_length)
cbtData = {
'created': util.utcnow(),
'authid': None,
'authrole': None,
'authmethod': None,
'max_age': self._cookie_max_age,
'connections': set()
}
self._cookies[id] = cbtData
## do NOT add the "secure" cookie attribute! "secure" refers to the
## scheme of the Web page that triggered the WS, not WS itself!!
##
return id, '%s=%s;max-age=%d' % (self._cookie_id_field, id,
cbtData['max_age'])
def _compute_challenge(self, user):
"""
Returns: challenge, signature
"""
challenge_obj = {
'authid': self._authid,
'authrole': self._authrole,
'authmethod': self._authmethod,
'authprovider': self._authprovider,
'session': self._session_details['session'],
'nonce': util.newid(64),
'timestamp': util.utcnow()
}
challenge: str = json.dumps(challenge_obj, ensure_ascii=False)
secret = user['secret'].encode('utf8')
signature = auth.compute_wcs(secret,
challenge.encode('utf8')).decode('ascii')
# extra data to send to client in CHALLENGE
extra = {'challenge': challenge}
# when using salted passwords, provide the client with
# the salt and then PBKDF2 parameters used
if 'salt' in user:
extra['salt'] = user['salt']
extra['iterations'] = user.get('iterations', 1000)
extra['keylen'] = user.get('keylen', 32)
return extra, signature
def create(self):
"""
Create a new cookie, returning the cookie ID and cookie header value.
"""
if self.debug:
log.msg("CookieStore.create()")
## http://tools.ietf.org/html/rfc6265#page-20
## 0: delete cookie
## -1: preserve cookie until browser is closed
id = util.newid(self._cookie_id_field_length)
cbtData = {'created': util.utcnow(),
'authid': None,
'authrole': None,
'authmethod': None,
'max_age': self._cookie_max_age,
'connections': set()}
self._cookies[id] = cbtData
## do NOT add the "secure" cookie attribute! "secure" refers to the
## scheme of the Web page that triggered the WS, not WS itself!!
##
return id, '%s=%s;max-age=%d' % (self._cookie_id_field, id, cbtData['max_age'])
def __init__(self, session, authid, authrole, authprovider, secret):
"""
:param session: The WAMP session ID of the session being authenticated.
:type session: int
:param authid: The authentication ID of the authenticating principal.
:type authid: unicode
:param authrole: The role under which the principal will be authenticated when
the authentication succeeds.
:type authrole: unicode
:param authprovider: Optional authentication provider.
:type authprovider: unicode or None
:param secret: The secret of the principal being authenticated. Either a password
or a salted password.
:type secret: str
"""
self.session = session
self.authmethod = u"wampcra"
self.authid = authid
self.authrole = authrole
self.authprovider = authprovider
challenge_obj = {
'authid': self.authid,
'authrole': self.authrole,
'authmethod': u'wampcra',
'authprovider': self.authprovider,
'session': self.session,
'nonce': util.newid(),
'timestamp': util.utcnow()
}
self.challenge = json.dumps(challenge_obj)
self.signature = auth.compute_wcs(secret, self.challenge)
def __init__(self, session, authid, authrole, authprovider, secret):
"""
:param session: The WAMP session ID of the session being authenticated.
:type session: int
:param authid: The authentication ID of the authenticating principal.
:type authid: unicode
:param authrole: The role under which the principal will be authenticated when
the authentication succeeds.
:type authrole: unicode
:param authprovider: Optional authentication provider.
:type authprovider: unicode or None
:param secret: The secret of the principal being authenticated. Either a password
or a salted password.
:type secret: str
"""
self.session = session
self.authmethod = u"wampcra"
self.authid = authid
self.authrole = authrole
self.authprovider = authprovider
challenge_obj = {
'authid': self.authid,
'authrole': self.authrole,
'authmethod': u'wampcra',
'authprovider': self.authprovider,
'session': self.session,
'nonce': util.newid(),
'timestamp': util.utcnow()
}
# challenge must be bytes
self.challenge = json.dumps(challenge_obj,
ensure_ascii=False).encode('utf8')
self.signature = auth.compute_wcs(secret, self.challenge)
def challengeWithAnonymous(self, details, realm):
cfg = self._transport_config['auth']['anonymous']
# authrole mapping
#
authrole = cfg.get('role', 'anonymous')
# check if role exists on realm anyway
#
if not self._router_factory[realm].has_role(authrole):
return types.Deny(ApplicationError.NO_SUCH_ROLE, message="authentication failed - realm '{}' has no role '{}'".format(realm, authrole))
# authid generation
#
if self._transport._cbtid:
# if cookie tracking is enabled, set authid to cookie value
#
authid = self._transport._cbtid
else:
# if no cookie tracking, generate a random value for authid
#
authid = util.newid(24)
self._transport._authid = authid
self._transport._authrole = authrole
self._transport._authmethod = u"anonymous"
return types.Accept(authid=authid, authrole=authrole, authmethod=self._transport._authmethod)
def _compute_challenge(self, user):
"""
Returns: challenge, signature
"""
challenge_obj = {
u'authid': self._authid,
u'authrole': self._authrole,
u'authmethod': self._authmethod,
u'authprovider': self._authprovider,
u'session': self._session_details[u'session'],
u'nonce': util.newid(64),
u'timestamp': util.utcnow()
}
challenge = json.dumps(challenge_obj, ensure_ascii=False)
# Sometimes, if it doesn't have to be Unicode, PyPy won't make it
# Unicode. Make it Unicode, even if it's just ASCII.
if not isinstance(challenge, six.text_type):
challenge = challenge.decode('utf8')
secret = user['secret'].encode('utf8')
signature = auth.compute_wcs(secret,
challenge.encode('utf8')).decode('ascii')
# extra data to send to client in CHALLENGE
extra = {u'challenge': challenge}
# when using salted passwords, provide the client with
# the salt and then PBKDF2 parameters used
if 'salt' in user:
extra[u'salt'] = user['salt']
extra[u'iterations'] = user.get('iterations', 1000)
extra[u'keylen'] = user.get('keylen', 32)
return extra, signature
def create(self):
"""
Create a new cookie, returning the cookie ID and cookie header value.
"""
# http://tools.ietf.org/html/rfc6265#page-20
# 0: delete cookie
# -1: preserve cookie until browser is closed
cbtid = util.newid(self._cookie_id_field_length)
cbtData = {
"created": util.utcnow(),
"authid": None,
"authrole": None,
"authmethod": None,
"max_age": self._cookie_max_age,
"connections": set(),
}
self._cookies[cbtid] = cbtData
self.log.debug("New cookie {cbtid} created", cbtid=cbtid)
