initial commit

.gitignore

@@ -0,0 +1,215 @@
+# Byte-compiled / optimized / DLL files
+__pycache__/
+*.py[cod]
+*$py.class
+
+# C extensions
+*.so
+
+# Distribution / packaging
+.Python
+build/
+develop-eggs/
+dist/
+downloads/
+eggs/
+.eggs/
+lib/
+lib64/
+parts/
+sdist/
+var/
+wheels/
+share/python-wheels/
+*.egg-info/
+.installed.cfg
+*.egg
+MANIFEST
+
+# PyInstaller
+#  Usually these files are written by a python script from a template
+#  before PyInstaller builds the exe, so as to inject date/other infos into it.
+*.manifest
+*.spec
+
+# Installer logs
+pip-log.txt
+pip-delete-this-directory.txt
+
+# Unit test / coverage reports
+htmlcov/
+.tox/
+.nox/
+.coverage
+.coverage.*
+.cache
+nosetests.xml
+coverage.xml
+*.cover
+*.py,cover
+.hypothesis/
+.pytest_cache/
+cover/
+
+# Translations
+*.mo
+*.pot
+
+# Django stuff:
+*.log
+local_settings.py
+db.sqlite3
+db.sqlite3-journal
+
+# Flask stuff:
+instance/
+.webassets-cache
+
+# Scrapy stuff:
+.scrapy
+
+# Sphinx documentation
+docs/_build/
+
+# PyBuilder
+.pybuilder/
+target/
+
+# Jupyter Notebook
+.ipynb_checkpoints
+
+# IPython
+profile_default/
+ipython_config.py
+
+# pyenv
+#   For a library or package, you might want to ignore these files since the code is
+#   intended to run in multiple environments; otherwise, check them in:
+# .python-version
+
+# pipenv
+#   According to pypa/pipenv#598, it is recommended to include Pipfile.lock in version control.
+#   However, in case of collaboration, if having platform-specific dependencies or dependencies
+#   having no cross-platform support, pipenv may install dependencies that don't work, or not
+#   install all needed dependencies.
+#Pipfile.lock
+
+# PEP 582; used by e.g. github.com/David-OConnor/pyflow
+__pypackages__/
+
+# Celery stuff
+celerybeat-schedule
+celerybeat.pid
+
+# SageMath parsed files
+*.sage.py
+
+# Environments
+.env
+.venv
+env/
+venv/
+ENV/
+env.bak/
+venv.bak/
+
+# Spyder project settings
+.spyderproject
+.spyproject
+
+# Rope project settings
+.ropeproject
+
+# mkdocs documentation
+/site
+
+# mypy
+.mypy_cache/
+.dmypy.json
+dmypy.json
+
+# Pyre type checker
+.pyre/
+
+# pytype static type analyzer
+.pytype/
+
+# Cython debug symbols
+cython_debug/
+
+
+
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/**/usage.statistics.xml
+.idea/**/dictionaries
+.idea/**/shelf
+
+# Generated files
+.idea/**/contentModel.xml
+
+# Sensitive or high-churn files
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+.idea/**/dbnavigator.xml
+
+# Gradle
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# Gradle and Maven with auto-import
+# When using Gradle or Maven with auto-import, you should exclude module files,
+# since they will be recreated, and may cause churn.  Uncomment if using
+# auto-import.
+# .idea/artifacts
+# .idea/compiler.xml
+# .idea/jarRepositories.xml
+# .idea/modules.xml
+# .idea/*.iml
+# .idea/modules
+# *.iml
+# *.ipr
+
+# CMake
+cmake-build-*/
+
+# Mongo Explorer plugin
+.idea/**/mongoSettings.xml
+
+# File-based project format
+*.iws
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+# Editor-based Rest Client
+.idea/httpRequests
+
+# Android studio 3.1+ serialized cache file
+.idea/caches/build_file_checksums.ser
+
+
+/data/

.idea/.gitignore

@@ -0,0 +1,8 @@
+# Default ignored files
+/shelf/
+/workspace.xml
+# Datasource local storage ignored files
+/dataSources/
+/dataSources.local.xml
+# Editor-based HTTP Client requests
+/httpRequests/

