httpie-cli/httpie/sessions.py

"""
Persistent, JSON-serialized sessions.

"""
import os
import re

from http.cookies import SimpleCookie
from pathlib import Path
from typing import Iterable, Optional, Union
from urllib.parse import urlsplit

from requests.auth import AuthBase
from requests.cookies import RequestsCookieJar, create_cookie

from .cli.dicts import HTTPHeadersDict
from .config import BaseConfigDict, DEFAULT_CONFIG_DIR
from .plugins.registry import plugin_manager


SESSIONS_DIR_NAME = 'sessions'
DEFAULT_SESSIONS_DIR = DEFAULT_CONFIG_DIR / SESSIONS_DIR_NAME
VALID_SESSION_NAME_PATTERN = re.compile('^[a-zA-Z0-9_.-]+$')
# Request headers starting with these prefixes won't be stored in sessions.
# They are specific to each request.
# <https://en.wikipedia.org/wiki/List_of_HTTP_header_fields#Requests>
SESSION_IGNORED_HEADER_PREFIXES = ['Content-', 'If-']


def get_httpie_session(
    config_dir: Path,
    session_name: str,
    host: Optional[str],
    url: str,
) -> 'Session':
    if os.path.sep in session_name:
        path = os.path.expanduser(session_name)
    else:
        hostname = host or urlsplit(url).netloc.split('@')[-1]
        if not hostname:
            # HACK/FIXME: httpie-unixsocket's URLs have no hostname.
            hostname = 'localhost'

        # host:port => host_port
        hostname = hostname.replace(':', '_')
        path = (
            config_dir / SESSIONS_DIR_NAME / hostname / f'{session_name}.json'
        )
    session = Session(path)
    session.load()
    return session


class Session(BaseConfigDict):
    helpurl = 'https://httpie.io/docs#sessions'
    about = 'HTTPie session file'

    def __init__(self, path: Union[str, Path]):
        super().__init__(path=Path(path))
        self['headers'] = {}
        self['cookies'] = {}
        self['auth'] = {
            'type': None,
            'username': None,
            'password': None
        }

    def update_headers(self, request_headers: HTTPHeadersDict):
        """
        Update the session headers with the request ones while ignoring
        certain name prefixes.

        """
        headers = self.headers
        for name, value in request_headers.copy().items():

            if value is None:
                continue  # Ignore explicitly unset headers

            if type(value) is not str:
                value = value.decode()

            if name.lower() == 'user-agent' and value.startswith('HTTPie/'):
                continue

            if name.lower() == 'cookie':
                for cookie_name, morsel in SimpleCookie(value).items():
                    self['cookies'][cookie_name] = {'value': morsel.value}
                del request_headers[name]
                continue

            for prefix in SESSION_IGNORED_HEADER_PREFIXES:
                if name.lower().startswith(prefix.lower()):
                    break
            else:
                headers[name] = value

        self['headers'] = dict(headers)

    @property
    def headers(self) -> HTTPHeadersDict:
        return HTTPHeadersDict(self['headers'])

    @property
    def cookies(self) -> RequestsCookieJar:
        jar = RequestsCookieJar()
        for name, cookie_dict in self['cookies'].items():
            jar.set_cookie(create_cookie(
                name, cookie_dict.pop('value'), **cookie_dict))
        jar.clear_expired_cookies()
        return jar

    @cookies.setter
    def cookies(self, jar: RequestsCookieJar):
        # <https://docs.python.org/3/library/cookielib.html#cookie-objects>
        stored_attrs = ['value', 'path', 'secure', 'expires']
        self['cookies'] = {}
        for cookie in jar:
            self['cookies'][cookie.name] = {
                attname: getattr(cookie, attname)
                for attname in stored_attrs
            }

    @property
    def auth(self) -> Optional[AuthBase]:
        auth = self.get('auth', None)
        if not auth or not auth['type']:
            return

        plugin = plugin_manager.get_auth_plugin(auth['type'])()

        credentials = {'username': None, 'password': None}
        try:
            # New style
            plugin.raw_auth = auth['raw_auth']
        except KeyError:
            # Old style
            credentials = {
                'username': auth['username'],
                'password': auth['password'],
            }
        else:
            if plugin.auth_parse:
                from .cli.argtypes import parse_auth
                parsed = parse_auth(plugin.raw_auth)
                credentials = {
                    'username': parsed.key,
                    'password': parsed.value,
                }

        return plugin.get_auth(**credentials)

