diff --git a/src/_zkapauthorizer/__init__.py b/src/_zkapauthorizer/__init__.py
index f19d34ad0cfc6894480f9a08edc630083545855c..8fe710e41a1aa81cfddf973117d3aef3651588a3 100644
--- a/src/_zkapauthorizer/__init__.py
+++ b/src/_zkapauthorizer/__init__.py
@@ -17,5 +17,6 @@ __all__ = [
]
from ._version import get_versions
-__version__ = get_versions()['version']
+
+__version__ = get_versions()["version"]
del get_versions
diff --git a/src/_zkapauthorizer/_base64.py b/src/_zkapauthorizer/_base64.py
index ed838f8ee1eafe9ee3eb434426635fb910c83883..fe020e4e01ae74ccacf8a1b755c2726a2c52e9f7 100644
--- a/src/_zkapauthorizer/_base64.py
+++ b/src/_zkapauthorizer/_base64.py
@@ -32,12 +32,13 @@ from base64 import (
b64decode as _b64decode,
)
-_b64decode_validator = _compile(b'^[A-Za-z0-9-_]*={0,2}$')
+_b64decode_validator = _compile(b"^[A-Za-z0-9-_]*={0,2}$")
+
def urlsafe_b64decode(s):
"""
Like ``base64.b64decode`` but with validation.
"""
if not _b64decode_validator.match(s):
- raise Error('Non-base64 digit found')
+ raise Error("Non-base64 digit found")
return _b64decode(s, altchars=b"-_")
diff --git a/src/_zkapauthorizer/_plugin.py b/src/_zkapauthorizer/_plugin.py
index caa0906615d615fe04f433723eee81a83b8ee2f3..66a5f4383eed55024796a54afa24bd82b61890b3 100644
--- a/src/_zkapauthorizer/_plugin.py
+++ b/src/_zkapauthorizer/_plugin.py
@@ -90,6 +90,7 @@ from .lease_maintenance import (
_log = Logger()
+
@implementer(IAnnounceableStorageServer)
@attr.s
class AnnounceableStorageServer(object):
@@ -112,6 +113,7 @@ class ZKAPAuthorizer(object):
forces different methods to use instance state to share a database
connection.
"""
+
name = attr.ib(default=u"privatestorageio-zkapauthz-v1")
_stores = attr.ib(default=attr.Factory(WeakValueDictionary))
@@ -120,7 +122,7 @@ class ZKAPAuthorizer(object):
:return VoucherStore: The database for the given node. At most one
connection is made to the database per ``ZKAPAuthorizer`` instance.
"""
- key = node_config.get_config_path()
+ key = node_config.get_config_path()
try:
s = self._stores[key]
except KeyError:
@@ -128,7 +130,6 @@ class ZKAPAuthorizer(object):
self._stores[key] = s
return s
-
def _get_redeemer(self, node_config, announcement, reactor):
"""
:return IRedeemer: The voucher redeemer indicated by the given
@@ -137,7 +138,6 @@ class ZKAPAuthorizer(object):
"""
return get_redeemer(self.name, node_config, announcement, reactor)
-
def get_storage_server(self, configuration, get_anonymous_storage_server):
kwargs = configuration.copy()
root_url = kwargs.pop(u"ristretto-issuer-root-url")
@@ -163,7 +163,6 @@ class ZKAPAuthorizer(object):
),
)
-
def get_storage_client(self, node_config, announcement, get_rref):
"""
Create an ``IStorageClient`` that submits ZKAPs with certain requests in
@@ -172,19 +171,19 @@ class ZKAPAuthorizer(object):
``node_config``.
"""
from twisted.internet import reactor
+
redeemer = self._get_redeemer(node_config, announcement, reactor)
store = self._get_store(node_config)
controller = SpendingController.for_store(
tokens_to_passes=redeemer.tokens_to_passes,
store=store,
- )
+ )
return ZKAPAuthorizerStorageClient(
get_configured_pass_value(node_config),
get_rref,
controller.get,
)
-
def get_client_resource(self, node_config, reactor=None):
"""
Get an ``IZKAPRoot`` for the given node configuration.
@@ -203,15 +202,20 @@ class ZKAPAuthorizer(object):
_init_storage = _Client.__dict__["init_storage"]
+
+
def maintenance_init_storage(self, announceable_storage_servers):
"""
A monkey-patched version of ``_Client.init_storage`` which also
initializes the lease maintenance service.
"""
from twisted.internet import reactor
+
result = _init_storage(self, announceable_storage_servers)
_maybe_attach_maintenance_service(reactor, self)
return result
+
+
_Client.init_storage = maintenance_init_storage
@@ -252,12 +256,14 @@ def _create_maintenance_service(reactor, node_config, client_node):
:param allmydata.client._Client client_node: The client node the lease
maintenance service will be attached to.
"""
+
def get_now():
return datetime.utcfromtimestamp(reactor.seconds())
from twisted.plugins.zkapauthorizer import (
storage_server,
)
+
store = storage_server._get_store(node_config)
# Create the operation which performs the lease maintenance job when
@@ -283,7 +289,9 @@ def _create_maintenance_service(reactor, node_config, client_node):
progress=store.start_lease_maintenance,
get_now=get_now,
)
- last_run_path = FilePath(node_config.get_private_path(b"last-lease-maintenance-run"))
+ last_run_path = FilePath(
+ node_config.get_private_path(b"last-lease-maintenance-run")
+ )
# Create the service to periodically run the lease maintenance operation.
return lease_maintenance_service(
maintain_leases,
diff --git a/src/_zkapauthorizer/_stack.py b/src/_zkapauthorizer/_stack.py
index 6fffe2cd73a6d241322269101f32afef7dfc0d73..518db3744b857b57eeb6423cdf6864e2bfc89b07 100644
--- a/src/_zkapauthorizer/_stack.py
+++ b/src/_zkapauthorizer/_stack.py
@@ -25,13 +25,14 @@ try:
except ImportError:
# Not available on Windows, unfortunately.
RLIMIT_STACK = object()
+
def getrlimit(which):
return (-1, -1)
+
def setrlimit(which, what):
pass
-
@contextmanager
def less_limited_stack():
"""
diff --git a/src/_zkapauthorizer/_storage_client.py b/src/_zkapauthorizer/_storage_client.py
index 656679768f898ae67a4a63ea2bac01f88bf9ec80..df88decffd1a48928f801b9a19a7a52110148eb0 100644
--- a/src/_zkapauthorizer/_storage_client.py
+++ b/src/_zkapauthorizer/_storage_client.py
@@ -78,6 +78,7 @@ class IncorrectStorageServerReference(Exception):
server instead references some other kind of object. This makes the
connection, and thus the configured storage server, unusable.
"""
+
def __init__(self, furl, actual_name, expected_name):
self.furl = furl
self.actual_name = actual_name
@@ -119,7 +120,9 @@ def invalidate_rejected_passes(passes, more_passes_required):
# suite... but let's not be so vulgar.
return None
SIGNATURE_CHECK_FAILED.log(count=num_failed)
- rejected_passes, okay_passes = passes.split(more_passes_required.signature_check_failed)
+ rejected_passes, okay_passes = passes.split(
+ more_passes_required.signature_check_failed
+ )
rejected_passes.mark_invalid(u"signature check failed")
# It would be great to just expand okay_passes right here. However, if
@@ -184,7 +187,9 @@ def call_with_passes_with_manual_spend(method, num_passes, get_passes, on_succes
pass_group = okay_pass_group
# Add the necessary number of new passes. This might
# fail if we don't have enough tokens.
- pass_group = pass_group.expand(num_passes - len(pass_group.passes))
+ pass_group = pass_group.expand(
+ num_passes - len(pass_group.passes)
+ )
else:
on_success(result, pass_group)
break
@@ -221,9 +226,11 @@ def with_rref(f):
The ``RemoteReference`` is retrieved by calling ``_rref`` on the first
argument passed to the function (expected to be ``self``).
"""
+
@wraps(f)
def g(self, *args, **kwargs):
return f(self, self._rref(), *args, **kwargs)
+
return g
@@ -233,11 +240,7 @@ def _encode_passes(group):
:return list[bytes]: The encoded form of the passes in the given group.
"""
- return list(
- t.pass_text.encode("ascii")
- for t
- in group.passes
- )
+ return list(t.pass_text.encode("ascii") for t in group.passes)
@implementer(IStorageServer)
@@ -265,6 +268,7 @@ class ZKAPAuthorizerStorageClient(object):
request for which they will be used. The second gives the number of
passes to request.
"""
+
_expected_remote_interface_name = (
"RIPrivacyPassAuthorizedStorageServer.tahoe.privatestorage.io"
)
@@ -302,10 +306,10 @@ class ZKAPAuthorizerStorageClient(object):
)
def _spend_for_allocate_buckets(
- self,
- allocated_size,
- result,
- pass_group,
+ self,
+ allocated_size,
+ result,
+ pass_group,
):
"""
Spend some subset of a pass group based on the results of an
@@ -336,16 +340,18 @@ class ZKAPAuthorizerStorageClient(object):
@with_rref
def allocate_buckets(
- self,
- rref,
- storage_index,
- renew_secret,
- cancel_secret,
- sharenums,
- allocated_size,
- canary,
+ self,
+ rref,
+ storage_index,
+ renew_secret,
+ cancel_secret,
+ sharenums,
+ allocated_size,
+ canary,
):
- num_passes = required_passes(self._pass_value, [allocated_size] * len(sharenums))
+ num_passes = required_passes(
+ self._pass_value, [allocated_size] * len(sharenums)
+ )
return call_with_passes_with_manual_spend(
lambda passes: rref.callRemote(
"allocate_buckets",
@@ -358,15 +364,18 @@ class ZKAPAuthorizerStorageClient(object):
canary,
),
num_passes,
- partial(self._get_passes, allocate_buckets_message(storage_index).encode("utf-8")),
+ partial(
+ self._get_passes,
+ allocate_buckets_message(storage_index).encode("utf-8"),
+ ),
partial(self._spend_for_allocate_buckets, allocated_size),
)
@with_rref
def get_buckets(
- self,
- rref,
- storage_index,
+ self,
+ rref,
+ storage_index,
):
return rref.callRemote(
"get_buckets",
@@ -376,17 +385,19 @@ class ZKAPAuthorizerStorageClient(object):
@inline_callbacks
@with_rref
def add_lease(
- self,
- rref,
- storage_index,
- renew_secret,
- cancel_secret,
+ self,
+ rref,
+ storage_index,
+ renew_secret,
+ cancel_secret,
):
- share_sizes = (yield rref.callRemote(
- "share_sizes",
- storage_index,
- None,
- )).values()
+ share_sizes = (
+ yield rref.callRemote(
+ "share_sizes",
+ storage_index,
+ None,
+ )
+ ).values()
num_passes = required_passes(self._pass_value, share_sizes)
result = yield call_with_passes(
@@ -411,12 +422,12 @@ class ZKAPAuthorizerStorageClient(object):
@with_rref
def advise_corrupt_share(
- self,
- rref,
- share_type,
- storage_index,
- shnum,
- reason,
+ self,
+ rref,
+ share_type,
+ storage_index,
+ shnum,
+ reason,
):
return rref.callRemote(
"advise_corrupt_share",
@@ -429,12 +440,12 @@ class ZKAPAuthorizerStorageClient(object):
@inline_callbacks
@with_rref
def slot_testv_and_readv_and_writev(
- self,
- rref,
- storage_index,
- secrets,
- tw_vectors,
- r_vector,
+ self,
+ rref,
+ storage_index,
+ secrets,
+ tw_vectors,
+ r_vector,
):
# Read operations are free.
num_passes = 0
@@ -459,8 +470,7 @@ class ZKAPAuthorizerStorageClient(object):
now = self._clock.seconds()
current_sizes = {
sharenum: stat.size
- for (sharenum, stat)
- in stats.items()
+ for (sharenum, stat) in stats.items()
if stat.lease_expiration > now
}
# Determine the cost of the new storage for the operation.
@@ -489,11 +499,11 @@ class ZKAPAuthorizerStorageClient(object):
@with_rref
def slot_readv(
- self,
- rref,
- storage_index,
- shares,
- r_vector,
+ self,
+ rref,
+ storage_index,
+ shares,
+ r_vector,
):
return rref.callRemote(
"slot_readv",
diff --git a/src/_zkapauthorizer/_storage_server.py b/src/_zkapauthorizer/_storage_server.py
index a7a5616f35ee934868c5a3ae3b33c1953bbbb98a..626870c3c883089eb2be597d9655f53d374f67d4 100644
--- a/src/_zkapauthorizer/_storage_server.py
+++ b/src/_zkapauthorizer/_storage_server.py
@@ -112,6 +112,7 @@ from .storage_common import (
SLOT_HEADER_SIZE = 468
LEASE_TRAILER_SIZE = 4
+
@attr.s
class _ValidationResult(object):
"""
@@ -123,6 +124,7 @@ class _ValidationResult(object):
:ivar list[int] signature_check_failed: A list of indexes (into the
validated list) of passes which did not have a correct signature.
"""
+
valid = attr.ib()
signature_check_failed = attr.ib()
@@ -145,7 +147,9 @@ class _ValidationResult(object):
proposed_signature = VerificationSignature.decode_base64(signature_base64)
unblinded_token = signing_key.rederive_unblinded_token(preimage)
verification_key = unblinded_token.derive_verification_key_sha512()
- invalid_pass = verification_key.invalid_sha512(proposed_signature, message.encode("utf-8"))
+ invalid_pass = verification_key.invalid_sha512(
+ proposed_signature, message.encode("utf-8")
+ )
return invalid_pass
except Exception:
# It would be pretty nice to log something here, sometimes, I guess?
@@ -195,7 +199,9 @@ class LeaseRenewalRequired(Exception):
"""
-@implementer_only(RIPrivacyPassAuthorizedStorageServer, IReferenceable, IRemotelyCallable)
+@implementer_only(
+ RIPrivacyPassAuthorizedStorageServer, IReferenceable, IRemotelyCallable
+)
# It would be great to use `frozen=True` (value-based hashing) instead of
# `cmp=False` (identity based hashing) but Referenceable wants to set some
# attributes on self and it's hard to avoid that.
@@ -229,7 +235,16 @@ class ZKAPAuthorizerStorageServer(Referenceable):
"""
return self._original.remote_get_version()
- def remote_allocate_buckets(self, passes, storage_index, renew_secret, cancel_secret, sharenums, allocated_size, canary):
+ def remote_allocate_buckets(
+ self,
+ passes,
+ storage_index,
+ renew_secret,
+ cancel_secret,
+ sharenums,
+ allocated_size,
+ canary,
+ ):
"""
Pass-through after a pass check to ensure that clients can only allocate
storage for immutable shares if they present valid passes.
@@ -310,8 +325,8 @@ class ZKAPAuthorizerStorageServer(Referenceable):
def remote_share_sizes(self, storage_index_or_slot, sharenums):
with start_action(
- action_type=u"zkapauthorizer:storage-server:remote:share-sizes",
- storage_index_or_slot=storage_index_or_slot,
+ action_type=u"zkapauthorizer:storage-server:remote:share-sizes",
+ storage_index_or_slot=storage_index_or_slot,
):
return dict(
get_share_sizes(self._original, storage_index_or_slot, sharenums)
@@ -320,17 +335,16 @@ class ZKAPAuthorizerStorageServer(Referenceable):
def remote_stat_shares(self, storage_indexes_or_slots):
return list(
dict(stat_share(self._original, storage_index_or_slot))
- for storage_index_or_slot
- in storage_indexes_or_slots
+ for storage_index_or_slot in storage_indexes_or_slots
)
def remote_slot_testv_and_readv_and_writev(
- self,
- passes,
- storage_index,
- secrets,
- tw_vectors,
- r_vector,
+ self,
+ passes,
+ storage_index,
+ secrets,
+ tw_vectors,
+ r_vector,
):
"""
Pass-through after a pass check to ensure clients can only allocate
@@ -341,9 +355,9 @@ class ZKAPAuthorizerStorageServer(Referenceable):
same from the perspective of pass validation.
"""
with start_action(
- action_type=u"zkapauthorizer:storage-server:remote:slot-testv-and-readv-and-writev",
- storage_index=b2a(storage_index),
- path=storage_index_to_dir(storage_index),
+ action_type=u"zkapauthorizer:storage-server:remote:slot-testv-and-readv-and-writev",
+ storage_index=b2a(storage_index),
+ path=storage_index_to_dir(storage_index),
):
result = self._slot_testv_and_readv_and_writev(
passes,
@@ -357,12 +371,12 @@ class ZKAPAuthorizerStorageServer(Referenceable):
return result
def _slot_testv_and_readv_and_writev(
- self,
- passes,
- storage_index,
- secrets,
- tw_vectors,
- r_vector,
+ self,
+ passes,
+ storage_index,
+ secrets,
+ tw_vectors,
+ r_vector,
):
# Only writes to shares without an active lease will result in a lease
# renewal.
@@ -380,11 +394,13 @@ class ZKAPAuthorizerStorageServer(Referenceable):
)
if has_active_lease(self._original, storage_index, self._clock.seconds()):
# Some of the storage is paid for already.
- current_sizes = dict(get_share_sizes(
- self._original,
- storage_index,
- tw_vectors.keys(),
- ))
+ current_sizes = dict(
+ get_share_sizes(
+ self._original,
+ storage_index,
+ tw_vectors.keys(),
+ )
+ )
# print("has writes, has active lease, current sizes: {}".format(current_sizes))
else:
# None of it is.
@@ -434,11 +450,7 @@ def has_active_lease(storage_server, storage_index, now):
with an expiration time after ``now``.
"""
leases = storage_server.get_slot_leases(storage_index)
- return any(
- lease.get_expiration_time() > now
- for lease
- in leases
- )
+ return any(lease.get_expiration_time() > now for lease in leases)
def check_pass_quantity(pass_value, validation, share_sizes):
@@ -463,7 +475,9 @@ def check_pass_quantity(pass_value, validation, share_sizes):
validation.raise_for(required_pass_count)
-def check_pass_quantity_for_lease(pass_value, storage_index, validation, storage_server):
+def check_pass_quantity_for_lease(
+ pass_value, storage_index, validation, storage_server
+):
"""
Check that the given number of passes is sufficient to add or renew a
lease for one period for the given storage index.
@@ -567,8 +581,9 @@ def get_share_sizes(storage_server, storage_index_or_slot, sharenums):
"""
return (
(sharenum, stat.size)
- for (sharenum, stat)
- in get_share_stats(storage_server, storage_index_or_slot, sharenums)
+ for (sharenum, stat) in get_share_stats(
+ storage_server, storage_index_or_slot, sharenums
+ )
)
@@ -592,7 +607,9 @@ def get_share_stats(storage_server, storage_index_or_slot, sharenums):
is a share number and the second element gives stats about that share.
