def callback(): signature = request.headers['X-Line-Signature'] # get request body as text body = request.get_data(as_text=True) app.logger.info("Request body: " + body) # parse webhook body try: events = parser.parse(body, signature) except InvalidSignatureError: abort(400) # if event is MessageEvent and message is TextMessage, then echo text for event in events: if not isinstance(event, MessageEvent): continue if isinstance(event.message, TextMessage): handle_TextMessage(event) if isinstance(event.message, ImageMessage): handle_ImageMessage(event) if isinstance(event.message, VideoMessage): handle_VideoMessage(event) if isinstance(event.message, FileMessage): handle_FileMessage(event) if isinstance(event.message, StickerMessage): handle_StickerMessage(event) if not isinstance(event, MessageEvent): continue if not isinstance(event.message, TextMessage): continue return 'OK'
def authenticate_complete(): if not checkban(request.remote_addr): abort(401) if not Authenticator.query.all(): abort(401) authenticators = [] user = User.query.filter_by(id=int(session.pop("lid"))).first() for authenticator in Authenticator.query.filter_by(user=user.id): authenticators.append(AttestedCredentialData(authenticator.credential)) data = cbor.decode(request.get_data()) credential_id = data["credentialId"] client_data = ClientData(data["clientDataJSON"]) auth_data = AuthenticatorData(data["authenticatorData"]) signature = data["signature"] server.authenticate_complete( session.pop("state"), authenticators, credential_id, client_data, auth_data, signature, ) login_user(user) user.sign_count = user.sign_count + 1 user.failed_logins = 0 user.last_failed = 0 user.last_login = int(time.time()) db.session.add(user) db.session.commit() unban(request.remote_addr) return cbor.encode({"status": "OK"})
def callback(): """ Get X-Line-Signature header value """ global user_id, user_name, user_picture signature = request.headers['X-Line-Signature'] # Get request body as text body = request.get_data(as_text=True) app.logger.info("Request body: " + body) # Try to get user's id try: user_id = json.loads(body)["events"][0]["source"]["userId"] except: user_id = "-" # Try to get user's name try: user_name = line_bot_api.get_profile(user_id).display_name except: user_name = "someone" #try to get user's profile picture urls try: user_picture = line_bot_api.get_profile(user_id).picture_url except: user_picture = 'https://image.prntscr.com/image/t2BFLWxiRf2OJq_G4kKKtw.png' # handle webhook body try: handler.handle(body, signature) except LineBotApiError as e: print("Got exception from LINE Messaging API: %s\n" % e.message) for m in e.error.details: print(" %s: %s" % (m.property, m.message)) print("\n") except InvalidSignatureError: abort(400) return 'OK'
def http_request(self, request): data = request.get_data() if data is not None and type(data) != str: v_files = [] v_vars = [] try: for(key, value) in list(data.items()): if type(value) == io.BufferedReader: v_files.append((key, value)) else: v_vars.append((key, value)) except TypeError: systype, value, traceback = sys.exc_info() #raise TypeError("not a valid non-string sequence or mapping object %d" % traceback) logger.debug("not a valid non-string sequence or mapping object : %s" % traceback) if len(v_files) == 0: data = urllib.parse.urlencode(v_vars, self.doseq).encode() else: boundary, data = self.multipart_encode(v_vars, v_files) contenttype = 'multipart/form-data; boundary=%s' % boundary request.add_unredirected_header('Content-Type', contenttype) request.add_data(data) return request
def query(): # no idea why request.data doesn't work, datatype seems correct? # print(request.data) # in any case, get the raw bytes and convert to utf-8 data = request.get_data() args = data.decode("utf-8").split(",") # todo # return actual errors new_query = False search_arg = None if len(args) != 2: print("malformed arguments") return "error" else: if args[1] == "true": new_query = True elif args[1] == "false": new_query = False else: print("malformed arguments") return "error" search_arg = args[0] if search_arg == None or search_arg == "": print("malformed arguments") return "error" return search(search_arg)
