def himawari8(target): last_updatetime = bottle.request.query.get("updatetime") baseUrl = bottle.request.url[0:bottle.request.url.find("/hi8")] key = "himawari8.{}".format(target) result = None getcaps = None if uwsgi.cache_exists("himawari8"): if uwsgi.cache_exists(key): result = json.loads(uwsgi.cache_get(key)) else: getcaps = uwsgi.cache_get("himawari8") else: res = requests.get("{}{}".format(baseUrl, FIREWATCH_GETCAPS), verify=FIREWATCH_HTTPS_VERIFY) res.raise_for_status() getcaps = res.content getcaps = getcaps.decode("utf-8") uwsgi.cache_set("himawari8", getcaps, 60 * 10) # cache for 10 mins if not result: layernames = re.findall("\w+HI8\w+{}\.\w+".format(target), getcaps) layers = [] for layer in layernames: layers.append([ settings.PERTH_TIMEZONE.localize( datetime.datetime.strptime( re.findall("\w+_(\d+)_\w+", layer)[0], "%Y%m%d%H%M")), layer ]) layers = sorted(layers, key=lambda layer: layer[0]) for layer in layers: layer[0] = (layer[0]).strftime("%a %b %d %Y %H:%M:%S AWST") result = { "servers": [baseUrl + FIREWATCH_SERVICE], "layers": layers, "updatetime": layers[len(layers) - 1][0] } uwsgi.cache_set(key, json.dumps(result), 60 * 10) # cache for 10 mins if len(result["layers"]) == 0: return bottle.HTTPResponse(status=404) elif last_updatetime and last_updatetime == result["updatetime"]: bottle.response.status = 290 return "{}" else: return result
def res_image(): jmark = False if bottle.request.query.jmark in ("on", True, 1): jmark = True o_image = mangasheet.gen_comicbase(int(bottle.request.query.dpi), int(bottle.request.query.margin), bottle.request.query.comment, jmark) image_writer = io.BytesIO() o_image.save(image_writer, format="png") res = bottle.HTTPResponse(status=200, body=image_writer.getvalue()) res.set_header("Content-Type", "image/png") return res
def restore_session(self): try: session_id = dict(bottle.request.query.decode()).get('session_id') session = self.__sessions_client.get_session_by_id( None, session_id) # If session closed then return null if session and not session.active: session = None if session: return JsonConverter.to_json(session) else: return bottle.HTTPResponse(status=204) except Exception as err: return self._send_error(err)
def get_certificate(): username = post_get('username') if not username: raise bottle.HTTPError(500, "Username missing") password = post_get('password', default=None) days = int(post_get('days', default=None)) cert_gen = CertificateGenerator() log_certificate_create(username, days) cert_gen.generate(password, username, days) openvpn_config = cert_gen.get_openvpn_config() headers = { 'Content-Type': 'text/plain;charset=UTF-8', 'Content-Disposition': 'attachment; filename="softfire-vpn_%s.ovpn"' % username, "Content-Length": len(openvpn_config) } return bottle.HTTPResponse(openvpn_config, 200, **headers)
def rtt(): mon_table = RTTMANAGER.get_table() logger.debug("MonitorTable: %s" % (mon_table)) body = {"text": "", "color": "red"} tmp = [] for entry in mon_table: body["text"] += "%s: <b>%s</b> ms<br>" % (entry['name'], entry['rtt']) if entry['rtt'] != 0: tmp.append(1) if len(tmp) == len(mon_table): body["color"] = "green" elif len(tmp) > 0: body["color"] = "yellow" return bottle.HTTPResponse(body=body, status=200)
def data(db): data = request.body.read() data2 = str(data) data_hash = hashlib.sha256(data2.encode()) row = db.execute("SELECT Hash FROM Hashes WHERE Hash='" + data_hash.hexdigest() + "'") row = row.fetchall() if (row): return bottle.HTTPResponse(status=403) db.execute("INSERT INTO Hashes (Hash) VALUES (\"" + data_hash.hexdigest() + "\")") data = str(data.decode('utf-8')) data = data.split(',') arr = [] for i in data: arr.append(i[1:-1])
def logs(self): ''' All server logs. Useful for debugging only. Would not let this page see the light of day in production w/o an authentication-authorization protocols in place. :return: ''' self.l.debug('Request for "logs".') if self.debug: return bottle.template('logs', log_buffer=self.l.pbh.buffer) else: return bottle.HTTPResponse( status=403, body= 'Please use the "--debug" flag when starting this webapp to enable world-visible logs:(' )
