forked from LBRYCommunity/lbry-sdk
error out when user tries --http-auth
This commit is contained in:
parent
974d3c83e3
commit
31586bf588
6 changed files with 7 additions and 108 deletions
|
@ -17,9 +17,6 @@ dht_node_port: 4444
|
||||||
peer_port: 3333
|
peer_port: 3333
|
||||||
use_upnp: True
|
use_upnp: True
|
||||||
|
|
||||||
use_auth_http: True
|
|
||||||
use_https: True
|
|
||||||
|
|
||||||
#components_to_skip:
|
#components_to_skip:
|
||||||
# - peer_protocol_server
|
# - peer_protocol_server
|
||||||
# - hash_announcer
|
# - hash_announcer
|
||||||
|
|
|
@ -250,8 +250,6 @@ ADJUSTABLE_SETTINGS = {
|
||||||
'sd_download_timeout': (int, 3),
|
'sd_download_timeout': (int, 3),
|
||||||
'share_usage_data': (bool, True), # whether to share usage stats and diagnostic info with LBRY
|
'share_usage_data': (bool, True), # whether to share usage stats and diagnostic info with LBRY
|
||||||
'peer_search_timeout': (int, 60),
|
'peer_search_timeout': (int, 60),
|
||||||
'use_auth_http': (bool, False),
|
|
||||||
'use_https': (bool, False),
|
|
||||||
'use_upnp': (bool, True),
|
'use_upnp': (bool, True),
|
||||||
'use_keyring': (bool, False),
|
'use_keyring': (bool, False),
|
||||||
'wallet': (str, LBRYUM_WALLET),
|
'wallet': (str, LBRYUM_WALLET),
|
||||||
|
@ -606,8 +604,7 @@ class Config:
|
||||||
return os.path.join(self.ensure_data_dir(), self['LOG_FILE_NAME'])
|
return os.path.join(self.ensure_data_dir(), self['LOG_FILE_NAME'])
|
||||||
|
|
||||||
def get_api_connection_string(self, user: str = None, password: str = None) -> str:
|
def get_api_connection_string(self, user: str = None, password: str = None) -> str:
|
||||||
return 'http%s://%s%s:%i/%s' % (
|
return 'http://%s%s:%i/%s' % (
|
||||||
"" if not self['use_https'] else "s",
|
|
||||||
"" if not (user and password) else f"{user}:{password}@",
|
"" if not (user and password) else f"{user}:{password}@",
|
||||||
self['api_host'],
|
self['api_host'],
|
||||||
self['api_port'],
|
self['api_port'],
|
||||||
|
|
|
@ -86,7 +86,8 @@ def start_daemon_with_cli_args(argv=None, data_dir: typing.Optional[str] = None,
|
||||||
args = parser.parse_args(argv)
|
args = parser.parse_args(argv)
|
||||||
settings = {}
|
settings = {}
|
||||||
if args.useauth:
|
if args.useauth:
|
||||||
settings['use_auth_http'] = True
|
print('--http-auth is no longer supported; an alternative solution using IPC is forthcoming.')
|
||||||
|
return
|
||||||
|
|
||||||
verbose = None
|
verbose = None
|
||||||
if args.verbose:
|
if args.verbose:
|
||||||
|
|
|
@ -362,8 +362,6 @@ class Daemon(metaclass=JSONRPCServerType):
|
||||||
Checker.INTERNET_CONNECTION[0]: (LoopingCall(CheckInternetConnection(self)),
|
Checker.INTERNET_CONNECTION[0]: (LoopingCall(CheckInternetConnection(self)),
|
||||||
Checker.INTERNET_CONNECTION[1])
|
Checker.INTERNET_CONNECTION[1])
|
||||||
}
|
}
|
||||||
use_authentication = conf.settings['use_auth_http']
|
|
||||||
use_https = conf.settings['use_https']
|
|
||||||
self.analytics_manager = analytics_manager or analytics.Manager.new_instance()
|
self.analytics_manager = analytics_manager or analytics.Manager.new_instance()
|
||||||
self.component_manager = component_manager or ComponentManager(
|
self.component_manager = component_manager or ComponentManager(
|
||||||
analytics_manager=self.analytics_manager,
|
analytics_manager=self.analytics_manager,
|
||||||
|
@ -371,8 +369,6 @@ class Daemon(metaclass=JSONRPCServerType):
|
||||||
)
|
)
|
||||||
self.looping_call_manager = LoopingCallManager({n: lc for n, (lc, t) in (looping_calls or {}).items()})
|
self.looping_call_manager = LoopingCallManager({n: lc for n, (lc, t) in (looping_calls or {}).items()})
|
||||||
self._looping_call_times = {n: t for n, (lc, t) in (looping_calls or {}).items()}
|
self._looping_call_times = {n: t for n, (lc, t) in (looping_calls or {}).items()}
|
||||||
self._use_authentication = use_authentication or conf.settings['use_auth_http']
|
|
||||||
self._use_https = use_https or conf.settings['use_https']
|
|
||||||
self.listening_port = None
|
self.listening_port = None
|
||||||
self._component_setup_task = None
|
self._component_setup_task = None
|
||||||
self.announced_startup = False
|
self.announced_startup = False
