async def get(self, request, *args, **kwargs): '''Get cosmoz stations.''' property_filter = request.args.getlist('property_filter', None) if property_filter: property_filter = str(next(iter(property_filter))).split(',') property_filter = [p for p in property_filter if len(p)] count = request.args.getlist('count', None) if count: count = min(int(next(iter(count))), MAX_RETURN_COUNT) else: count = 1000 offset = request.args.getlist('offset', None) if offset: offset = min(int(next(iter(offset))), MAX_RETURN_COUNT) else: offset = 0 obs_params = { "property_filter": property_filter, "count": count, "offset": offset, } res = await get_stations_mongo(obs_params, json_safe='orjson') if use_body_bytes: resp = HTTPResponse(None, status=200, content_type='application/json', body_bytes=fast_dumps(res, option=orjson_option)) else: resp = HTTPResponse(fast_dumps(res, option=orjson_option), status=200, content_type='application/json') return resp
def encode(self, response: HTTPResponse, secure: bool = False, same_site: str = 'lax'): """ Transforms session into jwt and then is stored in a cookie. :param response: Response used to store cookie. :param secure: If true, connections must be SSL encrypted (aka https). :param same_site: Allows you to declare if your cookie should be restricted to a first-party or same-site context. """ payload = { 'uid': str(self.uid), 'parent_uid': str(self.parent_uid), 'ip': self.ip } encoded = jwt.encode(payload, config_parser['ROSE']['secret'], algorithm='HS256').decode('utf-8') cookie_name = self.cookie_name() response.cookies[cookie_name] = encoded response.cookies[cookie_name]['expires'] = self.expiration_date response.cookies[cookie_name]['secure'] = secure response.cookies[cookie_name]['samesite'] = same_site
async def post(self): urls = [] one_url = self.request.json.get('page') if one_url: if not url_regex.match(one_url): return HTTPResponse(body='Invalid url', status=501) urls.append(one_url) many_url = self.request.json.get('pages') if many_url: if isinstance(many_url, str): many_url = many_url.split('\n') elif isinstance(many_url, list): pass else: return HTTPResponse(body='Pages type is unsupported', status=501) for url in many_url: if url_regex.match(url): urls.append(url) async with self.app.pg_pool.acquire() as conn: for url in urls: res = await conn.fetchrow( 'SELECT * FROM estate_queue WHERE page = $1', url) if not res: await conn.execute( 'INSERT INTO estate_queue (page) VALUES ($1)', url) return HTTPResponse(status=201)
async def dispatch_request(self, request: Request): # type: ignore request_method = request.method.lower() if not self.graphiql and request_method == "get": abort(404) show_graphiql = request_method == "get" and self.should_display_graphiql( request) if show_graphiql: template = render_graphiql_page() return self.render_template(template=template) data = request.json try: query = data["query"] except KeyError: return HTTPResponse("No valid query was provided for the request", 400) variables = data.get("variables") operation_name = data.get("operationName") context = self.get_context(request) result = await self.schema.execute( query, variable_values=variables, context_value=context, operation_name=operation_name, root_value=self.get_root_value(), ) response_data = self.process_result(result) return HTTPResponse(json.dumps(response_data), status=200, content_type="application/json")
async def _handler(request, file_uri=None): # Using this to determine if the URL is trying to break out of the path # served. os.path.realpath seems to be very slow if file_uri and '../' in file_uri: raise InvalidUsage("Invalid URL") # Merge served directory and requested file if provided # Strip all / that in the beginning of the URL to help prevent python # from herping a derp and treating the uri as an absolute path root_path = file_path = file_or_directory if file_uri: file_path = path.join(file_or_directory, sub('^[/]*', '', file_uri)) # URL decode the path sent by the browser otherwise we won't be able to # match filenames which got encoded (filenames with spaces etc) file_path = path.abspath(unquote(file_path)) if not file_path.startswith(root_path): raise FileNotFound('File not found', path=file_or_directory, relative_url=file_uri) try: headers = {} # Check if the client has been sent this file before # and it has not been modified since stats = None if use_modified_since: stats = await stat(file_path) modified_since = strftime('%a, %d %b %Y %H:%M:%S GMT', gmtime(stats.st_mtime)) if request.headers.get('If-Modified-Since') == modified_since: return HTTPResponse(status=304) headers['Last-Modified'] = modified_since _range = None if use_content_range: _range = None if not stats: stats = await stat(file_path) headers['Accept-Ranges'] = 'bytes' headers['Content-Length'] = str(stats.st_size) if request.method != 'HEAD': try: _range = ContentRangeHandler(request, stats) except HeaderNotFound: pass else: del headers['Content-Length'] for key, value in _range.headers.items(): headers[key] = value if request.method == 'HEAD': return HTTPResponse(headers=headers, content_type=guess_type(file_path)[0] or 'text/plain') else: return await file(file_path, headers=headers, _range=_range) except ContentRangeError: raise except Exception: raise FileNotFound('File not found', path=file_or_directory, relative_url=file_uri)
async def checkaccesskey(request, api_key): if request.method == "OPTIONS": return HTTPResponse(None, 200, None) if api_key is None: raise Unauthorized("Please include API Key in query") valid, message = await check_apikey_valid(api_key) if not valid: if request.method == "HEAD": return HTTPResponse(None, 401, None) else: if message: raise Unauthorized( "API Key validation error: {}".format(message)) raise Unauthorized("API Key is not valid") works, message = await test_apikey(api_key) if not works: if request.method == "HEAD": return HTTPResponse(None, 401, None) else: if message: raise Unauthorized("API Key Test error: {}".format(message)) raise Unauthorized( "API Key is not valid but does not work. Perhaps the OAuth access key has been revoked." ) return HTTPResponse(message, 200)
async def index(request): file_url = request.args.get('video') logger.debug('file_url: %s', file_url) if file_url: splitted = urlsplit(file_url) origin_host = splitted.netloc path = splitted.path else: logger.error('no file_url') return HTTPResponse(status=400) try: server = await sc.get_server() except Exception as e: logger.error('unexpected error on choosing server: %s', e) return HTTPResponse(status=500) logger.debug('choosen server: %s', server) if server: if urlsplit(server).netloc != origin_host: url = urljoin(f'{server}', path.lstrip('/')) logger.debug('redirect to cdn: %s', url) return redirect(url) else: logger.debug('redirect to origin: %s', file_url) return redirect(file_url) else: logger.error('no server available') return HTTPResponse(status=503)
async def set_security_headers( request: Request, response: HTTPResponse ) -> HTTPResponse: try: response.headers['X-Content-Type-Options'] = 'nosniff' response.headers['X-Frame-Options'] = 'deny' finally: return response
def response(self, id, error): id = id if id else uuid.uuid1().__str__() base64_data, code = self.code() session[id] = code body = self.body.format(base64_data=base64_data, error=error) response = HTTPResponse(body, content_type="text/html; charset=utf-8") response.cookies["uuid"] = id return response
async def handle_exception( self, request: Request, exception: BaseException ): """ A handler that catches specific exceptions and outputs a response. :param request: The current request object :type request: :class:`SanicASGITestClient` :param exception: The exception that was raised :type exception: BaseException :raises ServerError: response 500 """ # -------------------------------------------- # # Request Middleware # -------------------------------------------- # response = await self._run_request_middleware( request, request_name=None ) # No middleware results if not response: try: response = self.error_handler.response(request, exception) if isawaitable(response): response = await response except Exception as e: if isinstance(e, SanicException): response = self.error_handler.default(request, e) elif self.debug: response = HTTPResponse( ( f"Error while handling error: {e}\n" f"Stack: {format_exc()}" ), status=500, ) else: response = HTTPResponse( "An error occurred while handling an error", status=500 ) if response is not None: try: response = await request.respond(response) except BaseException: # Skip response middleware if request.stream: request.stream.respond(response) await response.send(end_stream=True) raise else: if request.stream: response = request.stream.response if isinstance(response, BaseHTTPResponse): await response.send(end_stream=True) else: raise ServerError( f"Invalid response type {response!r} (need HTTPResponse)" )
async def response_bytes(request: Request, size): if request.method == "GET": request.args.get("source") r = HTTPResponse(n_bytes_json(size), content_type="Application/json") return r data = request.json data.get('a') r = HTTPResponse(ok_json(), content_type="Application/json") return r