"""
stat = None
- for sharenum, sharepath in get_all_share_paths(storage_server, storage_index_or_slot):
+ for sharenum, sharepath in get_all_share_paths(
+ storage_server, storage_index_or_slot
+ ):
if stat is None:
stat = get_stat(sharepath)
if sharenums is None or sharenum in sharenums:
@@ -699,7 +716,7 @@ def get_slot_share_size(sharepath):
"""
with open(sharepath, "rb") as share_file:
share_data_length_bytes = share_file.read(92)[-8:]
- (share_data_length,) = unpack('>Q', share_data_length_bytes)
+ (share_data_length,) = unpack(">Q", share_data_length_bytes)
return share_data_length
@@ -711,7 +728,9 @@ def stat_share(storage_server, storage_index_or_slot):
``ShareStat``.
"""
stat = None
- for sharenum, sharepath in get_all_share_paths(storage_server, storage_index_or_slot):
+ for sharenum, sharepath in get_all_share_paths(
+ storage_server, storage_index_or_slot
+ ):
if stat is None:
stat = get_stat(sharepath)
yield (sharenum, stat(storage_server, storage_index_or_slot, sharepath))
@@ -745,4 +764,5 @@ from foolscap.referenceable import (
from foolscap.ipb import (
ISlicer,
)
+
registerAdapter(ReferenceableSlicer, ZKAPAuthorizerStorageServer, ISlicer)
diff --git a/src/_zkapauthorizer/configutil.py b/src/_zkapauthorizer/configutil.py
index d87772d9052f63157a0bb83235a1bb5004eb5e9d..c8c955a17db38bbec0d5eabd0a641ddce3ecf58f 100644
--- a/src/_zkapauthorizer/configutil.py
+++ b/src/_zkapauthorizer/configutil.py
@@ -62,14 +62,15 @@ def config_string_from_sections(divided_sections):
last value wins).
"""
sections = _merge_dictionaries(divided_sections)
- return "".join(list(
- "[{name}]\n{items}\n".format(
- name=name,
- items="\n".join(
- "{key} = {value}".format(key=key, value=_tahoe_config_quote(value))
- for (key, value)
- in contents.items()
+ return "".join(
+ list(
+ "[{name}]\n{items}\n".format(
+ name=name,
+ items="\n".join(
+ "{key} = {value}".format(key=key, value=_tahoe_config_quote(value))
+ for (key, value) in contents.items()
+ ),
)
+ for (name, contents) in sections.items()
)
- for (name, contents) in sections.items()
- ))
+ )
diff --git a/src/_zkapauthorizer/controller.py b/src/_zkapauthorizer/controller.py
index 44a4b0211864796234874aca316066330635132b..881acb4a2ca2b5de3b628e8e89a21b90ce4ae4a9 100644
--- a/src/_zkapauthorizer/controller.py
+++ b/src/_zkapauthorizer/controller.py
@@ -104,11 +104,13 @@ from .model import (
RETRY_INTERVAL = timedelta(milliseconds=1000)
+
@attr.s
class UnexpectedResponse(Exception):
"""
The issuer responded in an unexpected and unhandled way.
"""
+
code = attr.ib()
body = attr.ib()
@@ -139,6 +141,7 @@ class RedemptionResult(object):
:ivar unicode public_key: The public key which the server proved was
involved in the redemption process.
"""
+
unblinded_tokens = attr.ib()
public_key = attr.ib()
@@ -147,6 +150,7 @@ class IRedeemer(Interface):
"""
An ``IRedeemer`` can exchange a voucher for one or more passes.
"""
+
def random_tokens_for_voucher(voucher, counter, count):
"""
Generate a number of random tokens to use in the redemption process for
@@ -222,6 +226,7 @@ class IndexedRedeemer(object):
A ``IndexedRedeemer`` delegates redemption to a redeemer chosen to
correspond to the redemption counter given.
"""
+
_log = Logger()
redeemers = attr.ib()
@@ -248,6 +253,7 @@ class NonRedeemer(object):
"""
A ``NonRedeemer`` never tries to redeem vouchers for ZKAPs.
"""
+
@classmethod
def make(cls, section_name, node_config, announcement, reactor):
return cls()
@@ -272,6 +278,7 @@ class ErrorRedeemer(object):
An ``ErrorRedeemer`` immediately locally fails voucher redemption with a
configured error.
"""
+
details = attr.ib(validator=attr.validators.instance_of(unicode))
@classmethod
@@ -301,6 +308,7 @@ class DoubleSpendRedeemer(object):
A ``DoubleSpendRedeemer`` pretends to try to redeem vouchers for ZKAPs but
always fails with an error indicating the voucher has already been spent.
"""
+
@classmethod
def make(cls, section_name, node_config, announcement, reactor):
return cls()
@@ -319,6 +327,7 @@ class UnpaidRedeemer(object):
An ``UnpaidRedeemer`` pretends to try to redeem vouchers for ZKAPs but
always fails with an error indicating the voucher has not been paid for.
"""
+
@classmethod
def make(cls, section_name, node_config, announcement, reactor):
return cls()
@@ -337,6 +346,7 @@ class RecordingRedeemer(object):
A ``CountingRedeemer`` delegates redemption logic to another object but
records all redemption attempts.
"""
+
original = attr.ib()
redemptions = attr.ib(default=attr.Factory(list))
@@ -350,6 +360,7 @@ class RecordingRedeemer(object):
def dummy_random_tokens(voucher, counter, count):
v = urlsafe_b64decode(voucher.number.encode("ascii"))
+
def dummy_random_token(n):
return RandomToken(
# Padding is 96 (random token length) - 32 (decoded voucher
@@ -358,11 +369,8 @@ def dummy_random_tokens(voucher, counter, count):
v + u"{:0>4}{:0>60}".format(counter, n).encode("ascii"),
).decode("ascii"),
)
- return list(
- dummy_random_token(n)
- for n
- in range(count)
- )
+
+ return list(dummy_random_token(n) for n in range(count))
@implementer(IRedeemer)
@@ -379,6 +387,7 @@ class DummyRedeemer(object):
Its corresponding private key certainly has not been used to sign
anything.
"""
+
_public_key = attr.ib(
validator=attr.validators.instance_of(unicode),
)
@@ -410,17 +419,15 @@ class DummyRedeemer(object):
voucher,
),
)
+
def dummy_unblinded_token(random_token):
random_value = b64decode(random_token.token_value.encode("ascii"))
unblinded_value = random_value + b"x" * (96 - len(random_value))
return UnblindedToken(b64encode(unblinded_value).decode("ascii"))
+
return succeed(
RedemptionResult(
- list(
- dummy_unblinded_token(token)
- for token
- in random_tokens
- ),
+ list(dummy_unblinded_token(token) for token in random_tokens),
self._public_key,
),
)
@@ -431,21 +438,20 @@ class DummyRedeemer(object):
# can include in the resulting Pass. This ensures the pass values
# will be unique if and only if the unblinded tokens were unique
# (barring improbable hash collisions).
- token_digest = sha256(
- token.unblinded_token.encode("ascii")
- ).hexdigest().encode("ascii")
+ token_digest = (
+ sha256(token.unblinded_token.encode("ascii"))
+ .hexdigest()
+ .encode("ascii")
+ )
- preimage = b"preimage-" + token_digest[len(b"preimage-"):]
- signature = b"signature-" + token_digest[len(b"signature-"):]
+ preimage = b"preimage-" + token_digest[len(b"preimage-") :]
+ signature = b"signature-" + token_digest[len(b"signature-") :]
return Pass(
b64encode(preimage).decode("ascii"),
b64encode(signature).decode("ascii"),
)
- return list(
- token_to_pass(token)
- for token
- in unblinded_tokens
- )
+
+ return list(token_to_pass(token) for token in unblinded_tokens)
class IssuerConfigurationMismatch(Exception):
@@ -470,6 +476,7 @@ class IssuerConfigurationMismatch(Exception):
ZKAPs and chooses to change its configured issuer address, those existing
ZKAPs will not be usable and new ones must be obtained.
"""
+
def __str__(self):
return "Announced issuer ({}) disagrees with configured issuer ({}).".format(
*self.args
@@ -489,6 +496,7 @@ class RistrettoRedeemer(object):
:ivar URL _api_root: The root of the issuer HTTP API.
"""
+
_log = Logger()
_treq = attr.ib()
@@ -522,31 +530,33 @@ class RistrettoRedeemer(object):
def random_tokens_for_voucher(self, voucher, counter, count):
return list(
RandomToken(
- challenge_bypass_ristretto.RandomToken.create().encode_base64().decode("ascii"),
+ challenge_bypass_ristretto.RandomToken.create()
+ .encode_base64()
+ .decode("ascii"),
)
- for n
- in range(count)
+ for n in range(count)
)
@inlineCallbacks
def redeemWithCounter(self, voucher, counter, encoded_random_tokens):
random_tokens = list(
- challenge_bypass_ristretto.RandomToken.decode_base64(token.token_value.encode("ascii"))
- for token
- in encoded_random_tokens
+ challenge_bypass_ristretto.RandomToken.decode_base64(
+ token.token_value.encode("ascii")
+ )
+ for token in encoded_random_tokens
)
blinded_tokens = list(token.blind() for token in random_tokens)
response = yield self._treq.post(
self._api_root.child(u"v1", u"redeem").to_text(),
- dumps({
- u"redeemVoucher": voucher.number,
- u"redeemCounter": counter,
- u"redeemTokens": list(
- token.encode_base64()
- for token
- in blinded_tokens
- ),
- }),
+ dumps(
+ {
+ u"redeemVoucher": voucher.number,
+ u"redeemCounter": counter,
+ u"redeemTokens": list(
+ token.encode_base64() for token in blinded_tokens
+ ),
+ }
+ ),
headers={b"content-type": b"application/json"},
)
response_body = yield content(response)
@@ -583,8 +593,7 @@ class RistrettoRedeemer(object):
challenge_bypass_ristretto.SignedToken.decode_base64(
marshaled_signed_token.encode("ascii"),
)
- for marshaled_signed_token
- in marshaled_signed_tokens
+ for marshaled_signed_token in marshaled_signed_tokens
)
self._log.info("Decoded signed tokens")
clients_proof = challenge_bypass_ristretto.BatchDLEQProof.decode_base64(
@@ -601,45 +610,39 @@ class RistrettoRedeemer(object):
self._log.info("Validated proof")
unblinded_tokens = list(
UnblindedToken(token.encode_base64().decode("ascii"))
- for token
- in clients_unblinded_tokens
+ for token in clients_unblinded_tokens
+ )
+ returnValue(
+ RedemptionResult(
+ unblinded_tokens,
+ marshaled_public_key,
+ )
)
- returnValue(RedemptionResult(
- unblinded_tokens,
- marshaled_public_key,
- ))
def tokens_to_passes(self, message, unblinded_tokens):
assert isinstance(message, bytes)
assert isinstance(unblinded_tokens, list)
assert all(isinstance(element, UnblindedToken) for element in unblinded_tokens)
unblinded_tokens = list(
- challenge_bypass_ristretto.UnblindedToken.decode_base64(token.unblinded_token.encode("ascii"))
- for token
- in unblinded_tokens
+ challenge_bypass_ristretto.UnblindedToken.decode_base64(
+ token.unblinded_token.encode("ascii")
+ )
+ for token in unblinded_tokens
)
clients_verification_keys = list(
- token.derive_verification_key_sha512()
- for token
- in unblinded_tokens
+ token.derive_verification_key_sha512() for token in unblinded_tokens
)
clients_signatures = list(
verification_key.sign_sha512(message)
- for verification_key
- in clients_verification_keys
- )
- clients_preimages = list(
- token.preimage()
- for token
- in unblinded_tokens
+ for verification_key in clients_verification_keys
)
+ clients_preimages = list(token.preimage() for token in unblinded_tokens)
passes = list(
Pass(
preimage.encode_base64().decode("ascii"),
signature.encode_base64().decode("ascii"),
)
- for (preimage, signature)
- in zip(clients_preimages, clients_signatures)
+ for (preimage, signature) in zip(clients_preimages, clients_signatures)
)
return passes
@@ -732,6 +735,7 @@ class PaymentController(object):
:ivar IReactorTime _clock: The reactor to use for scheduling redemption
retries.
"""
+
_log = Logger()
store = attr.ib()
@@ -801,7 +805,9 @@ class PaymentController(object):
voucher=voucher.number,
)
- def _get_random_tokens_for_voucher(self, voucher, counter, num_tokens, total_tokens):
+ def _get_random_tokens_for_voucher(
+ self, voucher, counter, num_tokens, total_tokens
+ ):
"""
Generate or load random tokens for a redemption attempt of a voucher.
@@ -810,6 +816,7 @@ class PaymentController(object):
:param int total_tokens: The total number of tokens for which this
voucher is expected to be redeemed.
"""
+
def get_tokens():
self._log.info(
"Generating random tokens for a voucher ({voucher}).",
@@ -878,7 +885,9 @@ class PaymentController(object):
# server signs a given set of random tokens once or many times, the
# number of passes that can be constructed is still only the size of
# the set of random tokens.
- token_count = token_count_for_group(self.num_redemption_groups, num_tokens, counter)
+ token_count = token_count_for_group(
+ self.num_redemption_groups, num_tokens, counter
+ )
tokens = self._get_random_tokens_for_voucher(
voucher,
counter,
@@ -915,7 +924,9 @@ class PaymentController(object):
)
# Ask the redeemer to do the real task of redemption.
- self._log.info("Redeeming random tokens for a voucher ({voucher}).", voucher=voucher)
+ self._log.info(
+ "Redeeming random tokens for a voucher ({voucher}).", voucher=voucher
+ )
d = bracket(
lambda: setitem(
self._active,
diff --git a/src/_zkapauthorizer/foolscap.py b/src/_zkapauthorizer/foolscap.py
index b8f12425e72f3c3e80df6350f59f16a6c93bb635..efe98fab4a9502750433033a178836a71de662f9 100644
--- a/src/_zkapauthorizer/foolscap.py
+++ b/src/_zkapauthorizer/foolscap.py
@@ -44,6 +44,7 @@ from allmydata.interfaces import (
Offset,
)
+
@attr.s
class ShareStat(Copyable, RemoteCopy):
"""
@@ -54,6 +55,7 @@ class ShareStat(Copyable, RemoteCopy):
:ivar int lease_expiration: The POSIX timestamp of the time at which the
lease on this share expires, or None if there is no lease.
"""
+
typeToCopy = copytype = "ShareStat"
# To be a RemoteCopy it must be possible to instantiate this with no
@@ -134,7 +136,8 @@ def add_arguments(schema, kwargs):
# arguments.
modified_schema.argumentNames = (
# The new arguments
- list(argName for (argName, _) in kwargs) +
+ list(argName for (argName, _) in kwargs)
+ +
# The original arguments in the original order
schema.argumentNames
)
@@ -151,9 +154,8 @@ class RIPrivacyPassAuthorizedStorageServer(RemoteInterface):
are expected to supply suitable passes and only after the passes have been
validated is service provided.
"""
- __remote_name__ = (
- "RIPrivacyPassAuthorizedStorageServer.tahoe.privatestorage.io"
- )
+
+ __remote_name__ = "RIPrivacyPassAuthorizedStorageServer.tahoe.privatestorage.io"
get_version = RIStorageServer["get_version"]
@@ -164,11 +166,11 @@ class RIPrivacyPassAuthorizedStorageServer(RemoteInterface):
get_buckets = RIStorageServer["get_buckets"]
def share_sizes(
- storage_index_or_slot=StorageIndex,
- # Notionally, ChoiceOf(None, SetOf(int, maxLength=MAX_BUCKETS)).
- # However, support for such a construction appears to be
- # unimplemented in Foolscap. So, instead...
- sharenums=Any(),
+ storage_index_or_slot=StorageIndex,
+ # Notionally, ChoiceOf(None, SetOf(int, maxLength=MAX_BUCKETS)).
+ # However, support for such a construction appears to be
+ # unimplemented in Foolscap. So, instead...
+ sharenums=Any(),
):
"""
Get the size of the given shares in the given storage index or slot. If a
@@ -177,7 +179,7 @@ class RIPrivacyPassAuthorizedStorageServer(RemoteInterface):
return DictOf(int, Offset)
def stat_shares(
- storage_indexes_or_slots=ListOf(StorageIndex),
+ storage_indexes_or_slots=ListOf(StorageIndex),
):
"""
Get various metadata about shares in the given storage index or slot.
diff --git a/src/_zkapauthorizer/lease_maintenance.py b/src/_zkapauthorizer/lease_maintenance.py
index 6d15951d6411f9861d4358b6043e66342c5c38e7..57b6091f8d3a238379c06a2127a63956be6ab990 100644
--- a/src/_zkapauthorizer/lease_maintenance.py
+++ b/src/_zkapauthorizer/lease_maintenance.py
@@ -85,14 +85,18 @@ def visit_storage_indexes(root_nodes, visit):
visited.
"""
if not isinstance(root_nodes, list):
- raise TypeError("root_nodes must be a list, not {!r}".format(
- root_nodes,
- ))
+ raise TypeError(
+ "root_nodes must be a list, not {!r}".format(
+ root_nodes,
+ )
+ )
for node in root_nodes:
if not IFilesystemNode.providedBy(node):
- raise TypeError("Root nodes must provide IFilesystemNode, {!r} does not".format(
- node,
- ))
+ raise TypeError(
+ "Root nodes must provide IFilesystemNode, {!r} does not".format(
+ node,
+ )
+ )
stack = root_nodes[:]
while stack:
@@ -130,12 +134,12 @@ def iter_storage_indexes(visit_assets):
@inlineCallbacks
def renew_leases(
- visit_assets,
- storage_broker,
- secret_holder,
- min_lease_remaining,
- get_activity_observer,
- now,
+ visit_assets,
+ storage_broker,
+ secret_holder,
+ min_lease_remaining,
+ get_activity_observer,
+ now,
):
"""
Check the leases on a group of nodes for those which are expired or close
@@ -169,9 +173,7 @@ def renew_leases(
renewal_secret = secret_holder.get_renewal_secret()
cancel_secret = secret_holder.get_cancel_secret()
servers = list(
- server.get_storage_server()
- for server
- in storage_broker.get_connected_servers()
+ server.get_storage_server() for server in storage_broker.get_connected_servers()
)
for server in servers:
@@ -191,13 +193,13 @@ def renew_leases(
@inlineCallbacks
def renew_leases_on_server(
- min_lease_remaining,
- renewal_secret,
- cancel_secret,
- storage_indexes,
- server,
- activity,
- now,
+ min_lease_remaining,
+ renewal_secret,
+ cancel_secret,
+ storage_indexes,
+ server,
+ activity,
+ now,
):
"""
Check leases on the shares for the given storage indexes on the given
@@ -318,6 +320,7 @@ class _FuzzyTimerService(Service):
:ivar IReactorTime reactor: A Twisted reactor to use to schedule runs of
the operation.
