Esempio n. 1
0
def create_new_apikey(email):
    # TODO: we should put this in a while loop in the extremely unlikely chance
    # there is a collision of UUIDs in the database. It is assumed at this point
    # in the flow that the DB was already checked for this email address, and
    # no key exists yet.
    new_key = Key(apikey=uuid.uuid4().hex, email=email)

    try:
        db.session.add(new_key)
        db.session.commit()

        return standardize_response(payload=dict(data=new_key.serialize))
    except Exception as e:
        logger.error(e)
        return standardize_response(status_code=500)
Esempio n. 2
0
def create_new_apikey(email, session):
    # TODO: we should put this in a while loop in the extremely unlikely chance
    # there is a collision of UUIDs in the database. It is assumed at this point
    # in the flow that the DB was already checked for this email address, and
    # no key exists yet.
    new_key = Key(apikey=get_new_key_value(), email=email)

    try:
        session.add(new_key)
        session.commit()

        return new_key
    except Exception as e:
        auth_logger.exception(e)
        return None
Esempio n. 3
0
def create_new_apikey(email):
    # TODO: we should put this in a while loop in the extremely unlikely chance
    # there is a collision of UUIDs in the database. It is assumed at this point
    # in the flow that the DB was already checked for this email address, and
    # no key exists yet.
    new_key = Key(
        apikey=uuid.uuid4().hex,
        email=email
    )

    try:
        db.session.add(new_key)
        db.session.commit()

        return standardize_response(new_key.serialize, None, "ok")
    except Exception as e:
        logger.error(e)
        errors = [{"code": "internal-server-error"}]
        return standardize_response(None, errors, "internal server error", 500)
Esempio n. 4
0
def register_complete():
    user_id = current_user.get_id()
    database_id = User.get_database_id(user_id)

    data = cbor.decode(request.get_data())
    client_data = ClientData(data["clientDataJSON"])
    att_obj = AttestationObject(data["attestationObject"])

    auth_data = server.register_complete(session["state"], client_data,
                                         att_obj)

    webauthn_data = Webauthn.query.filter_by(user_id=database_id).first()

    new_key = Key(
        name=f"Key {webauthn_data.number + 1}",
        aaguid=auth_data.credential_data.aaguid,
        credential_id=auth_data.credential_data.credential_id,
        client_data_hash=hashlib.sha256(client_data).digest(),
        public_key=cbor.encode(auth_data.credential_data.public_key),
        counter=att_obj.auth_data.counter,
        attestation=data["attestationObject"],
        info="TODO",
        last_access=datetime.utcnow(),
        created=datetime.utcnow(),
        user_id=database_id,
    )

    if webauthn_data.number <= 10:
        webauthn_data.number += 1
        db.session.add(webauthn_data)
        db.session.add(new_key)
        db.session.commit()
        return cbor.encode({"status": "OK"})
    else:
        flash(_("Too much keys registered"))
        return (
            cbor.encode({
                "status": "error",
                "reason": "Too much keys registered"
            }),
            401,
        )
Esempio n. 5
0
def init_database():

    db.create_all()

    user1 = User(username="******", email="*****@*****.**")
    user1.set_password("[email protected]<")
    user2 = User(username="******", email="*****@*****.**")
    user2.set_password("m7ZTbjQdwuUFU/Zy6la+k6uUtniBExIgEhmBPduKexM=")
    user3 = User(username="******", email="*****@*****.**")
    user3.set_password("wselfknskjdksdaiujlj")
    db.session.add(user1)
    db.session.add(user2)
    db.session.add(user3)

    user4 = User(username="******", email="*****@*****.**")
    user4.set_password("c1c149afbf4c8996fb92427ae41e4649b934ca")

    user5 = User(username="******", email="*****@*****.**")
    user5.set_password("9df1c362e4df3e51edd1acde9")

    user6 = User(username="******", email="*****@*****.**")
    user6.set_password("ukehjwqbjhwqkbejw")

