def test_cookie_tampering_future_timestamp(self): handler = CookieTestRequestHandler() # this string base64-encodes to '12345678' handler.set_secure_cookie('foo', binascii.a2b_hex(b'd76df8e7aefc')) cookie = handler._cookies['foo'] match = re.match(br'12345678\|([0-9]+)\|([0-9a-f]+)', cookie) self.assertTrue(match) timestamp = match.group(1) sig = match.group(2) self.assertEqual( _create_signature(handler.application.settings["cookie_secret"], 'foo', '12345678', timestamp), sig) # shifting digits from payload to timestamp doesn't alter signature # (this is not desirable behavior, just confirming that that's how it # works) self.assertEqual( _create_signature(handler.application.settings["cookie_secret"], 'foo', '1234', b'5678' + timestamp), sig) # tamper with the cookie handler._cookies['foo'] = utf8('1234|5678%s|%s' % ( to_basestring(timestamp), to_basestring(sig))) # it gets rejected with ExpectLog(gen_log, "Cookie timestamp in future"): self.assertTrue(handler.get_secure_cookie('foo') is None)
def test_cookie_tampering_future_timestamp(self): handler = CookieTestRequestHandler() # this string base64-encodes to '12345678' handler.set_secure_cookie('foo', binascii.a2b_hex(b('d76df8e7aefc'))) cookie = handler._cookies['foo'] match = re.match(b(r'12345678\|([0-9]+)\|([0-9a-f]+)'), cookie) self.assertTrue(match) timestamp = match.group(1) sig = match.group(2) self.assertEqual( _create_signature(handler.application.settings["cookie_secret"], 'foo', '12345678', timestamp), sig) # shifting digits from payload to timestamp doesn't alter signature # (this is not desirable behavior, just confirming that that's how it # works) self.assertEqual( _create_signature(handler.application.settings["cookie_secret"], 'foo', '1234', b('5678') + timestamp), sig) # tamper with the cookie handler._cookies['foo'] = utf8('1234|5678%s|%s' % ( to_basestring(timestamp), to_basestring(sig))) # it gets rejected self.assertTrue(handler.get_secure_cookie('foo') is None)
def handle_stream(self, stream, address): self.selected_db = 0 self._stream = stream CRLF = b'\r\n' n_args = yield gen.Task(stream.read_until, CRLF) n_args = to_basestring(n_args) while n_args and n_args[0] == '*': yield gen.Task(stream.read_until, CRLF) command = yield gen.Task(stream.read_until, CRLF) command = to_basestring(command) # Read command arguments arg_num = int(n_args.strip()[1:]) - 1 if arg_num > 0: for __ in range(0, arg_num): # read the $N line yield gen.Task(stream.read_until, CRLF) # read the argument line arg = yield gen.Task(stream.read_until, CRLF) arg = to_basestring(arg) if command == 'SELECT\r\n': self.selected_db = int(arg.strip()) stream.write(b'+OK\r\n') # Read the next command n_args = yield gen.Task(stream.read_until, CRLF) n_args = to_basestring(n_args)
def _oauth_request_parameters(self, url, access_token, parameters={}, method="GET"): """Returns the OAuth parameters as a dict for the given request. parameters should include all POST arguments and query string arguments that will be sent with the request. """ consumer_token = self._oauth_consumer_token() base_args = dict( oauth_consumer_key=escape.to_basestring(consumer_token["key"]), oauth_token=escape.to_basestring(access_token["key"]), oauth_signature_method="HMAC-SHA1", oauth_timestamp=str(int(time.time())), oauth_nonce=escape.to_basestring(binascii.b2a_hex(uuid.uuid4().bytes)), oauth_version="1.0", ) args = {} args.update(base_args) args.update(parameters) if getattr(self, "_OAUTH_VERSION", "1.0a") == "1.0a": signature = _oauth10a_signature(consumer_token, method, url, args, access_token) else: signature = _oauth_signature(consumer_token, method, url, args, access_token) base_args["oauth_signature"] = escape.to_basestring(signature) return base_args
