Add JavaShark-Papa Hash Support

src/aidgaf/aidgaf-server/hash_calculator.py

@@ -0,0 +1,6 @@
+import hashlib
+
+def calculate_hash(value:bytes, secret:bytes)->str:
+    m = hashlib.sha512()
+    m.update(b"".join([value,secret]))
+    return m.hexdigest()

src/aidgaf/aidgaf-server/idgaf.py

@@ -1,26 +1,28 @@
 import json
+import re
 import requests
 from http.server import BaseHTTPRequestHandler, HTTPServer
-import time
+from time import time
 from datetime import datetime
 import openai
 import random
 import settings
+import hash_calculator
 
 openai.organization = "org-hNNV1yHjZp7T3pn5pdZWaKLm"
 # print(openai.Model.list())
 
 
-
 URL = "https://api.openai.com/v1/completions"
 
-DATA = {"model": "text-davinci-003",
+DATA = {"model": settings.OPEN_AI_COMPLETION_MODEL,
         "prompt": settings.PROMPTS[0],
-    "temperature":1,
-    "max_tokens": 200
+        "temperature": 0.90,
+        "max_tokens": settings.OPEN_AI_MAX_TOKENS
         }
 
-request_headers={"Authorization": "Bearer "+settings.APIKEY,"Content-Type": "application/json"}
+request_headers = {"Authorization": "Bearer " +
+                   settings.APIKEY, "Content-Type": "application/json"}
 
 
 class IDGAFServer(BaseHTTPRequestHandler):
@@ -28,15 +30,24 @@ class IDGAFServer(BaseHTTPRequestHandler):
     def do_PATCH(self):
         #        print("Request: "+self.request+ " "+webServer.get_request())
         request_body = self.rfile.read(int(self.headers.get('Content-Length')))
+        str_request=str(request_body,'utf-8')
+        print(request_body)
+        if settings.HASHKEY is not None and get_message_hash(str_request) not in str_request:
+            print("Error: hash not match")
+            self.send_response(403)
+            return
+        if settings.HASHKEY is not None and not verify_message_time(str_request):
+            print("Error: timestamp expired")
+            self.send_response(403)
+            return
         command = json.loads(request_body)
         print(command)
         if command['message']['command'] == 'aidgaf':
             [responseCode, response_body] = parse_idgaf_request(command)
+
             self.handle_response(responseCode, response_body)
             print("sending:"+response_body)
 
-
-
     def handle_response(self, code, body):
         self.send_response(code)
         self.send_header("Content-type", "text/html")
@@ -60,12 +71,15 @@ def parse_idgaf_request(command):
     print(gpt_response)
     response_text = gpt_response.json()['choices'][0]['text'].strip()
     obj = get_response_base_object(response_text)
+    obj['hash']=get_message_hash(json.dumps(obj))
     json_result = json.dumps(obj)
     return [gpt_response.status_code, json_result]
 
+
 def get_prompt(command):
     my_prompt = random.choice(settings.PROMPTS)
-    my_prompt=my_prompt.replace("USERNAME",command['message']['data']['username'])
+    my_prompt = my_prompt.replace(
+        "USERNAME", command['message']['data']['username'])
 
     print("Prompt selected: "+my_prompt)
     the_data = DATA
@@ -73,9 +87,39 @@ def get_prompt(command):
     return the_data
 
 
-value='{"service": "papa", "message": {"command": "aidgaf", "data": {"username": "AdamOutler"}, "timestamp": 1675373229}, "hash": "de08e85b8afc3b7d257fa559fd1dd295838ea1387f1e0fa75ceb11d9da81e59fadfc878d028281dfb739002bae818b89a8363e49d68e923874c969716a90f8e3"}'
+
+
+def get_message_hash(json_command) -> bytes:
+    """Get the object named "message", and run a hash over it.  """
+    strip1 = re.sub('.*\"message\":', "", json_command, 1)
+    strip2 = re.sub(',\"hash\":.*', '', strip1)
+    json_value = bytes(strip2, "utf-8")
+    hash_value = hash_calculator.calculate_hash(json_value, settings.HASHKEY)
+    return hash_value
+
+
+def verify_message_time(json_command) -> bool:
+    """Check message expiration is less than current time + time in settings.
+        Before we accept the JSON as valid, and parse it, we must check the timestamp.
+        The timestamp is a Linux Timestamp. So convert it, add maximum message age, and
+        then verify current time is less than expiration time.
+    """
+    strip_json = re.sub('.*\"timestamp\":', "", json_command, 1)
+    expiration = int(re.sub('}.*', '', strip_json))+settings.MAX_MESSAGE_AGE
+    current_time = int(time())
+    return  not current_time > expiration
+
+
+value = '{"service":"papa","message":{"command":"aidgaf","data":{"username":"AdamOutler"},"timestamp":1675725191},"hash":"1bc73914478835d03f9ebdfb46328321d2bb656647e2876d6f162cc1860607fcfca8d825c48e390a6a254ee0835c8a4fe5f9a25795a3a0880ae5a23e9c132cf2"}'
 if __name__ == "__main__":
-    print(parse_idgaf_request(command=json.loads(value)))
+
+    if get_message_hash(value) not in value:
+        print("Error: hash not match")
+    if not verify_message_time(value):
+        print("Error: timestamp expired")
+    command = json.loads(value)
+    [code, result] = parse_idgaf_request(command)
+    print(result)
 
 
 # curl https://api.openai.com/v1/completions \

src/aidgaf/aidgaf-server/settings.py

@@ -8,8 +8,11 @@ APIKEY:str = os.getenv('APIKEY') #secret key from OpenAPI website
 if APIKEY is None: 
     raise Exception("APIKEY Environmental Variable must be set") 
 #The hash key
-HASHKEY:str = os.getenv('HASHKEY') #shared secret for hmac of message
+HASHKEY:str = bytes(os.getenv('HASHKEY'),'utf-8') #shared secret for hmac of message
 #The prompts used for OpenAI. 
 PROMPTS=["Say \"USERNAME does not give a fuck\" in a thoughtful and clever paragraph of 5 sentences.",
         "Say \"USERNAME does not give a fuck\" in a Dr Suess poem.",
         "Tell me all about how much \"USERNAME does not give a fuck\" using your most colorful words."]
+OPEN_AI_MAX_TOKENS=500
+OPEN_AI_COMPLETION_MODEL="text-davinci-003"
+MAX_MESSAGE_AGE=600