def mutate_and_get_payload(cls, root, info, **input):
openid_uid = input['openid_uid']
app_redirect_uri = input['redirect_uri']
# prepare OpenID client
issuer = discover_issuer(openid_uid)
try:
openid_client_obj = OpenIdClient.objects.get(issuer=issuer)
client = init_client_for_shortcut(openid_client_obj)
except OpenIdClient.DoesNotExist:
client = register_client(issuer)
openid_client_obj = OpenIdClient.objects.create(
name=issuer,
issuer=issuer,
client_id=client.client_id,
client_secret=client.client_secret,
)
# prepare login attempt details
state = rndstr(STATE_LENGTH)
# save login attempt
LoginAttempt.objects.create(state=state, openid_client=openid_client_obj,
app_redirect_uri=app_redirect_uri, openid_uid=openid_uid)
# get OpenID authorization url
authorization_url = get_authorization_url(client, state)
return Login(authorization_url=authorization_url)
def createAttestedClaim(self, subject, name, value):
log.debug("Subject: " + str(subject))
log.debug("Name: " + str(name))
log.debug("Value: " + str(value))
key = subject + name + str(value)
token = None
if (not key in self.credentialToRandom):
random = rndstr(17)
token = self.comm.createCredentialOffer('{0}/{1}'.format(
self.url_receive, random))
self.offeredCredentials[random] = dict(
subject=subject,
name=name,
value=value,
time=datetime.datetime.now())
self.credentialToRandom[key] = random
if type(token) is not str:
raise Exception("String expected")
log.debug("Token: " + str(token))
return token
def retrieve_credentials(self, connection_id, claims):
# ToDo
data = {"connection_id": connection_id,
"comment": "SSIXA requests attributes",
"proof_request": {
"version": "1.0",
"name": "Proof request",
"nonce": rndstr(10),
"requested_attributes": {
"additionalProp1": {
"restrictions": [{
"credential_definition_id": self.credential_def_id,
"schema_issuer_did": self.did,
"schema_version": self.schema_version,
"cred_def_id": self.credential_def_id,
"schema_id": self.schema_id,
"issuer_did": self.did,
"schema_name": "transcript"}],
"non_revoked": {
"from_epoch": 1577620743,
"to_epoch": 1577620743},
"name": "email"}}}
}
try:
resp = requests.post(self.acapy_admin_url + "/present-proof/send-request", data=json.dumps(data), headers={"accept": "application/json"})
if resp.status_code == 200:
if resp.content is not None:
test = json.loads(resp.content.decode("utf-8"))
else:
log.error("Web service call to ACA-Py to retrieve credential proof failed")
except Exception as ex:
log.error(str(ex))
def createChallenge(self, callback, claims=None):
log.debug("Callback: " + callback)
log.debug("Claims: " + str(claims))
prefix = "me.uport:me?requestToken="
random = rndstr(17)
# Get all required claims whether they are verified or self-signed
# No differeniation is made
claims.append('email')
credentials = copy.copy(claims)
credentials_verified = copy.copy(claims)
log.debug("Credentials: " + str(credentials))
log.debug("Credentials verified: " + str(credentials_verified))
challenge = self.comm.createChallenge(
'{0}/{1}'.format(callback, random), credentials,
credentials_verified)
log.debug("Random: " + str(random))
log.debug("Prefix: " + str(prefix))
log.debug("Challenge: " + str(challenge))
if not challenge is None:
return random, prefix + challenge
else:
return None, None
def handle_access_token(self, auth_payload):
idp = self._get_idp_from_payload(auth_payload)
conf = configuration.Configuration(opts, "openid_%s" % idp)
client = self.get_oidc_client(idp)
session = {"nonce": oic.rndstr(), "state": oic.rndstr()}
args = {
"response_type": 'code',
"redirect_uri": self._get_redirect_uri(conf),
"scope": conf.scope,
"nonce": session["nonce"],
"state": session["state"],
}
auth_req = client.construct_AuthorizationRequest(request_args=args)
login_url = auth_req.request(client.authorization_endpoint)
return login_url
def mutate_and_get_payload(cls, root, info, **input):
shortcut_id = input['shortcut_id']
app_redirect_uri = input['redirect_uri']
# prepare OpenID client
type, id = from_global_id(shortcut_id)
openid_client_obj = OpenIdClient.objects.get(id=id)
client = init_client_for_shortcut(openid_client_obj)
# prepare login attempt
state = rndstr(STATE_LENGTH)
# save login attempt
LoginAttempt.objects.create(state=state, openid_client=openid_client_obj,
app_redirect_uri=app_redirect_uri)
# get OpenID authorization url
authorization_url = get_authorization_url(client, state)
return LoginByShortcut(authorization_url=authorization_url)
def createChallenge(self, callback, claims=None):
log.debug("Callback: " + str(callback))
log.debug("Claims: " + str(claims))
random = rndstr(17)
credentials = []
for c in claims:
if c in claim2jolocom:
credentials.append(claim2jolocom[c])
log.debug("Credentials: " + str(credentials))
challenge = self.comm.createChallenge(
'{0}/{1}'.format(callback, random), credentials)
log.debug("Random: " + str(random))
log.debug("Challenge: " + str(challenge))
if not challenge is None:
return random, challenge
else:
return None, None
def __call__(self, username, email):
log.debug("Username: "******"Email: " + str(email))
msg = MIMEMultipart()
random = rndstr(25)
self.db[username] = dict(value=email,
random=random,
start=datetime.datetime.now(),
verified=False)
self.random_to_user[random] = username
msg['From'] = self.fromAddress
msg['To'] = email
msg['Subject'] = "Email Address Verification"
body = MIMEText("Dear receipient, \nthis email has been sent to you for verification of your email address. " \
"Please click on the following link to verify your access to this mailbox: \n\n" + \
"{}/{}".format(self.urls['url_verify'],random), 'plain', 'utf-8')
msg.set_payload(body)
text = msg.as_string()
self.sendVerificationEmail(text, email)
log.debug("Verification email sent")