本文整理汇总了Python中sentry.coreapi.project_from_auth_vars函数的典型用法代码示例。如果您正苦于以下问题:Python project_from_auth_vars函数的具体用法?Python project_from_auth_vars怎么用?Python project_from_auth_vars使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了project_from_auth_vars函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_valid_without_key
def test_valid_without_key(self):
auth_vars = {}
# without key
result = project_from_auth_vars(auth_vars)
self.assertEquals(result, None)
# with key
auth_vars['sentry_key'] = self.pk.public_key
result = project_from_auth_vars(auth_vars)
self.assertEquals(result, self.project)示例2: store
def store(request):
try:
auth_vars = extract_auth_vars(request)
data = request.raw_post_data
if auth_vars:
server_version = auth_vars.get('sentry_version', '1.0')
else:
server_version = request.GET.get('version', '1.0')
if server_version not in ('1.0', '2.0'):
raise APIError('Client/server version mismatch. Unsupported version: %r' % server_version)
if auth_vars:
project = project_from_auth_vars(auth_vars, data)
elif request.GET.get('api_key') and request.GET.get('project_id') and request.is_secure():
# ssl requests dont have to have signature verification
project = project_from_api_key_and_id(request.GET['api_key'], request.GET['project_id'])
elif request.GET.get('project_id') and request.user.is_authenticated():
# authenticated users are simply trusted to provide the right id
project = project_from_id(request)
else:
raise APIUnauthorized()
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
validate_data(project, data)
insert_data_to_database(data)
except APIError, error:
return HttpResponse(error.msg, status=error.http_status)示例3: test_valid_without_key
def test_valid_without_key(self):
auth_vars = {
'sentry_signature': 'adf',
'sentry_timestamp': time.time(),
}
with mock.patch('sentry.coreapi.validate_hmac') as validate_hmac_:
validate_hmac_.return_value = True
# without key
result = project_from_auth_vars(auth_vars, '')
self.assertEquals(result, None)
# with key
auth_vars['sentry_key'] = self.pk.public_key
result = project_from_auth_vars(auth_vars, '')
self.assertEquals(result, self.project)示例4: handle_sentry
def handle_sentry(data, address):
from sentry.exceptions import InvalidData
from sentry.coreapi import project_from_auth_vars, decode_and_decompress_data, \
safely_load_json_string, validate_data, insert_data_to_database, APIError
from sentry.utils.auth import parse_auth_header
try:
try:
auth_header, data = data.split('\n\n', 1)
except ValueError:
raise APIError('missing auth header')
auth_vars = parse_auth_header(auth_header)
project = project_from_auth_vars(auth_vars, data)
client = auth_vars.get('sentry_client')
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data, client)
except InvalidData, e:
raise APIError(unicode(e))
return insert_data_to_database(data)示例5: handle
def handle(self, data, address):
from sentry.utils.auth import parse_auth_header
from sentry.coreapi import (project_from_auth_vars, decode_and_decompress_data, safely_load_json_string,
validate_data, insert_data_to_database, APIError)
try:
try:
auth_header, data = data.split("\n\n", 1)
except ValueError:
raise APIError("missing auth header")
project = project_from_auth_vars(parse_auth_header(auth_header), data)
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data)
except InvalidTimestamp:
# Log the error, remove the timestamp, and revalidate
logger.error('Client %r passed an invalid value for timestamp %r' % (
data['timestamp'],
client or '<unknown client>',
))
del data['timestamp']
validate_data(project, data)
return insert_data_to_database(data)
except APIError, error:
logger.error('bad message from %s: %s' % (address, error.msg))
return error示例6: test_inactive_member
def test_inactive_member(self):
self.pm.is_active = False
self.pm.save()
auth_vars = {}
# without key
result = project_from_auth_vars(auth_vars)
self.assertEquals(result, None)
# with key
auth_vars['sentry_key'] = self.pk.public_key
self.assertRaises(APIUnauthorized, project_from_auth_vars, auth_vars)示例7: handle_sentry
def handle_sentry(data, address):
from sentry.coreapi import (
project_from_auth_vars,
decode_and_decompress_data,
safely_load_json_string,
validate_data,
insert_data_to_database,
APIError,
APIForbidden,
)
from sentry.models import Group
from sentry.exceptions import InvalidData
from sentry.plugins import plugins
from sentry.utils.auth import parse_auth_header
try:
try:
auth_header, data = data.split("\n\n", 1)
except ValueError:
raise APIError("missing auth header")
try:
auth_vars = parse_auth_header(auth_header)
except (ValueError, IndexError):
raise APIError("invalid auth header")
project, user = project_from_auth_vars(auth_vars)
result = plugins.first("has_perm", user, "create_event", project)
if result is False:
raise APIForbidden("Creation of this event was blocked")
client = auth_vars.get("sentry_client")
if not data.startswith("{"):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data, client)
except InvalidData, e:
raise APIError(u"Invalid data: %s (%s)" % (unicode(e), type(e)))
Group.objects.normalize_event_data(data)
return insert_data_to_database(data)示例8: test_inactive_member
def test_inactive_member(self):
self.pm.is_active = False
self.pm.save()
auth_vars = {
'sentry_signature': 'adf',
'sentry_timestamp': time.time(),
}
with mock.patch('sentry.coreapi.validate_hmac') as validate_hmac_:
validate_hmac_.return_value = True
# without key
result = project_from_auth_vars(auth_vars, '')
self.assertEquals(result, None)
# with key
auth_vars['sentry_key'] = self.pk.public_key
self.assertRaises(APIUnauthorized, project_from_auth_vars, auth_vars, '')示例9: handle
def handle(self, data, address):
from sentry.utils.auth import parse_auth_header
from sentry.coreapi import (project_from_auth_vars, decode_and_decompress_data, safely_load_json_string,
ensure_valid_project_id, insert_data_to_database, APIError)
try:
try:
auth_header, data = data.split("\n\n", 1)
except ValueError:
raise APIError("missing auth header")
project = project_from_auth_vars(parse_auth_header(auth_header), data)
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
ensure_valid_project_id(project, data)
return insert_data_to_database(data)
except APIError, error:
logger.error('bad message from %s: %s' % (address, error.msg))
return error示例10: handle_sentry
def handle_sentry(data, address):
from sentry.coreapi import project_from_auth_vars, decode_and_decompress_data, \
safely_load_json_string, validate_data, insert_data_to_database, APIError, \
APIForbidden
from sentry.exceptions import InvalidData
from sentry.plugins import plugins
from sentry.utils.auth import parse_auth_header
try:
try:
auth_header, data = data.split('\n\n', 1)
except ValueError:
raise APIError('missing auth header')
try:
auth_vars = parse_auth_header(auth_header)
except (ValueError, IndexError):
raise APIError('invalid auth header')
project, user = project_from_auth_vars(auth_vars)
result = plugins.first('has_perm', user, 'create_event', project)
if result is False:
raise APIForbidden('Creation of this event was blocked')
client = auth_vars.get('sentry_client')
if not data.startswith('{'):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data, client)
except InvalidData, e:
raise APIError(u'Invalid data: %s (%s)' % (unicode(e), type(e)))
return insert_data_to_database(data)示例11: _dispatch
def _dispatch(self, request, project_id=None, *args, **kwargs):
request.user = AnonymousUser()
try:
project = self._get_project_from_id(project_id)
except APIError as e:
raise InvalidRequest(str(e))
if project:
Raven.tags_context({'project': project.id})
origin = self.get_request_origin(request)
if origin is not None:
# This check is specific for clients who need CORS support
if not project:
raise InvalidRequest('Your client must be upgraded for CORS support.')
if not is_valid_origin(origin, project):
raise InvalidOrigin(origin)
# XXX: It seems that the OPTIONS call does not always include custom headers
if request.method == 'OPTIONS':
response = self.options(request, project)
else:
try:
auth_vars = self._parse_header(request, project)
except APIError as e:
raise InvalidRequest(str(e))
try:
project_, user = project_from_auth_vars(auth_vars)
except APIError as error:
return HttpResponse(six.text_type(error.msg), status=error.http_status)
else:
if user:
request.user = user
# Legacy API was /api/store/ and the project ID was only available elsewhere
if not project:
if not project_:
raise InvalidRequest('Unable to identify project')
project = project_
elif project_ != project:
raise InvalidRequest('Project ID mismatch')
else:
Raven.tags_context({'project': project.id})
auth = Auth(auth_vars, is_public=bool(origin))
if auth.version >= 3:
if request.method == 'GET':
# GET only requires an Origin/Referer check
# If an Origin isn't passed, it's possible that the project allows no origin,
# so we need to explicitly check for that here. If Origin is not None,
# it can be safely assumed that it was checked previously and it's ok.
if origin is None and not is_valid_origin(origin, project):
# Special case an error message for a None origin when None wasn't allowed
raise InvalidRequest('Missing required Origin or Referer header')
else:
# Version 3 enforces secret key for server side requests
if not auth.secret_key:
raise InvalidRequest('Missing required attribute in authentication header: sentry_secret')
try:
response = super(APIView, self).dispatch(request, project=project, auth=auth, **kwargs)
except APIError as error:
response = HttpResponse(six.text_type(error.msg), content_type='text/plain', status=error.http_status)
if isinstance(error, APIRateLimited) and error.retry_after is not None:
response['Retry-After'] = str(error.retry_after)
if origin:
response['Access-Control-Allow-Origin'] = origin
return response示例12: dispatch
return auth_vars
@csrf_exempt
def dispatch(self, request, project_id=None, *args, **kwargs):
try:
project = self._get_project_from_id(project_id)
except APIError, e:
return HttpResponse(str(e), status=400)
try:
auth_vars = self._parse_header(request, project)
except APIError, e:
return HttpResponse(str(e), status=400)
project_ = project_from_auth_vars(auth_vars)
# Legacy API was /api/store/ and the project ID was only available elsewhere
if not project:
if not project_:
return HttpResponse('Unable to identify project', status=400)
project = project_
elif project_ != project:
return HttpResponse('Project ID mismatch', status=400)
origin = request.META.get('HTTP_ORIGIN', None)
if origin is not None and not is_valid_origin(origin, project):
return HttpResponse('Invalid origin: %r' % origin, status=400)
auth = Auth(auth_vars)
示例13: store
def store(request, project=None):
"""
The primary endpoint for storing new events.
This will validate the client's authentication and data, and if
successfull pass on the payload to the internal database handler.
Authentication works in three flavors:
1. Explicit signed requests
These are implemented using the documented signed request protocol, and
require an authentication header which is signed using with the project
member's secret key.
2. CORS Secured Requests
Generally used for communications with client-side platforms (such as
JavaScript in the browser), they require a standard header, excluding
the signature and timestamp requirements, and must be listed in the
origins for the given project (or the global origins).
3. Implicit trusted requests
Used by the Sentry core, they are only available from same-domain requests
and do not require any authentication information. They only require that
the user be authenticated, and a project_id be sent in the GET variables.
"""
logger.debug(
"Inbound %r request from %r (%s)",
request.method,
request.META["REMOTE_ADDR"],
request.META.get("HTTP_USER_AGENT"),
)
client = "<unknown client>"
response = HttpResponse()
if request.method == "POST":
try:
auth_vars = extract_auth_vars(request)
data = request.raw_post_data
if auth_vars:
server_version = auth_vars.get("sentry_version", "1.0")
client = auth_vars.get("sentry_client", request.META.get("HTTP_USER_AGENT"))
else:
server_version = request.GET.get("version", "1.0")
client = request.META.get("HTTP_USER_AGENT", request.GET.get("client"))
if server_version not in ("1.0", "2.0"):
raise APIError("Client/server version mismatch: Unsupported version: %r" % server_version)
if server_version != "1.0" and not client:
raise APIError("Client request error: Missing client version identifier.")