def _oauth_request_token_url(self, callback_uri=None, extra_params=None): consumer_token = self._oauth_consumer_token() url = self._OAUTH_REQUEST_TOKEN_URL args = dict( oauth_consumer_key=escape.to_basestring(consumer_token["key"]), oauth_signature_method="HMAC-SHA1", oauth_timestamp=str(int(time.time())), oauth_nonce=escape.to_basestring( binascii.b2a_hex(uuid.uuid4().bytes)), oauth_version=getattr(self, "_OAUTH_VERSION", "1.0a"), ) if getattr(self, "_OAUTH_VERSION", "1.0a") == "1.0a": if callback_uri == "oob": args["oauth_callback"] = "oob" elif callback_uri: args["oauth_callback"] = urlparse.urljoin( self.request.full_url(), callback_uri) if extra_params: args.update(extra_params) signature = _oauth10a_signature(consumer_token, "GET", url, args) else: signature = _oauth_signature(consumer_token, "GET", url, args) args["oauth_signature"] = signature x = url + "?" + urllib.urlencode(args) print "XXX", x return x
def _oauth_request_token_url( self, callback_uri: Optional[str] = None, extra_params: Optional[Dict[str, Any]] = None, ) -> str: handler = cast(RequestHandler, self) consumer_token = self._oauth_consumer_token() url = self._OAUTH_REQUEST_TOKEN_URL # type: ignore args = dict( oauth_consumer_key=escape.to_basestring(consumer_token["key"]), oauth_signature_method="HMAC-SHA1", oauth_timestamp=str(int(time.time())), oauth_nonce=escape.to_basestring( binascii.b2a_hex(uuid.uuid4().bytes)), oauth_version="1.0", ) if getattr(self, "_OAUTH_VERSION", "1.0a") == "1.0a": if callback_uri == "oob": args["oauth_callback"] = "oob" elif callback_uri: args["oauth_callback"] = urllib.parse.urljoin( handler.request.full_url(), callback_uri) if extra_params: args.update(extra_params) signature = _oauth10a_signature(consumer_token, "GET", url, args) else: signature = _oauth_signature(consumer_token, "GET", url, args) args["oauth_signature"] = signature return url + "?" + urllib.parse.urlencode(args)
async def get(self): args = self.request.arguments url = to_basestring(args.get('url')[0]) selector = to_basestring(args.get('selector')[0]) if args is None: self.finish(None) return if not urlparse(url).scheme: url = 'http://' + url headers = { 'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5)' } http_client = AsyncHTTPClient() response = await http_client.fetch(url, headers=headers) soup = BeautifulSoup(response.body, features="html.parser") selection = soup.body if selector: selection = soup.select(selector) if not selection: self.finish(None) return elif isinstance(selection, Tag): selection = [selection] data = ' '.join([tag.get_text() for tag in selection]) self.finish({ 'data': data, 'counts': get_counts(data), })
def _oauth_access_token_url(self, request_token: Dict[str, Any]) -> str: consumer_token = self._oauth_consumer_token() url = self._OAUTH_ACCESS_TOKEN_URL # type: ignore args = dict( oauth_consumer_key=escape.to_basestring(consumer_token["key"]), oauth_token=escape.to_basestring(request_token["key"]), oauth_signature_method="HMAC-SHA1", oauth_timestamp=str(int(time.time())), oauth_nonce=escape.to_basestring(binascii.b2a_hex(uuid.uuid4().bytes)), oauth_version="1.0", ) if "verifier" in request_token: args["oauth_verifier"] = request_token["verifier"] if getattr(self, "_OAUTH_VERSION", "1.0a") == "1.0a": signature = _oauth10a_signature( consumer_token, "GET", url, args, request_token ) else: signature = _oauth_signature( consumer_token, "GET", url, args, request_token ) args["oauth_signature"] = signature return url + "?" + urllib.parse.urlencode(args)
