core fastcomments sso - untested

Author: CarsonBurke

core/examples/secure_sso.py

@@ -0,0 +1,2 @@
+def main():
+    pass

core/examples/simple_sso.py

@@ -0,0 +1,2 @@
+def main():
+    pass

core/requirements.txt

@@ -0,0 +1,2 @@
+hmac
+hashlib

core/sso/fastcomments_sso.py

@@ -0,0 +1,68 @@
+import re
+from core.sso import secure_sso_user_data
+from core.sso import secure_sso_payload
+import time
+
+from core.sso.helpers import create_verification_hash
+from core.sso.secure_sso_payload import SecureSSOPayload
+from core.sso.secure_sso_user_data import SecureSSOUserData
+from core.sso.simple_sso_user_data import SimpleSSOUserData
+from core.sso import simple_sso_user_data
+
+
+class FastCommentsSSO:
+    def __init__(self, secure_sso_payload, simple_sso_user_data, login_url: str | None = None, logout_url: str | None = None):
+        self.secure_sso_payload = secure_sso_payload
+        self.simple_sso_user_data = simple_sso_user_data
+        self.login_url = login_url
+        self.logout_url = logout_url
+
+    @classmethod
+    def new_secure(cls, api_key: str, secure_sso_user_data: SecureSSOUserData):
+        timestamp = int(time.time())
+
+        user_data_str = secure_sso_user_data.as_json_base64()
+        hash = create_verification_hash(api_key, timestamp, user_data_str)
+
+        payload = SecureSSOPayload(user_data_str, hash, timestamp)
+        return cls(secure_sso_payload = payload, simple_sso_user_data = None)
+
+    @classmethod
+    def new_simple(cls, simple_sso_user_data: SimpleSSOUserData):
+        return cls(secure_sso_payload = None, simple_sso_user_data = simple_sso_user_data)
+
+    @classmethod
+    def new_secure_with_urls(
+        cls, secure_sso_payload: SecureSSOPayload,
+        login_url: str,
+        logout_url: str,
+    ):
+        return cls(secure_sso_payload, None, login_url, logout_url)
+
+    def create_token(self):
+        if self.secure_sso_payload:
+            return self.secure_sso_payload.toJSON()
+        elif self.simple_sso_user_data:
+            return self.simple_sso_user_data.toJSON()
+        else:
+            raise ValueError("No user data provided")
+
+    def reset_token(self):
+        self.cached_token = None
+    
+    def prepare_to_send(self):
+        if self.cached_token:
+            return self.cached_token
+            
+        self.cached_token = self.create_token()
+        return self.cached_token
+    
+    def set_secure_sso_payload(self, secure_sso_payload: SecureSSOPayload):
+        self.secure_sso_payload = secure_sso_payload
+        self.simple_sso_user_data = None
+        self.reset_token()
+    
+    def set_simple_sso_user_data(self, simple_sso_user_data: SimpleSSOUserData):
+        self.simple_sso_user_data = simple_sso_user_data
+        self.secure_sso_payload = None
+        self.reset_token()

core/sso/helpers.py

@@ -0,0 +1,28 @@
+import hmac
+import hashlib
+
+class CreateHashError(Exception):
+    """Error occurred during hash creation."""
+    pass
+
+def create_verification_hash(api_key: str, timestamp: int, user_data_json_base64: str):
+    try:
+        # Create message string by concatenating timestamp and base64 data
+        message_str = f"{timestamp}{user_data_json_base64}"
+        
+        # Create HMAC using SHA256 hash function
+        mac = hmac.new(
+            key=api_key.encode('utf-8'),
+            msg=message_str.encode('utf-8'),
+            digestmod=hashlib.sha256
+        )
+        
+        # Get digest as bytes then convert to hex
+        bytes_result = mac.digest()
+        return get_bytes_as_hex(bytes_result)
+        
+    except Exception as e:
+        raise CreateHashError(f"Failed to create verification hash: {str(e)}")
+    
+def get_bytes_as_hex(bytes_data: bytes) -> str:
+    return ''.join(f'{b:02x}' for b in bytes_data)

core/sso/secure_sso_payload.py

@@ -0,0 +1,14 @@
+import json
+
+class SecureSSOPayload:
+    def __init__(self, user_data_json_base64: str, verification_hash: str, timestamp: int):
+        self.user_data_json_base64 = user_data_json_base64
+        self.verification_hash = verification_hash
+        self.timestamp = timestamp
+
+    def toJSON(self):
+        return json.dumps(
+            self,
+            default=lambda o: o.__dict__, 
+            sort_keys=True,
+            indent=4)

core/sso/secure_sso_user_data.py

@@ -0,0 +1,23 @@
+import json
+import base64
+
+class SecureSSOUserData:
+    def __init__(self, user_id: str, email: str, username: str, avatar: str):
+        self.user_id = user_id
+        self.email = email
+        self.username = username
+        self.avatar = avatar
+    
+    def toJSON(self):
+        return json.dumps(
+            self,
+            default=lambda o: o.__dict__, 
+            sort_keys=True,
+            indent=4)
+    
+    def as_json_base64(self) -> str:
+        json_str = self.toJSON()
+        json_bytes = json_str.encode("utf-8")
+        
+        result = base64.b64encode(json_bytes)
+        return result.decode("utf-8")

core/sso/simple_sso_user_data.py

@@ -0,0 +1,14 @@
+import json
+
+class SimpleSSOUserData:
+    def __init__(self, user_id: str, email: str, avatar: str):
+        self.user_id = user_id
+        self.email = email
+        self.avatar = avatar
+    
+    def toJSON(self):
+        return json.dumps(
+            self,
+            default=lambda o: o.__dict__, 
+            sort_keys=True,
+            indent=4)