forked-synapse/synapse/http/__init__.py

# Copyright 2014-2016 OpenMarket Ltd
# Copyright 2018 New Vector Ltd
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import re
from typing import Union

from twisted.internet import address, task
from twisted.web.client import FileBodyProducer
from twisted.web.iweb import IRequest

from synapse.api.errors import SynapseError


class RequestTimedOutError(SynapseError):
    """Exception representing timeout of an outbound request"""

    def __init__(self, msg):
        super().__init__(504, msg)


ACCESS_TOKEN_RE = re.compile(r"(\?.*access(_|%5[Ff])token=)[^&]*(.*)$")
CLIENT_SECRET_RE = re.compile(r"(\?.*client(_|%5[Ff])secret=)[^&]*(.*)$")


def redact_uri(uri):
    """Strips sensitive information from the uri replaces with <redacted>"""
    uri = ACCESS_TOKEN_RE.sub(r"\1<redacted>\3", uri)
    return CLIENT_SECRET_RE.sub(r"\1<redacted>\3", uri)


class QuieterFileBodyProducer(FileBodyProducer):
    """Wrapper for FileBodyProducer that avoids CRITICAL errors when the connection drops.

    Workaround for https://github.com/matrix-org/synapse/issues/4003 /
    https://twistedmatrix.com/trac/ticket/6528
    """

    def stopProducing(self):
        try:
            FileBodyProducer.stopProducing(self)
        except task.TaskStopped:
            pass


def get_request_uri(request: IRequest) -> bytes:
    """Return the full URI that was requested by the client"""
    return b"%s://%s%s" % (
        b"https" if request.isSecure() else b"http",
        _get_requested_host(request),
        # despite its name, "request.uri" is only the path and query-string.
        request.uri,
    )


def _get_requested_host(request: IRequest) -> bytes:
    hostname = request.getHeader(b"host")
    if hostname:
        return hostname

    # no Host header, use the address/port that the request arrived on
    host: Union[address.IPv4Address, address.IPv6Address] = request.getHost()

    hostname = host.host.encode("ascii")

    if request.isSecure() and host.port == 443:
        # default port for https
        return hostname

    if not request.isSecure() and host.port == 80:
        # default port for http
        return hostname

    return b"%s:%i" % (
        hostname,
        host.port,
    )


def get_request_user_agent(request: IRequest, default: str = "") -> str:
    """Return the last User-Agent header, or the given default."""
    # There could be raw utf-8 bytes in the User-Agent header.

    # N.B. if you don't do this, the logger explodes cryptically
    # with maximum recursion trying to log errors about
    # the charset problem.
    # c.f. https://github.com/matrix-org/synapse/issues/3471

