/
UserStore.py
3281 lines (2870 loc) · 121 KB
/
UserStore.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
#
# Autogenerated by Thrift Compiler (0.9.0)
#
# DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING
#
# options string: py:new_style,utf8strings
#
from thrift.Thrift import TType, TMessageType, TException, TApplicationException
from .ttypes import *
from thrift.Thrift import TProcessor
from thrift.transport import TTransport
from thrift.protocol import TBinaryProtocol, TProtocol
try:
from thrift.protocol import fastbinary
except:
fastbinary = None
class Iface(object):
"""
Service: UserStore
<p>
The UserStore service is primarily used by EDAM clients to establish
authentication via username and password over a trusted connection (e.g.
SSL). A client's first call to this interface should be checkVersion() to
ensure that the client's software is up to date.
</p>
All calls which require an authenticationToken may throw an
EDAMUserException for the following reasons:
<ul>
<li> AUTH_EXPIRED "authenticationToken" - token has expired
<li> BAD_DATA_FORMAT "authenticationToken" - token is malformed
<li> DATA_REQUIRED "authenticationToken" - token is empty
<li> INVALID_AUTH "authenticationToken" - token signature is invalid
</ul>
"""
def checkVersion(self, clientName, edamVersionMajor, edamVersionMinor):
"""
This should be the first call made by a client to the EDAM service. It
tells the service what protocol version is used by the client. The
service will then return true if the client is capable of talking to
the service, and false if the client's protocol version is incompatible
with the service, so the client must upgrade. If a client receives a
false value, it should report the incompatibility to the user and not
continue with any more EDAM requests (UserStore or NoteStore).
@param clientName
This string provides some information about the client for
tracking/logging on the service. It should provide information about
the client's software and platform. The structure should be:
application/version; platform/version; [ device/version ]
E.g. "Evernote Windows/3.0.1; Windows/XP SP3".
@param edamVersionMajor
This should be the major protocol version that was compiled by the
client. This should be the current value of the EDAM_VERSION_MAJOR
constant for the client.
@param edamVersionMinor
This should be the major protocol version that was compiled by the
client. This should be the current value of the EDAM_VERSION_MINOR
constant for the client.
Parameters:
- clientName
- edamVersionMajor
- edamVersionMinor
"""
pass
def getBootstrapInfo(self, locale):
"""
This provides bootstrap information to the client. Various bootstrap
profiles and settings may be used by the client to configure itself.
@param locale
The client's current locale, expressed in language[_country]
format. E.g., "en_US". See ISO-639 and ISO-3166 for valid
language and country codes.
@return
The bootstrap information suitable for this client.
Parameters:
- locale
"""
pass
def authenticate(self, username, password, consumerKey, consumerSecret, supportsTwoFactor):
"""
This is used to check a username and password in order to create a
short-lived authentication session that can be used for further actions.
This function is only available to Evernote's internal applications.
Third party applications must authenticate using OAuth as
described at
<a href="http://dev.evernote.com/documentation/cloud/">dev.evernote.com</a>.
@param username
The username (not numeric user ID) for the account to
authenticate against. This function will also accept the user's
registered email address in this parameter.
@param password
The plaintext password to check against the account. Since
this is not protected by the EDAM protocol, this information must be
provided over a protected transport (e.g. SSL).
@param consumerKey
The "consumer key" portion of the API key issued to the client application
by Evernote.
@param consumerSecret
The "consumer secret" portion of the API key issued to the client application
by Evernote.
@param supportsTwoFactor
Whether the calling application supports two-factor authentication. If this
parameter is false, this method will fail with the error code INVALID_AUTH and the
parameter "password" when called for a user who has enabled two-factor
authentication.
@return
<p>The result of the authentication. If the authentication was successful,
the AuthenticationResult.user field will be set with the full information
about the User.</p>
<p>If the user has two-factor authentication enabled,
AuthenticationResult.secondFactorRequired will be set and
AuthenticationResult.authenticationToken will contain a short-lived token
that may only be used to complete the two-factor authentication process by calling
UserStore.completeTwoFactorAuthentication.</p>
@throws EDAMUserException <ul>
<li> DATA_REQUIRED "username" - username is empty
<li> DATA_REQUIRED "password" - password is empty
<li> DATA_REQUIRED "consumerKey" - consumerKey is empty
<li> INVALID_AUTH "username" - username not found
<li> INVALID_AUTH "password" - password did not match
<li> INVALID_AUTH "consumerKey" - consumerKey is not authorized
<li> INVALID_AUTH "consumerSecret" - consumerSecret is incorrect
<li> PERMISSION_DENIED "User.active" - user account is closed
<li> PERMISSION_DENIED "User.tooManyFailuresTryAgainLater" - user has
failed authentication too often
</ul>
Parameters:
- username
- password
- consumerKey
- consumerSecret
- supportsTwoFactor
"""
pass
def authenticateLongSession(self, username, password, consumerKey, consumerSecret, deviceIdentifier, deviceDescription, supportsTwoFactor):
"""
This is used to check a username and password in order to create a
long-lived authentication token that can be used for further actions.
