sanic/sanic/cookies.py

import re
import string

from datetime import datetime
from typing import Dict


DEFAULT_MAX_AGE = 0

# ------------------------------------------------------------ #
#  SimpleCookie
# ------------------------------------------------------------ #

# Straight up copied this section of dark magic from SimpleCookie

_LegalChars = string.ascii_letters + string.digits + "!#$%&'*+-.^_`|~:"
_UnescapedChars = _LegalChars + " ()/<=>?@[]{}"

_Translator = {
    n: "\\%03o" % n for n in set(range(256)) - set(map(ord, _UnescapedChars))
}
_Translator.update({ord('"'): '\\"', ord("\\"): "\\\\"})


def _quote(str):
    r"""Quote a string for use in a cookie header.
    If the string does not need to be double-quoted, then just return the
    string.  Otherwise, surround the string in doublequotes and quote
    (with a \) special characters.
    """
    if str is None or _is_legal_key(str):
        return str
    else:
        return '"' + str.translate(_Translator) + '"'


_is_legal_key = re.compile("[%s]+" % re.escape(_LegalChars)).fullmatch

# ------------------------------------------------------------ #
#  Custom SimpleCookie
# ------------------------------------------------------------ #


class CookieJar(dict):
    """
    CookieJar dynamically writes headers as cookies are added and removed
    It gets around the limitation of one header per name by using the
    MultiHeader class to provide a unique key that encodes to Set-Cookie.
    """

    def __init__(self, headers):
        super().__init__()
        self.headers: Dict[str, str] = headers
        self.cookie_headers: Dict[str, str] = {}
        self.header_key: str = "Set-Cookie"

    def __setitem__(self, key, value):
        # If this cookie doesn't exist, add it to the header keys
        if not self.cookie_headers.get(key):
            cookie = Cookie(key, value)
            cookie["path"] = "/"
            self.cookie_headers[key] = self.header_key
            self.headers.add(self.header_key, cookie)
            return super().__setitem__(key, cookie)
        else:
            self[key].value = value

    def __delitem__(self, key):
        if key not in self.cookie_headers:
            self[key] = ""
            self[key]["max-age"] = 0
        else:
            cookie_header = self.cookie_headers[key]
            # remove it from header
            cookies = self.headers.popall(cookie_header)
            for cookie in cookies:
                if cookie.key != key:
                    self.headers.add(cookie_header, cookie)
            del self.cookie_headers[key]
            return super().__delitem__(key)


class Cookie(dict):
    """A stripped down version of Morsel from SimpleCookie #gottagofast"""

    _keys = {
        "expires": "expires",
        "path": "Path",
        "comment": "Comment",
        "domain": "Domain",
        "max-age": "Max-Age",
        "secure": "Secure",
        "httponly": "HttpOnly",
        "version": "Version",
        "samesite": "SameSite",
    }
    _flags = {"secure", "httponly"}

    def __init__(self, key, value):
        if key in self._keys:
            raise KeyError("Cookie name is a reserved word")
        if not _is_legal_key(key):
            raise KeyError("Cookie key contains illegal characters")
        self.key = key
        self.value = value
        super().__init__()

    def __setitem__(self, key, value):
        if key not in self._keys:
            raise KeyError("Unknown cookie property")
        if value is not False:
            if key.lower() == "max-age":
                if not str(value).isdigit():
                    raise ValueError("Cookie max-age must be an integer")
            elif key.lower() == "expires":
                if not isinstance(value, datetime):
                    raise TypeError(
                        "Cookie 'expires' property must be a datetime"
                    )
            return super().__setitem__(key, value)

    def encode(self, encoding):
        """
        Encode the cookie content in a specific type of encoding instructed
        by the developer. Leverages the :func:`str.encode` method provided
        by python.

        This method can be used to encode and embed ``utf-8`` content into
        the cookies.

