general: give a timeout to all HTTP requests (#68470)
This commit is contained in:
parent
b3eb113d99
commit
09b1e27c1f
|
@ -1487,7 +1487,9 @@ class AddressAutocompleteAPI(APIView):
|
|||
if not getattr(settings, 'ADDRESS_AUTOCOMPLETE_URL', None):
|
||||
return Response({})
|
||||
try:
|
||||
response = requests.get(settings.ADDRESS_AUTOCOMPLETE_URL, params=request.GET)
|
||||
response = requests.get(
|
||||
settings.ADDRESS_AUTOCOMPLETE_URL, params=request.GET, timeout=settings.REQUESTS_TIMEOUT
|
||||
)
|
||||
response.raise_for_status()
|
||||
return Response(response.json())
|
||||
except RequestException:
|
||||
|
|
|
@ -16,6 +16,7 @@
|
|||
|
||||
|
||||
import requests
|
||||
from django.conf import settings
|
||||
|
||||
from authentic2 import app_settings
|
||||
|
||||
|
@ -25,4 +26,4 @@ def get_url(url):
|
|||
verify = app_settings.A2_VERIFY_SSL
|
||||
if verify and app_settings.CAFILE:
|
||||
verify = app_settings.CAFILE
|
||||
return requests.get(url, verify=verify).text
|
||||
return requests.get(url, verify=verify, timeout=settings.REQUESTS_TIMEOUT).text
|
||||
|
|
|
@ -466,7 +466,9 @@ def soap_call(url, msg):
|
|||
logger = logging.getLogger(__name__)
|
||||
try:
|
||||
logger.debug('SOAP call to %r with data %r', url, msg[:10000])
|
||||
response = requests.post(url, data=msg, headers={'Content-Type': 'text/xml'})
|
||||
response = requests.post(
|
||||
url, data=msg, headers={'Content-Type': 'text/xml'}, timeout=settings.REQUESTS_TIMEOUT
|
||||
)
|
||||
response.raise_for_status()
|
||||
except requests.RequestException as e:
|
||||
logging.error('SOAP call to %r error %s with data %r', url, e, msg[:10000])
|
||||
|
|
|
@ -18,6 +18,7 @@ import xml.etree.ElementTree as ET
|
|||
|
||||
import requests
|
||||
from django import forms
|
||||
from django.conf import settings
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.utils.encoding import force_text
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
|
@ -49,7 +50,7 @@ class AddLibertyProviderFromUrlForm(forms.Form):
|
|||
self.childs = []
|
||||
if name and slug and url:
|
||||
try:
|
||||
response = requests.get(url)
|
||||
response = requests.get(url, timeout=settings.REQUESTS_TIMEOUT)
|
||||
response.raise_for_status()
|
||||
content = force_text(response.content)
|
||||
except requests.RequestException as e:
|
||||
|
|
|
@ -22,6 +22,7 @@ import warnings
|
|||
import xml.etree.ElementTree as etree
|
||||
|
||||
import requests
|
||||
from django.conf import settings
|
||||
from django.contrib.contenttypes.models import ContentType
|
||||
from django.core.management.base import BaseCommand, CommandError
|
||||
from django.db.transaction import atomic
|
||||
|
@ -341,7 +342,7 @@ Any other kind of attribute filter policy is unsupported.
|
|||
source = options['source']
|
||||
metadata_file_path = options['metadata_file_path']
|
||||
if metadata_file_path.startswith('http://') or metadata_file_path.startswith('https://'):
|
||||
response = requests.get(metadata_file_path)
|
||||
response = requests.get(metadata_file_path, timeout=settings.REQUESTS_TIMEOUT)
|
||||
if not response.ok:
|
||||
raise CommandError('Unable to open url %s' % metadata_file_path)
|
||||
metadata_file = io.BytesIO(response.content)
|
||||
|
|
|
@ -414,7 +414,7 @@ class LibertyProvider(Service):
|
|||
try:
|
||||
if not self.metadata_url:
|
||||
raise ValidationError(_('No metadata URL'))
|
||||
response = requests.get(self.metadata_url)
|
||||
response = requests.get(self.metadata_url, timeout=settings.REQUESTS_TIMEOUT)
|
||||
except requests.RequestException as e:
|
||||
raise ValidationError(_('Retrieval of metadata failed: %s') % e)
|
||||
else:
|
||||
|
|
|
@ -332,6 +332,10 @@ MELLON_LOOKUP_BY_ATTRIBUTES = [
|
|||
{"saml_attribute": "username", "user_field": "username"},
|
||||
]
|
||||
|
||||
# timeout used in python-requests call, in seconds
|
||||
# we use 28s by default: timeout just before web server, which is usually 30s
|
||||
REQUESTS_TIMEOUT = 28
|
||||
|
||||
# Permissions
|
||||
|
||||
DJANGO_RBAC_PERMISSIONS_HIERARCHY = {
|
||||
|
|
|
@ -18,6 +18,7 @@ import datetime
|
|||
import logging
|
||||
|
||||
import requests
|
||||
from django.conf import settings
|
||||
from django.contrib.auth import get_user_model
|
||||
from django.contrib.auth.backends import ModelBackend
|
||||
from django.db.transaction import atomic
|
||||
|
@ -163,6 +164,7 @@ class OIDCBackend(ModelBackend):
|
|||
headers={
|
||||
'Authorization': 'Bearer %s' % access_token,
|
||||
},
|
||||
timeout=settings.REQUESTS_TIMEOUT,
|
||||
)
|
||||
response.raise_for_status()
|
||||
except requests.RequestException as e:
|
||||
|
|
|
@ -20,6 +20,7 @@ from datetime import timedelta
|
|||
from xml.etree import ElementTree as ET
|
||||
|
||||
import requests
|
||||
from django.conf import settings
|
||||
from django.http import HttpResponse, HttpResponseBadRequest
|
||||
from django.utils.timezone import now
|
||||
from django.views.generic.base import View
|
||||
|
@ -369,7 +370,9 @@ class ServiceValidateView(ValidateBaseView):
|
|||
# Skip PGT_URL check for testing purpose
|
||||
# instead store PGT_IOU / PGT association in session
|
||||
if app_settings.CHECK_PGT_URL:
|
||||
response = requests.get(pgt_url, params={PGT_ID_PARAM: pgt, PGT_IOU_PARAM: pgt_iou})
|
||||
response = requests.get(
|
||||
pgt_url, params={PGT_ID_PARAM: pgt, PGT_IOU_PARAM: pgt_iou}, timeout=settings.REQUESTS_TIMEOUT
|
||||
)
|
||||
if response.status_code != 200:
|
||||
self.logger.warning('pgtUrl %r returned non 200 code: %d', pgt_url, response.status_code)
|
||||
return
|
||||
|
|
Loading…
Reference in New Issue