Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

One time use project upload token #6935

Closed
wants to merge 114 commits into from
Closed
Changes from 1 commit
Commits
Show all changes
114 commits
Select commit Hold shift + click to select a range
34f5e96
Psuedo code added for issue #6255.
rachelcipkins Aug 29, 2019
545dea0
Added caveats for project version and macaroon expiration time.
rachelcipkins Aug 30, 2019
cd4e8a2
Added tests for expiration time.
rachelcipkins Sep 5, 2019
03ea2ce
Updated caveats for expiration time and release.
rachelcipkins Sep 5, 2019
1447ed7
Added macaroon fields for expiration time and release.
rachelcipkins Sep 5, 2019
0d2733d
Added expiration field to macaroon.
rachelcipkins Sep 5, 2019
a89a25e
Added form fields for expiration and release.
rachelcipkins Sep 5, 2019
8826d39
Moved release caveat.
rachelcipkins Sep 6, 2019
d3cb195
Added potential new Macaroon fields.
rachelcipkins Sep 6, 2019
71f7c1b
Added scope, release, and expiration fields to Macaroon object.
rachelcipkins Sep 6, 2019
2e62cfc
Added scope, release, and expiration fields to create_macaroon.
rachelcipkins Sep 6, 2019
29dcb8c
Changed release to be a text input.
rachelcipkins Sep 6, 2019
0de8289
Updated validate_release.
rachelcipkins Sep 6, 2019
e96b1b0
Added verification for release.
rachelcipkins Sep 9, 2019
5cbadb0
Updated timezone info to GMT for POC.
rachelcipkins Sep 9, 2019
1913b28
Removed macaroon db fields for scope, release, and expiration. Added …
rachelcipkins Sep 9, 2019
b5bb8ce
Updated functionality for release caveat.
rachelcipkins Sep 10, 2019
63cfeee
Added validation for releases.
rachelcipkins Sep 10, 2019
77e80b0
Added property to macaroon views to get all of a user's projects.
rachelcipkins Sep 10, 2019
ece4724
Removed testing lines.
rachelcipkins Sep 10, 2019
c9feca4
Removed note.
rachelcipkins Sep 10, 2019
8631895
Merge branch 'tob-6255'
rachelcipkins Sep 10, 2019
b63290a
Started adding tests for release and expiration caveats.
rachelcipkins Sep 11, 2019
8ffb416
Started adding tests for release and expiration additions to the Crea…
rachelcipkins Sep 11, 2019
683448b
Changed wording on error messages added check to see if scope is user.
rachelcipkins Sep 11, 2019
b140178
Fixed logic error and typo.
rachelcipkins Sep 11, 2019
7b3bd1e
Changed release to releases.
rachelcipkins Sep 12, 2019
ad8f16c
Fixed errors in existing tests.
rachelcipkins Sep 12, 2019
77183f7
Added all_projects attribute to default_response.
rachelcipkins Sep 12, 2019
f9d2fb5
Revert "Added all_projects attribute to default_response."
rachelcipkins Sep 12, 2019
503d003
Added all_projects attribute to default_response.
rachelcipkins Sep 12, 2019
7fe87bd
Changed release to releases.
rachelcipkins Sep 12, 2019
4b4e45e
Removed unused function.
rachelcipkins Sep 12, 2019
879600e
Removed project_names.
rachelcipkins Sep 12, 2019
51b7642
Merge branch 'tob-6255' into tob-new-caveats
rachelcipkins Sep 12, 2019
1fb7db2
Added tests for full coverage.
rachelcipkins Sep 13, 2019
dd3ef4b
Changed format of validated_scope.
rachelcipkins Sep 13, 2019
9357cd4
Updated to match new format.
rachelcipkins Sep 13, 2019
117a3af
Added expiration to user scope.
rachelcipkins Sep 17, 2019
0d09209
Added tests for full coverage.
rachelcipkins Sep 17, 2019
1dfe594
Grammar / formatting fixes.
rachelcipkins Sep 17, 2019
b372344
Added/modified tests for full coverage.
rachelcipkins Sep 17, 2019
f130d8e
Merge branch 'tob-6255' into tob-new-caveats
rachelcipkins Sep 17, 2019
dbf9054
Removed notes.
rachelcipkins Sep 17, 2019
2355ff7
Updated to match new format.
rachelcipkins Sep 17, 2019
e23fc0f
Merge branch 'tob-6255' into tob-new-caveats
rachelcipkins Sep 17, 2019
9474015
Translation
rachelcipkins Sep 17, 2019
b9d2b0d
Merge branch 'tob-6255' into tob-new-caveats
rachelcipkins Sep 17, 2019
5117373
Merge branch 'master' into tob-new-caveats
rachelcipkins Sep 17, 2019
6b2b080
Hid release field when user scope selected.
rachelcipkins Sep 17, 2019
4c8e961
Merge branch 'tob-6255' into tob-new-caveats
rachelcipkins Sep 17, 2019
3a7941f
Merge branch 'tob-new-caveats' of github.com:trailofbits/warehouse in…
rachelcipkins Sep 17, 2019
9a46d0e
Black reformatting.
rachelcipkins Sep 18, 2019
2acb0e1
Merge branch 'tob-6255' into tob-new-caveats
rachelcipkins Sep 18, 2019
b5d6f57
Removed project_names / changed project_names test to all_projects.