    @auth.setter
    def auth(self, auth: dict):
        assert {'type', 'raw_auth'} == auth.keys()
        self['auth'] = auth

    def remove_cookies(self, names: Iterable[str]):
        for name in names:
            if name in self['cookies']:
                del self['cookies'][name]
Remove automatic config file creation to avoid concurrency issues. Close #788 Close #812 2019-12-02 17:43:16 +01:00			`"""`
			`Persistent, JSON-serialized sessions.`
JSON session data, `httpie' management command. 2012-08-18 23:03:31 +02:00
			`"""`
Added initial support for persistent sessions. 2012-08-17 23:23:02 +02:00			`import os`
Add one-by-one processing of each HTTP request or response and --offline 2019-09-03 17:14:39 +02:00			`import re`
Combine cookies from original request and session file Close #932 Co-authored-by: kbanc <katherine.bancoft@gmail.com> Co-authored-by: Gabriel Cruz <gabs.oficial98@gmail.com> 2020-06-18 23:17:33 +02:00
			`from http.cookies import SimpleCookie`
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`from pathlib import Path`
Remove expired cookies (#929) * added a test for expiring cookies * updated tests * set up util for extracting expired cookies from response header * Revert "updated tests" This reverts commit a4eb5c4498d24816c971578216d351d892293549. * Revert "Revert "updated tests"" This reverts commit d242e21bce8101dab03fa52810bc5d2789c9307e. * added more functionality to get-expired-cookies * add 'clear expired cookies' from session.json files * refactored get_expired_cookies * fixed formatting issues * ensured key exists in cookie_header dict * fixed linting errors * removed unused import * Added tests for get_expired_cookies util * Added additional test for get_expired_cookies * added remove_expired_cookies method directly to sessions class * extracted logic to clear cookies to sessions.py * refactored utils * added tests to check expired cookies being removed from session obj * added type annotations for methods * Refactored test_sessions * Seperated out expiry related tests into own class * Refactored get_expired_cookies in utils * Refactored remove cookie methods * fixed linting errors * fixed indentation and also pluralized test class name * removed inheritance from SessionTestbase class * Moved related test to TestExpiredCookies class Co-authored-by: kbanc <katherine.bancoft@gmail.com> 2020-06-15 22:28:04 +02:00			`from typing import Iterable, Optional, Union`
Python 2.7 support removal WIP 2019-08-29 08:53:56 +02:00			`from urllib.parse import urlsplit`
JSON session data, `httpie' management command. 2012-08-18 23:03:31 +02:00
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`from requests.auth import AuthBase`
Cleanup 2020-06-15 23:02:16 +02:00			`from requests.cookies import RequestsCookieJar, create_cookie`
Added initial support for persistent sessions. 2012-08-17 23:23:02 +02:00
Preserve individual headers with the same name on responses (#1208) * Preserve individual headers with the same name on responses * Rename RequestHeadersDict to HTTPHeadersDict * Update tests/utils/http_server.py * Update tests/utils/http_server.py * Update httpie/adapters.py Co-authored-by: Jakub Roztocil <jakub@roztocil.co> 2021-11-25 00:41:37 +01:00			`from .cli.dicts import HTTPHeadersDict`
Use relative imports (#1057) * Use relative imports in test * Use relative imports * Add myself to contributors :) 2021-05-05 14:13:39 +02:00			`from .config import BaseConfigDict, DEFAULT_CONFIG_DIR`
			`from .plugins.registry import plugin_manager`
Added initial support for persistent sessions. 2012-08-17 23:23:02 +02:00

Added tests for sessions. 2012-09-17 02:15:00 +02:00			`SESSIONS_DIR_NAME = 'sessions'`
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`DEFAULT_SESSIONS_DIR = DEFAULT_CONFIG_DIR / SESSIONS_DIR_NAME`
Added anonymous sessions (--session=/file/path.json). 2013-05-13 14:47:44 +02:00			`VALID_SESSION_NAME_PATTERN = re.compile('^[a-zA-Z0-9_.-]+$')`
Ignore Content-* and If-* request headers. Those headers are not stored in sessions anymore. Closes #141. 2013-05-13 11:54:49 +02:00			`# Request headers starting with these prefixes won't be stored in sessions.`
			`# They are specific to each request.`
Cleanup 2019-12-03 19:09:09 +01:00			`# <https://en.wikipedia.org/wiki/List_of_HTTP_header_fields#Requests>`
Ignore Content-* and If-* request headers. Those headers are not stored in sessions anymore. Closes #141. 2013-05-13 11:54:49 +02:00			`SESSION_IGNORED_HEADER_PREFIXES = ['Content-', 'If-']`