"""
+
name = attr.ib()
operation = attr.ib()
initial_interval = attr.ib()
@@ -355,12 +358,12 @@ class _FuzzyTimerService(Service):
def lease_maintenance_service(
- maintain_leases,
- reactor,
- last_run_path,
- random,
- interval_mean=None,
- interval_range=None,
+ maintain_leases,
+ reactor,
+ last_run_path,
+ random,
+ interval_mean=None,
+ interval_range=None,
):
"""
Get an ``IService`` which will maintain leases on ``root_node`` and any
@@ -400,6 +403,7 @@ def lease_maintenance_service(
(interval_mean + halfrange).total_seconds(),
),
)
+
# Rather than an all-or-nothing last-run time we probably eventually want
# to have a more comprehensive record of the state when we were last
# interrupted. This would remove the unfortunate behavior of restarting
@@ -420,7 +424,6 @@ def lease_maintenance_service(
timedelta(0),
)
-
return _FuzzyTimerService(
SERVICE_NAME,
lambda: bracket(
@@ -496,6 +499,7 @@ class NoopMaintenanceObserver(object):
"""
A lease maintenance observer that does nothing.
"""
+
def observe(self, sizes):
pass
@@ -509,6 +513,7 @@ class MemoryMaintenanceObserver(object):
"""
A lease maintenance observer that records observations in memory.
"""
+
observed = attr.ib(default=attr.Factory(list))
finished = attr.ib(default=False)
@@ -520,12 +525,12 @@ class MemoryMaintenanceObserver(object):
def maintain_leases_from_root(
- get_root_nodes,
- storage_broker,
- secret_holder,
- min_lease_remaining,
- progress,
- get_now,
+ get_root_nodes,
+ storage_broker,
+ secret_holder,
+ min_lease_remaining,
+ progress,
+ get_now,
):
"""
An operation for ``lease_maintenance_service`` which visits ``root_node``
@@ -552,6 +557,7 @@ def maintain_leases_from_root(
:return: A no-argument callable to perform the maintenance.
"""
+
def visitor(visit_assets):
return renew_leases(
visit_assets,
diff --git a/src/_zkapauthorizer/model.py b/src/_zkapauthorizer/model.py
index 391ea1e4c40a75e28e3be5bc33d01a8a32a5bfc5..5e2d3441277c914d052b5db480ff02889964677a 100644
--- a/src/_zkapauthorizer/model.py
+++ b/src/_zkapauthorizer/model.py
@@ -89,6 +89,7 @@ class ILeaseMaintenanceObserver(Interface):
An object which is interested in receiving events related to the progress
of lease maintenance activity.
"""
+
def observe(sizes):
"""
Observe some shares encountered during lease maintenance.
@@ -106,6 +107,7 @@ class StoreOpenError(Exception):
"""
There was a problem opening the underlying data store.
"""
+
def __init__(self, reason):
self.reason = reason
@@ -119,6 +121,7 @@ class NotEnoughTokens(Exception):
CONFIG_DB_NAME = u"privatestorageio-zkapauthz-v1.sqlite3"
+
def open_and_initialize(path, connect=None):
"""
Open a SQLite3 database for use as a voucher store.
@@ -204,12 +207,14 @@ def with_cursor(f):
normally then the transaction will be committed. Otherwise, the
transaction will be rolled back.
"""
+
@wraps(f)
def with_cursor(self, *a, **kw):
with self._connection:
cursor = self._connection.cursor()
cursor.execute("BEGIN IMMEDIATE TRANSACTION")
return f(self, cursor, *a, **kw)
+
return with_cursor
@@ -236,6 +241,7 @@ class VoucherStore(object):
:ivar now: A no-argument callable that returns the time of the call as a
``datetime`` instance.
"""
+
_log = Logger()
pass_value = pass_value_attribute()
@@ -339,11 +345,7 @@ class VoucherStore(object):
voucher=voucher,
counter=counter,
)
- tokens = list(
- RandomToken(token_value)
- for (token_value,)
- in rows
- )
+ tokens = list(RandomToken(token_value) for (token_value,) in rows)
else:
tokens = get_tokens()
self._log.info(
@@ -356,17 +358,13 @@ class VoucherStore(object):
"""
INSERT OR IGNORE INTO [vouchers] ([number], [expected-tokens], [created]) VALUES (?, ?, ?)
""",
- (voucher, expected_tokens, self.now())
+ (voucher, expected_tokens, self.now()),
)
cursor.executemany(
"""
INSERT INTO [tokens] ([voucher], [counter], [text]) VALUES (?, ?, ?)
""",
- list(
- (voucher, counter, token.token_value)
- for token
- in tokens
- ),
+ list((voucher, counter, token.token_value) for token in tokens),
)
return tokens
@@ -387,11 +385,7 @@ class VoucherStore(object):
)
refs = cursor.fetchall()
- return list(
- Voucher.from_row(row)
- for row
- in refs
- )
+ return list(Voucher.from_row(row) for row in refs)
def _insert_unblinded_tokens(self, cursor, unblinded_tokens, group_id):
"""
@@ -401,11 +395,7 @@ class VoucherStore(object):
"""
INSERT INTO [unblinded-tokens] ([token], [redemption-group]) VALUES (?, ?)
""",
- list(
- (token, group_id)
- for token
- in unblinded_tokens
- ),
+ list((token, group_id) for token in unblinded_tokens),
)
@with_cursor
@@ -422,7 +412,9 @@ class VoucherStore(object):
self._insert_unblinded_tokens(cursor, unblinded_tokens, group_id)
@with_cursor
- def insert_unblinded_tokens_for_voucher(self, cursor, voucher, public_key, unblinded_tokens, completed, spendable):
+ def insert_unblinded_tokens_for_voucher(
+ self, cursor, voucher, public_key, unblinded_tokens, completed, spendable
+ ):
"""
Store some unblinded tokens received from redemption of a voucher.
@@ -442,7 +434,7 @@ class VoucherStore(object):
:param bool spendable: ``True`` if it should be possible to spend the
inserted tokens, ``False`` otherwise.
"""
- if completed:
+ if completed:
voucher_state = u"redeemed"
else:
voucher_state = u"pending"
@@ -488,15 +480,13 @@ class VoucherStore(object):
),
)
if cursor.rowcount == 0:
- raise ValueError("Cannot insert tokens for unknown voucher; add voucher first")
+ raise ValueError(
+ "Cannot insert tokens for unknown voucher; add voucher first"
+ )
self._insert_unblinded_tokens(
cursor,
- list(
- t.unblinded_token
- for t
- in unblinded_tokens
- ),
+ list(t.unblinded_token for t in unblinded_tokens),
group_id,
)
@@ -524,7 +514,7 @@ class VoucherStore(object):
FROM [vouchers]
WHERE [number] = ?
""",
- (voucher,)
+ (voucher,),
)
rows = cursor.fetchall()
if len(rows) == 0:
@@ -584,11 +574,7 @@ class VoucherStore(object):
""",
texts,
)
- return list(
- UnblindedToken(t)
- for (t,)
- in texts
- )
+ return list(UnblindedToken(t) for (t,) in texts)
@with_cursor
def count_unblinded_tokens(self, cursor):
@@ -661,11 +647,7 @@ class VoucherStore(object):
"""
INSERT INTO [invalid-unblinded-tokens] VALUES (?, ?)
""",
- list(
- (token.unblinded_token, reason)
- for token
- in unblinded_tokens
- ),
+ list((token.unblinded_token, reason) for token in unblinded_tokens),
)
cursor.execute(
"""
@@ -784,6 +766,7 @@ class LeaseMaintenance(object):
objects, the database row id that corresponds to the started run.
This is used to make sure future updates go to the right row.
"""
+
_pass_value = pass_value_attribute()
_now = attr.ib()
_connection = attr.ib()
@@ -854,6 +837,7 @@ class LeaseMaintenanceActivity(object):
# x = store.get_latest_lease_maintenance_activity()
# xs.started, xs.passes_required, xs.finished
+
@attr.s(frozen=True)
class UnblindedToken(object):
"""
@@ -867,6 +851,7 @@ class UnblindedToken(object):
``challenge_bypass_ristretto.UnblindedToken`` using that class's
``decode_base64`` method.
"""
+
unblinded_token = attr.ib(
validator=attr.validators.and_(
attr.validators.instance_of(unicode),
@@ -888,6 +873,7 @@ class Pass(object):
text should be kept secret. If pass text is divulged to third-parties
the anonymity property may be compromised.
"""
+
preimage = attr.ib(
validator=attr.validators.and_(
attr.validators.instance_of(unicode),
@@ -915,6 +901,7 @@ class RandomToken(object):
:ivar unicode token_value: The base64-encoded representation of the random
token.
"""
+
token_value = attr.ib(
validator=attr.validators.and_(
attr.validators.instance_of(unicode),
@@ -941,6 +928,7 @@ class Pending(object):
:ivar int counter: The number of partial redemptions which have been
successfully performed for the voucher.
"""
+
counter = _counter_attribute()
def should_start_redemption(self):
@@ -960,6 +948,7 @@ class Redeeming(object):
state is **pending** but for which there is a redemption operation in
progress.
"""
+
started = attr.ib(validator=attr.validators.instance_of(datetime))
counter = _counter_attribute()
@@ -984,6 +973,7 @@ class Redeemed(object):
:ivar int token_count: The number of tokens the voucher was redeemed for.
"""
+
finished = attr.ib(validator=attr.validators.instance_of(datetime))
token_count = attr.ib(validator=attr.validators.instance_of((int, long)))
@@ -1019,6 +1009,7 @@ class Unpaid(object):
state is **pending** but the most recent redemption attempt has failed due
to lack of payment.
"""
+
finished = attr.ib(validator=attr.validators.instance_of(datetime))
def should_start_redemption(self):
@@ -1038,6 +1029,7 @@ class Error(object):
state is **pending** but the most recent redemption attempt has failed due
to an error that is not handled by any other part of the system.
"""
+
finished = attr.ib(validator=attr.validators.instance_of(datetime))
details = attr.ib(validator=attr.validators.instance_of(unicode))
@@ -1070,6 +1062,7 @@ class Voucher(object):
an instance of ``Pending``, ``Redeeming``, ``Redeemed``,
``DoubleSpend``, ``Unpaid``, or ``Error``.
"""
+
number = attr.ib(
validator=attr.validators.and_(
attr.validators.instance_of(unicode),
@@ -1094,14 +1087,16 @@ class Voucher(object):
state = attr.ib(
default=Pending(counter=0),
- validator=attr.validators.instance_of((
- Pending,
- Redeeming,
- Redeemed,
- DoubleSpend,
- Unpaid,
- Error,
- )),
+ validator=attr.validators.instance_of(
+ (
+ Pending,
+ Redeeming,
+ Redeemed,
+ DoubleSpend,
+ Unpaid,
+ Error,
+ )
+ ),
)
@classmethod
@@ -1140,7 +1135,6 @@ class Voucher(object):
version = values.pop(u"version")
return getattr(cls, "from_json_v{}".format(version))(values)
-
@classmethod
def from_json_v1(cls, values):
state_json = values[u"state"]
@@ -1176,19 +1170,18 @@ class Voucher(object):
return cls(
number=values[u"number"],
expected_tokens=values[u"expected-tokens"],
- created=None if values[u"created"] is None else parse_datetime(values[u"created"]),
+ created=None
+ if values[u"created"] is None
+ else parse_datetime(values[u"created"]),
state=state,
)
-
def to_json(self):
return dumps(self.marshal())
-
def marshal(self):
return self.to_json_v1()
-
def to_json_v1(self):
state = self.state.to_json_v1()
return {
diff --git a/src/_zkapauthorizer/pricecalculator.py b/src/_zkapauthorizer/pricecalculator.py
index 007ec9cdf212839ddabbac9555308b29fb158483..296d0ad3c4b46010bdd31e639bcd303db21c5d3f 100644
--- a/src/_zkapauthorizer/pricecalculator.py
+++ b/src/_zkapauthorizer/pricecalculator.py
@@ -34,6 +34,7 @@ from .storage_common import (
share_size_for_data,
)
+
@attr.s
class PriceCalculator(object):
"""
@@ -46,6 +47,7 @@ class PriceCalculator(object):
:ivar int _pass_value: The bytes component of the bytes×time value of a
single pass.
"""
+
_shares_needed = attr.ib()
_shares_total = attr.ib()
_pass_value = attr.ib()
@@ -59,15 +61,10 @@ class PriceCalculator(object):
:return int: The number of ZKAPs required.
"""
- share_sizes = (
- share_size_for_data(self._shares_needed, size)
- for size
- in sizes
- )
+ share_sizes = (share_size_for_data(self._shares_needed, size) for size in sizes)
all_required_passes = (
required_passes(self._pass_value, [share_size] * self._shares_total)
- for share_size
- in share_sizes
+ for share_size in share_sizes
)
price = sum(all_required_passes, 0)
return price
diff --git a/src/_zkapauthorizer/private.py b/src/_zkapauthorizer/private.py
index baf837206b53e067be86446bc956023908a303e1..81eb58b91d0af2ed0df98abc7157aa1638f9cc4b 100644
--- a/src/_zkapauthorizer/private.py
+++ b/src/_zkapauthorizer/private.py
@@ -64,10 +64,12 @@ from cryptography.hazmat.primitives.constant_time import (
# public but we do want to make sure that hotfix is applied. This seems like
# an alright compromise.
import allmydata.web.private as awp
+
del awp
SCHEME = b"tahoe-lafs"
+
class IToken(ICredentials):
def check(auth_token):
pass
diff --git a/src/_zkapauthorizer/resource.py b/src/_zkapauthorizer/resource.py
index 1663b0c291d030e16614f894e54104f0a4dc73fe..18225e928cfa05a7dc81f1e6221740acaebe090b 100644
--- a/src/_zkapauthorizer/resource.py
+++ b/src/_zkapauthorizer/resource.py
@@ -88,13 +88,14 @@ class IZKAPRoot(IResource):
"""
The root of the resource tree of this plugin's client web presence.
"""
+
store = Attribute("The ``VoucherStore`` used by this resource tree.")
controller = Attribute("The ``PaymentController`` used by this resource tree.")
def get_token_count(
- plugin_name,
- node_config,
+ plugin_name,
+ node_config,
):
"""
Retrieve the configured voucher value, in number of tokens, from the given
@@ -108,18 +109,20 @@ def get_token_count(
:param int default: The value to return if none is configured.
"""
section_name = u"storageclient.plugins.{}".format(plugin_name)
- return int(node_config.get_config(
- section=section_name,
- option=u"default-token-count",
- default=NUM_TOKENS,
- ))
+ return int(
+ node_config.get_config(
+ section=section_name,
+ option=u"default-token-count",
+ default=NUM_TOKENS,
+ )
+ )
def from_configuration(
- node_config,
- store,
- redeemer=None,
- clock=None,
+ node_config,
+ store,
+ redeemer=None,
+ clock=None,
):
"""
Instantiate the plugin root resource using data from its configuration
@@ -186,9 +189,9 @@ def from_configuration(
def authorizationless_resource_tree(
- store,
- controller,
- calculate_price,
+ store,
+ controller,
+ calculate_price,
):
"""
Create the full ZKAPAuthorizer client plugin resource hierarchy with no
@@ -231,6 +234,7 @@ class _CalculatePrice(Resource):
"""
This resource exposes a storage price calculator.
"""
+
allowedMethods = [b"POST"]
render_HEAD = render_GET = None
@@ -260,43 +264,50 @@ class _CalculatePrice(Resource):
body_object = loads(payload)
except ValueError:
request.setResponseCode(BAD_REQUEST)
- return dumps({
- "error": "could not parse request body",
- })
+ return dumps(
+ {
+ "error": "could not parse request body",
+ }
+ )
try:
version = body_object[u"version"]
sizes = body_object[u"sizes"]
except (TypeError, KeyError):
request.setResponseCode(BAD_REQUEST)
- return dumps({
- "error": "could not read `version` and `sizes` properties",
- })
+ return dumps(
+ {
+ "error": "could not read `version` and `sizes` properties",
+ }
+ )
if version != 1:
request.setResponseCode(BAD_REQUEST)
- return dumps({
- "error": "did not find required version number 1 in request",
- })
-
- if (not isinstance(sizes, list) or
- not all(
- isinstance(size, (int, long)) and size >= 0
- for size
- in sizes
- )):
+ return dumps(
+ {
+ "error": "did not find required version number 1 in request",
+ }
+ )
+
+ if not isinstance(sizes, list) or not all(
+ isinstance(size, (int, long)) and size >= 0 for size in sizes
+ ):
request.setResponseCode(BAD_REQUEST)
- return dumps({
- "error": "did not find required positive integer sizes list in request",
- })
+ return dumps(
+ {
+ "error": "did not find required positive integer sizes list in request",
+ }
+ )
application_json(request)
price = self._price_calculator.calculate(sizes)
- return dumps({
- u"price": price,
- u"period": self._lease_period,
- })
+ return dumps(
+ {
+ u"price": price,
+ u"period": self._lease_period,
+ }
+ )
def wrong_content_type(request, required_type):
@@ -335,11 +346,14 @@ class _ProjectVersion(Resource):
"""
This resource exposes the version of **ZKAPAuthorizer** itself.
"""
+
def render_GET(self, request):
application_json(request)
- return dumps({
- "version": _zkapauthorizer_version,
- })
+ return dumps(
+ {
+ "version": _zkapauthorizer_version,
+ }
+ )
class _UnblindedTokenCollection(Resource):
@@ -347,6 +361,7 @@ class _UnblindedTokenCollection(Resource):
This class implements inspection of unblinded tokens. Users **GET** this
resource to find out about unblinded tokens in the system.
"""
+
_log = Logger()
def __init__(self, store, controller):
@@ -368,17 +383,18 @@ class _UnblindedTokenCollection(Resource):
position = request.args.get(b"position", [b""])[0].decode("utf-8")
- return dumps({
- u"total": len(unblinded_tokens),
- u"spendable": self._store.count_unblinded_tokens(),
- u"unblinded-tokens": list(islice((
- token
- for token
- in unblinded_tokens
- if token > position
- ), limit)),
- u"lease-maintenance-spending": self._lease_maintenance_activity(),
- })
+ return dumps(
+ {
+ u"total": len(unblinded_tokens),
+ u"spendable": self._store.count_unblinded_tokens(),
+ u"unblinded-tokens": list(
+ islice(
+ (token for token in unblinded_tokens if token > position), limit
+ )
+ ),
+ u"lease-maintenance-spending": self._lease_maintenance_activity(),
+ }
+ )
def render_POST(self, request):
"""
@@ -389,7 +405,6 @@ class _UnblindedTokenCollection(Resource):
self._store.insert_unblinded_tokens(unblinded_tokens, group_id=0)
return dumps({})
-
def _lease_maintenance_activity(self):
activity = self._store.get_latest_lease_maintenance_activity()
if activity is None:
@@ -400,7 +415,6 @@ class _UnblindedTokenCollection(Resource):
}
-
class _VoucherCollection(Resource):
"""
This class implements redemption of vouchers. Users **PUT** such numbers
@@ -408,6 +422,7 @@ class _VoucherCollection(Resource):
redemption controller. Child resources of this resource can also be
retrieved to monitor the status of previously submitted vouchers.