def http_request(self, request): data = request.get_data() if data is not None and type(data) != str: v_files = [] v_vars = [] try: for (key, value) in list(data.items()): if hasattr(value, 'read'): v_files.append((key, value)) else: v_vars.append((key, value)) except TypeError: raise TypeError if len(v_files) == 0: data = urllib.parse.urlencode(v_vars, doseq) else: boundary, data = self.multipart_encode(v_vars, v_files) contenttype = 'multipart/form-data; boundary=%s' % boundary if (request.has_header('Content-Type') and request.get_header( 'Content-Type').find('multipart/form-data') != 0): six.print_("Replacing %s with %s" % (request.get_header('content-type'), 'multipart/form-data')) request.add_unredirected_header('Content-Type', contenttype) request.add_data(data) return request
def http_request(self, request): data = request.get_data() if data is not None and type(data) != str: v_files = [] v_vars = [] try: for(key, value) in list(data.items()): if hasattr(value, 'read'): v_files.append((key, value)) else: v_vars.append((key, value)) except TypeError: raise TypeError if len(v_files) == 0: data = urllib.parse.urlencode(v_vars, doseq) else: boundary, data = self.multipart_encode(v_vars, v_files) contenttype = 'multipart/form-data; boundary=%s' % boundary if ( request.has_header('Content-Type') and request.get_header('Content-Type').find( 'multipart/form-data') != 0 ): six.print_( "Replacing %s with %s" % ( request.get_header('content-type'), 'multipart/form-data' ) ) request.add_unredirected_header('Content-Type', contenttype) request.add_data(data) return request
def http_request(self, request): data = request.get_data() if data is not None and type(data) != str: v_files = [] v_vars = [] try: for (key, value) in list(data.items()): if type(value) == io.BufferedReader: v_files.append((key, value)) else: v_vars.append((key, value)) except TypeError: systype, value, traceback = sys.exc_info() # raise TypeError("not a valid non-string sequence or mapping object %d" % traceback) logger.debug("not a valid non-string sequence or mapping object : %s" % traceback) if len(v_files) == 0: data = urllib.parse.urlencode(v_vars, self.doseq).encode() else: boundary, data = self.multipart_encode(v_vars, v_files) contenttype = "multipart/form-data; boundary=%s" % boundary request.add_unredirected_header("Content-Type", contenttype) request.add_data(data) return request
def http_request(self, request): data = request.get_data() if isinstance(data, dict): v_files = [] v_vars = [] try: for(key, value) in list(data.items()): if isinstance(value, file) or hasattr(value, "file") or isinstance(value, io.StringIO): v_files.append((key, value)) else: v_vars.append((key, value)) except TypeError: systype, value, traceback = sys.exc_info() raise SqlmapDataException("not a valid non-string sequence or mapping object").with_traceback(traceback) if len(v_files) == 0: data = urllib.parse.urlencode(v_vars, doseq) else: boundary, data = self.multipart_encode(v_vars, v_files) contenttype = "multipart/form-data; boundary=%s" % boundary #if (request.has_header("Content-Type") and request.get_header("Content-Type").find("multipart/form-data") != 0): # print "Replacing %s with %s" % (request.get_header("content-type"), "multipart/form-data") request.add_unredirected_header("Content-Type", contenttype) request.add_data(data) return request
