0002-general-give-a-timeout-to-all-HTTP-requests-68470.patch
src/authentic2/api_views.py | ||
---|---|---|
1487 | 1487 |
if not getattr(settings, 'ADDRESS_AUTOCOMPLETE_URL', None): |
1488 | 1488 |
return Response({}) |
1489 | 1489 |
try: |
1490 |
response = requests.get(settings.ADDRESS_AUTOCOMPLETE_URL, params=request.GET) |
|
1490 |
response = requests.get( |
|
1491 |
settings.ADDRESS_AUTOCOMPLETE_URL, params=request.GET, timeout=settings.REQUESTS_TIMEOUT |
|
1492 |
) |
|
1491 | 1493 |
response.raise_for_status() |
1492 | 1494 |
return Response(response.json()) |
1493 | 1495 |
except RequestException: |
src/authentic2/http_utils.py | ||
---|---|---|
16 | 16 | |
17 | 17 | |
18 | 18 |
import requests |
19 |
from django.conf import settings |
|
19 | 20 | |
20 | 21 |
from authentic2 import app_settings |
21 | 22 | |
... | ... | |
25 | 26 |
verify = app_settings.A2_VERIFY_SSL |
26 | 27 |
if verify and app_settings.CAFILE: |
27 | 28 |
verify = app_settings.CAFILE |
28 |
return requests.get(url, verify=verify).text |
|
29 |
return requests.get(url, verify=verify, timeout=settings.REQUESTS_TIMEOUT).text |
src/authentic2/saml/common.py | ||
---|---|---|
466 | 466 |
logger = logging.getLogger(__name__) |
467 | 467 |
try: |
468 | 468 |
logger.debug('SOAP call to %r with data %r', url, msg[:10000]) |
469 |
response = requests.post(url, data=msg, headers={'Content-Type': 'text/xml'}) |
|
469 |
response = requests.post( |
|
470 |
url, data=msg, headers={'Content-Type': 'text/xml'}, timeout=settings.REQUESTS_TIMEOUT |
|
471 |
) |
|
470 | 472 |
response.raise_for_status() |
471 | 473 |
except requests.RequestException as e: |
472 | 474 |
logging.error('SOAP call to %r error %s with data %r', url, e, msg[:10000]) |
src/authentic2/saml/forms.py | ||
---|---|---|
18 | 18 | |
19 | 19 |
import requests |
20 | 20 |
from django import forms |
21 |
from django.conf import settings |
|
21 | 22 |
from django.core.exceptions import ValidationError |
22 | 23 |
from django.utils.encoding import force_text |
23 | 24 |
from django.utils.translation import ugettext_lazy as _ |
... | ... | |
49 | 50 |
self.childs = [] |
50 | 51 |
if name and slug and url: |
51 | 52 |
try: |
52 |
response = requests.get(url) |
|
53 |
response = requests.get(url, timeout=settings.REQUESTS_TIMEOUT)
|
|
53 | 54 |
response.raise_for_status() |
54 | 55 |
content = force_text(response.content) |
55 | 56 |
except requests.RequestException as e: |
src/authentic2/saml/management/commands/sync-metadata.py | ||
---|---|---|
22 | 22 |
import xml.etree.ElementTree as etree |
23 | 23 | |
24 | 24 |
import requests |
25 |
from django.conf import settings |
|
25 | 26 |
from django.contrib.contenttypes.models import ContentType |
26 | 27 |
from django.core.management.base import BaseCommand, CommandError |
27 | 28 |
from django.db.transaction import atomic |
... | ... | |
341 | 342 |
source = options['source'] |
342 | 343 |
metadata_file_path = options['metadata_file_path'] |
343 | 344 |
if metadata_file_path.startswith('http://') or metadata_file_path.startswith('https://'): |
344 |
response = requests.get(metadata_file_path) |
|
345 |
response = requests.get(metadata_file_path, timeout=settings.REQUESTS_TIMEOUT)
|
|
345 | 346 |
if not response.ok: |
346 | 347 |
raise CommandError('Unable to open url %s' % metadata_file_path) |
347 | 348 |
metadata_file = io.BytesIO(response.content) |
src/authentic2/saml/models.py | ||
---|---|---|
414 | 414 |
try: |
415 | 415 |
if not self.metadata_url: |
416 | 416 |
raise ValidationError(_('No metadata URL')) |
417 |
response = requests.get(self.metadata_url) |
|
417 |
response = requests.get(self.metadata_url, timeout=settings.REQUESTS_TIMEOUT)
|
|
418 | 418 |
except requests.RequestException as e: |
419 | 419 |
raise ValidationError(_('Retrieval of metadata failed: %s') % e) |
420 | 420 |
else: |
src/authentic2/settings.py | ||
---|---|---|
332 | 332 |
{"saml_attribute": "username", "user_field": "username"}, |
333 | 333 |
] |
334 | 334 | |
335 |
# timeout used in python-requests call, in seconds |
|
336 |
# we use 28s by default: timeout just before web server, which is usually 30s |
|
337 |
REQUESTS_TIMEOUT = 28 |
|
338 | ||
335 | 339 |
# Permissions |
336 | 340 | |
337 | 341 |
DJANGO_RBAC_PERMISSIONS_HIERARCHY = { |
src/authentic2_auth_oidc/backends.py | ||
---|---|---|
18 | 18 |
import logging |
19 | 19 | |
20 | 20 |
import requests |
21 |
from django.conf import settings |
|
21 | 22 |
from django.contrib.auth import get_user_model |
22 | 23 |
from django.contrib.auth.backends import ModelBackend |
23 | 24 |
from django.db.transaction import atomic |
... | ... | |
163 | 164 |
headers={ |
164 | 165 |
'Authorization': 'Bearer %s' % access_token, |
165 | 166 |
}, |
167 |
timeout=settings.REQUESTS_TIMEOUT, |
|
166 | 168 |
) |
167 | 169 |
response.raise_for_status() |
168 | 170 |
except requests.RequestException as e: |
src/authentic2_idp_cas/views.py | ||
---|---|---|
20 | 20 |
from xml.etree import ElementTree as ET |
21 | 21 | |
22 | 22 |
import requests |
23 |
from django.conf import settings |
|
23 | 24 |
from django.http import HttpResponse, HttpResponseBadRequest |
24 | 25 |
from django.utils.timezone import now |
25 | 26 |
from django.views.generic.base import View |
... | ... | |
369 | 370 |
# Skip PGT_URL check for testing purpose |
370 | 371 |
# instead store PGT_IOU / PGT association in session |
371 | 372 |
if app_settings.CHECK_PGT_URL: |
372 |
response = requests.get(pgt_url, params={PGT_ID_PARAM: pgt, PGT_IOU_PARAM: pgt_iou}) |
|
373 |
response = requests.get( |
|
374 |
pgt_url, params={PGT_ID_PARAM: pgt, PGT_IOU_PARAM: pgt_iou}, timeout=settings.REQUESTS_TIMEOUT |
|
375 |
) |
|
373 | 376 |
if response.status_code != 200: |
374 | 377 |
self.logger.warning('pgtUrl %r returned non 200 code: %d', pgt_url, response.status_code) |
375 | 378 |
return |
376 |
- |