summaryrefslogtreecommitdiff
path: root/backend/python
Unidiff
Diffstat (limited to 'backend/python') (more/less context) (ignore whitespace changes)
-rw-r--r--backend/python/src/clipperz.py22
1 files changed, 10 insertions, 12 deletions
diff --git a/backend/python/src/clipperz.py b/backend/python/src/clipperz.py
index bd5d030..5476b4b 100644
--- a/backend/python/src/clipperz.py
+++ b/backend/python/src/clipperz.py
@@ -1,705 +1,703 @@
1# 1#
2 #Copyright 2008-2011 Clipperz Srl 2 #Copyright 2008-2013 Clipperz Srl
3 # 3 #
4 #This file is part of Clipperz Community Edition. 4 #This file is part of Clipperz, the online password manager.
5 #Clipperz Community Edition is an online password manager.
6 #For further information about its features and functionalities please 5 #For further information about its features and functionalities please
7 #refer to http://www.clipperz.com. 6 #refer to http://www.clipperz.com.
8 # 7 #
9 #* Clipperz Community Edition is free software: you can redistribute 8 #* Clipperz is free software: you can redistribute it and/or modify it
10 # it and/or modify it under the terms of the GNU Affero General Public 9# under the terms of the GNU Affero General Public License as published
11 # License as published by the Free Software Foundation, either version 10# by the Free Software Foundation, either version 3 of the License, or
12 # 3 of the License, or (at your option) any later version. 11# (at your option) any later version.
13 # 12 #
14 #* Clipperz Community Edition is distributed in the hope that it will 13 #* Clipperz is distributed in the hope that it will be useful, but
15 # be useful, but WITHOUT ANY WARRANTY; without even the implied 14# WITHOUT ANY WARRANTY; without even the implied warranty of
16 # warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 15# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
17 # See the GNU Affero General Public License for more details. 16 # See the GNU Affero General Public License for more details.
18 # 17 #
19 #* You should have received a copy of the GNU Affero General Public 18 #* You should have received a copy of the GNU Affero General Public
20 # License along with Clipperz Community Edition. If not, see 19 # License along with Clipperz. If not, see http://www.gnu.org/licenses/.
21 # <http://www.gnu.org/licenses/>.
22# 20#
23 21
24import os 22import os
25import cgi 23import cgi
26import wsgiref.handlers 24import wsgiref.handlers
27 25
28import datetime 26import datetime
29import uuid 27import uuid
30import random 28import random
31import hashlib 29import hashlib
32 30
33import logging 31import logging
34 32
35from google.appengine.api import users 33from google.appengine.api import users
36from google.appengine.ext import webapp 34from google.appengine.ext import webapp
37from google.appengine.ext import db 35from google.appengine.ext import db
38from google.appengine.ext.webapp import template 36from google.appengine.ext.webapp import template
39 37
40from django.utils import simplejson 38from django.utils import simplejson
41 39
42#============================================================================== 40#==============================================================================
43 41
44sessionTimeout = datetime.timedelta(minutes=-2) 42sessionTimeout = datetime.timedelta(minutes=-2)
45 43
46def randomSeed(): 44def randomSeed():
47 return hex(random.getrandbits(32*8))[2:-1] 45 return hex(random.getrandbits(32*8))[2:-1]
48 46
49def clipperzHash(aString): 47def clipperzHash(aString):
50 #logging.info(">>> string: " + aString) 48 #logging.info(">>> string: " + aString)
51 firstRound = hashlib.sha256() 49 firstRound = hashlib.sha256()
52 firstRound.update(aString) 50 firstRound.update(aString)
53 #logging.info("firstRound: " + firstRound.hexdigest() + " - " + firstRound.digest()) 51 #logging.info("firstRound: " + firstRound.hexdigest() + " - " + firstRound.digest())
54 result = hashlib.sha256() 52 result = hashlib.sha256()
55 result.update(firstRound.digest()) 53 result.update(firstRound.digest())
56 #logging.info("<<< finalResul: " + result.hexdigest()) 54 #logging.info("<<< finalResul: " + result.hexdigest())
57 55
58 return result.hexdigest() 56 return result.hexdigest()
59 57
60#============================================================================== 58#==============================================================================
61 59
62class User(db.Model): 60class User(db.Model):
63 username= db.StringProperty() 61 username= db.StringProperty()
64 srp_s = db.StringProperty() 62 srp_s = db.StringProperty()
65 srp_v = db.StringProperty() 63 srp_v = db.StringProperty()
66 header = db.TextProperty() 64 header = db.TextProperty()
67 statistics= db.TextProperty() 65 statistics= db.TextProperty()
68 auth_version= db.StringProperty() 66 auth_version= db.StringProperty()
69 version = db.StringProperty() 67 version = db.StringProperty()
70 lock = db.StringProperty() 68 lock = db.StringProperty()
71 69
72 def updateCredentials(self, someCredentials): 70 def updateCredentials(self, someCredentials):
73 self.username = someCredentials['C'] 71 self.username = someCredentials['C']
74 self.srp_s = someCredentials['s'] 72 self.srp_s = someCredentials['s']
75 self.srp_v = someCredentials['v'] 73 self.srp_v = someCredentials['v']
76 self.auth_version= someCredentials['version'] 74 self.auth_version= someCredentials['version']
77 75
78 def update(self, someData): 76 def update(self, someData):
79 self.header = someData['header'] 77 self.header = someData['header']
80 self.statistics= someData['statistics'] 78 self.statistics= someData['statistics']
81 self.version= someData['version'] 79 self.version= someData['version']
82 self.lock = someData['lock'] 80 self.lock = someData['lock']
83 81