def _open(self, method, path, headers=None, data=None): """Perform an HTTP request. Args: method: The HTTP method (GET, PUT, POST, DELETE). path: The HTTP path to retrieve. headers: A dictionary of HTTP headers to add. data: The data to send as the body of the request. Returns: A Response object. """ url = urllib.parse.urljoin(self.site, path) self.log.info('%s %s', method, url) request = self._request(url) request.set_method(method) if headers: for key, value in headers.items(): request.add_header(key, value) if self.auth: # Insert basic authentication header request.add_header('Authorization', 'Basic {}'.format(self.auth.decode())) if request.headers: header_string = '\n'.join([':'.join((k, v)) for k, v in request.headers.items()]) self.log.debug('request-headers:%s', header_string) if data: request.add_header('Content-Type', self.format.mime_type) request.add_data(data) self.log.debug('request-body:%s', request.get_data()) elif method in ['POST', 'PUT']: # Some web servers need a content length on all POST/PUT operations request.add_header('Content-Type', self.format.mime_type) request.add_header('Content-Length', '0') if self.timeout and not _urllib_has_timeout(): # Hack around lack of timeout option in python < 2.6 old_timeout = socket.getdefaulttimeout() socket.setdefaulttimeout(self.timeout) try: http_response = None try: http_response = self._handle_error(self._urlopen(request)) except urllib.error.HTTPError as err: http_response = self._handle_error(err) except urllib.error.URLError as err: raise Error(err, url) response = Response.from_httpresponse(http_response) self.log.debug('Response(code=%d, headers=%s, msg="%s")', response.code, response.headers, response.msg) finally: if http_response: http_response.close() if self.timeout and not _urllib_has_timeout(): socket.setdefaulttimeout(old_timeout) self.log.info('--> %d %s %db', response.code, response.msg, len(response.body)) return response
def act_user_search(): para = request.get_data().decode() ddict = json.loads(para) pdict = json.loads(para) tmppage = int(pdict['cur']) if tmppage > 0: tmppage -= 1 pdict['cur'] = tmppage obj = DAO.search(pdict) obj['cur'] = ddict['cur'] return json.dumps(obj)
def http_request(self, request): try: data = request.get_data() except AttributeError: data = request.data if data is not None and type(data) != str: data = urllib.parse.urlencode(data, doseq).encode("utf-8") try: request.add_data(data) except AttributeError: request.data = data return request
def register_complete(): data = cbor.decode(request.get_data()) client_data = ClientData(data["clientDataJSON"]) att_obj = AttestationObject(data["attestationObject"]) auth_data = server.register_complete(session["state"], client_data, att_obj) authenticator = Authenticator(credential=auth_data.credential_data, user=int(session['user_id']), name=session['token_name']) db.session.add(authenticator) db.session.commit() return cbor.encode({"status": "OK"})
def downloadFile(): if request.method == 'POST': data = request.get_data() data = json.loads(data.decode('utf-8')) query = 'select * from UploadFile where File="' + str( data['File']) + '"' conn = Connection() cursor = conn.cursor() cursor.execute(query) data1 = cursor.fetchone() os.open(data1['path'], os.O_RDWR | os.O_CREAT) return data1['path']
def callback(): # get X-Line-Signature header value signature = request.headers["X-Line-Signature"] # get request body as text body = request.get_data(as_text=True) # handle webhook body try: handler.handle(body, signature) except InvalidSignatureError: abort(400) return "OK"
def run_jiankong(): json_data = json.loads(request.get_data()) ssh = paramiko.SSHClient() ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy()) for i in json_data: ip = i name = json_data[i]['name'] password = json_data[i]['password'] port = int(json_data[i]['port']) ssh.connect(ip, port, name, password) stdin, stdout, stderr = ssh.exec_command('我的命令') ssh.close() return jsonify(statu='run_success')
def api_call(version, endpoint_path): """Call an API endpoint directly over HTTP.""" # Check whether given version is valid if version not in API_VERSIONS: return jsonify(error='API version not found'), 404 # Get path and parameters (path, path_parameters) = path_parser.parse(version, endpoint_path) query_parameters = request.args.to_dict() for param in query_parameters: try: query_parameters[param] = int(query_parameters[param]) except: pass try: body_parameters = json.loads(request.get_data()) except: body_parameters = {} # Create and call request (req, response) = _process_message({ 'id': 0, 'method': request.method, 'parameters': { 'body': body_parameters, 'path': path_parameters, 'query': query_parameters }, 'path': path, 'token': request.headers.get('auth-token') }) print( f'HTTP:\t{req.method} to `/{req.path}` resulted in {response.status["code"]}: {response.status["description"]}' ) sys.stdout.flush() flask_response = jsonify(json.loads(response.to_JSON())) flask_response.status_code = response.status['code'] return flask_response
