def get_partners(self, mode): # on obtient la liste des partners avec le Relay qui a une cle 1 self.partners = [] acct = Account.from_key(mode.relay_private_key) mode.w3.eth.defaultAccount = acct.address contract = mode.w3.eth.contract(self.workspace_contract, abi=constante.workspace_ABI) try: partners_list = contract.functions.getKnownPartnershipsContracts( ).call() except: return False liste = [ "Unknown", "Authorized", "Pending", "Rejected", "Removed", ] for partner_workspace_contract in partners_list: try: authorization_index = contract.functions.getPartnership( partner_workspace_contract).call()[1] except Exception as ex: logging.warning(ex) return False partner_username = ns.get_username_from_resolver( partner_workspace_contract, mode) if authorization_index != 4 and partner_username: # only if not "Removed" and parner is known in the database partner_address = contractsToOwners(partner_workspace_contract, mode) partner_publickey = mode.w3.soliditySha3(['address'], [partner_address]) self.partners.append({ 'address': partner_address, 'publickey': partner_publickey, 'workspace_contract': partner_workspace_contract, 'username': partner_username, 'authorized': liste[authorization_index], 'status': 'Not available' }) # on met a jour le status avec un acces par le owner au partnership dans le contract du partner if self.private_key: acct = Account.from_key(self.private_key_value) mode.w3.eth.defaultAccount = acct.address for index in range(0, len(self.partners)): contract = mode.w3.eth.contract( self.partners[index]['workspace_contract'], abi=constante.workspace_ABI) self.partners[index]['status'] = liste[ contract.functions.getMyPartnershipStatus().call()] else: logging.warning( 'status des partnerships impossible a obtenir, private key not found' ) return True
def certificate_issuer_explore(mode) : """ This can be an entry point too""" menu = session.get('menu', dict()) viewer = 'guest' if not session.get('username') else 'user' issuer_workspace_contract = request.args['workspace_contract'] certificate_id = request.args.get('certificate_id') try : issuer_explore = Identity(issuer_workspace_contract, mode, authenticated=False) except : logging.warning('issuer does not exist') flash('Identity not found ', 'danger') return redirect(mode.server + 'certificate/verify/?certificate_id=' + certificate_id) if issuer_explore.type == 'person' : session['resume']= issuer_explore.__dict__ """ clean up """ del session['resume']['file_list'] del session['resume']['experience_list'] del session['resume']['education_list'] del session['resume']['other_list'] del session['resume']['kbis_list'] del session['resume']['certificate_list'] del session['resume']['partners'] del session['resume']['synchronous'] del session['resume']['authenticated'] del session['resume']['rsa_key'] del session['resume']['relay_activated'] del session['resume']['private_key'] del session['resume']['identity_file'] session['resume']['topic'] = 'resume' if issuer_explore.type == 'person' : # personal Topic = {'firstname' : 'Firstname', 'lastname' : 'Lastname', 'about' : 'About', 'profil_title' : 'Title', 'birthdate' : 'Birth Date', 'contact_email' : 'Contact Email', 'contact_phone' : 'Contact Phone', 'postal_address' : 'Postal Address', 'education' : 'Education'} issuer_username = ns.get_username_from_resolver(issuer_workspace_contract, mode) issuer_username = '******' if not issuer_username else issuer_username issuer_personal = """<span><b>Username</b> : """ + issuer_username +"""<br>""" for topic_name in issuer_explore.personal.keys() : if issuer_explore.personal[topic_name]['claim_value'] : #topicname_id = 'did:talao:' + mode.BLOCKCHAIN + ':' + issuer_workspace_contract[2:] + ':claim:' + issuer_explore.personal[topic_name]['claim_id'] issuer_personal = issuer_personal + """ <span><b>"""+ Topic[topic_name] +"""</b> : """+ issuer_explore.personal[topic_name]['claim_value']+""" </span><br>""" # Proofs of Identity my_kyc = "" # experience issuer_experience = '' if issuer_explore.experience == [] : issuer_experience = """ <a class="text-info">No data available</a>""" else : for experience in issuer_explore.experience : exp_html = """ <b>Company</b> : """+experience['company']['name']+"""<br> <b>Title</b> : """+experience['title']+"""<br> <b>Description</b> : """+experience['description'][:100]+"""...<br> <p> </p>""" issuer_experience = issuer_experience + exp_html + """<hr>""" # education issuer_education = '' if issuer_explore.education == [] : issuer_education = """ <a class="text-info">No data available</a>""" else : for education in issuer_explore.education : edu_html = """ <b>Organization</b> : """+education['organization']['name']+"""<br> <b>Title</b> : """+education['title']+"""<br> <b>Description</b> : """+education['description'][:100]+"""...<br> <p> </p>""" issuer_education = issuer_education + edu_html + """<hr>""" # skills if not issuer_explore.skills or not issuer_explore.skills.get('id') : issuer_skills = """<a class="text-info">No Skills Available</a>""" else : issuer_skills = "" for skill in issuer_explore.skills['description'] : skill_html = """ """+ skill['skill_name'] + """ (""" + skill['skill_level'] + """)""" + """<br> <!-- <b>Domain</b> : """+skill['skill_domain'] + """<br> <b>Level</b> : """+ skill['skill_level'] + """...<br> <p> <a class="text-secondary" href="/user/remove_experience/?experience_id=""" + """> <i data-toggle="tooltip" class="fa fa-trash-o" title="Remove">   </i> </a> </p> -->""" issuer_skills = issuer_skills + skill_html issuer_skills = issuer_skills + """ <p> </p>""" # certificates issuer_certificates = "" if issuer_explore.certificate == [] : issuer_certificates = """<a class="text-info">No data available</a>""" else : for certificate in issuer_explore.certificate : certificate_issuer_username = ns.get_username_from_resolver(certificate['issuer']['workspace_contract'], mode) certificate_issuer_username = '******' if not certificate_issuer_username else certificate_issuer_username if certificate['issuer']['category'] == 2001 : certificate_issuer_name = certificate['issuer']['name'] elif certificate['issuer']['category'] == 1001 : certificate_issuer_name = certificate['issuer']['firstname'] + ' ' + certificate['issuer']['lastname'] else : pass cert_html = """ <b>Issuer Name</b> : """ + certificate_issuer_name +"""<br> <b>Title</b> : """ + certificate['title']+"""<br> <b>Description</b> : """ + certificate['description'][:100]+"""...<br> <b></b><a href= """ + mode.server + """guest/certificate/?certificate_id=did:talao:""" + mode.BLOCKCHAIN + """:""" + issuer_workspace_contract[2:] + """:document:""" + str(certificate['doc_id']) + """>Display Certificate</a><br> <p> </p>""" issuer_certificates = issuer_certificates + cert_html + """<hr>""" return render_template('./certificate/certificate_person_issuer_identity.html', **menu, issuer_name=issuer_explore.name, issuer_profil_title = issuer_explore.profil_title, kyc=my_kyc, personal=issuer_personal, experience=issuer_experience, skills=issuer_skills, certificates=issuer_certificates, education=issuer_education, issuer_picturefile=issuer_explore.picture, certificate_id= certificate_id, viewer=viewer,) if issuer_explore.type == 'company' : # kbis if not issuer_explore.personal['website']['claim_value'] and not issuer_explore.kbis : my_kbis = """<p class="text-warning">No data available</p><br>""" if issuer_explore.personal['website']['claim_value'] : my_kbis = """<b>Contact</b> : """ + issuer_explore.personal['contact_email']['claim_value'] #+ """ <br> for kbis in issuer_explore.kbis : my_kbis = my_kbis + "<hr><b>Certificate issued by Talao</b><br><br>" kbis_html = """ <b>Name</b> : """+ kbis['name'] +"""<br> <b>Siret</b> : """+ kbis['siret'] +"""<br> <b>Creation</b> : """+ kbis['date'] + """<br> <b>Capital</b> : """+ kbis['capital']+"""<br> <b>Address</b> : """+ kbis['address']+"""<br> <p> </p>""" my_kbis = my_kbis + kbis_html # personal issuer_username = ns.get_username_from_resolver(issuer_workspace_contract, mode) issuer_username = '******' if not issuer_username else issuer_username issuer_personal = """ <span><b>Username</b> : """ + issuer_username + """<br>""" for topic_name in issuer_explore.personal.keys() : if issuer_explore.personal[topic_name]['claim_value'] : topicname_id = 'did:talao:' + mode.BLOCKCHAIN + ':' + issuer_workspace_contract[2:] + ':claim:' + issuer_explore.personal[topic_name]['claim_id'] issuer_personal = issuer_personal + """ <span><b>"""+ topic_name +"""</b> : """+ issuer_explore.personal[topic_name]['claim_value']+""" </span><br>""" services ="""<a class="text-warning">Register to get access to services.</a><br><br>""" return render_template('./certificate/certificate_company_issuer_identity.html', **menu, issuer_name=issuer_explore.name, kbis=my_kbis, services=services, personal=issuer_personal, issuer_picturefile=issuer_explore.picture, certificate_id=certificate_id, viewer=viewer,)
def user(mode): """ #@app.route('/user/', methods = ['GET']) Main view for Identity Repository We setup Ientity with workspace or username depending of the login method """ check_login() if not session.get('uploaded', False): logging.info('start first instanciation') if not session.get('workspace_contract'): logging.info('Identity set up from username') data_from_username = ns.get_data_from_username( session['username'], mode) session['workspace_contract'] = data_from_username[ 'workspace_contract'] else: logging.info('Identity set up from workspace contract') session['username'] = ns.get_username_from_resolver( session['workspace_contract'], mode) if mode.test: user = Identity(session['workspace_contract'], mode, authenticated=True) else: try: user = Identity(session['workspace_contract'], mode, authenticated=True) except: logging.error('cannot init Identity') flash('session aborted', 'warning') return render_template('login.html') logging.info('end of first intanciation') # init session side by redis session['uploaded'] = True session['type'] = user.type session['address'] = user.address session['workspace_contract'] = user.workspace_contract session['issuer'] = user.issuer_keys session['partner'] = user.partners session['did'] = user.did session['eth'] = user.eth session['token'] = user.token session['rsa_key'] = user.rsa_key session['rsa_key_value'] = user.rsa_key_value session['rsa_filename'] = session['did'] + ".pem" session['private_key'] = user.private_key session['private_key_value'] = user.private_key_value session['relay_activated'] = user.relay_activated session['personal'] = user.personal session['identity_file'] = user.identity_file session['name'] = user.name session['secret'] = user.secret session['picture'] = user.picture session['signature'] = user.signature session['skills'] = user.skills session['certificate'] = user.certificate session['private_certificate'] = user.private_certificate session['secret_certificate'] = user.secret_certificate session[ 'all_certificate'] = user.certificate + user.private_certificate + user.secret_certificate session['has_vault_access'] = user.has_vault_access session['method'] = ns.get_method(session['workspace_contract'], mode) session['mode_server'] = mode.server if not session['method']: session['method'] = "ethr" phone = ns.get_data_from_username(session.get('username'), mode).get('phone') session['phone'] = phone if phone else "" if user.type == 'person': session['profil_title'] = user.profil_title session['experience'] = user.experience session['education'] = user.education # no credential workflow session['host'] = session['employee'] = None session['role'] = session['referent'] = None clipboard = mode.server + "resume/?did=" + session['did'] session['check_identity_key'] = False if session['type'] == 'company': session['profil_title'] = "" # data for credential workflow for admin, issuer or reviewer try: session['host'] = session['username'].split('.')[1] session['employee'] = session['username'].split('.')[0] session['role'] = ns.get_data_from_username( session['username'], mode)['role'] session['referent'] = ns.get_data_from_username( session['username'], mode)['referent'] # for creator except: session['host'] = session['username'] session['employee'] = None session['role'] = 'creator' session['referent'] = None clipboard = mode.server + "board/?did=" + session['did'] # for nav bar menu display session['menu'] = { 'picturefile': session['picture'], 'username': session.get('username', ""), 'name': session['name'], #'private_key_value' : user.private_key_value, 'rsa_filename': session['rsa_filename'], 'profil_title': session['profil_title'], 'clipboard': clipboard } # Dashboard start for employees if session['role'] in ['issuer', 'reviewer']: return redirect(mode.server + 'company/dashboard/') # Homepage start for Talent #if user.type == 'person' : # return render_template('homepage.html', **session['menu']) # check Identity key Pair for person only client side # Keypairs for companies are setpu server side if not ns.get_did(session['workspace_contract'], mode) and session['type'] == 'person': return redirect(mode.server + 'user/generate_identity/') else: session['check_identity_key'] = True # Partners if not session['partner']: my_partner = """<a class="text-info">No Partners available</a>""" else: my_partner = "" for partner in session['partner']: if partner['authorized'] == 'Pending': partner_html = """ <span><a href="/user/issuer_explore/?issuer_username=""" + partner[ 'username'] + """">""" + partner['username'] + """</a> (""" + partner[ 'authorized'] + """ - """ + partner['status'] + """ ) <a class="text-secondary" href="/user/reject_partner/?partner_username=""" + partner[ 'username'] + """&partner_workspace_contract=""" + partner[ 'workspace_contract'] + """"> <i data-toggle="tooltip" class="fa fa-thumbs-o-down" title="Reject this Partnership.">   </i> </a> <a class="text-secondary" href="/user/authorize_partner/?partner_username=""" + partner[ 'username'] + """&partner_workspace_contract=""" + partner[ 'workspace_contract'] + """"> <i data-toggle="tooltip" class="fa fa-thumbs-o-up" title="Authorize this Parnership."></i> </a> </spn>""" elif partner['authorized'] == 'Removed': partner_html = """ <span><a href="/user/issuer_explore/?issuer_username=""" + partner[ 'username'] + """">""" + partner[ 'username'] + """</a> (""" + partner[ 'authorized'] + """ - """ + partner[ 'status'] + """ ) </spn>""" else: partner_html = """ <span><a href="/user/issuer_explore/?issuer_username=""" + partner[ 'username'] + """">""" + partner[ 'username'] + """</a> (""" + partner[ 'authorized'] + """ - """ + partner['status'] + """ ) <a class="text-secondary" href="/user/remove_partner/?partner_username=""" + partner[ 'username'] + """&partner_workspace_contract=""" + partner[ 'workspace_contract'] + """"> <i data-toggle="tooltip" class="fa fa-trash-o" title="Remove this Partnership.">   </i> </spn>""" my_partner = my_partner + partner_html + """<br>""" # Issuer for document, they have an ERC725 key 20002 if not session['issuer']: my_issuer = """ <a class="text-info">No Referents available</a>""" else: my_issuer = "" for one_issuer in session['issuer']: issuer_username = ns.get_username_from_resolver( one_issuer['workspace_contract'], mode) issuer_username = '******' if issuer_username is None else issuer_username issuer_html = """ <span>""" + issuer_username + """ <a class="text-secondary" href="/user/remove_issuer/?issuer_username=""" + issuer_username + """&issuer_address=""" + one_issuer[ 'address'] + """"> <i data-toggle="tooltip" class="fa fa-trash-o" title="Remove">   </i> </a> <a class="text-secondary" href="/user/issuer_explore/?issuer_username=""" + issuer_username + """"> <i data-toggle="tooltip" class="fa fa-search-plus" title="Data Check"></i> </a> </span>""" my_issuer = my_issuer + issuer_html + """<br>""" # files if not session['identity_file']: my_file = """<a class="text-info">No Files available</a>""" else: my_file = "" for one_file in session['identity_file']: file_html = """ <b>File Name</b> : """ + one_file['filename'] + """ ( """ + one_file[ 'privacy'] + """ ) <br> <b>Created</b> : """ + one_file['created'] + """<br> <p> <a class="text-secondary" href="/user/remove_file/?file_id=""" + one_file[ 'id'] + """&filename=""" + one_file['filename'] + """"> <i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i> </a> <a class="text-secondary" href=/user/download/?filename=""" + one_file[ 'filename'] + """> <i data-toggle="tooltip" class="fa fa-download" title="Download"></i> </a> </p>""" my_file = my_file + file_html # skills if not session['skills'] or not session['skills'].get('id'): my_skills = """<a class="text-info">No data available</a>""" else: my_skills = "" for skill in session['skills']['description']: skill_html = skill['skill_name'] + """ (""" + skill[ 'skill_level'] + """)""" + """<br>""" my_skills = my_skills + skill_html my_skills = my_skills + """ <p> </p>""" # specific to person if session['type'] == 'person': # experience my_experience = "" if not session['experience']: my_experience = my_experience + """<a class="text-info">No Experience available</a>""" else: for experience in sorted( session['experience'], key=lambda d: time.strptime(d['start_date'], "%Y-%m-%d"), reverse=True): if not experience['end_date']: end_date = "Current" else: end_date = experience['end_date'] exp_html = """ <b>Company</b> : """ + experience['company']['name'] + """<br> <b>Title</b> : """ + experience['title'] + """<br> <b>Start Date</b> : """ + experience['start_date'] + """<br> <b>End Date</b> : """ + end_date + """<br> <b>Description</b> : """ + experience['description'][:100] + """...<br> <p> <a class="text-secondary" href="/user/remove_experience/?experience_id=""" + experience[ 'id'] + """"> <i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i> </a> </p>""" my_experience = my_experience + exp_html + "<hr>" # education my_education = "" if not session['education']: my_education = my_education + """<a class="text-info">No Education available</a>""" else: for education in session['education']: edu_html = """ <b>Organization</b> : """ + education['organization']['name'] + """<br> <b>Title</b> : """ + education['title'] + """<br> <b>Start Date</b> : """ + education['start_date'] + """<br> <b>End Date</b> : """ + education['end_date'] + """<br> <p> <a class="text-secondary" href="/user/remove_education/?education_id=""" + education[ 'id'] + """"> <i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i> </a> </p>""" my_education = my_education + edu_html + "<hr>" # personal TOPIC = { 'firstname': 'Firstname', 'lastname': 'Lastname', 'about': 'About', 'profil_title': 'Title', 'birthdate': 'Birth Date', 'contact_email': 'Contact Email', 'contact_phone': 'Contact Phone', 'postal_address': 'Postal Address', 'education': 'Education' } my_personal = "" for topicname in TOPIC.keys(): if session['personal'][topicname].get('claim_value'): text = session['personal'][topicname][ 'claim_value'] + ' (' + session['personal'][topicname][ 'privacy'] + ')' my_personal += """<b>""" + TOPIC[ topicname] + """</b> : """ + text + """<br>""" # Alias if session['username'] != ns.get_username_from_resolver( session['workspace_contract'], mode): display_alias = False my_access = "" else: display_alias = True my_access = "" access_list = ns.get_alias_list(session['workspace_contract'], mode) for access in access_list: if access['username'] == session['username']: access_html = """ <span>""" + session['username'] + """ (logged) </span>""" else: access_html = """ <span>""" + access['username'] + """ : """ + access['email'] + """ <a class="text-secondary" href="/user/remove_access/?alias_to_remove=""" + access[ 'username'] + """"> <i data-toggle="tooltip" class="fa fa-trash-o" title="Remove"> </i> </a> </span>""" my_access += access_html + """<br>""" # credentials/certificates my_certificates = "" if not session['all_certificate']: my_certificates = my_certificates + """<a class="text-info">No Credential available</a>""" else: for counter, certificate in enumerate(session['all_certificate'], 1): try: cert_html = """<hr> <b>Credential Type</b> : """ + certificate['credentialSubject'][ 'credentialCategory'].capitalize() + """<br> <b>Privacy</b> : """ + certificate['privacy'].capitalize( ) + """ credential<br> <b>Issuer name</b> : """ + certificate['credentialSubject'].get( 'companyName', 'None').capitalize() + """ <br> <b>Issuer DID</b> : """ + certificate['issuer'] + """<br> <b>Issuance Date</b> : """ + certificate['proof']['created'] + """<br>""" except: cert_html = """<hr> <b>#</b> : """ + str(counter) + "<br>" cert_html += """<b></b><a href= """ + mode.server + """certificate/?certificate_id=did:talao:""" + mode.BLOCKCHAIN + """:""" + session[ 'workspace_contract'][2:] + """:document:""" + str( certificate['doc_id'] ) + """>Display Credential</a><br> <p> <a class="text-secondary" href="/user/remove_certificate/?certificate_id=""" + certificate[ 'id'] + """"> <i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i> </a> <a class="text-secondary" href=/data/?dataId=""" + certificate['id'] + """:certificate> <i data-toggle="tooltip" class="fa fa-search-plus" title="Credential data">   </i> </a> <a class="text-secondary" onclick="copyToClipboard('#p""" + str( counter ) + """')"> <i data-toggle="tooltip" class="fa fa-clipboard" title="Copy Credential Link">   </i> </a> <a class="text-secondary" href=/user/swap_privacy/?certificate_id=""" + certificate[ 'id'] + """&privacy=""" + certificate['privacy'] + """> <i data-toggle="tooltip" title="Change privacy" class="fas fa-redo" >   </i> </a> </p> <p hidden id="p""" + str( counter ) + """" >""" + mode.server + """guest/certificate/?certificate_id=did:talao:""" + mode.BLOCKCHAIN + """:""" + session[ 'workspace_contract'][ 2:] + """:document:""" + str( certificate['doc_id']) + """</p>""" my_certificates += cert_html return render_template('person_identity.html', **session['menu'], display_alias=display_alias, personal=my_personal, experience=my_experience, education=my_education, skills=my_skills, certificates=my_certificates, access=my_access, partner=my_partner, issuer=my_issuer, digitalvault=my_file, nb_certificates=len(session['all_certificate'])) # specific to company if session['type'] == 'company': # init employee table employee = company.Employee(session['host'], mode) # Admin list and add admin my_admin_start = """<a href="/company/add_employee/?role_to_add=admin">Add an Admin</a><hr> """ my_admins = "" admin_list = employee.get_list('admin', 'all') for admin in admin_list: admin_html = """ <span>""" + admin['username'] + """ => """ + admin['identity_name'] + """ <a class="text-secondary" href="/user/remove_access/?employee_to_remove=""" + admin[ 'username'] + """"> <i data-toggle="tooltip" class="fas fa-trash-alt" title="Remove"> </i> </a> </span>""" my_admins += admin_html + """<br>""" my_admins = my_admin_start + my_admins # Issuer list and add issuer within a company my_managers_start = """<a href="/company/add_employee/?role_to_add=issuer">Add an Issuer</a><hr> """ my_managers = "" manager_list = employee.get_list('issuer', 'all') for manager in manager_list: manager_html = """ <span>""" + manager['username'] + """ => """ + manager[ 'identity_name'] + """ <a class="text-secondary" href="/user/remove_access/?employee_to_remove=""" + manager[ 'username'] + """"> <i data-toggle="tooltip" class="fas fa-trash-alt" title="Remove"> </i> </a> </span>""" my_managers += manager_html + """<br>""" my_managers = my_managers_start + my_managers # Reviewer list and add reviewers my_reviewers_start = """<a href="/company/add_employee/?role_to_add=reviewer">Add a Reviewer</a><hr> """ my_reviewers = "" reviewer_list = employee.get_list('reviewer', 'all') for reviewer in reviewer_list: reviewer_html = """ <span>""" + reviewer['username'] + """ => """ + reviewer[ 'identity_name'] + """ <a class="text-secondary" href="/user/remove_access/?employee_to_remove=""" + reviewer[ 'username'] + """"> <i data-toggle="tooltip" class="fas fa-trash-alt" title="Remove"> </i> </a> </span>""" my_reviewers += reviewer_html + """<br>""" my_reviewers = my_reviewers_start + my_reviewers # Company campaigns if session['role'] not in ['issuer', 'reviewer']: my_campaign = """<a href="/company/add_campaign/">Add a Campaign</a><hr> """ else: my_campaign = "" campaign = company.Campaign(session['host'], mode) campaign_list = campaign.get_list() if campaign_list: for camp in campaign_list: try: description = json.loads( camp['description'])['description'] except: description = camp.get('description', 'unkown') campaign_html = camp.get( 'campaign_name', 'unknown') + """ : """ + description[:100] remove_option = """... <a class="text-secondary" href="/company/remove_campaign/?campaign_name=""" + camp.get( 'campaign_name', 'unkown') + """"> <i data-toggle="tooltip" class="fas fa-trash-alt" title="Remove"> </i> </a>""" if session['role'] not in ['issuer', 'reviewer']: campaign_html += remove_option my_campaign += campaign_html + "<hr>" # company settings if session['role'] in ['creator', 'admin']: my_personal = """<a href="/user/picture/">Change Logo</a><br> <a href="/user/signature/">Change Signature</a><br>""" else: my_personal = "" for topicname in COMPANY_TOPIC: if session['personal'][topicname]['claim_value']: topicname_value = session['personal'][topicname]['claim_value'] topicname_privacy = ' (' + session['personal'][topicname][ 'privacy'] + ')' my_personal = my_personal + """ <span><b>""" + topicname + """</b> : """ + topicname_value + topicname_privacy + """ </span><br>""" if session['role'] in ['creator', 'admin']: my_personal = my_personal + """<a href="/user/update_company_settings/">Update Company Data</a>""" # credentials if not session['all_certificate']: my_certificates = """<a class="text-info">No Credentials available</a>""" else: my_certificates = """<div style="height:300px;overflow:auto;overflow-x: hidden;">""" for counter, certificate in enumerate(session['all_certificate'], 1): if '@context' in certificate: if certificate['credentialSubject'][ 'credentialCategory'] == "reference": cert_html = """<hr> <b>Issuer Name</b> : """ + certificate['credentialSubject'][ 'companyName'] + """<br> <b>Certificate Type</b> : """ + certificate['credentialSubject'][ 'credentialCategory'].capitalize() + """<br> <b>Title</b> : """ + certificate['credentialSubject']['offers'][ 'title'] + """<br> <b>Description</b> : """ + certificate['credentialSubject']['offers'][ 'description'] + """<br> <b></b><a href= """ + mode.server + """certificate/?certificate_id=did:talao:""" + mode.BLOCKCHAIN + """:""" + session[ 'workspace_contract'][ 2:] + """:document:""" + str( certificate['doc_id'] ) + """>Display Certificate</a><br> <p> <a class="text-secondary" href="/user/remove_certificate/?certificate_id=""" + certificate[ 'id'] + """"> <i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i> </a> <a class="text-secondary" href=/data/?dataId=""" + certificate[ 'id'] + """:certificate> <i data-toggle="tooltip" class="fa fa-search-plus" title="Data Check">   </i> </a> <a class="text-secondary" onclick="copyToClipboard('#p""" + str( counter) + """')"> <i data-toggle="tooltip" class="fa fa-clipboard" title="Copy Certificate Link"></i> </a> </p> <p hidden id="p""" + str(counter ) + """" >""" + mode.server + """guest/certificate/?certificate_id=did:talao:""" + mode.BLOCKCHAIN + """:""" + session[ 'workspace_contract'][ 2:] + """:document:""" + str( certificate['doc_id'] ) + """</p>""" else: cert_html = """<a class="text-secondary" href="/user/remove_certificate/?certificate_id=""" + certificate[ 'id'] + """"> <i data-toggle="tooltip" class="far fa-trash-alt" title="Remove">   </i> </a> <a class="text-secondary" href=/data/?dataId=""" + certificate[ 'id'] + """:certificate> <i data-toggle="tooltip" class="fa fa-search-plus" title="Data Check">   </i> </a>""" logging.warning('incorrect certificate type') my_certificates = my_certificates + cert_html my_certificates = my_certificates + """</div>""" return render_template('company_identity.html', **session['menu'], admin=my_admins, manager=my_managers, reviewer=my_reviewers, personal=my_personal, skills=my_skills, issuer=my_issuer, certificates=my_certificates, company_campaign=my_campaign, digitalvault=my_file)
def user_advanced(mode): check_login() # account my_account = "" if session['username'] == 'talao': relay_eth = mode.w3.eth.getBalance( mode.relay_address) / 1000000000000000000 talaogen_eth = mode.w3.eth.getBalance( mode.Talaogen_public_key) / 1000000000000000000 my_account = my_account + """<br><br> <b>Relay ETH</b> : """ + str(relay_eth) + """<br> <b>Talao Gen ETH</b> : """ + str(talaogen_eth) + """<br>""" # API credentials = ns.get_credentials(session['username'], mode) if not credentials: my_api = """<a class="text-info">Contact [email protected] to get your API credentials.</a>""" else: my_api = """ <div style="height:200px;overflow:auto;overflow-x: hidden;">""" for cred in credentials: my_api = my_api + """ <b>client_id</b> : """ + cred['client_id'] + """<br> <b>client_secret</b> : """ + cred['client_secret'] + """<br> <b>client_uri</b> : """ + cred['client_uri'] + """<br> <b>redirect_uri</b> : """ + cred['redirect_uris'][0] + """<br> <b>scope</b> : """ + cred['scope'] + """<br> <b>grant_types</b> : """ + " ".join(cred['grant_types']) + """<br><hr> """ my_api = my_api + """</div>""" # Alias if session['username'] != ns.get_username_from_resolver( session['workspace_contract'], mode): my_access = "" else: my_access = "" access_list = ns.get_alias_list(session['workspace_contract'], mode) for access in access_list: if access['username'] == session['username']: access_html = """ <span>""" + session['username'] + """ (logged) </span>""" else: access_html = """ <span>""" + access['username'] + """ : """ + access['email'] + """ <a class="text-secondary" href="/user/remove_access/?username_to_remove=""" + access[ 'username'] + """"> <i data-toggle="tooltip" class="fa fa-trash-o" title="Remove"> </i> </a> </span>""" my_access = my_access + access_html + """<br>""" # DID and DID document DID = DID_Document = "No DID available" DID = ns.get_did(session['workspace_contract'], mode) if not DID: logging.warning('No DID available in local database') if DID.split(':')[1] == 'tz': # did:tz has no driver for Universal resolver DID_Document = json.dumps(json.loads(didkit.resolveDID(DID, '{}')), indent=4) else: resolver = 'https://resolver.identity.foundation/' #resolver = 'https://dev.uniresolver.io/1.0/identifiers/' r = requests.get(resolver + DID) if r.status_code == 200: DID_Document = json.dumps(r.json(), indent=4) else: logging.warning( 'DID Document resolution has been rejected by Universal Resolver.' ) # Repository data role = session['role'] if session.get("role") else 'None' referent = session['referent'] if session.get('referent') else 'None' my_advanced = """ <b>Repository smart contract</b> : """ + session[ 'workspace_contract'] + """<br> <b>Repository controller</b> : """ + session['address'] + """<br> <b>DID</b> : """ + DID + """<br> <b>All DID attached</b> : """ + "<br>".join( ns.get_did_list(session['workspace_contract'], mode)) + """<br> <hr> <b>Role</b> : """ + role + """<br> <b>Referent</b> : """ + referent + """<br>""" my_advanced = my_advanced + my_account # Partners if session['partner'] == []: my_partner = """<a class="text-info">No Partners available</a>""" else: my_partner = "" for partner in session['partner']: partner_username = partner['username'] if partner['authorized'] == 'Pending': partner_html = """ <span><a href="/user/issuer_explore/?issuer_username=""" + partner_username + """">""" + partner_username + """</a> (""" + partner[ 'authorized'] + """ - """ + partner['status'] + """ ) <a class="text-secondary" href="/user/reject_partner/?partner_username=""" + partner_username + """&partner_workspace_contract=""" + partner[ 'workspace_contract'] + """"> <i data-toggle="tooltip" class="fa fa-thumbs-o-down" title="Reject this Partnership.">   </i> </a> <a class="text-secondary" href="/user/authorize_partner/?partner_username=""" + partner_username + """&partner_workspace_contract=""" + partner[ 'workspace_contract'] + """"> <i data-toggle="tooltip" class="fa fa-thumbs-o-up" title="Authorize this Parnership."></i> </a> </spn>""" elif partner['authorized'] == 'Removed': partner_html = """ <span><a href="/user/issuer_explore/?issuer_username=""" + partner_username + """">""" + partner_username + """</a> (""" + partner[ 'authorized'] + """ - """ + partner['status'] + """ ) </spn>""" else: partner_html = """ <span><a href="/user/issuer_explore/?issuer_username=""" + partner_username + """">""" + partner_username + """</a> (""" + partner[ 'authorized'] + """ - """ + partner['status'] + """ ) <a class="text-secondary" href="/user/remove_partner/?partner_username=""" + partner_username + """&partner_workspace_contract=""" + partner[ 'workspace_contract'] + """"> <i data-toggle="tooltip" class="fa fa-trash-o" title="Remove this Partnership.">   </i> </spn>""" my_partner = my_partner + partner_html + """<br>""" # Issuer for document, they have an ERC725 key 20002 if session['issuer'] == []: my_issuer = """ <a class="text-info">No Referents available</a>""" else: my_issuer = "" for one_issuer in session['issuer']: issuer_username = ns.get_username_from_resolver( one_issuer['workspace_contract'], mode) issuer_username = '******' if not issuer_username else issuer_username issuer_html = """ <span>""" + issuer_username + """ <a class="text-secondary" href="/user/remove_issuer/?issuer_username=""" + issuer_username + """&issuer_address=""" + one_issuer[ 'address'] + """"> <i data-toggle="tooltip" class="fa fa-trash-o" title="Remove">   </i> </a> <a class="text-secondary" href="/user/issuer_explore/?issuer_username=""" + issuer_username + """"> <i data-toggle="tooltip" class="fa fa-search-plus" title="Data Check"></i> </a> </span>""" my_issuer = my_issuer + issuer_html + """<br>""" return render_template('advanced.html', **session['menu'], access=my_access, private_key_value=helpers.ethereum_to_jwk256k( session['private_key_value']), partner=my_partner, issuer=my_issuer, did_doc=DID_Document, did=DID, api=my_api, advanced=my_advanced)
def generate_X509(workspace_contract, password, mode): did = helpers.ethereum_pvk_to_DID(session['private_key_value'], session['method']) talao_issuer = x509.Name([ x509.NameAttribute(NameOID.COUNTRY_NAME, "FR"), x509.NameAttribute(NameOID.LOCALITY_NAME, "Paris"), x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Talao"), x509.NameAttribute(NameOID.DOMAIN_COMPONENT, "talao.io"), #x509.NameAttribute(NameOID.POSTAL_ADDRESS, "16 rue de wattignies, 75012 Paris"), x509.NameAttribute(NameOID.COMMON_NAME, "talao"), x509.NameAttribute(NameOID.USER_ID, did), ]) # upload the Talao private rsa key talao_rsa_private_key = privatekey.get_key(mode.owner_talao, 'rsa_key', mode) if type(talao_rsa_private_key) == bytes: talao_rsa_key = serialization.load_pem_private_key( talao_rsa_private_key, password=None, ) else: talao_rsa_key = serialization.load_pem_private_key( bytes(talao_rsa_private_key, 'utf-8'), password=None, ) # get identity data address = contractsToOwners(workspace_contract, mode) rsa_privatekey = privatekey.get_key(address, 'rsa_key', mode) if type(rsa_privatekey) == bytes: subject_key = serialization.load_pem_private_key( rsa_privatekey, password=None, ) else: subject_key = serialization.load_pem_private_key( bytes(rsa_privatekey, 'utf-8'), password=None, ) #profil = read_profil(workspace_contract, mode, 'full')[0] #name = profil['firstname'] + ' ' + profil['lastname'] username = ns.get_username_from_resolver(workspace_contract, mode) email = ns.get_data_from_username(username, mode)['email'] subject = x509.Name([ #x509.NameAttribute(NameOID.COUNTRY_NAME, "FR"), #x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, ""), #x509.NameAttribute(NameOID.LOCALITY_NAME, "Paris"), #x509.NameAttribute(NameOID.ORGANIZATION_NAME, ""), x509.NameAttribute(NameOID.COMMON_NAME, session['name']), x509.NameAttribute(NameOID.EMAIL_ADDRESS, email), x509.NameAttribute(NameOID.USER_ID, did), ]) cert = x509.CertificateBuilder() cert = cert.subject_name(subject) # talao as CA cert = cert.issuer_name(talao_issuer) cert = cert.public_key(subject_key.public_key()) cert = cert.serial_number(x509.random_serial_number()) cert = cert.not_valid_before(datetime.datetime.utcnow() - datetime.timedelta(days=1)) cert = cert.not_valid_after(datetime.datetime.utcnow() + datetime.timedelta(days=3650)) cert = cert.add_extension(x509.BasicConstraints(ca=False, path_length=None), critical=True) cert = cert.add_extension(x509.ExtendedKeyUsage([ x509.oid.ExtendedKeyUsageOID.EMAIL_PROTECTION, x509.oid.ExtendedKeyUsageOID.CODE_SIGNING, x509.oid.ExtendedKeyUsageOID.TIME_STAMPING ]), critical=True) #cert=cert.add_extension(x509.SubjectAlternativeName([x509.RFC822Name(email), x509.OtherName(NameOID.COMMON_NAME, bytes(did, 'utf-8'))]),critical=True,) #cert=cert.add_extension(x509.SubjectAlternativeName([x509.OtherName(NameOID.COMMON_NAME, bytes(did, 'utf-8'))]),critical=True,) cert = cert.add_extension(x509.KeyUsage(digital_signature=True, key_encipherment=True, data_encipherment=True, key_agreement=True, content_commitment=False, key_cert_sign=False, crl_sign=False, encipher_only=False, decipher_only=False), critical=True) cert = cert.sign(talao_rsa_key, hashes.SHA256()) # Write our certificate out to disk. filename = mode.uploads_path + workspace_contract + ".pem" with open(filename, "wb") as f: f.write(cert.public_bytes(serialization.Encoding.PEM)) certificate = pkcs12.serialize_key_and_certificates( bytes(did, 'utf-8'), subject_key, cert, None, serialization.BestAvailableEncryption(bytes(password, 'utf-8'))) filename = mode.uploads_path + workspace_contract + ".p12" with open(filename, "wb") as f: f.write(certificate) return True