84#------------------------------------------------------------------------------ 82#------------------------------------------------------------------------------
85 83
86class Record(db.Model): 84class Record(db.Model):
87 user = db.ReferenceProperty(User) 85 user = db.ReferenceProperty(User)
88 reference = db.StringProperty() 86 reference = db.StringProperty()
89 data = db.TextProperty() 87 data = db.TextProperty()
90 version = db.StringProperty() 88 version = db.StringProperty()
91 creation_date= db.DateTimeProperty(auto_now_add=True) 89 creation_date= db.DateTimeProperty(auto_now_add=True)
92 update_date = db.DateTimeProperty(auto_now_add=True) 90 update_date = db.DateTimeProperty(auto_now_add=True)
93 access_date = db.DateTimeProperty(auto_now_add=True) 91 access_date = db.DateTimeProperty(auto_now_add=True)
94 92
95#------------------------------------------------------------------------------ 93#------------------------------------------------------------------------------
96 94
97class RecordVersion(db.Model): 95class RecordVersion(db.Model):
98 record = db.ReferenceProperty(Record) 96 record = db.ReferenceProperty(Record)
99 reference = db.StringProperty() 97 reference = db.StringProperty()
100 header = db.TextProperty() 98 header = db.TextProperty()
101 data = db.TextProperty() 99 data = db.TextProperty()
102 version = db.StringProperty() 100 version = db.StringProperty()
103 previousVersionKey= db.StringProperty() 101 previousVersionKey= db.StringProperty()
104 previousVersion = db.SelfReferenceProperty() 102 previousVersion = db.SelfReferenceProperty()
105 creation_date = db.DateTimeProperty(auto_now_add=True) 103 creation_date = db.DateTimeProperty(auto_now_add=True)
106 update_date = db.DateTimeProperty(auto_now_add=True) 104 update_date = db.DateTimeProperty(auto_now_add=True)
107 access_date = db.DateTimeProperty(auto_now_add=True) 105 access_date = db.DateTimeProperty(auto_now_add=True)
108 106
109 def update(self, someData): 107 def update(self, someData):
110 recordData = someData['record']; 108 recordData = someData['record'];
111 self.parent().reference =recordData['reference'] 109 self.parent().reference =recordData['reference']
112 self.parent().data = recordData['data'] 110 self.parent().data = recordData['data']
113 self.parent().version = recordData['version'] 111 self.parent().version = recordData['version']
114 self.parent().update_date =datetime.datetime.now() 112 self.parent().update_date =datetime.datetime.now()
115 113
116 recordVersionData = someData['currentRecordVersion']; 114 recordVersionData = someData['currentRecordVersion'];
117 self.reference = recordVersionData ['reference'] 115 self.reference = recordVersionData ['reference']
118 self.data = recordVersionData ['data'] 116 self.data = recordVersionData ['data']
119 self.version = recordVersionData ['version'] 117 self.version = recordVersionData ['version']
120 #self.previous_version =#recordVersionData ['previousVersion'] 118 #self.previous_version =#recordVersionData ['previousVersion']
121 self.previous_version_key =recordVersionData ['previousVersionKey'] 119 self.previous_version_key =recordVersionData ['previousVersionKey']
122 self.update_date = datetime.datetime.now() 120 self.update_date = datetime.datetime.now()
123 121
124#------------------------------------------------------------------------------ 122#------------------------------------------------------------------------------
125 123
126class OneTimePassword(db.Model): 124class OneTimePassword(db.Model):
127 user = db.ReferenceProperty(User) 125 user = db.ReferenceProperty(User)
128 status = db.StringProperty() 126 status = db.StringProperty()
129 reference = db.StringProperty() 127 reference = db.StringProperty()
130 keyValue = db.StringProperty() 128 keyValue = db.StringProperty()
131 keyChecksum = db.StringProperty() 129 keyChecksum = db.StringProperty()
132 data = db.TextProperty() 130 data = db.TextProperty()
133 version = db.StringProperty() 131 version = db.StringProperty()
134 creation_date= db.DateTimeProperty(auto_now_add=True) 132 creation_date= db.DateTimeProperty(auto_now_add=True)
135 request_date= db.DateTimeProperty() 133 request_date= db.DateTimeProperty()
136 usage_date = db.DateTimeProperty() 134 usage_date = db.DateTimeProperty()
137 135
138 def update(self, someParameters, aStatus): 136 def update(self, someParameters, aStatus):
139 self.reference = someParameters['reference'] 137 self.reference = someParameters['reference']
140 self.keyValue = someParameters['key'] 138 self.keyValue = someParameters['key']
141 self.keyChecksum = someParameters['keyChecksum'] 139 self.keyChecksum = someParameters['keyChecksum']
142 self.data = someParameters['data'] 140 self.data = someParameters['data']
143 self.version = someParameters['version'] 141 self.version = someParameters['version']
144 self.status = aStatus 142 self.status = aStatus
145 143
146 def reset(self, aStatus): 144 def reset(self, aStatus):
147 self.data = "" 145 self.data = ""
148 self.status =aStatus 146 self.status =aStatus
149 147
150 return self 148 return self
151 149
152#------------------------------------------------------------------------------ 150#------------------------------------------------------------------------------
153 151
154class Session(db.Expando): 152class Session(db.Expando):
155 sessionId= db.StringProperty() 153 sessionId= db.StringProperty()
156 access_date= db.DateTimeProperty() 154 access_date= db.DateTimeProperty()
157 155
158#============================================================================== 156#==============================================================================
159 157
160class MainPage(webapp.RequestHandler): 158class MainPage(webapp.RequestHandler):
161 def get(self): 159 def get(self):
162 path = os.path.join(os.path.dirname(__file__), 'static%s' % self.request.path) 160 path = os.path.join(os.path.dirname(__file__), 'static%s' % self.request.path)
