-
Notifications
You must be signed in to change notification settings - Fork 8
Expand file tree
/
Copy pathserver.py
More file actions
518 lines (418 loc) · 19.5 KB
/
server.py
File metadata and controls
518 lines (418 loc) · 19.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
import os
import logging
from datetime import datetime, timezone
from random import Random
import requests
import base64
import json
from flask import Flask, render_template, request, jsonify
from flask_limiter import Limiter
from flask_limiter.util import get_remote_address
import boto3
from botocore.exceptions import ClientError
from dotenv import load_dotenv
load_dotenv()
class Config:
MAX_CONTENT_LENGTH = 40 * 1024 * 1024 # 40MB - this is the SES limit and is greated than the 20MB limit imposed in the dropzone/frontend to allow for PGP overhead
EMAIL_DOMAIN = "@ethereum.org"
DEFAULT_RECIPIENT_EMAIL = os.getenv('DEFAULT_RECIPIENT_EMAIL', 'kyc@ethereum.org')
NUMBER_OF_ATTACHMENTS = int(os.getenv('NUMBEROFATTACHMENTS', 10))
SECRET_KEY = os.getenv('SECRET_KEY', 'you-should-set-a-secret-key')
def validate_env_vars(required_vars):
"""
Validates that all required environment variables are set.
"""
missing_vars = [var for var in required_vars if var not in os.environ]
if missing_vars:
raise EnvironmentError(f"Missing required environment variables: {', '.join(missing_vars)}")
def sanitize_filename(filename):
"""
Sanitizes the filename to prevent directory traversal and other issues.
"""
return filename.replace("..", "").replace("/", "").replace("\\", "")
def parse_form(form):
"""
Parses the form data to extract the message, recipient, reference, and attachments.
"""
text = form['message']
recipient = form['recipient']
reference = form.get('reference', '')
all_attachments = []
for i in range(Config.NUMBER_OF_ATTACHMENTS):
attachment = form.get(f'attachment-{i}')
filename = form.get(f'filename-{i}', '').encode('ascii', 'ignore').decode() # remove non-ascii characters
if not attachment:
continue
sanitized_filename = sanitize_filename(filename)
all_attachments.append((sanitized_filename, attachment))
return text, recipient, reference, all_attachments
def valid_recipient(recipient):
"""
Checks if the recipient is valid.
"""
valid_recipients = ['legal', 'devcon', 'security']
return recipient in valid_recipients
def get_identifier(recipient, now=None, randint=None):
"""
Generates a unique identifier based on the recipient, current timestamp, and a random number.
"""
if now is None:
now = datetime.now()
if randint is None:
randint = Random().randint(1000, 9999)
return f'{recipient}:{now.strftime("%Y:%m:%d:%H:%M:%S")}:{randint}'
def create_email(to_email, identifier, text, all_attachments, reference=''):
"""
Creates an email message with attachments for AWS SES.
"""
from email.mime.multipart import MIMEMultipart
from email.mime.text import MIMEText
from email.mime.application import MIMEApplication
plain_text = text.replace('<br />', '\n')
subject = f'Secure Form Submission {identifier}'
if reference:
subject = f'{reference} {subject}'
# Create message container
msg = MIMEMultipart()
msg['Subject'] = subject
msg['From'] = FROMEMAIL
msg['To'] = to_email
# Add body to email
body = MIMEText(plain_text, 'plain')
msg.attach(body)
# Add attachments
for item in all_attachments:
filename = item['filename']
attachment_content = item['attachment']
# Create attachment
part = MIMEApplication(attachment_content.encode('utf-8'))
part.add_header(
'Content-Disposition',
'attachment',
filename=f'{filename}.pgp'
)
msg.attach(part)
return msg
def validate_turnstile(turnstile_response):
"""
Validates the Turnstile response using Cloudflare's API.
"""
secret_key = os.getenv('TURNSTILE_SECRET_KEY')
payload = {
'secret': secret_key,
'response': turnstile_response
}
response = requests.post('https://challenges.cloudflare.com/turnstile/v0/siteverify', data=payload)
result = response.json()
# Log the validation result
logging.info(f"Turnstile validation response: {result}")
if not result.get('success'):
error_codes = result.get('error-codes', [])
logging.error(f"Turnstile verification failed with error codes: {error_codes}")
raise ValueError('Turnstile verification failed.')
def send_email(message):
"""
Sends the email using AWS SES V2 and logs detailed information for debugging.