def _oauth_request_token_url(self, callback_uri=None, extra_params=None): consumer_token = self._oauth_consumer_token() url = self._OAUTH_REQUEST_TOKEN_URL args = dict( oauth_consumer_key=escape.to_basestring(consumer_token["key"]), oauth_signature_method="HMAC-SHA1", oauth_timestamp=str(int(time.time())), oauth_nonce=escape.to_basestring(binascii.b2a_hex(uuid.uuid4().bytes)), oauth_version=getattr(self, "_OAUTH_VERSION", "1.0a"), ) if getattr(self, "_OAUTH_VERSION", "1.0a") == "1.0a": if callback_uri == "oob": args["oauth_callback"] = "oob" elif callback_uri: args["oauth_callback"] = urlparse.urljoin( self.request.full_url(), callback_uri) if extra_params: args.update(extra_params) signature = _oauth10a_signature(consumer_token, "GET", url, args) else: signature = _oauth_signature(consumer_token, "GET", url, args) args["oauth_signature"] = signature x = url + "?" + urllib.urlencode(args) print "XXX", x return x
def _oauth_request_token_url( self, callback_uri: str = None, extra_params: Dict[str, Any] = None ) -> str: handler = cast(RequestHandler, self) consumer_token = self._oauth_consumer_token() url = self._OAUTH_REQUEST_TOKEN_URL # type: ignore args = dict( oauth_consumer_key=escape.to_basestring(consumer_token["key"]), oauth_signature_method="HMAC-SHA1", oauth_timestamp=str(int(time.time())), oauth_nonce=escape.to_basestring(binascii.b2a_hex(uuid.uuid4().bytes)), oauth_version="1.0", ) if getattr(self, "_OAUTH_VERSION", "1.0a") == "1.0a": if callback_uri == "oob": args["oauth_callback"] = "oob" elif callback_uri: args["oauth_callback"] = urllib.parse.urljoin( handler.request.full_url(), callback_uri ) if extra_params: args.update(extra_params) signature = _oauth10a_signature(consumer_token, "GET", url, args) else: signature = _oauth_signature(consumer_token, "GET", url, args) args["oauth_signature"] = signature return url + "?" + urllib.parse.urlencode(args)
def _oauth_request_parameters( self, url: str, access_token: Dict[str, Any], parameters: Dict[str, Any] = {}, method: str = "GET", ) -> Dict[str, Any]: """Returns the OAuth parameters as a dict for the given request. parameters should include all POST arguments and query string arguments that will be sent with the request. """ consumer_token = self._oauth_consumer_token() base_args = dict( oauth_consumer_key=escape.to_basestring(consumer_token["key"]), oauth_token=escape.to_basestring(access_token["key"]), oauth_signature_method="HMAC-SHA1", oauth_timestamp=str(int(time.time())), oauth_nonce=escape.to_basestring( binascii.b2a_hex(uuid.uuid4().bytes)), oauth_version="1.0", ) args = {} args.update(base_args) args.update(parameters) if getattr(self, "_OAUTH_VERSION", "1.0a") == "1.0a": signature = _oauth10a_signature(consumer_token, method, url, args, access_token) else: signature = _oauth_signature(consumer_token, method, url, args, access_token) base_args["oauth_signature"] = escape.to_basestring(signature) return base_args
def get_request_data(self): """ 获取请求数据。 客户端请求需在请求体中包含 data 属性,例如 $.ajax({url: url, data: {data: some_obj}... """ if 'data' not in self.request.body_arguments: body = b'{"data":' in self.request.body and json_util.loads( to_basestring(self.request.body)).get('data') else: body = json_util.loads( to_basestring(self.get_body_argument('data'))) return body or {}
def _parse_json(handler): if request_arg is None: s = to_basestring(handler.request.body) else: arg = handler.get_argument(request_arg, None) if arg is None and not optional_request_arg: raise HTTPError(400, "Argument missing: {}".format(request_arg)) s = to_basestring(arg) return parse_json( s, underscore_case=underscore_case, object_dict_wrapper=object_dict_wrapper) if s else None
def parse_body(self): content_type = self.get_content_type() if content_type == 'application/graphql': return {'query': to_basestring(self.request.body)} elif content_type == 'application/json': try: request_json = json_decode(self.request.body) except Exception as e: raise HttpBadRequestError( 'The received data is not a valid JSON query.', reason=str(e)) if self.batch: assert isinstance(request_json, list), ( 'Batch requests should receive a list, but received {}.' ).format(repr(request_json)) assert len(request_json) > 0, ( 'Received an empty list in the batch request.') else: assert isinstance( request_json, dict), ('The received data is not a valid JSON query.') return request_json elif content_type in ('application/x-www-form-urlencoded', 'multipart/form-data'): return { k: self.decode_argument(v[0]) for k, v in self.request.arguments.items() } return {}
