From 9a87d9a6b0a50552201a16337aead9f6929f09b2 Mon Sep 17 00:00:00 2001 From: Paul V Craven Date: Fri, 25 Apr 2025 10:31:49 -0500 Subject: [PATCH 1/2] Import CSRFProtect from a better spot so prisma picks it up --- tests/testapp/application.py | 3 ++- tests/testapp/requirements.txt | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/tests/testapp/application.py b/tests/testapp/application.py index 116efc66..af5f5b33 100644 --- a/tests/testapp/application.py +++ b/tests/testapp/application.py @@ -17,7 +17,8 @@ from os import environ import user_profile_service -from flask import CSRFProtect, Flask, request +from flask import Flask, request +from flask_wtf.csrf import CSRFProtect from optimizely import logger, optimizely from optimizely.helpers import enums diff --git a/tests/testapp/requirements.txt b/tests/testapp/requirements.txt index 4b70123b..dae26c1f 100644 --- a/tests/testapp/requirements.txt +++ b/tests/testapp/requirements.txt @@ -1 +1,2 @@ -Flask==2.2.5 +Flask==3.1.0 +flask-wtf==1.2.2 \ No newline at end of file From d583262641aa4687d45005639d9a4f02b0e7c41e Mon Sep 17 00:00:00 2001 From: Paul V Craven Date: Fri, 2 May 2025 09:56:47 -0500 Subject: [PATCH 2/2] Update CSRF to include secret key --- tests/testapp/application.py | 416 +++++++++++++++++++++-------------- 1 file changed, 256 insertions(+), 160 deletions(-) diff --git a/tests/testapp/application.py b/tests/testapp/application.py index af5f5b33..eb9db267 100644 --- a/tests/testapp/application.py +++ b/tests/testapp/application.py @@ -23,11 +23,15 @@ from optimizely import logger, optimizely from optimizely.helpers import enums +# Create the flask app app = Flask(__name__) -# Initialize CSRF protection + +# Set up CSRF protection +app.config["SECRET_KEY"] = environ.get("CSRF_SECRET_KEY", "default_csrf_secret_key") csrf = CSRFProtect(app) -datafile = open('datafile.json', 'r') +# Read in the datafile +datafile = open("datafile.json", "r") datafile_content = datafile.read() datafile.close() @@ -37,7 +41,13 @@ def copy_func(f, name=None): - return types.FunctionType(f.func_code, f.func_globals, name or f.func_name, f.func_defaults, f.func_closure,) + return types.FunctionType( + f.func_code, + f.func_globals, + name or f.func_name, + f.func_defaults, + f.func_closure, + ) def on_activate(experiment, _user_id, _attributes, variation, event): @@ -45,10 +55,10 @@ def on_activate(experiment, _user_id, _attributes, variation, event): global listener_return_maps listener_return_map = { - 'experiment_key': experiment.key, - 'user_id': _user_id, - 'attributes': _attributes or {}, - 'variation_key': variation.key, + "experiment_key": experiment.key, + "user_id": _user_id, + "attributes": _attributes or {}, + "variation_key": variation.key, } if listener_return_maps is None: @@ -62,10 +72,10 @@ def on_track(_event_key, _user_id, _attributes, _event_tags, event): global listener_return_maps listener_return_map = { - 'event_key': _event_key, + "event_key": _event_key, "user_id": _user_id, - 'attributes': _attributes or {}, - 'event_tags': _event_tags or {}, + "attributes": _attributes or {}, + "event_tags": _event_tags or {}, } if listener_return_maps is None: listener_return_maps = [listener_return_map] @@ -82,14 +92,16 @@ def before_request(): optimizely_instance = None request.payload = request.get_json() - user_profile_service_instance = request.payload.get('user_profile_service') + user_profile_service_instance = request.payload.get("user_profile_service") if user_profile_service_instance: - ups_class = getattr(user_profile_service, request.payload.get('user_profile_service')) - user_profile_service_instance = ups_class(request.payload.get('user_profiles')) + ups_class = getattr( + user_profile_service, request.payload.get("user_profile_service") + ) + user_profile_service_instance = ups_class(request.payload.get("user_profiles")) - with_listener = request.payload.get('with_listener') + with_listener = request.payload.get("with_listener") - log_level = environ.get('OPTIMIZELY_SDK_LOG_LEVEL', 'DEBUG') + log_level = environ.get("OPTIMIZELY_SDK_LOG_LEVEL", "DEBUG") min_level = getattr(logging, log_level) optimizely_instance = optimizely.Optimizely( datafile_content, @@ -99,16 +111,16 @@ def before_request(): if with_listener is not None: for listener_add in with_listener: - if listener_add['type'] == 'Activate': - count = int(listener_add['count']) + if listener_add["type"] == "Activate": + count = int(listener_add["count"]) for i in range(count): # make a value copy so that we can add multiple callbacks. a_cb = copy_func(on_activate) optimizely_instance.notification_center.add_notification_listener( enums.NotificationTypes.ACTIVATE, a_cb ) - if listener_add['type'] == 'Track': - count = int(listener_add['count']) + if listener_add["type"] == "Track": + count = int(listener_add["count"]) for i in range(count): # make a value copy so that we can add multiple callbacks. t_cb = copy_func(on_track) @@ -127,228 +139,296 @@ def after_request(response): return response -@app.route('/activate', methods=['POST']) +@app.route("/activate", methods=["POST"]) def activate(): payload = request.get_json() - experiment_key = payload.get('experiment_key') - user_id = payload.get('user_id') - attributes = payload.get('attributes') + experiment_key = payload.get("experiment_key") + user_id = payload.get("user_id") + attributes = payload.get("attributes") - variation = optimizely_instance.activate(experiment_key, user_id, attributes=attributes) - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else [] + variation = optimizely_instance.activate( + experiment_key, user_id, attributes=attributes + ) + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else [] + ) payload = { - 'result': variation, - 'user_profiles': user_profiles, - 'listener_called': listener_return_maps, + "result": variation, + "user_profiles": user_profiles, + "listener_called": listener_return_maps, } - return json.dumps(payload), 200, {'content-type': 'application/json'} + return json.dumps(payload), 200, {"content-type": "application/json"} -@app.route('/get_variation', methods=['POST']) +@app.route("/get_variation", methods=["POST"]) def get_variation(): payload = request.get_json() - experiment_key = payload.get('experiment_key') - user_id = payload.get('user_id') - attributes = payload.get('attributes') - variation = optimizely_instance.get_variation(experiment_key, user_id, attributes=attributes) - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else [] + experiment_key = payload.get("experiment_key") + user_id = payload.get("user_id") + attributes = payload.get("attributes") + variation = optimizely_instance.get_variation( + experiment_key, user_id, attributes=attributes + ) + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else [] + ) return ( - json.dumps({'result': variation, 'user_profiles': user_profiles}), + json.dumps({"result": variation, "user_profiles": user_profiles}), 200, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) -@app.route('/track', methods=['POST']) +@app.route("/track", methods=["POST"]) def track(): payload = request.get_json() - event_key = payload.get('event_key') - user_id = payload.get('user_id') - attributes = payload.get('attributes') - event_tags = payload.get('event_tags') + event_key = payload.get("event_key") + user_id = payload.get("user_id") + attributes = payload.get("attributes") + event_tags = payload.get("event_tags") result = optimizely_instance.track(event_key, user_id, attributes, event_tags) - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else [] + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else [] + ) payload = { - 'result': result, - 'user_profiles': user_profiles, - 'listener_called': listener_return_maps, + "result": result, + "user_profiles": user_profiles, + "listener_called": listener_return_maps, } - return json.dumps(payload), 200, {'content-type': 'application/json'} + return json.dumps(payload), 200, {"content-type": "application/json"} -@app.route('/is_feature_enabled', methods=['POST']) +@app.route("/is_feature_enabled", methods=["POST"]) def is_feature_enabled(): payload = request.get_json() - feature_flag_key = payload.get('feature_flag_key') - user_id = payload.get('user_id') - attributes = payload.get('attributes') + feature_flag_key = payload.get("feature_flag_key") + user_id = payload.get("user_id") + attributes = payload.get("attributes") - feature_enabled = optimizely_instance.is_feature_enabled(feature_flag_key, user_id, attributes) - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else {} + feature_enabled = optimizely_instance.is_feature_enabled( + feature_flag_key, user_id, attributes + ) + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else {} + ) - result = feature_enabled if feature_enabled is None else 'true' if feature_enabled is True else 'false' + result = ( + feature_enabled + if