def expandApplyInfo(cls, helper, vo): try: apply_info = JSONDecoder().decode(UcfUtil.getHashStr(vo, 'apply_info')) # TODO セキュリティブラウザの端末情報を展開 2015.09.04 if apply_info.has_key('DeviceInfo'): pass except BaseException, e: logging.exception(e) apply_info = {}
def get_inactive_players(self) -> List[Player]: """Return formatted inactive player data. """ inst = JSONDecoder() inactive_player = [ Player.objects.get(pk=pk) for pk in inst.decode(self.inactive_players) if Player.objects.filter(pk=pk).count() > 0 ] return inactive_player
def get_dnp_players(self) -> Dict[Player, str]: """Return formatted DNP player data. """ inst = JSONDecoder() dnp_players = { Player.objects.get(pk=pk): reason for pk, reason in inst.decode(self.dnp_players).items() if Player.objects.filter(pk=pk).count() > 0 } return dnp_players
def retrieveSateraitoMailMagazineList(num_retry=0): API_URL = 'https://sateraito-apps-sso3.appspot.com/api/getmailmagazinelist' # メルマガ配信除外アドレス一覧APIのURL MD5SUFFIX_KEY = '9eb4dd244d414f5b857e822f31b8e8c6' # メルマガ配信除外アドレス一覧APIのMD5SuffixKey MAX_RETRY_CNT = 3 # リトライ回数 ENCODE_KEY = '4d5f09ce' # メルマガ配信除外アドレス一覧APIのEncodeキー not_send_addresses = [] exchange_addresses = [] try: now = datetime.datetime.now() # 標準時 check_key = UcfUtil.md5(now.strftime('%Y%m%d%H%M') + MD5SUFFIX_KEY) payload = {'ck': check_key} result = urlfetch.fetch(url=API_URL, method='post', payload=urllib.urlencode(payload), deadline=30, follow_redirects=True) if result.status_code != 200: if num_retry >= MAX_RETRY_CNT: logging.error(result.status_code) raise e else: return retrieveSateraitoMailMagazineList(num_retry=(num_retry + 1)) jsondata = JSONDecoder().decode(result.content) not_send_addresses = jsondata.get('not_send_addresses', []) exchange_addresses = jsondata.get('exchange_addresses', []) # アドレスのデコード(暗号化は時間が結構かかるがメールアドレスなので実施しておく) for i in range(len(not_send_addresses)): not_send_addresses[i] = UcfUtil.deCrypto(not_send_addresses[i], ENCODE_KEY) for i in range(len(exchange_addresses)): exchange_addresses[i] = [ UcfUtil.deCrypto(exchange_addresses[i][0], ENCODE_KEY), UcfUtil.deCrypto(exchange_addresses[i][1], ENCODE_KEY) ] logging.info(not_send_addresses) logging.info(exchange_addresses) except BaseException, e: logging.error('class name:' + e.__class__.__name__ + ' message=' + str(e) + ' num_retry=' + str(num_retry)) if num_retry >= MAX_RETRY_CNT: raise e else: return retrieveSateraitoMailMagazineList(num_retry=(num_retry + 1))
def getMyPageLinkByLinkID(cls, helper, link_id, is_with_cache=False): link_vo = None if link_id is not None and link_id != '': # ログインパフォーマンスチューニング…少しだけキャッシュ if is_with_cache: link_vo = MyPageLinkUtils.getMyPageLinkMemCache(helper, link_id) if link_vo is None: query = UCFMDLMyPageLink.all() query.filter('link_id_lower = ', link_id.lower()) entry = query.get() if entry is not None: link_vo = entry.exchangeVo(helper._timezone) MyPageLinkUtils.editVoForSelect(helper, link_vo) # セットは、is_with_cacheによらずしてOK MyPageLinkUtils.setMyPageLinkMemCache(helper, link_id, link_vo) # Json展開 if link_vo is not None: link_info = [] link_info_json = UcfUtil.getHashStr(link_vo, 'link_info') if link_info_json != '': link_info = JSONDecoder().decode(link_info_json) link_vo['link_info'] = link_info return link_vo