    user7 = User(username="******", email="*****@*****.**")
    user7.set_password("qghjoiwjiklwek")

    user8 = User(username="******", email="*****@*****.**")
    user8.set_password("2398wqshjduiwd8932")

    db.session.add(user4)
    db.session.add(user5)
    db.session.add(user6)
    db.session.add(user7)
    db.session.add(user8)
    db.session.commit()

    got_user4 = User.query.filter_by(username="******").first()
    webauthn_for_user4 = Webauthn(
        number=0, is_enabled=True, user_id=got_user4.did
    )

    got_user5 = User.query.filter_by(username="******").first()
    webauthn_for_user5 = Webauthn(
        number=1,
        is_enabled=True,
        user_identifier=b"\x7e" + os.urandom(31),
        user_id=got_user5.did,
    )

    device = SoftWebauthnDevice()

    pkcco = cbor.decode(
        cbor.encode(
            {
                "publicKey": {
                    "rp": {"id": TestConfig.RP_ID, "name": "Demo server"},
                    "user": {
                        "id": webauthn_for_user5.user_identifier,
                        "icon": "https://example.com/image.png",
                        "name": got_user5.username,
                        "displayName": f"Tests - {got_user5.username}",
                    },
                    "timeout": 30000,
                    "challenge": (
                        b"\xcc\x8e\x03\x04\xdb6bd\xa0d\x98\xa9Vz0p.x"
                        b"\xa4\xf5\xd4\xf6%\xf8\x86zt\x1d\ny\xf9<"
                    ),
                    "pubKeyCredParams": [
                        {"alg": -7, "type": "public-key"},
                        {"alg": -8, "type": "public-key"},
                        {"alg": -37, "type": "public-key"},
                        {"alg": -257, "type": "public-key"},
                    ],
                    "excludeCredentials": [],
                    "authenticatorSelection": {
                        "userVerification": "discouraged",
                        "authenticatorAttachment": "cross-platform",
                    },
                }
            }
        )
    )
    attestation = device.create(pkcco, f"https://{TestConfig.RP_ID}")
    KeyList.priv_one = device.private_key

    att_obj = AttestationObject(attestation["response"]["attestationObject"])

    client_data = ClientData(attestation["response"]["clientDataJSON"])

    auth_data = att_obj.auth_data

    key_for_user5 = Key(
        name="Key 1",
        aaguid=auth_data.credential_data.aaguid,
        credential_id=auth_data.credential_data.credential_id,
        client_data_hash=hashlib.sha256(client_data).digest(),
        public_key=cbor.encode(auth_data.credential_data.public_key),
        counter=att_obj.auth_data.counter,
        attestation=attestation["response"]["attestationObject"],
        info="TODO",
        last_access=datetime.utcnow(),
        created=datetime.utcnow(),
        user_id=got_user5.did,
    )

    db.session.add(webauthn_for_user4)
    db.session.add(webauthn_for_user5)
    db.session.add(key_for_user5)

    # Users for activating Webauthn
    got_user6 = User.query.filter_by(username="******").first()
    webauthn_for_user6 = Webauthn(
        number=2, is_enabled=False, user_id=got_user6.did
    )

    got_user7 = User.query.filter_by(username="******").first()
    webauthn_for_user7 = Webauthn(
        number=1, is_enabled=False, user_id=got_user7.did
    )
    db.session.add(webauthn_for_user6)
    db.session.add(webauthn_for_user7)