"""
+
_log = Logger()
def __init__(self, store, controller):
@@ -415,7 +430,6 @@ class _VoucherCollection(Resource):
self._controller = controller
Resource.__init__(self)
-
def render_PUT(self, request):
"""
Record a voucher and begin attempting to redeem it.
@@ -425,26 +439,31 @@ class _VoucherCollection(Resource):
except Exception:
return bad_request(u"json request body required").render(request)
if payload.keys() != [u"voucher"]:
- return bad_request(u"request object must have exactly one key: 'voucher'").render(request)
+ return bad_request(
+ u"request object must have exactly one key: 'voucher'"
+ ).render(request)
voucher = payload[u"voucher"]
if not is_syntactic_voucher(voucher):
- return bad_request(u"submitted voucher is syntactically invalid").render(request)
+ return bad_request(u"submitted voucher is syntactically invalid").render(
+ request
+ )
- self._log.info("Accepting a voucher ({voucher}) for redemption.", voucher=voucher)
+ self._log.info(
+ "Accepting a voucher ({voucher}) for redemption.", voucher=voucher
+ )
self._controller.redeem(voucher)
return b""
-
def render_GET(self, request):
application_json(request)
- return dumps({
- u"vouchers": list(
- self._controller.incorporate_transient_state(voucher).marshal()
- for voucher
- in self._store.list()
- ),
- })
-
+ return dumps(
+ {
+ u"vouchers": list(
+ self._controller.incorporate_transient_state(voucher).marshal()
+ for voucher in self._store.list()
+ ),
+ }
+ )
def getChild(self, segment, request):
voucher = segment.decode("utf-8")
@@ -483,6 +502,7 @@ class VoucherView(Resource):
"""
This class implements a view for a ``Voucher`` instance.
"""
+
def __init__(self, voucher):
"""
:param Voucher reference: The model object for which to provide a
@@ -491,7 +511,6 @@ class VoucherView(Resource):
self._voucher = voucher
Resource.__init__(self)
-
def render_GET(self, request):
application_json(request)
return self._voucher.to_json()
@@ -503,5 +522,7 @@ def bad_request(reason=u"Bad Request"):
REQUEST** response.
"""
return ErrorPage(
- BAD_REQUEST, b"Bad Request", reason.encode("utf-8"),
+ BAD_REQUEST,
+ b"Bad Request",
+ reason.encode("utf-8"),
)
diff --git a/src/_zkapauthorizer/schema.py b/src/_zkapauthorizer/schema.py
index 27890a32fcebc15cfebae08580e7daf5d33f69cc..40c79ea41d4584b9c46fb2f73b053c4cb381f2a6 100644
--- a/src/_zkapauthorizer/schema.py
+++ b/src/_zkapauthorizer/schema.py
@@ -20,6 +20,7 @@ from __future__ import (
This module defines the database schema used by the model interface.
"""
+
def get_schema_version(cursor):
cursor.execute(
"""
@@ -63,12 +64,10 @@ def run_schema_upgrades(upgrades, cursor):
cursor.execute(upgrade)
-_INCREMENT_VERSION = (
- """
+_INCREMENT_VERSION = """
UPDATE [version]
SET [version] = [version] + 1
"""
-)
# A mapping from old schema versions to lists of unicode strings of SQL to
# execute against that version of the schema to create the successor schema.
@@ -125,7 +124,6 @@ _UPGRADES = {
)
""",
],
-
1: [
"""
-- Incorrectly track a single public-key for all. Later version of
@@ -133,14 +131,12 @@ _UPGRADES = {
ALTER TABLE [vouchers] ADD COLUMN [public-key] text
""",
],
-
2: [
"""
-- Keep track of progress through redemption of each voucher.
ALTER TABLE [vouchers] ADD COLUMN [counter] integer DEFAULT 0
""",
],
-
3: [
"""
-- Reference to the counter these tokens go with.
@@ -158,7 +154,6 @@ _UPGRADES = {
ALTER TABLE [vouchers] ADD COLUMN [expected-tokens] integer NOT NULL DEFAULT 32768
""",
],
-
4: [
"""
CREATE TABLE [invalid-unblinded-tokens] (
@@ -169,7 +164,6 @@ _UPGRADES = {
)
""",
],
-
5: [
"""
-- Create a table where rows represent a single group of unblinded
@@ -190,7 +184,6 @@ _UPGRADES = {
[public-key] text
)
""",
-
"""
-- Create one redemption group for every existing, redeemed voucher.
-- These tokens were probably *not* all redeemed in one group but
@@ -199,14 +192,12 @@ _UPGRADES = {
INSERT INTO [redemption-groups] ([voucher], [public-key], [spendable])
SELECT DISTINCT([number]), [public-key], 1 FROM [vouchers] WHERE [state] = "redeemed"
""",
-
"""
-- Give each voucher a count of "sequestered" tokens. Currently,
-- these are unspendable tokens that were issued using a disallowed
-- public key.
ALTER TABLE [vouchers] ADD COLUMN [sequestered-count] integer NOT NULL DEFAULT 0
""",
-
"""
-- Give each unblinded token a reference to the [redemption-groups]
-- table identifying the group that token arrived with. This lets us
diff --git a/src/_zkapauthorizer/spending.py b/src/_zkapauthorizer/spending.py
index 20f0f775f17622f868e19790a35f7725b53f4759..49a693a438aaa11a5b270cb794aabe27e1848e18 100644
--- a/src/_zkapauthorizer/spending.py
+++ b/src/_zkapauthorizer/spending.py
@@ -31,10 +31,12 @@ from .eliot import (
RESET_PASSES,
)
+
class IPassGroup(Interface):
"""
A group of passed meant to be spent together.
"""
+
passes = Attribute(":ivar list[Pass] passes: The passes themselves.")
def split(select_indices):
@@ -91,6 +93,7 @@ class IPassFactory(Interface):
"""
An object which can create passes.
"""
+
def get(message, num_passes):
"""
:param unicode message: A request-binding message for the resulting passes.
@@ -115,25 +118,18 @@ class PassGroup(object):
:ivar list[Pass] passes: The passes of which this group consists.
"""
+
_message = attr.ib()
_factory = attr.ib()
_tokens = attr.ib()
@property
def passes(self):
- return list(
- pass_
- for (unblinded_token, pass_)
- in self._tokens
- )
+ return list(pass_ for (unblinded_token, pass_) in self._tokens)
@property
def unblinded_tokens(self):
- return list(
- unblinded_token
- for (unblinded_token, pass_)
- in self._tokens
- )
+ return list(unblinded_token for (unblinded_token, pass_) in self._tokens)
def split(self, select_indices):
selected = []
@@ -171,6 +167,7 @@ class SpendingController(object):
A ``SpendingController`` gives out ZKAPs and arranges for re-spend
attempts when necessary.
"""
+
get_unblinded_tokens = attr.ib()
discard_unblinded_tokens = attr.ib()
invalidate_unblinded_tokens = attr.ib()
diff --git a/src/_zkapauthorizer/storage_common.py b/src/_zkapauthorizer/storage_common.py
index 0709e4152cd6773d0c8a39b9055df3202f15bab2..85051327a5fdfb5b576cfaaf28a08720b79d9461 100644
--- a/src/_zkapauthorizer/storage_common.py
+++ b/src/_zkapauthorizer/storage_common.py
@@ -38,6 +38,7 @@ from pyutil.mathutil import (
div_ceil,
)
+
@attr.s(frozen=True, str=True)
class MorePassesRequired(Exception):
"""
@@ -53,6 +54,7 @@ class MorePassesRequired(Exception):
:ivar set[int] signature_check_failed: Indices into the supplied list of
passes indicating passes which failed the signature check.
"""
+
valid_count = attr.ib(validator=attr.validators.instance_of((int, long)))
required_count = attr.ib(validator=attr.validators.instance_of((int, long)))
signature_check_failed = attr.ib(converter=frozenset)
@@ -64,18 +66,23 @@ def _message_maker(label):
label=label,
storage_index=b64encode(storage_index),
)
+
return make_message
+
# Functions to construct the PrivacyPass request-binding message for pass
# construction for different Tahoe-LAFS storage operations.
allocate_buckets_message = _message_maker(u"allocate_buckets")
add_lease_message = _message_maker(u"add_lease")
-slot_testv_and_readv_and_writev_message = _message_maker(u"slot_testv_and_readv_and_writev")
+slot_testv_and_readv_and_writev_message = _message_maker(
+ u"slot_testv_and_readv_and_writev"
+)
# The number of bytes we're willing to store for a lease period for each pass
# submitted.
BYTES_PER_PASS = 1024 * 1024
+
def get_configured_shares_needed(node_config):
"""
Determine the configured-specified value of "needed" shares (``k``).
@@ -83,11 +90,13 @@ def get_configured_shares_needed(node_config):
If no value is explicitly configured, the Tahoe-LAFS default (as best as
we know it) is returned.
"""
- return int(node_config.get_config(
- section=u"client",
- option=u"shares.needed",
- default=3,
- ))
+ return int(
+ node_config.get_config(
+ section=u"client",
+ option=u"shares.needed",
+ default=3,
+ )
+ )
def get_configured_shares_total(node_config):
@@ -97,11 +106,13 @@ def get_configured_shares_total(node_config):
If no value is explicitly configured, the Tahoe-LAFS default (as best as
we know it) is returned.
"""
- return int(node_config.get_config(
- section=u"client",
- option=u"shares.total",
- default=10,
- ))
+ return int(
+ node_config.get_config(
+ section=u"client",
+ option=u"shares.total",
+ default=10,
+ )
+ )
def get_configured_pass_value(node_config):
@@ -113,11 +124,13 @@ def get_configured_pass_value(node_config):
client section.
"""
section_name = u"storageclient.plugins.privatestorageio-zkapauthz-v1"
- return int(node_config.get_config(
- section=section_name,
- option=u"pass-value",
- default=BYTES_PER_PASS,
- ))
+ return int(
+ node_config.get_config(
+ section=section_name,
+ option=u"pass-value",
+ default=BYTES_PER_PASS,
+ )
+ )
def get_configured_lease_duration(node_config):
@@ -136,10 +149,14 @@ def get_configured_allowed_public_keys(node_config):
Read the set of allowed issuer public keys from the given configuration.
"""
section_name = u"storageclient.plugins.privatestorageio-zkapauthz-v1"
- return set(node_config.get_config(
- section=section_name,
- option=u"allowed-public-keys",
- ).strip().split(","))
+ return set(
+ node_config.get_config(
+ section=section_name,
+ option=u"allowed-public-keys",
+ )
+ .strip()
+ .split(",")
+ )
def required_passes(bytes_per_pass, share_sizes):
@@ -194,8 +211,7 @@ def has_writes(tw_vectors):
"""
return any(
data or (new_length is not None)
- for (test, data, new_length)
- in tw_vectors.values()
+ for (test, data, new_length) in tw_vectors.values()
)
@@ -207,10 +223,7 @@ def get_sharenums(tw_vectors):
:return set[int]: The share numbers which the given test/write vectors would write to.
"""
return set(
- sharenum
- for (sharenum, (test, data, new_length))
- in tw_vectors.items()
- if data
+ sharenum for (sharenum, (test, data, new_length)) in tw_vectors.items() if data
)
@@ -224,8 +237,7 @@ def get_allocated_size(tw_vectors):
return max(
list(
max(offset + len(s) for (offset, s) in data)
- for (sharenum, (test, data, new_length))
- in tw_vectors.items()
+ for (sharenum, (test, data, new_length)) in tw_vectors.items()
if data
),
)
@@ -241,11 +253,9 @@ def get_implied_data_length(data_vector, new_length):
:return int: The amount of data, in bytes, implied by a data vector and a
size.
"""
- data_based_size = max(
- offset + len(data)
- for (offset, data)
- in data_vector
- ) if data_vector else 0
+ data_based_size = (
+ max(offset + len(data) for (offset, data) in data_vector) if data_vector else 0
+ )
if new_length is None:
return data_based_size
# new_length is only allowed to truncate, not expand.
@@ -266,8 +276,7 @@ def get_required_new_passes_for_mutable_write(pass_value, current_sizes, tw_vect
new_sizes = current_sizes.copy()
size_updates = {
sharenum: get_implied_data_length(data_vector, new_length)
- for (sharenum, (_, data_vector, new_length))
- in tw_vectors.items()
+ for (sharenum, (_, data_vector, new_length)) in tw_vectors.items()
}
for sharenum, size in size_updates.items():
if size > new_sizes.get(sharenum, 0):
@@ -289,25 +298,21 @@ def get_required_new_passes_for_mutable_write(pass_value, current_sizes, tw_vect
)
return required_new_passes
+
def summarize(tw_vectors):
return {
sharenum: (
list(
(offset, length, operator, len(specimen))
- for (offset, length, operator, specimen)
- in test_vector
- ),
- list(
- (offset, len(data))
- for (offset, data)
- in data_vectors
+ for (offset, length, operator, specimen) in test_vector
),
+ list((offset, len(data)) for (offset, data) in data_vectors),
new_length,
)
- for (sharenum, (test_vector, data_vectors, new_length))
- in tw_vectors.items()
+ for (sharenum, (test_vector, data_vectors, new_length)) in tw_vectors.items()
}
+
def pass_value_attribute():
"""
Define an attribute for an attrs-based object which can hold a pass value.
diff --git a/src/_zkapauthorizer/tests/__init__.py b/src/_zkapauthorizer/tests/__init__.py
index 102647a022c45553eb27ea9da5dfd0e433a11941..6b2e7df4628ca47cd6186d709c19266c425d2273 100644
--- a/src/_zkapauthorizer/tests/__init__.py
+++ b/src/_zkapauthorizer/tests/__init__.py
@@ -16,6 +16,7 @@
The automated unit test suite.
"""
+
def _configure_hypothesis():
"""
Select define Hypothesis profiles and select one based on environment
@@ -41,10 +42,7 @@ def _configure_hypothesis():
deadline=None,
)
- settings.register_profile(
- "default",
- **base
- )
+ settings.register_profile("default", **base)
settings.register_profile(
"ci",
@@ -70,4 +68,5 @@ def _configure_hypothesis():
settings.load_profile(profile_name)
print("Loaded profile {}".format(profile_name))
+
_configure_hypothesis()
diff --git a/src/_zkapauthorizer/tests/_exception.py b/src/_zkapauthorizer/tests/_exception.py
index 5e8bc8f5b21c29ebba4e93528a417761ff3fcf1d..a91f2fbf569526893cddae201909a83ae915a910 100644
--- a/src/_zkapauthorizer/tests/_exception.py
+++ b/src/_zkapauthorizer/tests/_exception.py
@@ -15,10 +15,10 @@
# limitations under the License.
__all__ = [
- 'MatchesExceptionType',
- 'Raises',
- 'raises',
- ]
+ "MatchesExceptionType",
+ "Raises",
+ "raises",
+]
import sys
@@ -55,7 +55,7 @@ class MatchesExceptionType(Matcher):
def match(self, other):
if type(other) != tuple:
- return Mismatch('{!r} is not an exc_info tuple'.format(other))
+ return Mismatch("{!r} is not an exc_info tuple".format(other))
expected_class = self.expected
etype, evalue, etb = other
if not issubclass(etype, expected_class):
@@ -94,7 +94,7 @@ class Raises(Matcher):
def match(self, matchee):
try:
result = matchee()
- return Mismatch('%r returned %r' % (matchee, result))
+ return Mismatch("%r returned %r" % (matchee, result))
# Catch all exceptions: Raises() should be able to match a
# KeyboardInterrupt or SystemExit.
except:
@@ -113,7 +113,7 @@ class Raises(Matcher):
return None
def __str__(self):
- return 'Raises()'
+ return "Raises()"
def raises(exception_type):
diff --git a/src/_zkapauthorizer/tests/common.py b/src/_zkapauthorizer/tests/common.py
index 39aa9119e10c22670c2948b4f53a7dbb22dc4f6e..3a362a69d7b7ea6b7336890cdc6560fab6341a14 100644
--- a/src/_zkapauthorizer/tests/common.py
+++ b/src/_zkapauthorizer/tests/common.py
@@ -37,5 +37,7 @@ def _skipper(reason):
def wrapper(f):
def skipIt(self, *a, **kw):
self.skipTest(reason)
+
return skipIt
+
return wrapper
diff --git a/src/_zkapauthorizer/tests/fixtures.py b/src/_zkapauthorizer/tests/fixtures.py
index 7f2246a2e15a605895730dd0fff3dfe3ea3978f1..3b554f2a1a4cf722d620ac3d0c93538914e62d46 100644
--- a/src/_zkapauthorizer/tests/fixtures.py
+++ b/src/_zkapauthorizer/tests/fixtures.py
@@ -52,6 +52,7 @@ from ..controller import (
PaymentController,
)
+
@attr.s
class AnonymousStorageServer(Fixture):
"""
@@ -67,6 +68,7 @@ class AnonymousStorageServer(Fixture):
:ivar twisted.internet.task.Clock clock: The ``IReactorTime`` provider to
supply to ``StorageServer`` for its time-checking needs.
"""
+
clock = attr.ib()
def _setUp(self):
@@ -82,9 +84,7 @@ class AnonymousStorageServer(Fixture):
timeargs = {}
self.storage_server = StorageServer(
- self.tempdir.asBytesMode().path,
- b"x" * 20,
- **timeargs
+ self.tempdir.asBytesMode().path, b"x" * 20, **timeargs
)
@@ -100,6 +100,7 @@ class TemporaryVoucherStore(Fixture):
:ivar store: A newly created temporary store.
"""
+
get_config = attr.ib()
get_now = attr.ib()
@@ -122,6 +123,7 @@ class ConfiglessMemoryVoucherStore(Fixture):
This is like ``TemporaryVoucherStore`` but faster because it skips the
Tahoe-LAFS parts.
"""
+
get_now = attr.ib()
_public_key = attr.ib(default=b64encode(b"A" * 32).decode("utf-8"))
redeemer = attr.ib(default=None, init=False)
diff --git a/src/_zkapauthorizer/tests/foolscap.py b/src/_zkapauthorizer/tests/foolscap.py
index 35716998d69bb32c5066f244e285aececd0bf6ba..93ba2142e6de4ddd0fcebd268ce270f2fa3ce5bf 100644
--- a/src/_zkapauthorizer/tests/foolscap.py
+++ b/src/_zkapauthorizer/tests/foolscap.py
@@ -46,6 +46,7 @@ from allmydata.interfaces import (
RIStorageServer,
)
+
class RIStub(RemoteInterface):
pass
@@ -54,6 +55,7 @@ class RIEcho(RemoteInterface):
def echo(argument=Any()):
return Any()
+
@implementer(RIStorageServer)
class StubStorageServer(object):
pass
@@ -85,11 +87,13 @@ class DummyReferenceable(object):
def doRemoteCall(self, *a, **kw):
return None
+
@attr.s
class LocalTracker(object):
"""
Pretend to be a tracker for a ``LocalRemote``.