        :param encoding: Encoding to be used with the cookie
        :return: Cookie encoded in a codec of choosing.
        :except: UnicodeEncodeError
        """
        return str(self).encode(encoding)

    def __str__(self):
        """Format as a Set-Cookie header value."""
        output = ["%s=%s" % (self.key, _quote(self.value))]
        for key, value in self.items():
            if key == "max-age":
                try:
                    output.append("%s=%d" % (self._keys[key], value))
                except TypeError:
                    output.append("%s=%s" % (self._keys[key], value))
            elif key == "expires":
                output.append(
                    "%s=%s"
                    % (self._keys[key], value.strftime("%a, %d-%b-%Y %T GMT"))
                )
            elif key in self._flags and self[key]:
                output.append(self._keys[key])
            else:
                output.append("%s=%s" % (self._keys[key], value))

        return "; ".join(output)
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`import re`
			`import string`

Enforce Datetime Type for Expires on Set-Cookie (#1484) * Enforce Datetime Type for Expires on Set-Cookie * Fix lint issues * Format code and improve error type * Fix import order 2019-02-06 18:29:33 +00:00			`from datetime import datetime`
Additonal annotations 2021-01-29 14:19:10 +00:00			`from typing import Dict`
Enforce Datetime Type for Expires on Set-Cookie (#1484) * Enforce Datetime Type for Expires on Set-Cookie * Fix lint issues * Format code and improve error type * Fix import order 2019-02-06 18:29:33 +00:00
formatting 2019-01-09 21:47:26 +00:00
enforce integer for max-age cookie 2019-01-03 23:01:54 +00:00			`DEFAULT_MAX_AGE = 0`
integrate with isort 2018-10-18 05:20:16 +01:00
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`# ------------------------------------------------------------ #`
			`# SimpleCookie`
			`# ------------------------------------------------------------ #`

			`# Straight up copied this section of dark magic from SimpleCookie`

			_LegalChars = string.ascii_letters + string.digits + "!#$%&'*+-.^_`\|~:"
run black against sanic module 2018-10-14 01:55:33 +01:00			`_UnescapedChars = _LegalChars + " ()/<=>?@[]{}"`
Lazy cookie creation 2016-10-25 09:27:54 +01:00
run black against sanic module 2018-10-14 01:55:33 +01:00			`_Translator = {`
			`n: "\\%03o" % n for n in set(range(256)) - set(map(ord, _UnescapedChars))`
			`}`
			`_Translator.update({ord('"'): '\\"', ord("\\"): "\\\\"})`
Lazy cookie creation 2016-10-25 09:27:54 +01:00
Fix flake8 issues 2016-10-25 09:36:12 +01:00
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`def _quote(str):`
Fix documentation build errors 2018-10-26 09:29:53 +01:00			`r"""Quote a string for use in a cookie header.`
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`If the string does not need to be double-quoted, then just return the`
			`string. Otherwise, surround the string in doublequotes and quote`
			`(with a \) special characters.`
			`"""`
			`if str is None or _is_legal_key(str):`
			`return str`
			`else:`
			`return '"' + str.translate(_Translator) + '"'`

Fix the flake8 error caused by new flake8 version 2016-11-16 18:55:13 +00:00
run black against sanic module 2018-10-14 01:55:33 +01:00			`_is_legal_key = re.compile("[%s]+" % re.escape(_LegalChars)).fullmatch`
Lazy cookie creation 2016-10-25 09:27:54 +01:00
			`# ------------------------------------------------------------ #`
			`# Custom SimpleCookie`
			`# ------------------------------------------------------------ #`

Fix flake8 issues 2016-10-25 09:36:12 +01:00
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`class CookieJar(dict):`
Additonal annotations 2021-01-29 14:19:10 +00:00			`"""`
			`CookieJar dynamically writes headers as cookies are added and removed`
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`It gets around the limitation of one header per name by using the`
Added del cookie and default path 2017-01-25 09:53:39 +00:00			`MultiHeader class to provide a unique key that encodes to Set-Cookie.`
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`"""`
Added del cookie and default path 2017-01-25 09:53:39 +00:00
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`def __init__(self, headers):`
			`super().__init__()`
Additonal annotations 2021-01-29 14:19:10 +00:00			`self.headers: Dict[str, str] = headers`
			`self.cookie_headers: Dict[str, str] = {}`
			`self.header_key: str = "Set-Cookie"`
Fix flake8 issues 2016-10-25 09:36:12 +01:00
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`def __setitem__(self, key, value):`
			`# If this cookie doesn't exist, add it to the header keys`
Fix response ci header (#1244) * add unit tests, which should fail * fix CIDict * moving CIDict to avoid circular imports * fix unit tests * use multidict for headers * fix cookie * add version constraint for multidict * omit test coverage for __main__.py * make flake8 happy * consolidate check in for loop * travisci retry build 2018-07-11 09:44:21 +01:00			`if not self.cookie_headers.get(key):`
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`cookie = Cookie(key, value)`
run black against sanic module 2018-10-14 01:55:33 +01:00			`cookie["path"] = "/"`
Fix response ci header (#1244) * add unit tests, which should fail * fix CIDict * moving CIDict to avoid circular imports * fix unit tests * use multidict for headers * fix cookie * add version constraint for multidict * omit test coverage for __main__.py * make flake8 happy * consolidate check in for loop * travisci retry build 2018-07-11 09:44:21 +01:00			`self.cookie_headers[key] = self.header_key`
			`self.headers.add(self.header_key, cookie)`
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`return super().__setitem__(key, cookie)`
			`else:`
			`self[key].value = value`

