Skip to content

Commit

Permalink
add timeouts to requests
Browse files Browse the repository at this point in the history
  • Loading branch information
fmigneault committed Jan 25, 2024
1 parent 4f2e113 commit 8884ef0
Show file tree
Hide file tree
Showing 7 changed files with 21 additions and 21 deletions.
4 changes: 2 additions & 2 deletions magpie/adapter/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -144,9 +144,9 @@ def try_login():
try:
params = dict(parse_qsl(urlparse(request.url).query))
if is_json_body(request.text) and not params:
return requests.post(magpie_url + SigninAPI.path, json=request.json,
return requests.post(magpie_url + SigninAPI.path, json=request.json, timeout=5,
headers={"Content-Type": CONTENT_TYPE_JSON, "Accept": CONTENT_TYPE_JSON})
return requests.get(magpie_url + SigninAPI.path, data=request.text, params=params)
return requests.get(magpie_url + SigninAPI.path, data=request.text, params=params, timeout=5)
except HTTPError as exc:
if getattr(exc, "status_code", 500) >= 500:
raise
Expand Down
4 changes: 2 additions & 2 deletions magpie/adapter/magpieowssecurity.py
Original file line number Diff line number Diff line change
Expand Up @@ -275,7 +275,7 @@ def update_request_cookies(self, request):
magpie_auth = "{}{}".format(self.magpie_url, magpie_path)
headers = dict(request.headers)
headers.update({"Homepage-Route": "/session", "Accept": CONTENT_TYPE_JSON})
session_resp = requests.get(magpie_auth, headers=headers, verify=self.twitcher_ssl_verify)
session_resp = requests.get(magpie_auth, headers=headers, verify=self.twitcher_ssl_verify, timeout=5)
if session_resp.status_code != HTTPOk.code:
raise OWSAccessForbidden("Not authorized to access this resource. "
"Provider login failed with following reason: [{}]."
Expand All @@ -285,7 +285,7 @@ def update_request_cookies(self, request):
request_cookies = session_resp.request._cookies # noqa # pylint: disable=W0212
magpie_cookies = list(filter(lambda cookie: cookie.name == token_name, request_cookies))
magpie_domain = urlparse(self.magpie_url).hostname if len(magpie_cookies) > 1 else None
session_cookies = RequestsCookieJar.get(request_cookies, token_name, domain=magpie_domain)
session_cookies = RequestsCookieJar.get(request_cookies, token_name, domain=magpie_domain) # nosec: B113
if not session_resp.json().get("authenticated") or not session_cookies:
raise OWSAccessForbidden("Not authorized to access this resource. "
"Session authentication could not be verified.")
Expand Down
2 changes: 1 addition & 1 deletion magpie/adapter/magpieservice.py
Original file line number Diff line number Diff line change
Expand Up @@ -109,7 +109,7 @@ def list_services(self):
services = []
path = "{}{}".format(self.magpie_url, ServicesAPI.path)
resp = requests.get(path, cookies=self.magpie_admin_token, headers={"Accept": CONTENT_TYPE_JSON},
verify=self.twitcher_ssl_verify)
verify=self.twitcher_ssl_verify, timeout=5)
if resp.status_code != HTTPOk.code:
raise resp.raise_for_status()
json_body = resp.json()
Expand Down
4 changes: 2 additions & 2 deletions magpie/cli/sync_services.py
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ def get_resources(self):
# Only workspaces are fetched for now
resource_type = "route"
workspaces_url = "{}/{}".format(self.url, "workspaces")
resp = requests.get(workspaces_url, headers={"Accept": CONTENT_TYPE_JSON})
resp = requests.get(workspaces_url, headers={"Accept": CONTENT_TYPE_JSON}, timeout=5)
resp.raise_for_status()
workspaces_list = resp.json().get("workspaces", {}).get("workspace", {})