# do NOT add the "secure" cookie attribute! "secure" refers to the
# scheme of the Web page that triggered the WS, not WS itself!!
#
return cbtid, "%s=%s;max-age=%d" % (self._cookie_id_field, cbtid, cbtData["max_age"])
def onConnect(self, request):
clients.add(self)
protocol, headers = None, {}
self._cbtid = None
if "cookie" in request.headers:
try:
cookie = http.cookies.SimpleCookie()
cookie.load(str(request.headers["cookie"]))
except http.cookies.CookieError:
pass
else:
if "cbtid" in cookie:
cbtid = cookie["cbtid"].value
if cbtid in self.factory._cookies:
self._cbtid = cbtid
print("Cookie already set: %s" % self._cbtid)
if self._cbtid is None:
self._cbtid = newid()
maxAge = self.factory.session_max_age
user_index = r.incr("user_index")
r.hmset(self._cbtid,{"login":"******" % user_index})
cbtData = {"created": utcnow(),
"maxAge": maxAge,
"connections": set() }
self.factory._cookies[self._cbtid] = cbtData
headers["Set-Cookie"] = "cbtid=%s;max-age=%d" % (self._cbtid, maxAge)
print("Setting new cookie: %s" % self._cbtid)
self.factory._cookies[self._cbtid]["connections"].add(self)
return (protocol, headers)
def sendBeat(self):
id = newid()
payload = os.urandom(HeartbeatClientProtocol.BEAT_SIZE)
self.beats[id] = datetime.datetime.utcnow()
self.sendPing(id + payload)
print "Sent heartbeat: " + id, self.beatsize
reactor.callLater(1./float(HeartbeatClientProtocol.BEATS_PER_SEC), self.sendBeat)
def do(txn):
data = json.dumps(spec,
ensure_ascii=False,
allow_nan=False,
separators=(',', ':'),
indent=None)
now = utcnow()
id = newid()
txn.execute(
"SELECT id, spec FROM testspec WHERE name = ? AND valid_to IS NULL",
[name])
res = txn.fetchone()
op = None
if res is not None:
currId, currSpec = res
if currSpec == data:
return (op, currId, name)
else:
beforeId = currId
op = 'U'
txn.execute(
"UPDATE testspec SET valid_to = ? WHERE id = ?",
[now, currId])
else:
beforeId = None
op = 'I'
txn.execute(
"INSERT INTO testspec (id, before_id, valid_from, name, desc, mode, caseset, spec) VALUES (?, ?, ?, ?, ?, ?, ?, ?)",
[id, beforeId, now, name, desc, mode, caseset, data])
return (op, id, name)
def setupTests(self):
i = 0
cnt = 0
for testset in self.factory.spec['testsets']:
self.testsets.append((testset, []))
for server in self.factory.spec['servers']:
for case in testset['cases']:
id = newid()
if testset['mode'] == 'echo':
test = {'token': id,
'mode': testset['mode'],
'uri': server['uri'].encode('utf8'),
'name': server['name'].encode('utf8'),
'quantile_count': testset['options']['quantile_count'],
'rtts': 'true' if testset['options']['rtts'] else 'false',
'count': case['count'] if case.has_key('count') else testset['options']['count'],
'size': case['size'] if case.has_key('size') else testset['options']['size'],
'timeout': case['timeout'] if case.has_key('timeout') else testset['options']['timeout'],
'binary': 'true' if (case['binary'] if case.has_key('binary') else testset['options']['binary']) else 'false',
'sync': 'true' if (case['sync'] if case.has_key('sync') else testset['options']['sync']) else 'false',
'correctness': 'exact' if (case['verify'] if case.has_key('verify') else testset['options']['verify']) else 'length',
'count': case['count'] if case.has_key('count') else testset['options']['count']
}
def setupTests(self):
i = 0
cnt = 0
for testset in self.factory.spec['testsets']:
self.testsets.append((testset, []))
for server in self.factory.spec['servers']:
for case in testset['cases']:
id = newid()
if testset['mode'] == 'echo':
test = {'token': id,
'mode': testset['mode'],
'uri': server['uri'].encode('utf8'),
'name': server['name'].encode('utf8'),
'quantile_count': testset['options']['quantile_count'],
'rtts': 'true' if testset['options']['rtts'] else 'false',
'count': case['count'] if case.has_key('count') else testset['options']['count'],
'size': case['size'] if case.has_key('size') else testset['options']['size'],
'timeout': case['timeout'] if case.has_key('timeout') else testset['options']['timeout'],
'binary': 'true' if (case['binary'] if case.has_key('binary') else testset['options']['binary']) else 'false',
'sync': 'true' if (case['sync'] if case.has_key('sync') else testset['options']['sync']) else 'false',
'correctness': 'exact' if (case['verify'] if case.has_key('verify') else testset['options']['verify']) else 'length',
'count': case['count'] if case.has_key('count') else testset['options']['count']
}
else:
raise Exception("unknown mode %s" % testset['mode'])
self.testsets[i][1].append(test)
cnt += 1
i += 1
sys.stdout.write("Running %d tests in total against %d servers: " % (cnt, len(self.factory.spec['servers'])))
def render_POST(self, request):
"""
Request to create a new WAMP session.
"""
if self._debug:
log.msg("WampLongPoll: creating new session ..")
payload = request.content.read()
try:
options = json.loads(payload)
except Exception as e:
return self._parent._failRequest(request, "could not parse WAMP session open request body: {0}".format(e))
if type(options) != dict:
return self._parent._failRequest(request, "invalid type for WAMP session open request [was {0}, expected dictionary]".format(type(options)))
if not 'protocols' in options:
return self._parent._failRequest(request, "missing attribute 'protocols' in WAMP session open request")
## determine the protocol to speak
##
protocol = None
for p in options['protocols']:
version, serializerId = parseSubprotocolIdentifier(p)
if version == 2 and serializerId in self._parent._serializers.keys():
serializer = self._parent._serializers[serializerId]
protocol = p
break
if protocol is None:
return self.__failRequest(request, "no common protocol to speak (I speak: {0})".format(["wamp.2.{}".format(s) for s in self._parent._serializers.keys()]))
## make up new transport ID
##
if self._parent._debug_session_id:
## use fixed transport ID for debugging purposes
transport = self._parent._debug_session_id
else:
transport = newid()
## create instance of WampLongPollResourceSession or subclass thereof ..
##
self._parent._transports[transport] = self._parent.protocol(self._parent, transport, serializer)
## create response
##
self._parent._setStandardHeaders(request)
request.setHeader('content-type', 'application/json; charset=utf-8')
result = {
'transport': transport,
'protocol': protocol
}
bytes = json.dumps(result)
if self._debug:
log.msg("WampLongPoll: new session created on transport '{0}'".format(transport))
return bytes
def _createAppCred(self, txn, spec):
"""
Create new application credential, runs in database transaction.
"""
attrs = {
"label": (True, [str, unicode], AppCreds.APPCRED_LABEL_MIN_LENGTH,
AppCreds.APPCRED_LABEL_MAX_LENGTH, None),
"key":
(True, [str, unicode], AppCreds.APPCRED_KEY_MIN_LENGTH,
AppCreds.APPCRED_KEY_MAX_LENGTH, AppCreds.APPCRED_KEY_PATTERN),
"secret": (True, [str,
unicode], AppCreds.APPCRED_SECRET_MIN_LENGTH,
AppCreds.APPCRED_SECRET_MAX_LENGTH,
AppCreds.APPCRED_SECRET_PATTERN)
}
errcnt, errs = self.proto.checkDictArg("appcred spec", spec, attrs)
txn.execute("SELECT created FROM appcredential WHERE key = ?",
[spec["key"]])
if txn.fetchone() is not None:
errs["key"].append(
(self.proto.shrink(URI_ERROR + "duplicate-value"),
"Application key '%s' already exists" % spec["key"]))
errcnt += 1
if errcnt:
raise Exception(
URI_ERROR + "illegal-argument",
"one or more illegal arguments (%d errors)" % errcnt, errs)
id = newid()
appcred_uri = URI_APPCRED + id
label = spec["label"].strip()
now = utcnow()
txn.execute(
"INSERT INTO appcredential (id, label, key, created, secret) VALUES (?, ?, ?, ?, ?)",
[id, label, spec["key"], now, spec["secret"]])
services = self.proto.factory.services
if services.has_key("restpusher"):
services["restpusher"].recache(txn)
if services.has_key("clientfilter"):
services["clientfilter"].recache(txn)
appcred = {
"uri": appcred_uri,
"created": now,
"label": label,
"key": spec["key"],
"secret": spec["secret"]
}
self.proto.dispatch(URI_EVENT + "on-appcred-created", appcred,
[self.proto])
appcred["uri"] = self.proto.shrink(appcred_uri)
return appcred
def _createAppCred(self, txn, spec):
"""
Create new application credential, runs in database transaction.
"""
attrs = {"label": (True,
[str, unicode],
AppCreds.APPCRED_LABEL_MIN_LENGTH,
AppCreds.APPCRED_LABEL_MAX_LENGTH,
None),
"key": (True,
[str, unicode],
AppCreds.APPCRED_KEY_MIN_LENGTH,
AppCreds.APPCRED_KEY_MAX_LENGTH,
AppCreds.APPCRED_KEY_PATTERN),
"secret": (True,
[str, unicode],
AppCreds.APPCRED_SECRET_MIN_LENGTH,
AppCreds.APPCRED_SECRET_MAX_LENGTH,
AppCreds.APPCRED_SECRET_PATTERN)}
errcnt, errs = self.proto.checkDictArg("appcred spec", spec, attrs)
txn.execute("SELECT created FROM appcredential WHERE key = ?", [spec["key"]])
if txn.fetchone() is not None:
errs["key"].append((self.proto.shrink(URI_ERROR + "duplicate-value"), "Application key '%s' already exists" % spec["key"]))
errcnt += 1
if errcnt:
raise Exception(URI_ERROR + "illegal-argument", "one or more illegal arguments (%d errors)" % errcnt, errs)
id = newid()
appcred_uri = URI_APPCRED + id
label = spec["label"].strip()
now = utcnow()
txn.execute("INSERT INTO appcredential (id, label, key, created, secret) VALUES (?, ?, ?, ?, ?)",
[id,
label,
spec["key"],
now,
spec["secret"]])
services = self.proto.factory.services
if services.has_key("restpusher"):
services["restpusher"].recache(txn)
if services.has_key("clientfilter"):
services["clientfilter"].recache(txn)
appcred = {"uri": appcred_uri,
"created": now,
"label": label,
"key": spec["key"],
"secret": spec["secret"]}
self.proto.dispatch(URI_EVENT + "on-appcred-created", appcred, [self.proto])
appcred["uri"] = self.proto.shrink(appcred_uri)
return appcred
def do(txn):
## verify that testrun exists and is not closed already
##
txn.execute("SELECT started, ended FROM testrun WHERE id = ?",
[runId])
res = txn.fetchone()
if res is None:
raise Exception("no such test run")
if res[1] is not None:
raise Exception("test run already closed")
## save test case results with foreign key to test run
##
id = newid()
now = utcnow()
ci = []
for i in xrange(5):
if len(testCase.index) > i:
ci.append(testCase.index[i])
else:
ci.append(0)
if saveLog:
log = result.log
else:
log = []
result.log = None
resultData = result.serialize()
txn.execute(
"""
INSERT INTO testresult
(id, testrun_id, inserted, testee, c1, c2, c3, c4, c5, duration, passed, result)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)
""", [
id, runId, now, testRun.testee.name, ci[0], ci[1], ci[2],
ci[3], ci[4], result.ended - result.started,
1 if result.passed else 0, resultData
])
## save test case log with foreign key to test result
##
if log:
lineno = 1
for l in log:
txn.execute(
"""
INSERT INTO testlog
(testresult_id, lineno, timestamp, sessionidx, sessionid, line)
VALUES (?, ?, ?, ?, ?, ?)
""", [id, lineno, l[0], l[1], l[2], l[3]])
lineno += 1
return id
def _createServiceKey(self, txn, label, keylength):
attrs = {
"label": (True, [str,
unicode], ServiceKeys.SERVICEKEY_LABEL_MIN_LENGTH,
ServiceKeys.SERVICEKEY_LABEL_MAX_LENGTH, None),
"keylength": (True, [int], [1024, 2048, 4096])
}
values = {"label": label, "keylength": keylength}
errcnt, errs = self.proto.checkDictArg("appcred spec", values, attrs)
if errcnt:
raise Exception(
URI_ERROR + "illegal-argument",
"one or more illegal arguments (%d errors)" % errcnt, errs)
## generate new RSA key
##
log.msg("generating new service key (length %d) .." %
values["keylength"])
(key_pem, key_pub_pem,
key_fingerprint) = generate_rsa_key(values["keylength"])
log.msg("new service key generated (length %d)" % values["keylength"])
## store new key
##
id = newid()
svckey_uri = URI_SERVICEKEY + id
now = utcnow()
txn.execute(
"INSERT INTO servicekey (id, created, label, key_priv, key_pub, key_length, key_fingerprint) VALUES (?, ?, ?, ?, ?, ?, ?)",
[
id, now, values["label"], key_pem, key_pub_pem,
values["keylength"], key_fingerprint
])
svckey = {
"uri": svckey_uri,
"created": now,
"label": values["label"],
"length": values["keylength"],
"fingerprint": key_fingerprint,
"public": key_pub_pem
}
self.proto.dispatch(URI_EVENT + "on-servicekey-created", svckey,
[self.proto])
svckey["uri"] = self.proto.shrink(svckey_uri)
return svckey
def onConnect(self, request):
protocol, headers = WampWebSocketServerProtocol.onConnect(
self, request)
## our cookie tracking ID
self._cbtid = None
## see if there already is a cookie set ..
if request.headers.has_key('cookie'):
try:
cookie = Cookie.SimpleCookie()
cookie.load(str(request.headers['cookie']))
except Cookie.CookieError:
pass
else:
if cookie.has_key('cbtid'):
cbtid = cookie['cbtid'].value
if self.factory._cookies.has_key(cbtid):
self._cbtid = cbtid
log.msg("Cookie already set: %s" % self._cbtid)
## if no cookie is set, create a new one ..
if self._cbtid is None:
self._cbtid = newid()
maxAge = 86400
cbtData = {
'created': utcnow(),
'authenticated': None,
'maxAge': maxAge,
'connections': set()
