2015-07-08 15:04:54 +02:00
|
|
|
# welco - multichannel request processing
|
|
|
|
|
# Copyright (C) 2015 Entr'ouvert
|
|
|
|
|
#
|
|
|
|
|
# This program is free software: you can redistribute it and/or modify it
|
|
|
|
|
# under the terms of the GNU Affero General Public License as published
|
|
|
|
|
# by the Free Software Foundation, either version 3 of the License, or
|
|
|
|
|
# (at your option) any later version.
|
|
|
|
|
#
|
|
|
|
|
# This program is distributed in the hope that it will be useful,
|
|
|
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
# GNU Affero General Public License for more details.
|
|
|
|
|
#
|
|
|
|
|
# You should have received a copy of the GNU Affero General Public License
|
|
|
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
|
2015-09-21 13:57:33 +02:00
|
|
|
import base64
|
|
|
|
|
import datetime
|
|
|
|
|
import hmac
|
|
|
|
|
import hashlib
|
|
|
|
|
import json
|
|
|
|
|
import random
|
2015-11-01 20:41:17 +01:00
|
|
|
import re
|
2015-07-08 15:04:54 +02:00
|
|
|
import requests
|
|
|
|
|
|
|
|
|
|
from django.conf import settings
|
|
|
|
|
from django.core.cache import cache
|
2015-11-01 20:41:17 +01:00
|
|
|
from django.http import HttpResponse, HttpResponseBadRequest
|
2020-01-19 19:15:38 +01:00
|
|
|
from django.utils.encoding import smart_bytes
|
2020-01-19 19:09:41 +01:00
|
|
|
from django.utils.http import urlencode, quote
|
|
|
|
|
from django.utils.six.moves.urllib import parse as urlparse
|
|
|
|
|
|
2015-07-08 15:04:54 +02:00
|
|
|
|
2015-09-21 13:57:33 +02:00
|
|
|
def sign_url(url, key, algo='sha256', timestamp=None, nonce=None):
|
|
|
|
|
parsed = urlparse.urlparse(url)
|
|
|
|
|
new_query = sign_query(parsed.query, key, algo, timestamp, nonce)
|
|
|
|
|
return urlparse.urlunparse(parsed[:4] + (new_query,) + parsed[5:])
|
|
|
|
|
|
|
|
|
|
def sign_query(query, key, algo='sha256', timestamp=None, nonce=None):
|
|
|
|
|
if timestamp is None:
|
|
|
|
|
timestamp = datetime.datetime.utcnow()
|
|
|
|
|
timestamp = timestamp.strftime('%Y-%m-%dT%H:%M:%SZ')
|
|
|
|
|
if nonce is None:
|
|
|
|
|
nonce = hex(random.getrandbits(128))[2:]
|
|
|
|
|
new_query = query
|
|
|
|
|
if new_query:
|
|
|
|
|
new_query += '&'
|
2020-01-19 19:09:41 +01:00
|
|
|
new_query += urlencode((
|
2015-09-21 13:57:33 +02:00
|
|
|
('algo', algo),
|
|
|
|
|
('timestamp', timestamp),
|
|
|
|
|
('nonce', nonce)))
|
|
|
|
|
signature = base64.b64encode(sign_string(new_query, key, algo=algo))
|
2020-01-19 19:09:41 +01:00
|
|
|
new_query += '&signature=' + quote(signature)
|
2015-09-21 13:57:33 +02:00
|
|
|
return new_query
|
|
|
|
|
|
|
|
|
|
def sign_string(s, key, algo='sha256', timedelta=30):
|
|
|
|
|
digestmod = getattr(hashlib, algo)
|
2020-01-19 19:15:38 +01:00
|
|
|
hash = hmac.HMAC(smart_bytes(key), digestmod=digestmod, msg=smart_bytes(s))
|
2015-09-21 13:57:33 +02:00
|
|
|
return hash.digest()
|
|
|
|
|
|
2015-07-08 15:04:54 +02:00
|
|
|
def get_wcs_services():
|
|
|
|
|
return settings.KNOWN_SERVICES.get('wcs')
|
|
|
|
|
|
2018-06-19 11:33:04 +02:00
|
|
|
def get_wcs_json(wcs_url, path, wcs_site, params={}):
|
