summaryrefslogtreecommitdiff
path: root/src/leap/soledad/shared_db.py
diff options
context:
space:
mode:
authordrebs <drebs@leap.se>2013-04-30 12:13:07 -0300
committerdrebs <drebs@leap.se>2013-04-30 12:13:07 -0300
commitf1cf6a4b262f202c141d0e7cdd90f0f8403f9f5d (patch)
tree3573874ba28e76715fcdeb6d0e49c4d0af333a8b /src/leap/soledad/shared_db.py
parentc5cebeb1e730e4c1e72445870374c13b9ffeb892 (diff)
Fix shared db auth and add tests.
Diffstat (limited to 'src/leap/soledad/shared_db.py')
-rw-r--r--src/leap/soledad/shared_db.py97
1 files changed, 21 insertions, 76 deletions
diff --git a/src/leap/soledad/shared_db.py b/src/leap/soledad/shared_db.py
index 01296885..dbb78d97 100644
--- a/src/leap/soledad/shared_db.py
+++ b/src/leap/soledad/shared_db.py
@@ -30,6 +30,12 @@ from u1db import errors
from u1db.remote import http_database
+from leap.soledad.auth import (
+ set_token_credentials,
+ _sign_request,
+)
+
+
#-----------------------------------------------------------------------------
# Soledad shared database
#-----------------------------------------------------------------------------
@@ -58,8 +64,20 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
# TODO: prevent client from messing with the shared DB.
# TODO: define and document API.
+ #
+ # Token auth methods.
+ #
+
+ set_token_credentials = set_token_credentials
+
+ _sign_request = _sign_request
+
+ #
+ # Modified HTTPDatabase methods.
+ #
+
@staticmethod
- def open_database(url, create, token=None):
+ def open_database(url, create, creds=None):
# TODO: users should not be able to create the shared database, so we
# have to remove this from here in the future.
"""
@@ -76,7 +94,7 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
@return: The shared database in the given url.
@rtype: SoledadSharedDatabase
"""
- db = SoledadSharedDatabase(url, token=token)
+ db = SoledadSharedDatabase(url, creds=creds)
db.open(create)
return db
@@ -92,7 +110,7 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
"""
raise Unauthorized("Can't delete shared database.")
- def __init__(self, url, document_factory=None, creds=None, token=None):
+ def __init__(self, url, document_factory=None, creds=None):
"""
Initialize database with auth token and encryption powers.
@@ -103,83 +121,10 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
@param creds: A tuple containing the authentication method and
credentials.
@type creds: tuple
- @param token: An authentication token for accessing the shared db.
- @type token: str
"""
- self._token = token
http_database.HTTPDatabase.__init__(self, url, document_factory,
creds)
- def _request(self, method, url_parts, params=None, body=None,
- content_type=None, auth=True):
- """
- Perform token-based http request.
-
- @param method: The HTTP method for the request.
- @type method: str
- @param url_parts: A list with extra parts for the URL.
- @type url_parts: list
- @param params: Parameters to be added as query string.
- @type params: dict
- @param body: The body of the request (must be JSON serializable).
- @type body: object
- @param content_type: The content-type of the request.
- @type content_type: str
- @param auth: Should the request be authenticated?
- @type auth: bool
-
- @raise u1db.errors.Unavailable: If response status is 503.
- @raise u1db.errors.HTTPError: If response status is neither 200, 201
- or 503
-
- @return: The headers and body of the HTTP response.
- @rtype: tuple
- """
- # add `auth-token` as a request parameter
- if auth:
- if not self._token:
- raise NoTokenForAuth()
- if not params:
- params = {}
- params['auth_token'] = self._token
- return http_database.HTTPDatabase._request(
- self,
- method, url_parts,
- params,
- body,
- content_type)
-
- def _request_json(self, method, url_parts, params=None, body=None,
- content_type=None, auth=True):
- """
- Perform token-based http request and deserialize the JSON results.
-
- @param method: The HTTP method for the request.
- @type method: str
- @param url_parts: A list with extra parts for the URL.
- @type url_parts: list
- @param params: Parameters to be added as query string.
- @type params: dict
- @param body: The body of the request (must be JSON serializable).
- @type body: object
- @param content_type: The content-type of the request.
- @type content_type: str
- @param auth: Should the request be authenticated?
- @type auth: bool
-
- @raise u1db.errors.Unavailable: If response status is 503.
- @raise u1db.errors.HTTPError: If response status is neither 200, 201
- or 503
-
- @return: The headers and body of the HTTP response.
- @rtype: tuple
- """
- # allow for token-authenticated requests.
- res, headers = self._request(method, url_parts,
- params=params, body=body,
- content_type=content_type, auth=auth)
- return json.loads(res), headers
-
def get_doc_unauth(self, doc_id):
"""
Modified method to allow for unauth request.