예제 #1
0
    def wrapped(*, _impersonate=None, _sudo_token=None, **kwargs):
        if _sudo_token:
            return func(**kwargs, _impersonate=_impersonate, _sudo_token=_sudo_token)
        elif not get_master_secret() and _impersonate and not _sudo_token:
            from common.rpc.secrets import (
                get_secret_from_server,
            )  # placed here to avoid circular imports

            print(f"Attempting to impersonate {_impersonate}")

            try:
                sudo_secret = get_secret_from_server(
                    secret_name="MASTER",
                    _impersonate=_impersonate,
                    _sudo_token=get_token(),
                )
            except PermissionError:
                refresh_token()
                try:  # second attempt, in case the first was just an expired token
                    sudo_secret = get_secret_from_server(
                        secret_name="MASTER",
                        _impersonate=_impersonate,
                        _sudo_token=get_token(),
                    )
                except PermissionError:
                    raise PermissionError(
                        "You must be logged in as an admin to do that."
                    )

            master_secret = sudo_secret
        else:
            master_secret = get_master_secret()

        return func(**kwargs, master_secret=master_secret)
예제 #2
0
 def wrapped(**kwargs):
     try:
         return func(**kwargs, access_token=get_token())
     except PermissionError:
         refresh_token()
         return func(**kwargs, access_token=get_token())
예제 #3
0
def login(browser):
    """
    Log into Ok and get an access token.
    """
    refresh_token(no_browser=not browser)
예제 #4
0
파일: auth.py 프로젝트: 61a-ide/cs61a-apps
def login():
    """
    Log into Ok and get an access token.
    """
    refresh_token()
예제 #5
0
파일: utils.py 프로젝트: 61a-ide/cs61a-apps
            def wrapped(**kwargs):
                noreply = kwargs.pop("noreply", False)
                endpoints = []
                if has_request_context() and not noreply:
                    proxied_host = request.headers.get("X-Forwarded-For-Host")
                    if proxied_host:
                        parts = proxied_host.split(".")
                        if "pr" in parts:
                            pr = parts[0]
                            endpoints.append(
                                f"https://{pr}.{app}.pr.cs61a.org{path}")
                endpoints.append(f"https://{app}.cs61a.org{path}")

                if (not get_master_secret() and "_impersonate" in kwargs
                        and not "_sudo_token" in kwargs):
                    from common.rpc.secrets import (
                        get_secret_from_server,
                    )  # placed here to avoid circular imports

                    print(
                        f"Attempting to impersonate {kwargs.get('_impersonate')}"
                    )

                    try:
                        sudo_secret = get_secret_from_server(
                            secret_name="MASTER",
                            _impersonate=kwargs.pop("_impersonate"),
                            _sudo_token=get_token(),
                        )
                    except PermissionError:
                        refresh_token()
                        try:  # second attempt, in case the first was just an expired token
                            sudo_secret = get_secret_from_server(
                                secret_name="MASTER",
                                _impersonate=kwargs.pop("_impersonate"),
                                _sudo_token=get_token(),
                            )
                        except PermissionError:
                            raise PermissionError(
                                "You must be logged in as an admin to do that."
                            )
                            return

                    kwargs["master_secret"] = sudo_secret

                for i, endpoint in enumerate(endpoints):
                    if noreply:
                        try:
                            requests.post(endpoint, json=kwargs, timeout=1)
                        except requests.exceptions.ReadTimeout:
                            pass
                    else:
                        try:
                            resp = requests.post(endpoint,
                                                 json=kwargs,
                                                 stream=streaming)
                            if i != len(endpoints) - 1:
                                # if a PR build reports failure, try the prod build
                                resp.raise_for_status()
                        except:
                            if i != len(endpoints) - 1:
                                # on a PR build, try the main endpoint next
                                continue
                            else:
                                raise
                        if resp.status_code == 401:
                            raise PermissionError(resp.text)
                        elif resp.status_code == 500:
                            raise Exception(resp.text)
                        resp.raise_for_status()
                        if streaming:

                            def generator():
                                buffer = []
                                ok = True
                                for x in resp.iter_content():
                                    buffer.append(x.decode("ascii"))
                                    buff_string = "".join(buffer)
                                    if STATUS_MARKER in buff_string:
                                        # We are now reading in the error message
                                        # Stop flushing the buffer
                                        ok = False
                                    if ok and len(buff_string) > len(
                                            STATUS_MARKER):
                                        yield buff_string[:-len(STATUS_MARKER)]
                                        buffer = [
                                            buff_string[-len(STATUS_MARKER):]
                                        ]
                                buff_string = "".join(buffer)
                                if not buff_string.endswith(STATUS_MARKER):
                                    # some error occurred
                                    pos = buff_string.index(STATUS_MARKER)
                                    raise Exception(
                                        buff_string[pos + len(STATUS_MARKER):])
                                yield from buffer[:-len(STATUS_MARKER)]

                            return generator()
                        else:
                            return resp.json()