feature_enabled is None + else "true" if feature_enabled is True else "false" + ) return ( - json.dumps({'result': result, 'user_profiles': user_profiles}), + json.dumps({"result": result, "user_profiles": user_profiles}), 200, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) -@app.route('/get_enabled_features', methods=['POST']) +@app.route("/get_enabled_features", methods=["POST"]) def get_enabled_features(): payload = request.get_json() - user_id = payload.get('user_id') - attributes = payload.get('attributes') + user_id = payload.get("user_id") + attributes = payload.get("attributes") enabled_features = optimizely_instance.get_enabled_features(user_id, attributes) - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else {} + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else {} + ) payload = { - 'result': enabled_features, - 'user_profiles': user_profiles, - 'listener_called': listener_return_maps, + "result": enabled_features, + "user_profiles": user_profiles, + "listener_called": listener_return_maps, } - return json.dumps(payload), 200, {'content-type': 'application/json'} + return json.dumps(payload), 200, {"content-type": "application/json"} -@app.route('/get_feature_variable_boolean', methods=['POST']) +@app.route("/get_feature_variable_boolean", methods=["POST"]) def get_feature_variable_boolean(): payload = request.get_json() - feature_flag_key = payload.get('feature_flag_key') - variable_key = payload.get('variable_key') - user_id = payload.get('user_id') - attributes = payload.get('attributes') + feature_flag_key = payload.get("feature_flag_key") + variable_key = payload.get("variable_key") + user_id = payload.get("user_id") + attributes = payload.get("attributes") boolean_value = optimizely_instance.get_feature_variable_boolean( feature_flag_key, variable_key, user_id, attributes ) - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else {} + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else {} + ) return ( - json.dumps({'result': boolean_value, 'user_profiles': user_profiles}), + json.dumps({"result": boolean_value, "user_profiles": user_profiles}), 200, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) -@app.route('/get_feature_variable_double', methods=['POST']) +@app.route("/get_feature_variable_double", methods=["POST"]) def get_feature_variable_double(): payload = request.get_json() - feature_flag_key = payload.get('feature_flag_key') - variable_key = payload.get('variable_key') - user_id = payload.get('user_id') - attributes = payload.get('attributes') + feature_flag_key = payload.get("feature_flag_key") + variable_key = payload.get("variable_key") + user_id = payload.get("user_id") + attributes = payload.get("attributes") - double_value = optimizely_instance.get_feature_variable_double(feature_flag_key, variable_key, user_id, attributes) + double_value = optimizely_instance.get_feature_variable_double( + feature_flag_key, variable_key, user_id, attributes + ) - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else {} + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else {} + ) return ( - json.dumps({'result': double_value, 'user_profiles': user_profiles}), + json.dumps({"result": double_value, "user_profiles": user_profiles}), 200, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) -@app.route('/get_feature_variable_integer', methods=['POST']) +@app.route("/get_feature_variable_integer", methods=["POST"]) def get_feature_variable_integer(): payload = request.get_json() - feature_flag_key = payload.get('feature_flag_key') - variable_key = payload.get('variable_key') - user_id = payload.get('user_id') - attributes = payload.get('attributes') + feature_flag_key = payload.get("feature_flag_key") + variable_key = payload.get("variable_key") + user_id = payload.get("user_id") + attributes = payload.get("attributes") integer_value = optimizely_instance.get_feature_variable_integer( feature_flag_key, variable_key, user_id, attributes ) - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else {} + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else {} + ) return ( - json.dumps({'result': integer_value, 'user_profiles': user_profiles}), + json.dumps({"result": integer_value, "user_profiles": user_profiles}), 200, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) -@app.route('/get_feature_variable_string', methods=['POST']) +@app.route("/get_feature_variable_string", methods=["POST"]) def