rachelcipkins Sep 18, 2019
8fd501a
Parsed token_scope to just grab name of project for project-name field.
rachelcipkins Sep 18, 2019
88d19bc
Removed project_names.
rachelcipkins Sep 18, 2019
98cf8e6
Updated to use all_projects instead of project_names.
rachelcipkins Sep 18, 2019
a796938
Removed unused variables / packages.
rachelcipkins Sep 18, 2019
3b1bc04
Formatting fixes.
rachelcipkins Sep 18, 2019
a347b3e
Merge remote-tracking branch 'upstream/master' into tob-6255
rachelcipkins Sep 18, 2019
e8aeeaf
Formatting fixes.
rachelcipkins Sep 19, 2019
5a82f8f
Updated to handle previously created API token.
rachelcipkins Sep 19, 2019
f369279
Merge branch 'tob-6255' into tob-new-caveats
rachelcipkins Sep 19, 2019
fd5a530
Resolved merge conflict.
rachelcipkins Sep 19, 2019
e245102
Formatting fixes.
rachelcipkins Sep 19, 2019
8d2e44a
Revert "Black reformatting."
rachelcipkins Sep 19, 2019
92e51cf
Refixed formatting.
rachelcipkins Sep 19, 2019
79738f6
Merge branch 'master' into tob-new-caveats
woodruffw Sep 19, 2019
989a1db
warehouse: Refactor new caveats into a V2 format
woodruffw Sep 20, 2019
94a3ac3
tests: Began updating caveats tests
woodruffw Sep 23, 2019
40773f6
tests: Update manage/forms
woodruffw Sep 23, 2019
d599011
warehouse: Fix event recording for projects
woodruffw Sep 23, 2019
7bee8e7
tests: Fix manage/views tests
woodruffw Sep 23, 2019
51effcb
warehouse: Fix timestamp, return verify result
woodruffw Sep 23, 2019
6fa808d
tests: Update macaroon caveats tests
woodruffw Sep 23, 2019
5b504e5
tests: Fill in caveats, manage/forms tests
woodruffw Sep 23, 2019
ce96048
Merge branch 'master' into tob-new-caveats
woodruffw Sep 23, 2019
09f6469
Merge branch 'master' into tob-new-caveats
woodruffw Sep 23, 2019
4a0eb02
warehouse, test: Fix wrong key for version
woodruffw Sep 23, 2019
8a08fc2
Merge branch 'master' into tob-new-caveats
woodruffw Sep 24, 2019
8d3e66e
Added functionality for cornice REST api for upload tokens.
rachelcipkins Sep 30, 2019
2f1b699
Moved api to legacy directory.
rachelcipkins Sep 30, 2019
42c2525
Added route for token API endpoint.
rachelcipkins Sep 30, 2019
82ea5f3
Added token API endpoint.
rachelcipkins Sep 30, 2019
fedec1f
Added token API endpoint route.
rachelcipkins Sep 30, 2019
f71ea8c
Changed scope to match V2 caveats.
rachelcipkins Sep 30, 2019
e135886
Formatting fixes.
rachelcipkins Sep 30, 2019
f65eb3c
Started API endpoint for package uploads.
rachelcipkins Oct 10, 2019
f0a4f6a
Added test for invalid master token.
rachelcipkins Oct 10, 2019
44ca111
Removed notes.
rachelcipkins Oct 10, 2019
734c175
Removed unnecessary imports.
rachelcipkins Oct 15, 2019
aa2fdb9
Added one time use caveat.
rachelcipkins Oct 22, 2019
d9a698b
Added tests for one time use caveat.
rachelcipkins Oct 22, 2019
a00ed39
Formatting fixes.
rachelcipkins Oct 22, 2019
d9edc22
Added files to ignore.
rachelcipkins Oct 28, 2019
0c991b4
Removed unused variable.
rachelcipkins Oct 28, 2019
553065e
Merge branch 'master' into tob-one-time-token
woodruffw Nov 18, 2019
ee2a881
tests, warehouse: flake8 fixes
woodruffw Nov 18, 2019
d184a2e
tests/unit: Blacken
woodruffw Nov 18, 2019
4f5aaa9
tests, warehouse: isort fixes
woodruffw Nov 18, 2019
b7d299b
Merge branch 'master' into tob-one-time-token
woodruffw Nov 26, 2019
312f2e5
warehouse: Refactor token creation endpoint
woodruffw Dec 4, 2019
280144e
tests: Update macaroon caveat tests
woodruffw Dec 4, 2019
6769844
warehouse/routes: Auto-format
woodruffw Dec 4, 2019
8fbb669
tests/unit: Begin rewriting tests
woodruffw Dec 4, 2019
7865c10
tests/api: Add more token creation tests
woodruffw Dec 4, 2019
634e807
tests: Update management form strings
woodruffw Dec 5, 2019
e262de7
tests: Remove one-time-token tests
woodruffw Dec 5, 2019
e24fe65
tests: Remove unused import
woodruffw Dec 5, 2019
7f33a34
warehouse/api: Fix import orders
woodruffw Dec 5, 2019
66bd850
Merge branch 'master' into tob-one-time-token
woodruffw Dec 5, 2019
37051e9
warehouse, tests: Re-add one-time tokens
woodruffw Dec 6, 2019
87ca35a
warehouse/macaroons: Remove unused import
woodruffw Dec 6, 2019
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Updated timezone info to GMT for POC.
rachelcipkins committed Sep 9, 2019
commit 5cbadb0d05c5f48a8e303b88860a42ac74520506
6 changes: 5 additions & 1 deletion warehouse/macaroons/caveats.py
Original file line number Diff line number Diff line change
@@ -20,6 +20,7 @@