"""
try:
# Convert MIME message to bytes for SES V2
raw_message_data = message.as_string().encode('utf-8')
# Check message size before sending (AWS SES limit is 40MB)
message_size_mb = len(raw_message_data) / (1024 * 1024)
if message_size_mb > 40:
logging.error(f'Email message size ({message_size_mb:.2f} MB) exceeds AWS SES limit of 40MB')
raise ValueError(f'Error: Email message is too large ({message_size_mb:.2f} MB). AWS SES has a 40MB limit. Please reduce the size of attachments.')
logging.info(f'Sending email with size: {message_size_mb:.2f} MB')
# Send the email using SES V2
response = ses_client.send_email(
FromEmailAddress=message['From'],
Destination={
'ToAddresses': [message['To']]
},
Content={
'Raw': {
'Data': raw_message_data
}
}
)
# Log the response
message_id = response['MessageId']
logging.info('AWS SES V2 email sent successfully. MessageId: %s', message_id)
except ClientError as e:
error_code = e.response['Error']['Code']
error_message = e.response['Error']['Message']
logging.error('AWS SES V2 error: Code=%s, Message=%s', error_code, error_message)
# Provide user-friendly error messages
if error_code == '413' or error_code == 'RequestEntityTooLarge':
# Log the message size for debugging
message_size_mb = len(raw_message_data) / (1024 * 1024)
logging.error(f'Email message size: {message_size_mb:.2f} MB')
raise ValueError('Error: Email message is too large. AWS SES has a 40MB limit for raw messages. Please reduce the size of attachments.')
elif error_code == 'MessageRejected':
raise ValueError('Error: Email was rejected by AWS SES. Please check the email configuration.')
elif error_code == 'MailFromDomainNotVerified':
raise ValueError('Error: The sender email domain is not verified in AWS SES.')
elif error_code == 'ConfigurationSetDoesNotExist':
raise ValueError('Error: AWS SES configuration error.')
elif error_code == 'AccountSuspendedException':
raise ValueError('Error: AWS SES account is suspended.')
elif error_code == 'SendingPausedException':
raise ValueError('Error: AWS SES sending is paused for this account.')
else:
raise ValueError(f'Error: Failed to send email. {error_message}')
except Exception as e:
logging.error('Error sending email via AWS SES V2: %s', str(e))
raise
def get_forwarded_address():
# Check X-Forwarded-For header first
forwarded_for = request.headers.get('X-Forwarded-For')
if forwarded_for:
# Return the leftmost IP which is the original client IP
return forwarded_for.split(',')[0].strip()
# Fall back to X-Real-IP if available
real_ip = request.headers.get('X-Real-IP')
if real_ip:
return real_ip
# Otherwise use the default function
return get_remote_address()
def find_aog_item_by_grant_id(grant_id):
"""
Finds an AOG (Approval of Grants) item in Kissflow by Grant ID.
Uses the admin endpoint to get all items and searches through them.
Returns the item ID if found, None otherwise.
"""
try:
subdomain = os.getenv('KISSFLOW_SUBDOMAIN', 'ethereum')
access_key_id = os.getenv('KISSFLOW_ACCESS_KEY_ID')
access_key_secret = os.getenv('KISSFLOW_ACCESS_KEY_SECRET')
account_id = os.getenv('KISSFLOW_ACCOUNT_ID')
process_id = os.getenv('KISSFLOW_PROCESS_ID')
if not all([access_key_id, access_key_secret, account_id, process_id]):
logging.error("Missing Kissflow configuration")
return None
headers = {
'Accept': 'application/json',
'X-Access-Key-Id': access_key_id,
'X-Access-Key-Secret': access_key_secret
}
# Use admin endpoint to get all items
page_number = 1
page_size = 100 # Get 100 items per page
while True:
# Kissflow admin API endpoint to get all items
url = f"https://{subdomain}.kissflow.com/process/2/{account_id}/admin/{process_id}/item"
params = {
'page_number': page_number,
'page_size': page_size,
'apply_preference': False
}
response = requests.get(url, headers=headers, params=params)
if response.status_code != 200:
logging.error(f"Kissflow API error: {response.status_code} - {response.text}")
return None
data = response.json()
# The response structure contains table data with items
# Look for items in the response structure
items_found = []
# Check if there's a table structure in the response
for key, val in data.items():
if key != "Data":
continue
if isinstance(val, list):
for page_data in val:
if isinstance(page_data, dict) and '_created_by' in page_data:
items_found.append(page_data)
#print(items_found)
# Search through the items for matching Grant ID
for item in items_found:
# Check various possible field names for the Grant ID
grant_id_fields = ['Request_number', 'GrantId', 'Grant_ID', 'grant_id', 'PONumber']
for field in grant_id_fields:
if field in item and str(item[field]) == str(grant_id):
logging.info(f"Found AOG item with ID {item.get('_id')} for Grant ID {grant_id}")
return item.get('_id')
# If we found fewer items than page_size, we've reached the end
if len(items_found) < page_size:
break
page_number += 1
# Safety check to prevent infinite loops
if page_number > 100: # Max 10,000 items (100 pages * 100 items)
logging.warning("Reached maximum page limit while searching for Grant ID")
break
logging.warning(f"No AOG item found for Grant ID: {grant_id}")
return None
except Exception as e:
logging.error(f"Error finding AOG item: {str(e)}")
return None
def update_aog_kyc_comments(item_id, legal_identifier):
"""
Updates the KYC_Comments field in a Kissflow AOG item with the legal identifier.
