forked from canonical/ubuntu.com
-
Notifications
You must be signed in to change notification settings - Fork 0
/
macaroons.py
65 lines (46 loc) · 1.79 KB
/
macaroons.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
# Standard library
import base64
# Packages
from openid.extension import Extension
def binary_serialize_macaroons(macaroons):
"""Encode all serialized macaroons and concatonate as a serialize bytes
@param macaroons: Iterable of macaroons lead by root_macaroon as first
element followed by any discharge macaroons to serialize
"""
serialized_macaroons = []
for macaroon in macaroons:
serialized = macaroon.serialize()
encoded = serialized.encode("utf-8")
padded = encoded + b"=" * (-len(encoded) % 4)
serialized_macaroons.append(base64.urlsafe_b64decode(padded))
serialized = base64.urlsafe_b64encode(b"".join(serialized_macaroons))
return serialized + b"=" * (-len(serialized) % 4)
class MacaroonRequest(Extension):
ns_uri = "http://ns.login.ubuntu.com/2016/openid-macaroon"
ns_alias = "macaroon"
def __init__(self, caveat_id):
self.caveat_id = caveat_id
def getExtensionArgs(self):
"""
Return the arguments to add to the OpenID request query
"""
return {"caveat_id": self.caveat_id}
class MacaroonResponse(Extension):
ns_uri = "http://ns.login.ubuntu.com/2016/openid-macaroon"
ns_alias = "macaroon"
def getExtensionArgs(self):
"""
Return the arguments to add to the OpenID request query
"""
return {"discharge": self.discharge}
def fromSuccessResponse(cls, success_response, signed_only=True):
self = cls()
if signed_only:
args = success_response.getSignedNS(self.ns_uri)
else:
args = success_response.message.getArgs(self.ns_uri)
if not args:
return None
self.discharge = args["discharge"]
return self
fromSuccessResponse = classmethod(fromSuccessResponse)