def __build_card_model(self, identity, identity_type, scope, owner_key, custom_fields=None): card_config = { 'identity': identity, 'identity_type': identity_type, 'public_key': tuple(owner_key.export_public_key().get_bytearray()), 'data': custom_fields, } card = Card(**card_config) if scope == Card.Scope.APPLICATION: card_request = CreateCardRequest(**card_config) elif scope == Card.Scope.GLOBAL: card_request = CreateGlobalCardRequest(**card_config) else: raise ValueError("Unknown scope value") card.snapshot = card_request.snapshot snapshot_fingerprint = self.__crypto.calculate_fingerprint( card.snapshot) card.scope = scope card.id = snapshot_fingerprint.to_hex self_signature = owner_key.sign( VirgilBuffer(snapshot_fingerprint.value)) card.signatures = {card.id: self_signature.to_string("base64")} return card
def publish(self): # type: () -> None """Publishes a current VirgilCard to the Virgil Security services.""" if self.__card.scope == Card.Scope.GLOBAL: self.__publish_global() else: create_card_request = CreateCardRequest(self.identity, self.identity_type, self.public_key, self.__card.data) create_card_request.signatures = self.__card.signatures create_card_request.snapshot = self.__card.snapshot request_signer = RequestSigner(self.__context.crypto) request_signer.authority_sign( create_card_request, self.__context.credentials.app_id, self.__context.credentials.get_app_key(self.__context.crypto)) self.__card = self.__context.client.create_card_from_request( create_card_request)
def test_search_card_by_identity(self): virgil_app_id = config.VIRGIL_APP_ID alice_keys1 = self._crypto.generate_keys() create_card_request1 = CreateCardRequest( "alice", "username", self._crypto.export_public_key(alice_keys1.public_key) ) self._request_signer.self_sign( create_card_request1, alice_keys1.private_key ) self._request_signer.authority_sign( create_card_request1, virgil_app_id, self._app_private_key ) alice_card1 = self._client.create_card_from_request(create_card_request1) alice_keys2 = self._crypto.generate_keys() create_card_request2 = CreateCardRequest( "alice", "username", self._crypto.export_public_key(alice_keys2.public_key) ) self._request_signer.self_sign( create_card_request2, alice_keys2.private_key ) self._request_signer.authority_sign( create_card_request2, virgil_app_id, self._app_private_key ) alice_card2 = self._client.create_card_from_request(create_card_request2) cards = self._client.search_cards_by_identities('alice') self.assertIn(alice_card1, cards) self.assertIn(alice_card2, cards) self.cleanup_cards(*cards)
def test_search_card_by_multiple_identities(self): virgil_app_id = config.VIRGIL_APP_ID alice_keys = self._crypto.generate_keys() create_card_request_alice = CreateCardRequest( "alice", "username", self._crypto.export_public_key(alice_keys.public_key) ) self._request_signer.self_sign( create_card_request_alice, alice_keys.private_key ) self._request_signer.authority_sign( create_card_request_alice, virgil_app_id, self._app_private_key ) alice_card = self._client.create_card_from_request(create_card_request_alice) bob_keys = self._crypto.generate_keys() create_card_request_bob = CreateCardRequest( "bob", "username", self._crypto.export_public_key(bob_keys.public_key) ) self._request_signer.self_sign( create_card_request_bob, bob_keys.private_key ) self._request_signer.authority_sign( create_card_request_bob, virgil_app_id, self._app_private_key ) bob_card = self._client.create_card_from_request(create_card_request_bob) cards = self._client.search_cards_by_identities('alice', 'bob') self.assertIn(alice_card, cards) self.assertIn(bob_card, cards) self.cleanup_cards(*cards)
def test_self_sign_create_card_request(self): alice_keys = self._crypto.generate_keys() request = CreateCardRequest( identity="alice", identity_type="username", public_key=alice_keys.public_key.value, ) self._request_signer.self_sign(request, alice_keys.private_key) self.assertEqual( len(request.signatures), 1, ) self._assertVerify( list(request.signatures.values())[0], request.snapshot, alice_keys.public_key)
