def process_request(self, request): #PROTECT_LIST = PROTECT_LIST.append('/session_token/') prt_list = PROTECT_LIST + ['/session_token/'] if not (request.path in prt_list): return None prefix = 'HTTP_' + Message.prefix if not (prefix + 'CERTIFICATEID' in request.META): return None cert_id = request.META[prefix + 'CERTIFICATEID'] try: certificate = DjangoCertificateModel.get(cert_id) except: certificate = None res = HttpResponse('Bad client certificate id.') res.status_code = 403 return res self.client_certificate = certificate url = request.build_absolute_uri() request_msg = InboundMessage.from_message_data( url=request.build_absolute_uri(), headers_dict=request.META, payload=request.body, certificate=certificate, local_private_key=SERVER_PRIVATE_KEY, is_request=True, headers_prefix='HTTP_') sig_result = request_msg.verify_signature() if sig_result == False: res = HttpResponse('Bad Signature.') res.status_code = 403 return res else: request_msg.decrypt() (headers, content) = request_msg.to_message_data() if not request.path.endswith('/session_token/'): try: token_length = 32 + len(cert_id) session_token = content[:token_length] st_obj = SessionToken.objects.get( certificate=certificate.model, url=url, token=session_token) except: res = HttpResponse('Bad session token.') res.status_code = 403 return res content = content[token_length:] st_obj.delete() logging.info('Request headers %s' % json.dumps(headers)) request.securest_decrypted = json.loads(content)
def _handle_response(self, response_obj): if response_obj.status_code == 200: # handle response here (verify, decrypt, etc.) rm = InboundMessage.from_message_data( headers_dict=response_obj.headers, payload=response_obj.text.decode('hex'), local_private_key=self.private_key, headers_prefix='', is_request=False, certificate=self.server_certificate, url='') try: rm.decrypt() except: return (403, response_obj.headers, 'Content cannot be decrypted.') (headers, content) = rm.to_message_data() return (200, headers, content) else: return (response_obj.status_code, response_obj.headers, response_obj.text)