-
Notifications
You must be signed in to change notification settings - Fork 1.2k
/
login.go
483 lines (446 loc) · 16.7 KB
/
login.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
// Auto-generated to Go types and interfaces using avdl-compiler v1.4.10 (https://github.com/keybase/node-avdl-compiler)
// Input file: avdl/keybase1/login.avdl
package keybase1
import (
"github.com/keybase/go-framed-msgpack-rpc/rpc"
context "golang.org/x/net/context"
"time"
)
type ConfiguredAccount struct {
Username string `codec:"username" json:"username"`
Fullname FullName `codec:"fullname" json:"fullname"`
HasStoredSecret bool `codec:"hasStoredSecret" json:"hasStoredSecret"`
IsCurrent bool `codec:"isCurrent" json:"isCurrent"`
}
func (o ConfiguredAccount) DeepCopy() ConfiguredAccount {
return ConfiguredAccount{
Username: o.Username,
Fullname: o.Fullname.DeepCopy(),
HasStoredSecret: o.HasStoredSecret,
IsCurrent: o.IsCurrent,
}
}
type GetConfiguredAccountsArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
}
type LoginArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
DeviceType DeviceTypeV2 `codec:"deviceType" json:"deviceType"`
Username string `codec:"username" json:"username"`
ClientType ClientType `codec:"clientType" json:"clientType"`
DoUserSwitch bool `codec:"doUserSwitch" json:"doUserSwitch"`
PaperKey string `codec:"paperKey" json:"paperKey"`
DeviceName string `codec:"deviceName" json:"deviceName"`
}
type LoginProvisionedDeviceArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
Username string `codec:"username" json:"username"`
NoPassphrasePrompt bool `codec:"noPassphrasePrompt" json:"noPassphrasePrompt"`
}
type LoginWithPaperKeyArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
Username string `codec:"username" json:"username"`
}
type LogoutArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
Force bool `codec:"force" json:"force"`
KeepSecrets bool `codec:"keepSecrets" json:"keepSecrets"`
}
type DeprovisionArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
Username string `codec:"username" json:"username"`
DoRevoke bool `codec:"doRevoke" json:"doRevoke"`
}
type RecoverAccountFromEmailAddressArg struct {
Email string `codec:"email" json:"email"`
}
type RecoverPassphraseArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
Username string `codec:"username" json:"username"`
}
type PaperKeyArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
}
type PaperKeySubmitArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
PaperPhrase string `codec:"paperPhrase" json:"paperPhrase"`
}
type UnlockArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
}
type UnlockWithPassphraseArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
Passphrase string `codec:"passphrase" json:"passphrase"`
}
type AccountDeleteArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
Passphrase *string `codec:"passphrase,omitempty" json:"passphrase,omitempty"`
}
type LoginOneshotArg struct {
SessionID int `codec:"sessionID" json:"sessionID"`
Username string `codec:"username" json:"username"`
PaperKey string `codec:"paperKey" json:"paperKey"`
}
type IsOnlineArg struct {
}
type LoginInterface interface {
// Returns an array of information about accounts configured on the local
// machine. Currently configured accounts are defined as those that have stored
// secrets, but this definition may be expanded in the future.
GetConfiguredAccounts(context.Context, int) ([]ConfiguredAccount, error)
// Performs login. deviceType should be keybase1.DeviceTypeV2_DESKTOP
// or keybase1.DeviceTypeV2_MOBILE. username is optional. If the current
// device isn't provisioned, this function will provision it.
Login(context.Context, LoginArg) error
// Login a user only if the user is on a provisioned device. Username is optional.
// If noPassphrasePrompt is set, then only a stored secret will be used to unlock
// the device keys.
LoginProvisionedDevice(context.Context, LoginProvisionedDeviceArg) error
// Login and unlock by
// - trying unlocked device keys if available
// - prompting for a paper key and using that
LoginWithPaperKey(context.Context, LoginWithPaperKeyArg) error
Logout(context.Context, LogoutArg) error
Deprovision(context.Context, DeprovisionArg) error
RecoverAccountFromEmailAddress(context.Context, string) error
// Guide the user through possibilities of changing their passphrase.
// Lets them change their passphrase using a paper key or enter the reset pipeline.
RecoverPassphrase(context.Context, RecoverPassphraseArg) error
// PaperKey generates paper backup keys for restoring an account.
// It calls login_ui.displayPaperKeyPhrase with the phrase.
PaperKey(context.Context, int) error
// paperKeySubmit checks that paperPhrase is a valid paper key
// for the logged in user, caches the keys, and sends a notification.
PaperKeySubmit(context.Context, PaperKeySubmitArg) error
// Unlock restores access to local key store by priming passphrase stream cache.
Unlock(context.Context, int) error
UnlockWithPassphrase(context.Context, UnlockWithPassphraseArg) error
// accountDelete deletes the current user's account.
AccountDelete(context.Context, AccountDeleteArg) error
// loginOneshot allows a service to have a "onetime login", without
// provisioning a device. It bootstraps credentials with the given
// paperkey
LoginOneshot(context.Context, LoginOneshotArg) error
// isOnline returns whether the device is able to open a connection to keybase.io.