Uses the admin PUT endpoint to update item details.
"""
try:
subdomain = os.getenv('KISSFLOW_SUBDOMAIN', 'ethereum')
access_key_id = os.getenv('KISSFLOW_ACCESS_KEY_ID')
access_key_secret = os.getenv('KISSFLOW_ACCESS_KEY_SECRET')
account_id = os.getenv('KISSFLOW_ACCOUNT_ID')
process_id = os.getenv('KISSFLOW_PROCESS_ID')
if not all([access_key_id, access_key_secret, account_id, process_id]):
logging.error("Missing Kissflow configuration")
return False
# First, get the current item details to preserve existing data
headers = {
'Accept': 'application/json',
'Content-Type': 'application/json',
'X-Access-Key-Id': access_key_id,
'X-Access-Key-Secret': access_key_secret
}
# Get current item details using admin endpoint
get_url = f"https://{subdomain}.kissflow.com/process/2/{account_id}/admin/{process_id}/{item_id}"
get_response = requests.get(get_url, headers=headers)
if get_response.status_code != 200:
logging.error(f"Failed to get current item details: {get_response.status_code} - {get_response.text}")
return False
current_item = get_response.json()
# Update the KYC_Comments field while preserving other fields
current_kyc = current_item.get('KYC_Comments', '')
now = datetime.now(timezone.utc)
day = now.day
if 11 <= day <= 13:
suffix = 'th'
else:
suffix = {1: 'st', 2: 'nd', 3: 'rd'}.get(day % 10, 'th')
timestamp = now.strftime(f'%a %b {day}{suffix} %Y %H:%M UTC')
entry = f"{legal_identifier} - {timestamp}"
if current_kyc != "":
current_item['KYC_Comments'] = current_kyc + "\n" + entry
else:
current_item['KYC_Comments'] = entry
# Remove all fields starting with '_' before sending to Kissflow
filtered_item = {k: v for k, v in current_item.items() if not k.startswith('_')}
# Use admin PUT endpoint to update the item
put_url = f"https://{subdomain}.kissflow.com/process/2/{account_id}/admin/{process_id}/{item_id}"
response = requests.put(put_url, headers=headers, json=filtered_item)
if response.status_code == 200:
logging.info(f"Successfully updated AOG item {item_id} with legal identifier {legal_identifier}")
return True
else:
logging.error(f"Kissflow API error: {response.status_code} - {response.text}")
except Exception as e:
logging.error(f"Error updating AOG item: {str(e)}")
return False
def send_identifier_to_kissflow(grant_id, legal_identifier):
"""
Sends the legal identifier to the Kissflow AOG item based on Grant ID.
