# HG changeset patch # User Goffi # Date 1679166758 -3600 # Node ID 2913313ca58fed5483eac774b151fc616ac409c7 # Parent 4ef47311649961ba2ea66e0c165d3e01f7991b42 component AP gateway (http): add verbose log when signature verification fails on POST request diff -r 4ef473116499 -r 2913313ca58f sat/plugins/plugin_comp_ap_gateway/http_server.py --- a/sat/plugins/plugin_comp_ap_gateway/http_server.py Sat Mar 18 16:53:21 2023 +0100 +++ b/sat/plugins/plugin_comp_ap_gateway/http_server.py Sat Mar 18 20:12:38 2023 +0100 @@ -932,6 +932,27 @@ } } + def _get_to_log( + self, + request: "HTTPRequest", + data: Optional[dict] = None, + ) -> List[str]: + """Get base data to logs in verbose mode""" + from pprint import pformat + to_log = [ + "", + f"<<< got {request.method.decode()} request - {request.uri.decode()}" + ] + if data is not None: + to_log.append(pformat(data)) + if self.apg.verbose>=3: + headers = "\n".join( + f" {k.decode()}: {v.decode()}" + for k,v in request.getAllHeaders().items() + ) + to_log.append(f" headers:\n{headers}") + return to_log + async def APRequest( self, request: "HTTPRequest", @@ -939,19 +960,7 @@ signing_actor: Optional[str] = None ) -> None: if self.apg.verbose: - from pprint import pformat - to_log = [ - "", - f"<<< got {request.method.decode()} request - {request.uri.decode()}" - ] - if data is not None: - to_log.append(pformat(data)) - if self.apg.verbose>=3: - headers = "\n".join( - f" {k.decode()}: {v.decode()}" - for k,v in request.getAllHeaders().items() - ) - to_log.append(f" headers:\n{headers}") + to_log = self._get_to_log(request, data) path = request.path.decode() ap_url = parse.urljoin( @@ -1073,6 +1082,11 @@ try: signing_actor = await self.checkSignature(request) except exceptions.EncryptionError as e: + if self.apg.verbose: + to_log = self._get_to_log(request) + to_log.append(f" body: {request.content.read()!r}") + request.content.seek(0) + log.info("\n".join(to_log)) self.responseCode( request, http.FORBIDDEN,