def post(self): uid = self.get_current_user(info=False) if not uid: self.return_json_by_num('002', finish=True) return page = self.get_argument('page', 1) user_activity = UserActivity() total = user_activity.getActivityTotalByUid(uid) #分页 page_obj = Page(total_entries=int(total), entries_per_page=int(options.page_limit['activity_limit']), current_page=page) page_obj.current_page(page) user_activity_list = user_activity.getActivities(uid, page_obj.current_page()) if not user_activity_list: self.return_json_by_num('054', finish=True) return page_str = page_obj.getPageStr('/ucenter/userActs') self._context.page_str = page_str self._context.page_class = 'pagination pagination-sm' self._context.page_style = 'margin:0px;' user_activities = {'code': 'success'} user_activities["res"] = escape.to_basestring(self.render_string("ucenter/include/activity_list.html", user_activity_list=user_activity_list)) self.write(user_activities) self.finish() return
def _handle_response(r, handle_response, handle_error, binary_res, params_for_handler): if r.error: return handle_error(r.error) else: try: sc = r.headers._dict.get('Set-Cookie') if hasattr(r.headers, '_dict') else r.headers.get('Set-Cookie') if sc: text = native_str(sc) text = re.sub(r'Path=/(,)?', '', text) global_cookie.update(Cookie.SimpleCookie(text)) while True: global_cookie.update(Cookie.SimpleCookie(text)) if ',' not in text: break text = text[text.find(',') + 1:] if binary_res and r.body: return handle_response(r.body, **params_for_handler) else: try: body = str(r.body, encoding='utf-8').strip() except UnicodeDecodeError: body = str(r.body, encoding='gb18030').strip() except TypeError: body = to_basestring(r.body).strip() return _handle_body(body, params_for_handler, handle_response, handle_error) except ValueError as err: return handle_error(str(err)) except Exception as err: # err = '错误(%s): %s' % (err.__class__.__name__, str(err)) traceback.print_exc() return handle_error(err)
def b64_decode(val): val = utf8(val) result = base64.b64decode(val) return to_basestring(result)
def __repr__(self): identity = inspect(self).identity if identity is None: pk = "(transient {0})".format(id(self)) else: pk = ', '.join(to_basestring(value) for value in identity) return '<{0} {1}>'.format(type(self).__name__, pk)
def _parse_json(request): s = to_basestring(request.body) if underscore_case: json_dict = json.loads(s, object_hook=_process_camel_case) else: json_dict = json.loads(s) return ObjectDict(json_dict)
def process_data(self, data, cmd_line): data = to_basestring(data) data = data[:-2] # strip \r\n if data == '$-1': response = None elif data == '*0' or data == '*-1': response = [] else: head, tail = data[0], data[1:] if head == '*': return partial(self.consume_multibulk, int(tail), cmd_line) elif head == '$': return partial(self._consume_bulk, tail) elif head == '+': response = tail elif head == ':': response = int(tail) elif head == '-': if tail.startswith('ERR'): tail = tail[4:] response = ResponseError(tail, cmd_line) else: raise ResponseError('Unknown response type %s' % head, cmd_line) return response
