Merge pull request #67 from golnazads/master

bibcode verification, needs &
adsabs · May 19, 2021 · af94cc0 · af94cc0
2 parents 2b7f65f + 454ec69
commit af94cc0
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 19 deletions.
diff --git a/config.py b/config.py
@@ -2,7 +2,7 @@
 LOGGING_LEVEL = 'DEBUG'
 
 # This the URL to resolver_service api
-GATEWAY_RESOLVER_SERVICE_URL = 'https://api.adsabs.harvard.edu/v1/resolver/%s'
+GATEWAY_RESOLVER_SERVICE_URL = 'https://dev.adsabs.harvard.edu/v1/resolver/%s'
 
 # This is a URL to adsws account info service
 GATEWAY_SERVICE_ACCOUNT_INFO_URL = ''
@@ -14,4 +14,6 @@
 REDIS_URL = "redis://localhost:6379/0"
 REDIS_NAME_PREFIX = "link_gateway_"
 # save to cache for a week
-REDIS_EXPIRATION_TIME = 604800
+REDIS_EXPIRATION_TIME = 604800
+
+GATEWAY_SERVICE_REFERRED_DOMAIN = 'adsabs.harvard.edu'
diff --git a/resolverway/tests/unittests/test_resolver_gateway.py b/resolverway/tests/unittests/test_resolver_gateway.py
@@ -25,7 +25,7 @@ def test_route(self):
         Tests for the existence of a /link_gateway route, and that it returns
         properly formatted JSON data when the URL is supplied
         """
-        r= self.client.get('/link_gateway/1987gady.book.....B/ABSTRACT/https://ui.adsabs.harvard.edu/#abs/1987gady.book.....B/ABSTRACT')
+        r= self.client.get('/link_gateway/1987gady.book.....B/ABSTRACT/https://ui.adsabs.harvard.edu/abs/1987gady.book.....B/ABSTRACT')
         self.assertEqual(r.status_code, 302)
 
     def test_route_error_invalid_url(self):
@@ -44,7 +44,7 @@ def test_single_link(self):
         """
         the_json = {"action": "redirect",
                     "link": "http://archive.stsci.edu/mastbibref.php?bibcode=2013MNRAS.435.1904M",
-                    "service": "https://ui.adsabs.harvard.edu/#abs/2013MNRAS.435.1904/ESOURCE"}
+                    "service": "https://ui.adsabs.harvard.edu/abs/2013MNRAS.435.1904/ESOURCE"}
         r = LinkRequest('1987gady.book.....B', 'ABSTRACT', '').process_resolver_response(the_json, True)
         self.assertEqual(r[1], 302)
 
@@ -72,13 +72,13 @@ def test_identification_link(self):
         """
         the_json = {"action": "redirect",
                     "link": "http://dx.doi.org/10.1088/2041-8205/713/2/L10",
-                    "service": "https://ui.adsabs.harvard.edu/#abs/2010ApJ...713L.103B/DOI:10.1088/2041-8205/713/2/L103"}
+                    "service": "https://ui.adsabs.harvard.edu/abs/2010ApJ...713L.103B/DOI:10.1088/2041-8205/713/2/L103"}
         r = LinkRequest('2010ApJ...713L.103B', 'DOI', '10.1088,2041-8205,713,2,L10').process_resolver_response(the_json, True)
         self.assertEqual(r[1], 302)
 
         the_json = {"action": "redirect",
                     "link": "http://arxiv.org/abs/1803.03598",
-                    "service": "https://ui.adsabs.harvard.edu/#abs/2018arXiv180303598K/ARXIV:1803.03598"}
+                    "service": "https://ui.adsabs.harvard.edu/abs/2018arXiv180303598K/ARXIV:1803.03598"}
         r = LinkRequest('2018arXiv180303598K', 'ARXIV', '1803.03598').process_resolver_response(the_json, False)
         self.assertEqual(r[1], 302)
 
@@ -89,7 +89,7 @@ def test_action_error(self):
         """
         the_json = {"action": "redirecterror",
                     "link": "http://archive.stsci.edu/mastbibref.php?bibcode=2013MNRAS.435.1904M",
-                    "service": "https://ui.adsabs.harvard.edu/#abs/2013MNRAS.435.1904/ESOURCE"}
+                    "service": "https://ui.adsabs.harvard.edu/abs/2013MNRAS.435.1904/ESOURCE"}
         r = LinkRequest('1987gady.book.....B', 'ABSTRACT', '').process_resolver_response(the_json, True)
         self.assertEqual(r[1], 400)
 
@@ -106,7 +106,7 @@ def test_with_header_info(self):
         :return:
         """
         header = {'Referer': 'https://www.google.com/'}
-        r = self.client.get('/link_gateway/1987gady.book.....B/ABSTRACT/https://ui.adsabs.harvard.edu/#abs/1987gady.book.....B/ABSTRACT', headers=header)
+        r = self.client.get('/link_gateway/1987gady.book.....B/ABSTRACT/https://ui.adsabs.harvard.edu/abs/1987gady.book.....B/ABSTRACT', headers=header)
         self.assertEqual(r.status_code, 302)
 
     def test_redis_available(self):
@@ -133,12 +133,12 @@ def test_redis_put_get(self):
 
         # verify that when the same session id is passed as cookie, the entry was fetched from redis
         self.client.set_cookie('/','session','key1')
-        r = self.client.get('/link_gateway/2018AAS...23130709A/ABSTRACT/https://ui.adsabs.harvard.edu/#abs/2018AAS...23130709A/ABSTRACT', headers={'x-real-ip': '0.0.0.0'})
+        r = self.client.get('/link_gateway/2018AAS...23130709A/ABSTRACT/https://ui.adsabs.harvard.edu/abs/2018AAS...23130709A/ABSTRACT', headers={'x-real-ip': '0.0.0.0'})
         self.assertEqual(r.headers['user_id'], 'ec43c30b9a81ed89765a2b8a04cac38925058eeacd5b5264389b1d4a7df2b28c')
 
         # verify that when no cookie is send, session_id is None
         self.client.cookie_jar.clear()
-        r = self.client.get('/link_gateway/2018AAS...23130709A/ABSTRACT/https://ui.adsabs.harvard.edu/#abs/2018AAS...23130709A/ABSTRACT')
+        r = self.client.get('/link_gateway/2018AAS...23130709A/ABSTRACT/https://ui.adsabs.harvard.edu/abs/2018AAS...23130709A/ABSTRACT')
         self.assertEqual(r.headers['user_id'], 'None')
 
     def test_redis_exception(self):
@@ -149,7 +149,7 @@ def test_redis_exception(self):
         self.current_app.extensions['redis']._redis_client.connection_pool.max_connections = 0
         self.current_app.extensions['redis']._redis_client.connection_pool.disconnect()
         header = {'cookie': 'session=key1', 'x-real-ip': '0.0.0.0'}
-        r = self.client.get('/link_gateway/2018AAS...23130709A/ABSTRACT/https://ui.adsabs.harvard.edu/#abs/2018AAS...23130709A/ABSTRACT', headers=header)
+        r = self.client.get('/link_gateway/2018AAS...23130709A/ABSTRACT/https://ui.adsabs.harvard.edu/abs/2018AAS...23130709A/ABSTRACT', headers=header)
         self.assertEqual(r.headers['user_id'], 'None')
 
     def test_adsws_call(self):
@@ -158,7 +158,7 @@ def test_adsws_call(self):
         :return:
         """
         # verify when None is send in for session, account is None
-        account = LinkRequest('2018AAS...23130709A', 'ABSTRACT', 'https://ui.adsabs.harvard.edu/#abs/2018AAS...23130709A/ABSTRACT').get_user_info_from_adsws(None)
+        account = LinkRequest('2018AAS...23130709A', 'ABSTRACT', 'https://ui.adsabs.harvard.edu/abs/2018AAS...23130709A/ABSTRACT').get_user_info_from_adsws(None)
         self.assertEqual(account, None)
 
         # verify when successfully user info is set, True is returned
@@ -168,7 +168,7 @@ def test_adsws_call(self):
             mock_response.json.return_value = {"source": "session:key1", "hashed_client_id": "013c1b1280353b3319133b9c528fb29ba998ae3b7af9b669166a786bc6796c9d", "anonymous": True, "hashed_user_id": "ec43c30b9a81ed89765a2b8a04cac38925058eeacd5b5264389b1d4a7df2b28c"}
             self.client.set_cookie('/', 'session', 'key1')
 