}
self.factory._cookies[self._cbtid] = cbtData
## do NOT add the "secure" cookie attribute! "secure" refers to the
## scheme of the Web page that triggered the WS, not WS itself!!
##
headers['Set-Cookie'] = 'cbtid=%s;max-age=%d' % (self._cbtid,
maxAge)
log.msg("Setting new cookie: %s" % self._cbtid)
## add this WebSocket connection to the set of connections
## associated with the same cookie
self.factory._cookies[self._cbtid]['connections'].add(self)
self._authenticated = self.factory._cookies[
self._cbtid]['authenticated']
## accept the WebSocket connection, speaking subprotocol `protocol`
## and setting HTTP headers `headers`
return (protocol, headers)
def _createServiceKey(self, txn, label, keylength):
attrs = {"label": (True,
[str, unicode],
ServiceKeys.SERVICEKEY_LABEL_MIN_LENGTH,
ServiceKeys.SERVICEKEY_LABEL_MAX_LENGTH,
None),
"keylength": (True,
[int],
[1024, 2048, 4096])}
values = {"label": label, "keylength": keylength}
errcnt, errs = self.proto.checkDictArg("appcred spec", values, attrs)
if errcnt:
raise Exception(URI_ERROR + "illegal-argument", "one or more illegal arguments (%d errors)" % errcnt, errs)
## generate new RSA key
##
log.msg("generating new service key (length %d) .." % values["keylength"])
(key_pem, key_pub_pem, key_fingerprint) = generate_rsa_key(values["keylength"])
log.msg("new service key generated (length %d)" % values["keylength"])
## store new key
##
id = newid()
svckey_uri = URI_SERVICEKEY + id
now = utcnow()
txn.execute("INSERT INTO servicekey (id, created, label, key_priv, key_pub, key_length, key_fingerprint) VALUES (?, ?, ?, ?, ?, ?, ?)",
[id,
now,
values["label"],
key_pem,
key_pub_pem,
values["keylength"],
key_fingerprint])
svckey = {"uri": svckey_uri,
"created": now,
"label": values["label"],
"length": values["keylength"],
"fingerprint": key_fingerprint,
"public": key_pub_pem}
self.proto.dispatch(URI_EVENT + "on-servicekey-created", svckey, [self.proto])
svckey["uri"] = self.proto.shrink(svckey_uri)
return svckey
def onConnect(self, request):
# This is called during the initial WebSocket opening handshake.
protocol, headers = None, {}
# our cookie tracking ID
self._cbtid = None
# see if there already is a cookie set ..
if 'cookie' in request.headers:
try:
cookie = Cookie.SimpleCookie()
cookie.load(str(request.headers['cookie']))
except Cookie.CookieError:
pass
else:
if 'cbtid' in cookie:
cbtid = cookie['cbtid'].value
if cbtid in self.factory._cookies:
self._cbtid = cbtid
log.msg("Cookie already set: %s" % self._cbtid)
# if no cookie is set, create a new one ..
if self._cbtid is None:
self._cbtid = newid()
maxAge = 86400
cbtData = {
'created': utcnow(),
'authenticated': None,
'maxAge': maxAge,
'connections': set()
}
self.factory._cookies[self._cbtid] = cbtData
# do NOT add the "secure" cookie attribute! "secure" refers to the
# scheme of the Web page that triggered the WS, not WS itself!!
##
headers['Set-Cookie'] = 'cbtid=%s;max-age=%d' % (self._cbtid,
maxAge)
log.msg("Setting new cookie: %s" % self._cbtid)
# add this WebSocket connection to the set of connections
# associated with the same cookie
self.factory._cookies[self._cbtid]['connections'].add(self)
# accept the WebSocket connection, speaking subprotocol `protocol`
# and setting HTTP headers `headers`
return (protocol, headers)
def onConnect(self, connectionRequest):
protocol, headers = WampCraServerProtocol.onConnect(self, connectionRequest)
#pprint(connectionRequest.headers)
ua = connectionRequest.headers.get('user-agent', None)
origin = connectionRequest.headers.get('origin', None)
## Crossbar.io Tracking ID
##
cbtid = None
if connectionRequest.headers.has_key('cookie'):
try:
cookie = Cookie.SimpleCookie()
cookie.load(str(connectionRequest.headers['cookie']))
except Cookie.CookieError:
pass
else:
if cookie.has_key('cbtid'):
_cbtid = cookie['cbtid'].value
if self.factory.trackingCookies.has_key(_cbtid):
cbtid = _cbtid
#log.msg("Crossbar.io tracking ID already in cookie: %s" % cbtid)
if cbtid is None:
cbtid = newid()
maxAge = 86400
cbtData = {'created': utcnow(),
'maxAge': maxAge,
'sessions': []}
self.factory.trackingCookies[cbtid] = cbtData
## do NOT add the "secure" cookie attribute! "secure" refers to the
## scheme of the Web page that triggered the WS, not WS itself!!
##
headers['Set-Cookie'] = 'cbtid=%s;max-age=%d' % (cbtid, maxAge)
#log.msg("Setting new Crossbar.io tracking ID in cookie: %s" % cbtid)
self._cbtid = cbtid
cbSessionData = {'cbtid': cbtid,
'ua': ua,
'origin': origin,
'connected': utcnow()}
i = len(self.factory.trackingCookies[cbtid]['sessions'])
self.factory.trackingCookies[cbtid]['sessions'].append(cbSessionData)
self._cbSession = self.factory.trackingCookies[cbtid]['sessions'][i]
return (protocol, headers)
def onConnect(self, request):
# This is called during the initial WebSocket opening handshake.
protocol, headers = None, {}
# our cookie tracking ID
self._cbtid = None
# see if there already is a cookie set ..
if 'cookie' in request.headers:
try:
cookie = Cookie.SimpleCookie()
cookie.load(str(request.headers['cookie']))
except Cookie.CookieError:
pass
else:
if 'cbtid' in cookie:
cbtid = cookie['cbtid'].value
if cbtid in self.factory._cookies:
self._cbtid = cbtid
log.msg("Cookie already set: %s" % self._cbtid)
# if no cookie is set, create a new one ..
if self._cbtid is None:
self._cbtid = newid()
maxAge = 86400
cbtData = {'created': utcnow(),
'authenticated': None,
'maxAge': maxAge,
'connections': set()}
self.factory._cookies[self._cbtid] = cbtData
# do NOT add the "secure" cookie attribute! "secure" refers to the
# scheme of the Web page that triggered the WS, not WS itself!!
##
headers['Set-Cookie'] = 'cbtid=%s;max-age=%d' % (self._cbtid, maxAge)
log.msg("Setting new cookie: %s" % self._cbtid)
# add this WebSocket connection to the set of connections
# associated with the same cookie
self.factory._cookies[self._cbtid]['connections'].add(self)
# accept the WebSocket connection, speaking subprotocol `protocol`
# and setting HTTP headers `headers`
return (protocol, headers)
def do(txn):
txn.execute("SELECT mode FROM testspec WHERE id = ? AND valid_to IS NULL", [specId])
res = txn.fetchone()
if res is None:
raise Exception("no such spec or spec not active")
mode = res[0]
if not mode in ITestDb.TESTMODES:
raise Exception("mode '%s' invalid or not implemented" % mode)
id = newid()
now = utcnow()
env = envinfo()
txn.execute("INSERT INTO testrun (id, testspec_id, env, started) VALUES (?, ?, ?, ?)", [id, specId, json.dumps(env), now])
return id
def subscribe(self, topic, handler):
"""
Subscribe to topic.
"""
while True:
subscribeid = newid()
if not self._subscribes.has_key(subscribeid):
break
d = Deferred()
self._subscribes[subscribeid] = (d, handler)
self.sendWampMessage(WampMessageSubscribe(subscribeid, topic))
return d
def subscribe(self, topic, handler):
"""
Subscribe to topic.