Expand Down Expand Up @@ -123,7 +123,7 @@ def get_resources(self):
# Only workspaces are fetched for now
resource_type = "route"
projects_url = "/".join([self.url, "Projects"])
resp = requests.get(projects_url)
resp = requests.get(projects_url, timeout=5)
resp.raise_for_status()

projects = {p["id"]: {"children": {},
Expand Down
22 changes: 11 additions & 11 deletions magpie/register.py
Original file line number Diff line number Diff line change
Expand Up @@ -339,7 +339,7 @@ def _magpie_add_register_services_perms(services, statuses, curl_cookies, reques
for service_name in services:
svc_available_perms_url = "{magpie}/services/{svc}/permissions" \
.format(magpie=magpie_url, svc=service_name)
resp_available_perms = requests.get(svc_available_perms_url, cookies=request_cookies)
resp_available_perms = requests.get(svc_available_perms_url, cookies=request_cookies, timeout=5)
if resp_available_perms.status_code == 401:
raise_log("Invalid credentials, cannot update service permissions",
exception=RegistrationLoginError, logger=LOGGER)
Expand All @@ -355,13 +355,13 @@ def _magpie_add_register_services_perms(services, statuses, curl_cookies, reques
svc_anonym_add_perms_url = "{magpie}/groups/{grp}/services/{svc}/permissions" \
.format(magpie=magpie_url, grp=anon_group, svc=service_name)
svc_anonym_perm_data = {"permission_name": Permission.GET_CAPABILITIES.value}
requests.post(svc_anonym_add_perms_url, data=svc_anonym_perm_data, cookies=request_cookies)
requests.post(svc_anonym_add_perms_url, data=svc_anonym_perm_data, cookies=request_cookies, timeout=5)

