You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
269 lines
9.6 KiB
269 lines
9.6 KiB
4 weeks ago
|
// Copyright (C) 2024 Simon Quigley <tsimonq2@ubuntu.com>
|
||
|
//
|
||
|
// This program is free software: you can redistribute it and/or modify
|
||
|
// it under the terms of the GNU General Public License as published by
|
||
|
// the Free Software Foundation, either version 3 of the License, or
|
||
|
// (at your option) any later version.
|
||
|
//
|
||
|
// This program is distributed in the hope that it will be useful,
|
||
|
// but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||
|
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||
|
// GNU General Public License for more details.
|
||
|
//
|
||
|
// You should have received a copy of the GNU General Public License
|
||
|
// along with this program. If not, see <https://www.gnu.org/licenses/>.
|
||
|
|
||
|
#include "authentication.h"
|
||
|
#include "utils.h"
|
||
|
#include <iostream>
|
||
|
#include <fstream>
|
||
|
#include <filesystem>
|
||
|
#include <regex>
|
||
|
#include <sstream>
|
||
|
#include <nlohmann/json.hpp>
|
||
|
#include <libsecret/secret.h>
|
||
|
#include <glib.h>
|
||
|
|
||
|
namespace fs = std::filesystem;
|
||
|
|
||
|
const std::string AUTH_PLAINTEXT_CREDENTIALS_FILE =
|
||
|
std::string(std::getenv("HOME")) + "/.local/share/python_keyring/keyring_pass.cfg";
|
||
|
|
||
|
static const SecretSchema* get_schema(void) {
|
||
|
static const SecretSchema* schema = secret_schema_new(
|
||
|
"org.launchpad.lib.Secret",
|
||
|
SECRET_SCHEMA_NONE,
|
||
|
"credentials", SECRET_SCHEMA_ATTRIBUTE_STRING,
|
||
|
"key", SECRET_SCHEMA_ATTRIBUTE_STRING,
|
||
|
NULL
|
||
|
);
|
||
|
return schema;
|
||
|
}
|
||
|
|
||
|
bool read_plaintext_credentials_impl(std::string& consumer_key,
|
||
|
std::string& consumer_secret,
|
||
|
std::string& oauth_token,
|
||
|
std::string& oauth_token_secret)
|
||
|
{
|
||
|
std::ifstream file(AUTH_PLAINTEXT_CREDENTIALS_FILE);
|
||
|
if (!file.is_open()) {
|
||
|
std::cerr << "Plaintext credentials file not found: " << AUTH_PLAINTEXT_CREDENTIALS_FILE << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
std::string line;
|
||
|
bool in_launchpadlib_section = false;
|
||
|
std::string encoded_credentials;
|
||
|
bool credentials_found = false;
|
||
|
std::string encoded_key;
|
||
|
|
||
|
while (std::getline(file, line)) {
|
||
|
line.erase(0, line.find_first_not_of(" \t\r\n"));
|
||
|
line.erase(line.find_last_not_of(" \t\r\n") + 1);
|
||
|
|
||
|
if (line.empty()) continue;
|
||
|
|
||
|
if (line.front() == '[' && line.back() == ']') {
|
||
|
std::string section = line.substr(1, line.size() - 2);
|
||
|
in_launchpadlib_section = (section == "launchpadlib");
|
||
|
continue;
|
||
|
}
|
||
|
|
||
|
if (in_launchpadlib_section) {
|
||
|
size_t eq_pos = line.find('=');
|
||
|
if (eq_pos != std::string::npos) {
|
||
|
encoded_key = line.substr(0, eq_pos);
|
||
|
encoded_credentials.clear();
|
||
|
while (std::getline(file, line)) {
|
||
|
if (line.find(" ") == 0) {
|
||
|
encoded_credentials += line.substr(8);
|
||
|
} else {
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
credentials_found = true;
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
file.close();
|
||
|
|
||
|
if (!credentials_found || encoded_credentials.empty()) {
|
||
|
std::cerr << "No credentials found in plaintext file." << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
std::string decoded_credentials = base64_decode(encoded_credentials);
|
||
|
if (decoded_credentials.empty()) {
|
||
|
std::cerr << "Failed to decode Base64 credentials." << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
std::istringstream iss(decoded_credentials);
|
||
|
std::string token_line;
|
||
|
while (std::getline(iss, token_line)) {
|
||
|
size_t pos = token_line.find('=');
|
||
|
if (pos != std::string::npos) {
|
||
|
std::string key = token_line.substr(0, pos);
|
||
|
std::string value = token_line.substr(pos + 1);
|
||
|
if (key == "oauth_token") {
|
||
|
oauth_token = value;
|
||
|
} else if (key == "oauth_token_secret") {
|
||
|
oauth_token_secret = value;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
std::string decoded_key = decode_service_identifier(encoded_key);
|
||
|
std::regex rgx("system-wide: ([^@]+)@https://api.launchpad.net/");
|
||
|
std::smatch matches;
|
||
|
if (std::regex_search(decoded_key, matches, rgx)) {
|
||
|
consumer_key = matches[1];
|
||
|
} else {
|
||
|
std::cerr << "Failed to parse consumer_key from encoded key." << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
consumer_secret = "&";
|
||
|
|
||
|
if (oauth_token.empty() || oauth_token_secret.empty()) {
|
||
|
std::cerr << "Incomplete credentials in plaintext file." << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
bool create_plaintext_credentials_impl(const std::string& consumer_key,
|
||
|
const std::string& consumer_secret_input,
|
||
|
const std::string& oauth_token,
|
||
|
const std::string& oauth_token_secret)
