def file_update_complete_response( volume, reply ): """ Sign a protobuf ms_reply structure, using Syndicate's private key """ import common.api as api # sign each directory entry in the reply with the Syndicate key, # so the MS attests to its index information for ent_pb in reply.listing.entries: if ent_pb.type == MSENTRY_TYPE_DIR: # sign the MS-related fields ent_pb.ms_signature = "" ent_str = ent_pb.SerializeToString() sig = api.sign_data( SYNDICATE_PRIVKEY, ent_str ) sigb64 = base64.b64encode( sig ) ent_pb.ms_signature = sigb64 # sign the entire reply reply.signature = "" reply_str = reply.SerializeToString() sig = api.sign_data( SYNDICATE_PRIVKEY, reply_str ) sigb64 = base64.b64encode( sig ) reply.signature = sigb64 reply_str = reply.SerializeToString() return reply_str
def CreateAdmin( cls, email, owner_id, public_key, syndicate_private_key ): """ Create the admin user. Called when the MS initializes itself for the first time """ import common.api as api admin_cert = ms_pb2.ms_user_cert() admin_cert.user_id = owner_id admin_cert.email = email admin_cert.public_key = public_key admin_cert.admin_id = owner_id admin_cert.max_volumes = -1 admin_cert.max_gateways = -1 admin_cert.is_admin = True admin_cert.signature = "" admin_cert_str = admin_cert.SerializeToString() sig = api.sign_data( syndicate_private_key, admin_cert_str ) admin_cert.signature = base64.b64encode( sig ) return SyndicateUser.Create( admin_cert )
def CreateAdmin(cls, email, owner_id, public_key, syndicate_private_key): """ Create the admin user. Called when the MS initializes itself for the first time """ import common.api as api admin_cert = ms_pb2.ms_user_cert() admin_cert.user_id = owner_id admin_cert.email = email admin_cert.public_key = public_key admin_cert.admin_id = owner_id admin_cert.max_volumes = -1 admin_cert.max_gateways = -1 admin_cert.is_admin = True admin_cert.signature = "" admin_cert_str = admin_cert.SerializeToString() sig = api.sign_data(syndicate_private_key, admin_cert_str) admin_cert.signature = base64.b64encode(sig) return SyndicateUser.Create(admin_cert)
def register_make_openid_reply(oid_request, return_method, return_to, query): """ Generate a serialized ms_openid_provider_reply protobuf. This structure will contain everything the client needs to know to authenticate to the MS's OpenID provider. This includes (by argument) the way to redirect the client, the URL to return to on authentication, and the query string. Other information is supplied via the OPENID_* fields in MS.common.msconfig. """ # reply with the redirect URL trust_root = OPENID_HOST_URL immediate = GAEOpenIDRequestHandler.IMMEDIATE_MODE in query redirect_url = oid_request.redirectURL(trust_root, return_to, immediate=immediate) openid_reply = ms_pb2.ms_openid_provider_reply() openid_reply.redirect_url = redirect_url openid_reply.auth_handler = OPENID_PROVIDER_AUTH_HANDLER openid_reply.username_field = OPENID_PROVIDER_USERNAME_FIELD openid_reply.password_field = OPENID_PROVIDER_PASSWORD_FIELD openid_reply.extra_args = urllib.urlencode(OPENID_PROVIDER_EXTRA_ARGS) openid_reply.challenge_method = OPENID_PROVIDER_CHALLENGE_METHOD openid_reply.response_method = OPENID_PROVIDER_RESPONSE_METHOD openid_reply.redirect_method = return_method openid_reply.signature = "" data = openid_reply.SerializeToString() #signature = storagetypes.Object.auth_sign( SYNDICATE_PRIVKEY, data ); signature = api.sign_data(SYNDICATE_PRIVKEY, data) openid_reply.signature = base64.b64encode(signature) data = openid_reply.SerializeToString() return data
def file_complete_response(volume, reply): """ Sign a protobuf ms_reply structure, using Syndicate's private key """ import common.api as api ''' # sign each directory entry in the reply with the Syndicate key, # so the MS attests to its index information for ent_pb in reply.listing.entries: if ent_pb.type == MSENTRY_TYPE_DIR: # sign the MS-related fields ent_pb.ms_signature = "" ent_str = ent_pb.SerializeToString() sig = api.sign_data( msconfig.SYNDICATE_PRIVKEY, ent_str ) sigb64 = base64.b64encode( sig ) ent_pb.ms_signature = sigb64 ''' # blank the signature on directories; just sign the whole message for ent_pb in reply.listing.entries: if ent_pb.type == MSENTRY_TYPE_DIR: ent_pb.ms_signature = "" # sign the entire reply reply.signature = "" reply_str = reply.SerializeToString() sig = api.sign_data(msconfig.SYNDICATE_PRIVKEY, reply_str) sigb64 = base64.b64encode(sig) reply.signature = sigb64 reply_str = reply.SerializeToString() return reply_str
def register_make_openid_reply( oid_request, return_method, return_to, query ): """ Generate a serialized ms_openid_provider_reply protobuf. This structure will contain everything the client needs to know to authenticate to the MS's OpenID provider. This includes (by argument) the way to redirect the client, the URL to return to on authentication, and the query string. Other information is supplied via the OPENID_* fields in MS.common.msconfig. """ # reply with the redirect URL trust_root = OPENID_HOST_URL immediate = GAEOpenIDRequestHandler.IMMEDIATE_MODE in query redirect_url = oid_request.redirectURL( trust_root, return_to, immediate=immediate ) openid_reply = ms_pb2.ms_openid_provider_reply() openid_reply.redirect_url = redirect_url openid_reply.auth_handler = OPENID_PROVIDER_AUTH_HANDLER openid_reply.username_field = OPENID_PROVIDER_USERNAME_FIELD openid_reply.password_field = OPENID_PROVIDER_PASSWORD_FIELD openid_reply.extra_args = urllib.urlencode( OPENID_PROVIDER_EXTRA_ARGS ) openid_reply.challenge_method = OPENID_PROVIDER_CHALLENGE_METHOD openid_reply.response_method = OPENID_PROVIDER_RESPONSE_METHOD openid_reply.redirect_method = return_method openid_reply.signature = "" data = openid_reply.SerializeToString() #signature = storagetypes.Object.auth_sign( SYNDICATE_PRIVKEY, data ); signature = api.sign_data( SYNDICATE_PRIVKEY, data ) openid_reply.signature = base64.b64encode( signature ) data = openid_reply.SerializeToString() return data