get_feature_variable_string(): payload = request.get_json() - feature_flag_key = payload.get('feature_flag_key') - variable_key = payload.get('variable_key') - user_id = payload.get('user_id') - attributes = payload.get('attributes') + feature_flag_key = payload.get("feature_flag_key") + variable_key = payload.get("variable_key") + user_id = payload.get("user_id") + attributes = payload.get("attributes") - string_value = optimizely_instance.get_feature_variable_string(feature_flag_key, variable_key, user_id, attributes) + string_value = optimizely_instance.get_feature_variable_string( + feature_flag_key, variable_key, user_id, attributes + ) - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else {} + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else {} + ) return ( - json.dumps({'result': string_value, 'user_profiles': user_profiles}), + json.dumps({"result": string_value, "user_profiles": user_profiles}), 200, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) -@app.route('/forced_variation', methods=['POST']) +@app.route("/forced_variation", methods=["POST"]) def forced_variation(): payload = request.get_json() - user_id = payload.get('user_id') - experiment_key = payload.get('experiment_key') - forced_variation_key = payload.get('forced_variation_key') - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else [] - result = optimizely_instance.set_forced_variation(experiment_key, user_id, forced_variation_key) + user_id = payload.get("user_id") + experiment_key = payload.get("experiment_key") + forced_variation_key = payload.get("forced_variation_key") + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else [] + ) + result = optimizely_instance.set_forced_variation( + experiment_key, user_id, forced_variation_key + ) if result is False: return ( - json.dumps({'result': None, 'user_profiles': user_profiles}), + json.dumps({"result": None, "user_profiles": user_profiles}), 400, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) variation = optimizely_instance.get_forced_variation(experiment_key, user_id) return ( - json.dumps({'result': variation, 'user_profiles': user_profiles}), + json.dumps({"result": variation, "user_profiles": user_profiles}), 200, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) -@app.route('/forced_variation_multiple_sets', methods=['POST']) +@app.route("/forced_variation_multiple_sets", methods=["POST"]) def forced_variation_multiple_sets(): payload = request.get_json() - user_id_1 = payload.get('user_id_1') - user_id_2 = payload.get('user_id_2') - experiment_key_1 = payload.get('experiment_key_1') - experiment_key_2 = payload.get('experiment_key_2') - forced_variation_key_1 = payload.get('forced_variation_key_1') - forced_variation_key_2 = payload.get('forced_variation_key_2') - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else [] - result = optimizely_instance.set_forced_variation(experiment_key_1, user_id_1, forced_variation_key_1) + user_id_1 = payload.get("user_id_1") + user_id_2 = payload.get("user_id_2") + experiment_key_1 = payload.get("experiment_key_1") + experiment_key_2 = payload.get("experiment_key_2") + forced_variation_key_1 = payload.get("forced_variation_key_1") + forced_variation_key_2 = payload.get("forced_variation_key_2") + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else [] + ) + result = optimizely_instance.set_forced_variation( + experiment_key_1, user_id_1, forced_variation_key_1 + ) if result is False: return ( - json.dumps({'result': None, 'user_profiles': user_profiles}), + json.dumps({"result": None, "user_profiles": user_profiles}), 400, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) - result = optimizely_instance.set_forced_variation(experiment_key_2, user_id_1, forced_variation_key_2) + result = optimizely_instance.set_forced_variation( + experiment_key_2, user_id_1, forced_variation_key_2 + ) if result is False: return ( - json.dumps({'result': None, 'user_profiles': user_profiles}), + json.dumps({"result": None, "user_profiles": user_profiles}), 400, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) - result = optimizely_instance.set_forced_variation(experiment_key_1, user_id_2, forced_variation_key_1) + result = optimizely_instance.set_forced_variation( + experiment_key_1, user_id_2, forced_variation_key_1 + ) if result is False: return ( - json.dumps({'result': None, 'user_profiles': user_profiles}), + json.dumps({"result": None, "user_profiles": user_profiles}), 400, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) - result = optimizely_instance.set_forced_variation(experiment_key_2, user_id_2, forced_variation_key_2) + result = optimizely_instance.set_forced_variation( + experiment_key_2, user_id_2, forced_variation_key_2 + ) if result is False: return ( - json.dumps({'result': None, 'user_profiles': user_profiles}), + json.dumps({"result": None, "user_profiles": user_profiles}), 400, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) variation_1 = optimizely_instance.get_forced_variation(experiment_key_1, user_id_1) variation_2 = optimizely_instance.get_forced_variation(experiment_key_2, user_id_1) @@ -357,63 +437,79 @@ def forced_variation_multiple_sets(): return ( json.dumps( { - 'result_1': variation_1, - 'result_2': variation_2, - 'result_3': variation_3, - 'result_4': variation_4, - 'user_profiles': user_profiles, + "result_1": variation_1, + "result_2": variation_2, + "result_3": variation_3, + "result_4": variation_4, + "user_profiles": user_profiles, } ), 200, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) -@app.route('/forced_variation_get_variation', methods=['POST']) +@app.route("/forced_variation_get_variation", methods=["POST"]) def forced_variation_get_variation(): payload = request.get_json() - user_id = payload.get('user_id') - attributes = payload.get('attributes') - experiment_key = payload.get('experiment_key') - forced_variation_key = payload.get('forced_variation_key') - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else [] - result = optimizely_instance.set_forced_variation(experiment_key, user_id, forced_variation_key) + user_id = payload.get("user_id") + attributes = payload.get("attributes") + experiment_key = payload.get("experiment_key") + forced_variation_key = payload.get("forced_variation_key") + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else [] + ) + result = optimizely_instance.set_forced_variation( + experiment_key, user_id, forced_variation_key + ) if result is False: return ( - json.dumps({'result': None, 'user_profiles': user_profiles}), + json.dumps({"result": None, "user_profiles": user_profiles}), 400, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) - variation = optimizely_instance.get_variation(experiment_key, user_id, attributes=attributes) + variation = optimizely_instance.get_variation( + experiment_key, user_id, attributes=attributes + ) return ( - json.dumps({'result': variation, 'user_profiles': user_profiles}), + json.dumps({"result": variation, "user_profiles": user_profiles}), 200, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) -@app.route('/forced_variation_activate', methods=['POST']) +@app.route("/forced_variation_activate", methods=["POST"]) def forced_variation_activate(): payload = request.get_json() - user_id = payload.get('user_id') - attributes = payload.get('attributes') - experiment_key = payload.get('experiment_key') - forced_variation_key = payload.get('forced_variation_key') - user_profiles = user_profile_service_instance.user_profiles.values() if user_profile_service_instance else [] - result = optimizely_instance.set_forced_variation(experiment_key, user_id, forced_variation_key) + user_id = payload.get("user_id") + attributes = payload.get("attributes") + experiment_key = payload.get("experiment_key") + forced_variation_key = payload.get("forced_variation_key") + user_profiles = ( + user_profile_service_instance.user_profiles.values() + if user_profile_service_instance + else [] + ) + result = optimizely_instance.set_forced_variation( + experiment_key, user_id, forced_variation_key + ) if result is False: return ( - json.dumps({'result': None, 'user_profiles': user_profiles}), + json.dumps({"result": None, "user_profiles": user_profiles}), 400, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) - variation = optimizely_instance.activate(experiment_key, user_id, attributes=attributes) + variation = optimizely_instance.activate( + experiment_key, user_id, attributes=attributes + ) return ( - json.dumps({'result': variation, 'user_profiles': user_profiles}), + json.dumps({"result": variation, "user_profiles": user_profiles}), 200, - {'content-type': 'application/json'}, + {"content-type": "application/json"}, ) -if __name__ == '__main__': - app.run(host='0.0.0.0', port=3000) +if __name__ == "__main__": + app.run(host="0.0.0.0", port=3000) pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy