0001-compute-service-api-key-from-its-orig-and-destinatio.patch
| hobo/multitenant/settings_loaders.py | ||
|---|---|---|
| 40 | 40 |
with file(path) as f: |
| 41 | 41 |
hobo_json = json.load(f) |
| 42 | 42 |
services = hobo_json.get('services')
|
| 43 |
base_url, secret = [(s.get('base_url'), s.get('secret_key'))
|
|
| 44 |
for s in services if s.get('this')][0]
|
|
| 45 |
orig = urlparse.urlparse(base_url).netloc.split(':')[0]
|
|
| 46 |
secret = hashlib.sha1(orig+secret).hexdigest() |
|
| 43 |
this = [s for s in services if s.get('this')][0]
|
|
| 44 |
base_url = this['base_url'] |
|
| 45 |
secret = this['secret_key'] |
|
| 47 | 46 | |
| 48 | 47 |
for service in services: |
| 48 |
# Why refer to ourself ? |
|
| 49 |
if service.get('this'):
|
|
| 50 |
continue |
|
| 49 | 51 |
service_id = service.get('service-id')
|
| 50 | ||
| 52 |
# compute a symetric shared secret using XOR |
|
| 53 |
# secrets MUST be hexadecimal numbers of the same even length |
|
| 54 |
shared_secret = hex(int(secret, 16) ^ int(service['secret_key'], 16))[2:-1] |
|
| 51 | 55 |
service_data = {
|
| 52 | 56 |
'url': service.get('base_url'),
|
| 53 | 57 |
'backoffice-menu-url': service.get('backoffice-menu-url'),
|
| 54 | 58 |
'title': service.get('title'),
|
| 55 | 59 |
'orig': orig, |
| 56 |
'secret': secret, |
|
| 60 |
'secret': shared_secret,
|
|
| 57 | 61 |
'variables': service.get('variables')
|
| 58 | 62 |
} |
| 59 | 63 |
if service_id in known_services: |
| 60 |
- |
|