def poll(id): # ensure that https is used url = bottle.request.url if ("http" in url and "https" not in url) or "herokuapp.com" in url: return bottle.HTTPResponse(status=301, headers={"Location": url.replace("http", "https") if "herokuapp.com" not in url else "https://www.pollsquickly.com"}) # get all data from redis and render template data = con.hgetall(id) # check that poll is valid if len(data.keys()) == 0: raise bottle.HTTPError(status=404, body=f"Not found '{'/'+'/'.join(str(bottle.request.url).split('/')[-2:])}'") # get voted cookie information voted = bottle.request.get_cookie(f"{id}_voted", default=False) return bottle.template("poll.html", data=data, id=id, voted=voted)
def handle_response(self, response): """Handle both responses and redirects""" # Always close the connection after the request bottle.response.set_header('Connection', 'close') if type(response) is bottle.HTTPResponse: # Direct HTTP response like a static file already served # (shouldn't happen) return response elif isinstance(response, StringIO.StringIO): # Direct StringIO response like a static file already served return response elif type(response) is dict: # Direct dictionary response return response elif type(response) is list: # Direct list response return json.dumps(response) elif response.startswith('REDIRECT:'): # Redirect to another page bottle.redirect(response[9:]) return elif response.startswith('STATIC:'): # Static file served without the download option name, path = response[7:].split(':', 1) return bottle.static_file(name, root=path) elif response.startswith('DOWNLOAD:'): # Static file served with the download option name, path = response[9:].split(':', 1) return bottle.static_file(name, root=path, download=name) elif response.startswith('ABORT:'): # Error page code, message = response[6:].split(':', 1) bottle.abort(int(code), message) elif response.startswith('ERROR:'): # Error page without format code, message = response[6:].split(':', 1) return bottle.HTTPResponse(message, int(code)) elif response.startswith('CSV:'): bottle.response.set_header('Content-Type', 'text/csv') return response[4:] elif response.startswith('TEXT:'): bottle.response.set_header('Content-Type', 'text/plain') return response[5:] else: return response
def options(**kwargs): """ Defined from w3.org: "The OPTIONS method represents a request for information about the communication options available on the request/response chain identified by the Request-URI. This method allows the client to determine the options and/or requirements associated with a resource, or the capabilities of a server, without implying a resource action or initiating a resource retrieval." The clusto-apiserver team plans to roll this out to individual resources once it has been used a proper amount, but for now we will return OPTIONS with the minimum amount of required headers (and an empty content) no matter what resource is requested. .. code:: bash $ ${head} -X OPTIONS ${server_url}/ HTTP/1.0 204 No Content ... Content-Length: 0 $ ${head} -X OPTIONS ${server_url}/return/headers/no/matter/where HTTP/1.0 204 No Content ... Content-Length: 0 The same applies to any mounted application: .. code:: bash $ ${head} -X OPTIONS ${server_url}/entity/ HTTP/1.0 204 No Content ... Content-Length: 0 $ ${head} -X OPTIONS ${server_url}/attribute/who/knows/where HTTP/1.0 204 No Content ... Content-Length: 0 """ return bottle.HTTPResponse('', status=204)
def start(): """ Called every time a new Battlesnake game starts and your snake is in it. Your response will control how your snake is displayed on the board. """ data = bottle.request.json print("START:", json.dumps(data)) response = { "color": "#00FF00", "headType": "regular", "tailType": "regular" } return bottle.HTTPResponse( status=200, headers={"Content-Type": "application/json"}, body=json.dumps(response), )
def fetch_http_endpoint(): """Thrift RPC endpoint for Concrete FetchCommunicationService """ itrans = TTransport.TFileObjectTransport(bottle.request.body) itrans = TTransport.TBufferedTransport( itrans, int(bottle.request.headers['Content-Length'])) otrans = TTransport.TMemoryBuffer() iprot = QuicklimeServer.TSERVER.inputProtocolFactory.getProtocol(itrans) oprot = QuicklimeServer.TSERVER.outputProtocolFactory.getProtocol(otrans) QuicklimeServer.TSERVER.processor.process(iprot, oprot) bytestring = otrans.getvalue() headers = dict() headers['Content-Length'] = len(bytestring) headers['Content-Type'] = "application/x-thrift" return bottle.HTTPResponse(bytestring, **headers)