This function is not available to most third party applications,
which typically authenticate using OAuth as
described at
<a href="http://dev.evernote.com/documentation/cloud/">dev.evernote.com</a>.
If you believe that your application requires permission to authenticate
using username and password instead of OAuth, please contact Evernote
developer support by visiting
<a href="http://dev.evernote.com">dev.evernote.com</a>.
@param username
The username or registered email address of the account to
authenticate against.
@param password
The plaintext password to check against the account. Since
this is not protected by the EDAM protocol, this information must be
provided over a protected transport (i.e. SSL).
@param consumerKey
The "consumer key" portion of the API key issued to the client application
by Evernote.
@param consumerSecret
The "consumer secret" portion of the API key issued to the client application
by Evernote.
@param deviceIdentifier
An optional string, no more than 32 characters in length, that uniquely identifies
the device from which the authentication is being performed. This string allows
the service to return the same authentication token when a given application
requests authentication repeatedly from the same device. This may happen when the
user logs out of an application and then logs back in, or when the application is
uninstalled and later reinstalled. If no reliable device identifier can be created,
this value should be omitted. If set, the device identifier must be between
1 and EDAM_DEVICE_ID_LEN_MAX characters long and must match the regular expression
EDAM_DEVICE_ID_REGEX.
@param deviceDescription
A description of the device from which the authentication is being performed.
This field is displayed to the user in a list of authorized applications to
allow them to distinguish between multiple tokens issued to the same client
application on different devices. For example, the Evernote iOS client on
a user's iPhone and iPad might pass the iOS device names "Bob's iPhone" and
"Bob's iPad". The device description must be between 1 and
EDAM_DEVICE_DESCRIPTION_LEN_MAX characters long and must match the regular
expression EDAM_DEVICE_DESCRIPTION_REGEX.
@param supportsTwoFactor
Whether the calling application supports two-factor authentication. If this
parameter is false, this method will fail with the error code INVALID_AUTH and the
parameter "password" when called for a user who has enabled two-factor
authentication.
@return
<p>The result of the authentication. The level of detail provided in the returned
AuthenticationResult.User structure depends on the access level granted by
calling application's API key.</p>
<p>If the user has two-factor authentication enabled,
AuthenticationResult.secondFactorRequired will be set and
AuthenticationResult.authenticationToken will contain a short-lived token
that may only be used to complete the two-factor authentication process by calling
UserStore.completeTwoFactorAuthentication.</p>
@throws EDAMUserException <ul>
<li> DATA_REQUIRED "username" - username is empty
<li> DATA_REQUIRED "password" - password is empty
<li> DATA_REQUIRED "consumerKey" - consumerKey is empty
<li> DATA_REQUIRED "consumerSecret" - consumerSecret is empty
<li> DATA_REQUIRED "deviceDescription" - deviceDescription is empty
<li> BAD_DATA_FORMAT "deviceDescription" - deviceDescription is not valid.
<li> BAD_DATA_FORMAT "deviceIdentifier" - deviceIdentifier is not valid.
<li> INVALID_AUTH "username" - username not found
<li> INVALID_AUTH "password" - password did not match
<li> INVALID_AUTH "consumerKey" - consumerKey is not authorized
<li> INVALID_AUTH "consumerSecret" - consumerSecret is incorrect
<li> PERMISSION_DENIED "User.active" - user account is closed
<li> PERMISSION_DENIED "User.tooManyFailuresTryAgainLater" - user has
failed authentication too often
</ul>
Parameters:
- username
- password
- consumerKey
- consumerSecret
- deviceIdentifier
- deviceDescription
- supportsTwoFactor
"""
pass
def completeTwoFactorAuthentication(self, authenticationToken, oneTimeCode, deviceIdentifier, deviceDescription):
"""
Complete the authentication process when a second factor is required. This
call is made after a successful call to authenticate or authenticateLongSession
when the authenticating user has enabled two-factor authentication.
