__init__.py000064400000000000147205274320006651 0ustar00cherrytools.py000064400000006001147205274320007476 0ustar00# -*- coding: utf-8 -*- from typing import Callable, Optional import ssl import cherrypy from primordial.config import Config def start_cherry(config: Config, api: Callable, path: str) -> None: """Start CherryPy running an API. :param config: The configuration to use for CherryPy :param api: The API callable to be started :param path: The path under which the API should respond to requests """ cherrypy.tree.graft(api, path) run_cherrypy(config) def start_cherry_https(config: Config, api: Callable, path: str) -> None: """Start CherryPy running an API on HTTPS only. This is a backport of how ServiceGroup & DNS verticals start. :param config: The configuration to use for CherryPy :param api: The API callable to be started :param path: The path under which the API should respond to requests """ cherrypy.tree.graft(api, path) cert_file = config.get("server_cert") pkey_file = config.get("server_key") ca_certs_file = config.get("server_ca") run_cherrypy( config, cert_path=cert_file, key_path=pkey_file, ca_certs_path=ca_certs_file) def run_cherrypy( config: Config, cert_path: Optional[str] = None, key_path: Optional[str] = None, ca_certs_path: Optional[str] = None) -> None: """Run CherryPy. Called by `start_cherry`. :param config: The configuration to use for running CherryPy """ restart_trigger = config.get('restart_trigger') cherrypy.engine.autoreload.files.add(restart_trigger) # Only reload when the restart trigger changes (not other files) # TODO non-local only cherrypy.engine.autoreload.match = restart_trigger server_host = config.get('server.host') https_port = config.get_int('server.https.port') if https_port and cert_path is not None: cherrypy.config.update({ 'server.socket_host': server_host, 'server.socket_port': https_port, 'server.ssl_module': 'builtin', 'server.ssl_certificate': cert_path, 'server.ssl_private_key': key_path, 'server.ssl_context': ssl_context(cert_path, key_path, ca_certs_path)}) else: server_port = config.get_int('server.port') cherrypy.config.update({'server.socket_host': server_host, 'server.socket_port': server_port}) cherrypy.engine.start() cherrypy.engine.block() def ssl_context(certificate, private_key, ca_certs): """Create a server SSL context requiring client certificate authentication. :param certificate: Path to server certificate. :param private_key: Path to server private key. :param ca_certs: Path to certificate authority chain against which client certificates are validated. """ context = ssl.create_default_context( purpose=ssl.Purpose.CLIENT_AUTH, cafile=ca_certs ) context.load_cert_chain(certificate, private_key) context.verify_mode = ssl.CERT_REQUIRED return context falcontools.py000064400000001156147205274320007452 0ustar00# -*- coding: utf-8 -*- import json from json.decoder import JSONDecodeError import logging import falcon LOG = logging.getLogger(__name__) def json_body(req: falcon.Request, *_) -> None: """Decode JSON request body and attach to request as `body`. :param req: The request to be processed :raises falcon.HTTPBadRequest: In the case of invalid JSON """ body = req.bounded_stream.read().decode('utf-8') try: req.body = json.loads(body) if body else {} except JSONDecodeError as ex: raise falcon.HTTPBadRequest( code='BAD_JSON', description=str(ex)) __pycache__/__init__.cpython-38.pyc000064400000000244147205274320013151 0ustar00U af@sdS)NrrrI/opt/nydus/tmp/pip-target-53d1vnqk/lib/python/primordial/wsgi/__init__.py__pycache__/cherrytools.cpython-38.pyc000064400000005443147205274320013775 0ustar00U af @sddlmZmZddlZddlZddlmZeeeddddZeeeddddZ deeeeeeedd d d Z d d Z dS))CallableOptionalN)Config)configapipathreturncCstj||t|dS)zStart CherryPy running an API. :param config: The configuration to use for CherryPy :param api: The API callable to be started :param path: The path under which the API should respond to requests N)cherrypytreegraft run_cherrypy)rrrr L/opt/nydus/tmp/pip-target-53d1vnqk/lib/python/primordial/wsgi/cherrytools.py start_cherry srcCs@tj|||d}|d}|d}t||||ddS)a*Start CherryPy running an API on HTTPS only. This is a backport of how ServiceGroup & DNS verticals start. :param config: The configuration to use for CherryPy :param api: The API callable to be started :param path: The path under which the API should respond to requests Z server_certZ server_keyZ server_ca) cert_pathkey_path ca_certs_pathN)r r r getr )rrr cert_fileZ pkey_fileZ ca_certs_filer r rstart_cherry_httpss    r)rrrrrc Cs|d}tjjj||tjj_|d}|d}|rh|dk rhtj ||d||t |||dn|d}tj ||dtj tj dS) znRun CherryPy. Called by `start_cherry`. :param config: The configuration to use for running CherryPy restart_triggerz server.hostzserver.https.portNbuiltin)server.socket_hostserver.socket_portzserver.ssl_modulezserver.ssl_certificatezserver.ssl_private_keyzserver.ssl_contextz server.port)rr) rr ZengineZ autoreloadfilesaddmatchZget_intrupdate ssl_contextstartblock)rrrrrZ server_hostZ https_portZ server_portr r rr -s(        r cCs*tjtjj|d}|||tj|_|S)a4Create a server SSL context requiring client certificate authentication. :param certificate: Path to server certificate. :param private_key: Path to server private key. :param ca_certs: Path to certificate authority chain against which client certificates are validated. )purposecafile)sslcreate_default_contextPurpose CLIENT_AUTHload_cert_chain CERT_REQUIRED verify_mode)Z certificateZ private_keyca_certscontextr r rrPs r)NNN) typingrrr#r Zprimordial.configrstrrrr rr r r rs    #__pycache__/falcontools.cpython-38.pyc000064400000001530147205274320013734 0ustar00U afn@sDddlZddlmZddlZddlZeeZejddddZ dS)N)JSONDecodeError)reqreturnc Gsb|jd}z|r t|ni|_Wn4tk r\}ztjdt |dW5d}~XYnXdS)zDecode JSON request body and attach to request as `body`. :param req: The request to be processed :raises falcon.HTTPBadRequest: In the case of invalid JSON zutf-8ZBAD_JSON)code descriptionN) Zbounded_streamreaddecodejsonloadsbodyrfalconZHTTPBadRequeststr)r_r exrL/opt/nydus/tmp/pip-target-53d1vnqk/lib/python/primordial/wsgi/falcontools.py json_body sr) r Z json.decoderrloggingr getLogger__name__LOGRequestrrrrrs