async def delete(self): async with self.app.pg_pool.acquire() as conn: result = await conn.fetchrow( 'SELECT * FROM estate_pages WHERE id = $1', self.page_id) if result: await conn.execute('DELETE FROM estate_pages WHERE id = $1', self.page_id) return HTTPResponse(status=200) else: return HTTPResponse(status=404)
async def dispatch_request(self, request, *args, **kwargs): try: request_method = request.method.lower() data = self.parse_body(request) show_graphiql = request_method == 'get' and self.should_display_graphiql( request) catch = show_graphiql pretty = self.pretty or show_graphiql or request.args.get('pretty') if request_method != 'options': execution_results, all_params = run_http_query( self.schema, request_method, data, query_data=request.args, batch_enabled=self.batch, catch=catch, # Execute options return_promise=self._enable_async, root_value=self.get_root_value(request), context_value=self.get_context(request), middleware=self.get_middleware(request), executor=self.get_executor(request), ) awaited_execution_results = await Promise.all(execution_results ) result, status_code = encode_execution_results( awaited_execution_results, is_batch=isinstance(data, list), format_error=partial(self._format_error, request), encode=partial(self.encode, pretty=pretty)) if show_graphiql: return await self.render_graphiql(params=all_params[0], result=result) return HTTPResponse(result, status=status_code, content_type='application/json') else: return self.process_preflight(request) except HttpQueryError as e: _log.exception(GraphQLView.dispatch_request.__name__) return HTTPResponse(self.encode( {'errors': [self._format_error(request, e)]}), status=e.status_code, headers=e.headers, content_type='application/json')
async def oauth_callback(req: Request): # Retrieve the auth code and state from the request params if "code" in req.args: state = req.args.get("state") if state_store.consume(state): code = req.args.get("code") client = AsyncWebClient() # no prepared token needed for this app oauth_response = await client.oauth_v2_access( client_id=client_id, client_secret=client_secret, code=code) logger.info(f"oauth.v2.access response: {oauth_response}") installed_enterprise = oauth_response.get("enterprise") or {} installed_team = oauth_response.get("team") or {} installer = oauth_response.get("authed_user") or {} incoming_webhook = oauth_response.get("incoming_webhook") or {} bot_token = oauth_response.get("access_token") # NOTE: oauth.v2.access doesn't include bot_id in response bot_id = None if bot_token is not None: auth_test = await client.auth_test(token=bot_token) bot_id = auth_test["bot_id"] installation = Installation( app_id=oauth_response.get("app_id"), enterprise_id=installed_enterprise.get("id"), team_id=installed_team.get("id"), bot_token=bot_token, bot_id=bot_id, bot_user_id=oauth_response.get("bot_user_id"), bot_scopes=oauth_response.get( "scope"), # comma-separated string user_id=installer.get("id"), user_token=installer.get("access_token"), user_scopes=installer.get("scope"), # comma-separated string incoming_webhook_url=incoming_webhook.get("url"), incoming_webhook_channel_id=incoming_webhook.get("channel_id"), incoming_webhook_configuration_url=incoming_webhook.get( "configuration_url"), ) installation_store.save(installation) return HTTPResponse(status=200, body="Thanks for installing this app!") else: return HTTPResponse( status=400, body= "Try the installation again (the state value is already expired)" ) error = req.args["error"] if "error" in req.args else "" return HTTPResponse( status=400, body=f"Something is wrong with the installation (error: {error})")
async def authorize(request, *args, context=None, **kwargs): # NOTICE: for real project, you need to require login if request.method == 'GET': # render a page for user to confirm the authorization return await jinja2.render_async('confirm.html', request, g=g) if request.method == 'HEAD': # if HEAD is supported properly, request parameters like # client_id should be validated the same way as for 'GET' response = HTTPResponse('', 200) response.headers['X-Client-ID'] = kwargs.get('client_id') return response confirm = request.form.get('confirm', 'no') return confirm == 'yes'
async def process(self): request = self.request if request.method == 'OPTIONS': headers = ( ('Content-Type', "application/javascript; charset=UTF-8"), ('Access-Control-Allow-Methods', "OPTIONS, POST"), ) headers += session_cookie(request) headers += cors_headers(request.headers) headers += cache_headers() return HTTPResponse(None, status=204, headers=headers) headers = ( ('Content-Type', "application/javascript; charset=UTF-8"), ('Cache-Control', CACHE_CONTROL), ) headers += session_cookie(request) headers += cors_headers(request.headers) async def stream(_response): nonlocal self self.response = _response await self.handle_session() return StreamingHTTPResponse(stream, headers=headers)