163 self.response.out.write(template.render(path, {})) 161 self.response.out.write(template.render(path, {}))
164 162
165#============================================================================== 163#==============================================================================
166 164
167class XHR(webapp.RequestHandler): 165class XHR(webapp.RequestHandler):
168 166
169 #========================================================================== 167 #==========================================================================
170 168
171 def get(self): 169 def get(self):
172 logging.info("self.request.path: " + self.request.path) 170 logging.info("self.request.path: " + self.request.path)
173 if self.request.path == "/dump": 171 if self.request.path == "/dump":
174 session = self.getSession() 172 session = self.getSession()
175 userData = {} 173 userData = {}
176 offline_data_placeholder = "" 174 offline_data_placeholder = ""
177 175
178 user = db.Query(User).filter('username =', session.C).get() 176 user = db.Query(User).filter('username =', session.C).get()
179 177
180 userData['users'] = { 178 userData['users'] = {
181 'catchAllUser': { 179 'catchAllUser': {
182 '__masterkey_test_value__': 'masterkey', 180 '__masterkey_test_value__': 'masterkey',
183 's': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00', 181 's': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00',
184 'v': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00' 182 'v': '112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00'
185 } 183 }
186 } 184 }
187 185
188 records = {} 186 records = {}
189 for currentRecord in db.Query(Record).ancestor(user): 187 for currentRecord in db.Query(Record).ancestor(user):
190 versions = {} 188 versions = {}
191 for currentVersion in db.Query(RecordVersion).ancestor(currentRecord): 189 for currentVersion in db.Query(RecordVersion).ancestor(currentRecord):
192 versions[currentVersion.reference] ={ 190 versions[currentVersion.reference] ={
193 'header': currentVersion.header, 191 'header': currentVersion.header,
194 'data': currentVersion.data, 192 'data': currentVersion.data,
195 'version': currentVersion.version, 193 'version': currentVersion.version,
196 'creationDate':str(currentVersion.creation_date), 194 'creationDate':str(currentVersion.creation_date),
197 'updateDate':str(currentVersion.update_date), 195 'updateDate':str(currentVersion.update_date),
198 'accessDate':str(currentVersion.access_date) 196 'accessDate':str(currentVersion.access_date)
199 } 197 }
200 198
201 records[currentRecord.reference] = { 199 records[currentRecord.reference] = {
202 'data': currentRecord.data, 200 'data': currentRecord.data,
203 'version': currentRecord.version, 201 'version': currentRecord.version,
204 'creationDate': str(currentRecord.creation_date), 202 'creationDate': str(currentRecord.creation_date),
205 'updateDate': str(currentRecord.update_date), 203 'updateDate': str(currentRecord.update_date),
206 'accessDate': str(currentRecord.access_date), 204 'accessDate': str(currentRecord.access_date),
207 'currentVersion':currentVersion.reference, 205 'currentVersion':currentVersion.reference,
208 'versions': versions 206 'versions': versions
209 } 207 }
210 208
211 userData['users'][user.username] = { 209 userData['users'][user.username] = {
212 's': user.srp_s, 210 's': user.srp_s,
213 'v': user.srp_v, 211 'v': user.srp_v,
214 'version': user.auth_version, 212 'version': user.auth_version,
215 'maxNumberOfRecords':'100', 213 'maxNumberOfRecords':'100',
216 'userDetails': user.header, 214 'userDetails': user.header,
217 'statistics': user.statistics, 215 'statistics': user.statistics,
218 'userDetailsVersion':user.version, 216 'userDetailsVersion':user.version,
219 'records': records 217 'records': records
220 } 218 }
221 219
222 offline_data_placeholder = offline_data_placeholder + "_clipperz_dump_data_ = " + simplejson.dumps(userData, indent=4) + "\n" 220 offline_data_placeholder = offline_data_placeholder + "_clipperz_dump_data_ = " + simplejson.dumps(userData, indent=4) + "\n"
223 offline_data_placeholder = offline_data_placeholder + "Clipperz.PM.Proxy.defaultProxy = new Clipperz.PM.Proxy.Offline();" + "\n" 221 offline_data_placeholder = offline_data_placeholder + "Clipperz.PM.Proxy.defaultProxy = new Clipperz.PM.Proxy.Offline();" + "\n"
224 offline_data_placeholder = offline_data_placeholder + "Clipperz.Crypto.PRNG.defaultRandomGenerator().fastEntropyAccumulationForTestingPurpose();" + "\n" 222 offline_data_placeholder = offline_data_placeholder + "Clipperz.Crypto.PRNG.defaultRandomGenerator().fastEntropyAccumulationForTestingPurpose();" + "\n"
225 223
226 path = os.path.join(os.path.dirname(__file__), 'static/dump.html') 224 path = os.path.join(os.path.dirname(__file__), 'static/dump.html')
227 225
228 self.response.headers.add_header('Content-Type', 'text/html') 226 self.response.headers.add_header('Content-Type', 'text/html')
229 self.response.headers.add_header('Content-Disposition', 'attachment', filename='Clipperz.html') 227 self.response.headers.add_header('Content-Disposition', 'attachment', filename='Clipperz.html')
230 self.response.out.write(template.render(path, {'offline_data_placeholder': offline_data_placeholder})) 228 self.response.out.write(template.render(path, {'offline_data_placeholder': offline_data_placeholder}))
231 229
232 #========================================================================== 230 #==========================================================================
233 231
234 def post(self): 232 def post(self):
235 method = self.request.get('method') 233 method = self.request.get('method')
236 parameters = simplejson.loads(self.request.get('parameters')) 234 parameters = simplejson.loads(self.request.get('parameters'))
