Spaces:

kenken999
/

fastapi_django_main_live

Running on Zero

App Files Files Community

kenken999 commited on Jun 2, 2024

Commit

64db884

1 Parent(s): 2f6a509

ew

Browse files

Files changed (1) hide show

mysite/asgi.py +25 -8

mysite/asgi.py CHANGED Viewed

@@ -624,9 +624,9 @@ demo4 = gr.ChatInterface(
 logging.basicConfig(level=logging.INFO)
 logger = logging.getLogger(__name__)
-CHANNEL_ID = os.getenv('CHANNEL_ID')
-CHANNEL_SECRET = os.getenv('CHANNEL_SECRET')
-CHANNEL_ACCESS_TOKEN = os.getenv('CHANNEL_ACCESS_TOKEN')
 WEBHOOK_URL = os.getenv('WEBHOOK_URL')
 import requests
 import hmac
@@ -638,6 +638,16 @@ def validate_signature(body: str, signature: str, secret: str) -> bool:
     return hmac.compare_digest(expected_signature, signature)
 @app.post("/webhook")
 async def webhook(request: Request):
     try:
@@ -655,15 +665,24 @@ async def webhook(request: Request):
             raise HTTPException(status_code=400, detail="X-Line-Signature header is missing.")
         # 署名を検証
-        if not validate_signature(body.decode('utf-8'), line_signature, os.getenv('CHANNEL_SECRET')):
             raise HTTPException(status_code=400, detail="Invalid signature.")
         # 送信するヘッダーを設定
-        headers = {key: value for key, value in received_headers.items()}
-        headers['Authorization'] = f'Bearer {CHANNEL_ACCESS_TOKEN}'  # 認証トークンを追加
         # ログに転送先URLを記録
         logger.info('Forwarding to URL: %s', WEBHOOK_URL)
         # データを転送
         response = requests.post(WEBHOOK_URL, headers=headers, data=body)
@@ -680,8 +699,6 @@ async def webhook(request: Request):
         logger.error("Error: %s", str(e))
         raise HTTPException(status_code=500, detail=str(e))
 def do_something_to_file(file_path):
     # ファイルに対して実行する処理をここに記述
     with open(file_path, "r") as f:

 logging.basicConfig(level=logging.INFO)
 logger = logging.getLogger(__name__)
+CHANNEL_ID = os.getenv('ChannelID')
+CHANNEL_SECRET = os.getenv('ChannelSecret')
+CHANNEL_ACCESS_TOKEN = os.getenv('ChannelAccessToken')
 WEBHOOK_URL = os.getenv('WEBHOOK_URL')
 import requests
 import hmac
     return hmac.compare_digest(expected_signature, signature)
+def validate_signature(body: str, signature: str, secret: str) -> bool:
+    if secret is None:
+        logger.error("Secret is None")
+        return False
+    hash = hmac.new(secret.encode('utf-8'), body.encode('utf-8'), hashlib.sha256).digest()
+    expected_signature = base64.b64encode(hash).decode('utf-8')
+    return hmac.compare_digest(expected_signature, signature)
 @app.post("/webhook")
 async def webhook(request: Request):
     try:
             raise HTTPException(status_code=400, detail="X-Line-Signature header is missing.")
         # 署名を検証
+        if not validate_signature(body.decode('utf-8'), line_signature, CHANNEL_SECRET):
             raise HTTPException(status_code=400, detail="Invalid signature.")
+        # URLの検証
+        if not WEBHOOK_URL or not WEBHOOK_URL.startswith("https://"):
+            raise HTTPException(status_code=400, detail="Invalid webhook URL")
         # 送信するヘッダーを設定
+        headers = {
+            'Content-Type': 'application/json',
+            'X-Line-Signature': line_signature,
+            'Authorization': f'Bearer {CHANNEL_ACCESS_TOKEN}'
+        }
         # ログに転送先URLを記録
         logger.info('Forwarding to URL: %s', WEBHOOK_URL)
+        logger.info('Forwarding Headers: %s', headers)
+        logger.info('Forwarding Body: %s', body.decode('utf-8'))
         # データを転送
         response = requests.post(WEBHOOK_URL, headers=headers, data=body)
         logger.error("Error: %s", str(e))
         raise HTTPException(status_code=500, detail=str(e))
 def do_something_to_file(file_path):
     # ファイルに対して実行する処理をここに記述
     with open(file_path, "r") as f: