def check_grip_sig(grip_sig_header, config): for entry in config: if 'key' not in entry: continue if gripcontrol.validate_sig(grip_sig_header, entry['key']): return True return False
def is_proxied(request, proxies): if len(proxies) < 1: return False grip_sig = request.META.get('HTTP_GRIP_SIG') if not grip_sig: return False for p in proxies: if gripcontrol.validate_sig(grip_sig, p['key']): return True return False
def process_request(self, request): # make sure these fields are always set request.grip = GripData() request.wscontext = None # old request.grip_proxied = False request.grip_signed = False proxied = False signed = False grip_sig_header = request.META.get('HTTP_GRIP_SIG') if grip_sig_header: proxies = _get_proxies() all_proxies_have_keys = True for entry in proxies: if 'key' not in entry: all_proxies_have_keys = False break if all_proxies_have_keys: # if all proxies have keys, then don't # consider the request to be proxied unless # one of them signed it for entry in proxies: if validate_sig(grip_sig_header, entry['key']): proxied = True signed = True break else: # if even one proxy doesn't have a key, then # don't require verification in order to # consider the request to have been proxied proxied = True # parse Grip-Feature hvalue = request.META.get('HTTP_GRIP_FEATURE') if hvalue: parsed = parse_options_header(hvalue, multiple=True) features = set() for n in range(0, len(parsed), 2): features.add(parsed[n]) request.grip.features = features # parse Grip-Last hvalue = request.META.get('HTTP_GRIP_LAST') if hvalue: parsed = parse_options_header(hvalue, multiple=True) last = {} for n in range(0, len(parsed), 2): channel = parsed[n] params = parsed[n + 1] last[channel] = params.get('last-id', '') request.grip.last = last if hasattr(request, 'content_type'): content_type = request.content_type else: content_type = '' hvalue = request.META.get('CONTENT_TYPE') if hvalue: parsed = parse_options_header(hvalue) content_type = parsed[0] # detect WebSocket-Over-HTTP request wscontext = None if (request.method == 'POST' and content_type == 'application/websocket-events'): cid = request.META.get('HTTP_CONNECTION_ID') meta = {} for k, v in six.iteritems(request.META): if k.startswith('HTTP_META_'): meta[_convert_header_name(k[10:])] = v body = request.body if isinstance(body, six.text_type): body = body.encode('utf-8') try: events = decode_websocket_events(body) except: return HttpResponseBadRequest( 'Error parsing WebSocket events.\n') wscontext = WebSocketContext(cid, meta, events, grip_prefix=_get_prefix()) request.grip.proxied = proxied request.grip.signed = signed request.wscontext = wscontext # old request.grip_proxied = proxied request.grip_signed = signed
def process_request(self, request): # make sure these are always set request.grip_proxied = False request.grip_signed = False request.wscontext = None grip_proxied = False grip_signed = False grip_sig_header = request.META.get('HTTP_GRIP_SIG') if grip_sig_header: proxies = getattr(settings, 'GRIP_PROXIES', []) all_proxies_have_keys = True for entry in proxies: if 'key' not in entry: all_proxies_have_keys = False break if all_proxies_have_keys: # if all proxies have keys, then don't # consider the request to be proxied unless # one of them signed it for entry in proxies: if validate_sig(grip_sig_header, entry['key']): grip_proxied = True grip_signed = True break else: # if even one proxy doesn't have a key, then # don't require verification in order to # consider the request to have been proxied grip_proxied = True content_type = request.META.get('CONTENT_TYPE') if content_type: at = content_type.find(';') if at != -1: content_type = content_type[:at] # legacy check using accept accept_types = request.META.get('HTTP_ACCEPT') if accept_types: tmp = accept_types.split(',') accept_types = list() for s in tmp: accept_types.append(s.strip()) wscontext = None if request.method == 'POST' and ( (content_type and content_type == 'application/websocket-events') or (accept_types and 'application/websocket-events' in accept_types)): cid = request.META.get('HTTP_CONNECTION_ID') meta = dict() for k, v in request.META.iteritems(): if k.startswith('HTTP_META_'): meta[_convert_header_name(k[10:])] = v body = request.body assert (not isinstance(body, unicode)) try: events = decode_websocket_events(body) except: return HttpResponseBadRequest( 'Error parsing WebSocket events.\n') wscontext = WebSocketContext(cid, meta, events) request.grip_proxied = grip_proxied request.grip_signed = grip_signed request.wscontext = wscontext