def callback(r): if r.error: if handle_error: handle_error(r.error) else: self.render('_error.html', code=500, message='错误1: ' + str(r.error)) else: try: if binary_response and r.body: handle_response(r.body, **params_for_handler) else: try: body = str(r.body, encoding='utf-8').strip() except UnicodeDecodeError: body = str(r.body, encoding='gb18030').strip() except TypeError: body = to_basestring(r.body).strip() self._handle_body(body, params_for_handler, handle_response, handle_error) except Exception as err: err = '错误(%s): %s' % (err.__class__.__name__, str(err)) if handle_error: handle_error(err) else: self.render('_error.html', code=500, message=err)
def format_command(self, *tokens, **kwargs): cmds = [] for t in tokens: e_t = self.encode(t) e_t_s = to_basestring(e_t) cmds.append('$%s\r\n%s\r\n' % (len(e_t), e_t_s)) return '*%s\r\n%s' % (len(tokens), ''.join(cmds))
def update_modules(fobjs): timestamp = long(time.time()) mods = {} for filename, pybody in fobjs: filename = filename fname, _, suffix = filename.rpartition('.') assert suffix == 'py', '文件名:%r, 只接受 ".py" 后缀文件名.' % filename for c in fname: i = ord(c) assert MODULE_NAME_VALID_CHCKS[ i], '修改模块名,c:%c[%d] filename:%r, fname:%r, iname:%r, 合法字符集为:大写字母[A-Z],小写字母[a-z],数字[0-9],下划线"_"' % ( c, i, filename, fname, [ord(c) for c in fname]) fname = escape.to_basestring(fname) rpath = os.path.abspath(os.sep.join([MODULES_DIR, '%s.dat' % fname])) codeobject = builtins.compile(pybody, '<string>', 'exec', dont_inherit=True) with open(rpath, 'wb') as datf: datf.write('\0\0\0\0') wr_long(datf, timestamp) dumps = marshal.dumps(codeobject) fobj = StringIO() gzf = gzip.GzipFile(fileobj=fobj, mode='wb') gzf.write(dumps) gzf.flush() gzf.close() datf.write(fobj.getvalue()) datf.flush() datf.seek(0, 0) datf.write(MAGIC) datf.flush() mods[escape.to_basestring(fname)] = Vmodel(fname, load_dat(fname, rpath)) changes = [] global MODELS for k, m in mods.items(): om = MODELS.pop(k, None) MODELS[k] = m if om is not None: changes.append([k, id(om), id(m)]) del om else: changes.append([k, None, id(m)]) return sorted(changes, key=lambda x: x[0])
def get_current_user(self): ''' Fetch current users information. ''' user = escape.to_basestring(self.get_secure_cookie("mobius_user")) if user is None: return None return JSONObject(user)
def send_to_update(self, waits, chat): current_user = self.get_current_user() html_info = {} html_info['user'] = current_user html_info['html'] = to_basestring( self.render_string("ajax/single_message.html", data=chat)) for wait in waits: wait.write_message(html_info)
def perform_user_list(self, users): return { 'parent': 'user_list', 'html': escape.to_basestring( self.render_string('tornado_chat/list.html', users=users)) }
def _decode(self, body: bytes) -> Optional[JsonType]: """ Decode a response body """ result = None if body is not None and len(body) > 0: result = cast(JsonType, json.loads(escape.to_basestring(body))) return result
def do_api_request(path, method, post_data={}, body=''): try: url = urljoin('https://%s.hackpad.com/api/1.0/' % settings.get('hackpad_domain'), path) args = dict( oauth_consumer_key=escape.to_basestring(settings.get('hackpad_oauth_client_id')), oauth_signature_method='HMAC-SHA1', oauth_timestamp=str(int(time.time())), oauth_nonce=escape.to_basestring(binascii.b2a_hex(uuid.uuid4().bytes)), oauth_version='1.0a', ) signature = _oauth10a_signature( { 'key':settings.get('hackpad_oauth_client_id'), 'secret':settings.get('hackpad_oauth_secret') }, method, url, args ) args['oauth_signature'] = signature api_link = url + '?' + urllib.urlencode(args) logging.info(api_link) hackpad = {} if method.lower() == 'post': r = requests.post( api_link, data=body, headers={'Content-Type': 'text/plain'}, verify=False ) hackpad = r.json else: r = requests.get( api_link, headers={'Content-Type': 'text/plain'}, verify=False ) hackpad = r.json except: logging.info(sys.exc_info()[0]) hackpad = {} return hackpad
def prepare(self): super(MahuaHandler, self).prepare() if self.request.body: try: self._data = json.loads(to_basestring(self.request.body), object_hook=DottedDict) except Exception as e: logging.exception(e) else: self._data = DottedDict()
