paulb@29 | 1 | #!/usr/bin/env python |
paulb@29 | 2 | |
paulb@29 | 3 | """ |
paulb@29 | 4 | BaseHTTPRequestHandler adapter. |
paulb@403 | 5 | |
paulb@626 | 6 | Copyright (C) 2004, 2005, 2006, 2007 Paul Boddie <paul@boddie.org.uk> |
paulb@403 | 7 | |
paulb@403 | 8 | This library is free software; you can redistribute it and/or |
paulb@403 | 9 | modify it under the terms of the GNU Lesser General Public |
paulb@403 | 10 | License as published by the Free Software Foundation; either |
paulb@403 | 11 | version 2.1 of the License, or (at your option) any later version. |
paulb@403 | 12 | |
paulb@403 | 13 | This library is distributed in the hope that it will be useful, |
paulb@403 | 14 | but WITHOUT ANY WARRANTY; without even the implied warranty of |
paulb@403 | 15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
paulb@403 | 16 | Lesser General Public License for more details. |
paulb@403 | 17 | |
paulb@403 | 18 | You should have received a copy of the GNU Lesser General Public |
paulb@403 | 19 | License along with this library; if not, write to the Free Software |
paulb@489 | 20 | Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA |
paulb@29 | 21 | """ |
paulb@29 | 22 | |
paulb@29 | 23 | import WebStack.BaseHTTPRequestHandler |
paulb@29 | 24 | import BaseHTTPServer |
paulb@297 | 25 | from WebStack.Generic import EndOfResponse |
paulb@594 | 26 | from WebStack.Adapters.Helpers.Error import ErrorResource |
paulb@29 | 27 | |
paulb@626 | 28 | # SSL-related imports. |
paulb@626 | 29 | |
paulb@626 | 30 | import socket |
paulb@626 | 31 | |
paulb@29 | 32 | class HandlerFactory: |
paulb@29 | 33 | |
paulb@29 | 34 | "A factory class creating WebStack dispatcher objects." |
paulb@29 | 35 | |
paulb@626 | 36 | def __init__(self, resource, authenticator=None, handle_errors=1, error_resource=None, handler_class=None): |
paulb@29 | 37 | |
paulb@76 | 38 | """ |
paulb@76 | 39 | Initialise the root application-specific 'resource' and optional |
paulb@310 | 40 | 'authenticator'. The optional 'handle_errors' parameter (if true) causes |
paulb@594 | 41 | handlers to deal with uncaught exceptions cleanly, and the optional |
paulb@594 | 42 | 'error_resource' specifies an alternative error message generation |
paulb@594 | 43 | resource. |
paulb@626 | 44 | |
paulb@626 | 45 | If the optional 'handler_class' is specified, it will be used to |
paulb@626 | 46 | instantiate handlers rather than the default Handler class. |
paulb@76 | 47 | """ |
paulb@29 | 48 | |
paulb@29 | 49 | self.webstack_resource = resource |
paulb@76 | 50 | self.webstack_authenticator = authenticator |
paulb@310 | 51 | self.handle_errors = handle_errors |
paulb@594 | 52 | self.error_resource = error_resource or ErrorResource() |
paulb@626 | 53 | self.handler_class = handler_class or Handler |
paulb@29 | 54 | |
paulb@29 | 55 | def __call__(self, request, client_address, server): |
paulb@29 | 56 | |
paulb@29 | 57 | "Act as a factory for the server objects." |
paulb@29 | 58 | |
paulb@626 | 59 | handler = self.handler_class(request, client_address, server, self.webstack_resource, |
paulb@594 | 60 | self.webstack_authenticator, self.handle_errors, self.error_resource) |
paulb@29 | 61 | return handler |
paulb@29 | 62 | |
paulb@29 | 63 | class Handler(BaseHTTPServer.BaseHTTPRequestHandler): |
paulb@29 | 64 | |
paulb@29 | 65 | "A class dispatching requests to WebStack resources." |
paulb@29 | 66 | |
paulb@594 | 67 | def __init__(self, request, client_address, server, resource, authenticator, handle_errors, error_resource): |