"""
if not grant_id:
logging.warning("No Grant ID provided, skipping Kissflow update")
return False
# Find the AOG item by Grant ID
item_id = find_aog_item_by_grant_id(grant_id)
if not item_id:
logging.warning(f"No AOG item found for Grant ID: {grant_id}")
return False
# Update the KYC_Comments field
success = update_aog_kyc_comments(item_id, legal_identifier)
return success
# Validate required environment variables
required_env_vars = ['TURNSTILE_SITE_KEY', 'TURNSTILE_SECRET_KEY', 'AWS_ACCESS_KEY_ID', 'AWS_SECRET_ACCESS_KEY', 'AWS_REGION', 'SES_FROM_EMAIL']
validate_env_vars(required_env_vars)
TURNSTILE_SITE_KEY = os.environ['TURNSTILE_SITE_KEY']
TURNSTILE_SECRET_KEY = os.environ['TURNSTILE_SECRET_KEY']
AWS_ACCESS_KEY_ID = os.environ['AWS_ACCESS_KEY_ID']
AWS_SECRET_ACCESS_KEY = os.environ['AWS_SECRET_ACCESS_KEY']
AWS_REGION = os.environ['AWS_REGION']
FROMEMAIL = os.environ['SES_FROM_EMAIL']
# Initialize AWS SES V2 client
ses_client = boto3.client(
'sesv2',
region_name=AWS_REGION,
aws_access_key_id=AWS_ACCESS_KEY_ID,
aws_secret_access_key=AWS_SECRET_ACCESS_KEY
)
app = Flask(__name__)
app.config.from_object(Config)
# Initialize rate limiting
limiter = Limiter(get_forwarded_address, app=app, default_limits=["200 per day", "50 per hour"])
# Configure logging
log_file = os.environ.get('LOG_FILE', '')
if log_file:
logging.basicConfig(filename=log_file, level=logging.INFO)
else:
logging.basicConfig(level=logging.INFO)
# DEBUG: Print Config values on startup
logging.info("=== DEBUG: Config Values on Startup ===")
logging.info(f"MAX_CONTENT_LENGTH: {Config.MAX_CONTENT_LENGTH}")
logging.info(f"EMAIL_DOMAIN: {Config.EMAIL_DOMAIN}")
logging.info(f"DEFAULT_RECIPIENT_EMAIL: {Config.DEFAULT_RECIPIENT_EMAIL}")
logging.info(f"NUMBER_OF_ATTACHMENTS: {Config.NUMBER_OF_ATTACHMENTS}")
logging.info(f"SECRET_KEY: {'[SET]' if Config.SECRET_KEY != 'you-should-set-a-secret-key' else '[USING DEFAULT - PLEASE SET!]'}")
logging.info("=====================================")
@app.route('/health', methods=['GET'])
@limiter.exempt
def health():
return jsonify({'status': 'ok'}), 200
@app.route('/', methods=['GET'])
def index():
return render_template('index.html', notice='', hascaptcha=True, attachments_number=Config.NUMBER_OF_ATTACHMENTS, turnstile_sitekey=TURNSTILE_SITE_KEY)
@app.route('/submit-encrypted-data', methods=['POST'])
@limiter.limit("3 per minute")
def submit():
try:
# Parse JSON data from request
data = request.get_json()
# Validate Turnstile
turnstile_response = data.get('cf-turnstile-response', '')
if not turnstile_response:
logging.warning(f"Missing Turnstile response. Potential bypass attempt detected from IP: {request.remote_addr}")
return jsonify({'status': 'failure', 'message': 'Missing Turnstile token'}), 400
try:
validate_turnstile(turnstile_response)
except ValueError as e:
return jsonify({'status': 'failure', 'message': str(e)}), 400
message = data['message']
recipient = data['recipient']
reference = data.get('reference', '')
files = data['files']
if not valid_recipient(recipient):
raise ValueError('Error: Invalid recipient!')
date = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
message_length = len(message)
file_count = len(files)
to_email = Config.DEFAULT_RECIPIENT_EMAIL if recipient == 'legal' else recipient + Config.EMAIL_DOMAIN
identifier = get_identifier(recipient)
log_data = f"{date} - message to: {recipient}, identifier: {identifier}, length: {message_length}, file count: {file_count}"
if reference:
log_data += f", reference: {reference}"
logging.info(log_data)
message = create_email(to_email, identifier, message, files, reference)
send_email(message)
# If this is a legal submission with a Grant ID (reference), send to Kissflow
if recipient == 'legal' and reference:
kissflow_success = send_identifier_to_kissflow(reference, identifier)
if kissflow_success:
logging.info(f"Successfully sent identifier {identifier} to Kissflow for Grant ID {reference}")
else:
logging.warning(f"Failed to send identifier {identifier} to Kissflow for Grant ID {reference}")
# Note: We don't fail the submission if Kissflow update fails
# The email has already been sent successfully
notice = f'Thank you! The relevant team was notified of your submission. Please record the identifier and refer to it in correspondence: {identifier}'
return jsonify({'status': 'success', 'message': notice})
except Exception as e:
error_message = "An unexpected error occurred. Please try again later."
logging.error(f"Internal error: {str(e)}")
return jsonify({'status': 'failure', 'message': error_message})
@app.errorhandler(429)
def rate_limit_exceeded(e):
"""
Handles requests that exceed the rate limit.
"""
return jsonify({
'status': 'failure',
'message': 'Rate limit exceeded. You can only submit once per minute. Please try again later.'
}), 429
@app.errorhandler(413)
def error413(e):
return render_template('413.html'), 413
if __name__ == '__main__':
app.run()