237 session = self.getSession() 235 session = self.getSession()
238 result = {}; 236 result = {};
239 237
240 #---------------------------------------------------------------------- 238 #----------------------------------------------------------------------
241 239
242 if method == 'registration': 240 if method == 'registration':
243 message = parameters['message']; 241 message = parameters['message'];
244 242
245 if message == 'completeRegistration': 243 if message == 'completeRegistration':
246 user = User() 244 user = User()
247 245
248 user.updateCredentials(parameters['credentials']) 246 user.updateCredentials(parameters['credentials'])
249 user.update(parameters['user']) 247 user.update(parameters['user'])
250 user.put() 248 user.put()
251 249
252 result['lock'] = user.lock 250 result['lock'] = user.lock
253 result['result'] = "done" 251 result['result'] = "done"
254 252
255 #---------------------------------------------------------------------- 253 #----------------------------------------------------------------------
256 254
257 elif method == 'handshake': 255 elif method == 'handshake':
258 srp_g = 2L 256 srp_g = 2L
259 srp_n = long("0x%s" % "115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16) 257 srp_n = long("0x%s" % "115b8b692e0e045692cf280b436735c77a5a9e8a9e7ed56c965f87db5b2a2ece3", 16)
260 258
261 message = parameters['message']; 259 message = parameters['message'];
262 260
263 #------------------------------------------------------------------ 261 #------------------------------------------------------------------
264 262
265 if message == 'connect': 263 if message == 'connect':
266 session.C = parameters['parameters']['C'] 264 session.C = parameters['parameters']['C']
267 session.A = parameters['parameters']['A'] 265 session.A = parameters['parameters']['A']
268 266
269 user = db.Query(User).filter('username =', session.C).get() 267 user = db.Query(User).filter('username =', session.C).get()
270 268
271 if user != None: 269 if user != None:
272 try: 270 try:
273 optId = session.otpId 271 optId = session.otpId
274 272
275 oneTimePassword = db.Query(OneTimePassword).filter('keyValue =', optId).get() 273 oneTimePassword = db.Query(OneTimePassword).filter('keyValue =', optId).get()
276 274
277 if oneTimePassword.parent().username != user.username: 275 if oneTimePassword.parent().username != user.username:
278 oneTimePassword.reset('DISABLED').put() 276 oneTimePassword.reset('DISABLED').put()
279 raise Exception, "User missmatch between the current session and 'One Time Password' user" 277 raise Exception, "User missmatch between the current session and 'One Time Password' user"
280 elif oneTimePassword.status != 'REQUESTED': 278 elif oneTimePassword.status != 'REQUESTED':
281 oneTimePassword.reset('DISABLED').put() 279 oneTimePassword.reset('DISABLED').put()
282 raise Exception, "Tring to use an 'One Time Password' in the wrong state" 280 raise Exception, "Tring to use an 'One Time Password' in the wrong state"
283 281
284 oneTimePassword.reset("USED").put() 282 oneTimePassword.reset("USED").put()
285 283
286 result['oneTimePassword'] = oneTimePassword.reference 284 result['oneTimePassword'] = oneTimePassword.reference
287 285
288 except Exception, detail: 286 except Exception, detail:
289 logging.error("connect.optId: " + str(detail)) 287 logging.error("connect.optId: " + str(detail))
290 288
291 session.s = user.srp_s 289 session.s = user.srp_s
292 session.v = user.srp_v 290 session.v = user.srp_v
293 else: 291 else:
294 session.s = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00" 292 session.s = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"
295 session.v = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00" 293 session.v = "112233445566778899aabbccddeeff00112233445566778899aabbccddeeff00"
296 294
297 session.b = randomSeed() 295 session.b = randomSeed()
298 session.B = hex(long("0x%s" % session.v, 16) + pow(srp_g, long("0x%s" %session.b, 16), srp_n))[2:-1] 296 session.B = hex(long("0x%s" % session.v, 16) + pow(srp_g, long("0x%s" %session.b, 16), srp_n))[2:-1]
299 297
300 result['s'] = session.s 298 result['s'] = session.s
301 result['B'] = session.B 299 result['B'] = session.B
302 300
303 #------------------------------------------------------------------ 301 #------------------------------------------------------------------
304 302
305 elif message == 'credentialCheck': 303 elif message == 'credentialCheck':
306 B = long("0x%s" % session.B, 16) 304 B = long("0x%s" % session.B, 16)
307 b = long("0x%s" % session.b, 16) 305 b = long("0x%s" % session.b, 16)
308 A = long("0x%s" % session.A, 16) 306 A = long("0x%s" % session.A, 16)
309 v = long("0x%s" % session.v, 16) 307 v = long("0x%s" % session.v, 16)
310 u = long("0x%s" % clipperzHash(str(B)), 16) 308 u = long("0x%s" % clipperzHash(str(B)), 16)
311 n = srp_n 309 n = srp_n
312 310
313 S = pow((A * pow(v, u, n)), b, n) 311 S = pow((A * pow(v, u, n)), b, n)
314 K = clipperzHash(str(S)) 312 K = clipperzHash(str(S))
315 M1 = clipperzHash(str(A) + str(B) + K) 313 M1 = clipperzHash(str(A) + str(B) + K)
316 314
317 if M1 == parameters['parameters']['M1']: 315 if M1 == parameters['parameters']['M1']:
318 session.K = K 316 session.K = K
319 M2 = clipperzHash(str(A) + M1 + K) 317 M2 = clipperzHash(str(A) + M1 + K)
320 318
321 result['M2'] = M2 319 result['M2'] = M2
322 result["connectionId"] = "" 320 result["connectionId"] = ""
323 result["loginInfo"] = {} 321 result["loginInfo"] = {}
324 result["loginInfo"]["latest"] = {} 322 result["loginInfo"]["latest"] = {}
325 result["loginInfo"]["current"] = {} 323 result["loginInfo"]["current"] = {}
326 result["offlineCopyNeeded"] = "false"; 324 result["offlineCopyNeeded"] = "false";
327 result["lock"] = "----"; 325 result["lock"] = "----";
328 else: 326 else:
329 result['error'] = "?" 327 result['error'] = "?"