@param authenticationToken An authentication token returned by a previous
call to UserStore.authenticate or UserStore.authenticateLongSession that
could not be completed in a single call because a second factor was required.
@param oneTimeCode The one time code entered by the user. This value is delivered
out-of-band, typically via SMS or an authenticator application.
@param deviceIdentifier See the corresponding parameter in authenticateLongSession.
@param deviceDescription See the corresponding parameter in authenticateLongSession.
@return
The result of the authentication. The level of detail provided in the returned
AuthenticationResult.User structure depends on the access level granted by the
calling application's API key. If the initial authentication call was made to
authenticateLongSession, the AuthenticationResult will contain a long-lived
authentication token.
@throws EDAMUserException <ul>
<li> DATA_REQUIRED "authenticationToken" - authenticationToken is empty
<li> DATA_REQUIRED "oneTimeCode" - oneTimeCode is empty
<li> BAD_DATA_FORMAT "authenticationToken" - authenticationToken is not well formed
<li> INVALID_AUTH "oneTimeCode" - oneTimeCode did not match
<li> AUTH_EXPIRED "authenticationToken" - authenticationToken has expired
<li> PERMISSION_DENIED "authenticationToken" - authenticationToken is not valid
<li> PERMISSION_DENIED "User.active" - user account is closed
<li> PERMISSION_DENIED "User.tooManyFailuresTryAgainLater" - user has
failed authentication too often
<li> DATA_CONFLICT "User.twoFactorAuthentication" - The user has not enabled
two-factor authentication.</li>
</ul>
Parameters:
- authenticationToken
- oneTimeCode
- deviceIdentifier
- deviceDescription
"""
pass
def revokeLongSession(self, authenticationToken):
"""
Revoke an existing long lived authentication token. This can be used to
revoke OAuth tokens or tokens created by calling authenticateLongSession,
and allows a user to effectively log out of Evernote from the perspective
of the application that holds the token. The authentication token that is
passed is immediately revoked and may not be used to call any authenticated
EDAM function.
@param authenticationToken the authentication token to revoke.
@throws EDAMUserException <ul>
<li> DATA_REQUIRED "authenticationToken" - no authentication token provided
<li> BAD_DATA_FORMAT "authenticationToken" - the authentication token is not well formed
<li> INVALID_AUTH "authenticationToken" - the authentication token is invalid
<li> AUTH_EXPIRED "authenticationToken" - the authentication token is expired or
is already revoked.
</ul>
Parameters:
- authenticationToken
"""
pass
def authenticateToBusiness(self, authenticationToken):
"""
This is used to take an existing authentication token that grants access
to an individual user account (returned from 'authenticate',
'authenticateLongSession' or an OAuth authorization) and obtain an additional
authentication token that may be used to access business notebooks if the user
is a member of an Evernote Business account.
The resulting authentication token may be used to make NoteStore API calls
against the business using the NoteStore URL returned in the result.
@param authenticationToken
The authentication token for the user. This may not be a shared authentication
token (returned by NoteStore.authenticateToSharedNotebook or
NoteStore.authenticateToSharedNote) or a business authentication token.
@return
The result of the authentication, with the token granting access to the
business in the result's 'authenticationToken' field. The URL that must
be used to access the business account NoteStore will be returned in the
result's 'noteStoreUrl' field. The 'User' field will
not be set in the result.
@throws EDAMUserException <ul>
<li> PERMISSION_DENIED "authenticationToken" - the provided authentication token
is a shared or business authentication token. </li>
<li> PERMISSION_DENIED "Business" - the user identified by the provided
authentication token is not currently a member of a business. </li>
<li> PERMISSION_DENIED "Business.status" - the business that the user is a
member of is not currently in an active status. </li>
</ul>
Parameters:
- authenticationToken
"""
pass
def refreshAuthentication(self, authenticationToken):
"""
This is used to take an existing authentication token (returned from
'authenticate') and exchange it for a newer token which will not expire
as soon. This must be invoked before the previous token expires.
This function is only availabe to Evernote's internal applications.
@param authenticationToken
The previous authentication token from the authenticate() result.
@return
The result of the authentication, with the new token in
the result's 'authenticationToken' field. The 'User' field will
not be set in the result.
Parameters:
- authenticationToken
"""
pass
def getUser(self, authenticationToken):
"""
Returns the User corresponding to the provided authentication token,
or throws an exception if this token is not valid.
