def test_session_is_regularly_refreshed(self): alice = self.make_participant('alice') alice.authenticated = True alice.sign_in(SimpleCookie()) cookies = SimpleCookie() alice.keep_signed_in(cookies) assert SESSION not in cookies cookies = SimpleCookie() expires = alice.session_expires alice.set_session_expires(expires - SESSION_REFRESH) alice.keep_signed_in(cookies) assert SESSION in cookies
def delete_cookie(environ, name): kaka = environ.get("HTTP_COOKIE", '') logger.debug("delete KAKA: %s", kaka) if kaka: cookie_obj = SimpleCookie(kaka) morsel = cookie_obj.get(name, None) cookie = SimpleCookie() cookie[name] = "" cookie[name]['path'] = "/" logger.debug("Expire: %s", morsel) cookie[name]["expires"] = _expiration("dawn") return tuple(cookie.output().split(": ", 1)) return None
def delete_cookie(self, environ): cookie = environ.get("HTTP_COOKIE", "") logger.debug("delete cookie: %s", cookie) if cookie: _name = self.cookie_name cookie_obj = SimpleCookie(cookie) morsel = cookie_obj.get(_name, None) cookie = SimpleCookie() cookie[_name] = "" cookie[_name]["path"] = "/" logger.debug("Expire: %s", morsel) cookie[_name]["expires"] = _expiration("now") return cookie.output().split(": ", 1) return None
def http_request(self, url, method="GET", **kwargs): _kwargs = copy.copy(self.request_args) if kwargs: _kwargs.update(kwargs) if self.cookiejar: _kwargs["cookies"] = self._cookies() logger.debug("SENT COOKIEs: %s" % (_kwargs["cookies"], )) try: r = requests.request(method, url, **_kwargs) except Exception as err: logger.error( "http_request failed: %s, url: %s, htargs: %s, method: %s" % (err, url, _kwargs, method)) raise try: _cookie = r.headers["set-cookie"] # Telekom fix # set_cookie = set_cookie.replace( # "=;Path=/;Expires=Thu, 01-Jan-1970 00:00:01 GMT;HttpOnly,", "") logger.debug("RECEIVED COOKIEs: %s" % _cookie) try: set_cookie(self.cookiejar, SimpleCookie(_cookie)) except CookieError as err: logger.error(err) raise NonFatalException(r, "{}".format(err)) except (AttributeError, KeyError) as err: pass return r
def build_wsgi_environ(self, method, path, body, content_type, cookies=None, **kw): # NOTE that in Pando (request.py make_franken_headers) only headers # beginning with ``HTTP`` are included in the request - and those are # changed to no longer include ``HTTP``. There are currently 2 # exceptions to this: ``'CONTENT_TYPE'``, ``'CONTENT_LENGTH'`` which # are explicitly checked for. if isinstance(cookies, dict) and not isinstance(cookies, SimpleCookie): cookies, d = SimpleCookie(), cookies for k, v in d.items(): cookies[str(k)] = str(v) typecheck(path, (bytes, text_type), method, text_type, content_type, bytes, body, bytes) environ = {} environ[b'CONTENT_TYPE'] = content_type if cookies is not None: environ[b'HTTP_COOKIE'] = cookies.output(header='', sep='; ') environ[b'HTTP_HOST'] = b'localhost' environ[b'PATH_INFO'] = path.encode( 'ascii') if type(path) != bytes else path environ[b'REMOTE_ADDR'] = b'0.0.0.0' environ[b'REQUEST_METHOD'] = method.encode('ascii') environ[b'SERVER_PROTOCOL'] = b'HTTP/1.1' environ[b'wsgi.input'] = BytesIO(body) environ[b'HTTP_CONTENT_LENGTH'] = str(len(body)).encode('ascii') environ.update((k.encode('ascii'), v) for k, v in kw.items()) return environ
def extract_macaroons(headers): ''' Returns an array of any macaroons found in the given slice of cookies. @param headers: dict of headers @return: An array of array of mpy macaroons ''' mss = [] def add_macaroon(data): data = utils.b64decode(data) data_as_objs = json.loads(data.decode('utf-8')) ms = [utils.macaroon_from_dict(x) for x in data_as_objs] mss.append(ms) cookieHeader = headers.get('Cookie') if cookieHeader is not None: cs = SimpleCookie() # The cookie might be a unicode object, so convert it # to ASCII. This may cause an exception under Python 2. # TODO is that a problem? cs.load(str(cookieHeader)) for c in cs: if c.startswith('macaroon-'): add_macaroon(cs[c].value) # Python doesn't make it easy to have multiple values for a # key, so split the header instead, which is necessary # for HTTP1.1 compatibility anyway. macaroonHeader = headers.get('Macaroons') if macaroonHeader is not None: for h in macaroonHeader.split(','): add_macaroon(h) return mss
def _wrap(response): cookie = SimpleCookie() cookie.load(response.headers['Set-Cookie']) for key, value in cookie.items(): if key == ngw_env.pyramid.options['session.cookie.name']: return value.value return None
def _load_session(self, environ): session = None try: # Attempt to load existing cookie from environ C = SimpleCookie(environ.get('HTTP_COOKIE')) morsel = C.get(self._cookie_key) except CookieError: morsel = None if morsel is not None: try: # Attempt to decrypt and decode session_data = self._crypto.decrypt(morsel.value.encode('ascii'), ttl=self._session_ttl) session = self._session_cls(self._serializer.decode(self._compressor[1](session_data))) except (InvalidToken, SessionSerializerException, zlib.error): # Start anew session = self._session_cls() # And ensure invalid cookie is overwritten session.save() if session is None: session = self._session_cls() return session
def __init__(self): """ Create a new Response defaulting to HTML content and "200 OK" status """ self.status = "200 OK" self.headers = HeaderDict({"content-type": "text/html"}) self.cookies = SimpleCookie()
def set_cookie(name, _, *args): cookie = SimpleCookie() cookie[name] = base64.b64encode(":".join(args)) cookie[name]['path'] = "/" cookie[name]["expires"] = _expiration(5) # 5 minutes from now logger.debug("Cookie expires: %s", cookie[name]["expires"]) return tuple(cookie.output().split(": ", 1))
def test_log_in_with_old_session(self): alice = self.make_participant('alice') self.db.run("UPDATE user_secrets SET mtime = mtime - interval '1 day'") alice.authenticated = True cookies = SimpleCookie() alice.sign_in(cookies) self.check_with_about_me('alice', cookies)
def __init__(self, d): """Takes headers as a dict, list, or bytestring. """ if isinstance(d, bytes): from pando.exceptions import MalformedHeader def genheaders(): for line in d.splitlines(): if b':' not in line: # no colon separator in header raise MalformedHeader(line) k, v = line.split(b':', 1) if k != k.strip(): # disallowed leading or trailing whitspace # (per http://tools.ietf.org/html/rfc7230#section-3.2.4) raise MalformedHeader(line) yield k, v.strip() headers = genheaders() else: headers = d CaseInsensitiveMapping.__init__(self, headers) # Cookie # ====== self.cookie = SimpleCookie() cookie = self.get(b'Cookie', b'') if PY3 and isinstance(cookie, bytes): cookie = cookie.decode('ascii', 'replace') try: self.cookie.load(cookie) except CookieError: pass # XXX really?