Add one-by-one processing of each HTTP request or response and --offline 2019-09-03 17:14:39 +02:00			`def get_httpie_session(`
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`config_dir: Path,`
Add one-by-one processing of each HTTP request or response and --offline 2019-09-03 17:14:39 +02:00			`session_name: str,`
			`host: Optional[str],`
			`url: str,`
			`) -> 'Session':`
Added anonymous sessions (--session=/file/path.json). 2013-05-13 14:47:44 +02:00			`if os.path.sep in session_name:`
			`path = os.path.expanduser(session_name)`
			`else:`
Add one-by-one processing of each HTTP request or response and --offline 2019-09-03 17:14:39 +02:00			`hostname = host or urlsplit(url).netloc.split('@')[-1]`
Added support for transport adapter plugins #276, #298 2015-02-05 15:25:00 +01:00			`if not hostname:`
			`# HACK/FIXME: httpie-unixsocket's URLs have no hostname.`
			`hostname = 'localhost'`
Added anonymous sessions (--session=/file/path.json). 2013-05-13 14:47:44 +02:00
			`# host:port => host_port`
			`hostname = hostname.replace(':', '_')`
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`path = (`
Add one-by-one processing of each HTTP request or response and --offline 2019-09-03 17:14:39 +02:00			`config_dir / SESSIONS_DIR_NAME / hostname / f'{session_name}.json'`
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`)`
Added anonymous sessions (--session=/file/path.json). 2013-05-13 14:47:44 +02:00			`session = Session(path)`
Sessions are now host-bound. 2012-08-19 04:58:14 +02:00			`session.load()`
Add one-by-one processing of each HTTP request or response and --offline 2019-09-03 17:14:39 +02:00			`return session`
Added initial support for persistent sessions. 2012-08-17 23:23:02 +02:00

Added configuration file. The "default_content_type" option can be set to "form". Closes #91. 2012-09-17 00:37:36 +02:00			`class Session(BaseConfigDict):`
Use httpie.io/docs everywhere [skip ci] 2021-09-28 12:53:53 +02:00			`helpurl = 'https://httpie.io/docs#sessions'`
Progress on `httpie session *`. 2012-12-01 18:16:00 +01:00			`about = 'HTTPie session file'`

Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`def __init__(self, path: Union[str, Path]):`
Remove automatic config file creation to avoid concurrency issues. Close #788 Close #812 2019-12-02 17:43:16 +01:00			`super().__init__(path=Path(path))`
Sessions are now host-bound. 2012-08-19 04:58:14 +02:00			`self['headers'] = {}`
			`self['cookies'] = {}`
Progress on `httpie session *`. 2012-12-01 18:16:00 +01:00			`self['auth'] = {`
			`'type': None,`
Session commands. 2012-12-11 12:54:34 +01:00			`'username': None,`
			`'password': None`
Progress on `httpie session *`. 2012-12-01 18:16:00 +01:00			`}`
Added initial support for persistent sessions. 2012-08-17 23:23:02 +02:00
Preserve individual headers with the same name on responses (#1208) * Preserve individual headers with the same name on responses * Rename RequestHeadersDict to HTTPHeadersDict * Update tests/utils/http_server.py * Update tests/utils/http_server.py * Update httpie/adapters.py Co-authored-by: Jakub Roztocil <jakub@roztocil.co> 2021-11-25 00:41:37 +01:00			`def update_headers(self, request_headers: HTTPHeadersDict):`
Ignore Content-* and If-* request headers. Those headers are not stored in sessions anymore. Closes #141. 2013-05-13 11:54:49 +02:00			`"""`
			`Update the session headers with the request ones while ignoring`
			`certain name prefixes.`