paulb@29 | 68 | |
paulb@76 | 69 | """ |
paulb@76 | 70 | Initialise the root application-specific 'resource' and 'authenticator'. |
paulb@310 | 71 | Where 'handle_errors' is true, uncaught exceptions are dealt with by the |
paulb@594 | 72 | handler and reported using the 'error_resource' provided. |
paulb@76 | 73 | """ |
paulb@29 | 74 | |
paulb@29 | 75 | self.webstack_resource = resource |
paulb@76 | 76 | self.webstack_authenticator = authenticator |
paulb@310 | 77 | self.handle_errors = handle_errors |
paulb@594 | 78 | self.error_resource = error_resource |
paulb@29 | 79 | BaseHTTPServer.BaseHTTPRequestHandler.__init__(self, request, client_address, server) |
paulb@29 | 80 | |
paulb@29 | 81 | def handle(self): |
paulb@29 | 82 | |
paulb@29 | 83 | "Dispatch the request to the root application-specific resource." |
paulb@29 | 84 | |
paulb@29 | 85 | # NOTE: Overriding and trimming back the method's functionality. |
paulb@29 | 86 | |
paulb@29 | 87 | self.raw_requestline = self.rfile.readline() |
paulb@29 | 88 | if not self.parse_request(): # An error code has been sent, just exit |
paulb@29 | 89 | return |
paulb@29 | 90 | |
paulb@29 | 91 | trans = WebStack.BaseHTTPRequestHandler.Transaction(self) |
paulb@510 | 92 | try: |
paulb@510 | 93 | if self.webstack_authenticator is None or self.webstack_authenticator.authenticate(trans): |
paulb@510 | 94 | try: |
paulb@510 | 95 | self.webstack_resource.respond(trans) |
paulb@510 | 96 | except EndOfResponse: |
paulb@510 | 97 | pass |
paulb@510 | 98 | except: |
paulb@510 | 99 | if self.handle_errors: |
paulb@594 | 100 | trans.rollback() |
paulb@510 | 101 | trans.set_response_code(500) # Internal error |
paulb@594 | 102 | self.error_resource.respond(trans) |
paulb@510 | 103 | else: |
paulb@510 | 104 | raise |
paulb@510 | 105 | else: |
paulb@510 | 106 | trans.set_response_code(401) # Unauthorized |
paulb@510 | 107 | trans.set_header_value("WWW-Authenticate", '%s realm="%s"' % ( |
paulb@510 | 108 | self.webstack_authenticator.get_auth_type(), self.webstack_authenticator.get_realm())) |
paulb@76 | 109 | |
paulb@510 | 110 | finally: |
paulb@510 | 111 | trans.commit() |
paulb@29 | 112 | |
paulb@626 | 113 | # Support for secure servers. |
paulb@626 | 114 | |
paulb@626 | 115 | class SecureHTTPServer(BaseHTTPServer.HTTPServer): |
paulb@626 | 116 | |
paulb@626 | 117 | "An HTTP server supporting https URLs." |
paulb@626 | 118 | |
paulb@626 | 119 | def __init__(self, server_address, HandlerClass, key_filename, certificate_filename): |
paulb@626 | 120 | |
paulb@626 | 121 | """ |
paulb@626 | 122 | Initialise the server using the given 'server_address' and |
paulb@626 | 123 | 'HandlerClass', along with the specified 'key_filename' and |
paulb@626 | 124 | 'certificate_filename'. |
paulb@626 | 125 | """ |
paulb@626 | 126 | |
paulb@632 | 127 | # SSL-related import. |
paulb@632 | 128 | |
paulb@632 | 129 | from OpenSSL import SSL |
paulb@632 | 130 | |
paulb@632 | 131 | # Initialisation using SSL. |
paulb@632 | 132 | |
paulb@626 | 133 | BaseHTTPServer.HTTPServer.__init__(self, server_address, HandlerClass) |
paulb@626 | 134 | context = SSL.Context(SSL.SSLv23_METHOD) |
paulb@626 | 135 | context.use_privatekey_file(key_filename) |
paulb@626 | 136 | context.use_certificate_file(certificate_filename) |
paulb@626 | 137 | self.socket = SSL.Connection(context, socket.socket(self.address_family, self.socket_type)) |
paulb@626 | 138 | self.server_bind() |