def post(self): email = escape.to_basestring(self.get_argument('email')) password = escape.to_basestring(self.get_argument('password')) user = yield load_user(email, self._loop) if user is None: self.render('login.html', error="Incorrect Credentials", next_page=self.get_argument('next_page', '/')) return hashed_password = yield hash_password(password, salt=user.password, loop=self._loop) if hashed_password == user.password: # don't forget to delete the password from the cookie del user.password self.set_secure_cookie("mobius_user", user.json_string) self.redirect(self.get_argument('next_page', '/')) else: self.render("login.html", error="Incorrect Credentials")
def post(self): ''' Create new user. ''' email = escape.to_basestring(self.get_argument('email')) password = escape.to_basestring(self.get_argument('password')) log.info("Creating new user: {} - {}".format(email, password)) hashed_password = yield hash_password(password, salt=None, loop=self._loop) try: new_user = yield create_user(email, hashed_password, loop=self._loop) if new_user is None: raise RequestError("Failed to create user. User possibly already exists.") if "password" in new_user: del new_user.password self.set_secure_cookie("mobius_user", new_user.json_string) self.redirect(self.get_argument("next_page", "/")) except RequestError as req_err: self.render("login.html", error=str(req_err))
def parse_response(response): body = response.body and to_basestring(response.body) or '{}' if body and body.startswith('{'): body = json_util.loads(body) if 'data' in body and isinstance(body['data'], dict): # 将data的内容赋给body,以便测试使用 body.update(body['data']) elif 'error' in body and isinstance(body['error'], dict): body.update(body['error']) if response.code != 200 and 'code' not in body: body = dict(code=response.code, message=response.reason) return body
def json_decode(data): """Decode json. Decodes json but performs escaping first. Args: data (str): A json string. Returns: obj: The decoded json. """ return json.loads(escape.to_basestring(data))
def parse_bool(arguments: dict, key: str, default_val: bool = True) -> bool: """ parses a boolean get value of the key if it is in the dict, returns default_val otherwise :param arguments: :param key: :param default_val: :return: """ if key in args and to_basestring( arguments[key][0]).lower() == str(not default_val).lower(): return not default_val return default_val
def do_api_request(path, method, post_data={}, body=''): try: url = urljoin( 'https://%s.hackpad.com/api/1.0/' % settings.get('hackpad_domain'), path) args = dict( oauth_consumer_key=escape.to_basestring( settings.get('hackpad_oauth_client_id')), oauth_signature_method='HMAC-SHA1', oauth_timestamp=str(int(time.time())), oauth_nonce=escape.to_basestring( binascii.b2a_hex(uuid.uuid4().bytes)), oauth_version='1.0a', ) signature = _oauth10a_signature( { 'key': settings.get('hackpad_oauth_client_id'), 'secret': settings.get('hackpad_oauth_secret') }, method, url, args) args['oauth_signature'] = signature api_link = url + '?' + urllib.urlencode(args) logging.info(api_link) hackpad = {} if method.lower() == 'post': r = requests.post(api_link, data=body, headers={'Content-Type': 'text/plain'}, verify=False) hackpad = r.json else: r = requests.get(api_link, headers={'Content-Type': 'text/plain'}, verify=False) hackpad = r.json except: logging.info(sys.exc_info()[0]) hackpad = {} return hackpad
def on_message(self, message): parsed = escape.json_decode(message) chat = { 'parent': 'inbox', 'body': parsed['body'] if len(parsed['body']) <= 128 else 'D`oh.', 'user': parsed['user'], 'time': datetime.datetime.now().strftime('%H:%M:%S %Y-%m-%d') } self.update_channel_history(chat) chat['html'] = escape.to_basestring( self.render_string('include/message.html', message=chat) ) self.waiters.broadcast(self.chnl, chat)
