def get_index_html(self):
nut = handler.get_nut()
if URL.startswith('https'):
sqrl_url = URL.replace('https', 'sqrl')
else:
sqrl_url = URL.replace('http', 'qrl')
sqrl_url = '%s/sqrl?nut=%s&sfn=%s' % (sqrl_url, nut, baseconv.encode("Fisken"))
ws_url = URL.replace('http', 'ws')
self.writeln("<html><head><title>Title goes here.</title></head>")
self.writeln("<body>")
self.writeln(" <p>Blipp fisken</p>")
self.writeln(" <a href='%s'>login</a>" % (sqrl_url))
self.writeln(' <script>')
self.writeln(' var ws = new WebSocket("%s/ws");' % (ws_url))
self.writeln(' ws.onopen = function(){')
self.writeln(' console.log("onopen");')
self.writeln(' ws.send("{\\\"session_id\\\": \\\"%s\\\"}");' % (nut))
self.writeln(' };')
self.writeln(' ws.onmessage = function(ev){')
self.writeln(' console.log("onmessage ev.data " + ev.data);')
self.writeln(' var json = JSON.parse(ev.data);')
self.writeln(' window.location.href = json.url;')
self.writeln(' };')
self.writeln(' ws.onclose = function(ev){')
self.writeln(' console.log("onclose");')
self.writeln(' };')
self.writeln(' ws.onerror = function(ev){')
self.writeln(' console.log("onerror");')
self.writeln(' };')
self.writeln(' </script>')
self.writeln(" <br/>")
self.writeln("</body></html>")
def post(self):
server = handler.SqrlHandler().post(
self.get_argument('client', ""),
self.get_argument('server', ""),
self.get_argument('ids', ""),
sqrl_callback)
self.write(baseconv.encode(server))
def disable(self, url, server):
resp = baseconv.decodeNameValue(server)
tif = int(resp['tif'], 16)
client = "ver=1\r\n"
client += "cmd=disable\r\n"
client += "idk=%s\r\n" % self.enc.getPublicKey(url.getDomain())
client = baseconv.encode(client)
ids = self.enc.sign(client + server)
url = URLParser(url.scheme + "://" + url.netloc + resp['qry'])
success, data = self._post_form(url, "client=%s&server=%s&ids=%s" % (client, server, ids))
logging.debug("client")
for param in baseconv.decode(client).rstrip('\r\n').split('\r\n'):
logging.debug(' %r', param)
logging.debug("server")
for param in baseconv.decode(server).rstrip('\r\n').split('\r\n'):
logging.debug(' %r', param)
logging.debug(' ids %r', ids)
if success:
resp = baseconv.decodeNameValue(data)
logging.debug("resp %r", resp)
tif = int(resp['tif'], 16)
if tif & 0x10 == 0x10:
return False, "0x10 Function(s) not supported"
if tif & 0x08 == 0x08:
return True, "0x08 SQRL disabled"
return False, data
def disable_account(self, qry):
url = URLParser(qry)
success, data = self.query(url, baseconv.encode(url.orig_url))
if not success:
return False, "Auth failed. " + data
success, data = self.disable(url, data)
if not success:
return False, "Auth failed. " + data
return True, data
def ident(self, url, server):
resp = baseconv.decodeNameValue(server)
tif = int(resp['tif'], 16)
client = "ver=1\r\n"
client += "cmd=ident\r\n"
client += "idk=%s\r\n" % self.enc.getPublicKey(url.getDomain())
if self.cps:
client += "opt=cps\r\n"
if tif & 0x01 == 0x00:
client += "suk=dMRXbs49XNmVUhsKzta7ESD-cP2QlnxkSaORsswOAj4\r\n" # TODO: ehhh...
client += "vuk=q13E_hd5CR0WE0A9ZD8571te0Ul47YfsDCWpETuCGcI\r\n" # TODO: ehhh...
client = baseconv.encode(client)
ids = self.enc.sign(client + server)
url = URLParser(url.scheme + "://" + url.netloc + resp['qry'])
success, data = self._post_form(url, "client=%s&server=%s&ids=%s" % (client, server, ids))
logging.debug("client")
for param in baseconv.decode(client).rstrip('\r\n').split('\r\n'):
logging.debug(' %r', param)
logging.debug("server")
for param in baseconv.decode(server).rstrip('\r\n').split('\r\n'):
logging.debug(' %r', param)
logging.debug(' ids %r', ids)
if success:
resp = baseconv.decodeNameValue(data)
logging.debug("resp %r", resp)
tif = int(resp['tif'], 16)
if tif & 0x08 == 0x08:
return False, "0x08 SQRL disabled"
if tif & 0x10 == 0x10:
return False, "0x10 Function(s) not supported"
#if tif > 0x04: # TODO: Check tif failure values
# return False, "Tif 0x%02x" % tif
if 'url' in resp:
return True, resp['url']
else:
return True, None
return False, data
def query(self, url, server, automatic_retry=True):
client = "ver=1\r\n"
client += "cmd=query\r\n"
client += "idk=%s\r\n" % self.enc.getPublicKey(url.getDomain())
if self.cps:
client += "opt=cps\r\n"
client = baseconv.encode(client)
ids = self.enc.sign(client + server)
success, data = self._post_form(url, "client=%s&server=%s&ids=%s" % (client, server, ids))
logging.debug("client")
for param in baseconv.decode(client).rstrip('\r\n').split('\r\n'):
logging.debug(' %r', param)
logging.debug("server")
for param in baseconv.decode(server).rstrip('\r\n').split('\r\n'):
logging.debug(' %r', param)
logging.debug(' ids %r', ids)
if success:
resp = baseconv.decodeNameValue(data)
logging.debug("resp %r", resp)
tif = int(resp['tif'], 16)
if tif & 0x01 == 0x01:
logging.info("ID match")
if tif & 0x04 == 0x04:
logging.info("IP matched")
#if tif > 0x04: # TODO: Check tif failure values
# logging.warn("Problems with query, tif 0x%02x", tif)
if tif & 0x20 == 0x20:
if automatic_retry:
logging.debug("0x20 Transient error. Trying again")
url = URLParser(url.scheme + "://" + url.netloc + resp['qry'])
return self.query(url, data, False)
return success, data
def test_encode_unicode(self):
self.assertEqual(baseconv.encode(u"abcd"), 'YWJjZA')
def test_encode_padding_stripped(self):
self.assertEqual(baseconv.encode("abcd"), 'YWJjZA')
self.assertEqual(baseconv.encode("abcde"), 'YWJjZGU')
def test_encode_no_padding(self):
self.assertEqual(baseconv.encode("abc"), 'YWJj')