330 328
331 #------------------------------------------------------------------ 329 #------------------------------------------------------------------
332 330
333 elif message == 'oneTimePassword': 331 elif message == 'oneTimePassword':
334 oneTimePassword = db.Query(OneTimePassword).filter("keyValue =", parameters["parameters"]["oneTimePasswordKey"]).get() 332 oneTimePassword = db.Query(OneTimePassword).filter("keyValue =", parameters["parameters"]["oneTimePasswordKey"]).get()
335 333
336 if oneTimePassword != None: 334 if oneTimePassword != None:
337 if oneTimePassword.status == 'ACTIVE': 335 if oneTimePassword.status == 'ACTIVE':
338 if oneTimePassword.keyChecksum == parameters['parameters']['oneTimePasswordKeyChecksum']: 336 if oneTimePassword.keyChecksum == parameters['parameters']['oneTimePasswordKeyChecksum']:
339 #session.userId =str(oneTimePassword.parent().username) 337 #session.userId =str(oneTimePassword.parent().username)
340 session.otpId = str(oneTimePassword.keyValue) 338 session.otpId = str(oneTimePassword.keyValue)
341 339
342 result['data'] = oneTimePassword.data 340 result['data'] = oneTimePassword.data
343 result['version'] = oneTimePassword.version 341 result['version'] = oneTimePassword.version
344 342
345 oneTimePassword.reset('REQUESTED').put() 343 oneTimePassword.reset('REQUESTED').put()
346 344
347 else: 345 else:
348 oneTimePassword.reset('DISABLED').put() 346 oneTimePassword.reset('DISABLED').put()
349 raise Exception, "The requested One Time Password has been disabled, due to a wrong keyChecksum" 347 raise Exception, "The requested One Time Password has been disabled, due to a wrong keyChecksum"
350 else: 348 else:
351 raise Exception, "The requested One Time Password was not active" 349 raise Exception, "The requested One Time Password was not active"
352 else: 350 else:
353 raise Exception, "The requested One Time Password has not been found" 351 raise Exception, "The requested One Time Password has not been found"
354 352
355 #---------------------------------------------------------------------- 353 #----------------------------------------------------------------------
356 354
357 elif method == 'message': 355 elif method == 'message':
358 if parameters['srpSharedSecret'] == session.K: 356 if parameters['srpSharedSecret'] == session.K:
359 message = parameters['message'] 357 message = parameters['message']
360 358
361 if message == 'getUserDetails': 359 if message == 'getUserDetails':
362 #{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}} 360 #{"message":"getUserDetails", "srpSharedSecret":"f18e5cf7c3a83b67d4db9444af813ee48c13daf4f8f6635397d593e52ba89a08", "parameters":{}}
363 user = db.Query(User).filter('username =', session.C).get() 361 user = db.Query(User).filter('username =', session.C).get()
364 362
365 result['header'] = user.header; 363 result['header'] = user.header;
366 result['statistics'] =user.statistics; 364 result['statistics'] =user.statistics;
367 result['version'] = user.version; 365 result['version'] = user.version;
368 366
369 elif message == "addNewRecords": 367 elif message == "addNewRecords":
370 user = db.Query(User).filter('username =', session.C).get() 368 user = db.Query(User).filter('username =', session.C).get()
371 result = db.run_in_transaction(self.addNewRecords, session, user, parameters) 369 result = db.run_in_transaction(self.addNewRecords, session, user, parameters)
372 370
373 """ 371 """
374 user = db.Query(User).filter('username =', session.C).get() 372 user = db.Query(User).filter('username =', session.C).get()
375 user.update(parameters['parameters']['user']) 373 user.update(parameters['parameters']['user'])
376 374
377 for recordParameter in parameters['parameters']['records']: 375 for recordParameter in parameters['parameters']['records']:
378 record = Record(parent=user) 376 record = Record(parent=user)
379 record.put() 377 record.put()
380 recordVersion = RecordVersion(parent=record) 378 recordVersion = RecordVersion(parent=record)
381 recordVersion.put() 379 recordVersion.put()
382 380
383 recordVersion.update(recordParameter) 381 recordVersion.update(recordParameter)
384 382
385 record.put() 383 record.put()
386 recordVersion.put() 384 recordVersion.put()
387 385
388 user.put(); 386 user.put();
389 387
390 result['lock'] = user.lock 388 result['lock'] = user.lock
391 result['result'] = 'done' 389 result['result'] = 'done'
392 """ 390 """
393 391
394 elif message == 'getRecordDetail': 392 elif message == 'getRecordDetail':
395 record = db.Query(Record).ancestor(db.Query(User).filter('username =', session.C).get()).filter('reference =', parameters["parameters"]["reference"]).get() 393 record = db.Query(Record).ancestor(db.Query(User).filter('username =', session.C).get()).filter('reference =', parameters["parameters"]["reference"]).get()
396 recordVersion = db.Query(RecordVersion).ancestor(record).get() 394 recordVersion = db.Query(RecordVersion).ancestor(record).get()
397 395
398 result['currentVersion'] = {} 396 result['currentVersion'] = {}
399 result['currentVersion']['reference'] = recordVersion.reference 397 result['currentVersion']['reference'] = recordVersion.reference
400 result['currentVersion']['data'] = recordVersion.data 398 result['currentVersion']['data'] = recordVersion.data
401 result['currentVersion']['header'] = recordVersion.header 399 result['currentVersion']['header'] = recordVersion.header
402 result['currentVersion']['version'] = recordVersion.version 400 result['currentVersion']['version'] = recordVersion.version
403 result['currentVersion']['creationDate'] =str(recordVersion.creation_date) 401 result['currentVersion']['creationDate'] =str(recordVersion.creation_date)
404 result['currentVersion']['updateDate'] =str(recordVersion.update_date) 402 result['currentVersion']['updateDate'] =str(recordVersion.update_date)
405 result['currentVersion']['accessDate'] =str(recordVersion.access_date) 403 result['currentVersion']['accessDate'] =str(recordVersion.access_date)
406 404
407 result['reference'] = record.reference 405 result['reference'] = record.reference