.idea/inspectionProfiles/Project_Default.xml

@@ -0,0 +1,51 @@
+<component name="InspectionProjectProfileManager">
+  <profile version="1.0">
+    <option name="myName" value="Project Default" />
+    <inspection_tool class="DuplicatedCode" enabled="false" level="WEAK WARNING" enabled_by_default="false" />
+    <inspection_tool class="HtmlUnknownTag" enabled="true" level="WARNING" enabled_by_default="true">
+      <option name="myValues">
+        <value>
+          <list size="11">
+            <item index="0" class="java.lang.String" itemvalue="nobr" />
+            <item index="1" class="java.lang.String" itemvalue="noembed" />
+            <item index="2" class="java.lang.String" itemvalue="comment" />
+            <item index="3" class="java.lang.String" itemvalue="noscript" />
+            <item index="4" class="java.lang.String" itemvalue="embed" />
+            <item index="5" class="java.lang.String" itemvalue="script" />
+            <item index="6" class="java.lang.String" itemvalue="markdown" />
+            <item index="7" class="java.lang.String" itemvalue="sv3i" />
+            <item index="8" class="java.lang.String" itemvalue="sv3o" />
+            <item index="9" class="java.lang.String" itemvalue="sv3a" />
+            <item index="10" class="java.lang.String" itemvalue="sv3c" />
+          </list>
+        </value>
+      </option>
+      <option name="myCustomValuesEnabled" value="true" />
+    </inspection_tool>
+    <inspection_tool class="PyPackageRequirementsInspection" enabled="true" level="WARNING" enabled_by_default="true">
+      <option name="ignoredPackages">
+        <value>
+          <list size="1">
+            <item index="0" class="java.lang.String" itemvalue="nacl" />
+          </list>
+        </value>
+      </option>
+    </inspection_tool>
+    <inspection_tool class="PyUnresolvedReferencesInspection" enabled="true" level="WARNING" enabled_by_default="true">
+      <option name="ignoredIdentifiers">
+        <list>
+          <option value="PySide2.QtWidgets.clicked.connect" />
+          <option value="PySide2.QtWidgets.valueChanged.connect" />
+          <option value="PySide2.QtWidgets.textChanged.connect" />
+          <option value="PySide2.QtCore.Signal.emit" />
+          <option value="PySide2.QtCore.Signal.connect" />
+        </list>
+      </option>
+    </inspection_tool>
+    <inspection_tool class="SpellCheckingInspection" enabled="false" level="TYPO" enabled_by_default="false">
+      <option name="processCode" value="true" />
+      <option name="processLiterals" value="true" />
+      <option name="processComments" value="true" />
+    </inspection_tool>
+  </profile>
+</component>

.idea/inspectionProfiles/profiles_settings.xml

@@ -0,0 +1,6 @@
+<component name="InspectionProjectProfileManager">
+  <settings>
+    <option name="USE_PROJECT_PROFILE" value="false" />
+    <version value="1.0" />
+  </settings>
+</component>

.idea/misc.xml

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectRootManager" version="2" project-jdk-name="Python 3.9 (v6d1tokens)" project-jdk-type="Python SDK" />
+</project>

.idea/modules.xml

@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectModuleManager">
+    <modules>
+      <module fileurl="file://$PROJECT_DIR$/.idea/v6d1tokens.iml" filepath="$PROJECT_DIR$/.idea/v6d1tokens.iml" />
+    </modules>
+  </component>
+</project>

.idea/v6d1tokens.iml

@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<module type="PYTHON_MODULE" version="4">
+  <component name="NewModuleRootManager">
+    <content url="file://$MODULE_DIR$">
+      <excludeFolder url="file://$MODULE_DIR$/venv" />
+    </content>
+    <orderEntry type="inheritedJdk" />
+    <orderEntry type="sourceFolder" forTests="false" />
+  </component>
+</module>

Dockerfile

@@ -0,0 +1,11 @@
+# syntax=docker/dockerfile:1
+FROM python:3.9
+WORKDIR /v6
+ENV v6host=0.0.0.0
+EXPOSE 5910
+ENV v6port=5910
+ENV v6root=/v6data
+COPY requirements.txt requirements.txt
+RUN pip install -r requirements.txt
+COPY v6d1tokens v6d1tokens
+CMD ["python3", "-m", "v6d1tokens.run-server"]

requirements.txt

@@ -0,0 +1,4 @@
+aiohttp~=3.8.1
+PyNaCl~=1.4.0
+git+https://gitea.ongoteam.net/PTV/ptvp35.git
+git+https://gitea.ongoteam.net/PTV/v6d0auth.git

setup.py

@@ -0,0 +1,20 @@
+from setuptools import setup
+
+install_requires = '''
+aiohttp~=3.8.1
+PyNaCl~=1.4.0
+ptvp35 @ git+https://gitea.ongoteam.net/PTV/ptvp35.git
+v6d0auth @ git+https://gitea.ongoteam.net/PTV/v6d0auth.git
+'''.strip().splitlines()
+
+setup(
+    name='v6d1tokens',
+    version='',
+    packages=['v6d1tokens'],
+    url='',
+    license='',
+    author='PARRRATE T&V',
+    author_email='',
+    description='',
+    install_requires=install_requires
+)

