def store():
has_header = request.environ.get('AUTHORIZATION', '').startswith('Sentry')
if not (app.config['PUBLIC_WRITES'] or has_header):
abort(401,'Unauthorized')
data = request.data
if has_header:
auth_vars = parse_auth_header(request.META['AUTHORIZATION'])
signature = auth_vars.get('signature')
timestamp = auth_vars.get('timestamp')
nonce = auth_vars.get('nonce')
# TODO: check nonce
# Signed data packet
if signature and timestamp:
try:
timestamp = float(timestamp)
except ValueError:
abort(400, 'Invalid Timestamp')
if timestamp < time.time() - 3600: # 1 hour
abort(410, 'Message has expired')
if signature != get_mac_signature(app.config['KEY'], data, timestamp, nonce):
abort(403, 'Invalid signature')
else:
abort(401,'Unauthorized')
logger = logging.getLogger('sentry.web.api.store')
try:
data = base64.b64decode(data).decode('zlib')
except Exception, e:
# This error should be caught as it suggests that there's a
# bug somewhere in the client's code.
logger.exception('Bad data received')
abort(400, 'Bad data decoding request (%s, %s)' % (e.__class__.__name__, e))
def store():
if not request.environ.get("AUTHORIZATION", "").startswith("Sentry"):
abort(401, "Unauthorized")
auth_vars = parse_auth_header(request.META["AUTHORIZATION"])
signature = auth_vars.get("signature")
timestamp = auth_vars.get("timestamp")
nonce = auth_vars.get("nonce")
data = request.data
# TODO: check nonce
# Signed data packet
if signature and timestamp:
try:
timestamp = float(timestamp)
except ValueError:
abort(400, "Invalid Timestamp")
if timestamp < time.time() - 3600: # 1 hour
abort(410, "Message has expired")
if signature != get_mac_signature(app.config["KEY"], data, timestamp, nonce):
abort(403, "Invalid signature")
else:
abort(401, "Unauthorized")
logger = logging.getLogger("sentry.server")
try:
data = base64.b64decode(data).decode("zlib")
except Exception, e:
# This error should be caught as it suggests that there's a
# bug somewhere in the client's code.
logger.exception("Bad data received")
abort(400, "Bad data decoding request (%s, %s)" % (e.__class__.__name__, e))
def store():
"""
Accepts a gzipped JSON POST body.
If ``PUBLIC_WRITES`` is truthy, the Authorization header is ignored.
Format resembles the following:
>>> {
>>> "event_type": "Exception",
>>> "tags": [ ["level", "error"], ["server", "sentry.local"] ],
>>> "date": "2010-06-18T22:31:45",
>>> "time_spent": 0.0,
>>> "event_id": "452dfa92380f438f98159bb75b9469e5",
>>> "data": {
>>> "culprit": "path.to.function",
>>> "version": ["module", "version string"],
>>> "modules": {
>>> "module": "version string"
>>> },
>>> "extra": {
>>> "key": "value",
>>> },
>>> "sentry.interfaces.Http": {
>>> "url": "http://example.com/foo/bar",
>>> "method": "POST",
>>> "querystring": "baz=bar&foo=baz",
>>> "data": {
>>> "key": "value"
>>> }
>>> },
>>> "sentry.interfaces.Exception": {
>>> "type": "ValueError",
>>> "value": "An example exception",
>>> "frames": [
>>> {
>>> "filename": "/path/to/filename.py",
>>> "module": "path.to.module",
>>> "function": "function_name",
>>> "vars": {
>>> "key": "value"
>>> }
>>> }
>>> ]
>>> }
>>> }
>>> }
"""
has_header = request.environ.get('AUTHORIZATION', '').startswith('Sentry')
if not (app.config['PUBLIC_WRITES'] or has_header):
abort(401,'Unauthorized')
data = request.data
if has_header:
auth_vars = parse_auth_header(request.META['AUTHORIZATION'])
signature = auth_vars.get('signature')
timestamp = auth_vars.get('timestamp')
nonce = auth_vars.get('nonce')
# TODO: check nonce
# Signed data packet
if signature and timestamp:
try:
timestamp = float(timestamp)
except ValueError:
abort(400, 'Invalid Timestamp')
if timestamp < time.time() - 3600: # 1 hour
abort(410, 'Message has expired')
if signature != get_mac_signature(app.config['KEY'], data, timestamp, nonce):
abort(403, 'Invalid signature')
else:
abort(401,'Unauthorized')
logger = logging.getLogger('sentry.web.api.store')
try:
data = base64.b64decode(data).decode('zlib')
except Exception, e:
# This error should be caught as it suggests that there's a
# bug somewhere in the client's code.
logger.exception('Bad data received')
abort(400, 'Bad data decoding request (%s, %s)' % (e.__class__.__name__, e))
def store():
"""
Accepts a gzipped JSON POST body.
If ``PUBLIC_WRITES`` is truthy, the Authorization header is ignored.
Format resembles the following:
>>> {
>>> "event_type": "Exception",
>>> "tags": [ ["level", "error"], ["server", "sentry.local"] ],
>>> "date": "2010-06-18T22:31:45",
>>> "time_spent": 0.0,
>>> "event_id": "452dfa92380f438f98159bb75b9469e5",
>>> "data": {
>>> "culprit": "path.to.function",
>>> "version": ["module", "version string"],
>>> "modules": {
>>> "module": "version string"
>>> },
>>> "extra": {
>>> "key": "value",
>>> },
>>> "sentry.interfaces.Http": {
>>> "url": "http://example.com/foo/bar",
>>> "method": "POST",
>>> "querystring": "baz=bar&foo=baz",
>>> "data": {
>>> "key": "value"
>>> }
>>> },
>>> "sentry.interfaces.Exception": {
>>> "type": "ValueError",
>>> "value": "An example exception"
>>> },
>>> "sentry.interfaces.Stacktrace": {
>>> "frames": [
>>> {
>>> "filename": "/path/to/filename.py",
>>> "module": "path.to.module",
>>> "function": "function_name",
>>> "vars": {
>>> "key": "value"
>>> }
>>> }
>>> ]
>>> }
>>> }
>>> }
"""
has_header = request.environ.get('AUTHORIZATION', '').startswith('Sentry')
if not (app.config['PUBLIC_WRITES'] or has_header):
abort(401, 'Unauthorized')
data = request.data
if has_header:
auth_vars = parse_auth_header(request.META['AUTHORIZATION'])
signature = auth_vars.get('signature')
timestamp = auth_vars.get('timestamp')
nonce = auth_vars.get('nonce')
# TODO: check nonce
# Signed data packet
if signature and timestamp:
try:
timestamp = float(timestamp)
except ValueError:
abort(400, 'Invalid Timestamp')
if timestamp < time.time() - 3600: # 1 hour
abort(410, 'Message has expired')
if signature != get_mac_signature(app.config['KEY'], data,
timestamp, nonce):
abort(403, 'Invalid signature')
else:
abort(401, 'Unauthorized')
logger = logging.getLogger('sentry.web.api.store')
try:
data = base64.b64decode(data).decode('zlib')
except Exception, e:
# This error should be caught as it suggests that there's a
# bug somewhere in the client's code.
logger.exception('Bad data received')
abort(400,
'Bad data decoding request (%s, %s)' % (e.__class__.__name__, e))