def make_cookie(name, load, seed, expire=0, domain="", path="", timestamp=""): """ Create and return a cookie :param name: Cookie name :param load: Cookie load :param seed: A seed for the HMAC function :param expire: Number of minutes before this cookie goes stale :param domain: The domain of the cookie :param path: The path specification for the cookie :return: A tuple to be added to headers """ cookie = SimpleCookie() if not timestamp: timestamp = str(int(time.mktime(time.gmtime()))) signature = cookie_signature(seed, load, timestamp) cookie[name] = "|".join([load, timestamp, signature]) if path: cookie[name]["path"] = path if domain: cookie[name]["domain"] = domain if expire: cookie[name]["expires"] = _expiration(expire, "%a, %d-%b-%Y %H:%M:%S GMT") return tuple(cookie.output().split(": ", 1))
def parse_cookie(name, seed, kaka): """Parses and verifies a cookie value :param seed: A seed used for the HMAC signature :param kaka: The cookie :return: A tuple consisting of (payload, timestamp) """ if not kaka: return None cookie_obj = SimpleCookie(kaka) morsel = cookie_obj.get(name) if morsel: parts = morsel.value.split("|") if len(parts) != 3: return None # verify the cookie signature sig = cookie_signature(seed, parts[0], parts[1]) if sig != parts[2]: raise SAMLError("Invalid cookie signature") try: return parts[0].strip(), parts[1] except KeyError: return None else: return None
def visit(url, request): if request.headers.get('Accept') == 'application/json': return {'status_code': 200, 'content': {'agent': request.url}} cs = SimpleCookie() cookies = request.headers.get('Cookie') if cookies is not None: cs.load(str(cookies)) public_key = None for c in cs: if c == 'agent-login': json_cookie = json.loads( base64.b64decode(cs[c].value).decode('utf-8')) public_key = bakery.PublicKey.deserialize( json_cookie.get('public_key')) ms = httpbakery.extract_macaroons(request.headers) if len(ms) == 0: b = bakery.Bakery(key=discharge_key) m = b.oven.macaroon( version=bakery.LATEST_VERSION, expiry=datetime.utcnow() + timedelta(days=1), caveats=[ bakery.local_third_party_caveat( public_key, version=httpbakery.request_version( request.headers)) ], ops=[bakery.Op(entity='agent', action='login')]) content, headers = httpbakery.discharge_required_response( m, '/', 'test', 'message') resp = response(status_code=401, content=content, headers=headers) return request.hooks['response'][0](resp) return {'status_code': 200, 'content': {'agent-login': True}}
def cookie_parts(name, kaka): cookie_obj = SimpleCookie(kaka) morsel = cookie_obj.get(name) if morsel: return morsel.value.split("|") else: return None
def _prepare_response(self, res_info, url): res = requests.Response() res.url = res_info.get('url', url) res.status_code = res_info.get('status_code', 200) res.reason_phrase = res_info.get( 'reason_phrase', REASON_PHRASES.get(res.status_code, 'UNKNOWN STATUS CODE')) if 'reason' in res_info: res.reason = res_info['reason'] if 'headers' in res_info: res.headers.update(res_info['headers']) if 'Set-Cookie' in res_info[ 'headers'] and 'cookies' not in res_info: cookies = SimpleCookie() for entry in res_info['headers']['Set-Cookie'].split(','): cookies.load(str(entry)) res.cookies.update(cookies) if 'cookies' in res_info: res.cookies.update(res_info['cookies']) res.raw = StreamContent(res_info.get('content', '')) return res
def quiet_rewrite(self, cookie_str, header='Set-Cookie'): # begin Perma customization from pywb.rewrite.cookie_rewriter import six from six.moves.http_cookies import SimpleCookie, CookieError import logging # end Perma customization results = [] cookie_str = self.REMOVE_EXPIRES.sub('', cookie_str) try: cookie = SimpleCookie(cookie_str) except CookieError as e: # begin Perma customization logger = logging.getLogger(__name__) logger.info(e, exc_info=True) # end Perma customization return results for name, morsel in six.iteritems(cookie): morsel = self.rewrite_cookie(name, morsel) self._filter_morsel(morsel) if not self.add_prefix_cookie_for_all_mods(morsel, results, header): value = morsel.OutputString() results.append((header, value)) return results
def test_session_is_regularly_refreshed(self): alice = self.make_participant('alice') alice.authenticated = True alice.sign_in(SimpleCookie()) cookies = SimpleCookie() alice.keep_signed_in(cookies) assert SESSION not in cookies cookies = SimpleCookie() alice.session = self.db.one( """ UPDATE user_secrets SET mtime = mtime - %s WHERE participant = %s RETURNING id, secret, mtime """, (SESSION_REFRESH, alice.id)) alice.keep_signed_in(cookies) assert SESSION in cookies
def test_log_in_with_old_session(self): alice = self.make_participant('alice') alice.update_session('x', utcnow() - timedelta(days=1)) alice.authenticated = True cookies = SimpleCookie() alice.sign_in(cookies) print(cookies) self.check_with_about_me('alice', cookies)