def __build_card_model(self, identity, identity_type, custom_fields, scope, owner_key, validation_token=None): # type: (str, str, dict, Card.Scope, VirgilKey) -> Card """Constructs the card model Args: identity: The user's identity. identity_type: Type of the identity. custom_fields: The custom fields (optional). scope: Card scope owner_key: The owner's VirgilKey. Returns: Card model for VirgilCard creation. Raises: ValueError when scope incorrect. """ card_config = { 'identity': identity, 'identity_type': identity_type, 'public_key': owner_key.export_public_key().get_bytearray(), 'data': custom_fields, } card_model = Card(**card_config) if scope == Card.Scope.APPLICATION: card_request = CreateCardRequest(**card_config) elif scope == Card.Scope.GLOBAL: card_config.update({"validation_token": validation_token}) card_request = CreateGlobalCardRequest(**card_config) else: raise ValueError("Unknown scope value") card_model.snapshot = card_request.snapshot snapshot_fingerprint = self.context.crypto.calculate_fingerprint( card_model.snapshot) card_model.scope = scope card_model.id = snapshot_fingerprint.to_hex self_signature = owner_key.sign( VirgilBuffer(snapshot_fingerprint.value)) card_model.signatures = { card_model.id: self_signature.to_string("base64") } return card_model
def test_authority_sign_create_card_request(self): alice_keys = self._crypto.generate_keys() request = CreateCardRequest( identity="alice", identity_type="username", public_key=alice_keys.public_key.value, ) self._request_signer.authority_sign( request, config.VIRGIL_APP_ID, self._app_private_key, ) self.assertEqual( len(request.signatures), 1, ) self.assertEqual( list(request.signatures.keys())[0], config.VIRGIL_APP_ID) self._assertVerify( list(request.signatures.values())[0], request.snapshot, self._crypto.extract_public_key(self._app_private_key))
def test_revoke_card_removes_created_card(self): alice_keys = self._crypto.generate_keys() virgil_app_id = config.VIRGIL_APP_ID create_card_request = CreateCardRequest( "alice", "username", self._crypto.export_public_key(alice_keys.public_key) ) self._request_signer.self_sign( create_card_request, alice_keys.private_key ) self._request_signer.authority_sign( create_card_request, virgil_app_id, self._app_private_key ) card = self._client.create_card_from_request(create_card_request) revoke_card_request = RevokeCardRequest( card_id=card.id ) self._request_signer.authority_sign(revoke_card_request, config.VIRGIL_APP_ID, self._app_private_key) self._client.revoke_card_from_request(revoke_card_request)
def test_create_card_saves_public_key(self): alice_keys = self._crypto.generate_keys() virgil_app_id = config.VIRGIL_APP_ID create_card_request = CreateCardRequest( identity="alice", identity_type="username", public_key=self._crypto.export_public_key(alice_keys.public_key) ) self._request_signer.self_sign( create_card_request, alice_keys.private_key ) self._request_signer.authority_sign( create_card_request, virgil_app_id, self._app_private_key ) card = self._client.create_card_from_request(create_card_request) self.assertEqual( card.identity, "alice" ) self.assertEqual( card.identity_type, "username" ) self.assertEqual( card.version, "4.0" ) self.assertEqual( card.public_key, alice_keys.public_key.value, ) self.cleanup_cards(card)
def test_get_card(self): alice_keys = self._crypto.generate_keys() virgil_app_id = config.VIRGIL_APP_ID create_card_request = CreateCardRequest( "alice", "username", self._crypto.export_public_key(alice_keys.public_key) ) self._request_signer.self_sign( create_card_request, alice_keys.private_key ) self._request_signer.authority_sign( create_card_request, virgil_app_id, self._app_private_key ) created_card = self._client.create_card_from_request(create_card_request) card = self._client.get_card(created_card.id) self.assertEqual( card.id, created_card.id ) self.assertEqual( card.public_key, created_card.public_key ) self.assertEqual( card.identity, created_card.identity ) self.assertEqual( card.identity_type, created_card.identity_type ) self.cleanup_cards(created_card)