-            status = LinkRequest('2018AAS...23130709A', 'ABSTRACT', 'https://ui.adsabs.harvard.edu/#abs/2018AAS...23130709A/ABSTRACT').set_user_info(get_mock)
+            status = LinkRequest('2018AAS...23130709A', 'ABSTRACT', 'https://ui.adsabs.harvard.edu/abs/2018AAS...23130709A/ABSTRACT').set_user_info(get_mock)
             self.assertEqual(status, True)
 
         # verify when successfully user info is read, dict of user is returned
@@ -178,7 +178,7 @@ def test_adsws_call(self):
             mock_response.json.return_value = {"source": "session:key1", "hashed_client_id": "013c1b1280353b3319133b9c528fb29ba998ae3b7af9b669166a786bc6796c9d", "anonymous": True, "hashed_user_id": "ec43c30b9a81ed89765a2b8a04cac38925058eeacd5b5264389b1d4a7df2b28c"}
             self.client.set_cookie('/', 'session', 'client_id')
 
-            account = LinkRequest('2018AAS...23130709A', 'ABSTRACT', 'https://ui.adsabs.harvard.edu/#abs/2018AAS...23130709A/ABSTRACT').get_user_info_from_adsws('key1')
+            account = LinkRequest('2018AAS...23130709A', 'ABSTRACT', 'https://ui.adsabs.harvard.edu/abs/2018AAS...23130709A/ABSTRACT').get_user_info_from_adsws('key1')
             self.assertEqual(account['hashed_client_id'], "013c1b1280353b3319133b9c528fb29ba998ae3b7af9b669166a786bc6796c9d")
             self.assertEqual(account['hashed_user_id'], "ec43c30b9a81ed89765a2b8a04cac38925058eeacd5b5264389b1d4a7df2b28c")
 

diff --git a/resolverway/views.py b/resolverway/views.py
@@ -25,7 +25,7 @@ class LinkRequest(object):
     user_id = None
     referrer = None
 
-    re_ads_link = re.compile(r"^(/abs/[12][09]\d\d[A-Za-z\.]{5}[A-Za-z0-9\.]{9}[A-Z]/abstract)$")
+    re_ads_link = re.compile(r"^(/abs/[12][09]\d\d[A-Za-z&\.]{5}[A-Za-z0-9\.]{9}[A-Z]/abstract)$")
 
     def __init__(self, bibcode, link_type, url=None, id=None):
         self.bibcode = bibcode
@@ -174,15 +174,38 @@ def verify_link_type(self):
         response = self.get_request_to_service('check_link_type' + '/' + self.link_type)
         return response.status_code == 200
 
-    def verify_url(self):
+    def verify_url(self, referrer):
         """
 
+        :param referrer:
         :return:
         """
+        # if in-house link detected
+        match = self.re_ads_link.match(self.url)
+        if match:
+            return True
 
+        referred_ads = current_app.config['GATEWAY_SERVICE_REFERRED_DOMAIN']
         url = urllib.parse.urlparse(self.url)
-        match = self.re_ads_link.match(self.url)
-        return all([url.scheme, url.netloc]) or match
+        if all([url.scheme, url.netloc]):
+            try:
+                # if full url in-house link detected
+                if url.netloc.split('.',1)[-1] == referred_ads:
+                    return True
+            except:
+                try:
+                    # if a valid outside link, see if originated from ads
+                    referrer_url = urllib.parse.urlparse(referrer)
+                    if all([referrer_url.scheme, referrer_url.netloc]):
+                        if referrer_url.netloc.split('.',1)[-1] == referred_ads:
+                            return True
+                except:
+                    # TODO: check back with resolver servcie, make sure it is from there
+                    pass
+                pass
+
+        # for now do not redirect if outside link and did not originate from BBB
+        return False
 
     def process_request(self):
         """
@@ -210,7 +233,7 @@ def process_request(self):
                 # make sure link_type is valid
                 if self.verify_link_type():
                     # make sure we have a valid url to redirect to
-                    if self.verify_url():
+                    if self.verify_url(self.referrer):
                         current_app.logger.debug('received to redirect to %s' %(self.url))
                         if log_the_click:
                             log_request(self.bibcode, self.user_id, self.link_type, self.url, self.referrer, self.client_id, self.real_ip, self.user_agent)