// Used for determining whether to offer proxy settings on the login screen.
IsOnline(context.Context) (bool, error)
}
func LoginProtocol(i LoginInterface) rpc.Protocol {
return rpc.Protocol{
Name: "keybase.1.login",
Methods: map[string]rpc.ServeHandlerDescription{
"getConfiguredAccounts": {
MakeArg: func() interface{} {
var ret [1]GetConfiguredAccountsArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]GetConfiguredAccountsArg)
if !ok {
err = rpc.NewTypeError((*[1]GetConfiguredAccountsArg)(nil), args)
return
}
ret, err = i.GetConfiguredAccounts(ctx, typedArgs[0].SessionID)
return
},
},
"login": {
MakeArg: func() interface{} {
var ret [1]LoginArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]LoginArg)
if !ok {
err = rpc.NewTypeError((*[1]LoginArg)(nil), args)
return
}
err = i.Login(ctx, typedArgs[0])
return
},
},
"loginProvisionedDevice": {
MakeArg: func() interface{} {
var ret [1]LoginProvisionedDeviceArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]LoginProvisionedDeviceArg)
if !ok {
err = rpc.NewTypeError((*[1]LoginProvisionedDeviceArg)(nil), args)
return
}
err = i.LoginProvisionedDevice(ctx, typedArgs[0])
return
},
},
"loginWithPaperKey": {
MakeArg: func() interface{} {
var ret [1]LoginWithPaperKeyArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]LoginWithPaperKeyArg)
if !ok {
err = rpc.NewTypeError((*[1]LoginWithPaperKeyArg)(nil), args)
return
}
err = i.LoginWithPaperKey(ctx, typedArgs[0])
return
},
},
"logout": {
MakeArg: func() interface{} {
var ret [1]LogoutArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]LogoutArg)
if !ok {
err = rpc.NewTypeError((*[1]LogoutArg)(nil), args)
return
}
err = i.Logout(ctx, typedArgs[0])
return
},
},
"deprovision": {
MakeArg: func() interface{} {
var ret [1]DeprovisionArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]DeprovisionArg)
if !ok {
err = rpc.NewTypeError((*[1]DeprovisionArg)(nil), args)
return
}
err = i.Deprovision(ctx, typedArgs[0])
return
},
},
"recoverAccountFromEmailAddress": {
MakeArg: func() interface{} {
var ret [1]RecoverAccountFromEmailAddressArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]RecoverAccountFromEmailAddressArg)
if !ok {
err = rpc.NewTypeError((*[1]RecoverAccountFromEmailAddressArg)(nil), args)
return
}
err = i.RecoverAccountFromEmailAddress(ctx, typedArgs[0].Email)
return
},
},
"recoverPassphrase": {
MakeArg: func() interface{} {
var ret [1]RecoverPassphraseArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]RecoverPassphraseArg)
if !ok {
err = rpc.NewTypeError((*[1]RecoverPassphraseArg)(nil), args)
return
}
err = i.RecoverPassphrase(ctx, typedArgs[0])
return
},
},
"paperKey": {
MakeArg: func() interface{} {
var ret [1]PaperKeyArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]PaperKeyArg)
if !ok {
err = rpc.NewTypeError((*[1]PaperKeyArg)(nil), args)
return
}
err = i.PaperKey(ctx, typedArgs[0].SessionID)
return
},
},
"paperKeySubmit": {
MakeArg: func() interface{} {
var ret [1]PaperKeySubmitArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]PaperKeySubmitArg)
if !ok {
err = rpc.NewTypeError((*[1]PaperKeySubmitArg)(nil), args)
return
}
err = i.PaperKeySubmit(ctx, typedArgs[0])
return
},
},
"unlock": {
MakeArg: func() interface{} {
var ret [1]UnlockArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]UnlockArg)
if !ok {
err = rpc.NewTypeError((*[1]UnlockArg)(nil), args)
return
}
err = i.Unlock(ctx, typedArgs[0].SessionID)
return
},
},
"unlockWithPassphrase": {
MakeArg: func() interface{} {
var ret [1]UnlockWithPassphraseArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]UnlockWithPassphraseArg)
if !ok {
err = rpc.NewTypeError((*[1]UnlockWithPassphraseArg)(nil), args)
return
}
err = i.UnlockWithPassphrase(ctx, typedArgs[0])
return
},
},
"accountDelete": {
MakeArg: func() interface{} {
var ret [1]AccountDeleteArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]AccountDeleteArg)
if !ok {
err = rpc.NewTypeError((*[1]AccountDeleteArg)(nil), args)
return
}
err = i.AccountDelete(ctx, typedArgs[0])
return
},
},
"loginOneshot": {
MakeArg: func() interface{} {
var ret [1]LoginOneshotArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
typedArgs, ok := args.(*[1]LoginOneshotArg)
if !ok {
err = rpc.NewTypeError((*[1]LoginOneshotArg)(nil), args)
return
}
err = i.LoginOneshot(ctx, typedArgs[0])
return
},
},
"isOnline": {
MakeArg: func() interface{} {
var ret [1]IsOnlineArg
return &ret
},
Handler: func(ctx context.Context, args interface{}) (ret interface{}, err error) {
ret, err = i.IsOnline(ctx)
return
},
},
},
}
}
type LoginClient struct {
Cli rpc.GenericClient
}
// Returns an array of information about accounts configured on the local
// machine. Currently configured accounts are defined as those that have stored
// secrets, but this definition may be expanded in the future.