2015-07-08 15:04:54 +02:00
|
|
|
if not wcs_url.endswith('/'):
|
|
|
|
|
wcs_url += '/'
|
2018-06-19 11:33:04 +02:00
|
|
|
url = wcs_url + path + '?orig=%s' % wcs_site.get('orig')
|
|
|
|
|
if params:
|
|
|
|
|
url += '&' + urlencode(params)
|
2015-07-08 15:04:54 +02:00
|
|
|
response_json = cache.get(url)
|
|
|
|
|
if response_json is None:
|
2018-06-19 11:33:04 +02:00
|
|
|
signed_url = sign_url(url, wcs_site.get('secret'))
|
2015-11-12 18:05:34 +01:00
|
|
|
response_json = requests.get(signed_url, headers={'accept': 'application/json'},
|
2017-08-11 19:14:40 +02:00
|
|
|
timeout=10).json()
|
2018-01-23 17:51:20 +01:00
|
|
|
if not isinstance(response_json, dict):
|
|
|
|
|
response_json = {'data': response_json}
|
2015-07-08 15:04:54 +02:00
|
|
|
cache.set(url, response_json)
|
|
|
|
|
return response_json
|
|
|
|
|
|
2018-06-19 11:33:04 +02:00
|
|
|
def get_wcs_options(url, condition=None, params={}):
|
2015-07-08 15:04:54 +02:00
|
|
|
categories = {}
|
2020-01-19 19:10:24 +01:00
|
|
|
for wcs_key, wcs_site in get_wcs_services().items():
|
2015-07-08 15:04:54 +02:00
|
|
|
site_title = wcs_site.get('title')
|
2018-06-19 11:33:04 +02:00
|
|
|
response_json = get_wcs_json(wcs_site.get('url'), url, wcs_site, params)
|
2015-07-08 15:04:54 +02:00
|
|
|
if type(response_json) is dict:
|
|
|
|
|
response_json = response_json.get('data')
|
|
|
|
|
for element in response_json:
|
2015-10-11 16:43:18 +02:00
|
|
|
if condition and not condition(element):
|
|
|
|
|
continue
|
2015-07-08 15:04:54 +02:00
|
|
|
slug = element.get('slug')
|
|
|
|
|
category = element.get('category') or '-'
|
|
|
|
|
title = element.get('title')
|
|
|
|
|
if len(get_wcs_services()) == 1:
|
|
|
|
|
category_key = category
|
|
|
|
|
else:
|
|
|
|
|
category_key = '%s : %s' % (site_title, category)
|
|
|
|
|
if not category_key in categories:
|
|
|
|
|
categories[category_key] = []
|
|
|
|
|
reference = '%s:%s' % (wcs_key, slug)
|
|
|
|
|
categories[category_key].append((reference, title))
|
|
|
|
|
options = []
|
|
|
|
|
for category in sorted(categories.keys()):
|
2020-01-19 19:16:18 +01:00
|
|
|
options.append((category, sorted(categories[category], key=lambda x: x[1])))
|
2015-07-08 15:04:54 +02:00
|
|
|
return options
|
2015-07-15 14:09:20 +02:00
|
|
|
|
|
|
|
|
def get_wcs_formdef_details(formdef_reference):
|
|
|
|
|
wcs_key, form_slug = formdef_reference.split(':')
|
|
|
|
|
wcs_site = get_wcs_services()[wcs_key]
|
2015-11-12 18:05:34 +01:00
|
|
|
forms_response_json = get_wcs_json(wcs_site.get('url'), 'json', wcs_site)
|
2018-01-23 14:22:58 +01:00
|
|
|
for form in forms_response_json.get('data') or []:
|
2015-07-15 14:09:20 +02:00
|
|
|
slug = form.get('slug')
|
|
|
|
|
if slug == form_slug:
|
|
|
|
|
return form
|
|
|
|
|
return None
|
2015-09-21 13:57:33 +02:00
|
|
|
|
2015-09-21 16:17:50 +02:00
|
|
|
def push_wcs_formdata(request, formdef_reference, context=None):
|
2015-09-21 13:57:33 +02:00
|
|
|
wcs_key, form_slug = formdef_reference.split(':')
|
|
|
|
|
wcs_site = get_wcs_services()[wcs_key]
|
|
|
|
|
wcs_site_url = get_wcs_services()[wcs_key]['url']
|
|
|
|
|
