summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2013-03-04 11:11:42 -0300
committerdrebs <drebs@leap.se>2013-03-04 11:11:42 -0300
commitfe0c2224a3b57f76b43ce876c850b969ca07d0c4 (patch)
tree00eeb79731a5362035695fb99f154ed7dda83387
parent93341366a0f00b6d86c9b5776c41fc8a9a09998e (diff)
Add client code for auth/unauth requests.
-rw-r--r--__init__.py78
1 files changed, 70 insertions, 8 deletions
diff --git a/__init__.py b/__init__.py
index cf9326ca..6b12a73d 100644
--- a/__init__.py
+++ b/__init__.py
@@ -14,7 +14,7 @@ import random
import hmac
import configparser
import re
-
+from u1db.remote import http_client
from leap.soledad.backends import sqlcipher
from leap.soledad.util import GPGWrapper
from leap.soledad.backends.leap_backend import (
@@ -27,13 +27,20 @@ class KeyMissing(Exception):
pass
+#-----------------------------------------------------------------------------
+# Soledad: local encrypted storage and remote encrypted sync.
+#-----------------------------------------------------------------------------
+
class Soledad(object):
"""
- Soledad client class. It is used to store and fetch data locally in an
- encrypted manner and request synchronization with Soledad server. This
- class is also responsible for bootstrapping users' account by creating
- OpenPGP keys and other cryptographic secrets and/or storing/fetching them
- on Soledad server.
+ Soledad provides encrypted data storage and sync.
+
+ A Soledad instance is used to store and retrieve data in a local encrypted
+ database and synchronize this database with Soledad server.
+
+ This class is also responsible for bootstrapping users' account by
+ creating OpenPGP keys and other cryptographic secrets and/or
+ storing/fetching them on Soledad server.
"""
# other configs
@@ -41,19 +48,27 @@ class Soledad(object):
def __init__(self, user_email, prefix=None, gnupg_home=None,
secret_path=None, local_db_path=None,
- config_file=None, initialize=True):
+ config_file=None, server_url=None, auth_token=None,
+ initialize=True):
"""
Bootstrap Soledad, initialize cryptographic material and open
underlying U1DB database.
"""
self._user_email = user_email
+ self._auth_token = auth_token
self._init_config(prefix, gnupg_home, secret_path, local_db_path,
config_file)
+ # TODO: how to obtain server's URL?
+ if server_url:
+ self._init_client(server_url, token=auth_token)
if initialize:
self._init_dirs()
self._init_crypto()
self._init_db()
+ def _init_client(self, url, token=None):
+ self._client = SoledadClient(server_url, token)
+
def _init_config(self, prefix, gnupg_home, secret_path, local_db_path,
config_file):
# set default config
@@ -62,7 +77,8 @@ class Soledad(object):
'gnupg_home': gnupg_home or '%s/gnupg',
'secret_path': secret_path or '%s/secret.gpg',
'local_db_path': local_db_path or '%s/soledad.u1db',
- 'config_file': config_file or '%s/soledad.ini'
+ 'config_file': config_file or '%s/soledad.ini',
+ 'soledad_server_url': '',
}
m = re.compile('.*%s.*')
for key, default_value in default_conf.iteritems():
@@ -80,6 +96,9 @@ class Soledad(object):
setattr(self, key, config['soledad-client'][key])
def _init_dirs(self):
+ """
+ Create work directories.
+ """
if not os.path.isdir(self.prefix):
os.makedirs(self.prefix)
@@ -98,6 +117,9 @@ class Soledad(object):
self._load_secret()
def _init_db(self):
+ """
+ Initialize the database for local storage .
+ """
# instantiate u1db
# TODO: verify if secret for sqlcipher should be the same as the
# one for symmetric encryption.
@@ -304,4 +326,44 @@ class Soledad(object):
# TODO: create authentication scheme for sync with server.
return self._db.sync(url, creds=None, autocreate=True)
+
+#-----------------------------------------------------------------------------
+# Soledad client
+#-----------------------------------------------------------------------------
+
+class NoTokenForAuth(Exception):
+ """
+ No token was found for token-based authentication.
+ """
+
+
+class SoledadClient(http_client.HTTPClientBase):
+
+ @staticmethod
+ def connect(url, token=None):
+ return SoledadClient(url, token=token)
+
+ def __init__(self, url, creds=None, token=None):
+ super(SoledadClient, self).__init__(url, creds)
+ self.token = token
+
+ def _set_token(self, token):
+ self._token = token
+
+ def _get_token(self):
+ return self._token
+
+ token = property(_get_token, _set_token,
+ doc='Token for token-based authentication.')
+
+ def _request_json(self, method, url_parts, params=None, body=None,
+ content_type=None, auth=False):
+ if auth:
+ if not token:
+ raise NoTokenForAuth()
+ params.update({'auth_token', self.token})
+ super(SoledadClient, self)._request_json(method, url_parts, params,
+ body, content_type)
+
+
__all__ = ['util']