def thrift_endpoint(tserver): """Thrift RPC endpoint """ itrans = TTransport.TFileObjectTransport(bottle.request.body) itrans = TTransport.TBufferedTransport( itrans, int(bottle.request.headers['Content-Length'])) otrans = TTransport.TMemoryBuffer() iprot = tserver.inputProtocolFactory.getProtocol(itrans) oprot = tserver.outputProtocolFactory.getProtocol(otrans) tserver.processor.process(iprot, oprot) bytestring = otrans.getvalue() headers = dict() headers['Content-Length'] = len(bytestring) headers['Content-Type'] = "application/x-thrift" return bottle.HTTPResponse(bytestring, **headers)
def internal_redirect(app, path_depth): """A version of bottle's mountpoint_wrapper() that we call explicitly. Bottle supports a mount() method that allows on to install an application on a subpath of the main application. However, it does this on a fixed path. We want to manually intercept the lazy creation or fetching of a view and call for a redirect explicitly (via bottle's mountpoint_wrapper() function). However, this function is hidden within the scope of a the Bottle.mount() method; if it were defined globally we would just use it, but it is not. So we copy if here. This is directly lifted from Bottle.mount() and edited minimally. Args: app: A Bottle instance. path_depth: The number of request path components to skip for the mount. For example, if our subapplication is mount on /view/all, then the path depth is 2. Returns: A Bottle HTTPResponse objet. Raises: Exception: Any exception, depending on the callback. """ # pylint: disable=invalid-name try: request.path_shift(path_depth) rs = bottle.HTTPResponse([]) def start_response(status, headerlist, exc_info=None): if exc_info: try: _raise(*exc_info) finally: exc_info = None rs.status = status for name, value in headerlist: rs.add_header(name, value) return rs.body.append body = app(request.environ, start_response) if body and rs.body: body = itertools.chain(rs.body, body) rs.body = body or rs.body return rs finally: request.path_shift(-path_depth)
def submit(): if 'application/json' not in bottle.request.headers['content-type']: bottle.abort(500, "Application Type must be json!") logger.info("post-submit: %s" % (bottle.request.json)) owners = localize_file(bottle.request.json.get('file')) logger.debug("Owners: %s" % (owners, )) # path is a list of tuple, in which each element is a # source/destination value path = path_min_rtt(owners, bottle.request.json.get('host')) logger.debug("Path with minimum RTT: %s" % (path)) body = [] for p in path: # call the agent to make the copy url = "http://%s/scp" % p[0] payload = { "data": [bottle.request.json.get('file')], "username": bottle.request.json.get('username'), "password": bottle.request.json.get('password'), "host": p[1], "destination": bottle.request.json.get('destination') } logger.debug("post %s: %s" % ( url, payload, )) r_ = requests.post(url=url, headers={'content-type': 'application/json'}, data=json.dumps(payload)) if r_.status_code != requests.codes.ok: logger.error(r_.text) bottle.abort(500, r_.text) else: logger.debug("Response %s body: %s" % (x, r_.json())) test = { "source": p[0], "destination": p[1], "value": r_.json().get('scp') } body.append(test) return bottle.HTTPResponse(body=pretty_dumps(body), status=201)
def create_sighting(db): form_params = dict( lat=float(request.forms.get('lat')), lng=float(request.forms.get('lng')), name=request.forms.get('name'), country=request.forms.get('country'), stateprov=request.forms.get('stateprov'), city=request.forms.get('city'), timestamp=float(request.forms.get('timestamp')), photo=request.forms.get('photo') ) sighting = Sighting(**form_params) db.add(sighting) db.commit() return bottle.HTTPResponse( status=201, Location='/sightings/' + str(sighting.id) )
def page_analysis(self): """ Run page analysis for the POSTed concrete state. :return: The page analysis output for the provided concrete state (element classifications). """ results = {} concrete_state = json.load(request.body) analysis = self._service.get_page_analysis(concrete_state) LOGGER.info('Analysis completed...') results["analysis"] = analysis LOGGER.debug('Results built...') return bottle.HTTPResponse(body=results, status=200)
def submit_many(): flags = bottle.request.json.get('flags') exploit = bottle.request.json.get('exploit') timestamp = bottle.request.forms.get('timestamp') target = bottle.request.json.get('target') valid_flags = [] for f in flags: if re.match(Config.Flag.regex, f): valid_flags.append(f) else: print('Regex fail') # TO DO return bottle.HTTPResponse({'error': 'Flag was not correct'}, 400) if len(valid_flags) > 0: MongoConnection().db.flags.insert_many( [{'flag': flag, 'exploit': exploit, 'target': target, 'timestamp': timestamp, 'status': Config.Flag.Status.Manual.unsubmitted.value['text']} for flag in valid_flags])