from datetime import timedelta

import pytz

class InvalidMacaroon(Exception):
...
@@ -92,7 +93,10 @@ def verify(self, key):

#added
expiration = self.macaroon.expiration
if expiration > datetime.now():
d = datetime.now()
tz = pytz.timezone('GMT') #GMT for POC
tz_aware = tz.localize(d)
if expiration > tz_aware:
raise InvalidMacaroon("time has expired")

release = self.macaroon.release
14 changes: 11 additions & 3 deletions warehouse/manage/forms.py
Original file line number Diff line number Diff line change
@@ -28,6 +28,7 @@

from datetime import datetime
from datetime import timedelta
import pytz


class RoleNameMixin:
@@ -257,7 +258,7 @@ def validate_token_scope(self, field):
f"Unknown or invalid project name: {scope_value}"
)

self.validated_scope = {"projects": [scope_value]}
self.validated_scope.update({"projects": [scope_value]})

def validate_release(self,field):
release = field.data
@@ -267,15 +268,22 @@ def validate_release(self,field):
int(val)
except ValueError:
raise wtforms.ValidationError("Invalid release")

self.validated_scope.update({"release": release})

def validate_expiration(self, field):
expiration = field.data
expiration = datetime.strptime(expiration, "%Y-%m-%dT%H:%M")
d = datetime.now()
tz = pytz.timezone('GMT') #GMT for POC
tz_aware = tz.localize(d)

if expiration > datetime.now() + timedelta(days=365):
if expiration > tz_aware + timedelta(days=365):
raise wtforms.ValidationError("Expiration cannot be greater than one year")
if expiration < datetime.now():
if expiration < tz_aware:
raise wtforms.ValidationError("Expiration must be after the current time")

self.validated_scope.update({"expiration": expiration})


class DeleteMacaroonForm(forms.Form):