2019-03-09 07:44:56 +00:00
|
|
|
"""Helpers for mobile_app."""
|
|
|
|
import json
|
2019-10-21 08:05:41 +00:00
|
|
|
import logging
|
2019-03-09 07:44:56 +00:00
|
|
|
from typing import Callable, Dict, Tuple
|
|
|
|
|
2019-10-21 08:05:41 +00:00
|
|
|
from aiohttp.web import Response, json_response
|
|
|
|
from nacl.encoding import Base64Encoder
|
|
|
|
from nacl.secret import SecretBox
|
2019-03-09 07:44:56 +00:00
|
|
|
|
2021-03-02 11:52:00 +00:00
|
|
|
from homeassistant.const import (
|
|
|
|
ATTR_DEVICE_ID,
|
|
|
|
CONTENT_TYPE_JSON,
|
|
|
|
HTTP_BAD_REQUEST,
|
|
|
|
HTTP_OK,
|
|
|
|
)
|
2019-03-09 07:44:56 +00:00
|
|
|
from homeassistant.core import Context
|
2019-04-01 04:30:45 +00:00
|
|
|
from homeassistant.helpers.json import JSONEncoder
|
2019-03-09 07:44:56 +00:00
|
|
|
from homeassistant.helpers.typing import HomeAssistantType
|
|
|
|
|
2019-07-31 19:25:30 +00:00
|
|
|
from .const import (
|
|
|
|
ATTR_APP_DATA,
|
|
|
|
ATTR_APP_ID,
|
|
|
|
ATTR_APP_NAME,
|
|
|
|
ATTR_APP_VERSION,
|
|
|
|
ATTR_DEVICE_NAME,
|
|
|
|
ATTR_MANUFACTURER,
|
|
|
|
ATTR_MODEL,
|
|
|
|
ATTR_OS_VERSION,
|
|
|
|
ATTR_SUPPORTS_ENCRYPTION,
|
|
|
|
CONF_SECRET,
|
|
|
|
CONF_USER_ID,
|
|
|
|
DATA_DELETED_IDS,
|
|
|
|
DOMAIN,
|
|
|
|
)
|
2019-03-09 07:44:56 +00:00
|
|
|
|
|
|
|
_LOGGER = logging.getLogger(__name__)
|
|
|
|
|
|
|
|
|
2019-03-11 12:34:58 +00:00
|
|
|
def setup_decrypt() -> Tuple[int, Callable]:
|
2019-03-09 07:44:56 +00:00
|
|
|
"""Return decryption function and length of key.
|
|
|
|
|
|
|
|
Async friendly.
|
|
|
|
"""
|
|
|
|
|
|
|
|
def decrypt(ciphertext, key):
|
|
|
|
"""Decrypt ciphertext using key."""
|
|
|
|
return SecretBox(key).decrypt(ciphertext, encoder=Base64Encoder)
|
2019-07-31 19:25:30 +00:00
|
|
|
|
2019-03-09 07:44:56 +00:00
|
|
|
return (SecretBox.KEY_SIZE, decrypt)
|
|
|
|
|
|
|
|
|
2019-03-11 12:34:58 +00:00
|
|
|
def setup_encrypt() -> Tuple[int, Callable]:
|
|
|
|
"""Return encryption function and length of key.
|
|
|
|
|
|
|
|
Async friendly.
|
|
|
|
"""
|
|
|
|
|
|
|
|
def encrypt(ciphertext, key):
|
|
|
|
"""Encrypt ciphertext using key."""
|
|
|
|
return SecretBox(key).encrypt(ciphertext, encoder=Base64Encoder)
|
2019-07-31 19:25:30 +00:00
|
|
|
|
2019-03-11 12:34:58 +00:00
|
|
|
return (SecretBox.KEY_SIZE, encrypt)
|
|
|
|
|
|
|
|
|
2019-03-09 07:44:56 +00:00
|
|
|
def _decrypt_payload(key: str, ciphertext: str) -> Dict[str, str]:
|
|
|
|
"""Decrypt encrypted payload."""
