Mercurial > libervia-backend
comparison sat/plugins/plugin_comp_ap_gateway/http_server.py @ 4015:2913313ca58f
component AP gateway (http): add verbose log when signature verification fails on POST request
| author | Goffi <goffi@goffi.org> |
|---|---|
| date | Sat, 18 Mar 2023 20:12:38 +0100 |
| parents | 4ef473116499 |
| children | 97df34151c6d |
comparison
equal
deleted
inserted
replaced
| 4014:4ef473116499 | 4015:2913313ca58f |
|---|---|
| 930 "id": url, | 930 "id": url, |
| 931 "orderedItems": following | 931 "orderedItems": following |
| 932 } | 932 } |
| 933 } | 933 } |
| 934 | 934 |
| 935 def _get_to_log( | |
| 936 self, | |
| 937 request: "HTTPRequest", | |
| 938 data: Optional[dict] = None, | |
| 939 ) -> List[str]: | |
| 940 """Get base data to logs in verbose mode""" | |
| 941 from pprint import pformat | |
| 942 to_log = [ | |
| 943 "", | |
| 944 f"<<< got {request.method.decode()} request - {request.uri.decode()}" | |
| 945 ] | |
| 946 if data is not None: | |
| 947 to_log.append(pformat(data)) | |
| 948 if self.apg.verbose>=3: | |
| 949 headers = "\n".join( | |
| 950 f" {k.decode()}: {v.decode()}" | |
| 951 for k,v in request.getAllHeaders().items() | |
| 952 ) | |
| 953 to_log.append(f" headers:\n{headers}") | |
| 954 return to_log | |
| 955 | |
| 935 async def APRequest( | 956 async def APRequest( |
| 936 self, | 957 self, |
| 937 request: "HTTPRequest", | 958 request: "HTTPRequest", |
| 938 data: Optional[dict] = None, | 959 data: Optional[dict] = None, |
| 939 signing_actor: Optional[str] = None | 960 signing_actor: Optional[str] = None |
| 940 ) -> None: | 961 ) -> None: |
| 941 if self.apg.verbose: | 962 if self.apg.verbose: |
| 942 from pprint import pformat | 963 to_log = self._get_to_log(request, data) |
| 943 to_log = [ | |
| 944 "", | |
| 945 f"<<< got {request.method.decode()} request - {request.uri.decode()}" | |
| 946 ] | |
| 947 if data is not None: | |
| 948 to_log.append(pformat(data)) | |
| 949 if self.apg.verbose>=3: | |
| 950 headers = "\n".join( | |
| 951 f" {k.decode()}: {v.decode()}" | |
| 952 for k,v in request.getAllHeaders().items() | |
| 953 ) | |
| 954 to_log.append(f" headers:\n{headers}") | |
| 955 | 964 |
| 956 path = request.path.decode() | 965 path = request.path.decode() |
| 957 ap_url = parse.urljoin( | 966 ap_url = parse.urljoin( |
| 958 f"https://{self.apg.public_url}", | 967 f"https://{self.apg.public_url}", |
| 959 path | 968 path |
| 1071 pass | 1080 pass |
| 1072 | 1081 |
| 1073 try: | 1082 try: |
| 1074 signing_actor = await self.checkSignature(request) | 1083 signing_actor = await self.checkSignature(request) |
| 1075 except exceptions.EncryptionError as e: | 1084 except exceptions.EncryptionError as e: |
| 1085 if self.apg.verbose: | |
| 1086 to_log = self._get_to_log(request) | |
| 1087 to_log.append(f" body: {request.content.read()!r}") | |
| 1088 request.content.seek(0) | |
| 1089 log.info("\n".join(to_log)) | |
| 1076 self.responseCode( | 1090 self.responseCode( |
| 1077 request, | 1091 request, |
| 1078 http.FORBIDDEN, | 1092 http.FORBIDDEN, |
| 1079 f"invalid signature: {e}" | 1093 f"invalid signature: {e}" |
| 1080 ) | 1094 ) |