def test(**kwargs): query_dict = request.query.__dict__ param_dict = query_dict['dict'] data = param_dict['id'][0] wait = int(param_dict['wait'][0]) tag = param_dict['tag'][0] print "got request for {}-{} at {}".format( tag, data, datetime.now().strftime("%Y-%m-%d %H:%M:%S.%f")) print "waiting for {}-{} for {} msec".format(tag, data, wait) sec = wait / 1000 time.sleep(sec) print "send response for {}-{} at {}".format( tag, data, datetime.now().strftime("%Y-%m-%d %H:%M:%S.%f")) result = bottle.HTTPResponse(status=200, body={"message": data}) return result
def wrapper(*args, **kwargs): try: out = callback(*args, **kwargs) if isinstance(out, dict): if 'result' in out or 'error' in out: return out return dict(result = out) elif isinstance(out, list): return dict(result = out) else: return out except bottle.HTTPResponse as e: if isinstance(e.body, dict): message = e.body else: message = dict(message = e.body, code = e.status_code) headers = [(k,v) for k,v in e.headers.items()] headers.append(('Content-Type', 'application/json')) raise bottle.HTTPResponse(json.dumps(dict(error = message)), e.status_code, headers = headers)
def get_flows(): """ Broadcast the POST request to the 'get_flows' endpoint of the workers Aggregate the responses Returns: requests.models.Response: An HTTP Response with the aggregated status codes and bodies of the broadcasted requests """ data = bottle.request.json t_start = time.time() reqs = m_util.broadcast_cmd(WORKER_IP_LIST, WORKER_PORT_LIST, 'get_flows', data) stat, bod = m_util.aggregate_broadcast_response(reqs) get_flow_latency = time.time() - t_start logging.info( '[get_flows] Flow latency interval on master: {0} [sec]'.format( get_flow_latency)) return bottle.HTTPResponse(status=stat, body=bod)
def test(): # retrieve the file and signature parameters from the query. try: filepath = bottle.request.query['file'] signature = bottle.request.query['signature'] except KeyError: bottle.abort(400) # Bad Request # read the requested file. try: fh = open(filepath, "r") except IOError: bottle.abort(404) # Not Found content = fh.read() fh.close() # verify the given signature. known_signature = hmac.new(config.key, content, hashlib.sha1).hexdigest() match = insecure_compare(known_signature.upper(), signature.upper()) # OK if the signature is good, Internal Server Error otherwise. status = 200 if match else 500 return bottle.HTTPResponse(status=status, body=known_signature)
def get_validation_error_response( self, error: ProcessValidationError, http_code: HTTPStatus = HTTPStatus.BAD_REQUEST, ) -> typing.Any: # TODO BS 20171010: Manage error schemas, see #4 from hapic.hapic import _default_global_error_schema unmarshall = _default_global_error_schema.dump(error) if unmarshall.errors: raise OutputValidationException( 'Validation error during dump of error response: {}'.format( str(unmarshall.errors))) return bottle.HTTPResponse( body=json.dumps(unmarshall.data), headers=[ ('Content-Type', 'application/json'), ], status=int(http_code), )
def catch_all(name): """Catch all requests, return a JSON response with the same url.""" name = name if name.startswith('/') else '/{}'.format(name) request = bottle.request method = request.method headers = request.headers headers_data = dict([(key, headers[key]) for key in headers]) query_data = dict([(key, request.query[key]) for key in request.query]) form_data = dict([(key, request.forms[key]) for key in request.forms]) body = { 'route': name, 'verb': method, 'headers': headers_data, 'form_data': form_data, 'query_data': query_data, } return bottle.HTTPResponse(status=200, content_type='application/json', body=json.dumps(body))
def portfolio(company = ""): """ Retrieves all stocks under one company @params: Company from route. @return: JSON payload with a list of stocks. @h_resp: 200 OK, 404 Not Found """ status = 200 try: res = { "Company": company } data = api.read_document(res) except Exception as e: print_error(e) return bottle.HTTPResponse(status = status, body = get_json(res))