"""
while True:
subscribeid = newid()
if not self._subscribes.has_key(subscribeid):
break
d = Deferred()
self._subscribes[subscribeid] = (d, handler)
self.sendWampMessage(WampMessageSubscribe(subscribeid, topic))
return d
def onConnect(self, request):
protocol, headers = WampWebSocketServerProtocol.onConnect(self, request)
## our cookie tracking ID
self._cbtid = None
## see if there already is a cookie set ..
if request.headers.has_key('cookie'):
try:
cookie = Cookie.SimpleCookie()
cookie.load(str(request.headers['cookie']))
except Cookie.CookieError:
pass
else:
if cookie.has_key('cbtid'):
cbtid = cookie['cbtid'].value
if self.factory._cookies.has_key(cbtid):
self._cbtid = cbtid
log.msg("Cookie already set: %s" % self._cbtid)
## if no cookie is set, create a new one ..
if self._cbtid is None:
self._cbtid = newid()
maxAge = 86400
cbtData = {'created': utcnow(),
'authenticated': None,
'maxAge': maxAge,
'connections': set()}
self.factory._cookies[self._cbtid] = cbtData
## do NOT add the "secure" cookie attribute! "secure" refers to the
## scheme of the Web page that triggered the WS, not WS itself!!
##
headers['Set-Cookie'] = 'cbtid=%s;max-age=%d' % (self._cbtid, maxAge)
log.msg("Setting new cookie: %s" % self._cbtid)
## add this WebSocket connection to the set of connections
## associated with the same cookie
self.factory._cookies[self._cbtid]['connections'].add(self)
self._authenticated = self.factory._cookies[self._cbtid]['authenticated']
## accept the WebSocket connection, speaking subprotocol `protocol`
## and setting HTTP headers `headers`
return (protocol, headers)
def onHello(self, router_session, realm, details):
for authmethod in details.authmethods:
if authmethod == u"cookie":
debug("Attemping cookie login for %s..." % details.authid)
# Ideally, we would just check the cookie here, however
# the HELLO message does not have any extra fields to store
# it.
# This is not a real challenge. It is used for bookkeeping,
# however. We require to cookie owner to also know the
# correct authid, so we store what they think it is here.
# Create and store a one time challenge.
challenge = {
"authid": details.authid,
"authrole": u"user",
"authmethod": u"cookie",
"authprovider": u"cookie",
"session": details.pending_session,
"nonce": util.utcnow(),
"timestamp": util.newid()
}
router_session.challenge = challenge
# If the user does not exist, we should still return a
# consistent salt. This prevents the auth system from
# becoming a username oracle.
noise = hashlib.md5("super secret" + details.authid +
"more secret")
salt = noise.hexdigest()[:8]
databases = self.manager.services[
"sputnik.webserver.plugins.db"]
for db in databases:
result = yield db.lookup(details.authid)
if result is not None:
break
if result is not None:
salt = result['password'].split(":")[0]
# The client expects a unicode challenge string.
challenge = json.dumps(challenge, ensure_ascii=False)
extra = {u"challenge": challenge, u"salt": salt}
debug("Cookie challenge issued for %s." % details.authid)
returnValue(types.Challenge(u"cookie", extra))
def render_POST(self, request):
"""
Request to create a new WAMP session.
"""
self._parent.setStandardHeaders(request)
payload = request.content.read()
try:
options = json.loads(payload)
except Exception as e:
return self._failRequest(
request,
"could not parse WAMP session open request body [%s]" % e)
if type(options) != dict:
return self._failRequest(
request,
"invalid type for WAMP session open request [was '%s', expected dictionary]"
% type(options))
if not options.has_key('protocols'):
return self._failRequest(
request,
"missing attribute 'protocols' in WAMP session open request")
protocol = None
for p in options['protocols']:
version, serializerId = parseSubprotocolIdentifier(p)
if version == 2 and serializerId in self._parent._serializers.keys(
):
serializer = self._parent._serializers[serializerId]
protocol = p
break
request.setHeader('content-type', 'application/json; charset=utf-8')
transportid = newid()
## create instance of WampHttpResourceSession or subclass thereof ..
##
self._parent._transports[transportid] = self._parent.protocol(
self._parent, transportid, serializer)
ret = {'transport': transportid, 'protocol': protocol}
return json.dumps(ret)
def onOpen(self):
self._this_sessionid = newid()
self._peer_sessionid = None
self._subscriptions = {}
self._broker = None
self._peer_is_broker = False
self._calls = {}
self._dealer = None
self._peer_is_dealer = False
self._subscribes = {}
msg = WampMessageHello(self._this_sessionid)
bytes, isbinary = self._serializer.serialize(msg)
self.sendMessage(bytes, isbinary)
def save_image(self, data_url):
list = data_url.split(";")
img = list[1].split(",")[1]
file_ext = list[0].split("/")[1]
file_dir = self.factory.image_dir+"\\"
file_name = newid()
full_path = file_dir + file_name + "." + file_ext
with open(full_path,"wb") as image_file:
image_file.write(base64.b64decode(img))
thumb = ImageOps.fit(Image.open(full_path),(128,128),Image.ANTIALIAS)
thumb_path = file_dir + file_name + ".thumb" + "." + file_ext
thumb.save(thumb_path)
buffered = BytesIO()
thumb.save(buffered,file_ext)
encoded_string = base64.b64encode(buffered.getvalue())
msg = "data:image/%s;base64,%s" % (file_ext,encoded_string.decode("utf-8"))
return (msg,full_path,thumb_path)
def onOpen(self):
self._this_sessionid = newid()
self._peer_sessionid = None
self._subscriptions = {}
self._broker = None
self._peer_is_broker = False
self._calls = {}
self._dealer = None
self._peer_is_dealer = False
self._subscribes = {}
msg = WampMessageHello(self._this_sessionid)
bytes, isbinary = self._serializer.serialize(msg)
self.sendMessage(bytes, isbinary)
def test_non_depleting(self):
res = {}
with open('/dev/urandom', 'rb') as rng:
for i in range(1000):
for j in range(100):
# "reseed" (seems pointless, but ..)
random.seed()
# random UUIDs
v1 = uuid.uuid4() # noqa
# stdlib random
v2 = random.random() # noqa
v3 = random.getrandbits(32) # noqa
v4 = random.randint(0, 9007199254740992) # noqa
v5 = random.normalvariate(10, 100) # noqa
v6 = random.choice(range(100)) # noqa
# PyNaCl
v7 = utils.random(public.Box.NONCE_SIZE) # noqa
# Autobahn utils
v8 = util.generate_token(4, 4) # noqa
v9 = util.id() # noqa
v10 = util.rid() # noqa
v11 = util.newid() # noqa
# direct procfs access to PRNG
d = rng.read(1000) # noqa
# check available entropy
with open('/proc/sys/kernel/random/entropy_avail', 'r') as ent:
ea = int(ent.read()) // 100
if ea not in res:
res[ea] = 0
res[ea] += 1
skeys = sorted(res.keys())
print('\nsystem entropy depletion stats:')
for k in skeys:
print('{}: {}'.format(k, res[k]))
self.assertTrue(skeys[0] > 0)
def onHello(self, router_session, realm, details):
for authmethod in details.authmethods:
if authmethod == u"cookie":
debug("Attemping cookie login for %s..." % details.authid)
