diff options
author | drebs <drebs@leap.se> | 2013-03-04 11:11:42 -0300 |
---|---|---|
committer | drebs <drebs@leap.se> | 2013-03-04 11:11:42 -0300 |
commit | fe0c2224a3b57f76b43ce876c850b969ca07d0c4 (patch) | |
tree | 00eeb79731a5362035695fb99f154ed7dda83387 | |
parent | 93341366a0f00b6d86c9b5776c41fc8a9a09998e (diff) |
Add client code for auth/unauth requests.
-rw-r--r-- | __init__.py | 78 |
1 files changed, 70 insertions, 8 deletions
diff --git a/__init__.py b/__init__.py index cf9326ca..6b12a73d 100644 --- a/__init__.py +++ b/__init__.py @@ -14,7 +14,7 @@ import random import hmac import configparser import re - +from u1db.remote import http_client from leap.soledad.backends import sqlcipher from leap.soledad.util import GPGWrapper from leap.soledad.backends.leap_backend import ( @@ -27,13 +27,20 @@ class KeyMissing(Exception): pass +#----------------------------------------------------------------------------- +# Soledad: local encrypted storage and remote encrypted sync. +#----------------------------------------------------------------------------- + class Soledad(object): """ - Soledad client class. It is used to store and fetch data locally in an - encrypted manner and request synchronization with Soledad server. This - class is also responsible for bootstrapping users' account by creating - OpenPGP keys and other cryptographic secrets and/or storing/fetching them - on Soledad server. + Soledad provides encrypted data storage and sync. + + A Soledad instance is used to store and retrieve data in a local encrypted + database and synchronize this database with Soledad server. + + This class is also responsible for bootstrapping users' account by + creating OpenPGP keys and other cryptographic secrets and/or + storing/fetching them on Soledad server. """ # other configs @@ -41,19 +48,27 @@ class Soledad(object): def __init__(self, user_email, prefix=None, gnupg_home=None, secret_path=None, local_db_path=None, - config_file=None, initialize=True): + config_file=None, server_url=None, auth_token=None, + initialize=True): """ Bootstrap Soledad, initialize cryptographic material and open underlying U1DB database. """ self._user_email = user_email + self._auth_token = auth_token self._init_config(prefix, gnupg_home, secret_path, local_db_path, config_file) + # TODO: how to obtain server's URL? + if server_url: + self._init_client(server_url, token=auth_token) if initialize: self._init_dirs() self._init_crypto() self._init_db() + def _init_client(self, url, token=None): + self._client = SoledadClient(server_url, token) + def _init_config(self, prefix, gnupg_home, secret_path, local_db_path, config_file): # set default config @@ -62,7 +77,8 @@ class Soledad(object): 'gnupg_home': gnupg_home or '%s/gnupg', 'secret_path': secret_path or '%s/secret.gpg', 'local_db_path': local_db_path or '%s/soledad.u1db', - 'config_file': config_file or '%s/soledad.ini' + 'config_file': config_file or '%s/soledad.ini', + 'soledad_server_url': '', } m = re.compile('.*%s.*') for key, default_value in default_conf.iteritems(): @@ -80,6 +96,9 @@ class Soledad(object): setattr(self, key, config['soledad-client'][key]) def _init_dirs(self): + """ + Create work directories. + """ if not os.path.isdir(self.prefix): os.makedirs(self.prefix) @@ -98,6 +117,9 @@ class Soledad(object): self._load_secret() def _init_db(self): + """ + Initialize the database for local storage . + """ # instantiate u1db # TODO: verify if secret for sqlcipher should be the same as the # one for symmetric encryption. @@ -304,4 +326,44 @@ class Soledad(object): # TODO: create authentication scheme for sync with server. return self._db.sync(url, creds=None, autocreate=True) + +#----------------------------------------------------------------------------- +# Soledad client +#----------------------------------------------------------------------------- + +class NoTokenForAuth(Exception): + """ + No token was found for token-based authentication. + """ + + +class SoledadClient(http_client.HTTPClientBase): + + @staticmethod + def connect(url, token=None): + return SoledadClient(url, token=token) + + def __init__(self, url, creds=None, token=None): + super(SoledadClient, self).__init__(url, creds) + self.token = token + + def _set_token(self, token): + self._token = token + + def _get_token(self): + return self._token + + token = property(_get_token, _set_token, + doc='Token for token-based authentication.') + + def _request_json(self, method, url_parts, params=None, body=None, + content_type=None, auth=False): + if auth: + if not token: + raise NoTokenForAuth() + params.update({'auth_token', self.token}) + super(SoledadClient, self)._request_json(method, url_parts, params, + body, content_type) + + __all__ = ['util'] |