def render_template(template_name, request, context, *, app_key=APP_KEY, encoding='utf-8', headers=None, status=200): """ Return sanic.response.Response which contains template template_name filled with context. Returned response has Content-Type header set to 'text/html'. :param template_name: template name. :param request: a parameter from web-handler, sanic.request.Request instance. :param context: context for rendering. :param encoding: response encoding, 'utf-8' by default. :param status: HTTP status code for returned response, 200 (OK) by default. :param app_key: a optional key for application instance. If not provided, default value will be used. """ if context is None: context = {} text = render_string(template_name, request, context, app_key=app_key) content_type = "text/html; charset={encoding}".format(encoding=encoding) return HTTPResponse( text, status=status, headers=headers, content_type=content_type )
async def process(self): request = self.request headers = ( ('Connection', request.headers.get('Connection', "close")), ('Content-Type', "application/javascript; charset=UTF-8"), ('Cache-Control', CACHE_CONTROL), ) headers += session_cookie(request) headers += cors_headers(request.headers) if request.method == 'OPTIONS': headers += (('Access-Control-Allow-Methods', "OPTIONS, POST"), ) headers += cache_headers() return HTTPResponse(None, status=204, headers=headers) async def stream(_response): nonlocal self self.response = _response await _response.write(self.open_seq) # event loop await self.handle_session() # open sequence (sockjs protocol) return StreamingHTTPResponse(stream, headers=headers)
async def metrics(request: Request) -> HTTPResponse: latest_metrics = prometheus_client.generate_latest(monitoring_registry) return HTTPResponse( body=latest_metrics.decode("utf-8"), content_type=prometheus_client.CONTENT_TYPE_LATEST, headers={"Content-Length": str(len(latest_metrics))}, )
async def get_political_party(request, name): votes = 0 name = constants.QUOTED_PARTY_MAP.get(name) html = await get_party_cache(name) if not html: for r in await get_election_results(): if r['political_party'] == name: votes += r['count'] or 0 # cur.execute('SELECT * FROM candidates WHERE political_party = "{}"'.format(name)) candidate_ids = constants.PARTY_MASTER.get(name) candidates = [ get_candidate_by_id(candidate_id) for candidate_id in candidate_ids ] keywords = await get_voice_of_supporter(candidate_ids) html = render_string('political_party.html', request, context=dict(political_party=name, votes=votes, candidates=candidates, keywords=keywords)) await set_party_cache(name, html) return HTTPResponse( html, status=200, content_type="text/html; charset=utf-8", )
async def get_index(request): html = await get_index_cache() if not html: candidates = [] election_results = await get_election_results() # 上位10人と最下位のみ表示 candidates += election_results[:10] candidates.append(election_results[-1]) parties_name = get_all_party_name() parties = {} for name in parties_name: parties[name] = 0 for r in election_results: parties[r['political_party']] += r['count'] or 0 parties = sorted(parties.items(), key=lambda x: x[1], reverse=True) sex_ratio = {'men': 0, 'women': 0} for r in election_results: if r['sex'] == '男': sex_ratio['men'] += r['count'] or 0 elif r['sex'] == '女': sex_ratio['women'] += r['count'] or 0 html = render_string('index.html', request, context=dict(candidates=candidates, parties=parties, sex_ratio=sex_ratio)) await set_index_cache(html) return HTTPResponse( html, status=200, content_type="text/html; charset=utf-8", )
def handle_delete(id): todo = db.get(eid=id) if todo is None: return text('todo not found', 404) db.remove(eids=[id]) return HTTPResponse('{}', content_type='application/json; charset=utf-8')
async def handle_single(request, id): def handle_get(id): todo = db.get(eid=id) if todo is None: return text('todo not found', 404) return json(make_todo(todo)) def handle_patch(body, id): todo = db.get(eid=id) if todo is None: return text('todo not found', 404) todo.update(body) db.update(todo, eids=[id]) return json(make_todo(todo)) def handle_delete(id): todo = db.get(eid=id) if todo is None: return text('todo not found', 404) db.remove(eids=[id]) return HTTPResponse('{}', content_type='application/json; charset=utf-8') if request.method == 'GET': return handle_get(id) elif request.method == 'PATCH': return handle_patch(request.json, id) elif request.method == 'DELETE': return handle_delete(id) elif request.method == 'OPTION' or request.method == 'OPTIONS': return HTTPResponse(status=204, headers={'Allow': 'GET, PATCH, DELETE'}) else: return text('GET/PATCH/DELETE', 405)