# Ideally, we would just check the cookie here, however
# the HELLO message does not have any extra fields to store
# it.
# This is not a real challenge. It is used for bookkeeping,
# however. We require to cookie owner to also know the
# correct authid, so we store what they think it is here.
# Create and store a one time challenge.
challenge = {"authid": details.authid,
"authrole": u"user",
"authmethod": u"cookie",
"authprovider": u"cookie",
"session": details.pending_session,
"nonce": util.utcnow(),
"timestamp": util.newid()}
router_session.challenge = challenge
# If the user does not exist, we should still return a
# consistent salt. This prevents the auth system from
# becoming a username oracle.
noise = hashlib.md5("super secret" + details.authid + "more secret")
salt = noise.hexdigest()[:8]
databases = self.manager.services["sputnik.webserver.plugins.db"]
for db in databases:
result = yield db.lookup(details.authid)
if result is not None:
break
if result is not None:
salt = result['password'].split(":")[0]
# The client expects a unicode challenge string.
challenge = json.dumps(challenge, ensure_ascii=False)
extra = {u"challenge": challenge,
u"salt": salt}
debug("Cookie challenge issued for %s." % details.authid)
returnValue(types.Challenge(u"cookie", extra))
def onSubscribe(self, proto, subscribe):
assert (proto in self._protos)
# if subscribe.topic.startswith("http://example.com/"):
# proto.sendWampMessage(WampMessageSubscribeError(subscribe.subscribeid, "http://api.wamp.ws/error#forbidden"))
# return
if not self._subscribers.has_key(subscribe.topic):
subscriptionid = newid()
self._subscribers[subscribe.topic] = (subscriptionid, set())
subscriptionid, subscribers = self._subscribers[subscribe.topic]
if not proto in subscribers:
subscribers.add(proto)
proto.sendWampMessage(
WampMessageSubscription(subscribe.subscribeid, subscriptionid))
def setupTests(self):
for server in self.factory.spec['servers']:
for size in self.factory.spec['sizes']:
id = newid()
test = {'uri': server['uri'].encode('utf8'),
'name': server['name'].encode('utf8'),
'count': size[0],
'quantile_count': self.factory.spec['options']['quantile_count'],
'timeout': size[2],
'binary': 'true' if size[3] else 'false',
'sync': 'true' if size[4] else 'false',
'rtts': 'true' if self.factory.spec['options']['rtts'] else 'false',
'correctness': 'exact' if size[5] else 'length',
'size': size[1],
'token': id}
self.tests.append(test)
self.testdefs[id] = test
sys.stdout.write("Running %d tests against %d servers: " % (len(self.factory.spec['sizes']), len(self.factory.spec['servers'])))
def onSubscribe(self, proto, subscribe):
assert(proto in self._protos)
# if subscribe.topic.startswith("http://example.com/"):
# proto.sendWampMessage(WampMessageSubscribeError(subscribe.subscribeid, "http://api.wamp.ws/error#forbidden"))
# return
if not self._subscribers.has_key(subscribe.topic):
subscriptionid = newid()
self._subscribers[subscribe.topic] = (subscriptionid, set())
subscriptionid, subscribers = self._subscribers[subscribe.topic]
if not proto in subscribers:
subscribers.add(proto)
proto.sendWampMessage(WampMessageSubscription(subscribe.subscribeid, subscriptionid))
def create(self):
"""
Create a new cookie, returning the cookie ID and cookie header value.
"""
# http://tools.ietf.org/html/rfc6265#page-20
# 0: delete cookie
# -1: preserve cookie until browser is closed
cbtid = util.newid(self._cookie_id_field_length)
# cookie tracking data
cbtData = {
# cookie ID
'cbtid': cbtid,
# UTC timestamp when the cookie was created
'created': util.utcnow(),
# maximum lifetime of the tracking/authenticating cookie
'max_age': self._cookie_max_age,
# when a cookie has been set, and the WAMP session
# was successfully authenticated thereafter, the latter
# auth info is store here
'authid': None,
'authrole': None,
'authrealm': None,
'authmethod': None,
'authextra': None,
}
self._cookies[cbtid] = cbtData
# set of WAMP transports (WebSocket connections) this
# cookie is currently used on
self._connections[cbtid] = set()
self.log.debug("New cookie {cbtid} created", cbtid=cbtid)
# do NOT add the "secure" cookie attribute! "secure" refers to the
# scheme of the Web page that triggered the WS, not WS itself!!
#
return cbtid, '%s=%s;max-age=%d' % (self._cookie_id_field, cbtid,
cbtData['max_age'])
def do(txn):
txn.execute(
"SELECT mode FROM testspec WHERE id = ? AND valid_to IS NULL",
[specId])
res = txn.fetchone()
if res is None:
raise Exception("no such spec or spec not active")
mode = res[0]
if not mode in ITestDb.TESTMODES:
raise Exception("mode '%s' invalid or not implemented" % mode)
id = newid()
now = utcnow()
env = envinfo()
txn.execute(
"INSERT INTO testrun (id, testspec_id, env, started) VALUES (?, ?, ?, ?)",
[id, specId, json.dumps(env), now])
return id
def call(self, *args):
"""
Call an endpoint.
"""
if len(args) < 1:
raise Exception("missing RPC endpoint URI")
endpoint = args[0]
while True:
callid = newid()
if not self._calls.has_key(callid):
break
msg = WampMessageCall(callid, endpoint, args=args[1:])
try:
bytes, isbinary = self._serializer.serialize(msg)
except Exception, e:
print "X" * 100, e
raise Exception("call argument(s) not serializable")
def call(self, *args):
"""
Call an endpoint.
"""
if len(args) < 1:
raise Exception("missing RPC endpoint URI")
endpoint = args[0]
while True:
callid = newid()
if not self._calls.has_key(callid):
break
msg = WampMessageCall(callid, endpoint, args = args[1:])
try:
bytes, isbinary = self._serializer.serialize(msg)
except Exception, e:
print "X"*100, e
raise Exception("call argument(s) not serializable")
def __init__(self, key, session, authid, authrole, authmethod, authprovider):
self.authid = authid
self.authrole = authrole
self.authmethod = authmethod
self.authprovider = authprovider
self.session = session
self.timestamp = util.utcnow()
self.nonce = util.newid()
challenge_obj = {
'authid': self.authid,
'authrole': self.authrole,
'authmethod': self.authmethod,
'authprovider': self.authprovider,
'session': self.session,
'nonce': self.nonce,
'timestamp': self.timestamp
}
self.challenge = json.dumps(challenge_obj)
self.signature = auth.compute_wcs(key, self.challenge)
def __init__(self, key, session, authid, authrole, authmethod, authprovider):
self.authid = authid
self.authrole = authrole
self.authmethod = authmethod
self.authprovider = authprovider
self.session = session
self.timestamp = util.utcnow()
self.nonce = util.newid()
challenge_obj = {
'authid': self.authid,
'authrole': self.authrole,
'authmethod': self.authmethod,
'authprovider': self.authprovider,
'session': self.session,
'nonce': self.nonce,
'timestamp': self.timestamp
}
self.challenge = json.dumps(challenge_obj)
self.signature = auth.compute_wcs(key, self.challenge)
def create(self):
"""
Create a new cookie, returning the cookie ID and cookie header value.
