def oauth_complete(self, request: Request): if (request.get_data()): app.logger.info(f'data:\n{request.get_data()}') auth_code = str(request.get_data(), encoding='utf-8') else: app.logger.error('No code sent!') return 'AUTH FAIL: No authentication code received.' project_credentials = json.loads(OAuth.fetch_file( self.bucket, 'client_secrets.json'), encoding='utf-8') credentials = client.credentials_from_code( client_id=project_credentials['web']['client_id'], client_secret=project_credentials['web']['client_secret'], scope=self.SCOPES, code=auth_code) email = credentials.id_token['email'] token_details = { 'access_token': credentials.access_token, 'refresh_token': credentials.refresh_token } OAuth.write_file(self.bucket, f'{email}_user_token.json', json.dumps(token_details).encode('utf-8')) return 'Authenticated!'
def validate_queue_task(request: flask.Request) -> dict: """Check that the incoming request is a legitimate queue task. Calls flask.abort(401) if it's not valid. The documentation assures us that this should just be a matter of checking for the presence of one of a number of headers (https://cloud.google.com/tasks/docs/creating-appengine-handlers#reading_app_engine_task_request_headers), but to be extra safe we're going to pass and check a secret. (The concern is that an attacker will make requests to our queue tasks directly.) """ logging.info( f'gapps.validate_queue_task: validating request to {request.base_url}') if not request.headers.get('X-AppEngine-QueueName'): logging.error( 'gapps.validate_queue_task: queue task request missing X-AppEngine-QueueName' ) flask.abort(401) if request.args.get(_TASK_QUEUE_SECRET_PARAM) != config.FLASK_SECRET_KEY: logging.error( 'gapps.validate_queue_task: queue task request missing correct secret' ) flask.abort(401) logging.info( f'gapps.validate_queue_task: request is valid to {request.base_url}') params = flask.json.loads(request.get_data(as_text=True)) return params
def _process_request(request: flask.Request, method: str, encrypt_request: bool, require_verified_email: bool) -> dict[str, typing.Any]: """Handle authentication and encryption.""" if method in ('GET', 'DELETE'): data = dict(request.args) elif method in ('POST', 'PATCH'): if encrypt_request: data = _decrypt_request(request.get_data()) else: data = request.get_json(force=True, silent=True) if not isinstance(data, dict): raise utils.RequestError(3113) session_id = None session_token = None if 'session_id' in data: session_id = data.pop('session_id') if 'session_token' in data: session_token = data.pop('session_token') if bool(session_id) ^ bool(session_token): raise utils.RequestError(1303) if session_id and session_token: session = models.Session.validate_session_key(session_id, session_token) request.session = session user = session.user if require_verified_email and not user.email_verified: raise utils.RequestError(1307) data['user'] = user else: request.session = None return data
def verify(slack_signing_secret: str, request: flask.Request) -> bool: """Return if the request is verified. slack_signing_secret: Signing Secret from Slack. request: flask.Request object from flask. """ # Retrive request body. # And transform bytes to string inorder to be used with format string. request_body = request.get_data().decode("utf-8") # Retrive the X-Slack-Request-Timestamp header on the HTTP request, and the body of the request. timestamp = request.headers['X-Slack-Request-Timestamp'] # Calculate our signature. sig_basestring = f"v0:{timestamp}:{request_body}".encode('utf-8') hashed = hmac.new( slack_signing_secret.encode('utf-8'), sig_basestring, digestmod=hashlib.sha256 ).hexdigest() my_signature = f"v0={hashed}" # Signature from incoming request headers. slack_signature = request.headers['X-Slack-Signature'] return hmac.compare_digest(my_signature, slack_signature)
def contacto(): mensaje = Request.get_data() if not mensaje: abort(400, description="Debe enviar su mensaje en el body del POST. ") print("MENSAJE DE CONTACTO: " + str(mensaje)) return "Gracias por su mensaje"
def handle_batch_request(self, request: flask.Request): requests = DataLoader.split_requests(request.get_data()) with trace( ZIPKIN_API_URL, service_name=self.__class__.__name__, span_name=f"call `{self.handler.__class__.__name__}`", ): responses = self.handler.handle_batch_request(requests, self.func) return DataLoader.merge_responses(responses)
def handle_request(self, request: flask.Request, func): if request.content_type.lower() == "application/json": parsed_json = json.loads(request.get_data(as_text=True)) else: raise BadInput( "Request content-type must be 'application/json' for this " "BentoService API lambda endpoint") result = func(parsed_json) return self.output_adapter.to_response(result, request)
def index(app: Flask, request: FlaskRequest, auth: AuthContext): req = request.get_data(as_text=True) req_json = json.loads(req) if app.debug: pprint(req_json) user = auth.current_user if user and not user.is_authenticated: raise Unauthorized() return run(req, app)
def handle_request(self, request: flask.Request, func): if request.content_type == "text/csv": csv_string = StringIO(request.get_data(as_text=True)) df = pd.read_csv(csv_string) else: # Optimistically assuming Content-Type to be "application/json" try: df = pd.read_json( request.get_data(as_text=True), orient=self.orient, typ=self.typ, ) except ValueError: raise BadInput( "Failed parsing request data, only Content-Type application/json " "and text/csv are supported in BentoML DataframeInput" ) if self.typ == "frame" and self.input_dtypes is not None: check_dataframe_column_contains(self.input_dtypes, df) result = func(df) return self.output_adapter.to_response(result, request)
