Allow to send headers to proxied documents #42
Conversation
marcospri
force-pushed
the
secret-headers
branch
from
1ae4ec7 to
2671b1a
Compare
marcospri
changed the title
| @@ -56,7 +57,10 @@ def __init__(self, secret, service_url=None, html_service_url=None): | |||
| "via.external_link_mode": "new-tab", | |||
| } | |||
|
|
|||
| def url_for(self, url, content_type=None, options=None, blocked_for=None): | |||
| # pylint:disable=too-many-arguments | |||
There was a problem hiding this comment.
I reckon this might keep growing and have a similar interface to requests.request.
Not a problem IMO.
src/h_vialib/secure/secrets.py
Outdated
|
|
||
| return json.loads(self._decrypt(aes_iv, cipher)) | ||
|
|
||
| def _decrypt(self, aes_iv, encrypted) -> bytes: |
There was a problem hiding this comment.
Making these private. We might need them in the future but as this is a library we want to keep the interface under control.
There was a problem hiding this comment.
So the existing SecureToken and SecureURL classes aren't appropriate for this use-case? I guess not because it looks like SecureURL only signs the URL doesn't encrypt it.
I wonder if we should rename some of these classes, to clarify what they do and don't do? For example perhaps SecureURL should be SignedURL if it just signs and doesn't encrypt. I think SecureSecrets encrypts a dict but doesn't sign it, so perhaps EncryptedDict?
I think we should probably stop using the words "secret" and "secure" because it's not clear exactly what they mean, and maybe instead say "signed" and "encrypted".
There was a problem hiding this comment.
EncryptedDict is a better name 👍.
There was a problem hiding this comment.
I wrote this as EncryptedDict but from the callers perspetive it looked like it was as dict subclass supporting encryption. It didn't feel right.
I renamed the class to a more explicit Encryption and keep the method names.
| def url_for( | ||
| self, url, content_type=None, options=None, blocked_for=None, headers=None | ||
| ): |
There was a problem hiding this comment.
headers are only supported by certain Via endpoints, right? The ones that proxy in Python, not the ones that proxy in NGINX. Are there some url's where url_for(url, headers=my_headers) will return a URL containing headers that Via will actually ignore because it's going to proxy that URL through NGINX?
There was a problem hiding this comment.
will return a URL containing headers that Via will actually ignore because it's going to proxy that URL through NGINX?
Yes, all HTML ones and pdfs not proxied by python (so all of them except one drive and d2l ones).
Applying the headers to everything will be a big tasks (not sure even if possible without writing nginx lua code).
Maybe we could just explain the limitation on the method's docstring?
There was a problem hiding this comment.
Added a comment about this. Not ideal but naming this headers_for_python_proxing is not better.
There was a problem hiding this comment.
Maybe we could make Via throw some sort of "not implemented" error if any headers are passed to it and it would have proxied the request through NGINX rather than through Python?
src/h_vialib/secure/secrets.py
Outdated
|
|
||
| return json.loads(self._decrypt(aes_iv, cipher)) | ||
|
|
||
| def _decrypt(self, aes_iv, encrypted) -> bytes: |
There was a problem hiding this comment.
So the existing SecureToken and SecureURL classes aren't appropriate for this use-case? I guess not because it looks like SecureURL only signs the URL doesn't encrypt it.
I wonder if we should rename some of these classes, to clarify what they do and don't do? For example perhaps SecureURL should be SignedURL if it just signs and doesn't encrypt. I think SecureSecrets encrypts a dict but doesn't sign it, so perhaps EncryptedDict?
I think we should probably stop using the words "secret" and "secure" because it's not clear exactly what they mean, and maybe instead say "signed" and "encrypted".
marcospri
force-pushed
the
secret-headers
branch
2 times, most recently
from
edb9587 to
2aa15de
Compare
| def __init__(self, secret: bytes): | ||
| self._secret = secret.ljust(32)[:32] | ||
|
|
||
| def encrypt_dict(self, payload: dict) -> str: |
There was a problem hiding this comment.
Using JWE simplified this a lot.
marcospri
force-pushed
the
secret-headers
branch
from
2aa15de to
4c4d797
Compare
| @@ -56,7 +57,10 @@ def __init__(self, secret, service_url=None, html_service_url=None): | |||
| "via.external_link_mode": "new-tab", | |||
| } | |||
|
|
|||
| def url_for(self, url, content_type=None, options=None, blocked_for=None): | |||
| # pylint:disable=too-many-arguments | |||
| def url_for( | ||
| self, url, content_type=None, options=None, blocked_for=None, headers=None | ||
| ): |
There was a problem hiding this comment.
Maybe we could make Via throw some sort of "not implemented" error if any headers are passed to it and it would have proxied the request through NGINX rather than through Python?
Allows to encrypt dictionaries using AES and encode both the cipher text and IV in a base64 encoded string.
Take an optional `headers` parameters which wild be sent AES encoded over the wire to Via.
Instead of our own mix of base64,AES,iv... just use JWE for the same functionality.
marcospri
force-pushed
the
secret-headers
branch
from
4c4d797 to
744dbf0
Compare
For:
Testing
Follow the instructions over: hypothesis/lms#4792