def _toggle_speedups(enabled): import simplejson.decoder as dec import simplejson.encoder as enc import simplejson.scanner as scan c_make_encoder = _import_c_make_encoder() if enabled: dec.scanstring = dec.c_scanstring or dec.py_scanstring enc.c_make_encoder = c_make_encoder enc.encode_basestring_ascii = (enc.c_encode_basestring_ascii or enc.py_encode_basestring_ascii) scan.make_scanner = scan.c_make_scanner or scan.py_make_scanner else: dec.scanstring = dec.py_scanstring enc.c_make_encoder = None enc.encode_basestring_ascii = enc.py_encode_basestring_ascii scan.make_scanner = scan.py_make_scanner dec.make_scanner = scan.make_scanner global _default_decoder _default_decoder = JSONDecoder( encoding=None, object_hook=None, object_pairs_hook=None, ) global _default_encoder _default_encoder = JSONEncoder( skipkeys=False, ensure_ascii=True, check_circular=True, allow_nan=True, indent=None, separators=None, encoding='utf-8', default=None, )
def get_upload_progress(req, files, **kargs): ret = {} files = JSONDecoder("UTF-8").decode(files) session = req.session session.lock() for (slot, upfile) in files.iteritems(): upfile = os.path.split(upfile)[1] if session.get('temp_name_' + upfile): cursize = 0 try: cursize = os.path.getsize(session['temp_name_' + upfile]) except: pass ret[slot] = (cursize * 100) / (session.get('temp_size_' + upfile) or 1) session.unlock() req.content_type = 'application/json; charset=UTF-8' return JSONEncoder("UTF-8").encode(ret)
def SRP_store(req, data): """ Protocolo para tratar con passwords de forma criptograficamente segura. Recibe diccionario data con : username: String con el username v : Bigint de verificacion para SRP salt: Salt usada Devuelve diccionario con status (si status == OK, todo en orden) """ data = JSONDecoder("UTF-8").decode(data) db = MySQLdb.connect(host="localhost", user="******", passwd="1234", db="prueba") ## Mirar que el user no exista ya if user_exists(data['username']): req.write( JSONEncoder("UTF-8").encode({"status": "Duplicated username."})) return ## Preparar transaccion sql = """ INSERT INTO usuarios (userName,v,salt,mail,sex,age,country,registrationDate,status) VALUES( "%s","%s","%s","%s","%s","%s","%s","%s","NV") """ % (data['username'], data['v'], data['salt'], urllib.unquote( data["mail"]), data["sex"], data["age"], urllib.unquote( data["country"]), str(datetime.today())) cursor = db.cursor() #~ try: cursor.execute(sql) db.commit() req.write(JSONEncoder("UTF-8").encode({"status": "OK"})) #~ except: #~ db.rollback() #~ req.write(JSONEncoder("UTF-8").encode({"status":"Database operation failed."})) ## Desconectar db.close()
def editVoForRegist(cls, helper, vo, entry_vo, edit_type): if edit_type == UcfConfig.EDIT_TYPE_NEW: vo['dept_id'] = UcfUtil.getHashStr(helper.getDeptInfo(), 'dept_id') vo['link_id_lower'] = vo.get('link_id', '').lower() # リンク数を算出 link_info_json = UcfUtil.getHashStr(vo, 'link_info') if link_info_json != '': link_info = JSONDecoder().decode(link_info_json) # 各リンクにidを付与(未設定の場合だけ) for link_data in link_info: link = link_data.get('link') if not link.has_key('id') or link['id'] == '': link['id'] = UcfUtil.guid() vo['link_info'] = JSONEncoder().encode(link_info) vo['link_count'] = str(len(link_info)) else: vo['link_count'] = str(len(0))
