forked from LBRYCommunity/lbry-sdk
error out when user tries --http-auth
This commit is contained in:
parent
974d3c83e3
commit
31586bf588
6 changed files with 7 additions and 108 deletions
|
@ -17,9 +17,6 @@ dht_node_port: 4444
|
|||
peer_port: 3333
|
||||
use_upnp: True
|
||||
|
||||
use_auth_http: True
|
||||
use_https: True
|
||||
|
||||
#components_to_skip:
|
||||
# - peer_protocol_server
|
||||
# - hash_announcer
|
||||
|
|
|
@ -250,8 +250,6 @@ ADJUSTABLE_SETTINGS = {
|
|||
'sd_download_timeout': (int, 3),
|
||||
'share_usage_data': (bool, True), # whether to share usage stats and diagnostic info with LBRY
|
||||
'peer_search_timeout': (int, 60),
|
||||
'use_auth_http': (bool, False),
|
||||
'use_https': (bool, False),
|
||||
'use_upnp': (bool, True),
|
||||
'use_keyring': (bool, False),
|
||||
'wallet': (str, LBRYUM_WALLET),
|
||||
|
@ -606,8 +604,7 @@ class Config:
|
|||
return os.path.join(self.ensure_data_dir(), self['LOG_FILE_NAME'])
|
||||
|
||||
def get_api_connection_string(self, user: str = None, password: str = None) -> str:
|
||||
return 'http%s://%s%s:%i/%s' % (
|
||||
"" if not self['use_https'] else "s",
|
||||
return 'http://%s%s:%i/%s' % (
|
||||
"" if not (user and password) else f"{user}:{password}@",
|
||||
self['api_host'],
|
||||
self['api_port'],
|
||||
|
|
|
@ -86,7 +86,8 @@ def start_daemon_with_cli_args(argv=None, data_dir: typing.Optional[str] = None,
|
|||
args = parser.parse_args(argv)
|
||||
settings = {}
|
||||
if args.useauth:
|
||||
settings['use_auth_http'] = True
|
||||
print('--http-auth is no longer supported; an alternative solution using IPC is forthcoming.')
|
||||
return
|
||||
|
||||
verbose = None
|
||||
if args.verbose:
|
||||
|
|
|
@ -362,8 +362,6 @@ class Daemon(metaclass=JSONRPCServerType):
|
|||
Checker.INTERNET_CONNECTION[0]: (LoopingCall(CheckInternetConnection(self)),
|
||||
Checker.INTERNET_CONNECTION[1])
|
||||
}
|
||||
use_authentication = conf.settings['use_auth_http']
|
||||
use_https = conf.settings['use_https']
|
||||
self.analytics_manager = analytics_manager or analytics.Manager.new_instance()
|
||||
self.component_manager = component_manager or ComponentManager(
|
||||
analytics_manager=self.analytics_manager,
|
||||
|
@ -371,8 +369,6 @@ class Daemon(metaclass=JSONRPCServerType):
|
|||
)
|
||||
self.looping_call_manager = LoopingCallManager({n: lc for n, (lc, t) in (looping_calls or {}).items()})
|
||||
self._looping_call_times = {n: t for n, (lc, t) in (looping_calls or {}).items()}
|
||||
self._use_authentication = use_authentication or conf.settings['use_auth_http']
|
||||
self._use_https = use_https or conf.settings['use_https']
|
||||
self.listening_port = None
|
||||
self._component_setup_task = None
|
||||
self.announced_startup = False
|
||||
|
|
|
@ -56,88 +56,13 @@ class UnAuthAPIClient:
|
|||
return await resp.json()
|
||||
|
||||
|
||||
class AuthAPIClient:
|
||||
def __init__(self, key, session, cookies, url, login_url):
|
||||
self.session = session
|
||||
self.__api_key = key
|
||||
self.__login_url = login_url
|
||||
self.__id_count = 0
|
||||
self.__url = url
|
||||
self.__cookies = cookies
|
||||
|
||||
def __getattr__(self, name):
|
||||
if name.startswith('__') and name.endswith('__'):
|
||||
raise AttributeError(name)
|
||||
|
||||
def f(*args, **kwargs):
|
||||
return self.call(name, [args, kwargs])
|
||||
|
||||
return f
|
||||
|
||||
async def call(self, method, params=None):
|
||||
params = params or {}
|
||||
self.__id_count += 1
|
||||
|
||||
pre_auth_post_data = {
|
||||
'version': '2',
|
||||
'method': method,
|
||||
'params': params,
|
||||
'id': self.__id_count
|
||||
}
|
||||
to_auth = json.dumps(pre_auth_post_data, sort_keys=True)
|
||||
auth_msg = self.__api_key.get_hmac(to_auth).decode()
|
||||
pre_auth_post_data.update({'hmac': auth_msg})
|
||||
post_data = json.dumps(pre_auth_post_data)
|
||||
|
||||
headers = {
|
||||
'Host': self.__url.hostname,
|
||||
'User-Agent': USER_AGENT,
|
||||
'Content-type': 'application/json'
|
||||
}
|
||||
|
||||
async with self.session.post(self.__login_url, data=post_data, headers=headers) as resp:
|
||||
if resp is None:
|
||||
raise JSONRPCException({'code': -342, 'message': 'missing HTTP response from server'})
|
||||
resp.raise_for_status()
|
||||
|
||||
next_secret = resp.headers.get(LBRY_SECRET, False)
|
||||
if next_secret:
|
||||
self.__api_key.secret = next_secret
|
||||
|
||||
return await resp.json()
|
||||
|
||||
@classmethod
|
||||
async def get_client(cls, key_name=None):
|
||||
api_key_name = key_name or "api"
|
||||
keyring = Keyring.load_from_disk() # pylint: disable=E0602
|
||||
|
||||
api_key = keyring.api_key
|
||||
login_url = conf.settings.get_api_connection_string(api_key_name, api_key.secret)
|
||||
url = urlparse(login_url)
|
||||
|
||||
headers = {
|
||||
'Host': url.hostname,
|
||||
'User-Agent': USER_AGENT,
|
||||
'Content-type': 'application/json'
|
||||
}
|
||||
connector = aiohttp.TCPConnector(ssl=None if not conf.settings['use_https'] else keyring.ssl_context)
|
||||
session = aiohttp.ClientSession(connector=connector)
|
||||
|
||||
async with session.post(login_url, headers=headers) as r:
|
||||
cookies = r.cookies
|
||||
uid = cookies.get(TWISTED_SECURE_SESSION if conf.settings['use_https'] else TWISTED_SESSION).value
|
||||
api_key = APIKey.create(seed=uid.encode()) # pylint: disable=E0602
|
||||
return cls(api_key, session, cookies, url, login_url)
|
||||
|
||||
|
||||
class LBRYAPIClient:
|
||||
@staticmethod
|
||||
def get_client(conf_path=None):
|
||||
conf.conf_file = conf_path
|
||||
if not conf.settings:
|
||||
conf.initialize_settings()
|
||||
return AuthAPIClient.get_client() if conf.settings['use_auth_http'] else \
|
||||
UnAuthAPIClient.from_url(conf.settings.get_api_connection_string())
|
||||
return UnAuthAPIClient.from_url(conf.settings.get_api_connection_string())
|
||||
|
||||
|
||||
if sys.platform.startswith('darwin') or sys.platform.startswith('linux'):
|
||||
|
@ -348,6 +273,9 @@ def main():
|
|||
"--http-auth", dest="useauth", action="store_true", default=conf.settings['use_auth_http']
|
||||
)
|
||||
args = parser.parse_args()
|
||||
if args.useauth:
|
||||
print('--http-auth is no longer supported; an alternative solution using IPC is forthcoming.')
|
||||
return
|
||||
loop = asyncio.get_event_loop()
|
||||
loop.run_until_complete(start_lbrynet_console(args.quiet, args.use_existing_daemon, args.useauth))
|
||||
reactor.run()
|
||||
|
|
|
@ -29,7 +29,6 @@ class FakeAnalytics:
|
|||
|
||||
|
||||
class CLIIntegrationTest(AsyncioTestCase):
|
||||
USE_AUTH = False
|
||||
|
||||
async def asyncSetUp(self):
|
||||
skip = [
|
||||
|
@ -40,7 +39,6 @@ class CLIIntegrationTest(AsyncioTestCase):
|
|||
]
|
||||
conf.initialize_settings(load_conf_file=False)
|
||||
conf.settings['api_port'] = 5299
|
||||
conf.settings['use_auth_http'] = self.USE_AUTH
|
||||
conf.settings['components_to_skip'] = skip
|
||||
conf.settings.initialize_post_conf_load()
|
||||
Daemon.component_attributes = {}
|
||||
|
@ -50,25 +48,7 @@ class CLIIntegrationTest(AsyncioTestCase):
|
|||
async def asyncTearDown(self):
|
||||
await self.daemon.shutdown()
|
||||
|
||||
|
||||
@skip
|
||||
class AuthenticatedCLITest(CLIIntegrationTest):
|
||||
USE_AUTH = True
|
||||
|
||||
def test_cli_status_command_with_auth(self):
|
||||
self.assertTrue(self.daemon._use_authentication)
|
||||
actual_output = StringIO()
|
||||
with contextlib.redirect_stdout(actual_output):
|
||||
cli.main(["status"])
|
||||
actual_output = actual_output.getvalue()
|
||||
self.assertIn("connection_status", actual_output)
|
||||
|
||||
|
||||
class UnauthenticatedCLITest(CLIIntegrationTest):
|
||||
USE_AUTH = False
|
||||
|
||||
def test_cli_status_command_with_auth(self):
|
||||
self.assertFalse(self.daemon._use_authentication)
|
||||
actual_output = StringIO()
|
||||
with contextlib.redirect_stdout(actual_output):
|
||||
cli.main(["status"])
|
||||
|
|
Loading…
Reference in a new issue