def generate_token(location, secret=None, identifier=None, expires=None):
if secret is None:
log.warning('No secret specified, using insecure test secret')
secret = test_secret
if identifier is None:
identifier = location
m = macaroons.create(location, secret, identifier)
if expires is None:
log.warning('Token will never expire since no expire time specified')
else:
delta = expires - time.time()
if delta < 0:
log.warning('Expiration time %s occurs in the past', expires)
m = m.add_first_party_caveat(TIME_CAVEAT_PREFIX + str(expires))
log.debug('auth token generated:\n%s', m.inspect())
return m.serialize()
... string name,
... int balance
... with authorization
... ''')
True
>>> import hyperdex.client
>>> c = hyperdex.client.Client(HOST, PORT)
>>> SECRET = 'super secret password'
>>> account = 'account number of john smith'
>>> c.put('accounts', account, {'name': 'John Smith', 'balance': 10}, secret=SECRET)
True
>>> c.get('accounts', account)
Traceback (most recent call last):
HyperDexClientException: ... it is unauthorized [HYPERDEX_CLIENT_UNAUTHORIZED]
>>> import macaroons
>>> M = macaroons.create('account number', SECRET, '')
>>> token = M.serialize()
>>> c.get('accounts', account, auth=[token])
{'name': 'John Smith', 'balance': 10}
>>> c.atomic_add('accounts', account, {'balance': 5}, auth=[token])
True
>>> c.get('accounts', account, auth=[token])
{'name': 'John Smith', 'balance': 15}
>>> M = macaroons.create('account number', SECRET, '')
>>> M = M.add_first_party_caveat('op = read')
>>> token = M.serialize()
>>> c.get('accounts', account, auth=[token])
{'name': 'John Smith', 'balance': 15}
>>> c.atomic_add('accounts', account, {'balance': 5}, auth=[token])
Traceback (most recent call last):
HyperDexClientException: ... it is unauthorized [HYPERDEX_CLIENT_UNAUTHORIZED]
def get_macaroon():
servis_kopdar = macaroons.create(location, secret, public)
return servis_kopdar.serialize()
# END 1 OMIT
def get_macaroon():
servis_kopdar = macaroons.create(location, secret, public)
return servis_kopdar.serialize()
def get_secret():
return secret
if __name__ == "__main__":
# START 2 OMIT
# with these three arguments, we can now create the macaroon
servis_kopdar = macaroons.create(location, secret, public) # // HL
# we now hold a reference to our newly instantiated macaroon object
print(servis_kopdar)
# we can inspect the HMAC signature of this message
print('.signature: %s' % servis_kopdar.signature) # // HL
# or the other public metadata, like identifier or location
print('.identifier: %s' % servis_kopdar.identifier) # // HL
print('.location: %s' % servis_kopdar.location) # // HL
# or all the metadata + signature in a single call
print('.inspect():')
print servis_kopdar.inspect() # // HL
... attributes
... string name,
... int balance
... with authorization
... ''')
True
>>> import hyperdex.client
>>> c = hyperdex.client.Client(HOST, PORT)
>>> SECRET = 'this is the password for the account'
>>> c.put('accounts', 3735928559, {'name': 'John Smith', 'balance': 10, '__secret': SECRET})
True
>>> c.get('accounts', 3735928559)
Traceback (most recent call last):
HyperDexClientException: HyperDexClientException: server ... denied the request because it is unauthorized [HYPERDEX_CLIENT_UNAUTHORIZED]
>>> import macaroons
>>> M = macaroons.create('account 3735928559', SECRET, '')
>>> token = M.serialize()
>>> c.get('accounts', 3735928559, auth=[token])
{'name': 'John Smith', 'balance': 10}
>>> c.atomic_add('accounts', 3735928559, {'balance': 5}, auth=[token])
True
>>> c.get('accounts', 3735928559, auth=[token])
{'name': 'John Smith', 'balance': 15}
>>> M = macaroons.create('account 3735928559', SECRET, '')
>>> M = M.add_first_party_caveat('op = read')
>>> token = M.serialize()
>>> c.get('accounts', 3735928559, auth=[token])
{'name': 'John Smith', 'balance': 15}
>>> c.atomic_add('accounts', 3735928559, {'balance': 5}, auth=[token])
Traceback (most recent call last):
HyperDexClientException: HyperDexClientException: server ... denied the request because it is unauthorized [HYPERDEX_CLIENT_UNAUTHORIZED]