			`"""`
Sessions 2019-09-01 21:15:39 +02:00			`headers = self.headers`
Fix handling of session files with `Cookie:` followed by other headers (#1127) * Fix the handling of cookies from session files * Apply suggestions from code review Co-authored-by: Jakub Roztocil <jakub@roztocil.co> * Fix test docstring formatting Co-authored-by: Jakub Roztocil <jakub@roztocil.co> 2021-08-16 14:50:46 +02:00			`for name, value in request_headers.copy().items():`
Fixed --download with --session Closes #412 2016-02-28 12:14:10 +01:00
			`if value is None:`
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`continue # Ignore explicitly unset headers`
Fixed --download with --session Closes #412 2016-02-28 12:14:10 +01:00
Decode headers using utf-8 only if they are not str (#1020) 2021-01-13 21:45:56 +01:00			`if type(value) is not str:`
Uniformize UTF-8 naming (#1115) * Uniformize UTF-8 naming Replace `utf8` -> `utf-8` everywhere. It should have no impact, `utf8` is an alias of `utf-8` [1]. [1] https://github.com/python/cpython/blob/ee03bad25e83b00ba5fc2a0265b48c6286e6b3f7/Lib/encodings/aliases.py#L534 * Always specify the encoding Let's be explicit over implicit. And prevent future warnings from PEP-597 [1]. [1] https://www.python.org/dev/peps/pep-0597/#using-the-default-encoding-is-a-common-mistake * Update `UTF8` constant (`utf-8` -> `utf_8`) * Remove default argument from `str.encode()` and `bytes.decode()` * Clean-up 2021-08-05 20:58:43 +02:00			`value = value.decode()`
Decode headers using utf-8 only if they are not str (#1020) 2021-01-13 21:45:56 +01:00
Combine cookies from original request and session file Close #932 Co-authored-by: kbanc <katherine.bancoft@gmail.com> Co-authored-by: Gabriel Cruz <gabs.oficial98@gmail.com> 2020-06-18 23:17:33 +02:00			`if name.lower() == 'user-agent' and value.startswith('HTTPie/'):`
			`continue`

			`if name.lower() == 'cookie':`
			`for cookie_name, morsel in SimpleCookie(value).items():`
			`self['cookies'][cookie_name] = {'value': morsel.value}`
			`del request_headers[name]`
Ignore Content-* and If-* request headers. Those headers are not stored in sessions anymore. Closes #141. 2013-05-13 11:54:49 +02:00			`continue`

			`for prefix in SESSION_IGNORED_HEADER_PREFIXES:`
			`if name.lower().startswith(prefix.lower()):`
			`break`
			`else:`
Sessions 2019-09-01 21:15:39 +02:00			`headers[name] = value`

			`self['headers'] = dict(headers)`
Ignore Content-* and If-* request headers. Those headers are not stored in sessions anymore. Closes #141. 2013-05-13 11:54:49 +02:00
			`@property`
Preserve individual headers with the same name on responses (#1208) * Preserve individual headers with the same name on responses * Rename RequestHeadersDict to HTTPHeadersDict * Update tests/utils/http_server.py * Update tests/utils/http_server.py * Update httpie/adapters.py Co-authored-by: Jakub Roztocil <jakub@roztocil.co> 2021-11-25 00:41:37 +01:00			`def headers(self) -> HTTPHeadersDict:`
			`return HTTPHeadersDict(self['headers'])`
Ignore Content-* and If-* request headers. Those headers are not stored in sessions anymore. Closes #141. 2013-05-13 11:54:49 +02:00
JSON session data, `httpie' management command. 2012-08-18 23:03:31 +02:00			`@property`
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`def cookies(self) -> RequestsCookieJar:`
JSON session data, `httpie' management command. 2012-08-18 23:03:31 +02:00			`jar = RequestsCookieJar()`
			`for name, cookie_dict in self['cookies'].items():`
Cleanup 2012-08-21 15:45:22 +02:00			`jar.set_cookie(create_cookie(`
			`name, cookie_dict.pop('value'), **cookie_dict))`
JSON session data, `httpie' management command. 2012-08-18 23:03:31 +02:00			`jar.clear_expired_cookies()`
			`return jar`
Added initial support for persistent sessions. 2012-08-17 23:23:02 +02:00
JSON session data, `httpie' management command. 2012-08-18 23:03:31 +02:00			`@cookies.setter`
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`def cookies(self, jar: RequestsCookieJar):`
Use PYthon 3 documentation [skip ci] 2021-09-28 12:54:16 +02:00			`# <https://docs.python.org/3/library/cookielib.html#cookie-objects>`
Simplified stored session cookie data. 2013-01-22 20:03:28 +01:00			`stored_attrs = ['value', 'path', 'secure', 'expires']`
JSON session data, `httpie' management command. 2012-08-18 23:03:31 +02:00			`self['cookies'] = {}`
Fixed PyPy cookie updating issue 2013-03-20 10:45:56 +01:00			`for cookie in jar:`
Start using dict comprehensions 2017-12-28 18:15:17 +01:00			`self['cookies'][cookie.name] = {`
			`attname: getattr(cookie, attname)`
Formatting 2013-03-20 16:07:23 +01:00			`for attname in stored_attrs`
Start using dict comprehensions 2017-12-28 18:15:17 +01:00			`}`
Added initial support for persistent sessions. 2012-08-17 23:23:02 +02:00
JSON session data, `httpie' management command. 2012-08-18 23:03:31 +02:00			`@property`
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`def auth(self) -> Optional[AuthBase]:`
JSON session data, `httpie' management command. 2012-08-18 23:03:31 +02:00			`auth = self.get('auth', None)`
Progress on `httpie session *`. 2012-12-01 18:16:00 +01:00			`if not auth or not auth['type']:`
Session commands. 2012-12-11 12:54:34 +01:00			`return`
Extend auth plugin API This extends the `AuthPlugin` API by the following attributes: * `auth_require`: set to `False` to make `--auth, -a` optional * `auth_parse`: set to `False` to disable `username:password` parsing (access the raw value passed to `-a` via `self.raw_auth`). * `prompt_password`: set to`False` to disable password prompt when no password provided (only relevant when `auth_parse == True`) These changes should be 100% backwards-compatible. What needs more testing is auth support in sessions. Close #433 Close #431 Close #378 Ping teracyhq/httpie-jwt-auth#3 2016-11-23 22:01:58 +01:00
			`plugin = plugin_manager.get_auth_plugin(auth['type'])()`