			`def __delitem__(self, key):`
Added del cookie and default path 2017-01-25 09:53:39 +00:00			`if key not in self.cookie_headers:`
run black against sanic module 2018-10-14 01:55:33 +01:00			`self[key] = ""`
			`self[key]["max-age"] = 0`
Added del cookie and default path 2017-01-25 09:53:39 +00:00			`else:`
			`cookie_header = self.cookie_headers[key]`
Fix response ci header (#1244) * add unit tests, which should fail * fix CIDict * moving CIDict to avoid circular imports * fix unit tests * use multidict for headers * fix cookie * add version constraint for multidict * omit test coverage for __main__.py * make flake8 happy * consolidate check in for loop * travisci retry build 2018-07-11 09:44:21 +01:00			`# remove it from header`
			`cookies = self.headers.popall(cookie_header)`
			`for cookie in cookies:`
			`if cookie.key != key:`
			`self.headers.add(cookie_header, cookie)`
Added del cookie and default path 2017-01-25 09:53:39 +00:00			`del self.cookie_headers[key]`
			`return super().__delitem__(key)`
Lazy cookie creation 2016-10-25 09:27:54 +01:00
Fix flake8 issues 2016-10-25 09:36:12 +01:00
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`class Cookie(dict):`
Pep8 cleanups (#429) * PEP8 cleanups * PEP8 cleanups (server.py) * PEP8 cleanups (blueprints.py) * PEP8 cleanups (config.py) * PEP8 cleanups (cookies.py) * PEP8 cleanups (handlers.py) * PEP8 cleanups (request.py) * PEP8 cleanups (response.py) * PEP8 cleanups (router.py) * PEP8 cleanups (sanic.py) #2 * PEP8 cleanups (server.py) #2 * PEP8 cleanups (static.py) * PEP8 cleanups (utils.py) * PEP8 cleanups (views.py) Updated docstring 2017-02-14 19:10:19 +00:00			`"""A stripped down version of Morsel from SimpleCookie #gottagofast"""`
run black against sanic module 2018-10-14 01:55:33 +01:00
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`_keys = {`
Fix flake8 issues 2016-10-25 09:36:12 +01:00			`"expires": "expires",`
			`"path": "Path",`
			`"comment": "Comment",`
			`"domain": "Domain",`
			`"max-age": "Max-Age",`
			`"secure": "Secure",`
			`"httponly": "HttpOnly",`
			`"version": "Version",`
add samesite cookie to cookie keys 2017-12-24 10:33:52 +00:00			`"samesite": "SameSite",`
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`}`
run black against sanic module 2018-10-14 01:55:33 +01:00			`_flags = {"secure", "httponly"}`
Lazy cookie creation 2016-10-25 09:27:54 +01:00
			`def __init__(self, key, value):`
			`if key in self._keys:`
			`raise KeyError("Cookie name is a reserved word")`
			`if not _is_legal_key(key):`
			`raise KeyError("Cookie key contains illegal characters")`
			`self.key = key`
			`self.value = value`
			`super().__init__()`

