def test_invalid_path(self):
# this should not raise any exceptions
try:
opp_config.OppConfig('some / invalid / path')
opp_config.OppConfig(None)
opp_config.OppConfig()
except Exception:
self.fail("Unexpected exception while loading configuration!")
def test_valid_option(self):
db_connect = "sqlite:///:memory:"
with open(self.file_path, 'w') as f:
f.write("[DEFAULT]\n")
f.write("db_connect = %s" % db_connect)
CONF = opp_config.OppConfig(self.file_path)
self.assertEqual(CONF['db_connect'], db_connect)
def get_scoped_session(conf=None):
conf = conf or opp_config.OppConfig(conf)
if conf['db_connect']:
try:
engine = create_engine(conf['db_connect'])
session_factory = sessionmaker(engine, autocommit=True)
return scoped_session(session_factory)
except exc.NoSuchModuleError as e:
sys.exit("Error: %s" % str(e))
sys.exit("Error: database connection string not configured.")
def get_session(conf=None):
conf = conf or opp_config.OppConfig()
db_connect = conf['db_connect']
if db_connect:
try:
engine = create_engine(db_connect)
session_factory = sessionmaker(engine)
Session = scoped_session(session_factory)
return Session()
except exc.NoSuchModuleError as e:
sys.exit("Error: %s" % str(e))
sys.exit("Error: database connection string not configured.")
def test_update_phrase(self):
config = opp_config.OppConfig(self.conf_filepath)
# Add user
utils.execute("opp-db --config_file %s add-user -uu -pp "
"--phrase=123456" % self.conf_filepath)
old = aescipher.AESCipher("123456")
new = aescipher.AESCipher("654321")
# Add category and item using old passphrase
session = api.get_scoped_session(config)
category = models.Category(name=old.encrypt("cat1"))
item = models.Item(name=old.encrypt("item1"),
url=old.encrypt("url1"),
account=old.encrypt("account1"),
username=old.encrypt("username1"),
password=old.encrypt("password1"),
blob=old.encrypt("blob1"))
with session.begin():
user = api.user_get_by_username(session, 'u')
category.user = user
item.user = user
api.category_create(session, [category])
api.item_create(session, [item])
# Update passphrase
utils.execute("opp-db --config_file %s update-phrase -uu -pp "
"--old_phrase=123456 --new_phrase=654321" %
self.conf_filepath)
# Check data using new passphrase
session = api.get_scoped_session(config)
with session.begin():
user = api.user_get_by_username(session, 'u')
category = api.category_getall(session, user)[0]
self.assertEqual(new.decrypt(category.name), "cat1")
item = api.item_getall(session, user)[0]
self.assertEqual(new.decrypt(item.name), "item1")
self.assertEqual(new.decrypt(item.url), "url1")
self.assertEqual(new.decrypt(item.account), "account1")
self.assertEqual(new.decrypt(item.username), "username1")
self.assertEqual(new.decrypt(item.password), "password1")
self.assertEqual(new.decrypt(item.blob), "blob1")
# Cleanup
utils.execute("opp-db --config_file %s del-user -uu -pp"
" --remove_data" % self.conf_filepath)
self._assert_user_does_not_exist('u')
def getLogger(name, config=None):
config = config or opp_config.OppConfig()
log_level = config['log_level'] or logging.DEBUG
log_name = config['log_filename'] or '/tmp/openpassphrase.log'
logger = logging.getLogger(name)
if not logging.root.handlers:
formatter = logging.Formatter(
'%(levelname)-7s %(name)s %(asctime)s %(message)s')
handler = logging.FileHandler(log_name)
handler.setFormatter(formatter)
logger.addHandler(handler)
logger.setLevel(log_level)
return logger
import logging
from flask import escape, Flask, redirect, request, session, url_for
from opp.common import opp_config, utils
from opp.db import api
CONF = opp_config.OppConfig()
# Logging config
logname = CONF['log_filename'] or '/tmp/openpassphrase.log'
logging.basicConfig(filename=logname, level=logging.DEBUG)
# Flask app
app = Flask(__name__)
app.config['SECRET_KEY'] = CONF['SECRET_KEY']
app.config['PREFERRED_URL_SCHEME'] = "https"
def authenticate(username, password):
user = api.user_get_by_username(username)
if user and utils.checkpw(password, user.password):
return user
return None
@app.route('/')
def index():
if 'username' in session:
return 'Logged in as %s' % escape(session['username'])
return redirect(url_for('login'))
def main(config, config_file, verbose):
config.verbose = verbose
config.conf = opp_config.OppConfig(config_file)
def setUp(self):
conf = opp_config.OppConfig(self.conf_filepath)
self.s = api.get_scoped_session(conf)
self.u = api.user_get_by_username(self.s, "u")
def setUp(self):
conf = opp_config.OppConfig(self.conf_filepath)
self.session = api.get_session(conf)
def test_empty_option(self):
CONF = opp_config.OppConfig()
self.assertIsNone(CONF['test_option'])
def test_missing_section(self):
with open(self.file_path, 'w') as f:
f.write("db_connect = blah")
with self.assertRaises(configparser.MissingSectionHeaderError):
opp_config.OppConfig(self.file_path)
def setUp(self):
super(TestDbApiItems, self).setUp()
conf = opp_config.OppConfig(self.conf_filepath)
self.session = api.get_session(conf)
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
from xkcdpass import xkcd_password as xp
from opp.api.v1 import base_handler as bh
from opp.common import aescipher, opp_config
from opp.db import api, models
CONFIG = opp_config.OppConfig()
class ResponseHandler(bh.BaseResponseHandler):
"""
Response handler for the `items` endpoint.
"""
def _parse_or_set_empty(self, row, key, none_if_empty=False):
"""
Retrieve a value from `row` by `key`.
:param none_if_empty: specifies to return either None or empty
string if key is not found in object.
:returns: extracted value if found, None or "" otherwise
"""