async def respond( self, response: Optional[BaseHTTPResponse] = None, *, status: int = 200, headers: Optional[Union[Header, Dict[str, str]]] = None, content_type: Optional[str] = None, ): # This logic of determining which response to use is subject to change if response is None: response = (self.stream and self.stream.response) or HTTPResponse( status=status, headers=headers, content_type=content_type, ) # Connect the response if isinstance(response, BaseHTTPResponse) and self.stream: response = self.stream.respond(response) # Run response middleware try: response = await self.app._run_response_middleware( self, response, request_name=self.name) except CancelledErrors: raise except Exception: error_logger.exception( "Exception occurred in one of response middleware handlers") return response
def output_xml(app, data, code, headers=None): """Makes a Flask response with a XML encoded body""" resp = HTTPResponse(dumps({'response': data}), status=code, headers=headers) resp.headers.extend(headers or {}) return resp
async def oauth(request: Request) -> HTTPResponse: provider = request.ctx.__dict__.get('oauth_provider', None) provider_confs = request.app.config.get('OAUTH_PROVIDERS', {}) if provider is None and 'default' in provider_confs: provider = 'default' if provider: if provider not in provider_confs: return HTTPResponse(status=404) provider_conf = provider_confs[provider] use_scope = provider_conf['SCOPE'] use_redirect_uri = provider_conf['REDIRECT_URI'] use_after_auth_default_redirect = \ provider_conf['AFTER_AUTH_DEFAULT_REDIRECT'] else: use_scope = request.app.config.OAUTH_SCOPE use_redirect_uri = request.app.config.OAUTH_REDIRECT_URI use_after_auth_default_redirect = \ request.app.config.OAUTH_AFTER_AUTH_DEFAULT_REDIRECT client = request.app.oauth_factory(provider=provider) if 'code' not in request.args: return redirect( client.get_authorize_url(scope=use_scope, redirect_uri=use_redirect_uri)) token, _data = await client.get_access_token(request.args.get('code'), redirect_uri=use_redirect_uri) request.ctx.__dict__['session']['token'] = token if provider: # remember provider request.ctx.__dict__['session']['oauth_provider'] = provider elif 'oauth_provider' in request.ctx.__dict__['session']: # forget remembered provider del request.ctx.__dict__['session']['oauth_provider'] return redirect(request.ctx.__dict__['session'].get( 'after_auth_redirect', use_after_auth_default_redirect))
async def get(self, request): # await asyncio.sleep(6) pets = Pet.select() pets_list = [model_to_dict(p) for p in pets] # return json(pets_list) # 使用default=str 可以正常序列化时间 return HTTPResponse(sjson.dumps(pets_list, default=str))
async def update_product(request): await service.update_product( id_=1, validated_data=abstract.UpdateProduct(name="Dell"), uow=unit_of_work.UpdateProductUnitOfWork, event=events.ProductUpdated) return HTTPResponse("success")
def json(request: Request, body, status=200, headers: dict = None, dumps=json_dumps, **kwargs): """ Returns response object with body in json format. :param request: The inbound request object. :param body: Response data to be serialized. :param status: Response code. :param headers: Custom Headers. :param kwargs: Remaining arguments that are passed to the json encoder. """ content_type = "application/json" # Build headers if headers is None: headers = {} if Request.request_id_header not in headers: headers[Request.request_id_header] = request.request_id return HTTPResponse(dumps(body, **kwargs), headers=headers, status=status, content_type=content_type)
async def handle_collection(request): def handle_get(): return json([make_todo(todo) for todo in db.all()]) def handle_post(body=None): if not body or 'title' not in body: return text('POST request body must contain title', 400) eid = db.insert({ 'title': body['title'], 'completed': body.get('completed', False), 'order': body.get('order', 10) }) return json(make_todo(db.get(eid=eid))) def handle_delete(): eids = map(lambda t: t.eid, db.all()) db.remove(eids=eids) return HTTPResponse('[]', content_type='application/json; charset=utf-8') if request.method == 'GET': return handle_get() elif request.method == 'POST': return handle_post(request.json) elif request.method == 'DELETE': return handle_delete() elif request.method == 'OPTION' or request.method == 'OPTIONS': return HTTPResponse(status=204, headers={'Allow': 'GET, POST, DELETE'}) else: return text('GET/POST/DELETE', 405)