proxy.py

import http.client
import json
import ssl
import os.path as path

# BACKEND = 'api.proofpilot.com'
# CLIENT_ID = "2_1ljj1a1nw2hwsog4k4ww888w4w84s00wo0scs0wwggssogsow0"
# CLIENT_SECRET = "5p9a8g40kkw8oowcosg4o0skwc4wcg8okowc4g4c40sw48www4"
# FRONTEND = 'https://go.proofpilot.com'

BACKEND = 'api-staging.proofpilot.com'
FRONTEND = 'https://go-staging.proofpilot.com'
CLIENT_ID = "3_4outq5p1jywwsgo0s0c0s00osko08c8kgwgosks804cowkokgw"
CLIENT_SECRET = "29ay1drleckk0sw00w44scg00co0kkgswgokk084sc0ow80kg8"

ssl_context = ssl.SSLContext(protocol=ssl.PROTOCOL_TLSv1_2)

def _request(method, url, body, headers):
    conn = http.client.HTTPSConnection(BACKEND, context = ssl_context)
    print()
    print(method, url)
    print(body)
    print(headers)
    conn.request(method, url, body, headers=headers)
    return conn.getresponse()

def api_request(environ):
    method = environ['REQUEST_METHOD']
    url = environ['PATH_INFO'] + '?' + environ['QUERY_STRING']

    body = environ['wsgi.input'].read()
    body = replace_creds_in_body(body)
    headers = {}
    for k, v in environ.items():
        if k.startswith('HTTP_'):
            h = k[len('HTTP_'):]
            h = '-'.join(p.capitalize() for p in h.split('_'))
            headers[h] = v

    del headers['Host']
    if 'CONTENT_TYPE' in environ:
        headers['Content-Type'] = environ['CONTENT_TYPE']
    headers['Origin'] = FRONTEND
    headers['Referer'] = FRONTEND + '/'
    # headers['Content-Length'] = len(body)

    conn = http.client.HTTPSConnection(BACKEND, context = ssl_context)
    conn.debuglevel = 1
    return _request(method, url, body, headers)

def proxy(environ, start_response):
    url = environ['PATH_INFO']
    headers = {}
    headers['Access-Control-Allow-Origin'] = '*'
    headers['Content-Type'] = 'text/plain;charset=UTF-8'
    if(url[:4] in ('/api', '/oau')):
        resp = api_request(environ)
        data = resp.read()
        headers.update(resp.getheaders())
        headers['Access-Control-Allow-Origin'] = '*'
        start_response(
            "%s %s" % (resp.status, resp.reason),
            headers.items()
        )
        return iter([data])
    else:
        if '..' in url:
            start_response(
                "403 Access Denied",
                headers.items()
            )
            return iter(['Sorry, access denied'])
        if url == '/':
            url = '/index.html'
        fn = path.join("../Participant/dist/", url[1:])
        print(fn)
        set_header_by_file(fn, headers)
        try:
            with open(fn, 'rb') as f:
                start_response(
                    "200 OK",
                    headers.items()
                )
                return iter([f.read()])
        except FileNotFoundError:
            c = (fn + ' is not found').encode('utf-8')
            headers['Content-Length'] = str(len(c))
            start_response(
                "404 Not Found",
                headers.items()
            )
            return iter([c])


        pass


def replace_creds_in_body(body):
    try:
        j = json.loads(body.decode('utf-8'))
        if 'client_id' in j:
            j['client_id'] = CLIENT_ID
            j['client_secret'] = CLIENT_SECRET
            return json.dumps(j).replace('": "', '":"').replace('", "', '","').encode('ascii')
        return body
    except Exception as e: 
        return body

def set_header_by_file(fn, headers):
    t = 'plain'
    if fn.endswith('html'):
        t = 'html'
    if fn.endswith('js'):
        t = 'javascript'
    if fn.endswith('css'):
        t = 'css'
    headers['Content-Type'] = 'text/%s;charset=UTF-8' % t

runserver

sudo gunicorn -w 4 \
    --timeout=60 \
    --keyfile=server.key \
    --certfile=server.crt \
    -b localhost:443 proxy:proxy