408 result['data'] = record.data 406 result['data'] = record.data
409 result['version'] = record.version 407 result['version'] = record.version
410 result['creationDate'] = str(record.creation_date) 408 result['creationDate'] = str(record.creation_date)
411 result['updateDate'] = str(record.update_date) 409 result['updateDate'] = str(record.update_date)
412 result['accessDate'] = str(record.access_date) 410 result['accessDate'] = str(record.access_date)
413 result['oldestUsedEncryptedVersion'] = "---" 411 result['oldestUsedEncryptedVersion'] = "---"
414 412
415 elif message == 'updateData': 413 elif message == 'updateData':
416 user = db.Query(User).filter('username =', session.C).get() 414 user = db.Query(User).filter('username =', session.C).get()
417 user.update(parameters['parameters']['user']) 415 user.update(parameters['parameters']['user'])
418 416
419 for recordParameter in parameters['parameters']['records']: 417 for recordParameter in parameters['parameters']['records']:
420 logging.info('reference =' + recordParameter['record']['reference']) 418 logging.info('reference =' + recordParameter['record']['reference'])
421 record = db.Query(Record).ancestor(user).filter('reference =', recordParameter['record']['reference']).get() 419 record = db.Query(Record).ancestor(user).filter('reference =', recordParameter['record']['reference']).get()
422 recordVersion = db.Query(RecordVersion).ancestor(record).get() 420 recordVersion = db.Query(RecordVersion).ancestor(record).get()
423 421
424 recordVersion.update(recordParameter) 422 recordVersion.update(recordParameter)
425 423
426 recordVersion.put() 424 recordVersion.put()
427 recordVersion.parent().put() 425 recordVersion.parent().put()
428 426
429 user.put(); 427 user.put();
430 428
431 result['lock'] = user.lock 429 result['lock'] = user.lock
432 result['result'] = 'done' 430 result['result'] = 'done'
433 431
434 elif message == 'deleteRecords': 432 elif message == 'deleteRecords':
435 user = db.Query(User).filter('username =', session.C).get() 433 user = db.Query(User).filter('username =', session.C).get()
436 user.update(parameters['parameters']['user']) 434 user.update(parameters['parameters']['user'])
437 435
438 for recordReference in parameters['parameters']['recordReferences']: 436 for recordReference in parameters['parameters']['recordReferences']:
439 record = db.Query(Record).ancestor(user).filter('reference =', recordReference).get() 437 record = db.Query(Record).ancestor(user).filter('reference =', recordReference).get()
440 #recordVersion = db.Query(RecordVersion).ancestor(record).get() 438 #recordVersion = db.Query(RecordVersion).ancestor(record).get()
441 439
442 db.delete(db.Query(RecordVersion).ancestor(record)) 440 db.delete(db.Query(RecordVersion).ancestor(record))
443 record.delete() 441 record.delete()
444 442
445 user.put() 443 user.put()
446 444
447 result['lock'] = user.lock 445 result['lock'] = user.lock
448 result['result'] = 'done' 446 result['result'] = 'done'
449 447
450 elif message == 'deleteUser': 448 elif message == 'deleteUser':
451 user = db.Query(User).filter('username =', session.C).get() 449 user = db.Query(User).filter('username =', session.C).get()
452 db.delete(db.Query(RecordVersion).ancestor(user)) 450 db.delete(db.Query(RecordVersion).ancestor(user))
453 db.delete(db.Query(Record).ancestor(user)) 451 db.delete(db.Query(Record).ancestor(user))
454 user.delete() 452 user.delete()
455 453
456 elif message == 'addNewOneTimePassword': 454 elif message == 'addNewOneTimePassword':
457 user = db.Query(User).filter('username =', session.C).get() 455 user = db.Query(User).filter('username =', session.C).get()
458 user.update(parameters['parameters']['user']) 456 user.update(parameters['parameters']['user'])
459 457
460 oneTimePassword = OneTimePassword(parent=user) 458 oneTimePassword = OneTimePassword(parent=user)
461 oneTimePassword.update(parameters['parameters']['oneTimePassword'], "ACTIVE") 459 oneTimePassword.update(parameters['parameters']['oneTimePassword'], "ACTIVE")
462 oneTimePassword.put() 460 oneTimePassword.put()
463 461
464 user.put() 462 user.put()
465 463
466 result['lock'] = user.lock 464 result['lock'] = user.lock
467 result['result'] = 'done' 465 result['result'] = 'done'
468 466
469 elif message == 'updateOneTimePasswords': 467 elif message == 'updateOneTimePasswords':
470 user = db.Query(User).filter('username =', session.C).get() 468 user = db.Query(User).filter('username =', session.C).get()
471 user.update(parameters['parameters']['user']) 469 user.update(parameters['parameters']['user'])
472 470
473 validOtpReferences = parameters['parameters']['oneTimePasswords'] 471 validOtpReferences = parameters['parameters']['oneTimePasswords']
474 for currentOtp in db.Query(OneTimePassword).ancestor(user): 472 for currentOtp in db.Query(OneTimePassword).ancestor(user):
475 if currentOtp.reference in validOtpReferences: 473 if currentOtp.reference in validOtpReferences:
476 pass 474 pass
477 else: 475 else:
478 currentOtp.delete() 476 currentOtp.delete()
479 477
480 user.put() 478 user.put()
481 479
482 result['result'] = user.lock 480 result['result'] = user.lock
483 481
484 elif message == 'getOneTimePasswordsDetails': 482 elif message == 'getOneTimePasswordsDetails':
485 pass 483 pass
486 484
487 elif message == 'getLoginHistory': 485 elif message == 'getLoginHistory':
488 result["result"] = [] 486 result["result"] = []
489 487
490 elif message == 'upgradeUserCredentials': 488 elif message == 'upgradeUserCredentials':
491 user = db.Query(User).filter('username =', session.C).get() 489 user = db.Query(User).filter('username =', session.C).get()
492 490
493 user.updateCredentials(parameters['parameters']['credentials']) 491 user.updateCredentials(parameters['parameters']['credentials'])
494 user.update(parameters['parameters']['user']) 492 user.update(parameters['parameters']['user'])
495 493
496 for oneTimePasswordReference in parameters['parameters']['oneTimePasswords']: 494 for oneTimePasswordReference in parameters['parameters']['oneTimePasswords']:
497 oneTimePassword = db.Query(OneTimePassword).ancestor(user).filter("reference =", oneTimePasswordReference).get() 495 oneTimePassword = db.Query(OneTimePassword).ancestor(user).filter("reference =", oneTimePasswordReference).get()
498 496
499 if oneTimePassword != None: 497 if oneTimePassword != None:
500 oneTimePassword.data = parameters['parameters']['oneTimePasswords'][oneTimePasswordReference] 498 oneTimePassword.data = parameters['parameters']['oneTimePasswords'][oneTimePasswordReference]
501 oneTimePassword.put() 499 oneTimePassword.put()
502 500
503 user.put() 501 user.put()
504 502
505 result['lock'] = user.lock 503 result['lock'] = user.lock
506 result['result'] = 'done' 504 result['result'] = 'done'
507 505
508 """ 506 """
509 $user = new user(); 507 $user = new user();
510 $user->Get($_SESSION["userId"]); 508 $user->Get($_SESSION["userId"]);
511 509
512 $otp = new onetimepassword(); 510 $otp = new onetimepassword();
513 511
514 updateUserCredentials($parameters["parameters"]["credentials"], $user); 512 updateUserCredentials($parameters["parameters"]["credentials"], $user);
515 updateUserData($parameters["parameters"]["user"], $user); 513 updateUserData($parameters["parameters"]["user"], $user);
516 514
517 $otpList = $parameters["parameters"]["oneTimePasswords"]; 515 $otpList = $parameters["parameters"]["oneTimePasswords"];
518 foreach($otpList as $otpReference=>$otpData) { 516 foreach($otpList as $otpReference=>$otpData) {
519 $otpList = $otp->GetList(array(array("reference", "=", $otpReference))); 517 $otpList = $otp->GetList(array(array("reference", "=", $otpReference)));
520 $currentOtp = $otpList[0]; 518 $currentOtp = $otpList[0];
521 $currentOtp->data = $otpData; 519 $currentOtp->data = $otpData;
522 $currentOtp->Save(); 520 $currentOtp->Save();
523 } 521 }
524 522
525 $user->Save(); 523 $user->Save();
526 524
527 $result["lock"] = $user->lock; 525 $result["lock"] = $user->lock;
528 $result["result"] = "done"; 526 $result["result"] = "done";
529 """ 527 """
530 528
531 #============================================================= 529 #=============================================================
532 530
533 """ 531 """
534 java.util.Mapresult; 532 java.util.Mapresult;
535 533
536 try { 534 try {
537 java.util.Mapcredentials; 535 java.util.Mapcredentials;
538 536
539 if (someParameters.get("credentials") != null) { 537 if (someParameters.get("credentials") != null) {
540 credentials = (java.util.Map)someParameters.get("credentials"); 538 credentials = (java.util.Map)someParameters.get("credentials");
541 } else { 539 } else {
542 credentials = someParameters; 540 credentials = someParameters;
543 } 541 }
544 542
545 aUser.setUsername((java.lang.String)credentials.get("C")); 543 aUser.setUsername((java.lang.String)credentials.get("C"));
546 aUser.setSrpS((java.lang.String)credentials.get("s")); 544 aUser.setSrpS((java.lang.String)credentials.get("s"));
547 aUser.setSrpV((java.lang.String)credentials.get("v")); 545 aUser.setSrpV((java.lang.String)credentials.get("v"));
548 aUser.setVersion((java.lang.String)credentials.get("version")); 546 aUser.setVersion((java.lang.String)credentials.get("version"));
549 547
550 if (someParameters.get("user") != null) { 548 if (someParameters.get("user") != null) {
551 com.clipperz.dataModel.EncoderHelper.updateWithMap(aUser, (java.util.Map)someParameters.get("user")); 549 com.clipperz.dataModel.EncoderHelper.updateWithMap(aUser, (java.util.Map)someParameters.get("user"));
552 } 550 }
553 551
554 if (someParameters.get("oneTimePasswords") != null) { 552 if (someParameters.get("oneTimePasswords") != null) {
555 java.util.MapupdatedOneTimePasswords; 553 java.util.MapupdatedOneTimePasswords;
556 java.util.ListusersOneTimePasswords; 554 java.util.ListusersOneTimePasswords;
557 int i,c; 555 int i,c;
558 556
559 updatedOneTimePasswords = (java.util.Map)someParameters.get("oneTimePasswords"); 557 updatedOneTimePasswords = (java.util.Map)someParameters.get("oneTimePasswords");
560 usersOneTimePasswords = com.clipperz.dataModel.OneTimePassword.oneTimePasswordsForUser(this.user()); 558 usersOneTimePasswords = com.clipperz.dataModel.OneTimePassword.oneTimePasswordsForUser(this.user());
561 c = usersOneTimePasswords.size(); 559 c = usersOneTimePasswords.size();
562 for (i=0; i<c; i++) { 560 for (i=0; i<c; i++) {
563 com.clipperz.dataModel.OneTimePasswordcurrentOneTimePassword; 561 com.clipperz.dataModel.OneTimePasswordcurrentOneTimePassword;
564 562
565 currentOneTimePassword = (com.clipperz.dataModel.OneTimePassword)usersOneTimePasswords.get(i); 563 currentOneTimePassword = (com.clipperz.dataModel.OneTimePassword)usersOneTimePasswords.get(i);
566 564
567 if (updatedOneTimePasswords.get(currentOneTimePassword.getReference()) != null) { 565 if (updatedOneTimePasswords.get(currentOneTimePassword.getReference()) != null) {
568 currentOneTimePassword.setData((java.lang.String)updatedOneTimePasswords.get(currentOneTimePassword.getReference())); 566 currentOneTimePassword.setData((java.lang.String)updatedOneTimePasswords.get(currentOneTimePassword.getReference()));
569 } 567 }
570 } 568 }
571 } 569 }
572 570
573 result = new java.util.Hashtable(); 571 result = new java.util.Hashtable();
574 this.dataContext().commitChanges(); 572 this.dataContext().commitChanges();
575 result.put("lock", this.user().getNewLock()); 573 result.put("lock", this.user().getNewLock());
576 result.put("result", "done"); 574 result.put("result", "done");
577 } catch(java.lang.Exception exception) { 575 } catch(java.lang.Exception exception) {
578 this.dataContext().rollbackChanges(); 576 this.dataContext().rollbackChanges();
579 logger.error(exception); 577 logger.error(exception);
580 throw exception; 578 throw exception;
581 } 579 }
582 580
583 return result; 581 return result;
584 """ 582 """
585 583
586 elif message == 'echo': 584 elif message == 'echo':
587 result['result'] = parameters; 585 result['result'] = parameters;
588 586
589 else: 587 else:
590 result['error'] = "Wrong shared secret!" 588 result['error'] = "Wrong shared secret!"