|
|
|
|
try:
|
2019-03-11 12:34:58 +00:00
|
|
|
keylen, decrypt = setup_decrypt()
|
2019-03-09 07:44:56 +00:00
|
|
|
except OSError:
|
2019-07-31 19:25:30 +00:00
|
|
|
_LOGGER.warning("Ignoring encrypted payload because libsodium not installed")
|
2019-03-09 07:44:56 +00:00
|
|
|
return None
|
|
|
|
|
|
|
|
if key is None:
|
2019-07-31 19:25:30 +00:00
|
|
|
_LOGGER.warning("Ignoring encrypted payload because no decryption key known")
|
2019-03-09 07:44:56 +00:00
|
|
|
return None
|
|
|
|
|
|
|
|
key = key.encode("utf-8")
|
|
|
|
key = key[:keylen]
|
2019-07-31 19:25:30 +00:00
|
|
|
key = key.ljust(keylen, b"\0")
|
2019-03-09 07:44:56 +00:00
|
|
|
|
|
|
|
try:
|
|
|
|
message = decrypt(ciphertext, key)
|
|
|
|
message = json.loads(message.decode("utf-8"))
|
|
|
|
_LOGGER.debug("Successfully decrypted mobile_app payload")
|
|
|
|
return message
|
|
|
|
except ValueError:
|
|
|
|
_LOGGER.warning("Ignoring encrypted payload because unable to decrypt")
|
|
|
|
return None
|
|
|
|
|
|
|
|
|
|
|
|
def registration_context(registration: Dict) -> Context:
|
|
|
|
"""Generate a context from a request."""
|
|
|
|
return Context(user_id=registration[CONF_USER_ID])
|
|
|
|
|
|
|
|
|
2020-04-08 16:47:38 +00:00
|
|
|
def empty_okay_response(headers: Dict = None, status: int = HTTP_OK) -> Response:
|
2019-03-09 07:44:56 +00:00
|
|
|
"""Return a Response with empty JSON object and a 200."""
|
2019-07-31 19:25:30 +00:00
|
|
|
return Response(
|
2020-09-23 18:21:55 +00:00
|
|
|
text="{}", status=status, content_type=CONTENT_TYPE_JSON, headers=headers
|
2019-07-31 19:25:30 +00:00
|
|
|
)
|
2019-03-09 07:44:56 +00:00
|
|
|
|
|
|
|
|
2019-07-31 19:25:30 +00:00
|
|
|
def error_response(
|
2020-04-09 19:43:42 +00:00
|
|
|
code: str, message: str, status: int = HTTP_BAD_REQUEST, headers: dict = None
|
2019-07-31 19:25:30 +00:00
|
|
|
) -> Response:
|
2019-03-13 05:04:27 +00:00
|
|
|
"""Return an error Response."""
|
2019-07-31 19:25:30 +00:00
|
|
|
return json_response(
|
|
|
|
{"success": False, "error": {"code": code, "message": message}},
|
|
|
|
status=status,
|
|
|
|
headers=headers,
|
|
|
|
)
|
2019-03-13 05:04:27 +00:00
|
|
|
|
|
|
|
|
2019-03-09 07:44:56 +00:00
|
|
|
def supports_encryption() -> bool:
|
|
|
|
"""Test if we support encryption."""
|
|
|
|
try:
|
2019-12-05 15:59:31 +00:00
|
|
|
import nacl # noqa: F401 pylint: disable=unused-import, import-outside-toplevel
|
2019-07-31 19:25:30 +00:00
|
|
|
|
2019-03-09 07:44:56 +00:00
|
|
|
return True
|
|
|
|
except OSError:
|
|
|
|
return False
|
|
|
|
|
|
|
|
|
|
|
|
def safe_registration(registration: Dict) -> Dict:
|
|
|
|
"""Return a registration without sensitive values."""
