forked from achyudh/propr-backend
-
Notifications
You must be signed in to change notification settings - Fork 0
/
server.py
204 lines (174 loc) · 9.95 KB
/
server.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
from flask import Flask, request, redirect, session, g, jsonify
from flask_session import Session
from flask.ext.github import GitHub
from jwt import jwk_from_pem
from requests.auth import HTTPBasicAuth
from util import io
from util.user import User
from db import insert, fetch
from bson import ObjectId
import requests, json, urllib, pymongo, sys, secrets
app = Flask(__name__)
sess = Session()
with open("config.json", 'r') as config_file:
client_config = json.load(config_file)
with open("private-key.pem", 'rb') as priv_key_file:
priv_key = jwk_from_pem(priv_key_file.read())
http_auth_username = client_config['HTTP_AUTH_USERNAME']
http_auth_secret = client_config['HTTP_AUTH_SECRET']
http_auth = HTTPBasicAuth(http_auth_username, http_auth_secret)
app.config['SESSION_TYPE'] = 'mongodb'
app.config['GITHUB_CLIENT_ID'] = client_config['GITHUB_CLIENT_ID']
app.config['GITHUB_CLIENT_SECRET'] = client_config['GITHUB_CLIENT_SECRET']
sess.init_app(app)
github = GitHub(app)
@app.route('/login')
def login():
if session.get('user_token', None) is None:
return redirect('https://github.com/login/oauth/authorize?client_id=96d3befa08fccb14296c&scope=user&state=report', 200)
else:
response_user = requests.get("https://api.github.com/user", headers={'Authorization': 'token %s' % session.get('user_token')}).json()
pr_db = pymongo.MongoClient().pr_database
user_id = pr_db.report_users.insert_one(response_user).inserted_id
return redirect('http://propr.tudelft.nl/profile.html?userid=%s' % user_id)
@app.route('/feedback')
def feedback():
client = pymongo.MongoClient()
pr_db = client.pr_database
encoded_return_url = request.args.get('returnurl')
encoded_url = request.args.get('url')
pr_id = request.args.get('prid')
repo_id = request.args.get('repoid')
pr_num = request.args.get('prnum')
is_private_repo = request.args.get('private')
inst_id = request.args.get('instid', default='None')
state = secrets.token_hex(12)
feedback_url = "http://propr.tudelft.nl/feedback.html?returnurl=%s&url=%s&prid=%s&repoid=%s&prnum=%s&private=%s&instid=%s&state=%s" % (encoded_return_url, encoded_url, pr_id, repo_id, pr_num, is_private_repo, inst_id, state)
pr_db.state.insert_one({
"_id": ObjectId(state),
"feedback_url": feedback_url,
"installaton_id": inst_id
})
if session.get('user_token', None) is None:
return redirect('https://github.com/login/oauth/authorize?client_id=96d3befa08fccb14296c&state=%s' % state)
else:
user_id = insert.participant(session.get('user_token'), state)
return redirect(feedback_url + "&userid=%s" % user_id)
@app.route('/submit', methods=['POST'])
def submit():
if request.json["action"] == 'history':
history = fetch.form_history(request.json["user_id"], request.json["pr_url"])
if history is not None:
return jsonify(history)
else:
return "None", 204
elif request.json["action"] == 'feedback':
pr_num = request.json["pr_num"]
full_repo_name = request.json["full_repo_name"]
insert.feedback_into_participant(request.json, request.json["state"])
if request.json["inst_id"] != "None":
insert.context(full_repo_name, pr_num, headers=io.get_auth_header(request.json["inst_id"], priv_key), code_privacy=request.json["code_privacy"])
else:
insert.context(full_repo_name, pr_num, http_auth=http_auth, code_privacy=request.json["code_privacy"])
return 'Feedback inserted into DB', 200
elif request.json["action"] == "moz_feedback":
insert.moz_feedback(request.json)
return 'Feedback inserted into DB', 200
elif request.json["action"] == 'context':
pr_num = request.json["pr_num"]
full_repo_name = request.json["full_repo_name"]
if request.json["inst_id"] != "None":
insert.context(full_repo_name, pr_num, headers=io.get_auth_header(request.json["inst_id"], priv_key), code_privacy=request.json["code_privacy"])
else:
insert.context(full_repo_name, pr_num, http_auth=http_auth, code_privacy=request.json["code_privacy"])
return 'Context inserted into DB', 200
else:
return 'Request not handled', 501
@app.route('/callback', methods=['GET', 'POST'])
def callback_handler():
response = {'code': request.args.get('code'),
'client_id': client_config['GITHUB_CLIENT_ID'],
'client_secret': client_config['GITHUB_CLIENT_SECRET']}
r = requests.post("https://github.com/login/oauth/access_token", data=response, headers={'Accept': 'application/json'})
oauth_token = r.json()['access_token']
state = request.args.get('state')
if oauth_token is not None:
session['user_token'] = oauth_token
if state == 'report':
response_user = requests.get("https://api.github.com/user", headers={'Authorization': 'token %s' % oauth_token}).json()
pr_db = pymongo.MongoClient().pr_database
user_id = pr_db.report_users.insert_one(response_user).inserted_id
return redirect('http://propr.tudelft.nl/profile.html?userid=%s' % user_id)
else:
user_id = insert.participant(oauth_token, state)
client = pymongo.MongoClient()
pr_db = client.pr_database.state
return redirect(pr_db.find_one({"_id": ObjectId(state)})["feedback_url"] + "&userid=%s" % user_id)
@app.route('/webhook', methods=['POST'])
def webhook():
if request.json is None:
print("NULL REQUEST: " + request.headers, file=sys.stderr)
return '', 400
elif "action" not in request.json and request.headers['X-GitHub-Event'] == "ping":
# POST request has initial webhook and repo details
client = pymongo.MongoClient()
pr_db = client.pr_database
# Insert init repo info into DB
pr_db.webhook_init.insert_one(request.json)
return '', 200
elif request.json.get("action", None) == "created" and request.headers['X-GitHub-Event'] == "installation":
client = pymongo.MongoClient()
pr_db = client.pr_database
# Insert init repo info into DB
pr_db.app_init.insert_one(request.json)
return 'Install successful', 200
elif request.json.get("action", None) == "closed" and request.headers['X-GitHub-Event'] == "pull_request":
parsed_json = request.json
is_private_repo = request.json["pull_request"]["base"]["repo"]["private"]
pr_num = parsed_json["pull_request"]["number"]
pr_id = parsed_json["pull_request"]["id"]
repo_id = parsed_json["pull_request"]["base"]["repo"]["id"]
# Only part of the repo URL is encoded: the owner and repo name
encoded_url = urllib.parse.quote_plus(parsed_json["pull_request"]["base"]["repo"]["full_name"])
# This is the entire URL of the PR to which the user iis redirected to once the form is filled
encoded_return_url = urllib.parse.quote_plus(parsed_json["pull_request"]["html_url"])
# Send POST request to comment on the PR with feedback link
pr_comment_url = 'https://api.github.com/repos/%s/issues/%s/comments' % (parsed_json["pull_request"]["base"]["repo"]["full_name"], pr_num)
if "installation" in request.json:
feedback_url = "http:/chennai.ewi.tudelft.nl:60002/feedback?returnurl=%s&url=%s&prid=%s&repoid=%s&prnum=%s&private=%s&instid=%s" % (encoded_return_url, encoded_url, pr_id, repo_id, pr_num, is_private_repo, request.json["installation"]["id"])
pr_comment_payload = json.dumps({"body": "Please provide your feedback on this pull request [here](%s).\n\n**Privacy statement**: We don't store any personal information such as your email address or name. We ask for GitHub authentication as an anonymous identifier to account for duplicate feedback entries and to see people specific preferences." % feedback_url})
r = requests.post(pr_comment_url, data=pr_comment_payload, headers=io.get_auth_header(request.json["installation"]["id"], priv_key))
else:
feedback_url = "http:/chennai.ewi.tudelft.nl:60002/feedback?returnurl=%s&url=%s&prid=%s&repoid=%s&prnum=%s&private=%s&instid=None" % (encoded_return_url, encoded_url, pr_id, repo_id, pr_num, is_private_repo)
pr_comment_payload = json.dumps({"body": "Please provide your feedback on this pull request [here](%s).\n\n**Privacy statement**: We don't store any personal information such as your email address or name. We ask for GitHub authentication as an anonymous identifier to account for duplicate feedback entries and to see people specific preferences." % feedback_url})
r = requests.post(pr_comment_url, data=pr_comment_payload, auth=http_auth)
if not is_private_repo:
io.download_patch(parsed_json["pull_request"]["patch_url"], http_auth, pr_id, repo_id)
return str((r.headers, r.json())), 200
else:
return 'Request not handled', 202
@app.route('/redir', methods=['POST'])
def redir():
if request.method == 'POST':
redirect(request.json['url'], code=302)
@app.after_request
def after_request(response):
response.headers['Access-Control-Allow-Origin'] = '*'
if request.method == 'OPTIONS':
response.headers['Access-Control-Allow-Methods'] = 'GET, POST'
headers = request.headers.get('Access-Control-Request-Headers')
if headers:
response.headers['Access-Control-Allow-Headers'] = headers
return response
@github.access_token_getter
def token_getter():
user = g.user
if user is not None:
return user.github_access_token
@app.before_request
def before_request():
g.user = None
if 'user_token' in session:
g.user = User(session['user_token'])
if __name__ == '__main__':
app.run(threaded=True)