Switch to using Authorization header

neutrons · Jul 8, 2024 · ef24f36 · ef24f36
1 parent 636c61e
commit ef24f36
Show file tree

Hide file tree

Showing 4 changed files with 27 additions and 31 deletions.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -42,7 +42,7 @@ services:
       - CATALOG_ID=${CATALOG_ID}
       - CATALOG_SECRET=${CATALOG_SECRET}
       - GUNICORN_CMD_ARGS=--reload --workers=8
-      - HTTPLIB2_CA_CERTS=/nginx.crt
+      - REQUESTS_CA_BUNDLE=/nginx.crt
     healthcheck:
       test: wget --no-verbose --tries=1 --spider http://localhost:8000/ht || exit 1
       interval: 60s

diff --git a/src/webmon_app/reporting/report/view_util.py b/src/webmon_app/reporting/report/view_util.py
@@ -9,9 +9,9 @@
 import json
 import datetime
 import string
-import httplib2
 import re
 import hashlib
+import requests
 from reporting.report.models import (
     DataRun,
     RunStatus,
@@ -51,22 +51,6 @@ def generate_key(instrument: str, run_id: int):
     return hashlib.sha1(f"{instrument.upper()}{secret_key}{run_id}".encode("utf-8")).hexdigest()
 
 
-def append_key(input_url, instrument, run_id):
-    """
-    Append a live data secret key to a url
-
-    :param input_url: url to modify
-    :param instrument: instrument name
-    :param run_id: run number
-    """
-    client_key = generate_key(instrument, run_id)
-    if client_key is None:
-        return input_url
-    # Determine whether this is the first query string argument of the url
-    delimiter = "&" if "/?" in input_url else "?"
-    return "%s%skey=%s" % (input_url, delimiter, client_key)
-
-
 def fill_template_values(request, **template_args):
     """
     Fill the template argument items needed to populate
@@ -510,11 +494,12 @@ def get_plot_template_dict(run_object=None, instrument=None, run_id=None):
         "plot_label_x": "",
         "plot_label_y": "",
         "update_url": None,
+        "key": generate_key(instrument, run_id),
     }
 
     url_template = string.Template(settings.LIVE_DATA_SERVER)
     live_data_url = url_template.substitute(instrument=instrument, run_number=run_id)
-    live_data_url = "https://%s:%s%s" % (
+    live_data_url = "https://{}:{}{}".format(
         settings.LIVE_DATA_SERVER_DOMAIN,
         settings.LIVE_DATA_SERVER_PORT,
         live_data_url,
@@ -524,7 +509,7 @@ def get_plot_template_dict(run_object=None, instrument=None, run_id=None):
     html_data = get_plot_data_from_server(instrument, run_id, "html")
     if html_data is not None:
         plot_dict["html_data"] = html_data
-        plot_dict["update_url"] = append_key("%s/html/" % live_data_url, instrument, run_id)
+        plot_dict["update_url"] = live_data_url + "/html/"
         if extract_ascii_from_div(html_data) is not None:
             plot_dict["data_url"] = reverse("report:download_reduced_data", args=[instrument, run_id])
         return plot_dict
@@ -534,7 +519,7 @@ def get_plot_template_dict(run_object=None, instrument=None, run_id=None):
 
     # Third, local json data for the d3 plots
     if json_data:
-        plot_dict["update_url"] = append_key("%s/json/" % live_data_url, instrument, run_id)
+        plot_dict["update_url"] = live_data_url + "/json/"
 
     plot_data, x_label, y_label = extract_d3_data_from_json(json_data)
     if plot_data is not None:
@@ -558,13 +543,17 @@ def get_plot_data_from_server(instrument, run_id, data_type="json"):
     try:
         url_template = string.Template(settings.LIVE_DATA_SERVER)
         live_data_url = url_template.substitute(instrument=instrument, run_number=run_id)
-        live_data_url += "/%s/" % data_type
-        live_data_url = append_key(live_data_url, instrument, run_id)
-        conn = httplib2.HTTPSConnectionWithTimeout(settings.LIVE_DATA_SERVER_DOMAIN, timeout=1.5)
-        conn.request("GET", live_data_url)
-        data_request = conn.getresponse()
-        if data_request.status == 200:
-            json_data = data_request.read()
+        live_data_url = "https://{}:{}{}/{}/".format(
+            settings.LIVE_DATA_SERVER_DOMAIN,
+            settings.LIVE_DATA_SERVER_PORT,
+            live_data_url,
+            data_type,
+        )
+        key = generate_key(instrument, run_id)
+        headers = {} if key is None else {"Authorization": key}
+        data_request = requests.get(live_data_url, timeout=1.5, headers=headers)
+        if data_request.status_code == 200:
+            json_data = data_request.text
     except:  # noqa: E722
         logging.exception("Could not pull data from live data server:")
     return json_data

diff --git a/src/webmon_app/reporting/templates/report/detail.html b/src/webmon_app/reporting/templates/report/detail.html
@@ -46,6 +46,9 @@
     function get_plot_update() {
         $.ajax({type: "GET",
                 url: "{{update_url}}",
+                headers: {
+                    "Authorization": "{{key}}"
+                },
                 success: function(data) {
                     if (div_data.localeCompare(data) != 0) {
                         div_data = data;

diff --git a/tests/test_livedata.py b/tests/test_livedata.py
@@ -64,10 +64,12 @@ def test_reduction_request_livedata(self):
         key = generate_key(self.instrument, self.run_number)
         ssl_crt_filename = os.path.join(os.path.dirname(os.path.abspath(__file__)), "../nginx/nginx.crt")
 
+        key = generate_key(self.instrument, self.run_number)
         # first check that the there isn't an existing plot, should 404
         response = requests.get(
-            f"{LIVEDATA_TEST_URL}/plots/{self.instrument}/{self.run_number}/update/html/?key={key}",
+            f"{LIVEDATA_TEST_URL}/plots/{self.instrument}/{self.run_number}/update/html/",
             verify=ssl_crt_filename,
+            headers={"Authorization": key},
         )
         assert response.status_code == 404
 
@@ -76,8 +78,9 @@ def test_reduction_request_livedata(self):
 
         # the data should now be on livedata
         response = requests.get(
-            f"{LIVEDATA_TEST_URL}/plots/{self.instrument}/{self.run_number}/update/html/?key={key}",
+            f"{LIVEDATA_TEST_URL}/plots/{self.instrument}/{self.run_number}/update/html/",
             verify=ssl_crt_filename,
+            headers={"Authorization": key},
         )
         assert response.status_code == 200
         assert "Example Plot Data" in response.text
@@ -87,7 +90,8 @@ def test_reduction_request_livedata(self):
         # now verify that the run report page is templated correctly
         client = self.get_session()
         page = client.get(f"{WEBMON_TEST_URL}/report/{self.instrument}/{self.run_number}/")
-        assert f"https://172.16.238.222:443/plots/arcs/214583/update/html/?key={key}" in page.text
+        assert 'url: "https://172.16.238.222:443/plots/arcs/214583/update/html/"' in page.text
+        assert f'"Authorization": "{key}"' in page.text
 
 
 def generate_key(instrument, run_id):