def _formatLogText(cls, helper, vo): screen = vo.get('screen', '') operation = vo.get('operation', '') log_records = [] #if screen not in [UcfConfig.SCREEN_TASK, UcfConfig.SCREEN_PROFILE, UcfConfig.SCREEN_GENERALSSO]: if screen not in []: if screen not in [UcfConfig.SCREEN_DASHBOARD]: log_records.append(helper.getMsg('OPERATIONLOG_DETAIL_TARGET_DATA') + vo.get('target_data', '')) if operation == 'account_changeid': log_records.append(helper.getMsg('OPERATIONLOG_DETAIL_IS_UPDATE_GW_DATA') + vo.get('is_update_apps_data', '')) if vo.get('detail', '') != '': detail = JSONDecoder().decode(vo.get('detail', '')) if operation in ['group_addmembers', 'orgunit_addmembers']: if detail.has_key('members'): members = detail['members'] for member in members: log_records.append('[email]' + member.get('email', '') + '[type]' + member.get('type', '')) if operation in ['group_removemembers', 'orgunit_removemembers']: if detail.has_key('members'): members = detail['members'] for member in members: log_records.append('[email]' + member.get('email', '')) if detail.has_key('fields'): log_records.append(helper.getMsg('OPERATIONLOG_DETAIL_FIELDS')) diff_for_operation_log = detail['fields'] for item in diff_for_operation_log: log_records.append('[field]' + item.get('key', '') + '[before]' + item.get('before', '') + '[after]' + item.get('after', '')) if detail.has_key('add_groups'): log_records.append(helper.getMsg('OPERATIONLOG_DETAIL_ADD_GROUPS') + UcfUtil.listToCsv(detail['add_groups'])) if detail.has_key('del_groups'): log_records.append(helper.getMsg('OPERATIONLOG_DETAIL_REMOVE_GROUPS') + UcfUtil.listToCsv(detail['del_groups'])) return '\n'.join(log_records)
# cached encoder if (skipkeys is False and ensure_ascii is True and check_circular is True and allow_nan is True and cls is None and indent is None and separators is None and encoding == 'utf-8' and default is None and not kw): return _default_encoder.encode(obj) if cls is None: cls = JSONEncoder return cls( skipkeys=skipkeys, ensure_ascii=ensure_ascii, check_circular=check_circular, allow_nan=allow_nan, indent=indent, separators=separators, encoding=encoding, default=default, **kw).encode(obj) _default_decoder = JSONDecoder(encoding=None, object_hook=None) def load(fp, encoding=None, cls=None, object_hook=None, parse_float=None, parse_int=None, parse_constant=None, **kw): """ Deserialize ``fp`` (a ``.read()``-supporting file-like object containing a JSON document) to a Python object. If the contents of ``fp`` is encoded with an ASCII based encoding other than utf-8 (e.g. latin-1), then an appropriate ``encoding`` name must be specified. Encodings that are not ASCII based (such as UCS-2) are not allowed, and should be wrapped with ``codecs.getreader(fp)(encoding)``, or simply decoded to a ``unicode`` object and passed to ``loads()``
if cls is None: cls = JSONEncoder return cls(skipkeys=skipkeys, ensure_ascii=ensure_ascii, check_circular=check_circular, allow_nan=allow_nan, indent=indent, separators=separators, encoding=encoding, default=default, use_decimal=use_decimal, **kw).encode(obj) _default_decoder = JSONDecoder(encoding=None, object_hook=None, object_pairs_hook=None, parse_float=Decimal) def load(fp, encoding=None, cls=None, object_hook=None, parse_float=None, parse_int=None, parse_constant=None, object_pairs_hook=None, use_decimal=True, **kw): """Deserialize ``fp`` (a ``.read()``-supporting file-like object containing a JSON document) to a Python object.