			`credentials = {'username': None, 'password': None}`
			`try:`
			`# New style`
			`plugin.raw_auth = auth['raw_auth']`
			`except KeyError:`
			`# Old style`
			`credentials = {`
			`'username': auth['username'],`
			`'password': auth['password'],`
			`}`
			`else:`
			`if plugin.auth_parse:`
Use relative imports (#1057) * Use relative imports in test * Use relative imports * Add myself to contributors :) 2021-05-05 14:13:39 +02:00			`from .cli.argtypes import parse_auth`
Extend auth plugin API This extends the `AuthPlugin` API by the following attributes: * `auth_require`: set to `False` to make `--auth, -a` optional * `auth_parse`: set to `False` to disable `username:password` parsing (access the raw value passed to `-a` via `self.raw_auth`). * `prompt_password`: set to`False` to disable password prompt when no password provided (only relevant when `auth_parse == True`) These changes should be 100% backwards-compatible. What needs more testing is auth support in sessions. Close #433 Close #431 Close #378 Ping teracyhq/httpie-jwt-auth#3 2016-11-23 22:01:58 +01:00			`parsed = parse_auth(plugin.raw_auth)`
			`credentials = {`
			`'username': parsed.key,`
			`'password': parsed.value,`
			`}`

			`return plugin.get_auth(**credentials)`
Added initial support for persistent sessions. 2012-08-17 23:23:02 +02:00
JSON session data, `httpie' management command. 2012-08-18 23:03:31 +02:00			`@auth.setter`
Python 3 annotations, super(), pathlib, etc. 2019-08-30 11:32:14 +02:00			`def auth(self, auth: dict):`
Use set literal 2019-08-30 09:56:50 +02:00			`assert {'type', 'raw_auth'} == auth.keys()`
Added support for auth plugins. 2013-09-21 23:46:15 +02:00			`self['auth'] = auth`
Remove expired cookies (#929) * added a test for expiring cookies * updated tests * set up util for extracting expired cookies from response header * Revert "updated tests" This reverts commit a4eb5c4498d24816c971578216d351d892293549. * Revert "Revert "updated tests"" This reverts commit d242e21bce8101dab03fa52810bc5d2789c9307e. * added more functionality to get-expired-cookies * add 'clear expired cookies' from session.json files * refactored get_expired_cookies * fixed formatting issues * ensured key exists in cookie_header dict * fixed linting errors * removed unused import * Added tests for get_expired_cookies util * Added additional test for get_expired_cookies * added remove_expired_cookies method directly to sessions class * extracted logic to clear cookies to sessions.py * refactored utils * added tests to check expired cookies being removed from session obj * added type annotations for methods * Refactored test_sessions * Seperated out expiry related tests into own class * Refactored get_expired_cookies in utils * Refactored remove cookie methods * fixed linting errors * fixed indentation and also pluralized test class name * removed inheritance from SessionTestbase class * Moved related test to TestExpiredCookies class Co-authored-by: kbanc <katherine.bancoft@gmail.com> 2020-06-15 22:28:04 +02:00
			`def remove_cookies(self, names: Iterable[str]):`
			`for name in names:`
			`if name in self['cookies']:`
			`del self['cookies'][name]`