591 589
592 #---------------------------------------------------------------------- 590 #----------------------------------------------------------------------
593 591
594 elif method == 'logout': 592 elif method == 'logout':
595 result['method'] = 'logout' 593 result['method'] = 'logout'
596 594
597 #---------------------------------------------------------------------- 595 #----------------------------------------------------------------------
598 596
599 else: 597 else:
600 result['method'] = 'PRRRRRR' 598 result['method'] = 'PRRRRRR'
601 599
602 #---------------------------------------------------------------------- 600 #----------------------------------------------------------------------
603 601
604 self.saveSession(session) 602 self.saveSession(session)
605 self.response.out.write(simplejson.dumps(result)) 603 self.response.out.write(simplejson.dumps(result))
606 604
607 #========================================================================== 605 #==========================================================================
608 606
609 def addNewRecords (self, aSession, aUser, someParameters): 607 def addNewRecords (self, aSession, aUser, someParameters):
610 result = {} 608 result = {}
611 609
612 #user = db.Query(User).filter('username =', aSession.C).get() 610 #user = db.Query(User).filter('username =', aSession.C).get()
613 aUser.update(someParameters['parameters']['user']) 611 aUser.update(someParameters['parameters']['user'])
614 612
615 for recordParameter in someParameters['parameters']['records']: 613 for recordParameter in someParameters['parameters']['records']:
616 record = Record(parent=aUser) 614 record = Record(parent=aUser)
617 record.put() 615 record.put()
618 recordVersion = RecordVersion(parent=record) 616 recordVersion = RecordVersion(parent=record)
619 recordVersion.put() 617 recordVersion.put()
620 618
621 recordVersion.update(recordParameter) 619 recordVersion.update(recordParameter)
622 620
623 record.put() 621 record.put()
624 recordVersion.put() 622 recordVersion.put()
625 623
626 aUser.put(); 624 aUser.put();
627 625
628 result['lock'] = aUser.lock 626 result['lock'] = aUser.lock
629 result['result'] = 'done' 627 result['result'] = 'done'
630 628
631 return result 629 return result
632 630
633 #========================================================================== 631 #==========================================================================
634 632
635 def getSession(self): 633 def getSession(self):
636 #logging.info(">>> getSession (%d) => %s" % (db.Query(Session).count(), str(map(lambda v: v.sessionId, db.Query(Session).fetch(100)))) ) 634 #logging.info(">>> getSession (%d) => %s" % (db.Query(Session).count(), str(map(lambda v: v.sessionId, db.Query(Session).fetch(100)))) )
637 result = None 635 result = None
638 try: 636 try:
639 sessionId = self.request.cookies['sessionId'] 637 sessionId = self.request.cookies['sessionId']
640 except: 638 except:
641 sessionId = None 639 sessionId = None
642 640
643 #logging.info("wannabe sessionId: " + str(sessionId)) 641 #logging.info("wannabe sessionId: " + str(sessionId))
644 642
645 if sessionId != None: 643 if sessionId != None:
646 #query = db.Query(Session) 644 #query = db.Query(Session)
647 #query.filter('sessionId =', sessionId) 645 #query.filter('sessionId =', sessionId)
648 646
649 #result = query.get() 647 #result = query.get()
650 648
651 #result = db.Query(Session).filter('sessionId =', str(sessionId)).filter('access_date >', (datetime.datetime.utcnow() - sessionTimeout)).get() 649 #result = db.Query(Session).filter('sessionId =', str(sessionId)).filter('access_date >', (datetime.datetime.utcnow() - sessionTimeout)).get()
652 result = db.Query(Session).filter('sessionId =', str(sessionId)).get() 650 result = db.Query(Session).filter('sessionId =', str(sessionId)).get()
653 #logging.info("searching session on datastore. Found: " + str(result)) 651 #logging.info("searching session on datastore. Found: " + str(result))
654 652
655 if result == None: 653 if result == None:
656 sessionId = str(uuid.uuid4()) 654 sessionId = str(uuid.uuid4())
657 #logging.info("creating a new session with sessionId=" + str(sessionId)) 655 #logging.info("creating a new session with sessionId=" + str(sessionId))
658 result = Session(sessionId=sessionId) 656 result = Session(sessionId=sessionId)
659 657
660 result.access_date = datetime.datetime.utcnow() 658 result.access_date = datetime.datetime.utcnow()
661 result.put() 659 result.put()
662 660
663 #logging.info("<<< getSession (%d)" % db.Query(Session).count()) 661 #logging.info("<<< getSession (%d)" % db.Query(Session).count())
664 662
665 return result 663 return result
666 664
667 #========================================================================== 665 #==========================================================================
668 666
669 def saveSession(self, aSession): 667 def saveSession(self, aSession):
670 #logging.info(">>> saveSession (%d)" % db.Query(Session).count()) 668 #logging.info(">>> saveSession (%d)" % db.Query(Session).count())
671 #self.response.set_cookie('sessionId', aSession.sessionId, max_age=360, path='/', domain='example.org', secure=True) 669 #self.response.set_cookie('sessionId', aSession.sessionId, max_age=360, path='/', domain='example.org', secure=True)
672 aSession.put() 670 aSession.put()
673 self.response.headers.add_header('Set-Cookie', 'sessionId=' + str(aSession.sessionId), path='/') 671 self.response.headers.add_header('Set-Cookie', 'sessionId=' + str(aSession.sessionId), path='/')
674 self.cleanOldSessions() 672 self.cleanOldSessions()
675 #logging.info("<<< saveSession (%d)" % db.Query(Session).count()) 673 #logging.info("<<< saveSession (%d)" % db.Query(Session).count())
676 674
677 #========================================================================== 675 #==========================================================================
678 676
679 def cleanOldSessions(self): 677 def cleanOldSessions(self):
680 query = db.Query(Session).filter('accessDate <', (datetime.datetime.utcnow() - sessionTimeout)) 678 query = db.Query(Session).filter('accessDate <', (datetime.datetime.utcnow() - sessionTimeout))
681 679
682 expiredSessions = query.count(); 680 expiredSessions = query.count();
683 if expiredSessions != 0: 681 if expiredSessions != 0:
684 #logging.info("deleting %d sessions" % expiredSessions) 682 #logging.info("deleting %d sessions" % expiredSessions)
685 pass 683 pass
686 684
687 """ 685 """
688 try: 686 try:
689 db.delete(query) 687 db.delete(query)
690 except Exception, exception: 688 except Exception, exception:
691 logging.error("some issues raised while deleting the expired sessions") 689 logging.error("some issues raised while deleting the expired sessions")
692 logging.error("exception type: " + str(type(exception))) 690 logging.error("exception type: " + str(type(exception)))
693 logging.error("exception: " + str(exception)) 691 logging.error("exception: " + str(exception))
694 """ 692 """
695 pass 693 pass
696 694
697#============================================================================== 695#==============================================================================
698 696
699def main(): 697def main():
700 application = webapp.WSGIApplication([('/xhr', XHR), ('/dump', XHR), ('/.*', MainPage)], debug=True) 698 application = webapp.WSGIApplication([('/xhr', XHR), ('/dump', XHR), ('/.*', MainPage)], debug=True)
701 wsgiref.handlers.CGIHandler().run(application) 699 wsgiref.handlers.CGIHandler().run(application)
702 700
703if __name__ == "__main__": 701if __name__ == "__main__":
704 main() 702 main()
705 703