def post(self, request):
"""
Requests to Register a Relay
````````````````````````````
Registers the relay with the sentry installation. If a relay boots
it will always attempt to invoke this endpoint.
"""
try:
json_data = json.loads(request.body)
except ValueError:
return Response({"detail": "No valid json body"},
status=status.HTTP_400_BAD_REQUEST)
serializer = RelayRegisterChallengeSerializer(data=json_data)
if not serializer.is_valid():
return Response(serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
if not is_version_supported(json_data.get("version")):
return Response(
{
"detail":
"Relay version no longer supported, please upgrade to a more recent version"
},
status=status.HTTP_403_FORBIDDEN,
)
public_key = json_data.get("public_key")
if not public_key:
return Response({"detail": "Missing public key"},
status=status.HTTP_400_FORBIDDEN)
if not settings.SENTRY_RELAY_OPEN_REGISTRATION and not is_internal_relay(
request, public_key):
return Response({"detail": "Relay is not allowed to register"},
status=status.HTTP_403_FORBIDDEN)
sig = get_header_relay_signature(request)
if not sig:
return Response({"detail": "Missing relay signature"},
status=status.HTTP_400_BAD_REQUEST)
secret = options.get("system.secret-key")
try:
challenge = create_register_challenge(request.body, sig, secret)
except Exception as exc:
return Response({"detail": str(exc).splitlines()[0]},
status=status.HTTP_400_BAD_REQUEST)
relay_id = six.text_type(challenge["relay_id"])
if relay_id != get_header_relay_id(request):
return Response(
{"detail": "relay_id in payload did not match header"},
status=status.HTTP_400_BAD_REQUEST,
)
try:
relay = Relay.objects.get(relay_id=relay_id)
except Relay.DoesNotExist:
pass
else:
if relay.public_key != six.text_type(public_key):
# This happens if we have an ID collision or someone copies an existing id
return Response(
{
"detail":
"Attempted to register agent with a different public key"
},
status=status.HTTP_400_BAD_REQUEST,
)
return Response(serialize(challenge))
def post(self, request):
"""
Registers a Relay
`````````````````
Registers the relay with the sentry installation. If a relay boots
it will always attempt to invoke this endpoint.
"""
try:
json_data = json.loads(request.body)
except ValueError:
return Response({"detail": "No valid json body"},
status=status.HTTP_400_BAD_REQUEST)
serializer = RelayRegisterResponseSerializer(data=json_data)
if not serializer.is_valid():
return Response(serializer.errors,
status=status.HTTP_400_BAD_REQUEST)
sig = get_header_relay_signature(request)
if not sig:
return Response({"detail": "Missing relay signature"},
status=status.HTTP_400_BAD_REQUEST)
secret = options.get("system.secret-key")
try:
validated = validate_register_response(request.body, sig, secret)
except UnpackErrorSignatureExpired:
return Response({"detail": "Challenge expired"},
status=status.HTTP_401_UNAUTHORIZED)
except Exception as exc:
return Response({"detail": str(exc).splitlines()[0]},
status=status.HTTP_400_BAD_REQUEST)
relay_id = six.text_type(validated["relay_id"])
version = six.text_type(validated["version"])
public_key = validated["public_key"]
if relay_id != get_header_relay_id(request):
return Response(
{"detail": "relay_id in payload did not match header"},
status=status.HTTP_400_BAD_REQUEST,
)
is_internal = is_internal_relay(request, public_key)
try:
relay = Relay.objects.get(relay_id=relay_id)
except Relay.DoesNotExist:
relay = Relay.objects.create(relay_id=relay_id,
public_key=public_key,
is_internal=is_internal)
else:
relay.is_internal = is_internal
relay.save()
try:
relay_usage = RelayUsage.objects.get(relay_id=relay_id,
version=version)
except RelayUsage.DoesNotExist:
RelayUsage.objects.create(relay_id=relay_id,
version=version,
public_key=public_key)
else:
relay_usage.last_seen = timezone.now()
relay_usage.public_key = public_key
relay_usage.save()
return Response(serialize({"relay_id": relay.relay_id}))