v6d1tokens/app.py

@@ -0,0 +1,57 @@
+import json
+
+from aiohttp import web
+from nacl.exceptions import BadSignatureError
+from v6d0auth import certs
+
+__all__ = ('get_app',)
+
+from v6d1tokens.tdb import TDB
+
+
+def define_routes(routes: web.RouteTableDef, tdb: TDB):
+    print(certs.vkey.encode().hex())
+
+    @routes.get('/')
+    async def home(_request: web.Request):
+        return web.Response(body='v6d0auth\n')
+
+    @routes.post('/reg')
+    async def reg(request: web.Request):
+        try:
+            await tdb.reg(await request.read())
+        except BadSignatureError:
+            raise web.HTTPUnauthorized
+        except json.JSONDecodeError:
+            raise web.HTTPBadRequest
+        else:
+            raise web.HTTPOk
+
+    @routes.post('/get')
+    async def get(request: web.Request):
+        try:
+            token_encrypted = await tdb.get(await request.read())
+        except BadSignatureError:
+            raise web.HTTPUnauthorized
+        except json.JSONDecodeError:
+            raise web.HTTPBadRequest
+        except KeyError:
+            raise web.HTTPNotFound
+        else:
+            return web.Response(body=token_encrypted)
+
+
+def app_routes(tdb: TDB) -> web.RouteTableDef:
+    routes = web.RouteTableDef()
+    define_routes(routes, tdb)
+    return routes
+
+
+def app_with_routes(routes: web.RouteTableDef):
+    app = web.Application()
+    app.add_routes(routes)
+    return app
+
+
+def get_app(tdb: TDB) -> web.Application:
+    return app_with_routes(app_routes(tdb))

v6d1tokens/client.py

@@ -0,0 +1,21 @@
+import json
+
+import aiohttp
+from v6d0auth import certs
+from v6d0auth.client import mycert
+
+from v6d1tokens.config import taurl
+
+__all__ = ('request_token',)
+
+
+async def request_token(token_id: str) -> str:
+    async with aiohttp.ClientSession() as session:
+        async with session.post(
+                f'{taurl}/get',
+                data=json.dumps([token_id, (await mycert()).hex()]).encode()
+        ) as response:
+            if response.status == 200:
+                return certs.receive(await response.read()).decode()
+            else:
+                raise RuntimeError(response.status)

v6d1tokens/config.py

@@ -0,0 +1,9 @@
+import os
+
+from v6d0auth.config import root, port
+
+__all__ = ('myroot', 'taurl',)
+
+myroot = root / 'v6d1tokens'
+myroot.mkdir(exist_ok=True)
+taurl = os.getenv('v6taurl', f'http://127.0.0.1:{port}')

v6d1tokens/reg-token.py

@@ -0,0 +1,18 @@
+import asyncio
+import json
+
+import aiohttp
+from v6d0auth import certs
+from v6d0auth.config import host, port
+
+
+async def main():
+    request = certs.sign(json.dumps([input('token_id:'), input('token:')]).encode())
+    async with aiohttp.ClientSession() as session:
+        # noinspection HttpUrlsUsage
+        async with session.post(f'http://{host}:{port}/reg', data=request) as response:
+            print(response.status)
+
+
+if __name__ == '__main__':
+    asyncio.run(main())

v6d1tokens/run-server.py

@@ -0,0 +1,16 @@
+import asyncio
+
+from aiohttp import web
+from v6d0auth.config import port, host
+
+from v6d1tokens.app import get_app
+from v6d1tokens.tdb import TDB
+
+if __name__ == '__main__':
+    loop = asyncio.get_event_loop()
+    tdb = TDB()
+    loop.run_until_complete(tdb.db.__aenter__())
+    try:
+        web.run_app(get_app(tdb), host=host, port=port, loop=loop)
+    finally:
+        loop.run_until_complete(tdb.db.__aexit__(None, None, None))

v6d1tokens/tdb.py

@@ -0,0 +1,38 @@
+import json
+from typing import Optional
+
+from nacl.public import PublicKey, SealedBox
+from nacl.signing import VerifyKey
+from ptvp35 import Db, KVJson
+from v6d0auth import certs
+
+from v6d1tokens.config import myroot
+
+__all__ = ('TDB',)
+
+_tdbfile = myroot / 'tokens.db'
+
+
+class TDB:
+    def __init__(self):
+        self.db = Db(_tdbfile, kvrequest_type=KVJson)
+
+    def _get(self, token_id: str) -> Optional[str]:
+        return self.db.get(token_id, None)
+
+    async def get(self, request: bytes) -> bytes:
+        token_id, requester_cert = json.loads(request)
+        requester: PublicKey = VerifyKey(certs.averify(bytes.fromhex(requester_cert))).to_curve25519_public_key()
+        token = self._get(token_id)
+        if token is None:
+            raise KeyError
+        return SealedBox(requester).encrypt(token.encode())
+
+    async def _reg(self, token_id: str, token: str) -> None:
+        await self.db.set(token_id, token)
+
+    async def reg(self, request: bytes) -> None:
+        request = certs.verify(request)
+        token_id, token = json.loads(request)
+        assert type(token_id) == type(token) == str
+        await self._reg(token_id, token)

v6d1tokens/test-request.py

@@ -0,0 +1,11 @@
+import asyncio
+
+from v6d1tokens.client import request_token
+
+
+async def main():
+    print(await request_token('test'))
+
+
+if __name__ == '__main__':
+    asyncio.run(main())