diff options
-rw-r--r-- | .gitignore | 44 | ||||
-rw-r--r-- | .travis.yml | 14 | ||||
-rw-r--r-- | CHANGELOG.rst | 15 | ||||
-rw-r--r-- | Makefile | 106 | ||||
-rw-r--r-- | PKG-INFO | 55 | ||||
-rw-r--r-- | debian/changelog | 3 | ||||
-rw-r--r-- | debian/patches/isolate-from-proxy.patch | 2 | ||||
-rw-r--r-- | docs/_static/TRACKME | 0 | ||||
-rwxr-xr-x | docs/conf.py | 273 | ||||
-rw-r--r-- | macaroonbakery.egg-info/PKG-INFO | 55 | ||||
-rw-r--r-- | macaroonbakery.egg-info/SOURCES.txt | 77 | ||||
-rw-r--r-- | macaroonbakery.egg-info/dependency_links.txt | 1 | ||||
-rw-r--r-- | macaroonbakery.egg-info/not-zip-safe | 1 | ||||
-rw-r--r-- | macaroonbakery.egg-info/requires.txt | 7 | ||||
-rw-r--r-- | macaroonbakery.egg-info/top_level.txt | 1 | ||||
-rw-r--r-- | macaroonbakery/bakery/_checker.py | 25 | ||||
-rw-r--r-- | macaroonbakery/bakery/_internal/id.proto | 14 | ||||
-rw-r--r-- | macaroonbakery/httpbakery/_discharge.py | 5 | ||||
-rw-r--r-- | macaroonbakery/tests/test_client.py | 92 | ||||
-rw-r--r-- | macaroonbakery/tests/test_discharge.py | 10 | ||||
-rw-r--r-- | requirements.txt | 9 | ||||
-rw-r--r-- | setup.cfg | 5 | ||||
-rwxr-xr-x | setup.py | 4 | ||||
-rw-r--r-- | sysdeps.mk | 1 | ||||
-rw-r--r-- | test-requirements.txt | 8 | ||||
-rw-r--r-- | tox.ini | 30 |
26 files changed, 321 insertions, 536 deletions
diff --git a/.gitignore b/.gitignore deleted file mode 100644 index aa4d9f9..0000000 --- a/.gitignore +++ /dev/null @@ -1,44 +0,0 @@ -# Byte-compiled / optimized / DLL files -__pycache__/ -*.py[cod] - -# Distribution / packaging -.sysdeps-installed -devenv -build/ -develop-eggs/ -dist/ -downloads/ -eggs/ -.eggs/ -lib/ -lib64/ -parts/ -sdist/ -var/ -*.egg-info/ -.installed.cfg -*.egg - -# Installer logs -pip-log.txt -pip-delete-this-directory.txt - -# Unit test / coverage reports -htmlcov/ -.tox/ -.coverage -.coverage.* -.cache -nosetests.xml -coverage.xml -*,cover - -# Sphinx documentation -docs/_build/ - -# Editor files -*.sw[op] - -# Build canaries. -.*canary diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 4bc8e34..0000000 --- a/.travis.yml +++ /dev/null @@ -1,14 +0,0 @@ -language: python -python: - - "2.7" - - "3.5" -stages: - - lint - - test -install: pip install tox tox-travis -jobs: - include: - - stage: lint - script: tox -e lint - python: "3.5" -script: tox diff --git a/CHANGELOG.rst b/CHANGELOG.rst deleted file mode 100644 index b7c1fcd..0000000 --- a/CHANGELOG.rst +++ /dev/null @@ -1,15 +0,0 @@ -.. :changelog: - -History -------- - -0.0.2 (2017-07-19) -++++++++++++++++++ - -* Fix import. - -0.0.1 (2017-06-09) -++++++++++++++++++ - -* Initial release. - diff --git a/Makefile b/Makefile deleted file mode 100644 index 03b5766..0000000 --- a/Makefile +++ /dev/null @@ -1,106 +0,0 @@ -# Copyright 2017 Canonical Ltd. -# Licensed under the LGPLv3, see LICENCE file for details. -include sysdeps.mk - -PYTHON = python -# Since the python-tox package in Ubuntu uses Python 3, use pip to install tox -# instead. This also works on OSX where tox is not present in Homebrew. -PIP_SYSDEPS = tox - -PIP = sudo pip install $(1) - -SYSDEPS_INSTALLED = .sysdeps-installed -DEVENV = devenv -DEVENVPIP = $(DEVENV)/bin/pip - -.DEFAULT_GOAL := setup - -$(DEVENVPIP): - @tox -e devenv - -$(SYSDEPS_INSTALLED): sysdeps.mk -ifeq ($(shell command -v apt-get > /dev/null; echo $$?),0) - sudo apt-get install --yes $(APT_SYSDEPS) -else - @echo 'System dependencies can only be installed automatically on' - @echo 'systems with "apt-get". On OSX you can manually use Homebrew' - @echo 'if there are missing dependencies corresponding to the following' - @echo 'Debian packages:' - @echo '$(APT_SYSDEPS).' -endif - sudo pip2 install $(PIP_SYSDEPS) - touch $(SYSDEPS_INSTALLED) - - -.PHONY: check -check: setup lint - @tox - -.PHONY: clean -clean: - $(PYTHON) setup.py clean - # Remove the development environments. - rm -rf $(DEVENV) .tox/ - # Remove distribution artifacts. - rm -rf *.egg build/ dist/ macaroonbakery.egg-info MANIFEST - # Remove tests artifacts. - rm -f .coverage - # Remove the canary file. - rm -f $(SYSDEPS_INSTALLED) - # Remove Python compiled bytecode. - find . -name '*.pyc' -delete - find . -name '__pycache__' -type d -delete - -.PHONY: docs -docs: setup - @tox -e docs - -.PHONY: help -help: - @echo -e 'Macaroon Bakery - list of make targets:\n' - @echo 'make - Set up the development and testing environment.' - @echo 'make test - Run tests.' - @echo 'make lint - Run linter and pep8.' - @echo 'make check - Run all the tests and lint in all supported scenarios.' - @echo 'make source - Create source package.' - @echo 'make clean - Get rid of bytecode files, build and dist dirs, venvs.' - @echo 'make release - Register and upload a release on PyPI.' - @echo -e '\nAfter creating the development environment with "make", it is' - @echo 'also possible to do the following:' - @echo '- run a specific subset of the test suite, e.g. with' - @echo ' "$(DEVENV)/bin/nosetests bakery/tests/...";' - @echo '- use tox as usual on this project;' - @echo ' see https://tox.readthedocs.org/en/latest/' - - -.PHONY: lint -lint: setup - @tox -e lint - -.PHONY: release -release: check - $(PYTHON) setup.py register sdist upload - -.PHONY: setup -setup: $(SYSDEPS_INSTALLED) $(DEVENVPIP) setup.py - -.PHONY: source -source: - $(PYTHON) setup.py sdist - -.PHONY: sysdeps -sysdeps: $(SYSDEPS_INSTALLED) - -.PHONY: test -test: setup - @$(DEVENV)/bin/nosetests \ - --verbosity 2 --with-coverage --cover-erase \ - --cover-package macaroonbakery - -.PHONY: isort -isort: - isort \ - --trailing-comma \ - --recursive \ - --multi-line 3 \ - `find macaroonbakery -name '*.py' | grep -v 'internal/id_pb2\.py'` diff --git a/PKG-INFO b/PKG-INFO new file mode 100644 index 0000000..fe69309 --- /dev/null +++ b/PKG-INFO @@ -0,0 +1,55 @@ +Metadata-Version: 1.1 +Name: macaroonbakery +Version: 1.2.0 +Summary: A Python library port for bakery, higher level operation to work with macaroons +Home-page: https://github.com/go-macaroon-bakery/py-macaroon-bakery +Author: Juju UI Team +Author-email: juju-gui@lists.ubuntu.com +License: LGPL3 +Description-Content-Type: UNKNOWN +Description: =============== + Macaroon Bakery + =============== + + A Python library for working with macaroons. + + + Installation + ------------ + The easiest way to install macaroonbakery is via pip:: + + $ pip install macaroonbakery + + macaroonbakery was developed around pymacaroons. On ubuntu, you + can get libsodium from a ppa:: + + $ sudo add-apt-repository ppa:yellow/ppa -y + $ apt-get install libsodium13 + + Usage + ----- + Interacting with a protected url, you can use the BakeryAuth provided to deal + with the macaroon bakery + + >>> from macaroonbakery import httpbakery + >>> jar = requests.cookies.RequestsCookieJar() + >>> resp = requests.get('some protected url', + cookies=jar, + auth=httpbakery.BakeryAuth(cookies=jar)) + >>> resp.raise_for_status() + + + You can use any cookie storage you'd like so next subsequent calls the macaroon + saved in the cookie jar will be directly used and will not require + any other authentication (for example, cookielib.FileCookieJar). + +Keywords: macaroon cookie +Platform: UNKNOWN +Classifier: Development Status :: 2 - Pre-Alpha +Classifier: Intended Audience :: Developers +Classifier: License :: OSI Approved :: GNU Lesser General Public License v3 (LGPLv3) +Classifier: Natural Language :: English +Classifier: Programming Language :: Python :: 2 +Classifier: Programming Language :: Python :: 2.7 +Classifier: Programming Language :: Python :: 3 +Classifier: Programming Language :: Python :: 3.5 diff --git a/debian/changelog b/debian/changelog index 00cac67..a7ad0ee 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,7 +1,8 @@ -py-macaroon-bakery (1.1.4-2) UNRELEASED; urgency=medium +py-macaroon-bakery (1.2.0-1) UNRELEASED; urgency=medium * debian/watch: Switch to PyPI, which upstream updates more reliably than GitHub releases. + * New upstream release. -- Colin Watson <cjwatson@debian.org> Fri, 12 Oct 2018 13:04:58 +0100 diff --git a/debian/patches/isolate-from-proxy.patch b/debian/patches/isolate-from-proxy.patch index 40803e2..8274832 100644 --- a/debian/patches/isolate-from-proxy.patch +++ b/debian/patches/isolate-from-proxy.patch @@ -40,7 +40,7 @@ index a6c3e58..72a6928 100644 def assert_cookie_security(self, cookies, name, secure): for cookie in cookies: diff --git a/macaroonbakery/tests/test_client.py b/macaroonbakery/tests/test_client.py -index 4061a8a..aa1f268 100644 +index 9c57b78..fe53579 100644 --- a/macaroonbakery/tests/test_client.py +++ b/macaroonbakery/tests/test_client.py @@ -3,6 +3,7 @@ diff --git a/docs/_static/TRACKME b/docs/_static/TRACKME deleted file mode 100644 index e69de29..0000000 --- a/docs/_static/TRACKME +++ /dev/null diff --git a/docs/conf.py b/docs/conf.py deleted file mode 100755 index 3f1adbe..0000000 --- a/docs/conf.py +++ /dev/null @@ -1,273 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- -# -# Macaroon Bakery documentation build configuration file, created by -# sphinx-quickstart on Tue Jul 9 22:26:36 2013. -# -# This file is execfile()d with the current directory set to its -# containing dir. -# -# Note that not all possible configuration values are present in this -# autogenerated file. -# -# All configuration values have a default; values that are commented out -# serve to show the default. - -import sys -import os - -# If extensions (or modules to document with autodoc) are in another -# directory, add these directories to sys.path here. If the directory is -# relative to the documentation root, use os.path.abspath to make it -# absolute, like shown here. -#sys.path.insert(0, os.path.abspath('.')) - -# Get the project root dir, which is the parent dir of this -cwd = os.getcwd() -project_root = os.path.dirname(cwd) - -# Insert the project root dir as the first element in the PYTHONPATH. -# This lets us ensure that the source package is imported, and that its -# version is used. -sys.path.insert(0, project_root) - -import macaroonbakery as bakery - -# -- General configuration --------------------------------------------- - -# If your documentation needs a minimal Sphinx version, state it here. -#needs_sphinx = '1.0' - -# Add any Sphinx extension module names here, as strings. They can be -# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom ones. -extensions = ['sphinx.ext.autodoc', 'sphinx.ext.viewcode'] - -# Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] - -# The suffix of source filenames. -source_suffix = '.rst' - -# The encoding of source files. -#source_encoding = 'utf-8-sig' - -# The master toctree document. -master_doc = 'index' - -# General information about the project. -project = u'Python Macaroon Bakery' -copyright = u'2017, Juju UI Team' - -# The version info for the project you're documenting, acts as replacement -# for |version| and |release|, also used in various other places throughout -# the built documents. -# -# The short X.Y version and the full version. -version = release = '1.1.4' - -# The language for content autogenerated by Sphinx. Refer to documentation -# for a list of supported languages. -#language = None - -# There are two options for replacing |today|: either, you set today to -# some non-false value, then it is used: -#today = '' -# Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' - -# List of patterns, relative to source directory, that match files and -# directories to ignore when looking for source files. -exclude_patterns = ['_build'] - -# The reST default role (used for this markup: `text`) to use for all -# documents. -#default_role = None - -# If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True - -# If true, the current module name will be prepended to all description -# unit titles (such as .. function::). -#add_module_names = True - -# If true, sectionauthor and moduleauthor directives will be shown in the -# output. They are ignored by default. -#show_authors = False - -# The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' - -# A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] - -# If true, keep warnings as "system message" paragraphs in the built -# documents. -#keep_warnings = False - - -# -- Options for HTML output ------------------------------------------- - -# The theme to use for HTML and HTML Help pages. See the documentation for -# a list of builtin themes. -html_theme = 'alabaster' - -# Theme options are theme-specific and customize the look and feel of a -# theme further. For a list of options available for each theme, see the -# documentation. -#html_theme_options = {} - -# Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] - -# The name for this set of Sphinx documents. If None, it defaults to -# "<project> v<release> documentation". -#html_title = None - -# A shorter title for the navigation bar. Default is the same as -# html_title. -#html_short_title = None - -# The name of an image file (relative to this directory) to place at the -# top of the sidebar. -#html_logo = None - -# The name of an image file (within the static path) to use as favicon -# of the docs. This file should be a Windows icon file (.ico) being -# 16x16 or 32x32 pixels large. -#html_favicon = None - -# Add any paths that contain custom static files (such as style sheets) -# here, relative to this directory. They are copied after the builtin -# static files, so a file named "default.css" will overwrite the builtin -# "default.css". -html_static_path = ['_static'] - -# If not '', a 'Last updated on:' timestamp is inserted at every page -# bottom, using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' - -# If true, SmartyPants will be used to convert quotes and dashes to -# typographically correct entities. -#html_use_smartypants = True - -# Custom sidebar templates, maps document names to template names. -#html_sidebars = {} - -# Additional templates that should be rendered to pages, maps page names -# to template names. -#html_additional_pages = {} - -# If false, no module index is generated. -#html_domain_indices = True - -# If false, no index is generated. -#html_use_index = True - -# If true, the index is split into individual pages for each letter. -#html_split_index = False - -# If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True - -# If true, "Created using Sphinx" is shown in the HTML footer. -# Default is True. -#html_show_sphinx = True - -# If true, "(C) Copyright ..." is shown in the HTML footer. -# Default is True. -#html_show_copyright = True - -# If true, an OpenSearch description file will be output, and all pages -# will contain a <link> tag referring to it. The value of this option -# must be the base URL from which the finished HTML is served. -#html_use_opensearch = '' - -# This is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = None - -# Output file base name for HTML help builder. -htmlhelp_basename = 'bakerydoc' - - -# -- Options for LaTeX output ------------------------------------------ - -latex_elements = { - # The paper size ('letterpaper' or 'a4paper'). - #'papersize': 'letterpaper', - - # The font size ('10pt', '11pt' or '12pt'). - #'pointsize': '10pt', - - # Additional stuff for the LaTeX preamble. - #'preamble': '', -} - -# Grouping the document tree into LaTeX files. List of tuples -# (source start file, target name, title, author, documentclass -# [howto/manual]). -latex_documents = [ - ('index', 'bakery.tex', - u'Macaroon Bakery Documentation', - u'Juju UI Team', 'manual'), -] - -# The name of an image file (relative to this directory) to place at -# the top of the title page. -#latex_logo = None - -# For "manual" documents, if this is true, then toplevel headings -# are parts, not chapters. -#latex_use_parts = False - -# If true, show page references after internal links. -#latex_show_pagerefs = False - -# If true, show URL addresses after external links. -#latex_show_urls = False - -# Documents to append as an appendix to all manuals. -#latex_appendices = [] - -# If false, no module index is generated. -#latex_domain_indices = True - - -# -- Options for manual page output ------------------------------------ - -# One entry per manual page. List of tuples -# (source start file, name, description, authors, manual section). -man_pages = [ - ('index', 'bakery', - u'Macaroon Bakery Documentation', - [u'Juju UI Team'], 1) -] - -# If true, show URL addresses after external links. -#man_show_urls = False - - -# -- Options for Texinfo output ---------------------------------------- - -# Grouping the document tree into Texinfo files. List of tuples -# (source start file, target name, title, author, -# dir menu entry, description, category) -texinfo_documents = [ - ('index', 'bakery', - u'Python Macaroon Bakery Documentation', - u'Juju UI Team', - 'bakery', - 'One line description of project.', - 'Miscellaneous'), -] - -# Documents to append as an appendix to all manuals. -#texinfo_appendices = [] - -# If false, no module index is generated. -#texinfo_domain_indices = True - -# How to display URL addresses: 'footnote', 'no', or 'inline'. -#texinfo_show_urls = 'footnote' - -# If true, do not generate a @detailmenu in the "Top" node's menu. -#texinfo_no_detailmenu = False diff --git a/macaroonbakery.egg-info/PKG-INFO b/macaroonbakery.egg-info/PKG-INFO new file mode 100644 index 0000000..fe69309 --- /dev/null +++ b/macaroonbakery.egg-info/PKG-INFO @@ -0,0 +1,55 @@ +Metadata-Version: 1.1 +Name: macaroonbakery +Version: 1.2.0 +Summary: A Python library port for bakery, higher level operation to work with macaroons +Home-page: https://github.com/go-macaroon-bakery/py-macaroon-bakery +Author: Juju UI Team +Author-email: juju-gui@lists.ubuntu.com +License: LGPL3 +Description-Content-Type: UNKNOWN +Description: =============== + Macaroon Bakery + =============== + + A Python library for working with macaroons. + + + Installation + ------------ + The easiest way to install macaroonbakery is via pip:: + + $ pip install macaroonbakery + + macaroonbakery was developed around pymacaroons. On ubuntu, you + can get libsodium from a ppa:: + + $ sudo add-apt-repository ppa:yellow/ppa -y + $ apt-get install libsodium13 + + Usage + ----- + Interacting with a protected url, you can use the BakeryAuth provided to deal + with the macaroon bakery + + >>> from macaroonbakery import httpbakery + >>> jar = requests.cookies.RequestsCookieJar() + >>> resp = requests.get('some protected url', + cookies=jar, + auth=httpbakery.BakeryAuth(cookies=jar)) + >>> resp.raise_for_status() + + + You can use any cookie storage you'd like so next subsequent calls the macaroon + saved in the cookie jar will be directly used and will not require + any other authentication (for example, cookielib.FileCookieJar). + +Keywords: macaroon cookie +Platform: UNKNOWN +Classifier: Development Status :: 2 - Pre-Alpha +Classifier: Intended Audience :: Developers +Classifier: License :: OSI Approved :: GNU Lesser General Public License v3 (LGPLv3) +Classifier: Natural Language :: English +Classifier: Programming Language :: Python :: 2 +Classifier: Programming Language :: Python :: 2.7 +Classifier: Programming Language :: Python :: 3 +Classifier: Programming Language :: Python :: 3.5 diff --git a/macaroonbakery.egg-info/SOURCES.txt b/macaroonbakery.egg-info/SOURCES.txt new file mode 100644 index 0000000..f3ac62a --- /dev/null +++ b/macaroonbakery.egg-info/SOURCES.txt @@ -0,0 +1,77 @@ +AUTHORS.rst +CONTRIBUTING.rst +LICENSE +MANIFEST.in +README.rst +setup.cfg +setup.py +docs/Makefile +docs/authors.rst +docs/contributing.rst +docs/index.rst +docs/installation.rst +docs/packaging.rst +docs/readme.rst +docs/usage.rst +macaroonbakery/__init__.py +macaroonbakery.egg-info/PKG-INFO +macaroonbakery.egg-info/SOURCES.txt +macaroonbakery.egg-info/dependency_links.txt +macaroonbakery.egg-info/not-zip-safe +macaroonbakery.egg-info/requires.txt +macaroonbakery.egg-info/top_level.txt +macaroonbakery/_utils/__init__.py +macaroonbakery/bakery/__init__.py +macaroonbakery/bakery/_authorizer.py +macaroonbakery/bakery/_bakery.py +macaroonbakery/bakery/_checker.py +macaroonbakery/bakery/_codec.py +macaroonbakery/bakery/_discharge.py +macaroonbakery/bakery/_error.py +macaroonbakery/bakery/_identity.py +macaroonbakery/bakery/_keys.py +macaroonbakery/bakery/_macaroon.py +macaroonbakery/bakery/_oven.py +macaroonbakery/bakery/_store.py +macaroonbakery/bakery/_third_party.py +macaroonbakery/bakery/_versions.py +macaroonbakery/bakery/_internal/__init__.py +macaroonbakery/bakery/_internal/id_pb2.py +macaroonbakery/checkers/__init__.py +macaroonbakery/checkers/_auth_context.py +macaroonbakery/checkers/_caveat.py +macaroonbakery/checkers/_checkers.py +macaroonbakery/checkers/_conditions.py +macaroonbakery/checkers/_declared.py +macaroonbakery/checkers/_namespace.py +macaroonbakery/checkers/_operation.py +macaroonbakery/checkers/_time.py +macaroonbakery/checkers/_utils.py +macaroonbakery/httpbakery/__init__.py +macaroonbakery/httpbakery/_browser.py +macaroonbakery/httpbakery/_client.py +macaroonbakery/httpbakery/_discharge.py +macaroonbakery/httpbakery/_error.py +macaroonbakery/httpbakery/_interactor.py +macaroonbakery/httpbakery/_keyring.py +macaroonbakery/httpbakery/agent/__init__.py +macaroonbakery/httpbakery/agent/_agent.py +macaroonbakery/tests/__init__.py +macaroonbakery/tests/common.py +macaroonbakery/tests/test_agent.py +macaroonbakery/tests/test_authorizer.py +macaroonbakery/tests/test_bakery.py +macaroonbakery/tests/test_checker.py +macaroonbakery/tests/test_checkers.py +macaroonbakery/tests/test_client.py +macaroonbakery/tests/test_codec.py +macaroonbakery/tests/test_discharge.py +macaroonbakery/tests/test_discharge_all.py +macaroonbakery/tests/test_httpbakery.py +macaroonbakery/tests/test_keyring.py +macaroonbakery/tests/test_macaroon.py +macaroonbakery/tests/test_namespace.py +macaroonbakery/tests/test_oven.py +macaroonbakery/tests/test_store.py +macaroonbakery/tests/test_time.py +macaroonbakery/tests/test_utils.py
\ No newline at end of file diff --git a/macaroonbakery.egg-info/dependency_links.txt b/macaroonbakery.egg-info/dependency_links.txt new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/macaroonbakery.egg-info/dependency_links.txt @@ -0,0 +1 @@ + diff --git a/macaroonbakery.egg-info/not-zip-safe b/macaroonbakery.egg-info/not-zip-safe new file mode 100644 index 0000000..8b13789 --- /dev/null +++ b/macaroonbakery.egg-info/not-zip-safe @@ -0,0 +1 @@ + diff --git a/macaroonbakery.egg-info/requires.txt b/macaroonbakery.egg-info/requires.txt new file mode 100644 index 0000000..e715881 --- /dev/null +++ b/macaroonbakery.egg-info/requires.txt @@ -0,0 +1,7 @@ +requests<3.0,>=2.18.1 +PyNaCl<2.0,>=1.1.2 +pymacaroons<1.0,>=0.12.0 +six<2.0,>=1.11.0 +protobuf<4.0,>=3.0.0 +pyRFC3339<2.0,>=1.0 +ipaddress diff --git a/macaroonbakery.egg-info/top_level.txt b/macaroonbakery.egg-info/top_level.txt new file mode 100644 index 0000000..57bab63 --- /dev/null +++ b/macaroonbakery.egg-info/top_level.txt @@ -0,0 +1 @@ +macaroonbakery diff --git a/macaroonbakery/bakery/_checker.py b/macaroonbakery/bakery/_checker.py index b796502..88560cc 100644 --- a/macaroonbakery/bakery/_checker.py +++ b/macaroonbakery/bakery/_checker.py @@ -111,21 +111,18 @@ class AuthChecker(object): if not self._executed: self._init_once(ctx) self._executed = True - if self._init_errors: - raise AuthInitError(self._init_errors[0]) def _init_once(self, ctx): self._auth_indexes = {} self._conditions = [None] * len(self._macaroons) for i, ms in enumerate(self._macaroons): try: - ops, conditions = self.parent._macaroon_opstore.macaroon_ops( - ms) - except VerificationError: - raise - except Exception as exc: - self._init_errors.append(exc.args[0]) + ops, conditions = self.parent._macaroon_opstore.macaroon_ops(ms) + except VerificationError as e: + self._init_errors.append(str(e)) continue + except Exception as exc: + raise AuthInitError(str(exc)) # It's a valid macaroon (in principle - we haven't checked first # party caveats). @@ -152,8 +149,7 @@ class AuthChecker(object): # other operations if the conditions succeed for those. declared, err = self._check_conditions(ctx, LOGIN_OP, conditions) if err is not None: - self._init_errors.append('cannot authorize login macaroon: ' + - err) + self._init_errors.append('cannot authorize login macaroon: ' + err) continue if self._identity is not None: # We've already found a login macaroon so ignore this one @@ -201,8 +197,13 @@ class AuthChecker(object): authorization requests. If an operation was not allowed, an exception will be raised which may - be DischargeRequiredError holding the operations that remain to - be authorized in order to allow authorization to proceed. + be: + + - DischargeRequiredError