|
||||||
|
|
|
@ -56,88 +56,13 @@ class UnAuthAPIClient:
|
||||||
return await resp.json()
|
return await resp.json()
|
||||||
|
|
||||||
|
|
||||||
class AuthAPIClient:
|
|
||||||
def __init__(self, key, session, cookies, url, login_url):
|
|
||||||
self.session = session
|
|
||||||
self.__api_key = key
|
|
||||||
self.__login_url = login_url
|
|
||||||
self.__id_count = 0
|
|
||||||
self.__url = url
|
|
||||||
self.__cookies = cookies
|
|
||||||
|
|
||||||
def __getattr__(self, name):
|
|
||||||
if name.startswith('__') and name.endswith('__'):
|
|
||||||
raise AttributeError(name)
|
|
||||||
|
|
||||||
def f(*args, **kwargs):
|
|
||||||
return self.call(name, [args, kwargs])
|
|
||||||
|
|
||||||
return f
|
|
||||||
|
|
||||||
async def call(self, method, params=None):
|
|
||||||
params = params or {}
|
|
||||||
self.__id_count += 1
|
|
||||||
|
|
||||||
pre_auth_post_data = {
|
|
||||||
'version': '2',
|
|
||||||
'method': method,
|
|
||||||
'params': params,
|
|
||||||
'id': self.__id_count
|
|
||||||
}
|
|
||||||
to_auth = json.dumps(pre_auth_post_data, sort_keys=True)
|
|
||||||
auth_msg = self.__api_key.get_hmac(to_auth).decode()
|
|
||||||
pre_auth_post_data.update({'hmac': auth_msg})
|
|
||||||
post_data = json.dumps(pre_auth_post_data)
|
|
||||||
|
|
||||||
headers = {
|
|
||||||
'Host': self.__url.hostname,
|
|
||||||
'User-Agent': USER_AGENT,
|
|
||||||
'Content-type': 'application/json'
|
|
||||||
}
|
|
||||||
|
|
||||||
async with self.session.post(self.__login_url, data=post_data, headers=headers) as resp:
|
|
||||||
if resp is None:
|
|
||||||
raise JSONRPCException({'code': -342, 'message': 'missing HTTP response from server'})
|
|
||||||
resp.raise_for_status()
|
|
||||||
|
|
||||||
next_secret = resp.headers.get(LBRY_SECRET, False)
|
|
||||||
if next_secret:
|
|
||||||
self.__api_key.secret = next_secret
|
|
||||||
|
|
||||||
return await resp.json()
|
|
||||||
|
|
||||||
@classmethod
|
|
||||||
async def get_client(cls, key_name=None):
|
|
||||||
api_key_name = key_name or "api"
|
|
||||||
keyring = Keyring.load_from_disk() # pylint: disable=E0602
|
|
||||||
|
|
||||||
api_key = keyring.api_key
|
|
||||||
login_url = conf.settings.get_api_connection_string(api_key_name, api_key.secret)
|
|
||||||
url = urlparse(login_url)
|
|
||||||
|
|
||||||
headers = {
|
|
||||||
'Host': url.hostname,
|
|
||||||
'User-Agent': USER_AGENT,
|
|
||||||
'Content-type': 'application/json'
|
|
||||||
}
|
|
||||||
connector = aiohttp.TCPConnector(ssl=None if not conf.settings['use_https'] else keyring.ssl_context)
|
|
||||||
session = aiohttp.ClientSession(connector=connector)
|
|
||||||
|
|
||||||
async with session.post(login_url, headers=headers) as r:
|
|
||||||
cookies = r.cookies
|
|
||||||
uid = cookies.get(TWISTED_SECURE_SESSION if conf.settings['use_https'] else TWISTED_SESSION).value
|
|
||||||
api_key = APIKey.create(seed=uid.encode()) # pylint: disable=E0602
|
|
||||||
return cls(api_key, session, cookies, url, login_url)
|
|
||||||
|
|
||||||
|
|
||||||
class LBRYAPIClient:
|
class LBRYAPIClient:
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_client(conf_path=None):
|
def get_client(conf_path=None):
|
||||||
conf.conf_file = conf_path
|
conf.conf_file = conf_path
|
||||||
if not conf.settings:
|
if not conf.settings:
|
||||||
conf.initialize_settings()
|
conf.initialize_settings()
|
||||||
return AuthAPIClient.get_client() if conf.settings['use_auth_http'] else \
|
return UnAuthAPIClient.from_url(conf.settings.get_api_connection_string())
|
||||||
UnAuthAPIClient.from_url(conf.settings.get_api_connection_string())
|
|
||||||
|
|
||||||
|
|
||||||
if sys.platform.startswith('darwin') or sys.platform.startswith('linux'):
|
if sys.platform.startswith('darwin') or sys.platform.startswith('linux'):
|
||||||
|
@ -348,6 +273,9 @@ def main():
|
||||||
"--http-auth", dest="useauth", action="store_true", default=conf.settings['use_auth_http']
|
"--http-auth", dest="useauth", action="store_true", default=conf.settings['use_auth_http']
|
||||||
)
|
)
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
if args.useauth:
|
||||||
|
print('--http-auth is no longer supported; an alternative solution using IPC is forthcoming.')