The level of detail provided in the returned User structure depends on
the access level granted by the token, so a web service client may receive
fewer fields than an integrated desktop client.
Parameters:
- authenticationToken
"""
pass
def getPublicUserInfo(self, username):
"""
Asks the UserStore about the publicly available location information for
a particular username.
@throws EDAMUserException <ul>
<li> DATA_REQUIRED "username" - username is empty
</ul>
Parameters:
- username
"""
pass
def getPremiumInfo(self, authenticationToken):
"""
Returns information regarding a user's Premium account corresponding to the
provided authentication token, or throws an exception if this token is not
valid.
Parameters:
- authenticationToken
"""
pass
def getNoteStoreUrl(self, authenticationToken):
"""
Returns the URL that should be used to talk to the NoteStore for the
account represented by the provided authenticationToken.
This method isn't needed by most clients, who can retrieve the correct
NoteStore URL from the AuthenticationResult returned from the authenticate
or refreshAuthentication calls. This method is typically only needed
to look up the correct URL for a long-lived session token (e.g. for an
OAuth web service).
Parameters:
- authenticationToken
"""
pass
class Client(Iface):
"""
Service: UserStore
<p>
The UserStore service is primarily used by EDAM clients to establish
authentication via username and password over a trusted connection (e.g.
SSL). A client's first call to this interface should be checkVersion() to
ensure that the client's software is up to date.
</p>
All calls which require an authenticationToken may throw an
EDAMUserException for the following reasons:
<ul>
<li> AUTH_EXPIRED "authenticationToken" - token has expired
<li> BAD_DATA_FORMAT "authenticationToken" - token is malformed
<li> DATA_REQUIRED "authenticationToken" - token is empty
<li> INVALID_AUTH "authenticationToken" - token signature is invalid
</ul>
"""
def __init__(self, iprot, oprot=None):
self._iprot = self._oprot = iprot
if oprot is not None:
self._oprot = oprot
self._seqid = 0
def checkVersion(self, clientName, edamVersionMajor, edamVersionMinor):
"""
This should be the first call made by a client to the EDAM service. It
tells the service what protocol version is used by the client. The
service will then return true if the client is capable of talking to
the service, and false if the client's protocol version is incompatible
with the service, so the client must upgrade. If a client receives a
false value, it should report the incompatibility to the user and not
continue with any more EDAM requests (UserStore or NoteStore).
@param clientName
This string provides some information about the client for
tracking/logging on the service. It should provide information about
the client's software and platform. The structure should be:
application/version; platform/version; [ device/version ]
E.g. "Evernote Windows/3.0.1; Windows/XP SP3".
@param edamVersionMajor
This should be the major protocol version that was compiled by the
client. This should be the current value of the EDAM_VERSION_MAJOR
constant for the client.
@param edamVersionMinor
This should be the major protocol version that was compiled by the
client. This should be the current value of the EDAM_VERSION_MINOR
constant for the client.
Parameters:
- clientName
- edamVersionMajor
- edamVersionMinor
"""
self.send_checkVersion(clientName, edamVersionMajor, edamVersionMinor)
return self.recv_checkVersion()
def send_checkVersion(self, clientName, edamVersionMajor, edamVersionMinor):
self._oprot.writeMessageBegin('checkVersion', TMessageType.CALL, self._seqid)
args = checkVersion_args()
args.clientName = clientName
args.edamVersionMajor = edamVersionMajor
args.edamVersionMinor = edamVersionMinor
args.write(self._oprot)
self._oprot.writeMessageEnd()
self._oprot.trans.flush()
def recv_checkVersion(self, ):
(fname, mtype, rseqid) = self._iprot.readMessageBegin()
if mtype == TMessageType.EXCEPTION:
x = TApplicationException()
x.read(self._iprot)
self._iprot.readMessageEnd()
raise x
result = checkVersion_result()
result.read(self._iprot)
self._iprot.readMessageEnd()
if result.success is not None:
return result.success
raise TApplicationException(TApplicationException.MISSING_RESULT, "checkVersion failed: unknown result");
def getBootstrapInfo(self, locale):
"""
This provides bootstrap information to the client. Various bootstrap
profiles and settings may be used by the client to configure itself.
@param locale
The client's current locale, expressed in language[_country]
format. E.g., "en_US". See ISO-639 and ISO-3166 for valid
language and country codes.
@return
The bootstrap information suitable for this client.