holding the operations that remain to + be authorized in order to allow authorization to proceed + - PermissionDenied when no operations can be authorized and there's + no third party to discharge macaroons for. + @param ctx AuthContext @param ops an array of Op :return: an AuthInfo object. diff --git a/macaroonbakery/bakery/_internal/id.proto b/macaroonbakery/bakery/_internal/id.proto deleted file mode 100644 index eb3d614..0000000 --- a/macaroonbakery/bakery/_internal/id.proto +++ /dev/null @@ -1,14 +0,0 @@ -syntax="proto3"; - -option go_package = "macaroonpb"; - -message MacaroonId { - bytes nonce = 1; - bytes storageId = 2; - repeated Op ops = 3; -} - -message Op { - string entity = 1; - repeated string actions = 2; -} diff --git a/macaroonbakery/httpbakery/_discharge.py b/macaroonbakery/httpbakery/_discharge.py index f868d23..1873850 100644 --- a/macaroonbakery/httpbakery/_discharge.py +++ b/macaroonbakery/httpbakery/_discharge.py @@ -16,10 +16,13 @@ def discharge(ctx, content, key, locator, checker): @return The discharge macaroon {macaroonbakery.Macaroon} ''' id = content.get('id') - if id is None: + if id is not None: + id = id.encode('utf-8') + else: id = content.get('id64') if id is not None: id = utils.b64decode(id) + caveat = content.get('caveat64') if caveat is not None: caveat = utils.b64decode(caveat) diff --git a/macaroonbakery/tests/test_client.py b/macaroonbakery/tests/test_client.py index 4061a8a..9c57b78 100644 --- a/macaroonbakery/tests/test_client.py +++ b/macaroonbakery/tests/test_client.py @@ -55,6 +55,98 @@ class TestClient(TestCase): finally: httpd.shutdown() + def test_single_service_third_party(self): + class _DischargerLocator(bakery.ThirdPartyLocator): + def __init__(self): + self.key = bakery.generate_key() + + def third_party_info(self, loc): + if loc == 'http://1.2.3.4': + return bakery.ThirdPartyInfo( + public_key=self.key.public_key, + version=bakery.LATEST_VERSION, + ) + + d = _DischargerLocator() + b = new_bakery('loc', d, None) + + @urlmatch(path='.*/discharge') + def discharge(url, request): + qs = parse_qs(request.body) + content = {q: qs[q][0] for q in qs} + m = httpbakery.discharge(checkers.AuthContext(), content, d.key, d, + alwaysOK3rd) + return { + 'status_code': 200, + 'content': { + 'Macaroon': m.to_dict() + } + } + + def handler(*args): + GetHandler(b, 'http://1.2.3.4', None, None, None, AGES, *args) + try: + httpd = HTTPServer(('', 0), handler) + server_url = 'http://' + httpd.server_address[0] + ':' + str(httpd.server_address[1]) + thread = threading.Thread(target=httpd.serve_forever) + thread.start() + client = httpbakery.Client() + with HTTMock(discharge): + resp = requests.get( + url=server_url, + cookies=client.cookies, + auth=client.auth()) + resp.raise_for_status() + self.assertEquals(resp.text, 'done') + finally: + httpd.shutdown() + + def test_single_service_third_party_version_1_caveat(self): + class _DischargerLocator(bakery.ThirdPartyLocator): + def __init__(self): + self.key = bakery.generate_key() + + def third_party_info(self, loc): + if loc == 'http://1.2.3.4': + return bakery.ThirdPartyInfo( + public_key=self.key.public_key, + version=bakery.VERSION_1, + ) + + d = _DischargerLocator() + b = new_bakery('loc', d, None) + + @urlmatch(path='.*/discharge') + def discharge(url, request): + qs = parse_qs(request.body) + content = {q: qs[q][0] for q in qs} + m = httpbakery.discharge(checkers.AuthContext(), content, d.key, d, + alwaysOK3rd) + return { + 'status_code': 200, + 'content': { + 'Macaroon': m.to_dict() + } + } + + def handler(*args): + GetHandler(b, 'http://1.2.3.4', None, None, None, AGES, *args) + try: + httpd = HTTPServer(('', 0), handler) + server_url = 'http://' + httpd.server_address[0] + ':' + str(httpd.server_address[1]) + thread = threading.Thread(target=httpd.serve_forever) + thread.start() + client = httpbakery.Client() + with HTTMock(discharge): + resp = requests.get( + url=server_url, + cookies=client.cookies, + auth=client.auth()) + resp.raise_for_status() + self.assertEquals(resp.text, 'done') + finally: + httpd.shutdown() + def test_cookie_domain_host_not_fqdn(self): # See # https://github.com/go-macaroon-bakery/py-macaroon-bakery/issues/53 diff --git a/macaroonbakery/tests/test_discharge.py b/macaroonbakery/tests/test_discharge.py index 27bae63..0802070 100644 --- a/macaroonbakery/tests/test_discharge.py +++ b/macaroonbakery/tests/test_discharge.py @@ -153,7 +153,7 @@ class TestDischarge(unittest.TestCase): bakery.LOGIN_OP ) self.fail('macaroon unmet should be raised') - except bakery.VerificationError: + except bakery.PermissionDenied: pass def test_macaroon_paper_fig6_fails_with_binding_on_tampered_sig(self): @@ -194,7 +194,7 @@ class TestDischarge(unittest.TestCase): d[i + 1] = tampered_macaroon.prepare_for_request(dm) # client makes request to ts. - with self.assertRaises(bakery.VerificationError) as exc: + with self.assertRaises(bakery.PermissionDenied) as exc: ts.checker.auth([d]).allow(common.test_context, bakery.LOGIN_OP) self.assertEqual('verification failed: Signatures do not match', @@ -298,7 +298,7 @@ class TestDischarge(unittest.TestCase): 'arble': 'b', }) - with self.assertRaises(bakery.AuthInitError) as exc: + with self.assertRaises(bakery.PermissionDenied) as exc: first_party.checker.auth([d]).allow(common.test_context, bakery.LOGIN_OP) self.assertEqual('cannot authorize login macaroon: caveat ' @@ -377,7 +377,7 @@ class TestDischarge(unittest.TestCase): 'bar': '', 'baz': 'bazval', }) - with self.assertRaises(bakery.AuthInitError) as exc: + with self.assertRaises(bakery.PermissionDenied) as exc: first_party.checker.auth([d]).allow(common.test_context, bakery.LOGIN_OP) self.assertEqual('cannot authorize login macaroon: caveat "declared ' @@ -416,7 +416,7 @@ class TestDischarge(unittest.TestCase): self.assertIsNotNone(M.unbound) # Make sure it cannot be used as a normal macaroon in the third party. - with self.assertRaises(bakery.VerificationError) as exc: + with self.assertRaises(bakery.PermissionDenied) as exc: third_party.checker.auth([[M.unbound]]).allow( common.test_context, [bakery.LOGIN_OP]) self.assertEqual('no operations found in macaroon', diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index 889c512..0000000 --- a/requirements.txt +++ /dev/null @@ -1,9 +0,0 @@ -# Copyright 2017 Canonical Ltd. -# Licensed under the LGPLv3, see LICENCE file for details. - -requests>=2.18.4,<3.0 -PyNaCl>=1.1.2,<2.0 -pymacaroons>=0.12.0,<1.0 -six>=1.11.0,<2.0 -protobuf>=3.4.0,<4.0 -pyRFC3339>=1.0,<2.0 @@ -1,2 +1,7 @@ [wheel] universal = 1 + +[egg_info] +tag_build = +tag_date = 0 + @@ -13,8 +13,8 @@ from setuptools import ( PROJECT_NAME = 'macaroonbakery' -# version 1.1.4 -VERSION = (1, 1, 4) +# version 1.2.0 +VERSION = (1, 2, 0) def get_version(): diff --git a/sysdeps.mk b/sysdeps.mk deleted file mode 100644 index 519844b..0000000 --- a/sysdeps.mk +++ /dev/null @@ -1 +0,0 @@ -APT_SYSDEPS = python-dev python-pip python-setuptools libsodium-dev python-dev libffi-dev libssl-dev diff --git a/test-requirements.txt b/test-requirements.txt deleted file mode 100644 index 1a3938a..0000000 --- a/test-requirements.txt +++ /dev/null @@ -1,8 +0,0 @@ -# Copyright 2017 Canonical Ltd. -# Licensed under the LGPLv3, see LICENCE file for details. - -coverage==3.7.1 -flake8==2.4.0 -mock==1.0.1 -nose==1.3.6 -httmock==1.2.5 diff --git a/tox.ini b/tox.ini deleted file mode 100644 index 9a773b6..0000000 --- a/tox.ini +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright 2017 Canonical Ltd. -# Licensed under the LGPLv3, see LICENCE file for details. - -[tox] -envlist = lint, py27, py35, docs -# envlist = py27 - -[testenv] -setenv = - PYTHONPATH = {toxinidir}:{toxinidir}/macaroonbakery -# drop into debugger with: nosetests --pdb -# coverage with --with-coverage --cover-inclusive --cover-html -commands = - nosetests -deps = - -r{toxinidir}/test-requirements.txt - -[testenv:devenv] -envdir = devenv -usedevelop = True -commands = - -[testenv:lint] -usedevelop = True -commands = flake8 --ignore E501 --show-source macaroonbakery --exclude macaroonbakery/bakery/_internal/id_pb2.py - -[testenv:docs] -changedir = docs -deps = sphinx -commands = sphinx-build -W -b html -d {envtmpdir}/doctrees . {envtmpdir}/html |