"""
+
interface = attr.ib()
interfaceName = attr.ib(default=None)
@@ -115,6 +119,7 @@ class LocalRemote(object):
:ivar foolscap.ipb.IReferenceable _referenceable: The object to which this
provides a simulated remote interface.
"""
+
_referenceable = attr.ib()
check_args = attr.ib(default=True)
tracker = attr.ib(default=None)
diff --git a/src/_zkapauthorizer/tests/json.py b/src/_zkapauthorizer/tests/json.py
index e96cc74bbd830ccf7af0ad52882143bd9824594c..3ffc724f73a30870354be71cee88b8c8fb5e99e2 100644
--- a/src/_zkapauthorizer/tests/json.py
+++ b/src/_zkapauthorizer/tests/json.py
@@ -24,6 +24,7 @@ from json import (
loads as _loads,
)
+
def loads(data):
"""
Load a JSON object from a byte string.
diff --git a/src/_zkapauthorizer/tests/matchers.py b/src/_zkapauthorizer/tests/matchers.py
index ea3343143e2d75ccf4c62d2f3c793265d64b6575..18fb3ea7fc5cc169e098ba0f74a0906c3a63d104 100644
--- a/src/_zkapauthorizer/tests/matchers.py
+++ b/src/_zkapauthorizer/tests/matchers.py
@@ -57,11 +57,13 @@ from ._exception import (
raises,
)
+
@attr.s
class Provides(object):
"""
Match objects that provide all of a list of Zope Interface interfaces.
"""
+
interfaces = attr.ib(validator=attr.validators.instance_of(list))
def match(self, obj):
@@ -70,9 +72,12 @@ class Provides(object):
if not iface.providedBy(obj):
missing.add(iface)
if missing:
- return Mismatch("{} does not provide expected {}".format(
- obj, ", ".join(str(iface) for iface in missing),
- ))
+ return Mismatch(
+ "{} does not provide expected {}".format(
+ obj,
+ ", ".join(str(iface) for iface in missing),
+ )
+ )
def matches_version_dictionary():
@@ -81,13 +86,14 @@ def matches_version_dictionary():
``RIStorageServer.get_version`` which is also the dictionary returned by
our own ``RIPrivacyPassAuthorizedStorageServer.get_version``.
"""
- return ContainsDict({
- # It has these two top-level keys, at least. Try not to be too
- # fragile by asserting much more than that they are present.
- b'application-version': Always(),
- b'http://allmydata.org/tahoe/protocols/storage/v1': Always(),
- })
-
+ return ContainsDict(
+ {
+ # It has these two top-level keys, at least. Try not to be too
+ # fragile by asserting much more than that they are present.
+ b"application-version": Always(),
+ b"http://allmydata.org/tahoe/protocols/storage/v1": Always(),
+ }
+ )
def returns(matcher):
@@ -98,16 +104,13 @@ def returns(matcher):
return _Returns(matcher)
-
class _Returns(Matcher):
def __init__(self, result_matcher):
self.result_matcher = result_matcher
-
def match(self, matchee):
return self.result_matcher.match(matchee())
-
def __str__(self):
return "Returns({})".format(self.result_matcher)
@@ -147,8 +150,7 @@ def leases_current(relevant_storage_indexes, now, min_lease_remaining):
# visited and maintained.
lambda storage_server: list(
stat
- for (storage_index, stat)
- in storage_server.buckets.items()
+ for (storage_index, stat) in storage_server.buckets.items()
if storage_index in relevant_storage_indexes
),
AllMatch(
@@ -157,7 +159,9 @@ def leases_current(relevant_storage_indexes, now, min_lease_remaining):
# further in the future than min_lease_remaining,
# either because it had time left or because we
# renewed it.
- lambda share_stat: datetime.utcfromtimestamp(share_stat.lease_expiration),
+ lambda share_stat: datetime.utcfromtimestamp(
+ share_stat.lease_expiration
+ ),
GreaterThan(now + min_lease_remaining),
),
),
@@ -184,7 +188,9 @@ def odd():
)
-def matches_response(code_matcher=Always(), headers_matcher=Always(), body_matcher=Always()):
+def matches_response(
+ code_matcher=Always(), headers_matcher=Always(), body_matcher=Always()
+):
"""
Match a Treq response object with certain code and body.
diff --git a/src/_zkapauthorizer/tests/privacypass.py b/src/_zkapauthorizer/tests/privacypass.py
index fcc3c6700472c03369d07927a92b408d48415d92..d678fa5b1c313ca757b8c627bdc9f60b39abe756 100644
--- a/src/_zkapauthorizer/tests/privacypass.py
+++ b/src/_zkapauthorizer/tests/privacypass.py
@@ -25,6 +25,7 @@ from challenge_bypass_ristretto import (
PublicKey,
)
+
def make_passes(signing_key, for_message, random_tokens):
"""
Create a number of cryptographically correct privacy passes.
@@ -41,15 +42,9 @@ def make_passes(signing_key, for_message, random_tokens):
:return list[unicode]: The privacy passes. The returned list has one
element for each element of ``random_tokens``.
"""
- blinded_tokens = list(
- token.blind()
- for token
- in random_tokens
- )
+ blinded_tokens = list(token.blind() for token in random_tokens)
signatures = list(
- signing_key.sign(blinded_token)
- for blinded_token
- in blinded_tokens
+ signing_key.sign(blinded_token) for blinded_token in blinded_tokens
)
proof = BatchDLEQProof.create(
signing_key,
@@ -63,26 +58,21 @@ def make_passes(signing_key, for_message, random_tokens):
PublicKey.from_signing_key(signing_key),
)
preimages = list(
- unblinded_signature.preimage()
- for unblinded_signature
- in unblinded_signatures
+ unblinded_signature.preimage() for unblinded_signature in unblinded_signatures
)
verification_keys = list(
unblinded_signature.derive_verification_key_sha512()
- for unblinded_signature
- in unblinded_signatures
+ for unblinded_signature in unblinded_signatures
)
message_signatures = list(
verification_key.sign_sha512(for_message.encode("utf-8"))
- for verification_key
- in verification_keys
+ for verification_key in verification_keys
)
passes = list(
u"{} {}".format(
preimage.encode_base64().decode("ascii"),
signature.encode_base64().decode("ascii"),
).encode("ascii")
- for (preimage, signature)
- in zip(preimages, message_signatures)
+ for (preimage, signature) in zip(preimages, message_signatures)
)
return passes
diff --git a/src/_zkapauthorizer/tests/storage_common.py b/src/_zkapauthorizer/tests/storage_common.py
index 5141dd58cd64ea5bf126a1364e8e2d13f8f942dd..88df0ae5abcf82f82747ac38c76eb44b37d13253 100644
--- a/src/_zkapauthorizer/tests/storage_common.py
+++ b/src/_zkapauthorizer/tests/storage_common.py
@@ -67,6 +67,7 @@ from ..spending import (
# Hard-coded in Tahoe-LAFS
LEASE_INTERVAL = 60 * 60 * 24 * 31
+
def cleanup_storage_server(storage_server):
"""
Delete all of the shares held by the given storage server.
@@ -85,13 +86,13 @@ def cleanup_storage_server(storage_server):
def write_toy_shares(
- storage_server,
- storage_index,
- renew_secret,
- cancel_secret,
- sharenums,
- size,
- canary,
+ storage_server,
+ storage_index,
+ renew_secret,
+ cancel_secret,
+ sharenums,
+ size,
+ canary,
):
"""
Write some immutable shares to the given storage server.
@@ -161,8 +162,7 @@ def whitebox_write_sparse_share(sharepath, version, size, leases, now):
# expiration timestamp
int(now + LEASE_INTERVAL),
)
- for renew
- in leases
+ for renew in leases
),
)
@@ -175,11 +175,13 @@ def integer_passes(limit):
passes. Successive calls to the function return unique pass values.
"""
counter = iter(range(limit))
+
def get_passes(message, num_passes):
result = list(islice(counter, num_passes))
if len(result) < num_passes:
raise NotEnoughTokens()
return result
+
return get_passes
@@ -196,8 +198,7 @@ def get_passes(message, count, signing_key):
"""
return list(
Pass(*pass_.split(u" "))
- for pass_
- in make_passes(
+ for pass_ in make_passes(
signing_key,
message,
list(RandomToken.create() for n in range(count)),
@@ -252,6 +253,7 @@ class _PassFactory(object):
:ivar list[int] returned: A list of passes which were given out but then
returned via ``IPassGroup.reset``.
"""
+
_get_passes = attr.ib()
returned = attr.ib(default=attr.Factory(list), init=False)
@@ -291,7 +293,9 @@ class _PassFactory(object):
def _mark_invalid(self, reason, passes):
for p in passes:
if p not in self.in_use:
- raise ValueError("Pass {} cannot be invalid, it is not in use.".format(p))
+ raise ValueError(
+ "Pass {} cannot be invalid, it is not in use.".format(p)
+ )
self.invalid.update(dict.fromkeys(passes, reason))
self.in_use.difference_update(passes)
diff --git a/src/_zkapauthorizer/tests/strategies.py b/src/_zkapauthorizer/tests/strategies.py
index 4fe4df3f2f0b58fc860651a7ff9c4ddc011f0688..74f4e598881ca49a894593542ef196747b70b009 100644
--- a/src/_zkapauthorizer/tests/strategies.py
+++ b/src/_zkapauthorizer/tests/strategies.py
@@ -101,6 +101,7 @@ _UNBLINDED_TOKEN_LENGTH = 96
# The length of a `VerificationSignature`, in bytes.
_VERIFICATION_SIGNATURE_LENGTH = 64
+
def tahoe_config_texts(storage_client_plugins, shares):
"""
Build the text of complete Tahoe-LAFS configurations for a node.
@@ -113,6 +114,7 @@ def tahoe_config_texts(storage_client_plugins, shares):
may be an integer or None to leave it unconfigured (and rely on the
default).
"""
+
def merge_shares(shares, the_rest):
for (k, v) in zip(("needed", "happy", "total"), shares):
if v is not None:
@@ -138,8 +140,7 @@ def tahoe_config_texts(storage_client_plugins, shares):
fixed_dictionaries(
{
"storageclient.plugins.{}".format(name): configs
- for (name, configs)
- in storage_client_plugins.items()
+ for (name, configs) in storage_client_plugins.items()
},
),
fixed_dictionaries(
@@ -198,13 +199,17 @@ def dummy_ristretto_keys():
They're not really because they're entirely random rather than points on
the curve.
"""
- return binary(
- min_size=32,
- max_size=32,
- ).map(
- b64encode,
- ).map(
- lambda bs: bs.decode("ascii"),
+ return (
+ binary(
+ min_size=32,
+ max_size=32,
+ )
+ .map(
+ b64encode,
+ )
+ .map(
+ lambda bs: bs.decode("ascii"),
+ )
)
@@ -216,17 +221,22 @@ def server_configurations(signing_key_path):
**ristretto-signing-key-path** item.
"""
return one_of(
- fixed_dictionaries({
- u"pass-value":
- # The configuration is ini so everything is always a byte string!
- integers(min_value=1).map(bytes),
- }),
+ fixed_dictionaries(
+ {
+ u"pass-value":
+ # The configuration is ini so everything is always a byte string!
+ integers(min_value=1).map(bytes),
+ }
+ ),
just({}),
).map(
- lambda config: config.update({
- u"ristretto-issuer-root-url": u"https://issuer.example.invalid/",
- u"ristretto-signing-key-path": signing_key_path.path,
- }) or config,
+ lambda config: config.update(
+ {
+ u"ristretto-issuer-root-url": u"https://issuer.example.invalid/",
+ u"ristretto-signing-key-path": signing_key_path.path,
+ }
+ )
+ or config,
)
@@ -274,26 +284,34 @@ def client_ristrettoredeemer_configurations():
"""
Build Ristretto-using configuration values for the client-side plugin.
"""
- return zkapauthz_configuration(just({
- u"ristretto-issuer-root-url": u"https://issuer.example.invalid/",
- u"redeemer": u"ristretto",
- }))
+ return zkapauthz_configuration(
+ just(
+ {
+ u"ristretto-issuer-root-url": u"https://issuer.example.invalid/",
+ u"redeemer": u"ristretto",
+ }
+ )
+ )
def client_dummyredeemer_configurations():
"""
Build DummyRedeemer-using configuration values for the client-side plugin.
"""
+
def share_a_key(allowed_keys):
return zkapauthz_configuration(
- just({
- u"redeemer": u"dummy",
- # Pick out one of the allowed public keys so that the dummy
- # appears to produce usable tokens.
- u"issuer-public-key": next(iter(allowed_keys)),
- }),
+ just(
+ {
+ u"redeemer": u"dummy",
+ # Pick out one of the allowed public keys so that the dummy
+ # appears to produce usable tokens.
+ u"issuer-public-key": next(iter(allowed_keys)),
+ }
+ ),
allowed_public_keys=just(allowed_keys),
)
+
return dummy_ristretto_keys_sets().flatmap(share_a_key)
@@ -309,42 +327,58 @@ def client_doublespendredeemer_configurations(default_token_counts=token_counts(
"""
Build DoubleSpendRedeemer-using configuration values for the client-side plugin.
"""
- return zkapauthz_configuration(just({
- u"redeemer": u"double-spend",
- }))
+ return zkapauthz_configuration(
+ just(
+ {
+ u"redeemer": u"double-spend",
+ }
+ )
+ )
def client_unpaidredeemer_configurations():
"""
Build UnpaidRedeemer-using configuration values for the client-side plugin.
"""
- return zkapauthz_configuration(just({
- u"redeemer": u"unpaid",
- }))
+ return zkapauthz_configuration(
+ just(
+ {
+ u"redeemer": u"unpaid",
+ }
+ )
+ )
def client_nonredeemer_configurations():
"""
Build NonRedeemer-using configuration values for the client-side plugin.
"""
- return zkapauthz_configuration(just({
- u"redeemer": u"non",
- }))
+ return zkapauthz_configuration(
+ just(
+ {
+ u"redeemer": u"non",
+ }
+ )
+ )
def client_errorredeemer_configurations(details):
"""
Build ErrorRedeemer-using configuration values for the client-side plugin.
"""
- return zkapauthz_configuration(just({
- u"redeemer": u"error",
- u"details": details,
- }))
+ return zkapauthz_configuration(
+ just(
+ {
+ u"redeemer": u"error",
+ u"details": details,
+ }
+ )
+ )
def direct_tahoe_configs(
- zkapauthz_v1_configuration=client_dummyredeemer_configurations(),
- shares=just((None, None, None)),
+ zkapauthz_v1_configuration=client_dummyredeemer_configurations(),
+ shares=just((None, None, None)),
):
"""
Build complete Tahoe-LAFS configurations including the zkapauthorizer
@@ -355,9 +389,12 @@ def direct_tahoe_configs(
:return SearchStrategy[_Config]: A strategy that builds Tahoe config
objects.
"""
- config_texts = minimal_tahoe_configs({
- u"privatestorageio-zkapauthz-v1": zkapauthz_v1_configuration,
- }, shares)
+ config_texts = minimal_tahoe_configs(
+ {
+ u"privatestorageio-zkapauthz-v1": zkapauthz_v1_configuration,
+ },
+ shares,
+ )
return config_texts.map(
lambda config_text: config_from_string(
u"/dev/null/illegal",
@@ -368,8 +405,8 @@ def direct_tahoe_configs(
def tahoe_configs(
- zkapauthz_v1_configuration=client_dummyredeemer_configurations(),
- shares=just((None, None, None)),
+ zkapauthz_v1_configuration=client_dummyredeemer_configurations(),
+ shares=just((None, None, None)),
):
"""
Build complete Tahoe-LAFS configurations including the zkapauthorizer
@@ -384,16 +421,16 @@ def tahoe_configs(
are the ``basedir`` and ``portnumfile`` arguments to Tahoe's
``config_from_string.``
"""
+
def path_setter(config):
def set_paths(basedir, portnumfile):
config._basedir = basedir.decode("ascii")
config.portnum_fname = portnumfile
return config
+
return set_paths
- return direct_tahoe_configs(
- zkapauthz_v1_configuration,
- shares,
- ).map(
+
+ return direct_tahoe_configs(zkapauthz_v1_configuration, shares,).map(
path_setter,
)
@@ -403,11 +440,7 @@ def share_parameters():
Build three-tuples of integers giving usable k, happy, N parameters to
Tahoe-LAFS' erasure encoding process.
"""
- return lists(
- integers(min_value=1, max_value=255),
- min_size=3,
- max_size=3,
- ).map(
+ return lists(integers(min_value=1, max_value=255), min_size=3, max_size=3,).map(
sorted,
)
@@ -416,13 +449,17 @@ def vouchers():
"""
Build unicode strings in the format of vouchers.
"""
- return binary(
- min_size=32,
- max_size=32,
- ).map(
- urlsafe_b64encode,
- ).map(
- lambda voucher: voucher.decode("ascii"),
+ return (
+ binary(
+ min_size=32,
+ max_size=32,
+ )
+ .map(
+ urlsafe_b64encode,
+ )
+ .map(
+ lambda voucher: voucher.decode("ascii"),
+ )
)
@@ -516,13 +553,12 @@ def byte_strings(label, length, entropy):
potentially the entire length is random.
"""
if len(label) + entropy > length:
- raise ValueError("Entropy and label don't fit into {} bytes".format(
- length,
- ))
- return binary(
- min_size=entropy,
- max_size=entropy,
- ).map(
+ raise ValueError(
+ "Entropy and label don't fit into {} bytes".format(
+ length,
+ )
+ )
+ return binary(min_size=entropy, max_size=entropy,).map(
lambda bs: label + b"x" * (length - entropy - len(label)) + bs,
)
@@ -531,14 +567,18 @@ def random_tokens():
"""
Build ``RandomToken`` instances.
"""
- return byte_strings(
- label=b"random-tokens",
- length=_TOKEN_LENGTH,
- entropy=4,
- ).map(
- b64encode,
- ).map(
- lambda token: RandomToken(token.decode("ascii")),
+ return (
+ byte_strings(
+ label=b"random-tokens",
+ length=_TOKEN_LENGTH,
+ entropy=4,
+ )
+ .map(
+ b64encode,
+ )
+ .map(
+ lambda token: RandomToken(token.decode("ascii")),
+ )
)
@@ -586,14 +626,18 @@ def unblinded_tokens():
base64 encode data. You cannot use these in the PrivacyPass cryptographic
protocol but you can put them into the database and take them out again.
"""
- return byte_strings(
- label=b"unblinded-tokens",
- length=_UNBLINDED_TOKEN_LENGTH,
- entropy=4,
- ).map(
- b64encode,
- ).map(
- lambda zkap: UnblindedToken(zkap.decode("ascii")),
+ return (
+ byte_strings(
+ label=b"unblinded-tokens",
+ length=_UNBLINDED_TOKEN_LENGTH,
+ entropy=4,
+ )
+ .map(
+ b64encode,
+ )
+ .map(
+ lambda zkap: UnblindedToken(zkap.decode("ascii")),
+ )
)
@@ -729,10 +773,7 @@ def shares():
"""
Build Tahoe-LAFS share data.