Parameters:
- locale
"""
self.send_getBootstrapInfo(locale)
return self.recv_getBootstrapInfo()
def send_getBootstrapInfo(self, locale):
self._oprot.writeMessageBegin('getBootstrapInfo', TMessageType.CALL, self._seqid)
args = getBootstrapInfo_args()
args.locale = locale
args.write(self._oprot)
self._oprot.writeMessageEnd()
self._oprot.trans.flush()
def recv_getBootstrapInfo(self, ):
(fname, mtype, rseqid) = self._iprot.readMessageBegin()
if mtype == TMessageType.EXCEPTION:
x = TApplicationException()
x.read(self._iprot)
self._iprot.readMessageEnd()
raise x
result = getBootstrapInfo_result()
result.read(self._iprot)
self._iprot.readMessageEnd()
if result.success is not None:
return result.success
raise TApplicationException(TApplicationException.MISSING_RESULT, "getBootstrapInfo failed: unknown result");
def authenticate(self, username, password, consumerKey, consumerSecret, supportsTwoFactor):
"""
This is used to check a username and password in order to create a
short-lived authentication session that can be used for further actions.
This function is only available to Evernote's internal applications.
Third party applications must authenticate using OAuth as
described at
<a href="http://dev.evernote.com/documentation/cloud/">dev.evernote.com</a>.
@param username
The username (not numeric user ID) for the account to
authenticate against. This function will also accept the user's
registered email address in this parameter.
@param password
The plaintext password to check against the account. Since
this is not protected by the EDAM protocol, this information must be
provided over a protected transport (e.g. SSL).
@param consumerKey
The "consumer key" portion of the API key issued to the client application
by Evernote.
@param consumerSecret
The "consumer secret" portion of the API key issued to the client application
by Evernote.
@param supportsTwoFactor
Whether the calling application supports two-factor authentication. If this
parameter is false, this method will fail with the error code INVALID_AUTH and the
parameter "password" when called for a user who has enabled two-factor
authentication.
@return
<p>The result of the authentication. If the authentication was successful,
the AuthenticationResult.user field will be set with the full information
about the User.</p>
<p>If the user has two-factor authentication enabled,
AuthenticationResult.secondFactorRequired will be set and
AuthenticationResult.authenticationToken will contain a short-lived token
that may only be used to complete the two-factor authentication process by calling
UserStore.completeTwoFactorAuthentication.</p>
@throws EDAMUserException <ul>
<li> DATA_REQUIRED "username" - username is empty
<li> DATA_REQUIRED "password" - password is empty
<li> DATA_REQUIRED "consumerKey" - consumerKey is empty
<li> INVALID_AUTH "username" - username not found
<li> INVALID_AUTH "password" - password did not match
<li> INVALID_AUTH "consumerKey" - consumerKey is not authorized
<li> INVALID_AUTH "consumerSecret" - consumerSecret is incorrect
<li> PERMISSION_DENIED "User.active" - user account is closed
<li> PERMISSION_DENIED "User.tooManyFailuresTryAgainLater" - user has
failed authentication too often
</ul>
Parameters:
- username
- password
- consumerKey
- consumerSecret
- supportsTwoFactor
"""
self.send_authenticate(username, password, consumerKey, consumerSecret, supportsTwoFactor)
return self.recv_authenticate()
def send_authenticate(self, username, password, consumerKey, consumerSecret, supportsTwoFactor):
self._oprot.writeMessageBegin('authenticate', TMessageType.CALL, self._seqid)
args = authenticate_args()
args.username = username
args.password = password
args.consumerKey = consumerKey
args.consumerSecret = consumerSecret
args.supportsTwoFactor = supportsTwoFactor
args.write(self._oprot)
self._oprot.writeMessageEnd()
self._oprot.trans.flush()
def recv_authenticate(self, ):
(fname, mtype, rseqid) = self._iprot.readMessageBegin()
if mtype == TMessageType.EXCEPTION:
x = TApplicationException()
x.read(self._iprot)
self._iprot.readMessageEnd()
raise x
result = authenticate_result()
result.read(self._iprot)
self._iprot.readMessageEnd()
if result.success is not None:
return result.success
if result.userException is not None:
raise result.userException
if result.systemException is not None:
raise result.systemException
raise TApplicationException(TApplicationException.MISSING_RESULT, "authenticate failed: unknown result");
def authenticateLongSession(self, username, password, consumerKey, consumerSecret, deviceIdentifier, deviceDescription, supportsTwoFactor):
"""
This is used to check a username and password in order to create a
long-lived authentication token that can be used for further actions.
