indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Sign get requests if an instance actor key exists

merge-requests/30/head
Bob Mottram 2021-09-08 12:25:11 +01:00
parent 32bdf5cd80
commit 619d7d5aa0
1 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

38
session.py
View File

@ -95,15 +95,7 @@ def _getJsonRequest(session, url: str, domainFull: str, sessionHeaders: {},
params=sessionParams, timeout=timeoutSec) params=sessionParams, timeout=timeoutSec)
if result.status_code != 200: if result.status_code != 200:
if result.status_code == 401: if result.status_code == 401:
if not signingPrivateKeyPem: print("WARN: getJson" + url + ' rejected by secure mode')
print("WARN: getJson requires secure fetch url: " + url)
else:
if debug:
print('Using signed GET for domain: ' + domainFull)
return _getJsonSigned(session, url, domainFull,
sessionHeaders, sessionParams,
timeoutSec, signingPrivateKeyPem,
quiet, debug)
elif result.status_code == 403: elif result.status_code == 403:
print('WARN: getJson Forbidden url: ' + url) print('WARN: getJson Forbidden url: ' + url)
elif result.status_code == 404: elif result.status_code == 404:
@ -176,11 +168,11 @@ def _getJsonSigned(session, url: str, domainFull: str, sessionHeaders: {},
else: else:
toPort = 80 toPort = 80
# if debug: if debug:
print('Signed GET domain: ' + domain + ' ' + str(port)) print('Signed GET domain: ' + domain + ' ' + str(port))
print('Signed GET toDomain: ' + toDomain + ' ' + str(toPort)) print('Signed GET toDomain: ' + toDomain + ' ' + str(toPort))
print('Signed GET url: ' + url) print('Signed GET url: ' + url)
print('Signed GET httpPrefix: ' + httpPrefix) print('Signed GET httpPrefix: ' + httpPrefix)
messageStr = '' messageStr = ''
withDigest = False withDigest = False
if toDomainFull + '/' in url: if toDomainFull + '/' in url:
@ -191,14 +183,16 @@ def _getJsonSigned(session, url: str, domainFull: str, sessionHeaders: {},
createSignedHeader(signingPrivateKeyPem, 'actor', domain, port, createSignedHeader(signingPrivateKeyPem, 'actor', domain, port,
toDomain, toPort, path, httpPrefix, withDigest, toDomain, toPort, path, httpPrefix, withDigest,
messageStr) messageStr)
print('Signed GET signatureHeaderJson ' + str(signatureHeaderJson)) if debug:
print('Signed GET signatureHeaderJson ' + str(signatureHeaderJson))
for key, value in signatureHeaderJson.items(): for key, value in signatureHeaderJson.items():
if key.startswith('(') or key.startswith('*('): if key.startswith('(') or key.startswith('*('):
continue continue
sessionHeaders[key.title()] = value sessionHeaders[key.title()] = value
if sessionHeaders.get(key.lower()): if sessionHeaders.get(key.lower()):
del sessionHeaders[key.lower()] del sessionHeaders[key.lower()]
print('Signed GET sessionHeaders ' + str(sessionHeaders)) if debug:
print('Signed GET sessionHeaders ' + str(sessionHeaders))
return _getJsonRequest(session, url, domainFull, sessionHeaders, return _getJsonRequest(session, url, domainFull, sessionHeaders,
sessionParams, timeoutSec, None, quiet, debug) sessionParams, timeoutSec, None, quiet, debug)
@ -232,9 +226,15 @@ def getJson(signingPrivateKeyPem: str,
if debug: if debug:
HTTPConnection.debuglevel = 1 HTTPConnection.debuglevel = 1
return _getJsonRequest(session, url, domain, sessionHeaders, if signingPrivateKeyPem:
sessionParams, timeoutSec, return _getJsonSigned(session, url, domain,
signingPrivateKeyPem, quiet, debug) sessionHeaders, sessionParams,
timeoutSec, signingPrivateKeyPem,
quiet, debug)
else:
return _getJsonRequest(session, url, domain, sessionHeaders,
sessionParams, timeoutSec,
None, quiet, debug)
def postJson(httpPrefix: str, domainFull: str, def postJson(httpPrefix: str, domainFull: str,