def get_index_html(self): nut = handler.get_nut() if URL.startswith('https'): sqrl_url = URL.replace('https', 'sqrl') else: sqrl_url = URL.replace('http', 'qrl') sqrl_url = '%s/sqrl?nut=%s&sfn=%s' % (sqrl_url, nut, baseconv.encode("Fisken")) ws_url = URL.replace('http', 'ws') self.writeln("<html><head><title>Title goes here.</title></head>") self.writeln("<body>") self.writeln(" <p>Blipp fisken</p>") self.writeln(" <a href='%s'>login</a>" % (sqrl_url)) self.writeln(' <script>') self.writeln(' var ws = new WebSocket("%s/ws");' % (ws_url)) self.writeln(' ws.onopen = function(){') self.writeln(' console.log("onopen");') self.writeln(' ws.send("{\\\"session_id\\\": \\\"%s\\\"}");' % (nut)) self.writeln(' };') self.writeln(' ws.onmessage = function(ev){') self.writeln(' console.log("onmessage ev.data " + ev.data);') self.writeln(' var json = JSON.parse(ev.data);') self.writeln(' window.location.href = json.url;') self.writeln(' };') self.writeln(' ws.onclose = function(ev){') self.writeln(' console.log("onclose");') self.writeln(' };') self.writeln(' ws.onerror = function(ev){') self.writeln(' console.log("onerror");') self.writeln(' };') self.writeln(' </script>') self.writeln(" <br/>") self.writeln("</body></html>")
def post(self): server = handler.SqrlHandler().post( self.get_argument('client', ""), self.get_argument('server', ""), self.get_argument('ids', ""), sqrl_callback) self.write(baseconv.encode(server))
def disable(self, url, server): resp = baseconv.decodeNameValue(server) tif = int(resp['tif'], 16) client = "ver=1\r\n" client += "cmd=disable\r\n" client += "idk=%s\r\n" % self.enc.getPublicKey(url.getDomain()) client = baseconv.encode(client) ids = self.enc.sign(client + server) url = URLParser(url.scheme + "://" + url.netloc + resp['qry']) success, data = self._post_form(url, "client=%s&server=%s&ids=%s" % (client, server, ids)) logging.debug("client") for param in baseconv.decode(client).rstrip('\r\n').split('\r\n'): logging.debug(' %r', param) logging.debug("server") for param in baseconv.decode(server).rstrip('\r\n').split('\r\n'): logging.debug(' %r', param) logging.debug(' ids %r', ids) if success: resp = baseconv.decodeNameValue(data) logging.debug("resp %r", resp) tif = int(resp['tif'], 16) if tif & 0x10 == 0x10: return False, "0x10 Function(s) not supported" if tif & 0x08 == 0x08: return True, "0x08 SQRL disabled" return False, data
def disable_account(self, qry): url = URLParser(qry) success, data = self.query(url, baseconv.encode(url.orig_url)) if not success: return False, "Auth failed. " + data success, data = self.disable(url, data) if not success: return False, "Auth failed. " + data return True, data
def ident(self, url, server): resp = baseconv.decodeNameValue(server) tif = int(resp['tif'], 16) client = "ver=1\r\n" client += "cmd=ident\r\n" client += "idk=%s\r\n" % self.enc.getPublicKey(url.getDomain()) if self.cps: client += "opt=cps\r\n" if tif & 0x01 == 0x00: client += "suk=dMRXbs49XNmVUhsKzta7ESD-cP2QlnxkSaORsswOAj4\r\n" # TODO: ehhh... client += "vuk=q13E_hd5CR0WE0A9ZD8571te0Ul47YfsDCWpETuCGcI\r\n" # TODO: ehhh... client = baseconv.encode(client) ids = self.enc.sign(client + server) url = URLParser(url.scheme + "://" + url.netloc + resp['qry']) success, data = self._post_form(url, "client=%s&server=%s&ids=%s" % (client, server, ids)) logging.debug("client") for param in baseconv.decode(client).rstrip('\r\n').split('\r\n'): logging.debug(' %r', param) logging.debug("server") for param in baseconv.decode(server).rstrip('\r\n').split('\r\n'): logging.debug(' %r', param) logging.debug(' ids %r', ids) if success: resp = baseconv.decodeNameValue(data) logging.debug("resp %r", resp) tif = int(resp['tif'], 16) if tif & 0x08 == 0x08: return False, "0x08 SQRL disabled" if tif & 0x10 == 0x10: return False, "0x10 Function(s) not supported" #if tif > 0x04: # TODO: Check tif failure values # return False, "Tif 0x%02x" % tif if 'url' in resp: return True, resp['url'] else: return True, None return False, data
def query(self, url, server, automatic_retry=True): client = "ver=1\r\n" client += "cmd=query\r\n" client += "idk=%s\r\n" % self.enc.getPublicKey(url.getDomain()) if self.cps: client += "opt=cps\r\n" client = baseconv.encode(client) ids = self.enc.sign(client + server) success, data = self._post_form(url, "client=%s&server=%s&ids=%s" % (client, server, ids)) logging.debug("client") for param in baseconv.decode(client).rstrip('\r\n').split('\r\n'): logging.debug(' %r', param) logging.debug("server") for param in baseconv.decode(server).rstrip('\r\n').split('\r\n'): logging.debug(' %r', param) logging.debug(' ids %r', ids) if success: resp = baseconv.decodeNameValue(data) logging.debug("resp %r", resp) tif = int(resp['tif'], 16) if tif & 0x01 == 0x01: logging.info("ID match") if tif & 0x04 == 0x04: logging.info("IP matched") #if tif > 0x04: # TODO: Check tif failure values # logging.warn("Problems with query, tif 0x%02x", tif) if tif & 0x20 == 0x20: if automatic_retry: logging.debug("0x20 Transient error. Trying again") url = URLParser(url.scheme + "://" + url.netloc + resp['qry']) return self.query(url, data, False) return success, data
def test_encode_unicode(self): self.assertEqual(baseconv.encode(u"abcd"), 'YWJjZA')
def test_encode_padding_stripped(self): self.assertEqual(baseconv.encode("abcd"), 'YWJjZA') self.assertEqual(baseconv.encode("abcde"), 'YWJjZGU')
def test_encode_no_padding(self): self.assertEqual(baseconv.encode("abc"), 'YWJj')