def callback(): print("callback start") signature = request.headers['X-Line-Signature'] body = request.get_data(as_text=True) app.logger.info("Request body: " + body) try: handler.handle(body, signature) except InvalidSignatureError as e: print("InvalidSignatureError message:{0}".format(e.message)) abort(400) except LineBotApiError as e: print("LineBotApiError message:{0}".format(e.message)) abort(400) resp = jsonify(success=True) return resp
def order_add(): if request.method=='POST': data = request.get_data() data = json.loads(data.decode("utf-8")) addrID = data.get('addrID') Merchsum = data.get('orderPrice') Info = data.get('orderInfo') rsp=model.order_add(addrID,Merchsum,Info) res={ "err":1,"desc":"内部错误" } if rsp == 0: res["err"]=0 res["desc"] = "订单添加成功" return jsonify(res)
def apply(): ip = request.remote_addr # token = request.values.get("token", "") # session_id = request.values.get("session_id", "") # sig = request.values.get("sig", "") # address = request.values.get("address", "") data = request.get_data() try: json_dict = json.loads(data) except Exception as e: logger.error(e) return jsonify({"err_code": "400", "err_msg": "bad request"}) token = json_dict.get("token", "") session_id = json_dict.get("session_id", "") sig = json_dict.get("sig", "") address = json_dict.get("address", "") scene = json_dict.get("scene", "") logger.info("apply address: %s", address) if address.strip() == "": return jsonify({"err_code": "401", "err_msg": "address is empty"}) if verify(token, session_id, sig, ip, scene): tx = send(address) if tx == '-1': return jsonify({"err_code": "403", "err_msg": "invalid address"}) if tx == '-2': return jsonify({ "err_code": "404", "err_msg": "server exception, please try again later" }) if tx != '': return jsonify({"data": tx}) else: return jsonify({ "err_code": "404", "err_msg": "server exception, please try again later" }) return jsonify({"err_code": "402", "err_msg": "verify error"})
def callback(): # get X-Line-Signature header value signature = request.headers['X-Line-Signature'] # get request body as text body = request.get_data(as_text=True) app.logger.info("Request body: " + body) # handle webhook body try: handler.handle(body, signature) except LineBotApiError as e: print("Got exception from LINE Messaging API: %s\n" % e.message) for m in e.error.details: print(" %s: %s" % (m.property, m.message)) print("\n") except InvalidSignatureError: abort(400) return 'OK'
def http_request(self, request): data = request.get_data() def isfiledata(p_str): import re r_c = re.compile("^f'(.*)'$") rert = r_c.search(str(p_str)) #rert = re.search("^f'(.*)'$", p_str) if rert: return rert.group(1) else: return None if data is not None and type(data) != str: v_files = [] v_vars = [] try: for(key, value) in list(data.items()): if isfiledata(value): # type(value) == file: v_files.append((key, value)) else: v_vars.append((key, value)) except TypeError: systype, value, traceback = sys.exc_info() raise TypeError("not a valid non-string sequence or mapping object").with_traceback(traceback) if len(v_files) == 0: data = urllib.parse.urlencode(v_vars, doseq) else: boundary, data = self.multipart_encode(v_vars, v_files) contenttype = 'multipart/form-data; boundary=%s' % boundary if(request.has_header('Content-Type') and request.get_header('Content-Type').find('multipart/form-data') != 0): print("Replacing %s with %s" % (request.get_header('content-type'), 'multipart/form-data')) request.add_unredirected_header('Content-Type', contenttype) request.add_data(data) return request