|
|
|
|
# Sensitive values: webhook_id, secret, cloudhook_url
|
|
|
|
return {
|
|
|
|
ATTR_APP_DATA: registration[ATTR_APP_DATA],
|
|
|
|
ATTR_APP_ID: registration[ATTR_APP_ID],
|
|
|
|
ATTR_APP_NAME: registration[ATTR_APP_NAME],
|
|
|
|
ATTR_APP_VERSION: registration[ATTR_APP_VERSION],
|
|
|
|
ATTR_DEVICE_NAME: registration[ATTR_DEVICE_NAME],
|
|
|
|
ATTR_MANUFACTURER: registration[ATTR_MANUFACTURER],
|
|
|
|
ATTR_MODEL: registration[ATTR_MODEL],
|
|
|
|
ATTR_OS_VERSION: registration[ATTR_OS_VERSION],
|
|
|
|
ATTR_SUPPORTS_ENCRYPTION: registration[ATTR_SUPPORTS_ENCRYPTION],
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
def savable_state(hass: HomeAssistantType) -> Dict:
|
|
|
|
"""Return a clean object containing things that should be saved."""
|
|
|
|
return {
|
|
|
|
DATA_DELETED_IDS: hass.data[DOMAIN][DATA_DELETED_IDS],
|
|
|
|
}
|
2019-03-11 12:34:58 +00:00
|
|
|
|
|
|
|
|
2019-07-31 19:25:30 +00:00
|
|
|
def webhook_response(
|
2020-04-08 16:47:38 +00:00
|
|
|
data, *, registration: Dict, status: int = HTTP_OK, headers: Dict = None
|
2019-07-31 19:25:30 +00:00
|
|
|
) -> Response:
|
2019-03-11 12:34:58 +00:00
|
|
|
"""Return a encrypted response if registration supports it."""
|
2019-04-01 04:30:45 +00:00
|
|
|
data = json.dumps(data, cls=JSONEncoder)
|
2019-03-11 12:34:58 +00:00
|
|
|
|
2019-04-01 04:30:45 +00:00
|
|
|
if registration[ATTR_SUPPORTS_ENCRYPTION]:
|
2019-03-11 12:34:58 +00:00
|
|
|
keylen, encrypt = setup_encrypt()
|
|
|
|
|
|
|
|
key = registration[CONF_SECRET].encode("utf-8")
|
|
|
|
key = key[:keylen]
|
2019-07-31 19:25:30 +00:00
|
|
|
key = key.ljust(keylen, b"\0")
|
2019-03-11 12:34:58 +00:00
|
|
|
|
|
|
|
enc_data = encrypt(data.encode("utf-8"), key).decode("utf-8")
|
2019-07-31 19:25:30 +00:00
|
|
|
data = json.dumps({"encrypted": True, "encrypted_data": enc_data})
|
2019-03-11 12:34:58 +00:00
|
|
|
|
2019-07-31 19:25:30 +00:00
|
|
|
return Response(
|
2020-09-23 18:21:55 +00:00
|
|
|
text=data, status=status, content_type=CONTENT_TYPE_JSON, headers=headers
|
2019-07-31 19:25:30 +00:00
|
|
|
)
|
2019-06-01 06:01:45 +00:00
|
|
|
|
|
|
|
|
|
|
|
def device_info(registration: Dict) -> Dict:
|
|
|
|
"""Return the device info for this registration."""
|
|
|
|
return {
|
2019-07-31 19:25:30 +00:00
|
|
|
"identifiers": {(DOMAIN, registration[ATTR_DEVICE_ID])},
|
|
|
|
"manufacturer": registration[ATTR_MANUFACTURER],
|
|
|
|
"model": registration[ATTR_MODEL],
|
|
|
|
"device_name": registration[ATTR_DEVICE_NAME],
|
|
|
|
"sw_version": registration[ATTR_OS_VERSION],
|
2019-06-01 06:01:45 +00:00
|
|
|
}
|