From 77b673717a2de8272b875a256660c23e6bc2aa47 Mon Sep 17 00:00:00 2001
From: timotheyca <tim@ongoteam.yaconnect.com>
Date: Sat, 27 Nov 2021 20:43:46 +0300
Subject: [PATCH] mycert + caurl

---
 v6d0auth/app.py          |  2 +-
 v6d0auth/certs.py        | 12 ++++++++----
 v6d0auth/client.py       | 28 ++++++++++++++++++++++------
 v6d0auth/config.py       | 10 ++++++----
 v6d0auth/sign-request.py |  5 +++--
 v6d0auth/test-request.py |  4 +---
 6 files changed, 41 insertions(+), 20 deletions(-)

diff --git a/v6d0auth/app.py b/v6d0auth/app.py
index 3af287c..d3336fd 100644
--- a/v6d0auth/app.py
+++ b/v6d0auth/app.py
@@ -1,4 +1,4 @@
-import asyncio.futures
+import asyncio
 
 from aiohttp import web, http_websocket
 from nacl.exceptions import BadSignatureError
diff --git a/v6d0auth/certs.py b/v6d0auth/certs.py
index 44993d2..082e0eb 100644
--- a/v6d0auth/certs.py
+++ b/v6d0auth/certs.py
@@ -1,11 +1,11 @@
 from typing import Optional
 
-from nacl.public import PrivateKey, PublicKey
+from nacl.public import PrivateKey, PublicKey, SealedBox
 from nacl.signing import SigningKey, VerifyKey, SignedMessage
 
 from v6d0auth.config import myroot, cakey
 
-__all__ = ('vkey', 'pkey',)
+__all__ = ('vkey', 'pkey', 'averify')
 
 _keyfile = myroot / '.key'
 if _keyfile.exists():
@@ -27,9 +27,13 @@ def verify(data: bytes, signature: Optional[bytes] = None) -> bytes:
     return vkey.verify(data, signature)
 
 
+def receive(data: bytes) -> bytes:
+    return SealedBox(_ekey).decrypt(data)
+
+
 if cakey:
     akey: VerifyKey = VerifyKey(cakey)
 
 
-    def averify(data: bytes, signature: Optional[bytes] = None) -> bytes:
-        return akey.verify(data, signature)
+def averify(data: bytes, signature: Optional[bytes] = None) -> bytes:
+    return akey.verify(data, signature)
diff --git a/v6d0auth/client.py b/v6d0auth/client.py
index bbcdc24..951e163 100644
--- a/v6d0auth/client.py
+++ b/v6d0auth/client.py
@@ -1,18 +1,34 @@
 import aiohttp
-
-__all__ = ('request_signature',)
+from nacl.exceptions import BadSignatureError
 
 from v6d0auth import certs
+from v6d0auth.certs import averify
+from v6d0auth.config import myroot, caurl
+
+__all__ = ('request_signature', 'mycert')
 
 
-async def request_signature(base_url: str) -> bytes:
+async def request_signature() -> bytes:
     async with aiohttp.ClientSession() as session:
-        async with session.post(f'{base_url}/push', data=certs.vkey.encode()) as response:
+        async with session.post(f'{caurl}/push', data=certs.vkey.encode()) as response:
             if response.status not in [200, 429]:
-                raise RuntimeError
-        async with session.ws_connect(f'{base_url}/pullws') as ws:
+                raise RuntimeError(response.status)
+        async with session.ws_connect(f'{caurl}/pullws') as ws:
             await ws.send_bytes(certs.vkey.encode())
             try:
                 return await ws.receive_bytes()
             except TypeError:
                 raise TimeoutError
+
+
+_certfile = myroot / 'cert'
+
+
+async def mycert() -> bytes:
+    try:
+        cert = _certfile.read_bytes()
+        averify(cert)
+    except (FileNotFoundError, BadSignatureError):
+        cert = await request_signature()
+        _certfile.write_bytes(cert)
+    return cert
diff --git a/v6d0auth/config.py b/v6d0auth/config.py
index f9355f2..1af0636 100644
--- a/v6d0auth/config.py
+++ b/v6d0auth/config.py
@@ -1,12 +1,14 @@
 import os
 from pathlib import Path
 
-__all__ = ('myroot', 'host', 'port', 'cakey')
+__all__ = ('root', 'myroot', 'host', 'port', 'cakey', 'caurl',)
 
-_root = Path(os.getenv('v6root', './data'))
-assert _root.exists()
-myroot = _root / 'v6d0auth'
+root = Path(os.getenv('v6root', './data'))
+assert root.exists()
+myroot = root / 'v6d0auth'
 myroot.mkdir(exist_ok=True)
 host = os.getenv('v6host', '127.0.0.1')
 port = int(os.getenv('v6port', '5003'))
 cakey = bytes.fromhex(os.getenv('v6ca', ''))
+# noinspection HttpUrlsUsage
+caurl = os.getenv('v6caurl', f'http://{host}:{port}')
diff --git a/v6d0auth/sign-request.py b/v6d0auth/sign-request.py
index f622cfa..5ce366e 100644
--- a/v6d0auth/sign-request.py
+++ b/v6d0auth/sign-request.py
@@ -4,7 +4,7 @@ import asyncio
 import aiohttp
 
 from v6d0auth import certs
-from v6d0auth.config import port
+from v6d0auth.config import port, host
 
 parser = argparse.ArgumentParser()
 parser.add_argument('handle', type=str)
@@ -14,7 +14,8 @@ async def main():
     handle = bytes.fromhex(args.handle)
     request = certs.sign(handle)
     async with aiohttp.ClientSession() as session:
-        async with session.post(f'http://127.0.0.1:{port}/approve', data=request) as response:
+        # noinspection HttpUrlsUsage
+        async with session.post(f'http://{host}:{port}/approve', data=request) as response:
             print(response.status)
             if response.status == 200:
                 print((await response.read()).hex())
diff --git a/v6d0auth/test-request.py b/v6d0auth/test-request.py
index 5f6aaac..01caec5 100644
--- a/v6d0auth/test-request.py
+++ b/v6d0auth/test-request.py
@@ -1,12 +1,10 @@
 import asyncio
 
 from v6d0auth.client import request_signature
-from v6d0auth.config import port, host
 
 
 async def main():
-    # noinspection HttpUrlsUsage
-    print((await request_signature(f'http://{host}:{port}')).hex())
+    print((await request_signature()).hex())
 
 
 if __name__ == '__main__':