"""
- return tuples(
- sharenums(),
- sizes()
- ).map(
+ return tuples(sharenums(), sizes()).map(
lambda num_and_size: bytes_for_share(*num_and_size),
)
@@ -775,6 +816,7 @@ class TestAndWriteVectors(object):
``tw_vectors`` parameter accepted by
``RIStorageServer.slot_testv_and_readv_and_writev``.
"""
+
test_vector = attr.ib()
write_vector = attr.ib()
new_length = attr.ib()
@@ -822,13 +864,16 @@ def announcements():
"""
Build announcements for the ZKAPAuthorizer plugin.
"""
- return just({
- u"ristretto-issuer-root-url": u"https://issuer.example.invalid/",
- })
+ return just(
+ {
+ u"ristretto-issuer-root-url": u"https://issuer.example.invalid/",
+ }
+ )
_POSIX_EPOCH = datetime.utcfromtimestamp(0)
+
def posix_safe_datetimes():
"""
Build datetime instances in a range that can be represented as floats
@@ -869,10 +914,12 @@ def clocks(now=posix_timestamps()):
:param now: A strategy that builds POSIX timestamps (ie, ints or floats in
the range of time_t).
"""
+
def clock_at_time(when):
c = Clock()
c.advance(when)
return c
+
return now.map(clock_at_time)
@@ -936,6 +983,7 @@ def node_hierarchies():
Build hierarchies of ``IDirectoryNode`` and other ``IFilesystemNode``
(incomplete) providers.
"""
+
def storage_indexes_are_distinct(nodes):
seen = set()
for n in nodes.flatten():
@@ -945,10 +993,7 @@ def node_hierarchies():
seen.add(si)
return True
- return recursive(
- leaf_nodes(),
- directory_nodes,
- ).filter(
+ return recursive(leaf_nodes(), directory_nodes,).filter(
storage_indexes_are_distinct,
)
@@ -975,22 +1020,26 @@ def ristretto_signing_keys():
Build byte strings holding base64-encoded Ristretto signing keys, perhaps
with leading or trailing whitespace.
"""
- keys = sampled_from([
- # A few legit keys
- b"mkQf85V2vyLQRUYuqRb+Ke6K+M9pOtXm4MslsuCdBgg=",
- b"6f93OIdZHHAmSIaRXDSIU1UcN+sbDAh41TRPb5DhrgI=",
- b"k58h8yPT18epw+EKMJhwHFfoM6r3TIExKm4efQHNBgM=",
- b"rbaAlWZ3NCnl5oZ9meviGfpLbyJpgpuiuFOX0rLnNwQ=",
- ])
- whitespace = sampled_from([
- # maybe no whitespace at all
- b""
- # or maybe some
- b" ",
- b"\t",
- b"\n",
- b"\r\n",
- ])
+ keys = sampled_from(
+ [
+ # A few legit keys
+ b"mkQf85V2vyLQRUYuqRb+Ke6K+M9pOtXm4MslsuCdBgg=",
+ b"6f93OIdZHHAmSIaRXDSIU1UcN+sbDAh41TRPb5DhrgI=",
+ b"k58h8yPT18epw+EKMJhwHFfoM6r3TIExKm4efQHNBgM=",
+ b"rbaAlWZ3NCnl5oZ9meviGfpLbyJpgpuiuFOX0rLnNwQ=",
+ ]
+ )
+ whitespace = sampled_from(
+ [
+ # maybe no whitespace at all
+ b""
+ # or maybe some
+ b" ",
+ b"\t",
+ b"\n",
+ b"\r\n",
+ ]
+ )
return builds(
lambda leading, key, trailing: leading + key + trailing,
diff --git a/src/_zkapauthorizer/tests/test_base64.py b/src/_zkapauthorizer/tests/test_base64.py
index 4a988b6beae887138a8379210f2e76cae0aaab53..b699a9a8b8916611ba72533b1e6b8433f6e69ed5 100644
--- a/src/_zkapauthorizer/tests/test_base64.py
+++ b/src/_zkapauthorizer/tests/test_base64.py
@@ -47,6 +47,7 @@ class Base64Tests(TestCase):
"""
Tests for ``urlsafe_b64decode``.
"""
+
@given(binary())
def test_roundtrip(self, bytestring):
"""
diff --git a/src/_zkapauthorizer/tests/test_client_resource.py b/src/_zkapauthorizer/tests/test_client_resource.py
index e420b676f2171f804c989b9e183bce831250dd97..55d31f1b6fb38938081dfff32b58a1a7bde2e205 100644
--- a/src/_zkapauthorizer/tests/test_client_resource.py
+++ b/src/_zkapauthorizer/tests/test_client_resource.py
@@ -222,15 +222,14 @@ def not_vouchers():
"""
return one_of(
text().filter(
- lambda t: (
- not is_urlsafe_base64(t)
- ),
+ lambda t: (not is_urlsafe_base64(t)),
),
vouchers().map(
# Turn a valid voucher into a voucher that is invalid only by
# containing a character from the base64 alphabet in place of one
# from the urlsafe-base64 alphabet.
- lambda voucher: u"/" + voucher[1:],
+ lambda voucher: u"/"
+ + voucher[1:],
),
)
@@ -254,16 +253,20 @@ def invalid_bodies():
"""
return one_of(
# The wrong key but the right kind of value.
- fixed_dictionaries({
- u"some-key": vouchers(),
- }).map(dumps),
+ fixed_dictionaries(
+ {
+ u"some-key": vouchers(),
+ }
+ ).map(dumps),
# The right key but the wrong kind of value.
- fixed_dictionaries({
- u"voucher": one_of(
- integers(),
- not_vouchers(),
- ),
- }).map(dumps),
+ fixed_dictionaries(
+ {
+ u"voucher": one_of(
+ integers(),
+ not_vouchers(),
+ ),
+ }
+ ).map(dumps),
# Not even JSON
binary().filter(is_not_json),
)
@@ -369,6 +372,7 @@ class FromConfigurationTests(TestCase):
"""
Tests for ``from_configuration``.
"""
+
@given(tahoe_configs())
def test_allowed_public_keys(self, get_config):
"""
@@ -393,6 +397,7 @@ class GetTokenCountTests(TestCase):
"""
Tests for ``get_token_count``.
"""
+
@given(one_of(none(), integers(min_value=16)))
def test_get_token_count(self, token_count):
"""
@@ -405,13 +410,15 @@ class GetTokenCountTests(TestCase):
token_config = {}
else:
expected_count = token_count
- token_config = {
- u"default-token-count": u"{}".format(expected_count)
- }
+ token_config = {u"default-token-count": u"{}".format(expected_count)}
- config_text = config_string_from_sections([{
- u"storageclient.plugins." + plugin_name: token_config,
- }])
+ config_text = config_string_from_sections(
+ [
+ {
+ u"storageclient.plugins." + plugin_name: token_config,
+ }
+ ]
+ )
node_config = config_from_string(
self.useFixture(TempDir()).join(b"tahoe"),
u"tub.port",
@@ -427,6 +434,7 @@ class ResourceTests(TestCase):
"""
General tests for the resources exposed by the plugin.
"""
+
@given(
tahoe_configs(),
request_paths(),
@@ -459,11 +467,15 @@ class ResourceTests(TestCase):
@given(
tahoe_configs(),
- requests(sampled_from([
- [b"unblinded-token"],
- [b"voucher"],
- [b"version"],
- ])),
+ requests(
+ sampled_from(
+ [
+ [b"unblinded-token"],
+ [b"voucher"],
+ [b"version"],
+ ]
+ )
+ ),
)
def test_reachable(self, get_config, request):
"""
@@ -534,11 +546,11 @@ class UnblindedTokenTests(TestCase):
Tests relating to ``/unblinded-token`` as implemented by the
``_zkapauthorizer.resource`` module.
"""
+
def setUp(self):
super(UnblindedTokenTests, self).setUp()
self.useFixture(CaptureTwistedLogs())
-
@given(
tahoe_configs(),
api_auth_tokens(),
@@ -558,11 +570,15 @@ class UnblindedTokenTests(TestCase):
)
root = root_from_config(config, datetime.now)
agent = RequestTraversalAgent(root)
- data = BytesIO(dumps({u"unblinded-tokens": list(
- token.unblinded_token
- for token
- in unblinded_tokens
- )}))
+ data = BytesIO(
+ dumps(
+ {
+ u"unblinded-tokens": list(
+ token.unblinded_token for token in unblinded_tokens
+ )
+ }
+ )
+ )
requesting = authorized_request(
api_auth_token,
@@ -582,11 +598,7 @@ class UnblindedTokenTests(TestCase):
self.assertThat(
stored_tokens,
- Equals(list(
- token.unblinded_token
- for token
- in unblinded_tokens
- )),
+ Equals(list(token.unblinded_token for token in unblinded_tokens)),
)
@given(
@@ -694,7 +706,9 @@ class UnblindedTokenTests(TestCase):
maybe_extra_tokens(),
text(max_size=64),
)
- def test_get_position(self, get_config, api_auth_token, voucher, extra_tokens, position):
+ def test_get_position(
+ self, get_config, api_auth_token, voucher, extra_tokens, position
+ ):
"""
When the unblinded token collection receives a **GET** with a **position**
query argument, it returns all unblinded tokens which sort greater
@@ -754,16 +768,21 @@ class UnblindedTokenTests(TestCase):
integers(min_value=1, max_value=16),
integers(min_value=1, max_value=128),
)
- def test_get_order_matches_use_order(self, get_config, api_auth_token, voucher, num_redemption_groups, extra_tokens):
+ def test_get_order_matches_use_order(
+ self, get_config, api_auth_token, voucher, num_redemption_groups, extra_tokens
+ ):
"""
The first unblinded token returned in a response to a **GET** request is
the first token to be used to authorize a storage request.
"""
+
def after(d, f):
new_d = Deferred()
+
def f_and_continue(result):
maybeDeferred(f).chainDeferred(new_d)
return result
+
d.addCallback(f_and_continue)
return new_d
@@ -812,7 +831,8 @@ class UnblindedTokenTests(TestCase):
gatherResults([getting_initial_tokens, getting_tokens_after]),
succeeded(
MatchesPredicate(
- lambda (initial_tokens, tokens_after): initial_tokens[1:] == tokens_after,
+ lambda (initial_tokens, tokens_after): initial_tokens[1:]
+ == tokens_after,
u"initial, after (%s): initial[1:] != after",
),
),
@@ -829,7 +849,9 @@ class UnblindedTokenTests(TestCase):
),
datetimes(),
)
- def test_latest_lease_maintenance_spending(self, get_config, api_auth_token, size_observations, now):
+ def test_latest_lease_maintenance_spending(
+ self, get_config, api_auth_token, size_observations, now
+ ):
"""
The most recently completed record of lease maintenance spending activity
is reported in the response to a **GET** request.
@@ -862,18 +884,22 @@ class UnblindedTokenTests(TestCase):
)
self.assertThat(
d,
- succeeded(Equals({
- "when": now.isoformat(),
- "count": total,
- })),
+ succeeded(
+ Equals(
+ {
+ "when": now.isoformat(),
+ "count": total,
+ }
+ )
+ ),
)
def succeeded_with_unblinded_tokens_with_matcher(
- all_token_count,
- match_spendable_token_count,
- match_unblinded_tokens,
- match_lease_maint_spending,
+ all_token_count,
+ match_spendable_token_count,
+ match_unblinded_tokens,
+ match_lease_maint_spending,
):
"""
:return: A matcher which matches a Deferred which fires with a response
@@ -894,17 +920,20 @@ def succeeded_with_unblinded_tokens_with_matcher(
AfterPreprocessing(
json_content,
succeeded(
- ContainsDict({
- u"total": Equals(all_token_count),
- u"spendable": match_spendable_token_count,
- u"unblinded-tokens": match_unblinded_tokens,
- u"lease-maintenance-spending": match_lease_maint_spending,
- }),
+ ContainsDict(
+ {
+ u"total": Equals(all_token_count),
+ u"spendable": match_spendable_token_count,
+ u"unblinded-tokens": match_unblinded_tokens,
+ u"lease-maintenance-spending": match_lease_maint_spending,
+ }
+ ),
),
),
),
)
+
def succeeded_with_unblinded_tokens(all_token_count, returned_token_count):
"""
:return: A matcher which matches a Deferred which fires with a response
@@ -926,6 +955,7 @@ def succeeded_with_unblinded_tokens(all_token_count, returned_token_count):
match_lease_maint_spending=matches_lease_maintenance_spending(),
)
+
def matches_lease_maintenance_spending():
"""
:return: A matcher which matches the value of the
@@ -934,18 +964,22 @@ def matches_lease_maintenance_spending():
"""
return MatchesAny(
Is(None),
- ContainsDict({
- u"when": matches_iso8601_datetime(),
- u"amount": matches_positive_integer(),
- }),
+ ContainsDict(
+ {
+ u"when": matches_iso8601_datetime(),
+ u"amount": matches_positive_integer(),
+ }
+ ),
)
+
def matches_positive_integer():
return MatchesAll(
IsInstance(int),
GreaterThan(0),
)
+
def matches_iso8601_datetime():
"""
:return: A matcher which matches unicode strings which can be parsed as an
@@ -959,17 +993,18 @@ def matches_iso8601_datetime():
),
)
+
class VoucherTests(TestCase):
"""
Tests relating to ``/voucher`` as implemented by the
``_zkapauthorizer.resource`` module and its handling of
vouchers.
"""
+
def setUp(self):
super(VoucherTests, self).setUp()
self.useFixture(CaptureTwistedLogs())
-
@given(tahoe_configs(), api_auth_tokens(), vouchers())
def test_put_voucher(self, get_config, api_auth_token, voucher):
"""
@@ -1067,7 +1102,6 @@ class VoucherTests(TestCase):
),
)
-
@given(tahoe_configs(), api_auth_tokens(), vouchers())
def test_get_unknown_voucher(self, get_config, api_auth_token, voucher):
"""
@@ -1118,10 +1152,12 @@ class VoucherTests(TestCase):
number=Equals(voucher),
expected_tokens=Equals(count),
created=Equals(now),
- state=Equals(Redeeming(
- started=now,
- counter=0,
- )),
+ state=Equals(
+ Redeeming(
+ started=now,
+ counter=0,
+ )
+ ),
),
)
@@ -1148,10 +1184,12 @@ class VoucherTests(TestCase):
number=Equals(voucher),
expected_tokens=Equals(count),
created=Equals(now),
- state=Equals(Redeemed(
- finished=now,
- token_count=count,
- )),
+ state=Equals(
+ Redeemed(
+ finished=now,
+ token_count=count,
+ )
+ ),
),
)
@@ -1179,9 +1217,11 @@ class VoucherTests(TestCase):
number=Equals(voucher),
expected_tokens=Equals(count),
created=Equals(now),
- state=Equals(DoubleSpend(
- finished=now,
- )),
+ state=Equals(
+ DoubleSpend(
+ finished=now,
+ )
+ ),
),
)
@@ -1209,9 +1249,11 @@ class VoucherTests(TestCase):
number=Equals(voucher),
expected_tokens=Equals(count),
created=Equals(now),
- state=Equals(Unpaid(
- finished=now,
- )),
+ state=Equals(
+ Unpaid(
+ finished=now,
+ )
+ ),
),
)
@@ -1239,14 +1281,18 @@ class VoucherTests(TestCase):
number=Equals(voucher),
expected_tokens=Equals(count),
created=Equals(now),
- state=Equals(Error(
- finished=now,
- details=TRANSIENT_ERROR,
- )),
+ state=Equals(
+ Error(
+ finished=now,
+ details=TRANSIENT_ERROR,
+ )
+ ),
),
)
- def _test_get_known_voucher(self, config, api_auth_token, now, voucher, voucher_matcher):
+ def _test_get_known_voucher(
+ self, config, api_auth_token, now, voucher, voucher_matcher
+ ):
"""
Assert that a voucher that is ``PUT`` and then ``GET`` is represented in
the JSON response.
@@ -1321,21 +1367,22 @@ class VoucherTests(TestCase):
api_auth_token,
now,
vouchers,
- Equals({
- u"vouchers": list(
- Voucher(
- number=voucher,
- expected_tokens=count,
- created=now,
- state=Redeemed(
- finished=now,
- token_count=count,
- ),
- ).marshal()
- for voucher
- in vouchers
- ),
- }),
+ Equals(
+ {
+ u"vouchers": list(
+ Voucher(
+ number=voucher,
+ expected_tokens=count,
+ created=now,
+ state=Redeemed(
+ finished=now,
+ token_count=count,
+ ),
+ ).marshal()
+ for voucher in vouchers
+ ),
+ }
+ ),
)
@given(
@@ -1344,7 +1391,9 @@ class VoucherTests(TestCase):
datetimes(),
lists(vouchers(), unique=True),
)
- def test_list_vouchers_transient_states(self, config, api_auth_token, now, vouchers):
+ def test_list_vouchers_transient_states(
+ self, config, api_auth_token, now, vouchers
+ ):
"""
A ``GET`` to the ``VoucherCollection`` itself returns a list of existing
vouchers including state information that reflects transient states.
@@ -1355,23 +1404,26 @@ class VoucherTests(TestCase):
api_auth_token,
now,
vouchers,
- Equals({
- u"vouchers": list(
- Voucher(
- number=voucher,
- expected_tokens=count,
- created=now,
- state=Unpaid(
- finished=now,
- ),
- ).marshal()
- for voucher
- in vouchers
- ),
- }),
+ Equals(
+ {
+ u"vouchers": list(
+ Voucher(
+ number=voucher,
+ expected_tokens=count,
+ created=now,
+ state=Unpaid(
+ finished=now,
+ ),
+ ).marshal()
+ for voucher in vouchers
+ ),
+ }
+ ),
)
- def _test_list_vouchers(self, config, api_auth_token, now, vouchers, match_response_object):
+ def _test_list_vouchers(
+ self, config, api_auth_token, now, vouchers, match_response_object
+ ):
add_api_token_to_config(
# Hypothesis causes our test case instances to be re-used many
# times between setUp and tearDown. Avoid re-using the same
@@ -1434,13 +1486,17 @@ def mime_types(blacklist=None):
"""
if blacklist is None:
blacklist = set()
- return tuples(
- text(),
- text(),
- ).map(
- b"/".join,
- ).filter(
- lambda content_type: content_type not in blacklist,
+ return (
+ tuples(
+ text(),
+ text(),
+ )
+ .map(
+ b"/".join,
+ )
+ .filter(
+ lambda content_type: content_type not in blacklist,
+ )
)
@@ -1449,6 +1505,7 @@ class Request(object):
"""
Represent some of the parameters of an HTTP request.
