| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
| |
parse_qs will always return lists even for single-valued parameters,
check for it in the Validator and properly handle the case.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
This way checks and hives are created from the same list and will not
get out of sync (they are before this commit).
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
This allows admins to configure where the socket needs to be created
ithout forcing to change the cwd of the daemon to the same place.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
| |
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Newer pylint version completely removed the star-args warning, including
recognizing the exception in the source code.
Remove it from all source code to avoid annoyinf pylint errors about
unrecognized exceptions, and add a general exception in the pylint makefile
invocation, as apparently it is ok there. This will avoid warnings if older
versions of pylint are used.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
| |
A missing query would not lead to the default 'simple' type being selected.
Add tests for PUT/GET/DELETE of a simple key.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
The new 'kem' type allows the backend to authorize access to keys based on
a signed request where the key mus be whitelisted in advance in a kemkeys
database.
The reply is encrypted with the client public key.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
| |
Create a message module to deal with message types and validation.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This uses JWCrypto to encrypt any key stored in the sqlite database
with a master key.
The master key is stored in a file and must be provided by the
configuration.
A sample key and configuration is provided too.
Signed-off-by: Simo Sorce <simo@redhat.com>
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
This will precreate the default tale if it doesn't exist and fail
early if there are general database issues.
Also change all CSStoreError events to report a 500 error and not
silently transform them into innocuous 'no such data' errors.
|
| |
|
|
|
| |
Add a Namespace authorization class to use in the pipeline instead
of performing authorization within the Secrets class
|
| |
|
|
|
| |
Doesn't really make sense to have it on the server class,
just snatch the config from it.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Authenticators will not signal anymore validity by adding a request
attributes.
Instead they can return on of three values:
- True, indicates positive authentication
- False, indicate explicit failure
- None, inicates neither success nor failure, not applicable
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
If there are intermediate containers list them with empty strings
as values.
|
| |
|
|
|
| |
Allow only specific commands, we do not want to allow users to end up
being able to access internal functions with arbitrary names.
|
| |
|
|
|
| |
Each container or key action has its own function regardles of HTTP
verbs used.
|
| |
|
|
| |
If a container does not exist PUTing a key should fail
|
| | |
|
| |
|
|
|
|
|
| |
When storing the caller decide if the DB can silently replace an
existing value or not.
Defaults to False
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Require expicit namespace in name for GET, then check the user is
authorized to access it.
Return lists of keys filtering them by explicit namespace or using
the default namespace.
The list is returned as a dict of keys with full key names as arguments.
|
| | |
|
| |
|
|
|
|
|
|
| |
When listing do not add a / to the user filter it prevents matching
key names with a prefix.
When returning keys return a dict of key value pairs.
If no values are available instead return None
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is a very simple implementation of a prototype API.
Anyone that has access to the server and causes an authentication
plugin to set the 'remote_user' value in the request, can retrieve
and store secrets,
Secrets are namespaced to the user requsteing them, so sharing secrets
between multiple users is not possible.
Secrets must to be of type "simple" and can only have one value.
The value can be anything that can be reprsented in json format.
It is recommended to pass a base64 encoded value.
|
| |
|
|
|
| |
Accept a maximum of 10 Megabytes and relies on proper Content-length
being set by the client
|
| |
|
|
|
|
|
|
| |
Silence pylint errors due to python3 imports
Switch to HTTP 1.0 by default, this terminates each request by
default which make it handier for manual testing with clients
like curl.
Properly handle a consumer returning nothing (None) as output.
|
| |
|
|
|
|
| |
Each "page" is added to a parent consumer by callin add_sub() on the
desired parent and provide a "page name" and the consumer class that
handles it.
|
| |
|
|
|
|
| |
Use print statement that works in python3
Create table so that keys are unique.
Return directly the bare value associated with the key, if any.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
This required the renaming of the http directory to avoid clashes with the
python3 own http/server module.
|
| | |
|
| |
|
|
|
| |
Provide a SimpleNULLAuth class for people that want to allow
unauthenticated access fto specific paths for whatever reason.
|
| |
|
|
|
|
|
| |
This is useful when authentication is handled by a proxy sitting in
front of custodia.
Alternatively it can be used with shared secrets/bearer tokens sent
in plain text in the headers.
|
| |
|
|
|
|
| |
This kicks in before any request is parsed at all.
The whole request is provided so technically it can be as complex
as wanted.
|
| |
|
|
| |
This is how new backends and mechanism can be defined on per-instance basis
|