referrer = request.META.get("HTTP_REFERER")
if auth_vars:
# We only require a signature if a referrer was not set
# (this is restricted via the CORS headers)
project_ = project_from_auth_vars(auth_vars, data, require_signature=False)
if not project:
project = project_
elif project_ != project:
raise APIError("Project ID mismatch")
elif request.user.is_authenticated() and is_same_domain(request.build_absolute_uri(), referrer):
# authenticated users are simply trusted to provide the right id
project_ = project_from_id(request)
if not project:
project = project_
elif project_ != project:
raise APIError("Project ID mismatch")
else:
raise APIUnauthorized()
if not data.startswith("{"):
data = decode_and_decompress_data(data)
data = safely_load_json_string(data)
try:
validate_data(project, data, client)
except InvalidData, e:
raise APIError(u"Invalid data: %s" % unicode(e))
insert_data_to_database(data)
except APIError, error:
logger.error("Client %r raised API error: %s", client, error, extra={"request": request}, exc_info=True)
response = HttpResponse(unicode(error.msg), status=error.http_status)示例14: _dispatch
def _dispatch(self, request, project_id=None, *args, **kwargs):
request.user = AnonymousUser()
try:
project = self._get_project_from_id(project_id)
except APIError, e:
return HttpResponse(str(e), status=400)
try:
auth_vars = self._parse_header(request, project)
except APIError, e:
return HttpResponse(str(e), status=400)
try:
project_, user = project_from_auth_vars(auth_vars)
except APIError, error:
if project:
logger.info('Project %r raised API error: %s', project.slug, error, extra={
'request': request,
}, exc_info=True)
return HttpResponse(unicode(error.msg), status=error.http_status)
else:
if user:
request.user = user
# Legacy API was /api/store/ and the project ID was only available elsewhere
if not project:
if not project_:
return HttpResponse('Unable to identify project', status=400)
project = project_示例15: _dispatch
def _dispatch(self, request, project_id=None, *args, **kwargs):
request.user = AnonymousUser()
try:
project = self._get_project_from_id(project_id)
except APIError as e:
raise InvalidRequest(str(e))
if project:
Raven.tags_context({'project': project.id})
origin = self.get_request_origin(request)
if origin is not None and not project:
raise InvalidRequest('Your client must be upgraded for CORS support.')
# XXX: It seems that the OPTIONS call does not always include custom headers
if request.method == 'OPTIONS':
if is_valid_origin(origin, project):
response = self.options(request, project)
else:
raise InvalidOrigin(origin)
else:
try:
auth_vars = self._parse_header(request, project)
except APIError as e:
raise InvalidRequest(str(e))
try:
project_, user = project_from_auth_vars(auth_vars)
except APIError as error:
return HttpResponse(unicode(error.msg), status=error.http_status)
else:
if user:
request.user = user
# Legacy API was /api/store/ and the project ID was only available elsewhere
if not project:
if not project_:
raise InvalidRequest('Unable to identify project')
project = project_
elif project_ != project:
raise InvalidRequest('Project ID mismatch')
else:
Raven.tags_context({'project': project.id})
auth = Auth(auth_vars, is_public=bool(origin))
if auth.version >= 3:
if request.method == 'GET':
# GET only requires an Origin/Referer check
if not is_valid_origin(origin, project):
if origin is None:
raise InvalidRequest('Missing required Origin or Referer header')
else:
raise InvalidOrigin(origin)
else:
# Version 3 enforces secret key for server side requests
if not auth.secret_key:
raise InvalidRequest('Missing required attribute in authentication header: sentry_secret')
try:
response = super(APIView, self).dispatch(request, project=project, auth=auth, **kwargs)
except APIError as error:
response = HttpResponse(unicode(error.msg), content_type='text/plain', status=error.http_status)
if origin:
response['Access-Control-Allow-Origin'] = origin
return response