func (c LoginClient) GetConfiguredAccounts(ctx context.Context, sessionID int) (res []ConfiguredAccount, err error) {
__arg := GetConfiguredAccountsArg{SessionID: sessionID}
err = c.Cli.Call(ctx, "keybase.1.login.getConfiguredAccounts", []interface{}{__arg}, &res, 0*time.Millisecond)
return
}
// Performs login. deviceType should be keybase1.DeviceTypeV2_DESKTOP
// or keybase1.DeviceTypeV2_MOBILE. username is optional. If the current
// device isn't provisioned, this function will provision it.
func (c LoginClient) Login(ctx context.Context, __arg LoginArg) (err error) {
err = c.Cli.Call(ctx, "keybase.1.login.login", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
// Login a user only if the user is on a provisioned device. Username is optional.
// If noPassphrasePrompt is set, then only a stored secret will be used to unlock
// the device keys.
func (c LoginClient) LoginProvisionedDevice(ctx context.Context, __arg LoginProvisionedDeviceArg) (err error) {
err = c.Cli.Call(ctx, "keybase.1.login.loginProvisionedDevice", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
// Login and unlock by
// - trying unlocked device keys if available
// - prompting for a paper key and using that
func (c LoginClient) LoginWithPaperKey(ctx context.Context, __arg LoginWithPaperKeyArg) (err error) {
err = c.Cli.Call(ctx, "keybase.1.login.loginWithPaperKey", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
func (c LoginClient) Logout(ctx context.Context, __arg LogoutArg) (err error) {
err = c.Cli.Call(ctx, "keybase.1.login.logout", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
func (c LoginClient) Deprovision(ctx context.Context, __arg DeprovisionArg) (err error) {
err = c.Cli.Call(ctx, "keybase.1.login.deprovision", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
func (c LoginClient) RecoverAccountFromEmailAddress(ctx context.Context, email string) (err error) {
__arg := RecoverAccountFromEmailAddressArg{Email: email}
err = c.Cli.Call(ctx, "keybase.1.login.recoverAccountFromEmailAddress", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
// Guide the user through possibilities of changing their passphrase.
// Lets them change their passphrase using a paper key or enter the reset pipeline.
func (c LoginClient) RecoverPassphrase(ctx context.Context, __arg RecoverPassphraseArg) (err error) {
err = c.Cli.Call(ctx, "keybase.1.login.recoverPassphrase", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
// PaperKey generates paper backup keys for restoring an account.
// It calls login_ui.displayPaperKeyPhrase with the phrase.
func (c LoginClient) PaperKey(ctx context.Context, sessionID int) (err error) {
__arg := PaperKeyArg{SessionID: sessionID}
err = c.Cli.Call(ctx, "keybase.1.login.paperKey", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
// paperKeySubmit checks that paperPhrase is a valid paper key
// for the logged in user, caches the keys, and sends a notification.
func (c LoginClient) PaperKeySubmit(ctx context.Context, __arg PaperKeySubmitArg) (err error) {
err = c.Cli.Call(ctx, "keybase.1.login.paperKeySubmit", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
// Unlock restores access to local key store by priming passphrase stream cache.
func (c LoginClient) Unlock(ctx context.Context, sessionID int) (err error) {
__arg := UnlockArg{SessionID: sessionID}
err = c.Cli.Call(ctx, "keybase.1.login.unlock", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
func (c LoginClient) UnlockWithPassphrase(ctx context.Context, __arg UnlockWithPassphraseArg) (err error) {
err = c.Cli.Call(ctx, "keybase.1.login.unlockWithPassphrase", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
// accountDelete deletes the current user's account.
func (c LoginClient) AccountDelete(ctx context.Context, __arg AccountDeleteArg) (err error) {
err = c.Cli.Call(ctx, "keybase.1.login.accountDelete", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
// loginOneshot allows a service to have a "onetime login", without
// provisioning a device. It bootstraps credentials with the given
// paperkey
func (c LoginClient) LoginOneshot(ctx context.Context, __arg LoginOneshotArg) (err error) {
err = c.Cli.Call(ctx, "keybase.1.login.loginOneshot", []interface{}{__arg}, nil, 0*time.Millisecond)
return
}
// isOnline returns whether the device is able to open a connection to keybase.io.
// Used for determining whether to offer proxy settings on the login screen.
func (c LoginClient) IsOnline(ctx context.Context) (res bool, err error) {
err = c.Cli.Call(ctx, "keybase.1.login.isOnline", []interface{}{IsOnlineArg{}}, &res, 0*time.Millisecond)
return
}