			`def __setitem__(self, key, value):`
Fix flake8 issues 2016-10-25 09:36:12 +01:00			`if key not in self._keys:`
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`raise KeyError("Unknown cookie property")`
fix false cookie encoding and output 2017-10-06 06:20:36 +01:00			`if value is not False:`
enforce integer for max-age cookie 2019-01-03 23:01:54 +00:00			`if key.lower() == "max-age":`
			`if not str(value).isdigit():`
Raise ValueError when cookie max-age is not an integer (#2001) * Raise valueerror when cookie max-age is not an integer 2021-01-18 23:11:39 +00:00			`raise ValueError("Cookie max-age must be an integer")`
Enforce Datetime Type for Expires on Set-Cookie (#1484) * Enforce Datetime Type for Expires on Set-Cookie * Fix lint issues * Format code and improve error type * Fix import order 2019-02-06 18:29:33 +00:00			`elif key.lower() == "expires":`
			`if not isinstance(value, datetime):`
			`raise TypeError(`
			`"Cookie 'expires' property must be a datetime"`
			`)`
fix false cookie encoding and output 2017-10-06 06:20:36 +01:00			`return super().__setitem__(key, value)`
Lazy cookie creation 2016-10-25 09:27:54 +01:00
			`def encode(self, encoding):`
add documentation for cookies, exception, blueprint and handlers Signed-off-by: Harsha Narayana <harsha2k4@gmail.com> 2018-12-08 06:27:10 +00:00			`"""`
			`Encode the cookie content in a specific type of encoding instructed`
			by the developer. Leverages the :func:`str.encode` method provided
			`by python.`

			This method can be used to encode and embed ``utf-8`` content into
			`the cookies.`

			`:param encoding: Encoding to be used with the cookie`
			`:return: Cookie encoded in a codec of choosing.`
			`:except: UnicodeEncodeError`
			`"""`
HTTP1 header formatting moved to headers.format_headers and rewritten. (#1669) * HTTP1 header formatting moved to headers.format_headers and rewritten. - New implementation is one line of code and twice faster than the old one. - Whole header block encoded to UTF-8 in one pass. - No longer supports custom encode method on header values. - Cookie objects now have __str__ in addition to encode, to work with this. * Add an import missed in merge. 2019-12-23 23:30:45 +00:00			`return str(self).encode(encoding)`

			`def __str__(self):`
			`"""Format as a Set-Cookie header value."""`
run black against sanic module 2018-10-14 01:55:33 +01:00			`output = ["%s=%s" % (self.key, _quote(self.value))]`
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`for key, value in self.items():`
run black against sanic module 2018-10-14 01:55:33 +01:00			`if key == "max-age":`
isinstance -> try/except 2017-02-16 03:21:23 +00:00			`try:`
run black against sanic module 2018-10-14 01:55:33 +01:00			`output.append("%s=%d" % (self._keys[key], value))`
isinstance -> try/except 2017-02-16 03:21:23 +00:00			`except TypeError:`
run black against sanic module 2018-10-14 01:55:33 +01:00			`output.append("%s=%s" % (self._keys[key], value))`
			`elif key == "expires":`
Enforce Datetime Type for Expires on Set-Cookie (#1484) * Enforce Datetime Type for Expires on Set-Cookie * Fix lint issues * Format code and improve error type * Fix import order 2019-02-06 18:29:33 +00:00			`output.append(`
			`"%s=%s"`
			`% (self._keys[key], value.strftime("%a, %d-%b-%Y %T GMT"))`
			`)`
double if statement (#707) * Migrated `%` string formating * double if statement combined double 'if' to a single 'if' with 'and' * Revert "Fix "Prefer `format()` over string interpolation operator" issue" 2017-05-11 19:49:32 +01:00			`elif key in self._flags and self[key]:`
			`output.append(self._keys[key])`
Lazy cookie creation 2016-10-25 09:27:54 +01:00			`else:`
run black against sanic module 2018-10-14 01:55:33 +01:00			`output.append("%s=%s" % (self._keys[key], value))`
Lazy cookie creation 2016-10-25 09:27:54 +01:00
HTTP1 header formatting moved to headers.format_headers and rewritten. (#1669) * HTTP1 header formatting moved to headers.format_headers and rewritten. - New implementation is one line of code and twice faster than the old one. - Whole header block encoded to UTF-8 in one pass. - No longer supports custom encode method on header values. - Cookie objects now have __str__ in addition to encode, to work with this. * Add an import missed in merge. 2019-12-23 23:30:45 +00:00			`return "; ".join(output)`