0002-general-give-a-timeout-to-all-HTTP-requests-68470.patch

Frédéric Péters, 29 août 2022 08:45

Voir les différences: en ligne côte à côte

Subject: [PATCH 2/2] general: give a timeout to all HTTP requests (#68470)

 src/authentic2/api_views.py                              | 4 +++-
 src/authentic2/http_utils.py                             | 3 ++-
 src/authentic2/saml/common.py                            | 4 +++-
 src/authentic2/saml/forms.py                             | 3 ++-
 src/authentic2/saml/management/commands/sync-metadata.py | 3 ++-
 src/authentic2/saml/models.py                            | 2 +-
 src/authentic2/settings.py                               | 4 ++++
 src/authentic2_auth_oidc/backends.py                     | 2 ++
 src/authentic2_idp_cas/views.py                          | 5 ++++-
 9 files changed, 23 insertions(+), 7 deletions(-)

             if not getattr(settings, 'ADDRESS_AUTOCOMPLETE_URL', None):
                 return Response({})
             try:
                 response = requests.get(settings.ADDRESS_AUTOCOMPLETE_URL, params=request.GET)
                 response = requests.get(
                     settings.ADDRESS_AUTOCOMPLETE_URL, params=request.GET, timeout=settings.REQUESTS_TIMEOUT
+                )
                 response.raise_for_status()
                 return Response(response.json())
             except RequestException:

     import requests
     from django.conf import settings
     from authentic2 import app_settings
-...
         verify = app_settings.A2_VERIFY_SSL
         if verify and app_settings.CAFILE:
             verify = app_settings.CAFILE
         return requests.get(url, verify=verify).text
         return requests.get(url, verify=verify, timeout=settings.REQUESTS_TIMEOUT).text

         logger = logging.getLogger(__name__)
         try:
             logger.debug('SOAP call to %r with data %r', url, msg[:10000])
             response = requests.post(url, data=msg, headers={'Content-Type': 'text/xml'})
             response = requests.post(
                 url, data=msg, headers={'Content-Type': 'text/xml'}, timeout=settings.REQUESTS_TIMEOUT
+            )
             response.raise_for_status()
         except requests.RequestException as e:
             logging.error('SOAP call to %r error %s with data %r', url, e, msg[:10000])

     import requests
     from django import forms
     from django.conf import settings
     from django.core.exceptions import ValidationError
     from django.utils.encoding import force_text
     from django.utils.translation import ugettext_lazy as _
-...
             self.childs = []
             if name and slug and url:
                 try:
                     response = requests.get(url)
                     response = requests.get(url, timeout=settings.REQUESTS_TIMEOUT)
                     response.raise_for_status()
                     content = force_text(response.content)
                 except requests.RequestException as e:

     import xml.etree.ElementTree as etree
     import requests
     from django.conf import settings
     from django.contrib.contenttypes.models import ContentType
     from django.core.management.base import BaseCommand, CommandError
     from django.db.transaction import atomic
-...
             source = options['source']
             metadata_file_path = options['metadata_file_path']
             if metadata_file_path.startswith('http://') or metadata_file_path.startswith('https://'):
                 response = requests.get(metadata_file_path)
                 response = requests.get(metadata_file_path, timeout=settings.REQUESTS_TIMEOUT)
                 if not response.ok:
                     raise CommandError('Unable to open url %s' % metadata_file_path)
                 metadata_file = io.BytesIO(response.content)

             try:
                 if not self.metadata_url:
                     raise ValidationError(_('No metadata URL'))
                 response = requests.get(self.metadata_url)
                 response = requests.get(self.metadata_url, timeout=settings.REQUESTS_TIMEOUT)
             except requests.RequestException as e:
                 raise ValidationError(_('Retrieval of metadata failed: %s') % e)
             else:

         {"saml_attribute": "username", "user_field": "username"},
+    ]
     # timeout used in python-requests call, in seconds
     # we use 28s by default: timeout just before web server, which is usually 30s
     REQUESTS_TIMEOUT = 28
     # Permissions
     DJANGO_RBAC_PERMISSIONS_HIERARCHY = {

     import logging
     import requests
     from django.conf import settings
     from django.contrib.auth import get_user_model
     from django.contrib.auth.backends import ModelBackend
     from django.db.transaction import atomic
-...
                         headers={
                             'Authorization': 'Bearer %s' % access_token,
                         },
                         timeout=settings.REQUESTS_TIMEOUT,
+                    )
                     response.raise_for_status()
                 except requests.RequestException as e:

     from xml.etree import ElementTree as ET
     import requests
     from django.conf import settings
     from django.http import HttpResponse, HttpResponseBadRequest
     from django.utils.timezone import now
     from django.views.generic.base import View
-...
             # Skip PGT_URL check for testing purpose
             # instead store PGT_IOU / PGT association in session
             if app_settings.CHECK_PGT_URL:
                 response = requests.get(pgt_url, params={PGT_ID_PARAM: pgt, PGT_IOU_PARAM: pgt_iou})
                 response = requests.get(
                     pgt_url, params={PGT_ID_PARAM: pgt, PGT_IOU_PARAM: pgt_iou}, timeout=settings.REQUESTS_TIMEOUT
+                )
                 if response.status_code != 200:
                     self.logger.warning('pgtUrl %r returned non 200 code: %d', pgt_url, response.status_code)
                     return
+    -

Projet

Général

Profil

Produits Entr'ouvert » Authentic 2

0002-general-give-a-timeout-to-all-HTTP-requests-68470.patch