separators=None, encoding='utf-8', default=_extended_json_encoding, use_decimal=True, ) def _extended_json_decoding(dct): if '<datetime>' in dct: # 2013-10-18T20:35:18+07:00 return StringToDate(dct['datetime'], format=None) return dct json._default_decoder = JSONDecoder(encoding=None, object_hook=_extended_json_decoding, object_pairs_hook=None, parse_float=decimal.Decimal) # jsonutil: TO HERE class isPlomino(object): """ Return True if called on any Plomino object. """ def __call__(self): return hasattr(self.context, 'getParentDatabase') class isDesignMode(object): """ Return True if called on a Plomino object by a user who has design permission in that context. """
def SRP_Auth_2(req, data): """ Acaba de hacer los calculos de la clave de sesion y hace la comprobacion de la clave de sesion que envia el usuario (segun el protocolo el usuario ha de ser el primero en enviar, si no corresponden abortar). """ #~ try: ## Recuperar K data = JSONDecoder("UTF-8").decode(data) Mc = data["M"] ## Recuperar las variables de la sesion cryptovars = retrieve_crypto_vars(req) B = cryptovars["B"] v = cryptovars["v"] b = cryptovars["b"] A = cryptovars["A"] user = cryptovars["user"].upper() salt = cryptovars["salt"].upper() ## u = H(A, B) u = calc_u(A, B, N) u = hex2dec(hash(dec2hex(A) + dec2hex(B))) ## S = (Av^u) ^ b S = powMod(A * powMod(v, u, N), b, N) ## Clave de sesion K = H(S) K = hash(dec2hex(S).upper()).upper() ## Comprobar que la prueba del cliente es igual a lo que tenemos nosotros ## M = H(H(N) xor H(g), H(I), s, A, B, K) HN = hex2dec(hash(dec2hex(N))) Hg = hex2dec(hash(dec2hex(g))) HI = hash(user).upper() innerhash = dec2hex( (HN ^ Hg)).upper() + HI + salt + dec2hex(A) + dec2hex(B) + K Mc_s = hash(innerhash).upper() ## si no coincide lo que calculamos nosotros con lo que nos envian... nanay if (Mc != Mc_s): rdata = { "status": "FAILED" } req.write(JSONEncoder("UTF-8").encode(rdata)) else: ## Si son iguales enviamos nuestra prueba al cliente ## Generar la prueba del servidor Ms = hash(dec2hex(A) + Mc + K) ## Hacer efectivo el login en el servidor y emitir cookie si es necesario session_login(req) if (data["remember"] == "yes"): message = createLoginCookie(req, req.session['SRP_crypto']['user']) if message != "OK": rdata = { "status": message } ## Guardar la clave de sesion y proceder a la comprobacion por parte del cliente rdata = { "M": Ms.upper(), "status": "OK" } req.write(JSONEncoder("UTF-8").encode(rdata)) #~ except: #~ rdata = {"status": "Second auth step failed."}; #~ req.write(JSONEncoder("UTF-8").encode(rdata)) ## Todo completado, eliminar la info de la variable de sesion delete_crypto_vars(req)
def SRP_Auth_1(req, data): """ Primer paso del protocolo para el servidor Recibe diccionario con : username: String con el username A: Bigint string -> A = g ^a donde a es un bigint al azar """ try: session = req.session session.lock() if session.has_key("logged"): if session["logged"]: rdata = { "status": "Already logged in." } req.write(JSONEncoder("UTF-8").encode(rdata)) return session.unlock() data = JSONDecoder("UTF-8").decode(data) ## recogemos A A = hex2dec(data["A"]) ## Abortar si A%N == 0 if (A % N == 0): rdata = { "status": "Server step 1 failed." } req.write(JSONEncoder("UTF-8").encode(rdata)) ## Conectar db = MySQLdb.connect(host="localhost", user="******", passwd="1234", db="prueba") ## Preparar transaccion sql = """ SELECT * FROM usuarios WHERE userName = "******" """ % (data['username']) cursor = db.cursor() cursor.execute(sql) resultado = cursor.fetchall() ## Desconectar db.close() user_id = None ## Asegurarse que no hay mas de un resultado if len(resultado) > 1: rdata = { "status": "Server step 1 failed: Duplicated username!." } req.write(JSONEncoder("UTF-8").encode(rdata)) return else: if len(resultado) == 0: rdata = { "status": "No existe el usuario." } req.write(JSONEncoder("UTF-8").encode(rdata)) return else: user_id = resultado[0][0] ## Devuelve el salt (2a columna) y B ## k = H(N, g) ## Si se ha de calcular k, lo podemos hacer aqui dbsalt = resultado[0][3] dbv = resultado[0][2] v = hex2dec(dbv) salt = hex2dec(dbsalt) ## b es un numero al azar de como maximo 32 bytes random.seed() b = random.getrandbits(256) ## B= kv + g^b (mod N) kv = k * v gb = powMod(g, b, N) B = (kv + gb) % N rdata = { "salt": dbsalt.upper(), "B": dec2hex(B).upper(), "status": "OK" } req.write(JSONEncoder("UTF-8").encode(rdata)) ## Create crypto data structure cryptovars = { "A": A, "B": B, "v": v, "b": b, "user": data['username'], "salt": dbsalt.upper(), "user_id": user_id } save_crypto_vars(req, cryptovars) except: rdata = { "status": "Server step 1 failed." } req.write(JSONEncoder("UTF-8").encode(rdata))