"""
# http://tools.ietf.org/html/rfc6265#page-20
# 0: delete cookie
# -1: preserve cookie until browser is closed
cbtid = util.newid(self._cookie_id_field_length)
# cookie tracking data
cbtData = {
# UTC timestamp when the cookie was created
'created': util.utcnow(),
# maximum lifetime of the tracking/authenticating cookie
'max_age': self._cookie_max_age,
# when a cookie has been set, and the WAMP session
# was successfully authenticated thereafter, the latter
# auth info is store here
'authid': None,
'authrole': None,
'authrealm': None,
'authmethod': None,
'authextra': None,
# set of WAMP transports (WebSocket connections) this
# cookie is currently used on
'connections': set()
}
self._cookies[cbtid] = cbtData
self.log.debug("New cookie {cbtid} created", cbtid=cbtid)
# do NOT add the "secure" cookie attribute! "secure" refers to the
# scheme of the Web page that triggered the WS, not WS itself!!
#
return cbtid, '%s=%s;max-age=%d' % (self._cookie_id_field, cbtid, cbtData['max_age'])
def __init__(self, key, session, authid, authrole, authmethod, authprovider, uid):
self.authid = authid
self.authrole = authrole
self.authmethod = authmethod
self.authprovider = authprovider
self.uid = uid
self.session = session
self.timestamp = util.utcnow()
self.nonce = util.newid()
challenge_obj = {
'authid': self.authid,
'authrole': self.authrole,
'authmethod': self.authmethod,
'authprovider': self.authprovider,
'session': self.session,
'nonce': self.nonce,
'timestamp': self.timestamp
}
self.challenge = json.dumps(challenge_obj, ensure_ascii = False)
self.signature = auth.compute_wcs(key.encode('utf8'), self.challenge.encode('utf8')).decode('ascii')
def __init__(self, session, authid, authrole, authprovider, secret):
"""
:param session: The WAMP session ID of the session being authenticated.
:type session: int
:param authid: The authentication ID of the authenticating principal.
:type authid: unicode
:param authrole: The role under which the principal will be authenticated when
the authentication succeeds.
:type authrole: unicode
:param authprovider: Optional authentication provider.
:type authprovider: unicode or None
:param secret: The secret of the principal being authenticated. Either a password
or a salted password.
:type secret: str
"""
self.session = session
self.authmethod = u"wampcra"
self.authid = authid
self.authrole = authrole
self.authprovider = authprovider
challenge_obj = {
'authid': self.authid,
'authrole': self.authrole,
'authmethod': u'wampcra',
'authprovider': self.authprovider,
'session': self.session,
'nonce': util.newid(),
'timestamp': util.utcnow()
}
self.challenge = json.dumps(challenge_obj, ensure_ascii=False)
# Sometimes, if it doesn't have to be Unicode, PyPy won't make it
# Unicode. Make it Unicode, even if it's just ASCII.
if not isinstance(self.challenge, six.text_type):
self.challenge = self.challenge.decode('utf8')
self.signature = auth.compute_wcs(secret, self.challenge.encode('utf8')).decode('ascii')
def render_POST(self, request):
"""
Request to create a new WAMP session.
"""
self._parent.setStandardHeaders(request)
payload = request.content.read()
try:
options = json.loads(payload)
except Exception as e:
return self._failRequest(request, "could not parse WAMP session open request body [%s]" % e)
if type(options) != dict:
return self._failRequest(request, "invalid type for WAMP session open request [was '%s', expected dictionary]" % type(options))
if not options.has_key('protocols'):
return self._failRequest(request, "missing attribute 'protocols' in WAMP session open request")
protocol = None
for p in options['protocols']:
version, serializerId = parseSubprotocolIdentifier(p)
if version == 2 and serializerId in self._parent._serializers.keys():
serializer = self._parent._serializers[serializerId]
protocol = p
break
request.setHeader('content-type', 'application/json; charset=utf-8')
transportid = newid()
## create instance of WampHttpResourceSession or subclass thereof ..
##
self._parent._transports[transportid] = self._parent.protocol(self._parent, transportid, serializer)
ret = {'transport': transportid, 'protocol': protocol}
return json.dumps(ret)
def __init__(self, session, authid, authrole, authprovider, verify_key):
"""
:param session: The WAMP session ID of the session being authenticated.
:type session: int
:param authid: The authentication ID of the authenticating principal.
:type authid: unicode
:param authrole: The role under which the principal will be authenticated when
the authentication succeeds.
:type authrole: unicode
:param authprovider: Optional authentication provider.
:type authprovider: unicode or None
:param verify_key: Hex representation of (public) verification key (64 chars for 32-byte value).
:type verify_key: unicode
"""
self.session = session
self.authid = authid
self.authrole = authrole
self.authprovider = authprovider
self.verify_key = verify_key
self._verify_key = nacl.signing.VerifyKey(verify_key, encoder=nacl.encoding.HexEncoder)
challenge_obj = {
'authid': self.authid,
'authrole': self.authrole,
'authmethod': self.authmethod,
'authprovider': self.authprovider,
'session': self.session,
'nonce': util.newid(64),
'timestamp': util.utcnow()
}
self.challenge = json.dumps(challenge_obj, ensure_ascii=False)
# Sometimes, if it doesn't have to be Unicode, PyPy won't make it
# Unicode. Make it Unicode, even if it's just ASCII.
if not isinstance(self.challenge, six.text_type):
self.challenge = self.challenge.decode('utf8')
def do(txn):
data = json.dumps(spec, ensure_ascii = False, allow_nan = False, separators = (',', ':'), indent = None)
now = utcnow()
id = newid()
txn.execute("SELECT id, spec FROM testspec WHERE name = ? AND valid_to IS NULL", [name])
res = txn.fetchone()
op = None
if res is not None:
currId, currSpec = res
if currSpec == data:
return (op, currId, name)
else:
beforeId = currId
op = 'U'
txn.execute("UPDATE testspec SET valid_to = ? WHERE id = ?", [now, currId])
else:
beforeId = None
op = 'I'
txn.execute("INSERT INTO testspec (id, before_id, valid_from, name, desc, mode, caseset, spec) VALUES (?, ?, ?, ?, ?, ?, ?, ?)", [id, beforeId, now, name, desc, mode, caseset, data])
return (op, id, name)
def __init__(self, key, session, authid, authrole, authmethod,
authprovider, uid):
self.authid = authid
self.authrole = authrole
self.authmethod = authmethod
self.authprovider = authprovider
self.uid = uid
self.session = session
self.timestamp = util.utcnow()
self.nonce = util.newid()
challenge_obj = {
'authid': self.authid,
'authrole': self.authrole,
'authmethod': self.authmethod,
'authprovider': self.authprovider,
'session': self.session,
'nonce': self.nonce,
'timestamp': self.timestamp
}
self.challenge = json.dumps(challenge_obj, ensure_ascii=False)
self.signature = auth.compute_wcs(
key.encode('utf8'), self.challenge.encode('utf8')).decode('ascii')
def create(self) -> Tuple[str, str]:
"""
Create and store a new cookie (unauthenticated) in the database.
:return: A pair with Cookie value (ID, ``cbtid``) and complete Cookie HTTP header value.