This function is not available to most third party applications,
which typically authenticate using OAuth as
described at
<a href="http://dev.evernote.com/documentation/cloud/">dev.evernote.com</a>.
If you believe that your application requires permission to authenticate
using username and password instead of OAuth, please contact Evernote
developer support by visiting
<a href="http://dev.evernote.com">dev.evernote.com</a>.
@param username
The username or registered email address of the account to
authenticate against.
@param password
The plaintext password to check against the account. Since
this is not protected by the EDAM protocol, this information must be
provided over a protected transport (i.e. SSL).
@param consumerKey
The "consumer key" portion of the API key issued to the client application
by Evernote.
@param consumerSecret
The "consumer secret" portion of the API key issued to the client application
by Evernote.
@param deviceIdentifier
An optional string, no more than 32 characters in length, that uniquely identifies
the device from which the authentication is being performed. This string allows
the service to return the same authentication token when a given application
requests authentication repeatedly from the same device. This may happen when the
user logs out of an application and then logs back in, or when the application is
uninstalled and later reinstalled. If no reliable device identifier can be created,
this value should be omitted. If set, the device identifier must be between
1 and EDAM_DEVICE_ID_LEN_MAX characters long and must match the regular expression
EDAM_DEVICE_ID_REGEX.
@param deviceDescription
A description of the device from which the authentication is being performed.
This field is displayed to the user in a list of authorized applications to
allow them to distinguish between multiple tokens issued to the same client
application on different devices. For example, the Evernote iOS client on
a user's iPhone and iPad might pass the iOS device names "Bob's iPhone" and
"Bob's iPad". The device description must be between 1 and
EDAM_DEVICE_DESCRIPTION_LEN_MAX characters long and must match the regular
expression EDAM_DEVICE_DESCRIPTION_REGEX.
@param supportsTwoFactor
Whether the calling application supports two-factor authentication. If this
parameter is false, this method will fail with the error code INVALID_AUTH and the
parameter "password" when called for a user who has enabled two-factor
authentication.
@return
<p>The result of the authentication. The level of detail provided in the returned
AuthenticationResult.User structure depends on the access level granted by
calling application's API key.</p>
<p>If the user has two-factor authentication enabled,
AuthenticationResult.secondFactorRequired will be set and
AuthenticationResult.authenticationToken will contain a short-lived token
that may only be used to complete the two-factor authentication process by calling
UserStore.completeTwoFactorAuthentication.</p>
@throws EDAMUserException <ul>
<li> DATA_REQUIRED "username" - username is empty
<li> DATA_REQUIRED "password" - password is empty
<li> DATA_REQUIRED "consumerKey" - consumerKey is empty
<li> DATA_REQUIRED "consumerSecret" - consumerSecret is empty
<li> DATA_REQUIRED "deviceDescription" - deviceDescription is empty
<li> BAD_DATA_FORMAT "deviceDescription" - deviceDescription is not valid.
<li> BAD_DATA_FORMAT "deviceIdentifier" - deviceIdentifier is not valid.
<li> INVALID_AUTH "username" - username not found
<li> INVALID_AUTH "password" - password did not match
<li> INVALID_AUTH "consumerKey" - consumerKey is not authorized
<li> INVALID_AUTH "consumerSecret" - consumerSecret is incorrect
<li> PERMISSION_DENIED "User.active" - user account is closed
<li> PERMISSION_DENIED "User.tooManyFailuresTryAgainLater" - user has
failed authentication too often
</ul>
Parameters:
- username
- password
- consumerKey
- consumerSecret
- deviceIdentifier
- deviceDescription
- supportsTwoFactor
"""
self.send_authenticateLongSession(username, password, consumerKey, consumerSecret, deviceIdentifier, deviceDescription, supportsTwoFactor)
return self.recv_authenticateLongSession()
def send_authenticateLongSession(self, username, password, consumerKey, consumerSecret, deviceIdentifier, deviceDescription, supportsTwoFactor):
self._oprot.writeMessageBegin('authenticateLongSession', TMessageType.CALL, self._seqid)
args = authenticateLongSession_args()
args.username = username
args.password = password
args.consumerKey = consumerKey
args.consumerSecret = consumerSecret
args.deviceIdentifier = deviceIdentifier
args.deviceDescription = deviceDescription
args.supportsTwoFactor = supportsTwoFactor
args.write(self._oprot)
self._oprot.writeMessageEnd()
self._oprot.trans.flush()
def recv_authenticateLongSession(self, ):
(fname, mtype, rseqid) = self._iprot.readMessageBegin()
if mtype == TMessageType.EXCEPTION:
x = TApplicationException()
x.read(self._iprot)
self._iprot.readMessageEnd()
raise x
result = authenticateLongSession_result()
result.read(self._iprot)
self._iprot.readMessageEnd()
if result.success is not None:
return result.success
if result.userException is not None:
raise result.userException
if result.systemException is not None:
raise result.systemException
raise TApplicationException(TApplicationException.MISSING_RESULT, "authenticateLongSession failed: unknown result");
def completeTwoFactorAuthentication(self, authenticationToken, oneTimeCode, deviceIdentifier, deviceDescription):
"""
Complete the authentication process when a second factor is required. This
call is made after a successful call to authenticate or authenticateLongSession
when the authenticating user has enabled two-factor authentication.
