OpenStack Study: formpost.py

The is the URL to the Swift desination, such as::

https://swift-cluster.example.com/v1/AUTH_account/container/object_prefix

The name of each file uploaded will be appended to the

given. So, you can upload directly to the root of container with a

url like::

https://swift-cluster.example.com/v1/AUTH_account/container/

Optionally, you can include an object prefix to better separate

different users' uploads, such as::

https://swift-cluster.example.com/v1/AUTH_account/container/object_prefix

Note the form method must be POST and the enctype must be set as

"multipart/form-data".

The redirect attribute is the URL to redirect the browser to after the upload

completes. This is an optional parameter. If you are uploading the form via an

XMLHttpRequest the redirect should not be included. The URL will have status

and message query parameters added to it, indicating the HTTP status code for

the upload (2xx is success) and a possible message for further information if

there was an error (such as "max_file_size exceeded").

The max_file_size attribute must be included and indicates the

largest single file upload that can be done, in bytes.

The max_file_count attribute must be included and indicates the

maximum number of files that can be uploaded with the form. Include

additional ```` attributes if

desired.

The expires attribute is the Unix timestamp before which the form

must be submitted before it is invalidated.

The signature attribute is the HMAC-SHA1 signature of the form. Here is

sample code for computing the signature::

import hmac

from hashlib import sha1

from time import time

path = '/v1/account/container/object_prefix'

redirect = 'https://srv.com/some-page' # set to '' if redirect not in form

max_file_size = 104857600

max_file_count = 10

expires = int(time() + 600)

key = 'mykey'

hmac_body = '%s\\n%s\\n%s\\n%s\\n%s' % (path, redirect,

max_file_size, max_file_count, expires)

signature = hmac.new(key, hmac_body, sha1).hexdigest()

The key is the value of the X-Account-Meta-Temp-URL-Key header on the

account.

Be certain to use the full path, from the /v1/ onward.

The command line tool ``swift-form-signature`` may be used (mostly

just when testing) to compute expires and signature.

Also note that the file attributes must be after the other attributes

in order to be processed correctly. If attributes come after the

file, they won't be sent with the subrequest (there is no way to

parse all the attributes on the server-side without reading the whole

thing into memory -- to service many requests, some with large files,

there just isn't enough memory on the server, so attributes following

the file are simply ignored).

"""

__all__ = ['FormPost', 'filter_factory', 'READ_CHUNK_SIZE', 'MAX_VALUE_LENGTH']

import hmac

import re

import rfc822

from hashlib import sha1

from time import time

from urllib import quote

from swift.common.middleware.tempurl import get_tempurl_keys_from_metadata

from swift.common.utils import streq_const_time, register_swift_info

from swift.common.wsgi import make_pre_authed_env

from swift.common.swob import HTTPUnauthorized

from swift.proxy.controllers.base import get_account_info

#: The size of data to read from the form at any given time.

READ_CHUNK_SIZE = 4096

#: The maximum size of any attribute's value. Any additional data will be

#: truncated.

MAX_VALUE_LENGTH = 4096

#: Regular expression to match form attributes.

ATTRIBUTES_RE = re.compile(r'(\w+)=(".*?"|[^";]+)(; ?|$)')