"""
# create new cookie
cookie = cookiestore.Cookie()
cookie.oid = uuid.uuid4()
cookie.created = np.datetime64(time_ns(), 'ns')
cookie.max_age = self._cookie_max_age
cookie.name = self._cookie_id_field
cookie.value = util.newid(self._cookie_id_field_length)
# write cookie to database
with self._db.begin(write=True) as txn:
self._schema.cookies[txn, cookie.oid] = cookie
self.log.info('{func} new cookie {cbtid} stored in database',
func=hltype(self.create),
cbtid=cookie.value)
return cookie.value, '%s=%s;max-age=%d' % (cookie.name, cookie.value,
cookie.max_age)
def _compute_challenge(self, user):
"""
Returns: challenge, signature
"""
challenge_obj = {
u'authid': self._authid,
u'authrole': self._authrole,
u'authmethod': self._authmethod,
u'authprovider': self._authprovider,
u'session': self._session_details[u'session'],
u'nonce': util.newid(64),
u'timestamp': util.utcnow()
}
challenge = json.dumps(challenge_obj, ensure_ascii=False)
# Sometimes, if it doesn't have to be Unicode, PyPy won't make it
# Unicode. Make it Unicode, even if it's just ASCII.
if not isinstance(challenge, six.text_type):
challenge = challenge.decode('utf8')
secret = user['secret'].encode('utf8')
signature = auth.compute_wcs(secret, challenge.encode('utf8')).decode('ascii')
# extra data to send to client in CHALLENGE
extra = {
u'challenge': challenge
}
# when using salted passwords, provide the client with
# the salt and then PBKDF2 parameters used
if 'salt' in user:
extra[u'salt'] = user['salt']
extra[u'iterations'] = user.get('iterations', 1000)
extra[u'keylen'] = user.get('keylen', 32)
return extra, signature
def render_POST(self, request):
"""
Request to create a new WAMP session.
"""
self.log.debug("WampLongPoll: creating new session ..")
payload = request.content.read()
try:
options = json.loads(payload)
except Exception as e:
return self._parent._failRequest(
request,
"could not parse WAMP session open request body: {0}".format(
e))
if type(options) != dict:
return self._parent._failRequest(
request,
"invalid type for WAMP session open request [was {0}, expected dictionary]"
.format(type(options)))
if u'protocols' not in options:
return self._parent._failRequest(
request,
"missing attribute 'protocols' in WAMP session open request")
# determine the protocol to speak
#
protocol = None
serializer = None
for p in options[u'protocols']:
version, serializerId = parseSubprotocolIdentifier(p)
if version == 2 and serializerId in self._parent._serializers.keys(
):
serializer = self._parent._serializers[serializerId]
protocol = p
break
if protocol is None:
return self.__failRequest(
request, "no common protocol to speak (I speak: {0})".format([
"wamp.2.{0}".format(s)
for s in self._parent._serializers.keys()
]))
# make up new transport ID
#
if self._parent._debug_transport_id:
# use fixed transport ID for debugging purposes
transport = self._parent._debug_transport_id
else:
transport = newid()
# this doesn't contain all the info (when a header key appears multiple times)
# http_headers_received = request.getAllHeaders()
http_headers_received = {}
for key, values in request.requestHeaders.getAllRawHeaders():
if key not in http_headers_received:
http_headers_received[key] = []
http_headers_received[key].extend(values)
transport_details = {
u'transport': transport,
u'serializer': serializer,
u'protocol': protocol,
u'peer': request.getClientIP(),
u'http_headers_received': http_headers_received,
u'http_headers_sent': None
}
# create instance of WampLongPollResourceSession or subclass thereof ..
#
self._parent._transports[transport] = self._parent.protocol(
self._parent, transport_details)
# create response
#
self._parent._setStandardHeaders(request)
request.setHeader(b'content-type', b'application/json; charset=utf-8')
result = {u'transport': transport, u'protocol': protocol}
payload = json.dumps(result)
self.log.debug(
"WampLongPoll: new session created on transport '{0}'".format(
transport))
return payload
def onOpen(self):
self.pp = pprint.PrettyPrinter(indent = 3)
self.slaveConnected = False
self.slaveId = newid()
def start(self, runtime=10):
"""
Start profiling with VMprof for the given duration.
"""
if self._state != Profiler.STATE_STOPPED:
raise Exception("profile currently not stopped - cannot start")
self._profile_filename = os.path.join(
self._profile_dir,
"cb_vmprof_{}_{}.dat".format(os.getpid(), utcnow()))
profile_fd = os.open(self._profile_filename,
os.O_RDWR | os.O_CREAT | os.O_TRUNC)
vmprof.enable(profile_fd, period=0.01)
self._state = Profiler.STATE_RUNNING
self._finished = Deferred()
self._profile_id = newid()
# this will run on a background thread
def convert_profile(profile_filename):
self.log.info(
"Converting profile file {}".format(profile_filename))
try:
stats = vmprof.read_profile(profile_filename,
virtual_only=True,
include_extra_info=True)
except Exception:
self.log.error(
"Fatal: could not read vmprof profile file '{fname}': {log_failure.value}",
fname=profile_filename,
)
raise
tree = stats.get_tree()
total = float(tree.count)
res = []
def process_node(parent, node, level):
parent_name = parent.name if parent else None
perc = round(100. * float(node.count) / total, 1)
if parent and parent.count:
perc_of_parent = round(
100. * float(node.count) / float(parent.count), 1)
else:
perc_of_parent = 100.
parts = node.name.count(':')
if parts == 3:
block_type, funname, funline, filename = node.name.split(
':')
res.append({
u'type':
u'py',
u'level':
level,
u'parent':
parent_name,
u'fun':
funname,
u'filename':
filename,
u'dirname':
os.path.dirname(filename),
u'basename':
os.path.basename(filename),
u'line':
funline,
u'perc':
perc,
u'perc_of_parent':
perc_of_parent,
u'count':
node.count,
u'parent_count':
parent.count if parent else None,
})
elif parts == 1:
block_type, funname = node.name.split(':')
res.append({
u'type':
u'jit',
u'level':
level,
u'parent':
parent_name,
u'fun':
funname,
u'perc':
perc,
u'perc_of_parent':
perc_of_parent,
u'count':
node.count,
u'parent_count':
parent.count if parent else None,
})
else:
raise Exception("fail!")
self._walk_tree(None, tree, 0, process_node)
return res
def finish_profile():
vmprof.disable()
self.log.info("Profile created under {filename}",
filename=self._profile_filename)
# now defer to thread conversion
d = deferToThread(convert_profile, self._profile_filename)
def on_profile_converted(res):
self.log.info(
"Profile data with {count} log entries generated",
count=len(res))
self._finished.callback(res)
def on_profile_conversaion_failed(err):
self.log.failure("profile conversion failed", failure=err)
self._finished.errback(err)
d.addCallbacks(on_profile_converted,
on_profile_conversaion_failed)
def cleanup(res):
# reset state
self._state = Profiler.STATE_STOPPED
self._profile_filename = None
self._started = None
self._finished = None
self._profile_id = None
d.addBoth(cleanup)
self.log.info(
"Starting profiling using {profiler} for {runtime} seconds.",
profiler=self._id,
runtime=runtime)
reactor.callLater(runtime, finish_profile)
return self._profile_id, self._finished
