class UserClaimSchema(UnknownCheckedSchema): type = fields.CheckedConstant("user_claim", required=True) token = fields.String(required=True) # Note claiming user also imply creating a first device device_id = fields.DeviceID(required=True) public_key = fields.PublicKey(required=True) verify_key = fields.VerifyKey(required=True)
class SCHEMA_CLS(BaseSignedDataSchema): # Override author field to allow for None value if signed by the root key author = DeviceIDField(required=True, allow_none=True) type = fields.CheckedConstant("user_certificate", required=True) user_id = UserIDField(required=True) # Human handle can be none in case of redacted certificate human_handle = HumanHandleField(allow_none=True, missing=None) public_key = fields.PublicKey(required=True) # `profile` replaces `is_admin` field (which is still required for backward # compatibility), hence `None` is not allowed is_admin = fields.Boolean(required=True) profile = UserProfileField(allow_none=False) @post_load def make_obj(self, data: Dict[str, Any]) -> "UserCertificateContent": data.pop("type") # Handle legacy `is_admin` field default_profile = UserProfile.ADMIN if data.pop("is_admin") else UserProfile.STANDARD try: profile = data["profile"] except KeyError: data["profile"] = default_profile else: if default_profile == UserProfile.ADMIN and profile != UserProfile.ADMIN: raise ValidationError( "Fields `profile` and `is_admin` have incompatible values" ) return UserCertificateContent(**data)
class SCHEMA_CLS(BaseSignedDataSchema): type = fields.CheckedConstant("user_certificate", required=True) user_id = UserIDField(required=True) public_key = fields.PublicKey(required=True) is_admin = fields.Boolean(required=True) @post_load def make_obj(self, data): data.pop("type") return UserCertificateContent(**data)
class SCHEMA_CLS(BaseSchema): type = fields.CheckedConstant("device_claim", required=True) token = fields.String(required=True) device_id = DeviceIDField(required=True) verify_key = fields.VerifyKey(required=True) answer_public_key = fields.PublicKey(required=True) @post_load def make_obj(self, data): data.pop("type") return DeviceClaimContent(**data)
class SCHEMA_CLS(BaseSchema): type = fields.CheckedConstant("user_claim", required=True) token = fields.String(required=True) # Note claiming user also imply creating a first device device_id = DeviceIDField(required=True) public_key = fields.PublicKey(required=True) verify_key = fields.VerifyKey(required=True) @post_load def make_obj(self, data: Dict[str, Any]) -> "APIV1_UserClaimContent": # type: ignore[misc] data.pop("type") return APIV1_UserClaimContent(**data)
class SCHEMA_CLS(BaseSchema): type = fields.CheckedConstant("device_claim", required=True) token = fields.String(required=True) device_id = DeviceIDField(required=True) verify_key = fields.VerifyKey(required=True) answer_public_key = fields.PublicKey(required=True) @post_load def make_obj( # type: ignore[misc] self, data: Dict[str, Any] ) -> "APIV1_DeviceClaimContent": data.pop("type") return APIV1_DeviceClaimContent(**data)
class SCHEMA_CLS(BaseSchema): type = fields.CheckedConstant("invite_user_data", required=True) # Claimer ask for device_label/human_handle, but greeter has final word on this requested_device_label = fields.String(allow_none=True, missing=None) requested_human_handle = HumanHandleField(allow_none=True, missing=None) # Note claiming user also imply creating a first device public_key = fields.PublicKey(required=True) verify_key = fields.VerifyKey(required=True) @post_load def make_obj(self, data): data.pop("type") return InviteUserData(**data)
class SCHEMA_CLS(BaseSchema): type = fields.CheckedConstant("pki_enrollment_submit_payload", required=True) verify_key = fields.VerifyKey(required=True) public_key = fields.PublicKey(required=True) requested_device_label = DeviceLabelField(required=True) # No requested human handle given the accepter should use instead the # information from the submitter's X509 certificate @post_load def make_obj(self, data: Dict[str, Any]) -> "PkiEnrollmentSubmitPayload": data.pop("type") return PkiEnrollmentSubmitPayload(**data)
class DeviceClaimSchema(UnknownCheckedSchema): type = fields.CheckedConstant("device_claim", required=True) token = fields.String(required=True) device_id = fields.DeviceID(required=True) verify_key = fields.VerifyKey(required=True) answer_public_key = fields.PublicKey(required=True)
class Invite1GreeterWaitPeerRepSchema(BaseRepSchema): claimer_public_key = fields.PublicKey(required=True)
class Invite1GreeterWaitPeerReqSchema(BaseReqSchema): token = fields.UUID(required=True) greeter_public_key = fields.PublicKey(required=True)