From 31586bf5884b1d6602b06f1f9b759476917e9afa Mon Sep 17 00:00:00 2001 From: Lex Berezhny Date: Thu, 17 Jan 2019 18:33:28 -0500 Subject: [PATCH] error out when user tries --http-auth --- example_daemon_settings.yml | 3 - lbrynet/conf.py | 5 +- lbrynet/extras/cli.py | 3 +- lbrynet/extras/daemon/Daemon.py | 4 -- lbrynet/extras/daemon/DaemonConsole.py | 80 ++------------------------ tests/integration/cli/test_cli.py | 20 ------- 6 files changed, 7 insertions(+), 108 deletions(-) diff --git a/example_daemon_settings.yml b/example_daemon_settings.yml index 957a160c2..79ca48177 100644 --- a/example_daemon_settings.yml +++ b/example_daemon_settings.yml @@ -17,9 +17,6 @@ dht_node_port: 4444 peer_port: 3333 use_upnp: True -use_auth_http: True -use_https: True - #components_to_skip: # - peer_protocol_server # - hash_announcer diff --git a/lbrynet/conf.py b/lbrynet/conf.py index 4637ca223..35b20fcf6 100644 --- a/lbrynet/conf.py +++ b/lbrynet/conf.py @@ -250,8 +250,6 @@ ADJUSTABLE_SETTINGS = { 'sd_download_timeout': (int, 3), 'share_usage_data': (bool, True), # whether to share usage stats and diagnostic info with LBRY 'peer_search_timeout': (int, 60), - 'use_auth_http': (bool, False), - 'use_https': (bool, False), 'use_upnp': (bool, True), 'use_keyring': (bool, False), 'wallet': (str, LBRYUM_WALLET), @@ -606,8 +604,7 @@ class Config: return os.path.join(self.ensure_data_dir(), self['LOG_FILE_NAME']) def get_api_connection_string(self, user: str = None, password: str = None) -> str: - return 'http%s://%s%s:%i/%s' % ( - "" if not self['use_https'] else "s", + return 'http://%s%s:%i/%s' % ( "" if not (user and password) else f"{user}:{password}@", self['api_host'], self['api_port'], diff --git a/lbrynet/extras/cli.py b/lbrynet/extras/cli.py index 54dab503b..1273890df 100644 --- a/lbrynet/extras/cli.py +++ b/lbrynet/extras/cli.py @@ -86,7 +86,8 @@ def start_daemon_with_cli_args(argv=None, data_dir: typing.Optional[str] = None, args = parser.parse_args(argv) settings = {} if args.useauth: - settings['use_auth_http'] = True + print('--http-auth is no longer supported; an alternative solution using IPC is forthcoming.') + return verbose = None if args.verbose: diff --git a/lbrynet/extras/daemon/Daemon.py b/lbrynet/extras/daemon/Daemon.py index 21fd0de94..ca584c035 100644 --- a/lbrynet/extras/daemon/Daemon.py +++ b/lbrynet/extras/daemon/Daemon.py @@ -362,8 +362,6 @@ class Daemon(metaclass=JSONRPCServerType): Checker.INTERNET_CONNECTION[0]: (LoopingCall(CheckInternetConnection(self)), Checker.INTERNET_CONNECTION[1]) } - use_authentication = conf.settings['use_auth_http'] - use_https = conf.settings['use_https'] self.analytics_manager = analytics_manager or analytics.Manager.new_instance() self.component_manager = component_manager or ComponentManager( analytics_manager=self.analytics_manager, @@ -371,8 +369,6 @@ class Daemon(metaclass=JSONRPCServerType): ) self.looping_call_manager = LoopingCallManager({n: lc for n, (lc, t) in (looping_calls or {}).items()}) self._looping_call_times = {n: t for n, (lc, t) in (looping_calls or {}).items()} - self._use_authentication = use_authentication or conf.settings['use_auth_http'] - self._use_https = use_https or conf.settings['use_https'] self.listening_port = None self._component_setup_task = None self.announced_startup = False diff --git a/lbrynet/extras/daemon/DaemonConsole.py b/lbrynet/extras/daemon/DaemonConsole.py index 3385d9610..ca3057738 100644 --- a/lbrynet/extras/daemon/DaemonConsole.py +++ b/lbrynet/extras/daemon/DaemonConsole.py @@ -56,88 +56,13 @@ class UnAuthAPIClient: return await resp.json() -class AuthAPIClient: - def __init__(self, key, session, cookies, url, login_url): - self.session = session - self.__api_key = key - self.__login_url = login_url - self.__id_count = 0 - self.__url = url - self.__cookies = cookies - - def __getattr__(self, name): - if name.startswith('__') and name.endswith('__'): - raise AttributeError(name) - - def f(*args, **kwargs): - return self.call(name, [args, kwargs]) - - return f - - async def call(self, method, params=None): - params = params or {} - self.__id_count += 1 - - pre_auth_post_data = { - 'version': '2', - 'method': method, - 'params': params, - 'id': self.__id_count - } - to_auth = json.dumps(pre_auth_post_data, sort_keys=True) - auth_msg = self.__api_key.get_hmac(to_auth).decode() - pre_auth_post_data.update({'hmac': auth_msg}) - post_data = json.dumps(pre_auth_post_data) - - headers = { - 'Host': self.__url.hostname, - 'User-Agent': USER_AGENT, - 'Content-type': 'application/json' - } - - async with self.session.post(self.__login_url, data=post_data, headers=headers) as resp: - if resp is None: - raise JSONRPCException({'code': -342, 'message': 'missing HTTP response from server'}) - resp.raise_for_status() - - next_secret = resp.headers.get(LBRY_SECRET, False) - if next_secret: - self.__api_key.secret = next_secret - - return await resp.json() - - @classmethod - async def get_client(cls, key_name=None): - api_key_name = key_name or "api" - keyring = Keyring.load_from_disk() # pylint: disable=E0602 - - api_key = keyring.api_key - login_url = conf.settings.get_api_connection_string(api_key_name, api_key.secret) - url = urlparse(login_url) - - headers = { - 'Host': url.hostname, - 'User-Agent': USER_AGENT, - 'Content-type': 'application/json' - } - connector = aiohttp.TCPConnector(ssl=None if not conf.settings['use_https'] else keyring.ssl_context) - session = aiohttp.ClientSession(connector=connector) - - async with session.post(login_url, headers=headers) as r: - cookies = r.cookies - uid = cookies.get(TWISTED_SECURE_SESSION if conf.settings['use_https'] else TWISTED_SESSION).value - api_key = APIKey.create(seed=uid.encode()) # pylint: disable=E0602 - return cls(api_key, session, cookies, url, login_url) - - class LBRYAPIClient: @staticmethod def get_client(conf_path=None): conf.conf_file = conf_path if not conf.settings: conf.initialize_settings() - return AuthAPIClient.get_client() if conf.settings['use_auth_http'] else \ - UnAuthAPIClient.from_url(conf.settings.get_api_connection_string()) + return UnAuthAPIClient.from_url(conf.settings.get_api_connection_string()) if sys.platform.startswith('darwin') or sys.platform.startswith('linux'): @@ -348,6 +273,9 @@ def main(): "--http-auth", dest="useauth", action="store_true", default=conf.settings['use_auth_http'] ) args = parser.parse_args() + if args.useauth: + print('--http-auth is no longer supported; an alternative solution using IPC is forthcoming.') + return loop = asyncio.get_event_loop() loop.run_until_complete(start_lbrynet_console(args.quiet, args.use_existing_daemon, args.useauth)) reactor.run() diff --git a/tests/integration/cli/test_cli.py b/tests/integration/cli/test_cli.py index 507893bd7..da8584ea9 100644 --- a/tests/integration/cli/test_cli.py +++ b/tests/integration/cli/test_cli.py @@ -29,7 +29,6 @@ class FakeAnalytics: class CLIIntegrationTest(AsyncioTestCase): - USE_AUTH = False async def asyncSetUp(self): skip = [ @@ -40,7 +39,6 @@ class CLIIntegrationTest(AsyncioTestCase): ] conf.initialize_settings(load_conf_file=False) conf.settings['api_port'] = 5299 - conf.settings['use_auth_http'] = self.USE_AUTH conf.settings['components_to_skip'] = skip conf.settings.initialize_post_conf_load() Daemon.component_attributes = {} @@ -50,25 +48,7 @@ class CLIIntegrationTest(AsyncioTestCase): async def asyncTearDown(self): await self.daemon.shutdown() - -@skip -class AuthenticatedCLITest(CLIIntegrationTest): - USE_AUTH = True - def test_cli_status_command_with_auth(self): - self.assertTrue(self.daemon._use_authentication) - actual_output = StringIO() - with contextlib.redirect_stdout(actual_output): - cli.main(["status"]) - actual_output = actual_output.getvalue() - self.assertIn("connection_status", actual_output) - - -class UnauthenticatedCLITest(CLIIntegrationTest): - USE_AUTH = False - - def test_cli_status_command_with_auth(self): - self.assertFalse(self.daemon._use_authentication) actual_output = StringIO() with contextlib.redirect_stdout(actual_output): cli.main(["status"])