async def run(self, core, token):
try:
r = await self.main_mc_recv.receive()
assert r == self.Step.WaitPeer
try:
in_progress_ctx = await core.start_greeting_user(token=token)
await self.job_mc_send.send((True, None))
except Exception as exc:
await self.job_mc_send.send((False, exc))
r = await self.main_mc_recv.receive()
assert r == self.Step.GetGreeterSas
await self.job_mc_send.send(in_progress_ctx.greeter_sas)
r = await self.main_mc_recv.receive()
assert r == self.Step.WaitPeerTrust
try:
in_progress_ctx = await in_progress_ctx.do_wait_peer_trust()
await self.job_mc_send.send((True, None))
except Exception as exc:
await self.job_mc_send.send((False, exc))
r = await self.main_mc_recv.receive()
assert r == self.Step.GetClaimerSas
try:
choices = in_progress_ctx.generate_claimer_sas_choices(size=4)
await self.job_mc_send.send(
(True, None, in_progress_ctx.claimer_sas, choices))
except Exception as exc:
await self.job_mc_send.send((False, exc, None, None))
r = await self.main_mc_recv.receive()
assert r == self.Step.SignifyTrust
try:
in_progress_ctx = await in_progress_ctx.do_signify_trust()
await self.job_mc_send.send((True, None))
except Exception as exc:
await self.job_mc_send.send((False, exc))
r = await self.main_mc_recv.receive()
assert r == self.Step.GetClaimRequests
try:
in_progress_ctx = await in_progress_ctx.do_get_claim_requests()
await self.job_mc_send.send((
True,
None,
in_progress_ctx.requested_human_handle,
in_progress_ctx.requested_device_label,
))
except Exception as exc:
await self.job_mc_send.send((False, exc, None, None))
r = await self.main_mc_recv.receive()
assert r == self.Step.CreateNewUser
try:
human_handle, device_label, profile = await self.main_mc_recv.receive(
)
await in_progress_ctx.do_create_new_user(
author=core.device,
device_label=device_label,
human_handle=human_handle,
profile=profile,
)
await self.job_mc_send.send((True, None))
except InviteError as exc:
await self.job_mc_send.send((False, exc))
except Exception as exc:
await self.job_mc_send.send((False, exc))
except BackendNotAvailable as exc:
raise JobResultError(status="backend-not-available", origin=exc)
async def get_claim_requests(self):
await self.main_mc_send.send(self.Step.GetClaimRequests)
r, exc, human_handle, device_label = await self.job_mc_recv.receive()
if not r:
raise JobResultError(status="get-claim-request-failed", origin=exc)
return human_handle, device_label
async def create_new_user(self, human_handle, device_label, profile):
await self.main_mc_send.send(self.Step.CreateNewUser)
await self.main_mc_send.send((human_handle, device_label, profile))
r, exc = await self.job_mc_recv.receive()
if not r:
raise JobResultError(status="create-new-user-failed", origin=exc)
async def get_claimer_sas(self):
await self.main_mc_send.send(self.Step.GetClaimerSas)
r, exc, claimer_sas, choices = await self.job_mc_recv.receive()
if not r:
raise JobResultError(status="get-claimer-sas-failed", origin=exc)
return claimer_sas, choices
async def signify_trust(self):
await self.main_mc_send.send(self.Step.SignifyTrust)
r, exc = await self.job_mc_recv.receive()
if not r:
raise JobResultError(status="signify-trust-failed", origin=exc)
async def _do_folder_create(workspace_fs, path):
try:
await workspace_fs.mkdir(path)
except FileExistsError as exc:
raise JobResultError("already-exists") from exc
async def wait_peer_trust(self):
await self.main_mc_send.send(self.Step.WaitPeerTrust)
r, exc = await self.job_mc_recv.receive()
if not r:
raise JobResultError(status="wait-peer-trust-failed", origin=exc)
async def run(self, addr, config):
try:
async with backend_invited_cmds_factory(
addr=addr, keepalive=config.backend_connection_keepalive
) as cmds:
# Trigger handshake
await cmds.ping()
r = await self.main_oob_recv.receive()
assert r == self.Step.RetrieveInfo
try:
initial_ctx = await claimer_retrieve_info(cmds)
await self.job_oob_send.send((True, None, initial_ctx.claimer_email))
except Exception as exc:
await self.job_oob_send.send((False, exc, None))
r = await self.main_oob_recv.receive()
assert r == self.Step.WaitPeer
try:
in_progress_ctx = await initial_ctx.do_wait_peer()
await self.job_oob_send.send((True, None))
except Exception as exc:
await self.job_oob_send.send((False, exc))
r = await self.main_oob_recv.receive()
assert r == self.Step.GetGreeterSas
try:
choices = in_progress_ctx.generate_greeter_sas_choices(size=4)
await self.job_oob_send.send((True, None, in_progress_ctx.greeter_sas, choices))
except Exception as exc:
await self.job_oob_send.send((False, exc, None, None))
