def sync(environ, start_response):
"""
Handle Sync requests
"""
local_params = None
try:
# Validate caller address
logger.debug('Received request from %(REMOTE_ADDR)s', environ)
if environ['REMOTE_ADDR'] not in settings['SYNC_POOL']:
logger.info('Operation not permitted from IP %(REMOTE_ADDR)s', environ)
logger.debug('Remote IP %s is not in allowed sync pool: %s',
environ['REMOTE_ADDR'], settings['SYNC_POOL'])
raise YKSyncError('ERROR Authorization failed for %(REMOTE_ADDR)s)' % environ)
sync_params = parse_querystring(environ['QUERY_STRING'])
logger.info('Received: %s', sync_params)
synclib = Sync()
local_params = synclib.sync_local(sync_params)
output = 'OK'
except YKSyncError as err:
output = str(err)
except Exception as err:
logger.exception('ERROR: %s', err)
output = 'BACKEND_ERROR'
finally:
return wsgi_response(output, start_response, apikey=''.encode(), extra=local_params)
def verify(environ, start_response):
"""
Handle OTP Validation
"""
apikey = ''.encode()
try:
params = parse_querystring(environ['QUERY_STRING'])
public_id = params.get('otp', '?' * 12)[:12]
logger.debug('%s: PROCESSED QUERYSTRING: %s', public_id, params)
validator = Validator()
apikey = validator.get_client_apikey(params.get('id'))
client_signature = params.pop('h')
server_signature = sign(params, apikey)
if client_signature != server_signature:
logger.error('[%s] Client hmac=%s != Server hmac=%s', public_id,
client_signature, server_signature)
raise YKValError('BAD_SIGNATURE')
for old_key, new_key in PARAM_MAP.items():
if old_key in params:
params[new_key] = params[old_key]
params.pop(old_key)
extra = validator.verify(**params)
output = 'OK'
logger.info('[%s] OTP Verified', public_id)
except YKValError as err:
output = '%s' % err
except Exception as err:
logger.exception('%s: Backend error: %s', public_id, err)
output = 'BACKEND_ERROR'
finally:
return wsgi_response(output, start_response, apikey=apikey, extra=None)
def sync(environ, start_response):
"""
Handle Sync requests
"""
local_params = None
try:
# Validate caller address
if environ['REMOTE_ADDR'] not in settings['SYNC_POOL']:
logger.error('Operation not permitted from IP %(REMOTE_ADDR)s', environ)
raise YKSyncError('OPERATION_NOT_ALLOWED',
'Remote IP %(REMOTE_ADDR)s it not in sync pool' % environ)
sync_params = parse_querystring(environ['QUERY_STRING'])
logger.info('[%s] Received sync request from %s (counter: %s, use: %s, nonce: %s)',
sync_params.get('yk_publicname'), environ['REMOTE_ADDR'],
sync_params.get('yk_counter'), sync_params.get('yk_use'),
sync_params.get('nonce'))
synclib = Sync()
local_params = synclib.sync_local(sync_params)
output = 'OK'
status_code = 200
except YKSyncError as err:
output = str(err)
status_code = 401
except Exception as err:
logger.exception('ERROR: %s', err)
output = 'BACKEND_ERROR'
status_code = 500
finally:
return wsgi_response(output, start_response, apikey=''.encode(),
extra=local_params, status=status_code)
def verify(environ, start_response):
"""
Handle OTP Validation
"""
apikey = ''.encode()
try:
params = parse_querystring(environ['QUERY_STRING'])
public_id = params.get('otp', '?' * 12)[:12]
logger.debug('%s: PROCESSED QUERYSTRING: %s', public_id, params)
validator = Validator()
apikey = validator.get_client_apikey(params.get('id'))
client_signature = params.pop('h')
server_signature = sign(params, apikey)
if client_signature != server_signature:
logger.error('[%s] Client hmac=%s != Server hmac=%s',
public_id, client_signature, server_signature)
raise YKValError('BAD_SIGNATURE')
for old_key, new_key in PARAM_MAP.items():
if old_key in params:
params[new_key] = params[old_key]
params.pop(old_key)
extra = validator.verify(**params)
output = 'OK'
logger.info('[%s] OTP Verified', public_id)
except YKValError as err:
output = '%s' % err
except Exception as err:
logger.exception('%s: Backend error: %s', public_id, err)
output = 'BACKEND_ERROR'
finally:
return wsgi_response(output, start_response, apikey=apikey, extra=None)
def verify(environ, start_response):
"""
Handle OTP Validation
"""
apikey = ''.encode()
try:
params = parse_querystring(environ['QUERY_STRING'])
logger.debug('PROCESSED QUERYSTRING: %s', params)
verifyer = Verifyer()
kwargs = params.copy()
if 'id' in kwargs:
kwargs.pop('id')
if 'otp' in kwargs:
kwargs.pop('otp')
apikey = verifyer.get_client_apikey(params.get('id'))
output = verifyer.verify(params.get('id'), params.get('otp'), **kwargs)
except YKValError as err:
logger.exception('Validation error: %s', err)
output = '%s' % err
except Exception as err:
logger.exception('Backend error: %s', err)
output = 'BACKEND_ERROR'
finally:
return wsgi_response(output, start_response, apikey=apikey, extra=None)
def sync(environ, start_response):
"""
Handle Sync requests
"""
local_params = None
try:
# Validate caller address
if environ['REMOTE_ADDR'] not in settings['SYNC_POOL']:
logger.error('Operation not permitted from IP %(REMOTE_ADDR)s',
environ)
raise YKSyncError(
'OPERATION_NOT_ALLOWED',
'Remote IP %(REMOTE_ADDR)s it not in sync pool' % environ)
sync_params = parse_querystring(environ['QUERY_STRING'])
logger.info(
'[%s] Received sync request from %s (counter: %s, use: %s, nonce: %s)',
sync_params.get('yk_publicname'), environ['REMOTE_ADDR'],
sync_params.get('yk_counter'), sync_params.get('yk_use'),
sync_params.get('nonce'))
synclib = Sync()
local_params = synclib.sync_local(sync_params)
output = 'OK'
status_code = 200
except YKSyncError as err:
output = str(err)
status_code = 401
except Exception as err:
logger.exception('ERROR: %s', err)
output = 'BACKEND_ERROR'
status_code = 500
finally:
return wsgi_response(output,
start_response,
apikey=''.encode(),
extra=local_params,
status=status_code)