def test_log_in_switch_user(self): alice = self.make_participant('alice') alice.update_password(password) bob = self.make_participant('bob') bob.authenticated = True cookies = SimpleCookie() bob.sign_in(cookies) self.log_in_and_check(alice, password, cookies=cookies)
def set_cookie(self, user): uid = rndstr(32) self.uid2user[uid] = user cookie = SimpleCookie() cookie[self.cookie_name] = uid cookie[self.cookie_name]["path"] = "/" cookie[self.cookie_name]["expires"] = _expiration(480) logger.debug("Cookie expires: %s", cookie[self.cookie_name]["expires"]) return cookie.output().split(": ", 1)
def curl_to_request_kwargs(curl_command, ignore_unknown_options=True): """Convert a cURL command syntax to Request kwargs. :param str curl_command: string containing the curl command :param bool ignore_unknown_options: If true, only a warning is emitted when cURL options are unknown. Otherwise raises an error. (default: True) :return: dictionary of Request kwargs """ curl_args = split(curl_command) if curl_args[0] != 'curl': raise ValueError('A curl command must start with "curl"') parsed_args, argv = curl_parser.parse_known_args(curl_args[1:]) if argv: msg = 'Unrecognized options: {}'.format(', '.join(argv)) if ignore_unknown_options: warnings.warn(msg) else: raise ValueError(msg) url = parsed_args.url # curl automatically prepends 'http' if the scheme is missing, but Request # needs the scheme to work parsed_url = urlparse(url) if not parsed_url.scheme: url = 'http://' + url result = {'method': parsed_args.method.upper(), 'url': url} headers = [] cookies = {} for header in parsed_args.headers or (): name, val = header.split(':', 1) name = name.strip() val = val.strip() if name.title() == 'Cookie': for name, morsel in iteritems(SimpleCookie(val)): cookies[name] = morsel.value else: headers.append((name, val)) if parsed_args.auth: user, password = parsed_args.auth.split(':', 1) headers.append(('Authorization', basic_auth_header(user, password))) if headers: result['headers'] = headers if cookies: result['cookies'] = cookies if parsed_args.data: result['body'] = parsed_args.data return result
def _assert_cookies_expired(self, http_headers): cookies_string = ";".join( [c[1] for c in http_headers if c[0] == "Set-Cookie"]) all_cookies = SimpleCookie() all_cookies.load(cookies_string) now = datetime.datetime.now() for c in [self.provider.cookie_name, self.provider.session_cookie_name]: dt = datetime.datetime.strptime(all_cookies[c]["expires"], "%a, %d-%b-%Y %H:%M:%S GMT") assert dt < now # make sure the cookies have expired to be cleared
def cookies(self): cookies = SimpleCookie() cookie_header = self.environ.get("HTTP_COOKIE") if cookie_header: galaxy_cookies = "; ".join(x.strip() for x in cookie_header.split('; ') if x.startswith('galaxy')) if galaxy_cookies: try: cookies.load(galaxy_cookies) except CookieError: pass return cookies
def test_session_cookie_is_secure_if_it_should_be(self): canonical_scheme = self.client.website.canonical_scheme self.client.website.canonical_scheme = 'https' try: cookies = SimpleCookie() alice = self.make_participant('alice') alice.authenticated = True alice.sign_in(cookies) assert '; secure' in cookies[SESSION].output().lower() finally: self.client.website.canonical_scheme = canonical_scheme
def _process_cookies(self, headers): """ Process and store cookies from response headers :param headers: :return: """ cdata = headers.get("Set-Cookie") if not cdata: return if not self.cookies: self.cookies = SimpleCookie() self.cookies.load(cdata)
def fromRawString(raw): try: sc = SimpleCookie(raw) for key, cookie in sc.items(): try: return Cookie(key, cookie['domain'], cookie['path'], raw, cookie['expires'], True) except: return None except CookieError as e: print(e) return None
def store_cookies(self, response): headers = filter(lambda h: h[0].lower() == "set-cookie", response.getheaders()) for header in headers: cookie = SimpleCookie(header[1]) for morsel in cookie.values(): if morsel.key not in self._keys: self._keys.append(morsel.key) self._content[morsel.key] = morsel.value logger.debug("--> Set cookie %s: %s" % (morsel.key, morsel.value)) logger.debug("CookieJar contents: %s\n%s" % (self._keys, self._content))
def _handle_cookies(self, response): # type: (httplib.HTTPResponse) -> None """ Parse cookies from |HTTP| response and store for next request. :param httplib.HTTPResponse: The |HTTP| response. """ # FIXME: this cookie handling doesn't respect path, domain and expiry cookies = SimpleCookie() cookies.load(response.getheader('set-cookie', '')) self.cookies.update( dict((cookie.key, cookie.value) for cookie in cookies.values()))