r = await self.main_oob_recv.receive()
assert r == self.Step.SignifyTrust
try:
in_progress_ctx = await in_progress_ctx.do_signify_trust()
await self.job_oob_send.send((True, None))
except Exception as exc:
await self.job_oob_send.send((False, exc))
r = await self.main_oob_recv.receive()
assert r == self.Step.GetClaimerSas
await self.job_oob_send.send(in_progress_ctx.claimer_sas)
r = await self.main_oob_recv.receive()
assert r == self.Step.WaitPeerTrust
try:
in_progress_ctx = await in_progress_ctx.do_wait_peer_trust()
await self.job_oob_send.send((True, None))
except Exception as exc:
await self.job_oob_send.send((False, exc))
r = await self.main_oob_recv.receive()
assert r == self.Step.ClaimUser
try:
device_label, human_handle = await self.main_oob_recv.receive()
new_device = await in_progress_ctx.do_claim_user(
requested_device_label=device_label, requested_human_handle=human_handle
)
await self.job_oob_send.send((True, None, new_device))
except Exception as exc:
await self.job_oob_send.send((False, exc, None))
except BackendNotAvailable as exc:
raise JobResultError(status="backend-not-available", origin=exc)
except BackendInvitationAlreadyUsed as exc:
raise JobResultError(status="invitation-already-used", origin=exc)
except BackendConnectionRefused as exc:
raise JobResultError(status="invitation-not-found", origin=exc)
async def _get_reencryption_needs(workspace_fs):
try:
reenc_needs = await workspace_fs.get_reencryption_need()
except FSBackendOfflineError as exc:
raise JobResultError("offline") from exc
return workspace_fs.workspace_id, reenc_needs
async def get_greeter_sas(self):
await self.main_oob_send.send(self.Step.GetGreeterSas)
r, exc, greeter_sas, choices = await self.job_oob_recv.receive()
if not r:
raise JobResultError(status="get-greeter-sas-failed", origin=exc)
return greeter_sas, choices
async def wait_peer(self):
await self.main_oob_send.send(self.Step.WaitPeer)
r, exc = await self.job_oob_recv.receive()
if not r:
raise JobResultError(status="wait-peer-failed", origin=exc)
async def retrieve_info(self):
await self.main_oob_send.send(self.Step.RetrieveInfo)
r, exc, user_email = await self.job_oob_recv.receive()
if not r:
raise JobResultError(status="retrieve-info-failed", origin=exc)
return user_email
async def _do_bootstrap_organization(
config_dir,
password: str,
password_check: str,
user_id: str,
device_name: str,
bootstrap_addr: BackendOrganizationBootstrapAddr,
):
if password != password_check:
raise JobResultError("password-mismatch")
if len(password) < 8:
raise JobResultError("password-size")
try:
device_id = DeviceID(f"{user_id}@{device_name}")
except ValueError as exc:
raise JobResultError("bad-device_name") from exc
root_signing_key = SigningKey.generate()
root_verify_key = root_signing_key.verify_key
organization_addr = bootstrap_addr.generate_organization_addr(
root_verify_key)
try:
device = generate_new_device(device_id,
organization_addr,
is_admin=True)
save_device_with_password(config_dir, device, password)
except LocalDeviceAlreadyExistsError as exc:
raise JobResultError("user-exists") from exc
now = pendulum.now()
user_certificate = UserCertificateContent(
author=None,
timestamp=now,
user_id=device.user_id,
public_key=device.public_key,
is_admin=device.is_admin,
).dump_and_sign(root_signing_key)
device_certificate = DeviceCertificateContent(
author=None,
timestamp=now,
device_id=device_id,
verify_key=device.verify_key).dump_and_sign(root_signing_key)
try:
async with backend_anonymous_cmds_factory(bootstrap_addr) as cmds:
rep = await cmds.organization_bootstrap(
bootstrap_addr.organization_id,
bootstrap_addr.token,
root_verify_key,
user_certificate,
device_certificate,
)
if rep["status"] == "already_bootstrapped":
raise JobResultError("already-bootstrapped", info=str(rep))
elif rep["status"] == "not_found":
raise JobResultError("invalid-url", info=str(rep))
elif rep["status"] != "ok":
raise JobResultError("refused-by-backend", info=str(rep))
return device, password
except BackendConnectionRefused as exc:
raise JobResultError("invalid-url", info=str(exc)) from exc
except BackendNotAvailable as exc:
raise JobResultError("backend-offline", info=str(exc)) from exc
except BackendConnectionError as exc:
raise JobResultError("refused-by-backend", info=str(exc)) from exc
async def _do_user_find(core, text):
rep = await core.backend_cmds.user_find(text, 1, 100, True)
if rep["status"] != "ok":
raise JobResultError("error", rep=rep)
users = [u for u in rep["results"] if u != core.device.user_id]
return users