def do_request_(self, request): host = request.get_host() if not host: raise URLError('no host given') if request.has_data(): # POST data = request.get_data() if not request.has_header('Content-type'): request.add_unredirected_header( 'Content-type', 'application/x-www-form-urlencoded') scheme, sel = urllib.parse.splittype(request.get_selector()) sel_host, sel_path = urllib.parse.splithost(sel) if not request.has_header('Host'): request.add_unredirected_header('Host', sel_host or host) for name, value in self.parent.addheaders: name = name.capitalize() if not request.has_header(name): request.add_unredirected_header(name, value) return request
def __write_capture(self, request, response): ohandle = io.StringIO() response_body = b'' saved_exception = None try: ohandle.write('<capture>\n') ohandle.write('<request>\n') method = request.get_method() url = request.get_full_url() parsed = urlparse.urlsplit(url) relative_url = parsed.path if parsed.query: relative_url += '?' + parsed.query if parsed.fragment: # TODO: will this ever happen? relative_url += '#' + parsed.fragment host = None request_body = None if hasattr(request, 'get_host'): host = request.get_host() # support 3.3 if request.has_data(): request_body = request.get_data() else: host = request.host request_body = request.data ohandle.write('<method>%s</method>\n' % escape(method)) ohandle.write('<url>%s</url>\n' % escape(url)) ohandle.write('<host>%s</host>\n' % escape(host)) try: # ghetto addr = response.fp.raw._sock.getpeername() if addr: ohandle.write('<hostip>%s</hostip>\n' % escape(addr[0])) except Exception as error: pass ohandle.write('<datetime>%s</datetime>\n' % escape(time.asctime(time.gmtime())+' GMT')) # TODO: can we calculate request time and elapsed? request_headers = '%s %s HTTP/1.1\r\n' % (method, relative_url) # TODO: is there access to the HTTP version? for item in request.header_items(): request_headers += item[0] + ': ' + '\r\n\t'.join(item[1:]) + '\r\n' if self.re_nonprintable_str.search(request_headers): ohandle.write('<headers encoding="base64">%s</headers>\n' % base64.b64encode(request_headers.encode('utf-8')).decode('ascii')) else: ohandle.write('<headers>%s</headers>\n' % escape(request_headers)) if request_body is not None: if self.re_nonprintable.search(request_body): ohandle.write('<body encoding="base64">%s</body>\n' % base64.b64encode(request_body).decode('ascii')) else: ohandle.write('<body>%s</body>\n' % escape(request_body.decode('ascii'))) ohandle.write('</request>\n') ohandle.write('<response>\n') status = int(response.getcode()) ohandle.write('<status>%d</status>\n' % status) headers = response.info() if 'HEAD' == method or status < 200 or status in (204, 304,): response_body = b'' else: try: response_body = response.read() except urllib2.IncompleteRead as e: saved_exception = e response_headers = 'HTTP/1.1 %d %s\r\n' % (status, response.msg) # TODO: is there access to the HTTP version? response_headers += headers.as_string() content_type = headers.get('Content-Type') content_length = headers.get('Content-Length') if content_type: ohandle.write('<content_type>%s</content_type>\n' % escape(content_type)) if content_length: ohandle.write('<content_length>%d</content_length>\n' % int(content_length)) if self.re_nonprintable_str.search(response_headers): ohandle.write('<headers encoding="base64">%s</headers>\n' % base64.b64encode(response_headers.encode('utf-8')).decode('ascii')) else: ohandle.write('<headers>%s</headers>\n' % escape(response_headers)) if response_body: if self.re_nonprintable.search(response_body): ohandle.write('<body encoding="base64">%s</body>\n' % base64.b64encode(response_body).decode('ascii')) else: ohandle.write('<body>%s</body>\n' % escape(response_body.decode('ascii'))) ohandle.write('</response>\n') ohandle.write('</capture>\n') self.ofhandle.write(ohandle.getvalue().encode('utf-8')) ohandle.close() self.write_count += 1 if 0 == (self.write_count % self.cut_count): self.close() self.open_file() except Exception as e: sys.stderr.write('*** unhandled error in RaftCaptureProcessor: %s\n' % (e)) if saved_exception: raise(saved_exception) return response_body