    got_user8 = User.query.filter_by(username="******").first()
    webauthn_for_user8 = Webauthn(
        number=1, is_enabled=False, user_id=got_user8.did
    )
    first_key_for_user8 = Key(
        name="Key 1",
        aaguid=b"",
        credential_id=b"againnotrealbutrequiredtolistkeyproperly",
        client_data_hash=hashlib.sha256(b"a").digest(),
        public_key=b"",
        counter=0,
        attestation=b"",
        info="TODO",
        last_access=datetime.utcnow(),
        created=datetime.utcnow(),
        user_id=got_user8.did,
    )
    second_key_for_user8 = Key(
        name="Key 2",
        aaguid=b"",
        credential_id=b"notrealbutnecessarytodelete",
        client_data_hash=hashlib.sha256(b"a").digest(),
        public_key=b"",
        counter=0,
        attestation=b"",
        info="TODO",
        last_access=datetime.utcnow(),
        created=datetime.utcnow(),
        user_id=got_user8.did,
    )
    db.session.add(webauthn_for_user8)
    db.session.add(first_key_for_user8)
    db.session.add(second_key_for_user8)

    db.session.commit()

    yield db

    db.drop_all()
Esempio n. 6
0
def create_keys():
	keys = ["""PuTTY-User-Key-File-2: ssh-rsa
		Encryption: none
		Comment: rsa-key-20150716
		Public-Lines: 6
		AAAAB3NzaC1yc2EAAAABJQAAAQEA2J+UaBzus4pQxFK+wgtANRKXXu/kUH3wjKjJ
		UYoMkYQupclyyPXmSqTT3tKIIfMehWsX6MuJw15mlBoofEwZ+46KRXmMnIO6wUor
		MD93TaRzUifufh3g0OUqxhtqZM5mStz/4wwKiZQ3HMxmhOxj+sx5ZF1DAEGOACF6
		jzQ+oy1vkRIstw5Bn26W6cji+rQLZvw0+ZPt21gXA0W9QMjDEGwl4jg887IwJSVT
		Mm61YFiIt2TEQx1GA+kBIKPs8v7y38WRRkNm9eRX0ZCNfT9bLQVxCRtyn6vpw7dK
		yzlQ+LTyIxUH0+NDpmwtdCjTuAA6DOEGfwmRQ91a/qc8V8x6Aw==
		Private-Lines: 14
		AAABAHryydo570NOgN4hICjxoPuHF6SV/h/YxsxfzDUyrS/+6gsReH/lgrS+amm1
		wuLWGD3i1jgE0aY8f2jQk4TRPy3pHgvBhyhmcOo+2j36gfuihqRALWosojFfeSRU
		v9hZeFQA5EKYIagIA5q5M0SGKuhKihZeciK9bEVDbxMB+gmVSLJtF1LXqpezWWBV
		FwU4f8ZBW6J2tL0/sOxnv0ETmikI1Hyvq6BCLDRl4Rx/4L1DMjT7MDeh1Bk4Zv7o
		6wkHXcnv2+7tfluRJrNrK8n9B0gomYeSvy26CoyU4UlkOuUhwowIvhIHbHgPb++D
		1dTkd5o2fsKG5L47uZlfx0oqyj0AAACBAPDgK9mBpq0oeKUcGXCbWcDrPI36WDyx
		E/jDyjgMBEg9fSQkxBzumtBFIX7YXrbwSma1+uDNIXkBxRNKfPb7F9BCmj0YLbBw
		iBpggFWMDMgt+L6/avlIf9k3R1DSGKWKCFZAwtLYSqBzjb9bbofOYQ3n3BzhQY3o
		EC9vMGq6SOpLAAAAgQDmOZPUyAP6Lrnyzp+fJWR1jCftKiFmh36RMT6h8t7lHOuj
		vTJriTUR/Zl4fS6va7xPpBDXpkAyvVLW2BKtMSNMmuY+ZIunIPr5QSKhpbG27aCX
		l8ZNEsvllL7/Uz9P2vc465gjDJe/g+fNcrmiZlXHIYBTa51kJQJqpc4Q9kRcKQAA
		AIEAnZ4vYj653mnmALzi6jXYYp8bW5aVYBknfaqiu6GlVplnqi6s/bg10DPcqE6I
		tJY+uXlV4dEuzqUagATXtjB9tsxW9XqOvVTk8+tJKlJljBK8yb8+yOMWRMaYz7P8
		iviZXg0gTxN/Tkw8iMFRAP3Ps7c20xwKrEWL+4mgeYK/xoM=
		Private-MAC: f687908ffc183691b8b0932a63ea315cceead1da
		""",
		"""PuTTY-User-Key-File-2: ssh-rsa
		Encryption: none
		Comment: rsa-key-20150717
		Public-Lines: 6
		AAAAB3NzaC1yc2EAAAABJQAAAQEAwDaeYA5DpBQvrzlZcbaiY6R5xO6Tnb8UwgPe
		Cqk5NyCt7dgd8/zrF8shSMAt68J/vjxv05jKiO1mu8C86LlT84sMPR8Z1IOtKyxa
		gJO0nLgnN3v3Oj3Nq4ktUh+QCFt7jeXUDfup10AkWkArF6idS48oMJxQiOxl5VF7
		45W3//gIUfasSIsRc4l5KPWk61/GpljIsgePVHIOwdwaBqLVCPWk5al5GUZQgIj9
		Cw3TYTNZAXQqKupyS1UsSamV/WM15eY2ufqXD/ZuOiZqOtEdFpxTacgGC0A5+qwl
		cD3aMdEGhsA43oi70ODD2PBL11cvbFSH2KqrR6gPd/uGFE+d+w==
		Private-Lines: 14
		AAABABTHoms/z/YQBSezLEOlCqL9Bj7Nrxf4+1M+sDiA/0Q64l7m7ns97+blhw7I
		qwS7FLqev/szHNCIXiIirKOJqDYBMcFrJWMVJ3pJ+/I5e082gMe6X+qe5c1a8CSN
		ymHEs2lJR1t1Jx4wcqH5GWpXavNpbCDuTeVJ/S2MRL6oZus9OJF7yVBYro/GgsiR
		VIsUd3I337ye35XRmNtfJNof/6odBQC2TTbZL5UV/lzfDc3OeVlxurdNUupfJves
		4P7btuktN4jIjVgpVVvmQinxEdy5qm/Dk/X2rg5bhW8MNnpos5AHAKisEAaI4PVY
		RQiREVb9p1DWekS/XEx06UmS0U0AAACBAPA+oW+w2mweR64E5zJyN3OokrhcL/4S
		I48WUhLk7JMqpY0PFjjns+KcGw1jNIlx1li9kV5Ow6IfLJ+Cd13+WVsQDCQOn+lI
		uHnYa4PxqmTW8tkM4TfBLMm3RzvtP2Pv8KlGKdxaUqPxKuLAdMjVwn7351jOR44A
		IqGHzv6IjNDHAAAAgQDM0Zw2cHxWo1WRZM4kcqsCHUE6xRn9GHu5vlnyQA5E+MOp
		j/z19jl1wWJ+zMoKP6cdyIbMvJuRNDhkVDMWyZl+6PfQ+huSV7+ez6kCRTDTBfQR
		0xW1pummPpZXP81+VZfgTFWWa/6Do0PAOwsEclbQD8LjXqMyS5tYLPMZozS9LQAA
		AIBM2e0VuuC1aN+75b/rw3mo7lFiytqN1nUh1uLRAvMN6/ztKz9MihyckznLW4p2
		qD6MnTIzSuEFxJ1jyqECXIvg/OtgEG8oJaoGmNyujxVLQZiKIX+kbzNCRGmE0MZ0
		czP1ZOswkdrXf7yOdOzAVC/JEUzThAEb8ILyrecgI1s9NQ==
		Private-MAC: 07f204d713c1b386f77ba0cc5d0dfbdb9b9a4b7b"""]
	id = 2
	for key in keys:
		ssh_key, user_id = key, "terror_admin{0}@gmail.com".format(id)
        	key = Key(id=id, ssh_key=ssh_key, user_id=user_id)
        	db.session.add(key)
        	db.session.commit()
		id += 3