def store(request):
if request.method != "POST":
return HttpResponseNotAllowed("This method only supports POST requests")
if request.META.get("HTTP_AUTHORIZATION", "").startswith("Sentry"):
auth_vars = parse_auth_header(request.META["HTTP_AUTHORIZATION"])
signature = auth_vars.get("sentry_signature")
timestamp = auth_vars.get("sentry_timestamp")
format = "json"
data = request.raw_post_data
# Signed data packet
if signature and timestamp:
try:
timestamp = float(timestamp)
except ValueError:
return HttpResponseBadRequest("Invalid timestamp")
if timestamp < time.time() - 3600: # 1 hour
return HttpResponseGone("Message has expired")
sig_hmac = get_signature(data, timestamp)
if sig_hmac != signature:
return HttpResponseForbidden("Invalid signature")
else:
return HttpResponse("Unauthorized", status_code=401)
else:
data = request.POST.get("data")
if not data:
return HttpResponseBadRequest("Missing data")
format = request.POST.get("format", "pickle")
if format not in ("pickle", "json"):
return HttpResponseBadRequest("Invalid format")
# Legacy request (deprecated as of 2.0)
key = request.POST.get("key")
if key != settings.KEY:
warnings.warn(
"A client is sending the `key` parameter, which will be removed in Sentry 2.0", DeprecationWarning
)
return HttpResponseForbidden("Invalid credentials")
logger = logging.getLogger("sentry.server")
try:
try:
data = base64.b64decode(data).decode("zlib")
except zlib.error:
data = base64.b64decode(data)
except Exception, e:
# This error should be caught as it suggests that there's a
# bug somewhere in the client's code.
logger.exception("Bad data received")
return HttpResponseForbidden("Bad data decoding request (%s, %s)" % (e.__class__.__name__, e))
def store(request):
if request.method != 'POST':
return HttpResponseNotAllowed('This method only supports POST requests')
if request.META.get('HTTP_AUTHORIZATION', '').startswith('Sentry'):
auth_vars = parse_auth_header(request.META['HTTP_AUTHORIZATION'])
signature = auth_vars.get('sentry_signature')
timestamp = auth_vars.get('sentry_timestamp')
format = 'json'
data = request.raw_post_data
# Signed data packet
if signature and timestamp:
try:
timestamp = float(timestamp)
except ValueError:
return HttpResponseBadRequest('Invalid timestamp')
if timestamp < time.time() - 3600: # 1 hour
return HttpResponseGone('Message has expired')
sig_hmac = get_signature(data, timestamp)
if sig_hmac != signature:
return HttpResponseForbidden('Invalid signature')
else:
return HttpResponse('Unauthorized', status_code=401)
else:
data = request.POST.get('data', request.raw_post_data)
if not data:
return HttpResponseBadRequest('Missing data')
format = request.POST.get('format', 'json')
if format not in ('pickle', 'json'):
return HttpResponseBadRequest('Invalid format')
# Legacy request (deprecated as of 2.0)
key = request.POST.get('key', settings.KEY)
if key != settings.KEY:
warnings.warn('A client is sending the `key` parameter, which will be removed in Sentry 2.0', DeprecationWarning)
return HttpResponseForbidden('Invalid credentials')
logger = logging.getLogger('sentry.server')
try:
try:
data = base64.b64decode(data).decode('zlib')
except zlib.error:
data = base64.b64decode(data)
except Exception, e:
# This error should be caught as it suggests that there's a
# bug somewhere in the client's code.
logger.exception('Bad data received')
return HttpResponseForbidden('Bad data decoding request (%s, %s)' % (e.__class__.__name__, e))
def store():
if request.environ.get('AUTHORIZATION', '').startswith('Sentry'):
auth_vars = parse_auth_header(request.META['AUTHORIZATION'])
signature = auth_vars.get('sentry_signature')
timestamp = auth_vars.get('sentry_timestamp')
format = 'json'
data = request.raw_post_data
# Signed data packet
if signature and timestamp:
try:
timestamp = float(timestamp)
except ValueError:
abort(400, 'Invalid Timestamp')
if timestamp < time.time() - 3600: # 1 hour
abort(410, 'Message has expired')
sig_hmac = get_signature(data, timestamp)
if sig_hmac != signature:
abort(403, 'Invalid signature')
else:
abort(401,'Unauthorized')
else:
data = request.form.get('data')
if not data:
abort(400, 'Missing data')
format = request.form.get('format', 'pickle')
if format not in ('pickle', 'json'):
abort(400, 'Invalid format')
# Legacy request (deprecated as of 2.0)
key = request.form.get('key')
if key != app.config['KEY']:
warnings.warn('A client is sending the `key` parameter, which will be removed in Sentry 2.0', DeprecationWarning)
abort(403, 'Invalid credentials')
logger = logging.getLogger('sentry.server')
try:
try:
data = base64.b64decode(data).decode('zlib')
except zlib.error:
data = base64.b64decode(data)
except Exception, e:
# This error should be caught as it suggests that there's a
# bug somewhere in the client's code.
logger.exception('Bad data received')
abort(400, 'Bad data decoding request (%s, %s)' % (e.__class__.__name__, e))
def input_message(data, format, key, http_auth, raw_post_data):
if http_auth.startswith('Sentry'):
auth_vars = parse_auth_header(http_auth)
signature = auth_vars.get('sentry_signature')
timestamp = auth_vars.get('sentry_timestamp')
format = 'json'
data = raw_post_data
# Signed data packet
if signature and timestamp:
try:
timestamp = float(timestamp)
except ValueError:
raise ValueError('Invalid timestamp')
if timestamp < time.time() - 3600: # 1 hour
raise ValueError('Message has expired')
return find_site_for_signature.delay(data, format, timestamp, signature)
else:
raise ValueError('Unauthorized')
else:
if not data:
raise ValueError('Missing data')
if format not in ('pickle', 'json'):
raise ValueError('Invalid format')
# Legacy request (deprecated as of 2.0)
site = get_object_or_404(Site, sentry_key=key)
if key != site.sentry_key:
warnings.warn('A client is sending the `key` parameter, which will be removed in Sentry 2.0', DeprecationWarning)
raise ValueError('Invalid credentials')
store_message.delay(data, format, site)
def store(request):
if request.method != 'POST':
return HttpResponseNotAllowed(
'This method only supports POST requests')
if request.META.get('HTTP_AUTHORIZATION', '').startswith('Sentry'):
auth_vars = parse_auth_header(request.META['HTTP_AUTHORIZATION'])
signature = auth_vars.get('sentry_signature')
timestamp = auth_vars.get('sentry_timestamp')
format = 'json'
data = request.raw_post_data
# Signed data packet
if signature and timestamp:
try:
timestamp = float(timestamp)
except ValueError:
return HttpResponseBadRequest('Invalid timestamp')
if timestamp < time.time() - 3600: # 1 hour
return HttpResponseGone('Message has expired')
sig_hmac = get_signature(data, timestamp)
if sig_hmac != signature:
return HttpResponseForbidden('Invalid signature')
else:
return HttpResponse('Unauthorized', status_code=401)
else:
data = request.POST.get('data')
if not data:
return HttpResponseBadRequest('Missing data')
format = request.POST.get('format', 'pickle')
if format not in ('pickle', 'json'):
return HttpResponseBadRequest('Invalid format')
# Legacy request (deprecated as of 2.0)
key = request.POST.get('key')
if key != settings.KEY:
warnings.warn(
'A client is sending the `key` parameter, which will be removed in Sentry 2.0',
DeprecationWarning)
return HttpResponseForbidden('Invalid credentials')
logger = logging.getLogger('sentry.server')
try:
try:
data = base64.b64decode(data).decode('zlib')
except zlib.error:
data = base64.b64decode(data)
except Exception, e:
# This error should be caught as it suggests that there's a
# bug somewhere in the client's code.
logger.exception('Bad data received')
return HttpResponseForbidden('Bad data decoding request (%s, %s)' %
(e.__class__.__name__, e))