"""
+
method = attr.ib()
headers = attr.ib()
data = attr.ib()
@@ -1460,23 +1517,25 @@ def bad_calculate_price_requests():
``/calculate-price`` endpoint.
"""
good_methods = just(b"POST")
- bad_methods = sampled_from([
- b"GET",
- b"HEAD",
- b"PUT",
- b"PATCH",
- b"OPTIONS",
- b"FOO",
- ])
+ bad_methods = sampled_from(
+ [
+ b"GET",
+ b"HEAD",
+ b"PUT",
+ b"PATCH",
+ b"OPTIONS",
+ b"FOO",
+ ]
+ )
good_headers = just({b"content-type": [b"application/json"]})
- bad_headers = fixed_dictionaries({
- b"content-type": mime_types(
- blacklist={b"application/json"},
- ).map(
- lambda content_type: [content_type],
- ),
- })
+ bad_headers = fixed_dictionaries(
+ {
+ b"content-type": mime_types(blacklist={b"application/json"},).map(
+ lambda content_type: [content_type],
+ ),
+ }
+ )
good_version = just(1)
bad_version = one_of(
@@ -1495,20 +1554,26 @@ def bad_calculate_price_requests():
lists(integers(max_value=-1), min_size=1),
)
- good_data = fixed_dictionaries({
- u"version": good_version,
- u"sizes": good_sizes,
- }).map(dumps)
+ good_data = fixed_dictionaries(
+ {
+ u"version": good_version,
+ u"sizes": good_sizes,
+ }
+ ).map(dumps)
- bad_data_version = fixed_dictionaries({
- u"version": bad_version,
- u"sizes": good_sizes,
- }).map(dumps)
+ bad_data_version = fixed_dictionaries(
+ {
+ u"version": bad_version,
+ u"sizes": good_sizes,
+ }
+ ).map(dumps)
- bad_data_sizes = fixed_dictionaries({
- u"version": good_version,
- u"sizes": bad_sizes,
- }).map(dumps)
+ bad_data_sizes = fixed_dictionaries(
+ {
+ u"version": good_version,
+ u"sizes": bad_sizes,
+ }
+ ).map(dumps)
bad_data_other = dictionaries(
text(),
@@ -1537,13 +1602,8 @@ def bad_calculate_price_requests():
fields[key] = value
return fields
- return sampled_from(
- bad_choices,
- ).flatmap(
- lambda bad_choice: builds(
- Request,
- **merge(good_fields, *bad_choice)
- ),
+ return sampled_from(bad_choices,).flatmap(
+ lambda bad_choice: builds(Request, **merge(good_fields, *bad_choice)),
)
@@ -1552,6 +1612,7 @@ class CalculatePriceTests(TestCase):
Tests relating to ``/calculate-price`` as implemented by the
``_zkapauthorizer.resource`` module.
"""
+
url = b"http://127.0.0.1/calculate-price"
@given(
@@ -1617,7 +1678,9 @@ class CalculatePriceTests(TestCase):
api_auth_tokens(),
lists(integers(min_value=0)),
)
- def test_calculated_price(self, encoding_params_and_get_config, api_auth_token, sizes):
+ def test_calculated_price(
+ self, encoding_params_and_get_config, api_auth_token, sizes
+ ):
"""
A well-formed request returns the price in ZKAPs as an integer and the
storage period (the minimum allowed) that they pay for.
@@ -1654,10 +1717,12 @@ class CalculatePriceTests(TestCase):
headers_matcher=application_json(),
body_matcher=AfterPreprocessing(
loads,
- Equals({
- u"price": expected_price,
- u"period": get_configured_lease_duration(config),
- }),
+ Equals(
+ {
+ u"price": expected_price,
+ u"period": get_configured_lease_duration(config),
+ }
+ ),
),
),
),
@@ -1705,10 +1770,12 @@ class _MatchResponse(object):
_details = attr.ib(default=attr.Factory(dict))
def match(self, response):
- self._details.update({
- u"code": response.code,
- u"headers": response.headers.getAllRawHeaders(),
- })
+ self._details.update(
+ {
+ u"code": response.code,
+ u"headers": response.headers.getAllRawHeaders(),
+ }
+ )
return MatchesStructure(
code=self.code,
headers=self.headers,
diff --git a/src/_zkapauthorizer/tests/test_controller.py b/src/_zkapauthorizer/tests/test_controller.py
index cf7726f913566ca06412d523b9c80c7126987017..21fb0937adf5302b0c5df87d70511c18f15a34da 100644
--- a/src/_zkapauthorizer/tests/test_controller.py
+++ b/src/_zkapauthorizer/tests/test_controller.py
@@ -155,6 +155,7 @@ class TokenCountForGroupTests(TestCase):
"""
Tests for ``token_count_for_group``.
"""
+
@given(
integers(),
integers(),
@@ -167,9 +168,7 @@ class TokenCountForGroupTests(TestCase):
range then ``ValueError`` is raised.
"""
assume(
- group_number < 0 or
- group_number >= num_groups or
- total_tokens < num_groups
+ group_number < 0 or group_number >= num_groups or total_tokens < num_groups
)
self.assertThat(
lambda: token_count_for_group(num_groups, total_tokens, group_number),
@@ -189,8 +188,7 @@ class TokenCountForGroupTests(TestCase):
self.assertThat(
sum(
token_count_for_group(num_groups, total_tokens, group_number)
- for group_number
- in range(num_groups)
+ for group_number in range(num_groups)
),
Equals(total_tokens),
)
@@ -211,8 +209,7 @@ class TokenCountForGroupTests(TestCase):
self.assertThat(
list(
token_count_for_group(num_groups, total_tokens, group_number)
- for group_number
- in range(num_groups)
+ for group_number in range(num_groups)
),
AllMatch(between(lower_bound, upper_bound)),
)
@@ -222,6 +219,7 @@ class PaymentControllerTests(TestCase):
"""
Tests for ``PaymentController``.
"""
+
@given(tahoe_configs(), datetimes(), vouchers(), dummy_ristretto_keys())
def test_should_not_redeem(self, get_config, now, voucher, public_key):
"""
@@ -284,7 +282,13 @@ class PaymentControllerTests(TestCase):
Equals(model_Pending(counter=0)),
)
- @given(tahoe_configs(), datetimes(), vouchers(), voucher_counters(), dummy_ristretto_keys())
+ @given(
+ tahoe_configs(),
+ datetimes(),
+ vouchers(),
+ voucher_counters(),
+ dummy_ristretto_keys(),
+ )
def test_redeeming(self, get_config, now, voucher, num_successes, public_key):
"""
A ``Voucher`` is marked redeeming while ``IRedeemer.redeem`` is actively
@@ -296,8 +300,7 @@ class PaymentControllerTests(TestCase):
# that.
counter = num_successes + 1
redeemer = IndexedRedeemer(
- [DummyRedeemer(public_key)] * num_successes +
- [NonRedeemer()],
+ [DummyRedeemer(public_key)] * num_successes + [NonRedeemer()],
)
store = self.useFixture(TemporaryVoucherStore(get_config, lambda: now)).store
controller = PaymentController(
@@ -320,10 +323,12 @@ class PaymentControllerTests(TestCase):
controller_voucher = controller.get_voucher(voucher)
self.assertThat(
controller_voucher.state,
- Equals(model_Redeeming(
- started=now,
- counter=num_successes,
- )),
+ Equals(
+ model_Redeeming(
+ started=now,
+ counter=num_successes,
+ )
+ ),
)
@given(
@@ -334,7 +339,9 @@ class PaymentControllerTests(TestCase):
voucher_counters().map(lambda v: v + 1),
dummy_ristretto_keys(),
)
- def test_restart_redeeming(self, get_config, now, voucher, before_restart, after_restart, public_key):
+ def test_restart_redeeming(
+ self, get_config, now, voucher, before_restart, after_restart, public_key
+ ):
"""
If some redemption groups for a voucher have succeeded but the process is
interrupted, redemption begins at the first incomplete redemption
@@ -360,8 +367,8 @@ class PaymentControllerTests(TestCase):
store,
# It will let `before_restart` attempts succeed before hanging.
IndexedRedeemer(
- [DummyRedeemer(public_key)] * before_restart +
- [NonRedeemer()] * after_restart,
+ [DummyRedeemer(public_key)] * before_restart
+ + [NonRedeemer()] * after_restart,
),
default_token_count=num_tokens,
num_redemption_groups=num_redemption_groups,
@@ -381,8 +388,8 @@ class PaymentControllerTests(TestCase):
# It will succeed only for the higher counter values which did
# not succeed or did not get started on the first try.
IndexedRedeemer(
- [NonRedeemer()] * before_restart +
- [DummyRedeemer(public_key)] * after_restart,
+ [NonRedeemer()] * before_restart
+ + [DummyRedeemer(public_key)] * after_restart,
),
# The default token count for this new controller doesn't
# matter. The redemption attempt already started with some
@@ -410,8 +417,16 @@ class PaymentControllerTests(TestCase):
),
)
- @given(tahoe_configs(), datetimes(), vouchers(), voucher_counters(), integers(min_value=0, max_value=100))
- def test_stop_redeeming_on_error(self, get_config, now, voucher, counter, extra_tokens):
+ @given(
+ tahoe_configs(),
+ datetimes(),
+ vouchers(),
+ voucher_counters(),
+ integers(min_value=0, max_value=100),
+ )
+ def test_stop_redeeming_on_error(
+ self, get_config, now, voucher, counter, extra_tokens
+ ):
"""
If an error is encountered on one of the redemption attempts performed by
``IRedeemer.redeem``, the effort is suspended until the normal retry
@@ -463,10 +478,12 @@ class PaymentControllerTests(TestCase):
persisted_voucher = store.get(voucher)
self.assertThat(
persisted_voucher.state,
- Equals(model_Redeemed(
- finished=now,
- token_count=100,
- )),
+ Equals(
+ model_Redeemed(
+ finished=now,
+ token_count=100,
+ )
+ ),
)
@given(tahoe_configs(), datetimes(), vouchers())
@@ -492,9 +509,11 @@ class PaymentControllerTests(TestCase):
self.assertThat(
persisted_voucher,
MatchesStructure(
- state=Equals(model_DoubleSpend(
- finished=now,
- )),
+ state=Equals(
+ model_DoubleSpend(
+ finished=now,
+ )
+ ),
),
)
@@ -578,7 +597,7 @@ class PaymentControllerTests(TestCase):
MatchesStructure(
finished=Equals(datetime_now()),
),
- )
+ ),
)
# Some time passes.
@@ -618,7 +637,10 @@ class PaymentControllerTests(TestCase):
unique=True,
).map(
# Split the keys into allowed and disallowed groups
- lambda public_keys: (public_keys[:num_allowed_key_groups], public_keys[num_allowed_key_groups:]),
+ lambda public_keys: (
+ public_keys[:num_allowed_key_groups],
+ public_keys[num_allowed_key_groups:],
+ ),
),
),
),
@@ -626,7 +648,9 @@ class PaymentControllerTests(TestCase):
# required by the number of redemption groups we have.
integers(min_value=0, max_value=32),
)
- def test_sequester_tokens_for_untrusted_key(self, random, clock, voucher, public_keys, extra_token_count):
+ def test_sequester_tokens_for_untrusted_key(
+ self, random, clock, voucher, public_keys, extra_token_count
+ ):
"""
All unblinded tokens which are returned from the redemption process
associated with a public key that the controller has not been
@@ -655,11 +679,7 @@ class PaymentControllerTests(TestCase):
datetime_now = lambda: datetime.utcfromtimestamp(clock.seconds())
store = self.useFixture(ConfiglessMemoryVoucherStore(datetime_now)).store
- redeemers = list(
- DummyRedeemer(public_key)
- for public_key
- in all_public_keys
- )
+ redeemers = list(DummyRedeemer(public_key) for public_key in all_public_keys)
controller = PaymentController(
store,
@@ -678,12 +698,14 @@ class PaymentControllerTests(TestCase):
)
def count_in_group(public_keys, key_group):
- return sum((
- token_count_for_group(num_redemption_groups, token_count, n)
- for n, public_key
- in enumerate(public_keys)
- if public_key in key_group
- ), 0)
+ return sum(
+ (
+ token_count_for_group(num_redemption_groups, token_count, n)
+ for n, public_key in enumerate(public_keys)
+ if public_key in key_group
+ ),
+ 0,
+ )
allowed_token_count = count_in_group(all_public_keys, allowed_public_keys)
disallowed_token_count = count_in_group(all_public_keys, disallowed_public_keys)
@@ -723,8 +745,7 @@ class PaymentControllerTests(TestCase):
unblinded_token
for counter, redeemer in enumerate(redeemers)
if redeemer._public_key in allowed_public_keys
- for unblinded_token
- in redeemer.redeemWithCounter(
+ for unblinded_token in redeemer.redeemWithCounter(
voucher_obj,
counter,
redeemer.random_tokens_for_voucher(
@@ -746,10 +767,12 @@ class PaymentControllerTests(TestCase):
NOWHERE = URL.from_text(u"https://127.0.0.1/")
+
class RistrettoRedeemerTests(TestCase):
"""
Tests for ``RistrettoRedeemer``.
"""
+
def test_interface(self):
"""
An ``RistrettoRedeemer`` instance provides ``IRedeemer``.
@@ -937,9 +960,11 @@ class RistrettoRedeemerTests(TestCase):
counter,
random_tokens,
)
+
def unblinded_tokens_to_passes(result):
passes = redeemer.tokens_to_passes(message, result.unblinded_tokens)
return passes
+
d.addCallback(unblinded_tokens_to_passes)
self.assertThat(
@@ -974,39 +999,32 @@ def ristretto_verify(signing_key, message, marshaled_passes):
``marshaled_passes`` pass the Ristretto-defined verification for an
exchange using the given signing key and message.
"""
+
def decode(marshaled_pass):
t, s = marshaled_pass.split(u" ")
return (
TokenPreimage.decode_base64(t.encode("ascii")),
VerificationSignature.decode_base64(s.encode("ascii")),
)
+
servers_passes = list(
- decode(marshaled_pass.pass_text)
- for marshaled_pass
- in marshaled_passes
+ decode(marshaled_pass.pass_text) for marshaled_pass in marshaled_passes
)
servers_unblinded_tokens = list(
signing_key.rederive_unblinded_token(token_preimage)
- for (token_preimage, sig)
- in servers_passes
- )
- servers_verification_sigs = list(
- sig
- for (token_preimage, sig)
- in servers_passes
+ for (token_preimage, sig) in servers_passes
)
+ servers_verification_sigs = list(sig for (token_preimage, sig) in servers_passes)
servers_verification_keys = list(
unblinded_token.derive_verification_key_sha512()
- for unblinded_token
- in servers_unblinded_tokens
+ for unblinded_token in servers_unblinded_tokens
)
invalid_passes = list(
key.invalid_sha512(
sig,
message,
)
- for (key, sig)
- in zip(servers_verification_keys, servers_verification_sigs)
+ for (key, sig) in zip(servers_verification_keys, servers_verification_sigs)
)
return not any(invalid_passes)
@@ -1038,6 +1056,7 @@ class UnexpectedResponseRedemption(Resource):
An ``UnexpectedResponseRedemption`` simulates the Ristretto redemption
server but always returns a non-JSON error response.
"""
+
def render_POST(self, request):
request.setResponseCode(INTERNAL_SERVER_ERROR)
return b"Sorry, this server does not behave well."
@@ -1049,6 +1068,7 @@ class AlreadySpentRedemption(Resource):
but always refuses to allow vouchers to be redeemed and reports an error
that the voucher has already been redeemed.
"""
+
def render_POST(self, request):
request_error = check_redemption_request(request)
if request_error is not None:
@@ -1063,6 +1083,7 @@ class UnpaidRedemption(Resource):
always refuses to allow vouchers to be redeemed and reports an error that
the voucher has not been paid for.
"""
+
def render_POST(self, request):
request_error = check_redemption_request(request)
if request_error is not None:
@@ -1086,18 +1107,14 @@ class RistrettoRedemption(Resource):
marshaled_blinded_tokens = request_body[u"redeemTokens"]
servers_blinded_tokens = list(
BlindedToken.decode_base64(marshaled_blinded_token.encode("ascii"))
- for marshaled_blinded_token
- in marshaled_blinded_tokens
+ for marshaled_blinded_token in marshaled_blinded_tokens
)
servers_signed_tokens = list(
self.signing_key.sign(blinded_token)
- for blinded_token
- in servers_blinded_tokens
+ for blinded_token in servers_blinded_tokens
)
marshaled_signed_tokens = list(
- signed_token.encode_base64()
- for signed_token
- in servers_signed_tokens
+ signed_token.encode_base64() for signed_token in servers_signed_tokens
)
servers_proof = BatchDLEQProof.create(
self.signing_key,
@@ -1109,18 +1126,21 @@ class RistrettoRedemption(Resource):
finally:
servers_proof.destroy()
- return dumps({
- u"success": True,
- u"public-key": self.public_key.encode_base64(),
- u"signatures": marshaled_signed_tokens,
- u"proof": marshaled_proof,
- })
+ return dumps(
+ {
+ u"success": True,
+ u"public-key": self.public_key.encode_base64(),
+ u"signatures": marshaled_signed_tokens,
+ u"proof": marshaled_proof,
+ }
+ )
class CheckRedemptionRequestTests(TestCase):
"""
Tests for ``check_redemption_request``.
"""
+
def test_content_type(self):
"""
If the request content-type is not application/json, the response is
@@ -1197,6 +1217,7 @@ class CheckRedemptionRequestTests(TestCase):
),
)
+
def check_redemption_request(request):
"""
Verify that the given request conforms to the redemption server's public
@@ -1218,7 +1239,8 @@ def check_redemption_request(request):
actual_keys = set(request_body.keys())
if expected_keys != actual_keys:
return bad_request(
- request, {
+ request,
+ {
u"success": False,
u"reason": u"{} != {}".format(
expected_keys,
diff --git a/src/_zkapauthorizer/tests/test_foolscap.py b/src/_zkapauthorizer/tests/test_foolscap.py
index 5912b3531c32e8b896834a77f88d66469aea0d85..c62fb10f87b7116b6a1ecac90d448261728518d7 100644
--- a/src/_zkapauthorizer/tests/test_foolscap.py
+++ b/src/_zkapauthorizer/tests/test_foolscap.py
@@ -81,6 +81,7 @@ from ..foolscap import (
ShareStat,
)
+
class IHasSchema(RemoteInterface):
def method(arg=int):
return bytes
@@ -111,6 +112,7 @@ class LocalRemoteTests(TestCase):
"""
Tests for the ``LocalRemote`` test double.
"""
+
@given(
ref=one_of(
just(remote_reference()),
@@ -195,6 +197,7 @@ class LocalRemoteTests(TestCase):
``LocalRemote.callRemote`` returns a ``Deferred`` that fires with a
failure if the method's result cannot be serialized.
