Fix shared db auth and add tests.

author: drebs <drebs@leap.se> 2013-04-30 12:13:07 -0300
committer: drebs <drebs@leap.se> 2013-04-30 12:13:07 -0300
commit: f1cf6a4b262f202c141d0e7cdd90f0f8403f9f5d (patch)
tree: 3573874ba28e76715fcdeb6d0e49c4d0af333a8b /src/leap/soledad/shared_db.py
parent: c5cebeb1e730e4c1e72445870374c13b9ffeb892 (diff)
1 files changed, 21 insertions, 76 deletions
diff --git a/src/leap/soledad/shared_db.py b/src/leap/soledad/shared_db.py
index 01296885..dbb78d97 100644
--- a/src/leap/soledad/shared_db.py
+++ b/src/leap/soledad/shared_db.py
@@ -30,6 +30,12 @@ from u1db import errors
 from u1db.remote import http_database
 
 
+from leap.soledad.auth import (
+    set_token_credentials,
+    _sign_request,
+)
+
+
 #-----------------------------------------------------------------------------
 # Soledad shared database
 #-----------------------------------------------------------------------------
@@ -58,8 +64,20 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
     # TODO: prevent client from messing with the shared DB.
     # TODO: define and document API.
 
+    #
+    # Token auth methods.
+    #
+
+    set_token_credentials = set_token_credentials
+
+    _sign_request = _sign_request
+
+    #
+    # Modified HTTPDatabase methods.
+    #
+
     @staticmethod
-    def open_database(url, create, token=None):
+    def open_database(url, create, creds=None):
         # TODO: users should not be able to create the shared database, so we
         # have to remove this from here in the future.
         """
@@ -76,7 +94,7 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
         @return: The shared database in the given url.
         @rtype: SoledadSharedDatabase
         """
-        db = SoledadSharedDatabase(url, token=token)
+        db = SoledadSharedDatabase(url, creds=creds)
         db.open(create)
         return db
 
@@ -92,7 +110,7 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
         """
         raise Unauthorized("Can't delete shared database.")
 
-    def __init__(self, url, document_factory=None, creds=None, token=None):
+    def __init__(self, url, document_factory=None, creds=None):
         """
         Initialize database with auth token and encryption powers.
 
@@ -103,83 +121,10 @@ class SoledadSharedDatabase(http_database.HTTPDatabase):
         @param creds: A tuple containing the authentication method and
             credentials.
         @type creds: tuple
-        @param token: An authentication token for accessing the shared db.
-        @type token: str
         """
-        self._token = token
         http_database.HTTPDatabase.__init__(self, url, document_factory,
                                             creds)
 
-    def _request(self, method, url_parts, params=None, body=None,
-                 content_type=None, auth=True):
-        """
-        Perform token-based http request.
-
-        @param method: The HTTP method for the request.
-        @type method: str
-        @param url_parts: A list with extra parts for the URL.
-        @type url_parts: list
-        @param params: Parameters to be added as query string.
-        @type params: dict
-        @param body: The body of the request (must be JSON serializable).
-        @type body: object
-        @param content_type: The content-type of the request.
-        @type content_type: str
-        @param auth: Should the request be authenticated?
-        @type auth: bool
-
-        @raise u1db.errors.Unavailable: If response status is 503.
-        @raise u1db.errors.HTTPError: If response status is neither 200, 201
-            or 503
-
-        @return: The headers and body of the HTTP response.
-        @rtype: tuple
-        """
-        # add `auth-token` as a request parameter
-        if auth:
-            if not self._token:
-                raise NoTokenForAuth()
-            if not params:
-                params = {}
-            params['auth_token'] = self._token
-        return http_database.HTTPDatabase._request(
-            self,
-            method, url_parts,
-            params,
-            body,
-            content_type)
-
-    def _request_json(self, method, url_parts, params=None, body=None,
-                      content_type=None, auth=True):
-        """
-        Perform token-based http request and deserialize the JSON results.
-
-        @param method: The HTTP method for the request.
-        @type method: str
-        @param url_parts: A list with extra parts for the URL.
-        @type url_parts: list
-        @param params: Parameters to be added as query string.
-        @type params: dict
-        @param body: The body of the request (must be JSON serializable).
-        @type body: object
-        @param content_type: The content-type of the request.
-        @type content_type: str
-        @param auth: Should the request be authenticated?
-        @type auth: bool
-
-        @raise u1db.errors.Unavailable: If response status is 503.
-        @raise u1db.errors.HTTPError: If response status is neither 200, 201
-            or 503
-
-        @return: The headers and body of the HTTP response.
-        @rtype: tuple
-        """
-        # allow for token-authenticated requests.
-        res, headers = self._request(method, url_parts,
-                                     params=params, body=body,
-                                     content_type=content_type, auth=auth)
-        return json.loads(res), headers
-
     def get_doc_unauth(self, doc_id):
         """
         Modified method to allow for unauth request.
author	drebs <drebs@leap.se>	2013-04-30 12:13:07 -0300
committer	drebs <drebs@leap.se>	2013-04-30 12:13:07 -0300
commit	f1cf6a4b262f202c141d0e7cdd90f0f8403f9f5d (patch)
tree	3573874ba28e76715fcdeb6d0e49c4d0af333a8b /src/leap/soledad/shared_db.py
parent	c5cebeb1e730e4c1e72445870374c13b9ffeb892 (diff)