def log_request(handler): """修改tornado日志消息格式""" if handler.get_status() < 400: log_method = access_log.info elif handler.get_status() < 500: log_method = access_log.warning else: log_method = access_log.error request_time = 1000.0 * handler.request.request_time() # 屏蔽掉静态文件输出 if ('/static' not in handler.request.uri) or handler.get_status() > 304: log_method("""%d %s %s %.2fms %s""", handler.get_status(), handler._request_summary(), handler.current_user, request_time, to_basestring(handler.request.body))
def post(self, file_type): with model.session_scope() as session: user_session = self.get_user_session(session) policy = user_session.policy.derive({}) policy.verify('custom_query_preview') text = to_basestring(self.request.body) if not text: raise errors.ModelError("Query is empty") custom_query = model.CustomQuery(description="Preview", text=text) conf = self.get_config(session) yield self.export(custom_query, conf, file_type) self.finish()
def on_message(self, message): parsed = escape.json_decode(message) logger.warning('GOT MESSAGE %s' % parsed) if 'dummy' in parsed: return chat = { 'parent': 'inbox', 'body': parsed['body'] if len(parsed['body']) <= 128 else 'D`oh.', 'user': parsed['user'], 'time': datetime.datetime.now().strftime('%H:%M:%S %Y-%m-%d') } self.update_channel_history(chat) chat['html'] = escape.to_basestring( self.render_string('tornado_chat/message.html', message=chat)) self.send_updates(chat)
def on_message(self, message): logging.info("got message %r", message) parsed = escape.json_decode(message) chat = { 'id': str(uuid.uuid4()), 'body': parsed.get('body', ''), 'type': "message", "client_id": self.client_id, "username": parsed['username'], "datetime": datetime.now().strftime("%Y-%m-%d %H:%M:%S") } chat['html'] = escape.to_basestring( self.render_string("message.html", message=chat)) ChatRoom().update_chat_room_messages(chat=chat) ChatSocketHandler.send_updates(chat=chat)
def on_message(self, message): parsed = escape.json_decode(message) logger.warning('GOT MESSAGE %s' % parsed) if 'dummy' in parsed: return chat = { 'parent': 'inbox', 'body': parsed['body'] if len(parsed['body']) <= 128 else 'D`oh.', 'user': parsed['user'], 'time': datetime.datetime.now().strftime('%H:%M:%S %Y-%m-%d') } self.update_channel_history(chat) chat['html'] = escape.to_basestring( self.render_string('include/message.html', message=chat) ) self.send_updates(chat)
def _on_request_token(self, authorize_url, callback_uri, response): if response.error: raise Exception("Could not get request token") consumer_token = self._oauth_consumer_token() request_token = _oauth_parse_response(response.body) data = (base64.b64encode(request_token["key"]) + b("|") + base64.b64encode(request_token["secret"])) self.set_cookie("_oauth_request_token", data) args = dict( oauth_token=request_token["key"], oauth_consumer_key=escape.to_basestring(consumer_token['key']), ) if callback_uri == "oob": self.finish(authorize_url + "?" + urllib.urlencode(args)) return elif callback_uri: args["oauth_callback"] = urlparse.urljoin( self.request.full_url(), callback_uri) self.redirect(authorize_url + "?" + urllib.urlencode(args))
async def post(self): """ Send system message in room, for attention users """ room = self.get_argument('r', False) user = self.get_argument('u', False) message = self.get_argument('msg', 'no message') if not room or not user or user != 'system': raise tornado.web.HTTPError(404, 'Incorrect params of query') logging.info('Got system message {0}, room "{1}"'.format(message, room)) chat = { "id": str(uuid.uuid4()), "body": message, "user": user, "time": str(int(time.time())) } chat['html'] = to_basestring( self.render_string('system_message.html', message=chat) ) ChatSocketHandler.update_cache(chat, room) ChatSocketHandler.send_updates(chat, room)