def register(): if request.json is None: return bottle.HTTPResponse(status=400, body="Invalid request"); data = request.json if "email" not in data: return bottle.HTTPResponse(status=400, body="Credentials not provided"); if "pin" not in data: return bottle.HTTPResponse(status=400, body="4-digit code not provided"); if ' ' in data["email"]: return bottle.HTTPResponse(status=400, body="Spaces are not allowed"); try: int(data["pin"]) except ValueError: return bottle.HTTPResponse(status=400, body="4-digit code must be numeric"); doc = cloudantDb.document(urllib.quote(data["email"])) response = doc.get().result(10) if response.status_code == 200: print("User already registered: %s" % data["email"]) return bottle.HTTPResponse(status=409, body="User already registered"); else: print("Creating new registration for %s" % data["email"]) # Create doc options = {"org": organization, "id": str(uuid.uuid4()), "auth-method": authMethod, "auth-key": authKey, "auth-token": authToken} registrationClient = ibmiotf.application.Client(options) device = registrationClient.api.registerDevice("zone-sample", uuid.uuid4().hex, {"registeredTo": data["email"]} ) response = doc.put(params={ 'id': data["email"], 'pin': data["pin"], 'device': { 'type': device['type'], 'id': device['id'], 'authtoken': device['password'], 'clientid': device['uuid'], 'orgid': organization } }).result(10) if response.status_code == 201: return HTTPResponse(status=201) # Shouldn't get here, if we do an error has occurred return bottle.HTTPResponse(status=500, body="Apologies - an internal error occurred :(");
def recommend(): if not clusterizer.processed: return bottle.HTTPResponse(status=403) try: data = bottle.request.json except Exception as e: logging.error(e) return if data is None: logging.error('User data is empty') return bottle.response.set_header('Content-Type', 'application/json') return json.dumps({'users': [ user for tag in data['tags'] for user in clusterizer.recommend(tag['n']) ]})
def handler(event, context): f = event["extensions"]["request"].files.file.file imagedata = BytesIO(f.read()) thumbdata = BytesIO() fmt = None with Image.open(imagedata) as image: fmt = image.format.lower().replace("e", "") if not fmt in ("bmp", "jpg", "png"): return bottle.HTTPResponse( status=400, body=json.dumps({"error": "invalid image format: " + fmt})) thumb = image.copy() thumb.thumbnail((300, 60), Image.LANCZOS) thumb.save(thumbdata, format=image.format) imagepath = hashlib.sha1(imagedata.getvalue()).hexdigest().upper() thumbpath = hashlib.sha1(thumbdata.getvalue()).hexdigest().upper() imagepath = imagepath[0:2] + "/" + imagepath[2:4] + "/" + imagepath[4:] thumbpath = thumbpath[0:2] + "/" + thumbpath[2:4] + "/" + thumbpath[4:] s3 = boto3.session.Session().resource( "s3", region_name="sfo2", endpoint_url="https://sfo2.digitaloceanspaces.com", aws_access_key_id=access_key, aws_secret_access_key=access_secret, ) s3.Object("diff-pics", "images/" + imagepath).put(Body=imagedata.getvalue(), ACL="public-read", ContentType="image/" + fmt) s3.Object("diff-pics", "thumbs/" + thumbpath).put(Body=thumbdata.getvalue(), ACL="public-read", ContentType="image/" + fmt) db.session.add(db.Image(path=imagepath, thumb=thumbpath, format=fmt)) db.session.commit() return json.dumps({"image": imagepath, "thumb": thumbpath})
def locations(): body = { 'zoom': 3, 'centre': { 'longitude': "42.2807425", 'latitude': "43.289135" }, 'locations': [{ 'name': "Nextworks Srl", 'longitude': "10.35997", 'latitude': "43.68397" }, { 'name': 'i2CAT Fundation', 'longitude': "2.11112", 'latitude': "41.38727" }, { 'name': "Poznan Supercomputing and Networking Center", 'longitude': "16.89988", 'latitude': "52.41387" }, { 'name': "National Institute of Advanced Industrial " + "Science and Technology", 'longitude': "139.75200", 'latitude': "35.67143" }], 'coordinates': [{ 'lat': 41.38727, 'lng': 2.11112 }, { 'lat': 52.41387, 'lng': 16.89988 }, { 'lat': 35.67143, 'lng': 139.75200 }, { 'lat': 41.38727, 'lng': 2.11112 }] } return bottle.HTTPResponse(body=pretty_dumps(body), status=200)
def predict(self): """ Generates an abstract test flow given a precondition (e.g. Observe TextBox FirstName). :return: A generated abstract test flow. """ results = {} query = request.json generated = self._service.predict(query, 1) generated = self.remove_consecutive_dupes(generated) LOGGER.info('Generation completed...') results["sequences"] = generated LOGGER.info('Results built...') return bottle.HTTPResponse(body=results, status=200)