|
||
|
{
|
||
|
fs::path dir = fs::path(AUTH_PLAINTEXT_CREDENTIALS_FILE).parent_path();
|
||
|
std::error_code ec;
|
||
|
if (!fs::exists(dir)) {
|
||
|
if (!fs::create_directories(dir, ec)) {
|
||
|
std::cerr << "Failed to create directory: " << dir << " Error: " << ec.message() << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
std::string service_identifier = "system-wide: " + consumer_key + "@https://api.launchpad.net/";
|
||
|
std::string encoded_key = encode_service_identifier(service_identifier);
|
||
|
|
||
|
std::string credentials = "oauth_token=" + oauth_token + "\n" +
|
||
|
"oauth_token_secret=" + oauth_token_secret + "\n";
|
||
|
|
||
|
std::string encoded_credentials = base64_encode(reinterpret_cast<const unsigned char*>(credentials.c_str()), credentials.length());
|
||
|
|
||
|
std::ofstream file_out(AUTH_PLAINTEXT_CREDENTIALS_FILE, std::ios::trunc);
|
||
|
if (!file_out.is_open()) {
|
||
|
std::cerr << "Failed to open plaintext credentials file for writing: " << AUTH_PLAINTEXT_CREDENTIALS_FILE << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
file_out << "[launchpadlib]\n";
|
||
|
file_out << encoded_key << " = \n";
|
||
|
|
||
|
size_t pos = 0;
|
||
|
size_t line_length = 80;
|
||
|
while (pos < encoded_credentials.size()) {
|
||
|
file_out << " " << encoded_credentials.substr(pos, line_length) << "\n";
|
||
|
pos += line_length;
|
||
|
}
|
||
|
|
||
|
file_out.close();
|
||
|
std::cout << "Credentials saved to " << AUTH_PLAINTEXT_CREDENTIALS_FILE << std::endl;
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
bool read_gnome_keyring_impl(std::string& consumer_key,
|
||
|
std::string& consumer_secret,
|
||
|
std::string& oauth_token,
|
||
|
std::string& oauth_token_secret)
|
||
|
{
|
||
|
std::string actual_consumer_key = "ubuntu (lugito-ci)";
|
||
|
std::string service_identifier = "system-wide: " + actual_consumer_key + "@https://api.launchpad.net/";
|
||
|
std::string encoded_key = encode_service_identifier(service_identifier);
|
||
|
|
||
|
std::string serialized_credentials = get_secret("org.launchpad.lib.Secret", "credentials", "credentials").value_or("");
|
||
|
if (serialized_credentials.empty()) {
|
||
|
std::cerr << "No credentials found in GNOME keyring." << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
std::string decoded_credentials = base64_decode(serialized_credentials);
|
||
|
if (decoded_credentials.empty()) {
|
||
|
std::cerr << "Failed to decode Base64 credentials from keyring." << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
std::istringstream iss(decoded_credentials);
|
||
|
std::string token_line;
|
||
|
while (std::getline(iss, token_line)) {
|
||
|
size_t pos = token_line.find('=');
|
||
|
if (pos != std::string::npos) {
|
||
|
std::string key = token_line.substr(0, pos);
|
||
|
std::string value = token_line.substr(pos + 1);
|
||
|
if (key == "oauth_token") {
|
||
|
oauth_token = value;
|
||
|
} else if (key == "oauth_token_secret") {
|
||
|
oauth_token_secret = value;
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
|
||
|
std::string decoded_key = decode_service_identifier(encoded_key);
|
||
|
std::regex rgx("system-wide: ([^@]+)@https://api.launchpad.net/");
|
||
|
std::smatch matches;
|
||
|
if (std::regex_search(decoded_key, matches, rgx)) {
|
||
|
consumer_key = matches[1];
|
||
|
} else {
|
||
|
std::cerr << "Failed to parse consumer_key from encoded key." << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
consumer_secret = "&";
|
||
|
|
||
|
if (oauth_token.empty() || oauth_token_secret.empty()) {
|
||
|
std::cerr << "Incomplete credentials in GNOME keyring." << std::endl;
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
return true;
|
||
|
}
|
||
|
|
||
|
bool create_keyring_credentials_impl(const std::string& consumer_key,
|
||
|
const std::string& consumer_secret,
|
||
|
const std::string& oauth_token,
|
||
|
const std::string& oauth_token_secret)
|
||
|
{
|
||
|
std::string service_identifier = "system-wide: " + consumer_key + "@https://api.launchpad.net/";
|
||
|
std::string encoded_key = encode_service_identifier(service_identifier);
|
||
|
|
||
|
std::string credentials = "oauth_token=" + oauth_token + "\n" +
|
||
|
"oauth_token_secret=" + oauth_token_secret + "\n";
|
||
|
std::string encoded_credentials = base64_encode(reinterpret_cast<const unsigned char*>(credentials.c_str()), credentials.length());
|
||
|
|
||
|
const SecretSchema* schema = get_schema();
|
||
|
|
||
|
GError* error = nullptr;
|
||
|
if (!secret_password_store_sync(
|
||
|
schema,
|
||
|
"credentials",
|
||
|
"launchpadlib",
|
||
|
encoded_credentials.c_str(),
|
||
|
NULL,
|
||
|
&error,
|
||
|
"credentials", "credentials",
|
||
|
NULL)) {
|
||
|
std::cerr << "Error storing credentials in keyring: " << error->message << std::endl;
|
||
|
g_error_free(error);
|
||
|
return false;
|
||
|
}
|
||
|
|
||
|
std::cout << "Credentials stored in GNOME keyring successfully." << std::endl;
|
||
|
return true;
|
||
|
}
|