def on_message(self, message): """ Performed when a message arrives from a client :param message: """ room = self.get_argument('r', False) if not room: raise tornado.web.HTTPError(404, 'Incorrect params of query') logging.info('Got message {0} for room "{1}"'.format(message, room)) parsed = json_decode(message) parsed['body'] = replace_smiles(spam_links(parsed['body'])) chat = { "id": str(uuid.uuid4()), "body": parsed['body'], "user": parsed['user'], "time": str(int(time.time())) } chat['html'] = to_basestring( self.render_string('message.html', message=chat) ) # put it in cache and give to listeners ChatSocketHandler.update_cache(chat, room) ChatSocketHandler.send_updates(chat, room)
def tex_escape(text): return REGEX.sub(lambda match: CONV[match.group()], to_basestring(text))
def json_decode(value): return json.loads(to_basestring(value), object_hook=datetime_decoder)
def post(self): data, errors = TokenRequestSchema().loads( self.request.body.decode('utf-8')) if errors: self.send_error(400, message='Wrong input parameters', errors=errors) return provider = USERINFO_ENDPOINTS[data['provider']] query_params = {'access_token': data['access_token']} query_params.update(provider['additional_params']) userinfo_url = url_concat(provider['url'], query_params) http_client = AsyncHTTPClient() response = yield http_client.fetch(userinfo_url, raise_error=False) if response.error: errors = json_decode(response.body) if response.body else None self.send_error(400, message='Authentication server error', errors=errors) return else: logging.info(json_decode(response.body)) schema = module_member(provider['schema'])() userinfo, errors = schema.loads(to_basestring(response.body)) if errors: self.send_error(400, message='Wrong authentication data received', errors=errors) return account = self.db.execute( 'SELECT * FROM accounts WHERE provider = ? AND sub = ?', (data['provider'], userinfo['sub'], ) ).fetchone() if account: user = self.db.execute( 'SELECT * FROM users WHERE email = ?', (account['email'], ) ).fetchone() if not user: self.send_error(500, message='DB error. User not found.') return else: user = { 'id': str(uuid.uuid4()), 'email': userinfo['email'] } self.db.execute( 'INSERT INTO users (id, email) VALUES (:id, :email)', user) account = { 'user_id': user['id'], 'provider': data['provider'] } account.update(userinfo) self.db.execute( 'INSERT INTO ' 'accounts (user_id, provider, sub, email, email_verified, name, given_name, family_name, profile, picture, gender) ' 'VALUES (:user_id, :provider, :sub, :email, :email_verified, :name, :given_name, :family_name, :profile, :picture, :gender)', account ) self.db.commit() now = datetime.utcnow() token = { 'id': generate_token(options.token_length), 'user_id': user['id'], 'issued': now, 'expired': now + options.token_expire_time } self.db.execute( 'INSERT INTO tokens (id, user_id, issued, expired) ' 'VALUES (:id, :user_id, :issued, :expired)', token ) self.db.commit() self.finish(TokenResponseSchema().dumps(token).data)
def html_escape(self, value): return self.ESCAPE_RE.sub(lambda m: self.ESCAPE_DICT[m.group(0)], escape.to_basestring(value))
def json_decode(value): return json.loads(to_basestring(value))
def perform_user_list(self, users): return {'parent': 'user_list', 'html': escape.to_basestring( self.render_string('include/user_list.html', users=users) )}
def jwt_encode(val, key): result = jwt.encode(val, key) return to_basestring(result)
def json_decode(value, **kwargs): """Returns Python objects for the given JSON string.""" return json.loads(to_basestring(value), **kwargs)
def send(obj, msg): msg["html"] = to_basestring( obj.render_string("message.html", message=msg) ) obj.write_message(msg)