def handle_batch_request(self, request: flask.Request): from bentoml.marshal.utils import DataLoader requests = DataLoader.split_requests(request.get_data()) with trace( service_name=self.__class__.__name__, span_name=f"call `{self.handler.__class__.__name__}`", ): responses = self.handler.handle_batch_request(requests, self.func) return DataLoader.merge_responses(responses)
def _is_valid_request(request: flask.Request) -> bool: """Verifies the timestamp and signature of an incoming Slack request.""" timestamp = request.headers.get('X-Slack-Request-Timestamp') if not _is_valid_timestamp(timestamp): # This could be a replay attack, so let's ignore it. print('Invalid timestamp', file=stderr) return False signature = request.headers.get('X-Slack-Signature') if not _is_valid_request_body(request.get_data(), timestamp, signature): print('Invalid signature', file=stderr) return False return True
def to_response(self, result, request: flask.Request) -> flask.Response: """Converts corresponding data into an HTTP response :param result: result of user API function :param request: request object """ simple_req = SimpleRequest(headers=request.headers, data=request.get_data()) simple_resp = self.to_batch_response((result, ), requests=(simple_req, ))[0] return flask.Response( response=simple_resp.data, status=simple_resp.status, headers=simple_resp.headers, )
def handle(req: Request): """handle a request to the function. Your response is immediately passed to the caller, unmodified. This allows you full control of the response, e.g. you can set the status code by returning a tuple (str, int). A detailed description of how responses are handled is found here: http://flask.pocoo.org/docs/1.0/quickstart/#about-responses Args: req (Request): Flask request object """ return json.dumps({"echo": req.get_data().decode('utf-8')})
def oauth_complete(self, request: Request): if(request.get_data()): app.logger.info(f'data:\n{request.get_data()}') auth_code = str(request.get_data(), encoding='utf-8') else: app.logger.error('No code sent!') return 'AUTH FAIL: No authentication code received.' project_credentials = Credentials(project=self.project, email=None).project_credentials credentials = client.credentials_from_code( client_id=project_credentials.client_id, client_secret=project_credentials.client_secret, scope=self.SCOPES, code=auth_code ) email = credentials.id_token['email'] cm = Credentials(project=self.project, email=email) cm.store_credentials(creds=credentials) return 'Authenticated!'
def _is_valid_github_request(self, request: flask.Request) -> bool: header_signature = request.headers['X-Hub-Signature'] sig_type, signature = header_signature.split('=', 1) if sig_type != 'sha1': logger.error('Got a unknown signature type from GitHub', signature_type=signature) return False assert self.secret mac = hmac.new( key=self.secret.encode(), msg=request.get_data(), digestmod=sig_type, ) if hmac.compare_digest(mac.hexdigest(), signature): return True logger.info('Got wrong signature', received_signature=signature) return False
def commit(self, session_request: FlaskRequest, session_response: FlaskResponse): method = session_request.method session_request_data = { "date": self.create_time, "method": method, "url": session_request.path, "headers": dict(session_request.headers), "query": session_request.args, } session_response_data = { "date": datetime.utcnow().isoformat()+'Z', "status": session_response.status_code, "headers": dict(session_response.headers), } if method == "GET": if len(session_response.data) > self.LOG_LIMIT: data = "<content too large for logging>" # Webship images are unnecessary and large elif session_request.path.startswith("/webshop/image/"): data = "<skipping image content>" else: data = byte_decode(session_response.data) session_response_data["data"] = data if method != "GET": if (session_request.content_length or 0) > self.LOG_LIMIT: data = "<content too large for logging>" else: data = session_request.get_data(as_text=True) session_request_data["data"] = data traffic_data = { "ip": session_request.remote_addr, "host": session_request.host, "request": session_request_data, "service_traffic": self.service_traffic, "response": session_response_data } with open(f"/work/logs/{self.create_time}_{session_request.remote_addr}_{method}.json", "w") as file: json.dump(traffic_data, file, ensure_ascii=False)
def process_proxy(request: Request) -> Response: url = request.url.replace(request.host_url, HABRA_HOST) headers = { k: v for k, v in request.headers if k.lower() not in REQUEST_HEADERS_EXCLUDE } habra_resp = requests.request(method=request.method, url=url, headers=headers, data=request.get_data(), cookies=request.cookies) headers = [(key, habra_resp.raw.headers[key]) for key in habra_resp.raw.headers if key.lower() not in RESPONSE_HEADERS_EXCLUDE] # modify content only for text/html response if habra_resp.raw.headers.get('Content-Type', '').startswith('text/html'): processed_content = _modify_habra_content(habra_resp.text, request.host_url) return Response(processed_content, habra_resp.status_code, headers) else: return Response(habra_resp.content, habra_resp.status_code, headers)
def is_valid_request(req: Request): verifier = SignatureVerifier(os.environ['SLACK_API_SIGNING_SECRET']) return verifier.is_valid_request(req.get_data(), req.headers)
def to_bolt_request(req: Request) -> BoltRequest: return BoltRequest( # type: ignore body=req.get_data(as_text=True), query=req.query_string.decode("utf-8"), headers=req.headers, # type: ignore ) # type: ignore