summaryrefslogtreecommitdiff
path: root/client
diff options
context:
space:
mode:
authorKali Kaneko <kali@leap.se>2015-12-02 15:09:58 -0400
committerKali Kaneko <kali@leap.se>2015-12-15 15:19:47 -0400
commit0d7470b48411f1b9d48762e33533bb9041676c2e (patch)
tree9f2e6e6fa33b30aca0e84e39e0c3d11dfe6e96ac /client
parent869aa5354ff74be9e0203c37c5d54c79d8e32863 (diff)
[feat] get_or_create_service_token
Diffstat (limited to 'client')
-rw-r--r--client/src/leap/soledad/client/api.py35
1 files changed, 34 insertions, 1 deletions
diff --git a/client/src/leap/soledad/client/api.py b/client/src/leap/soledad/client/api.py
index 78f9c652..1f81f2ab 100644
--- a/client/src/leap/soledad/client/api.py
+++ b/client/src/leap/soledad/client/api.py
@@ -32,6 +32,7 @@ import logging
import os
import socket
import ssl
+import uuid
import urlparse
try:
@@ -44,11 +45,11 @@ from StringIO import StringIO
from collections import defaultdict
from u1db.remote import http_client
from u1db.remote.ssl_match_hostname import match_hostname
+from twisted.internet.defer import DeferredLock, returnValue, inlineCallbacks
from zope.interface import implements
from leap.common.config import get_path_prefix
from leap.common.plugins import collect_plugins
-from twisted.internet.defer import DeferredLock
from leap.soledad.common import SHARED_DB_NAME
from leap.soledad.common import soledad_assert
@@ -943,6 +944,38 @@ class Soledad(object):
"""
return self._dbpool.runOperation(*args, **kw)
+ #
+ # Service authentication
+ #
+
+ @inlineCallbacks
+ def get_or_create_service_token(self, service):
+ """
+ Return the stored token for a given service, or generates and stores a
+ random one if it does not exist.
+
+ These tokens can be used to authenticate services.
+ """
+ # FIXME this could use the local sqlcipher database, to avoid
+ # problems with different replicas creating different tokens.
+
+ yield self.create_index('by-servicetoken', 'type', 'service')
+ docs = yield self._get_token_for_service(service)
+ if docs:
+ doc = docs[0]
+ returnValue(doc.content['token'])
+ else:
+ token = str(uuid.uuid4()).replace('-', '')[-24:]
+ yield self._set_token_for_service(service, token)
+ returnValue(token)
+
+ def _get_token_for_service(self, service):
+ return self.get_from_index('by-servicetoken', 'servicetoken', service)
+
+ def _set_token_for_service(self, service, token):
+ doc = {'type': 'servicetoken', 'service': service, 'token': token}
+ return self.create_doc(doc)
+
def _convert_to_unicode(content):
"""