|
||||||
|
return
|
||||||
loop = asyncio.get_event_loop()
|
loop = asyncio.get_event_loop()
|
||||||
loop.run_until_complete(start_lbrynet_console(args.quiet, args.use_existing_daemon, args.useauth))
|
loop.run_until_complete(start_lbrynet_console(args.quiet, args.use_existing_daemon, args.useauth))
|
||||||
reactor.run()
|
reactor.run()
|
||||||
|
|
|
@ -29,7 +29,6 @@ class FakeAnalytics:
|
||||||
|
|
||||||
|
|
||||||
class CLIIntegrationTest(AsyncioTestCase):
|
class CLIIntegrationTest(AsyncioTestCase):
|
||||||
USE_AUTH = False
|
|
||||||
|
|
||||||
async def asyncSetUp(self):
|
async def asyncSetUp(self):
|
||||||
skip = [
|
skip = [
|
||||||
|
@ -40,7 +39,6 @@ class CLIIntegrationTest(AsyncioTestCase):
|
||||||
]
|
]
|
||||||
conf.initialize_settings(load_conf_file=False)
|
conf.initialize_settings(load_conf_file=False)
|
||||||
conf.settings['api_port'] = 5299
|
conf.settings['api_port'] = 5299
|
||||||
conf.settings['use_auth_http'] = self.USE_AUTH
|
|
||||||
conf.settings['components_to_skip'] = skip
|
conf.settings['components_to_skip'] = skip
|
||||||
conf.settings.initialize_post_conf_load()
|
conf.settings.initialize_post_conf_load()
|
||||||
Daemon.component_attributes = {}
|
Daemon.component_attributes = {}
|
||||||
|
@ -50,25 +48,7 @@ class CLIIntegrationTest(AsyncioTestCase):
|
||||||
async def asyncTearDown(self):
|
async def asyncTearDown(self):
|
||||||
await self.daemon.shutdown()
|
await self.daemon.shutdown()
|
||||||
|
|
||||||
|
|
||||||
@skip
|
|
||||||
class AuthenticatedCLITest(CLIIntegrationTest):
|
|
||||||
USE_AUTH = True
|
|
||||||
|
|
||||||
def test_cli_status_command_with_auth(self):
|
def test_cli_status_command_with_auth(self):
|
||||||
self.assertTrue(self.daemon._use_authentication)
|
|
||||||
actual_output = StringIO()
|
|
||||||
with contextlib.redirect_stdout(actual_output):
|
|
||||||
cli.main(["status"])
|
|
||||||
actual_output = actual_output.getvalue()
|
|
||||||
self.assertIn("connection_status", actual_output)
|
|
||||||
|
|
||||||
|
|
||||||
class UnauthenticatedCLITest(CLIIntegrationTest):
|
|
||||||
USE_AUTH = False
|
|
||||||
|
|
||||||
def test_cli_status_command_with_auth(self):
|
|
||||||
self.assertFalse(self.daemon._use_authentication)
|
|
||||||
actual_output = StringIO()
|
actual_output = StringIO()
|
||||||
with contextlib.redirect_stdout(actual_output):
|
with contextlib.redirect_stdout(actual_output):
|
||||||
cli.main(["status"])
|
cli.main(["status"])
|
||||||
|
|
Loading…
Reference in a new issue