    h = request.getHeader(b"User-Agent")
    return h.decode("ascii", "replace") if h else default
copyrights 2016-01-06 23:26:29 -05:00			`# Copyright 2014-2016 OpenMarket Ltd`
Use deferred.addTimeout instead of time_bound_deferred This doesn't feel like a wheel we need to reinvent. 2018-04-22 19:53:18 -04:00			`# Copyright 2018 New Vector Ltd`
Reference Matrix Home Server 2014-08-12 10:10:52 -04:00			`#`
			`# Licensed under the Apache License, Version 2.0 (the "License");`
			`# you may not use this file except in compliance with the License.`
			`# You may obtain a copy of the License at`
			`#`
			`# http://www.apache.org/licenses/LICENSE-2.0`
			`#`
			`# Unless required by applicable law or agreed to in writing, software`
			`# distributed under the License is distributed on an "AS IS" BASIS,`
			`# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`# See the License for the specific language governing permissions and`
			`# limitations under the License.`
factor out uri redaction into a method on http 2018-06-05 13:31:40 -04:00			`import re`
SSO: redirect to public URL before setting cookies (#9436) ... otherwise, we don't get the cookie back. 2021-02-26 09:02:06 -05:00			`from typing import Union`
factor out uri redaction into a method on http 2018-06-05 13:31:40 -04:00
SSO: redirect to public URL before setting cookies (#9436) ... otherwise, we don't get the cookie back. 2021-02-26 09:02:06 -05:00			`from twisted.internet import address, task`
Fix TaskStopped exceptions when outbound requests time out (#4690) 2019-02-20 06:35:52 -05:00			`from twisted.web.client import FileBodyProducer`
Remove SynapseRequest.get_user_agent (#9069) SynapseRequest is in danger of becoming a bit of a dumping-ground for "useful stuff relating to Requests", which isn't really its intention (its purpose is to override render, finished and connectionLost to set up the LoggingContext and write the right entries to the request log). Putting utility functions inside SynapseRequest means that lots of our code ends up requiring a SynapseRequest when there is nothing synapse-specific about the Request at all, and any old twisted.web.iweb.IRequest will do. This increases code coupling and makes testing more difficult. In short: move get_user_agent out to a utility function. 2021-01-12 07:34:16 -05:00			`from twisted.web.iweb import IRequest`
Use deferred.addTimeout instead of time_bound_deferred This doesn't feel like a wheel we need to reinvent. 2018-04-22 19:53:18 -04:00
			`from synapse.api.errors import SynapseError`


			`class RequestTimedOutError(SynapseError):`
			`"""Exception representing timeout of an outbound request"""`
Run Black. (#5482) 2019-06-20 05:32:02 -04:00
Fix handling of connection timeouts in outgoing http requests (#8400) * Remove `on_timeout_cancel` from `timeout_deferred` The `on_timeout_cancel` param to `timeout_deferred` wasn't always called on a timeout (in particular if the canceller raised an exception), so it was unreliable. It was also only used in one place, and to be honest it's easier to do what it does a different way. * Fix handling of connection timeouts in outgoing http requests Turns out that if we get a timeout during connection, then a different exception is raised, which wasn't always handled correctly. To fix it, catch the exception in SimpleHttpClient and turn it into a RequestTimedOutError (which is already a documented exception). Also add a description to RequestTimedOutError so that we can see which stage it failed at. * Fix incorrect handling of timeouts reading federation responses This was trapping the wrong sort of TimeoutError, so was never being hit. The effect was relatively minor, but we should fix this so that it does the expected thing. * Fix inconsistent handling of `timeout` param between methods `get_json`, `put_json` and `delete_json` were applying a different timeout to the response body to `post_json`; bring them in line and test. Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com> Co-authored-by: Erik Johnston <erik@matrix.org> 2020-09-29 05:29:21 -04:00			`def __init__(self, msg):`
			`super().__init__(504, msg)`
factor out uri redaction into a method on http 2018-06-05 13:31:40 -04:00

redact better 2018-09-13 13:45:34 -04:00			`ACCESS_TOKEN_RE = re.compile(r"(\?.access(_\|%5[Ff])token=)[^&](.*)$")`
Replace client_secret with <redacted> in server logs (#6158) Replace `client_secret` query parameter values with `<redacted>` in the logs. Prevents a scenario where a MITM of server traffic can horde 3pids on their account. 2019-10-03 07:57:26 -04:00			`CLIENT_SECRET_RE = re.compile(r"(\?.client(_\|%5[Ff])secret=)[^&](.*)$")`
factor out uri redaction into a method on http 2018-06-05 13:31:40 -04:00

			`def redact_uri(uri):`
Replace client_secret with <redacted> in server logs (#6158) Replace `client_secret` query parameter values with `<redacted>` in the logs. Prevents a scenario where a MITM of server traffic can horde 3pids on their account. 2019-10-03 07:57:26 -04:00			`"""Strips sensitive information from the uri replaces with <redacted>"""`
			`uri = ACCESS_TOKEN_RE.sub(r"\1<redacted>\3", uri)`
			`return CLIENT_SECRET_RE.sub(r"\1<redacted>\3", uri)`
Fix TaskStopped exceptions when outbound requests time out (#4690) 2019-02-20 06:35:52 -05:00