if not wcs_site_url.endswith('/'):
|
|
|
|
|
wcs_site_url += '/'
|
2016-11-13 21:17:11 +01:00
|
|
|
url = wcs_site_url + 'api/formdefs/%s/schema' % form_slug
|
|
|
|
|
response = requests.get(url)
|
2016-12-14 15:38:36 +01:00
|
|
|
create_draft = not(bool('welco-direct' in (response.json().get('keywords') or '')))
|
2016-11-13 21:17:11 +01:00
|
|
|
|
2015-09-21 13:57:33 +02:00
|
|
|
url = wcs_site_url + 'api/formdefs/%s/submit?' % form_slug
|
|
|
|
|
data = {
|
2016-11-13 21:17:11 +01:00
|
|
|
'meta': {'draft': create_draft, 'backoffice-submission': True},
|
2015-09-21 13:57:33 +02:00
|
|
|
'data': {},
|
|
|
|
|
}
|
2015-09-21 16:17:50 +02:00
|
|
|
if context:
|
|
|
|
|
data['context'] = context
|
2015-09-21 13:57:33 +02:00
|
|
|
|
|
|
|
|
url += 'orig=%s' % wcs_site.get('orig')
|
|
|
|
|
if request.session.get('mellon_session'):
|
|
|
|
|
mellon = request.session['mellon_session']
|
|
|
|
|
nameid = mellon['name_id_content']
|
2020-01-19 19:09:41 +01:00
|
|
|
url += '&NameID=' + quote(nameid)
|
2015-09-21 13:57:33 +02:00
|
|
|
|
|
|
|
|
url = sign_url(url, wcs_site.get('secret'))
|
|
|
|
|
|
|
|
|
|
response = requests.post(url, data=json.dumps(data),
|
|
|
|
|
headers={'Content-type': 'application/json'})
|
|
|
|
|
if response.json().get('err') != 0:
|
|
|
|
|
raise Exception('error %r' % response.content)
|
2018-05-19 16:41:16 +02:00
|
|
|
data = response.json()['data']
|
|
|
|
|
return data['id'], data.get('backoffice_url')
|
|
|
|
|
|
2015-09-24 12:28:56 +02:00
|
|
|
|
|
|
|
|
def get_wcs_data(endpoint, params=None):
|
2020-03-19 12:03:37 +01:00
|
|
|
wcs_site = list(get_wcs_services().values())[0]
|
2015-09-24 12:28:56 +02:00
|
|
|
wcs_site_url = wcs_site['url']
|
|
|
|
|
if not wcs_site_url.endswith('/'):
|
|
|
|
|
wcs_site_url += '/'
|
|
|
|
|
url = wcs_site_url + endpoint
|
|
|
|
|
|
2020-01-19 19:09:41 +01:00
|
|
|
if not params:
|
2015-09-24 12:28:56 +02:00
|
|
|
params = {}
|
|
|
|
|
|
|
|
|
|
params['orig'] = wcs_site.get('orig')
|
|
|
|
|
if params:
|
2020-01-19 19:09:41 +01:00
|
|
|
url += '?' + urlencode(params.items())
|
2015-09-24 12:28:56 +02:00
|
|
|
url = sign_url(url, wcs_site.get('secret'))
|
|
|
|
|
|
|
|
|
|
response = requests.get(url)
|
|
|
|
|
response.raise_for_status()
|
2018-01-23 14:22:58 +01:00
|
|
|
json_response = response.json()
|
|
|
|
|
if not isinstance(json_response, dict):
|
|
|
|
|
json_response = {'data': json_response}
|
|
|
|
|
return json_response
|
2015-11-01 20:41:17 +01:00
|
|
|
|
|
|
|
|
def response_for_json(request, data):
|
|
|
|
|
json_str = json.dumps(data)
|
|
|
|
|
for variable in ('jsonpCallback', 'callback'):
|
|
|
|
|
if variable in request.GET:
|
|
|
|
|
identifier = request.GET[variable]
|
|
|
|
|
if not re.match(r'^[$A-Za-z_][0-9A-Za-z_$]*$', identifier):
|
|
|
|
|
return HttpResponseBadRequest('invalid JSONP callback name')
|
|
|
|
|
json_str = '%s(%s);' % (identifier, json_str)
|
|
|
|
|
response = HttpResponse(content_type='application/javascript')
|
|
|
|
|
break
|
|
|
|
|
else:
|
|
|
|
|
response = HttpResponse(content_type='application/json')
|
|
|
|
|
response.write(json_str)
|
|
|
|
|
return response
|
