def _extract_caveat_id(self, root_macaroon):
macaroon = pymacaroons.Macaroon.deserialize(root_macaroon)
# macaroons are all bytes, never strings
sso_host = urllib.parse.urlparse(self.sso.root_url).hostname
for caveat in macaroon.caveats:
if caveat.location == sso_host:
return caveat.caveat_id
else:
raise errors.InvalidCredentialsError('Invalid root macaroon')
def upload(self, snap_name, snap_filename):
# FIXME This should be raised by the function that uses the
# discharge. --elopio -2016-06-20
if self.conf.get('unbound_discharge') is None:
raise errors.InvalidCredentialsError(
'Unbound discharge not in the config file')
updown_data = _upload.upload_files(snap_filename, self.updown)
return self.sca.snap_push_metadata(snap_name, updown_data)
def _macaroon_auth(conf):
"""Format a macaroon and its associated discharge.
:return: A string suitable to use in an Authorization header.
"""
root_macaroon_raw = conf.get('macaroon')
if root_macaroon_raw is None:
raise errors.InvalidCredentialsError(
'Root macaroon not in the config file')
unbound_raw = conf.get('unbound_discharge')
if unbound_raw is None:
raise errors.InvalidCredentialsError(
'Unbound discharge not in the config file')
root_macaroon = _deserialize_macaroon(root_macaroon_raw)
unbound = _deserialize_macaroon(unbound_raw)
bound = root_macaroon.prepare_for_request(unbound)
discharge_macaroon_raw = bound.serialize()
auth = 'Macaroon root={}, discharge={}'.format(
root_macaroon_raw, discharge_macaroon_raw)
return auth
def upload(self, snap_name, snap_filename, delta_format=None,
source_hash=None, target_hash=None, delta_hash=None):
# FIXME This should be raised by the function that uses the
# discharge. --elopio -2016-06-20
if self.conf.get('unbound_discharge') is None:
raise errors.InvalidCredentialsError(
'Unbound discharge not in the config file')
updown_data = _upload.upload_files(snap_filename, self.updown)
return self._refresh_if_necessary(
self.sca.snap_push_metadata, snap_name, updown_data,
delta_format=delta_format, source_hash=source_hash,
target_hash=target_hash, delta_hash=delta_hash)
def upload(self, snap_filename):
if not os.path.exists(snap_filename):
raise FileNotFoundError(snap_filename)
snap_name = _get_name_from_snap_file(snap_filename)
if self.conf.get('unbound_discharge') is None:
raise errors.InvalidCredentialsError()
data = _upload.upload_files(snap_filename, self.updown)
success = data.get('success', False)
if not success:
return data
result = _upload.upload_app(self.sca, snap_name, data)
return result
def search_package(self, snap_name, channel, arch):
if self.conf.get('unbound_discharge') is None:
raise errors.InvalidCredentialsError()
headers = {
'Accept': 'application/hal+json',
'X-Ubuntu-Architecture': arch,
'X-Ubuntu-Release': constants.DEFAULT_SERIES,
'X-Ubuntu-Device-Channel': channel,
}
params = {
'q': 'package_name:"{}"'.format(snap_name),
'fields': 'status,download_url,download_sha512',
'size': 1,
}
logger.info('Getting details for {}'.format(snap_name))
resp = self.get('api/v1/search', headers=headers, params=params)
embedded = resp.json().get('_embedded', None)
if embedded is None:
return None
else:
return embedded['clickindex:package'][0]
def _deserialize_macaroon(value):
try:
return pymacaroons.Macaroon.deserialize(value)
except:
raise errors.InvalidCredentialsError('Failed to deserialize macaroon')