			`class QuieterFileBodyProducer(FileBodyProducer):`
			`"""Wrapper for FileBodyProducer that avoids CRITICAL errors when the connection drops.`

			`Workaround for https://github.com/matrix-org/synapse/issues/4003 /`
			`https://twistedmatrix.com/trac/ticket/6528`
			`"""`
Run Black. (#5482) 2019-06-20 05:32:02 -04:00
Fix TaskStopped exceptions when outbound requests time out (#4690) 2019-02-20 06:35:52 -05:00			`def stopProducing(self):`
			`try:`
			`FileBodyProducer.stopProducing(self)`
			`except task.TaskStopped:`
			`pass`
Remove SynapseRequest.get_user_agent (#9069) SynapseRequest is in danger of becoming a bit of a dumping-ground for "useful stuff relating to Requests", which isn't really its intention (its purpose is to override render, finished and connectionLost to set up the LoggingContext and write the right entries to the request log). Putting utility functions inside SynapseRequest means that lots of our code ends up requiring a SynapseRequest when there is nothing synapse-specific about the Request at all, and any old twisted.web.iweb.IRequest will do. This increases code coupling and makes testing more difficult. In short: move get_user_agent out to a utility function. 2021-01-12 07:34:16 -05:00

SSO: redirect to public URL before setting cookies (#9436) ... otherwise, we don't get the cookie back. 2021-02-26 09:02:06 -05:00			`def get_request_uri(request: IRequest) -> bytes:`
			`"""Return the full URI that was requested by the client"""`
			`return b"%s://%s%s" % (`
			`b"https" if request.isSecure() else b"http",`
			`_get_requested_host(request),`
			`# despite its name, "request.uri" is only the path and query-string.`
			`request.uri,`
			`)`


			`def _get_requested_host(request: IRequest) -> bytes:`
			`hostname = request.getHeader(b"host")`
			`if hostname:`
			`return hostname`

			`# no Host header, use the address/port that the request arrived on`
Use inline type hints in various other places (in `synapse/`) (#10380) 2021-07-15 06:02:43 -04:00			`host: Union[address.IPv4Address, address.IPv6Address] = request.getHost()`
SSO: redirect to public URL before setting cookies (#9436) ... otherwise, we don't get the cookie back. 2021-02-26 09:02:06 -05:00
			`hostname = host.host.encode("ascii")`

			`if request.isSecure() and host.port == 443:`
			`# default port for https`
			`return hostname`

			`if not request.isSecure() and host.port == 80:`
			`# default port for http`
			`return hostname`

			`return b"%s:%i" % (`
			`hostname,`
			`host.port,`
			`)`


Remove SynapseRequest.get_user_agent (#9069) SynapseRequest is in danger of becoming a bit of a dumping-ground for "useful stuff relating to Requests", which isn't really its intention (its purpose is to override render, finished and connectionLost to set up the LoggingContext and write the right entries to the request log). Putting utility functions inside SynapseRequest means that lots of our code ends up requiring a SynapseRequest when there is nothing synapse-specific about the Request at all, and any old twisted.web.iweb.IRequest will do. This increases code coupling and makes testing more difficult. In short: move get_user_agent out to a utility function. 2021-01-12 07:34:16 -05:00			`def get_request_user_agent(request: IRequest, default: str = "") -> str:`
			`"""Return the last User-Agent header, or the given default."""`
			`# There could be raw utf-8 bytes in the User-Agent header.`

			`# N.B. if you don't do this, the logger explodes cryptically`
			`# with maximum recursion trying to log errors about`
			`# the charset problem.`
			`# c.f. https://github.com/matrix-org/synapse/issues/3471`

			`h = request.getHeader(b"User-Agent")`
			`return h.decode("ascii", "replace") if h else default`