# check service response so Phoenix doesn't refuse registration
# try with both the 'direct' URL and the 'GetCapabilities' URL
attempt = 0
service_info_url = "{magpie}/services/{svc}".format(magpie=magpie_url, svc=service_name)
service_info_resp = requests.get(service_info_url, cookies=request_cookies)
service_info_resp = requests.get(service_info_url, cookies=request_cookies, timeout=5)
service_url = get_json(service_info_resp).get(service_name).get("service_url")
svc_getcap_url = "{svc_url}/wps?service=WPS&version=1.0.0&request=GetCapabilities" \
.format(svc_url=service_url)
Expand Down Expand Up @@ -396,12 +396,12 @@ def _magpie_update_services_conflict(conflict_services, services_dict, request_c
statuses[svc_name] = 409
svc_url_new = services_dict[svc_name]["url"]
svc_url_db = "{magpie}/services/{svc}".format(magpie=magpie_url, svc=svc_name)
svc_resp = requests.get(svc_url_db, cookies=request_cookies)
svc_resp = requests.get(svc_url_db, cookies=request_cookies, timeout=5)
svc_info = get_json(svc_resp).get(svc_name)
svc_url_old = svc_info["service_url"]
if svc_url_old != svc_url_new:
svc_info["service_url"] = svc_url_new
res_svc_put = requests.patch(svc_url_db, data=svc_info, cookies=request_cookies)
res_svc_put = requests.patch(svc_url_db, data=svc_info, cookies=request_cookies, timeout=5)
statuses[svc_name] = res_svc_put.status_code
print_log("[{url_old}] => [{url_new}] Service URL update ({svc}): {resp}"
.format(svc=svc_name, url_old=svc_url_old, url_new=svc_url_new, resp=res_svc_put.status_code),
Expand Down Expand Up @@ -777,7 +777,7 @@ def _parse_resource_path(permission_config_entry, # type: PermissionConfigItem
res_path = None
if _use_request(cookies_or_session):
res_path = get_magpie_url() + ServiceResourcesAPI.path.format(service_name=svc_name)
res_resp = requests.get(res_path, cookies=cookies_or_session)
res_resp = requests.get(res_path, cookies=cookies_or_session, timeout=5)
svc_json = get_json(res_resp)[svc_name] # type: JSON
res_dict = svc_json["resources"]
else:
Expand Down Expand Up @@ -817,7 +817,7 @@ def _parse_resource_path(permission_config_entry, # type: PermissionConfigItem
res_type = resource_type or svc_res_types[0]
if _use_request(cookies_or_session):
body = {"resource_name": res, "resource_type": res_type, "parent_id": parent}
resp = requests.post(res_path, json=body, cookies=cookies_or_session)
resp = requests.post(res_path, json=body, cookies=cookies_or_session, timeout=5)
else:
from magpie.api.management.resource.resource_utils import create_resource
resp = create_resource(res, res, res_type, parent, db_session=cookies_or_session)
Expand Down Expand Up @@ -920,11 +920,11 @@ def _apply_profile(_usr_name=None, _grp_name=None):
}
if _use_request(cookies_or_session):
if _usr_name:
path = "{url}{path}".format(url=magpie_url, path=UsersAPI.path)
return requests.post(path, json=usr_data)
path = "{url}{path}".format(url=magpie_url, path=UsersAPI.path, timeout=5)
return requests.post(path, json=usr_data, timeout=5)
if _grp_name:
path = "{url}{path}".format(url=magpie_url, path=GroupsAPI.path)
return requests.post(path, json=grp_data)
return requests.post(path, json=grp_data, timeout=5)
else:
if _usr_name:
from magpie.api.management.user.user_utils import create_user
Expand Down Expand Up @@ -1099,7 +1099,7 @@ def _process_permissions(permissions, magpie_url, cookies_or_session, users=None
svc_name = perm_cfg["service"]
if _use_request(cookies_or_session):
svc_path = magpie_url + ServiceAPI.path.format(service_name=svc_name)
svc_resp = requests.get(svc_path, cookies=cookies_or_session)
svc_resp = requests.get(svc_path, cookies=cookies_or_session, timeout=5)
if svc_resp.status_code != 200:
_handle_permission("Unknown service [{!s}]".format(svc_name), i, raise_errors=raise_errors)
continue
Expand Down
2 changes: 1 addition & 1 deletion magpie/ui/login/views.py
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ def login(self):
# keep using the external requests for external providers
if is_external:
signin_url = "{}{}".format(self.magpie_url, schemas.SigninAPI.path)
response = requests.post(signin_url, data=data, allow_redirects=True)
response = requests.post(signin_url, data=data, allow_redirects=True, timeout=5)
# use sub request for internal to avoid retry connection errors
else:
response = request_api(self.request, schemas.SigninAPI.path, "POST", data=data)
Expand Down
4 changes: 2 additions & 2 deletions magpie/utils.py
Original file line number Diff line number Diff line change
Expand Up @@ -678,7 +678,7 @@ def get_admin_cookies(container, verify=True, raise_message=None):
cred = {"user_name": get_constant("MAGPIE_ADMIN_USER", container),
"password": get_constant("MAGPIE_ADMIN_PASSWORD", container)}
headers = {"Accept": CONTENT_TYPE_JSON, "Content-Type": CONTENT_TYPE_JSON}
resp = requests.post(magpie_login_url, json=cred, headers=headers, verify=verify)
resp = requests.post(magpie_login_url, json=cred, headers=headers, verify=verify, timeout=5)
if resp.status_code != HTTPOk.code:
if raise_message:
raise_log(raise_message, logger=LOGGER)
Expand All @@ -689,7 +689,7 @@ def get_admin_cookies(container, verify=True, raise_message=None):
request_cookies = resp.cookies
magpie_cookies = list(filter(lambda cookie: cookie.name == token_name, request_cookies))
magpie_domain = urlparse(magpie_url).hostname if len(magpie_cookies) > 1 else None
session_cookies = RequestsCookieJar.get(request_cookies, token_name, domain=magpie_domain)
session_cookies = RequestsCookieJar.get(request_cookies, token_name, domain=magpie_domain) # nosec: B113

return {token_name: session_cookies}

Expand Down

0 comments on commit 8884ef0

Please sign in to comment.