@param authenticationToken An authentication token returned by a previous
call to UserStore.authenticate or UserStore.authenticateLongSession that
could not be completed in a single call because a second factor was required.
@param oneTimeCode The one time code entered by the user. This value is delivered
out-of-band, typically via SMS or an authenticator application.
@param deviceIdentifier See the corresponding parameter in authenticateLongSession.
@param deviceDescription See the corresponding parameter in authenticateLongSession.
@return
The result of the authentication. The level of detail provided in the returned
AuthenticationResult.User structure depends on the access level granted by the
calling application's API key. If the initial authentication call was made to
authenticateLongSession, the AuthenticationResult will contain a long-lived
authentication token.
@throws EDAMUserException <ul>
<li> DATA_REQUIRED "authenticationToken" - authenticationToken is empty
<li> DATA_REQUIRED "oneTimeCode" - oneTimeCode is empty
<li> BAD_DATA_FORMAT "authenticationToken" - authenticationToken is not well formed
<li> INVALID_AUTH "oneTimeCode" - oneTimeCode did not match
<li> AUTH_EXPIRED "authenticationToken" - authenticationToken has expired
<li> PERMISSION_DENIED "authenticationToken" - authenticationToken is not valid
<li> PERMISSION_DENIED "User.active" - user account is closed
<li> PERMISSION_DENIED "User.tooManyFailuresTryAgainLater" - user has
failed authentication too often
<li> DATA_CONFLICT "User.twoFactorAuthentication" - The user has not enabled
two-factor authentication.</li>
</ul>
Parameters:
- authenticationToken
- oneTimeCode
- deviceIdentifier
- deviceDescription
"""
self.send_completeTwoFactorAuthentication(authenticationToken, oneTimeCode, deviceIdentifier, deviceDescription)
return self.recv_completeTwoFactorAuthentication()
def send_completeTwoFactorAuthentication(self, authenticationToken, oneTimeCode, deviceIdentifier, deviceDescription):
self._oprot.writeMessageBegin('completeTwoFactorAuthentication', TMessageType.CALL, self._seqid)
args = completeTwoFactorAuthentication_args()
args.authenticationToken = authenticationToken
args.oneTimeCode = oneTimeCode
args.deviceIdentifier = deviceIdentifier
args.deviceDescription = deviceDescription
args.write(self._oprot)
self._oprot.writeMessageEnd()
self._oprot.trans.flush()
def recv_completeTwoFactorAuthentication(self, ):
(fname, mtype, rseqid) = self._iprot.readMessageBegin()
if mtype == TMessageType.EXCEPTION:
x = TApplicationException()
x.read(self._iprot)
self._iprot.readMessageEnd()
raise x
result = completeTwoFactorAuthentication_result()
result.read(self._iprot)
self._iprot.readMessageEnd()
if result.success is not None:
return result.success
if result.userException is not None:
raise result.userException
if result.systemException is not None:
raise result.systemException
raise TApplicationException(TApplicationException.MISSING_RESULT, "completeTwoFactorAuthentication failed: unknown result");
def revokeLongSession(self, authenticationToken):
"""
Revoke an existing long lived authentication token. This can be used to
revoke OAuth tokens or tokens created by calling authenticateLongSession,
and allows a user to effectively log out of Evernote from the perspective
of the application that holds the token. The authentication token that is
passed is immediately revoked and may not be used to call any authenticated
EDAM function.
@param authenticationToken the authentication token to revoke.
