mirror of
https://github.com/langgenius/dify.git
synced 2026-02-13 07:01:23 -05:00
c56d650e83
Implement phase 1 of the file module migration by moving workflow-facing file primitives to core.workflow.file while keeping core.file as a temporary compatibility layer. What this commit changes - Add core.workflow.file package (constants/enums/models/helpers/file_manager/tool_file_parser). - Add protocol-based runtime binding in core.workflow.file.runtime and core.workflow.file.protocols. - Add application adapter core.app.workflow.file_runtime and bind runtime in extensions.ext_storage.init_app. - Bind runtime in tests via tests/conftest.py. - Migrate workflow-only imports from core.file.* to core.workflow.file.* across workflow runtime/nodes/entry/encoder and workflow node factory. - Update workflow unit tests to patch/import the new workflow file namespace. - Remove workflow-external-imports ignore_imports entries related to core.file from .importlinter. Compatibility guarantee for phase split - Keep core.file import path available in this phase by replacing core/file/*.py with forwarding bridge modules that re-export core.workflow.file symbols. - Preserve runtime behavior and isinstance(File) identity consistency while non-workflow modules are still on legacy import paths. Notes - This commit intentionally does not remove core.file. Full repository replacement and bridge removal are handled in phase 2.
93 lines
3.9 KiB
Python
93 lines
3.9 KiB
Python
from __future__ import annotations
|
|
|
|
import base64
|
|
import hashlib
|
|
import hmac
|
|
import os
|
|
import time
|
|
import urllib.parse
|
|
|
|
from .runtime import get_workflow_file_runtime
|
|
|
|
|
|
def get_signed_file_url(upload_file_id: str, as_attachment: bool = False, for_external: bool = True) -> str:
|
|
runtime = get_workflow_file_runtime()
|
|
base_url = runtime.files_url if for_external else (runtime.internal_files_url or runtime.files_url)
|
|
url = f"{base_url}/files/{upload_file_id}/file-preview"
|
|
|
|
timestamp = str(int(time.time()))
|
|
nonce = os.urandom(16).hex()
|
|
key = runtime.secret_key.encode()
|
|
msg = f"file-preview|{upload_file_id}|{timestamp}|{nonce}"
|
|
sign = hmac.new(key, msg.encode(), hashlib.sha256).digest()
|
|
encoded_sign = base64.urlsafe_b64encode(sign).decode()
|
|
query: dict[str, str] = {"timestamp": timestamp, "nonce": nonce, "sign": encoded_sign}
|
|
if as_attachment:
|
|
query["as_attachment"] = "true"
|
|
query_string = urllib.parse.urlencode(query)
|
|
|
|
return f"{url}?{query_string}"
|
|
|
|
|
|
def get_signed_file_url_for_plugin(filename: str, mimetype: str, tenant_id: str, user_id: str) -> str:
|
|
runtime = get_workflow_file_runtime()
|
|
# Plugin access should use internal URL for Docker network communication.
|
|
base_url = runtime.internal_files_url or runtime.files_url
|
|
url = f"{base_url}/files/upload/for-plugin"
|
|
timestamp = str(int(time.time()))
|
|
nonce = os.urandom(16).hex()
|
|
key = runtime.secret_key.encode()
|
|
msg = f"upload|{filename}|{mimetype}|{tenant_id}|{user_id}|{timestamp}|{nonce}"
|
|
sign = hmac.new(key, msg.encode(), hashlib.sha256).digest()
|
|
encoded_sign = base64.urlsafe_b64encode(sign).decode()
|
|
return f"{url}?timestamp={timestamp}&nonce={nonce}&sign={encoded_sign}&user_id={user_id}&tenant_id={tenant_id}"
|
|
|
|
|
|
def get_signed_tool_file_url(tool_file_id: str, extension: str, for_external: bool = True) -> str:
|
|
runtime = get_workflow_file_runtime()
|
|
return runtime.sign_tool_file(tool_file_id=tool_file_id, extension=extension, for_external=for_external)
|
|
|
|
|
|
def verify_plugin_file_signature(
|
|
*, filename: str, mimetype: str, tenant_id: str, user_id: str, timestamp: str, nonce: str, sign: str
|
|
) -> bool:
|
|
runtime = get_workflow_file_runtime()
|
|
data_to_sign = f"upload|{filename}|{mimetype}|{tenant_id}|{user_id}|{timestamp}|{nonce}"
|
|
secret_key = runtime.secret_key.encode()
|
|
recalculated_sign = hmac.new(secret_key, data_to_sign.encode(), hashlib.sha256).digest()
|
|
recalculated_encoded_sign = base64.urlsafe_b64encode(recalculated_sign).decode()
|
|
|
|
if sign != recalculated_encoded_sign:
|
|
return False
|
|
|
|
current_time = int(time.time())
|
|
return current_time - int(timestamp) <= runtime.files_access_timeout
|
|
|
|
|
|
def verify_image_signature(*, upload_file_id: str, timestamp: str, nonce: str, sign: str) -> bool:
|
|
runtime = get_workflow_file_runtime()
|
|
data_to_sign = f"image-preview|{upload_file_id}|{timestamp}|{nonce}"
|
|
secret_key = runtime.secret_key.encode()
|
|
recalculated_sign = hmac.new(secret_key, data_to_sign.encode(), hashlib.sha256).digest()
|
|
recalculated_encoded_sign = base64.urlsafe_b64encode(recalculated_sign).decode()
|
|
|
|
if sign != recalculated_encoded_sign:
|
|
return False
|
|
|
|
current_time = int(time.time())
|
|
return current_time - int(timestamp) <= runtime.files_access_timeout
|
|
|
|
|
|
def verify_file_signature(*, upload_file_id: str, timestamp: str, nonce: str, sign: str) -> bool:
|
|
runtime = get_workflow_file_runtime()
|
|
data_to_sign = f"file-preview|{upload_file_id}|{timestamp}|{nonce}"
|
|
secret_key = runtime.secret_key.encode()
|
|
recalculated_sign = hmac.new(secret_key, data_to_sign.encode(), hashlib.sha256).digest()
|
|
recalculated_encoded_sign = base64.urlsafe_b64encode(recalculated_sign).decode()
|
|
|
|
if sign != recalculated_encoded_sign:
|
|
return False
|
|
|
|
current_time = int(time.time())
|
|
return current_time - int(timestamp) <= runtime.files_access_timeout
|