def file_update_complete_response( volume, reply ):
"""
Sign a protobuf ms_reply structure, using Syndicate's private key
"""
import common.api as api
# sign each directory entry in the reply with the Syndicate key,
# so the MS attests to its index information
for ent_pb in reply.listing.entries:
if ent_pb.type == MSENTRY_TYPE_DIR:
# sign the MS-related fields
ent_pb.ms_signature = ""
ent_str = ent_pb.SerializeToString()
sig = api.sign_data( SYNDICATE_PRIVKEY, ent_str )
sigb64 = base64.b64encode( sig )
ent_pb.ms_signature = sigb64
# sign the entire reply
reply.signature = ""
reply_str = reply.SerializeToString()
sig = api.sign_data( SYNDICATE_PRIVKEY, reply_str )
sigb64 = base64.b64encode( sig )
reply.signature = sigb64
reply_str = reply.SerializeToString()
return reply_str
def CreateAdmin( cls, email, owner_id, public_key, syndicate_private_key ):
"""
Create the admin user.
Called when the MS initializes itself for the first time
"""
import common.api as api
admin_cert = ms_pb2.ms_user_cert()
admin_cert.user_id = owner_id
admin_cert.email = email
admin_cert.public_key = public_key
admin_cert.admin_id = owner_id
admin_cert.max_volumes = -1
admin_cert.max_gateways = -1
admin_cert.is_admin = True
admin_cert.signature = ""
admin_cert_str = admin_cert.SerializeToString()
sig = api.sign_data( syndicate_private_key, admin_cert_str )
admin_cert.signature = base64.b64encode( sig )
return SyndicateUser.Create( admin_cert )
def CreateAdmin(cls, email, owner_id, public_key, syndicate_private_key):
"""
Create the admin user.
Called when the MS initializes itself for the first time
"""
import common.api as api
admin_cert = ms_pb2.ms_user_cert()
admin_cert.user_id = owner_id
admin_cert.email = email
admin_cert.public_key = public_key
admin_cert.admin_id = owner_id
admin_cert.max_volumes = -1
admin_cert.max_gateways = -1
admin_cert.is_admin = True
admin_cert.signature = ""
admin_cert_str = admin_cert.SerializeToString()
sig = api.sign_data(syndicate_private_key, admin_cert_str)
admin_cert.signature = base64.b64encode(sig)
return SyndicateUser.Create(admin_cert)
def register_make_openid_reply(oid_request, return_method, return_to, query):
"""
Generate a serialized ms_openid_provider_reply protobuf. This structure
will contain everything the client needs to know to authenticate to the MS's
OpenID provider. This includes (by argument) the way to redirect the client,
the URL to return to on authentication, and the query string.
Other information is supplied via the OPENID_* fields in MS.common.msconfig.
"""
# reply with the redirect URL
trust_root = OPENID_HOST_URL
immediate = GAEOpenIDRequestHandler.IMMEDIATE_MODE in query
redirect_url = oid_request.redirectURL(trust_root,
return_to,
immediate=immediate)
openid_reply = ms_pb2.ms_openid_provider_reply()
openid_reply.redirect_url = redirect_url
openid_reply.auth_handler = OPENID_PROVIDER_AUTH_HANDLER
openid_reply.username_field = OPENID_PROVIDER_USERNAME_FIELD
openid_reply.password_field = OPENID_PROVIDER_PASSWORD_FIELD
openid_reply.extra_args = urllib.urlencode(OPENID_PROVIDER_EXTRA_ARGS)
openid_reply.challenge_method = OPENID_PROVIDER_CHALLENGE_METHOD
openid_reply.response_method = OPENID_PROVIDER_RESPONSE_METHOD
openid_reply.redirect_method = return_method
openid_reply.signature = ""
data = openid_reply.SerializeToString()
#signature = storagetypes.Object.auth_sign( SYNDICATE_PRIVKEY, data );
signature = api.sign_data(SYNDICATE_PRIVKEY, data)
openid_reply.signature = base64.b64encode(signature)
data = openid_reply.SerializeToString()
return data
def file_complete_response(volume, reply):
"""
Sign a protobuf ms_reply structure, using Syndicate's private key
"""
import common.api as api
'''
# sign each directory entry in the reply with the Syndicate key,
# so the MS attests to its index information
for ent_pb in reply.listing.entries:
if ent_pb.type == MSENTRY_TYPE_DIR:
# sign the MS-related fields
ent_pb.ms_signature = ""
ent_str = ent_pb.SerializeToString()
sig = api.sign_data( msconfig.SYNDICATE_PRIVKEY, ent_str )
sigb64 = base64.b64encode( sig )
ent_pb.ms_signature = sigb64
'''
# blank the signature on directories; just sign the whole message
for ent_pb in reply.listing.entries:
if ent_pb.type == MSENTRY_TYPE_DIR:
ent_pb.ms_signature = ""
# sign the entire reply
reply.signature = ""
reply_str = reply.SerializeToString()
sig = api.sign_data(msconfig.SYNDICATE_PRIVKEY, reply_str)
sigb64 = base64.b64encode(sig)
reply.signature = sigb64
reply_str = reply.SerializeToString()
return reply_str
def register_make_openid_reply( oid_request, return_method, return_to, query ): """ Generate a serialized ms_openid_provider_reply protobuf. This structure will contain everything the client needs to know to authenticate to the MS's OpenID provider. This includes (by argument) the way to redirect the client, the URL to return to on authentication, and the query string. Other information is supplied via the OPENID_* fields in MS.common.msconfig. """ # reply with the redirect URL trust_root = OPENID_HOST_URL immediate = GAEOpenIDRequestHandler.IMMEDIATE_MODE in query redirect_url = oid_request.redirectURL( trust_root, return_to, immediate=immediate ) openid_reply = ms_pb2.ms_openid_provider_reply() openid_reply.redirect_url = redirect_url openid_reply.auth_handler = OPENID_PROVIDER_AUTH_HANDLER openid_reply.username_field = OPENID_PROVIDER_USERNAME_FIELD openid_reply.password_field = OPENID_PROVIDER_PASSWORD_FIELD openid_reply.extra_args = urllib.urlencode( OPENID_PROVIDER_EXTRA_ARGS ) openid_reply.challenge_method = OPENID_PROVIDER_CHALLENGE_METHOD openid_reply.response_method = OPENID_PROVIDER_RESPONSE_METHOD openid_reply.redirect_method = return_method openid_reply.signature = "" data = openid_reply.SerializeToString() #signature = storagetypes.Object.auth_sign( SYNDICATE_PRIVKEY, data ); signature = api.sign_data( SYNDICATE_PRIVKEY, data ) openid_reply.signature = base64.b64encode( signature ) data = openid_reply.SerializeToString() return data
