Merge pull request #67 from PerimeterX/dev

Version 3.0.2

.gitignore

@@ -6,5 +6,6 @@ manage.py
 myapp/
 untitled1/
 perimeterx_python_wsgi.egg-info/
+perimeterx_python_wsgi_gae.egg-info/
 dist
 dev/

CHANGELOG.md

@@ -1,5 +1,10 @@
 # Change Log
 
+## [v3.0.2](https://github.com/PerimeterX/perimeterx-python-wsgi) (2019-02-13)
+- page requested pass_reason alignment
+- better error handling for http errors
+- better module_version reporting
+
 ## [v3.0.1](https://github.com/PerimeterX/perimeterx-python-wsgi) (2019-02-04)
 - Monitor mode bug fix
 - Better error handling

README.md

@@ -4,9 +4,9 @@
 
 [PerimeterX](http://www.perimeterx.com) Python Middleware
 =============================================================
-> Latest stable version: [v3.0.1](https://pypi.org/project/perimeterx-python-wsgi/)
+> Latest stable version: [v3.0.2](https://pypi.org/project/perimeterx-python-wsgi/)
 
-> Latest GAE stable version: [v3.0.1](https://pypi.org/project/perimeterx-python-wsgi-gae/)
+> Latest GAE stable version: [v3.0.2](https://pypi.org/project/perimeterx-python-wsgi-gae/)
 
 Table of Contents
 -----------------

perimeterx/px_activities_client.py

@@ -29,7 +29,6 @@ def _send_activities_chunk():
         ACTIVITIES_BUFFER.pop(0)
     px_httpc.send(full_url=full_url, body=json.dumps(chunk), headers=default_headers, config=CONFIG, method='POST')
 
-
 def send_activities_in_thread():
     if len(ACTIVITIES_BUFFER) >= 10:
         CONFIG.logger.debug('Posting {} Activities'.format(len(ACTIVITIES_BUFFER)))
@@ -80,21 +79,24 @@ def send_block_activity(ctx, config):
         'block_score': ctx.score,
         'block_uuid': ctx.uuid,
         'block_reason': ctx.block_reason,
-        'http_method': ctx.http_method,
         'http_version': ctx.http_version,
         'px_cookie': ctx.decoded_cookie,
         'risk_rtt': ctx.risk_rtt,
         'cookie_origin': ctx.cookie_origin,
         'block_action': ctx.block_action,
-        'module_version': px_constants.MODULE_VERSION,
         'simulated_block': config.module_mode is px_constants.MODULE_MODE_MONITORING,
     })
 
 
 def send_page_requested_activity(ctx, config):
-    details = {}
+    details = {
+        'client_uuid': ctx.uuid,
+        'pass_reason': ctx.pass_reason,
+        'risk_rtt': ctx.risk_rtt
+    }
+
     if ctx.decoded_cookie:
-        details = {"px_cookie": ctx.decoded_cookie}
+        details['px_cookie'] = ctx.decoded_cookie
     send_to_perimeterx(px_constants.PAGE_REQUESTED_ACTIVITY, ctx, config, details)
 
 

perimeterx/px_api.py

@@ -41,15 +41,19 @@ def send_risk_request(ctx, config):
     }
     try:
         response = px_httpc.send(full_url=config.server_host + px_constants.API_RISK, body=json.dumps(body),
-                                 config=config,
-                                 headers=default_headers, method='POST')
+                                 config=config, headers=default_headers, method='POST', raise_error = True)
         if response:
             return json.loads(response.content)
         return False
     except requests.exceptions.Timeout:
+        ctx.pass_reason = 's2s_timeout'
         risk_rtt = time.time() - start
-        config.logger('Risk API timed out, round_trip_time: {}'.format(risk_rtt))
-
+        config.logger.debug('Risk API timed out, round_trip_time: {}'.format(risk_rtt))
+        return False
+    except requests.exceptions.RequestException as e:
+        ctx.pass_reason = 's2s_error'
+        config.logger.debug('Unexpected exception in Risk API call: {}'.format(e))
+        return False
 
 def verify(ctx, config):
     """

perimeterx/px_config.py

@@ -1,7 +1,7 @@
 import px_constants
 import px_testing_mode_handler
 from px_logger import Logger
-
+import os
 
 class PxConfig(object):
     def __init__(self, config_dict):
@@ -14,6 +14,7 @@ def __init__(self, config_dict):
         self._blocking_score = config_dict.get('blocking_score', 100)
         self._debug_mode = debug_mode
         self._module_version = config_dict.get('module_version', px_constants.MODULE_VERSION)
+        self._module_version = px_constants.MODULE_VERSION.format(' GAE') if os.environ.get('SERVER_SOFTWARE','').startswith('Google') else px_constants.MODULE_VERSION.format('')
         self._module_mode = module_mode
         self._server_host = 'sapi.perimeterx.net' if app_id is None else px_constants.SERVER_URL.format(app_id.lower())
         self._collector_host = 'collector.perimeterx.net' if app_id is None else px_constants.COLLECTOR_URL.format(

perimeterx/px_constants.py

@@ -30,7 +30,7 @@
 EMPTY_GIF_B64 = 'R0lGODlhAQABAPAAAAAAAAAAACH5BAEAAAAALAAAAAABAAEAAAICRAEAOw=='
 COLLECTOR_HOST = 'collector.perimeterx.net'
 FIRST_PARTY_FORWARDED_FOR = 'X-FORWARDED-FOR'
-MODULE_VERSION = 'Python WSGI Module v3.0.1'
+MODULE_VERSION = 'Python WSGI Module{} v3.0.2'
 API_RISK = '/api/v3/risk'
 PAGE_REQUESTED_ACTIVITY = 'page_requested'
 BLOCK_ACTIVITY = 'block'

perimeterx/px_context.py

@@ -86,7 +86,7 @@ def __init__(self, request, config):
         self._decoded_cookie = ''
         self._block_action = ''
         self._block_action_data = ''
-        self._pass_reason = ''
+        self._pass_reason = 'cookie'
         self._cookie_hmac = ''
         self._px_cookie_raw = ''
         self._original_token_error = ''

perimeterx/px_httpc.py

@@ -9,7 +9,7 @@
     requests_toolbelt.adapters.appengine.monkeypatch()
 #pylint: enable=import-error
 
-def send(full_url, body, headers, config, method):
+def send(full_url, body, headers, config, method, raise_error = False):
     """
     Returns the appropriate response parameters according to blocking parameters
     :param string full_url:
@@ -35,5 +35,6 @@ def send(full_url, body, headers, config, method):
         logger.debug('PerimeterX server call took {} ms'.format(request_time * 1000))
         return response
     except requests.exceptions.RequestException as err:
-        logger.debug('Received RequestException. Error: {}'.format(err))
-        raise err
+        logger.debug('PerimeterX Received Request Exception. Error: {}'.format(err))
+        if raise_error:
+            raise err

perimeterx/px_request_verifier.py

@@ -31,6 +31,7 @@ def verify_request(self, ctx, request):
         if not px_cookie_validator.verify(ctx, self.config):
             # Server-to-Server verification fallback
             if not px_api.verify(ctx, self.config):
+                self.report_pass_traffic(ctx)
                 return True
         return self.handle_verification(ctx, request)
 

setup-gae.py

@@ -2,7 +2,7 @@
 
 from setuptools import setup, find_packages
 
-version = 'v3.0.1'
+version = 'v3.0.2'
 setup(name='perimeterx-python-wsgi-gae',
       version=version,
       license='MIT',

setup.py

@@ -2,7 +2,7 @@
 
 from setuptools import setup, find_packages
 
-version = 'v3.0.1'
+version = 'v3.0.2'
 setup(name='perimeterx-python-wsgi',
       version=version,
       license='MIT',

test/test_px_request_validator.py

@@ -14,7 +14,10 @@ class TestPxRequestVerifier(unittest.TestCase):
 
     @classmethod
     def setUpClass(cls):
-        cls.config = PxConfig({'app_id': 'PXfake_app_id', 'module_mode': px_constants.MODULE_MODE_BLOCKING})
+        cls.config = PxConfig({'app_id': 'PXfake_app_id',
+                               'auth_token': '',
+                               'module_mode': px_constants.MODULE_MODE_BLOCKING
+                               })
         cls.headers = {'X-FORWARDED-FOR': '127.0.0.1',
                        'remote-addr': '127.0.0.1',
                        'content_length': '100'}