@throws EDAMUserException <ul>
<li> DATA_REQUIRED "authenticationToken" - no authentication token provided
<li> BAD_DATA_FORMAT "authenticationToken" - the authentication token is not well formed
<li> INVALID_AUTH "authenticationToken" - the authentication token is invalid
<li> AUTH_EXPIRED "authenticationToken" - the authentication token is expired or
is already revoked.
</ul>
Parameters:
- authenticationToken
"""
self.send_revokeLongSession(authenticationToken)
self.recv_revokeLongSession()
def send_revokeLongSession(self, authenticationToken):
self._oprot.writeMessageBegin('revokeLongSession', TMessageType.CALL, self._seqid)
args = revokeLongSession_args()
args.authenticationToken = authenticationToken
args.write(self._oprot)
self._oprot.writeMessageEnd()
self._oprot.trans.flush()
def recv_revokeLongSession(self, ):
(fname, mtype, rseqid) = self._iprot.readMessageBegin()
if mtype == TMessageType.EXCEPTION:
x = TApplicationException()
x.read(self._iprot)
self._iprot.readMessageEnd()
raise x
result = revokeLongSession_result()
result.read(self._iprot)
self._iprot.readMessageEnd()
if result.userException is not None:
raise result.userException
if result.systemException is not None:
raise result.systemException
return
def authenticateToBusiness(self, authenticationToken):
"""
This is used to take an existing authentication token that grants access
to an individual user account (returned from 'authenticate',
'authenticateLongSession' or an OAuth authorization) and obtain an additional
authentication token that may be used to access business notebooks if the user
is a member of an Evernote Business account.
The resulting authentication token may be used to make NoteStore API calls
against the business using the NoteStore URL returned in the result.
@param authenticationToken
The authentication token for the user. This may not be a shared authentication
token (returned by NoteStore.authenticateToSharedNotebook or
NoteStore.authenticateToSharedNote) or a business authentication token.
@return
The result of the authentication, with the token granting access to the
business in the result's 'authenticationToken' field. The URL that must
be used to access the business account NoteStore will be returned in the
result's 'noteStoreUrl' field. The 'User' field will
not be set in the result.
@throws EDAMUserException <ul>
<li> PERMISSION_DENIED "authenticationToken" - the provided authentication token
is a shared or business authentication token. </li>
<li> PERMISSION_DENIED "Business" - the user identified by the provided
authentication token is not currently a member of a business. </li>
<li> PERMISSION_DENIED "Business.status" - the business that the user is a
member of is not currently in an active status. </li>
</ul>
Parameters:
- authenticationToken
"""
self.send_authenticateToBusiness(authenticationToken)
return self.recv_authenticateToBusiness()
def send_authenticateToBusiness(self, authenticationToken):
self._oprot.writeMessageBegin('authenticateToBusiness', TMessageType.CALL, self._seqid)
args = authenticateToBusiness_args()
args.authenticationToken = authenticationToken
args.write(self._oprot)
self._oprot.writeMessageEnd()
self._oprot.trans.flush()
def recv_authenticateToBusiness(self, ):
(fname, mtype, rseqid) = self._iprot.readMessageBegin()
if mtype == TMessageType.EXCEPTION:
x = TApplicationException()
x.read(self._iprot)
self._iprot.readMessageEnd()
raise x
result = authenticateToBusiness_result()
result.read(self._iprot)
self._iprot.readMessageEnd()
if result.success is not None:
return result.success
if result.userException is not None:
raise result.userException
if result.systemException is not None:
raise result.systemException
raise TApplicationException(TApplicationException.MISSING_RESULT, "authenticateToBusiness failed: unknown result");
def refreshAuthentication(self, authenticationToken):
"""
This is used to take an existing authentication token (returned from
'authenticate') and exchange it for a newer token which will not expire
as soon. This must be invoked before the previous token expires.
This function is only availabe to Evernote's internal applications.
@param authenticationToken
The previous authentication token from the authenticate() result.
@return
The result of the authentication, with the new token in
the result's 'authenticationToken' field. The 'User' field will
not be set in the result.
Parameters:
- authenticationToken
"""
self.send_refreshAuthentication(authenticationToken)
return self.recv_refreshAuthentication()
def send_refreshAuthentication(self, authenticationToken):
self._oprot.writeMessageBegin('refreshAuthentication', TMessageType.CALL, self._seqid)
args = refreshAuthentication_args()
args.authenticationToken = authenticationToken
args.write(self._oprot)
self._oprot.writeMessageEnd()