paulb@626 | 139 | self.server_activate() |
paulb@626 | 140 | |
paulb@626 | 141 | class SecureHandler(Handler): |
paulb@626 | 142 | |
paulb@626 | 143 | "A secure version of the handler." |
paulb@626 | 144 | |
paulb@626 | 145 | def setup(self): |
paulb@626 | 146 | |
paulb@626 | 147 | "Set up the connection and streams." |
paulb@626 | 148 | |
paulb@626 | 149 | self.connection = self.request |
paulb@626 | 150 | self.rfile = socket._fileobject(self.request, "rb", self.rbufsize) |
paulb@626 | 151 | self.wfile = socket._fileobject(self.request, "wb", self.wbufsize) |
paulb@626 | 152 | |
paulb@626 | 153 | def SecureHandlerFactory(resource, authenticator=None, handle_errors=1, error_resource=None, handler_class=None): |
paulb@626 | 154 | |
paulb@626 | 155 | "Return a secure handler factory, based on HandlerFactory." |
paulb@626 | 156 | |
paulb@626 | 157 | return HandlerFactory(resource, authenticator, handle_errors, error_resource, handler_class=(handler_class or SecureHandler)) |
paulb@626 | 158 | |
paulb@321 | 159 | default_address = ("", 8080) |
paulb@321 | 160 | |
paulb@626 | 161 | def deploy(resource, authenticator=None, address=None, handle_errors=1, error_resource=None, server=None, factory=None, **server_args): |
paulb@321 | 162 | |
paulb@321 | 163 | """ |
paulb@321 | 164 | Deploy the given 'resource', with the given optional 'authenticator', at the |
paulb@321 | 165 | given optional 'address', where 'address' is a 2-tuple of the form |
paulb@321 | 166 | (host_string, port_integer). |
paulb@339 | 167 | |
paulb@339 | 168 | The optional 'handle_errors' flag (true by default) specifies whether error |
paulb@594 | 169 | conditions are handled gracefully, and the optional 'error_resource' |
paulb@594 | 170 | specifies an alternative error message generation resource, if desired. |
paulb@626 | 171 | |
paulb@626 | 172 | If the optional 'server' is specified, use the server provided as opposed to |
paulb@626 | 173 | the default BaseHTTPServer.HTTPServer class. Use any 'server_args' (provided |
paulb@626 | 174 | as additional keyword arguments) to instantiate the server. |
paulb@626 | 175 | |
paulb@626 | 176 | If the optional 'factory' is specified, use the factory provided as opposed |
paulb@626 | 177 | to the default HandlerFactory class. |
paulb@321 | 178 | """ |
paulb@321 | 179 | |
paulb@626 | 180 | factory = factory or HandlerFactory |
paulb@626 | 181 | handler = factory(resource, authenticator, handle_errors, error_resource) |
paulb@626 | 182 | server = server or BaseHTTPServer.HTTPServer |
paulb@626 | 183 | app = server(address or default_address, handler, **(server_args or {})) |
paulb@626 | 184 | app.serve_forever() |
paulb@626 | 185 | |
paulb@626 | 186 | def secure_deploy(resource, authenticator=None, address=None, handle_errors=1, error_resource=None, server=None, factory=None, **server_args): |
paulb@626 | 187 | |
paulb@626 | 188 | """ |
paulb@626 | 189 | Deploy the given 'resource' using a secure version of the server, employing |
paulb@626 | 190 | the deploy function. |
paulb@626 | 191 | """ |
paulb@626 | 192 | |
paulb@626 | 193 | return deploy( |
paulb@626 | 194 | resource, authenticator, address, handle_errors, error_resource, |
paulb@626 | 195 | server=(server or SecureHTTPServer), |
paulb@626 | 196 | factory=(factory or SecureHandlerFactory), |
paulb@626 | 197 | **server_args |
paulb@626 | 198 | ) |
paulb@321 | 199 | |
paulb@29 | 200 | # vim: tabstop=4 expandtab shiftwidth=4 |