"""
+
class BrokenResultReferenceable(DummyReferenceable):
def doRemoteCall(self, *a, **kw):
return BrokenCopyable()
@@ -224,6 +227,7 @@ class SerializationTests(TrialTestCase):
"""
Tests for the serialization of types used in the Foolscap API.
"""
+
def test_sharestat(self):
"""
A ``ShareStat`` instance can be sent as an argument to and received in a
diff --git a/src/_zkapauthorizer/tests/test_lease_maintenance.py b/src/_zkapauthorizer/tests/test_lease_maintenance.py
index 142eff8243620f67de7d2aabf396c3f7badde3b6..d13dd635c2e70de97220ab309ce4b59829780b70 100644
--- a/src/_zkapauthorizer/tests/test_lease_maintenance.py
+++ b/src/_zkapauthorizer/tests/test_lease_maintenance.py
@@ -146,16 +146,18 @@ class DummyStorageServer(object):
:ivar dict[bytes, ShareStat] buckets: A mapping from storage index to
metadata about shares at that storage index.
"""
+
clock = attr.ib()
buckets = attr.ib()
lease_seed = attr.ib()
def stat_shares(self, storage_indexes):
- return succeed(list(
- {0: self.buckets[idx]} if idx in self.buckets else {}
- for idx
- in storage_indexes
- ))
+ return succeed(
+ list(
+ {0: self.buckets[idx]} if idx in self.buckets else {}
+ for idx in storage_indexes
+ )
+ )
def get_lease_seed(self):
return self.lease_seed
@@ -227,6 +229,7 @@ class DummyServer(object):
"""
A partial implementation of a Tahoe-LAFS "native" storage server.
"""
+
_storage_server = attr.ib()
def get_storage_server(self):
@@ -239,6 +242,7 @@ class DummyStorageBroker(object):
"""
A partial implementation of a Tahoe-LAFS storage broker.
"""
+
clock = attr.ib()
_storage_servers = attr.ib()
@@ -259,6 +263,7 @@ class LeaseMaintenanceServiceTests(TestCase):
"""
Tests for the service returned by ``lease_maintenance_service``.
"""
+
@given(randoms())
def test_interface(self, random):
"""
@@ -268,7 +273,7 @@ class LeaseMaintenanceServiceTests(TestCase):
service = lease_maintenance_service(
dummy_maintain_leases,
clock,
- FilePath(self.useFixture(TempDir()).join(u"last-run")),
+ FilePath(self.useFixture(TempDir()).join("last-run")),
random,
)
self.assertThat(
@@ -296,7 +301,7 @@ class LeaseMaintenanceServiceTests(TestCase):
service = lease_maintenance_service(
dummy_maintain_leases,
clock,
- FilePath(self.useFixture(TempDir()).join(u"last-run")),
+ FilePath(self.useFixture(TempDir()).join("last-run")),
random,
mean,
range_,
@@ -333,7 +338,7 @@ class LeaseMaintenanceServiceTests(TestCase):
# Figure out the absolute last run time.
last_run = datetime_now - since_last_run
- last_run_path = FilePath(self.useFixture(TempDir()).join(u"last-run"))
+ last_run_path = FilePath(self.useFixture(TempDir()).join("last-run"))
last_run_path.setContent(last_run.isoformat())
service = lease_maintenance_service(
@@ -359,9 +364,16 @@ class LeaseMaintenanceServiceTests(TestCase):
datetime_now + mean + (range_ / 2) - since_last_run,
)
- note("mean: {}\nrange: {}\nnow: {}\nlow: {}\nhigh: {}\nsince last: {}".format(
- mean, range_, datetime_now, low, high, since_last_run,
- ))
+ note(
+ "mean: {}\nrange: {}\nnow: {}\nlow: {}\nhigh: {}\nsince last: {}".format(
+ mean,
+ range_,
+ datetime_now,
+ low,
+ high,
+ since_last_run,
+ )
+ )
self.assertThat(
datetime.utcfromtimestamp(maintenance_call.getTime()),
@@ -379,7 +391,7 @@ class LeaseMaintenanceServiceTests(TestCase):
service = lease_maintenance_service(
lambda: None,
clock,
- FilePath(self.useFixture(TempDir()).join(u"last-run")),
+ FilePath(self.useFixture(TempDir()).join("last-run")),
random,
)
service.startService()
@@ -405,13 +417,14 @@ class LeaseMaintenanceServiceTests(TestCase):
When the service runs, it calls the ``maintain_leases`` object.
"""
leases_maintained_at = []
+
def maintain_leases():
leases_maintained_at.append(datetime.utcfromtimestamp(clock.seconds()))
service = lease_maintenance_service(
maintain_leases,
clock,
- FilePath(self.useFixture(TempDir()).join(u"last-run")),
+ FilePath(self.useFixture(TempDir()).join("last-run")),
random,
)
service.startService()
@@ -428,6 +441,7 @@ class VisitStorageIndexesFromRootTests(TestCase):
"""
Tests for ``visit_storage_indexes_from_root``.
"""
+
@given(node_hierarchies(), clocks())
def test_visits_all_nodes(self, root_node, clock):
"""
@@ -435,6 +449,7 @@ class VisitStorageIndexesFromRootTests(TestCase):
its deepest children.
"""
visited = []
+
def perform_visit(visit_assets):
return visit_assets(visited.append)
@@ -454,11 +469,7 @@ class VisitStorageIndexesFromRootTests(TestCase):
HasLength(len(expected)),
AfterPreprocessing(
set,
- Equals(set(
- node.get_storage_index()
- for node
- in expected
- )),
+ Equals(set(node.get_storage_index() for node in expected)),
),
),
)
@@ -468,6 +479,7 @@ class RenewLeasesTests(TestCase):
"""
Tests for ``renew_leases``.
"""
+
@given(storage_brokers(clocks()), lists(leaf_nodes(), unique=True))
def test_renewed(self, storage_broker, nodes):
"""
@@ -519,23 +531,20 @@ class RenewLeasesTests(TestCase):
succeeded(Always()),
)
- relevant_storage_indexes = set(
- node.get_storage_index()
- for node
- in nodes
- )
+ relevant_storage_indexes = set(node.get_storage_index() for node in nodes)
self.assertThat(
list(
server.get_storage_server()
- for server
- in storage_broker.get_connected_servers()
+ for server in storage_broker.get_connected_servers()
+ ),
+ AllMatch(
+ leases_current(
+ relevant_storage_indexes,
+ get_now(),
+ min_lease_remaining,
+ )
),
- AllMatch(leases_current(
- relevant_storage_indexes,
- get_now(),
- min_lease_remaining,
- )),
)
@@ -543,6 +552,7 @@ class MaintainLeasesFromRootTests(TestCase):
"""
Tests for ``maintain_leases_from_root``.
"""
+
@given(storage_brokers(clocks()), node_hierarchies())
def test_renewed(self, storage_broker, root_node):
"""
@@ -575,22 +585,21 @@ class MaintainLeasesFromRootTests(TestCase):
)
relevant_storage_indexes = set(
- node.get_storage_index()
- for node
- in root_node.flatten()
+ node.get_storage_index() for node in root_node.flatten()
)
self.assertThat(
list(
server.get_storage_server()
- for server
- in storage_broker.get_connected_servers()
+ for server in storage_broker.get_connected_servers()
+ ),
+ AllMatch(
+ leases_current(
+ relevant_storage_indexes,
+ get_now(),
+ min_lease_remaining,
+ )
),
- AllMatch(leases_current(
- relevant_storage_indexes,
- get_now(),
- min_lease_remaining,
- ))
)
@given(storage_brokers(clocks()), node_hierarchies())
diff --git a/src/_zkapauthorizer/tests/test_matchers.py b/src/_zkapauthorizer/tests/test_matchers.py
index 868a1e998bec4a54c093f24637a5a3f8ecee6261..a2df351b87637e1147c1b0851153c7f5ae17f408 100644
--- a/src/_zkapauthorizer/tests/test_matchers.py
+++ b/src/_zkapauthorizer/tests/test_matchers.py
@@ -61,6 +61,7 @@ class ProvidesTests(TestCase):
"""
Tests for ``Provides``.
"""
+
def test_match(self):
"""
``Provides.match`` returns ``None`` when the given object provides all of
@@ -86,6 +87,7 @@ class ReturnsTests(TestCase):
"""
Tests for ``returns``.
"""
+
def test_match(self):
"""
``returns(m)`` returns a matcher that matches when the given object
diff --git a/src/_zkapauthorizer/tests/test_model.py b/src/_zkapauthorizer/tests/test_model.py
index 5af002721ebcc7ce1b7ae45c8b2d0f2e0b045558..dbff95faf7f84a39d5368afa0eb412609074808a 100644
--- a/src/_zkapauthorizer/tests/test_model.py
+++ b/src/_zkapauthorizer/tests/test_model.py
@@ -67,7 +67,7 @@ from hypothesis.stateful import (
rule,
precondition,
invariant,
- run_state_machine_as_test
+ run_state_machine_as_test,
)
from hypothesis.strategies import (
data,
@@ -119,6 +119,7 @@ class VoucherStoreTests(TestCase):
"""
Tests for ``VoucherStore``.
"""
+
@given(tahoe_configs(), datetimes(), vouchers())
def test_get_missing(self, get_config, now, voucher):
"""
@@ -131,7 +132,12 @@ class VoucherStoreTests(TestCase):
raises(KeyError),
)
- @given(tahoe_configs(), vouchers(), lists(random_tokens(), min_size=1, unique=True), datetimes())
+ @given(
+ tahoe_configs(),
+ vouchers(),
+ lists(random_tokens(), min_size=1, unique=True),
+ datetimes(),
+ )
def test_add(self, get_config, voucher, tokens, now):
"""
``VoucherStore.get`` returns a ``Voucher`` representing a voucher
@@ -156,15 +162,17 @@ class VoucherStoreTests(TestCase):
lists(random_tokens(), min_size=2, unique=True),
datetimes(),
)
- def test_add_with_distinct_counters(self, get_config, voucher, counters, tokens, now):
+ def test_add_with_distinct_counters(
+ self, get_config, voucher, counters, tokens, now
+ ):
"""
``VoucherStore.add`` adds new tokens to the store when passed the same
voucher but a different counter value.
"""
counter_a = counters[0]
counter_b = counters[1]
- tokens_a = tokens[:len(tokens) / 2]
- tokens_b = tokens[len(tokens) / 2:]
+ tokens_a = tokens[: len(tokens) / 2]
+ tokens_b = tokens[len(tokens) / 2 :]
store = self.useFixture(TemporaryVoucherStore(get_config, lambda: now)).store
# We only have to get the expected_tokens value (len(tokens)) right on
@@ -185,7 +193,12 @@ class VoucherStoreTests(TestCase):
self.assertThat(tokens_a, Equals(added_tokens_a))
self.assertThat(tokens_b, Equals(added_tokens_b))
- @given(tahoe_configs(), vouchers(), datetimes(), lists(random_tokens(), min_size=1, unique=True))
+ @given(
+ tahoe_configs(),
+ vouchers(),
+ datetimes(),
+ lists(random_tokens(), min_size=1, unique=True),
+ )
def test_add_idempotent(self, get_config, voucher, now, tokens):
"""
More than one call to ``VoucherStore.add`` with the same argument results
@@ -233,14 +246,16 @@ class VoucherStoreTests(TestCase):
``VoucherStore.list`` returns a ``list`` containing a ``Voucher`` object
for each voucher previously added.
"""
- tokens = iter(data.draw(
- lists(
- random_tokens(),
- unique=True,
- min_size=len(vouchers),
- max_size=len(vouchers),
- ),
- ))
+ tokens = iter(
+ data.draw(
+ lists(
+ random_tokens(),
+ unique=True,
+ min_size=len(vouchers),
+ max_size=len(vouchers),
+ ),
+ )
+ )
store = self.useFixture(TemporaryVoucherStore(get_config, lambda: now)).store
for voucher in vouchers:
store.add(
@@ -252,11 +267,12 @@ class VoucherStoreTests(TestCase):
self.assertThat(
store.list(),
- Equals(list(
- Voucher(number, expected_tokens=1, created=now)
- for number
- in vouchers
- )),
+ Equals(
+ list(
+ Voucher(number, expected_tokens=1, created=now)
+ for number in vouchers
+ )
+ ),
)
@skipIf(platform.isWindows(), "Hard to prevent directory creation on Windows")
@@ -299,8 +315,9 @@ class VoucherStoreTests(TestCase):
),
)
-
- @skipIf(platform.isWindows(), "Hard to prevent database from being opened on Windows")
+ @skipIf(
+ platform.isWindows(), "Hard to prevent database from being opened on Windows"
+ )
@given(tahoe_configs(), datetimes())
def test_unopenable_store(self, get_config, now):
"""
@@ -327,43 +344,37 @@ class VoucherStoreTests(TestCase):
)
@given(tahoe_configs(), vouchers(), dummy_ristretto_keys(), datetimes(), data())
- def test_spend_order_equals_backup_order(self, get_config, voucher_value, public_key, now, data):
+ def test_spend_order_equals_backup_order(
+ self, get_config, voucher_value, public_key, now, data
+ ):
"""
Unblinded tokens returned by ``VoucherStore.backup`` appear in the same
order as they are returned by ``VoucherStore.get_unblinded_tokens``.
"""
backed_up_tokens, spent_tokens, inserted_tokens = self._spend_order_test(
- get_config,
- voucher_value,
- public_key,
- now,
- data
+ get_config, voucher_value, public_key, now, data
)
self.assertThat(
backed_up_tokens,
Equals(spent_tokens),
)
-
@given(tahoe_configs(), vouchers(), dummy_ristretto_keys(), datetimes(), data())
- def test_spend_order_equals_insert_order(self, get_config, voucher_value, public_key, now, data):
+ def test_spend_order_equals_insert_order(
+ self, get_config, voucher_value, public_key, now, data
+ ):
"""
Unblinded tokens returned by ``VoucherStore.get_unblinded_tokens``
appear in the same order as they were inserted.
"""
backed_up_tokens, spent_tokens, inserted_tokens = self._spend_order_test(
- get_config,
- voucher_value,
- public_key,
- now,
- data
+ get_config, voucher_value, public_key, now, data
)
self.assertThat(
spent_tokens,
Equals(inserted_tokens),
)
-
def _spend_order_test(self, get_config, voucher_value, public_key, now, data):
"""
Insert, backup, and extract some tokens.
@@ -385,7 +396,9 @@ class VoucherStoreTests(TestCase):
store = VoucherStore.from_node_config(config, lambda: now)
# Put some tokens in it that we can backup and extract
- random_tokens, unblinded_tokens = paired_tokens(data, integers(min_value=1, max_value=5))
+ random_tokens, unblinded_tokens = paired_tokens(
+ data, integers(min_value=1, max_value=5)
+ )
store.add(voucher_value, len(random_tokens), 0, lambda: random_tokens)
store.insert_unblinded_tokens_for_voucher(
voucher_value,
@@ -401,9 +414,7 @@ class VoucherStoreTests(TestCase):
while tokens_remaining > 0:
to_spend = data.draw(integers(min_value=1, max_value=tokens_remaining))
extracted_tokens.extend(
- token.unblinded_token
- for token
- in store.get_unblinded_tokens(to_spend)
+ token.unblinded_token for token in store.get_unblinded_tokens(to_spend)
)
tokens_remaining -= to_spend
@@ -420,6 +431,7 @@ class UnblindedTokenStateMachine(RuleBasedStateMachine):
unblinded tokens in a ``VoucherStore`` - usable, in-use, spent, invalid,
etc.
"""
+
def __init__(self, case):
super(UnblindedTokenStateMachine, self).__init__()
self.case = case
@@ -555,12 +567,14 @@ class UnblindedTokenStateMachine(RuleBasedStateMachine):
@invariant()
def report_state(self):
- note("available={} using={} invalid={} spent={}".format(
- self.available,
- len(self.using),
- len(self.invalid),
- len(self.spent),
- ))
+ note(
+ "available={} using={} invalid={} spent={}".format(
+ self.available,
+ len(self.using),
+ len(self.invalid),
+ len(self.spent),
+ )
+ )
def random_slice(taken_from, random, data):
@@ -588,6 +602,7 @@ class UnblindedTokenStateTests(TestCase):
"""
Glue ``UnblindedTokenStateTests`` into our test runner.
"""
+
def test_states(self):
run_state_machine_as_test(lambda: UnblindedTokenStateMachine(self))
@@ -596,6 +611,7 @@ class LeaseMaintenanceTests(TestCase):
"""
Tests for the lease-maintenance related parts of ``VoucherStore``.
"""
+
@given(
tahoe_configs(),
posix_safe_datetimes(),
@@ -645,9 +661,11 @@ class LeaseMaintenanceTests(TestCase):
for (num_passes, trim_size) in sizes:
passes_required += num_passes
trim_size %= store.pass_value
- x.observe([
- num_passes * store.pass_value - trim_size,
- ])
+ x.observe(
+ [
+ num_passes * store.pass_value - trim_size,
+ ]
+ )
now += finish_delay
x.finish()
finished = now
@@ -669,6 +687,7 @@ class VoucherTests(TestCase):
"""
Tests for ``Voucher``.
"""
+
@given(voucher_objects())
def test_json_roundtrip(self, reference):
"""
@@ -688,18 +707,22 @@ def paired_tokens(data, sizes=integers(min_value=1, max_value=1000)):
:rtype: ([RandomTokens], [UnblindedTokens])
"""
num_tokens = data.draw(sizes)
- r = data.draw(lists(
- random_tokens(),
- min_size=num_tokens,
- max_size=num_tokens,
- unique=True,
- ))
- u = data.draw(lists(
- unblinded_tokens(),
- min_size=num_tokens,
- max_size=num_tokens,
- unique=True,
- ))
+ r = data.draw(
+ lists(
+ random_tokens(),
+ min_size=num_tokens,
+ max_size=num_tokens,
+ unique=True,
+ )
+ )
+ u = data.draw(
+ lists(
+ unblinded_tokens(),
+ min_size=num_tokens,
+ max_size=num_tokens,
+ unique=True,
+ )
+ )
return r, u
@@ -707,6 +730,7 @@ class UnblindedTokenStoreTests(TestCase):
"""
Tests for ``UnblindedToken``-related functionality of ``VoucherStore``.
"""
+
@given(
tahoe_configs(),
datetimes(),
@@ -715,7 +739,9 @@ class UnblindedTokenStoreTests(TestCase):
lists(unblinded_tokens(), unique=True),
booleans(),
)
- def test_unblinded_tokens_without_voucher(self, get_config, now, voucher_value, public_key, unblinded_tokens, completed):
+ def test_unblinded_tokens_without_voucher(
+ self, get_config, now, voucher_value, public_key, unblinded_tokens, completed
+ ):
"""
Unblinded tokens for a voucher which has not been added to the store cannot be inserted.
"""
@@ -739,14 +765,18 @@ class UnblindedTokenStoreTests(TestCase):
booleans(),
data(),
)
- def test_unblinded_tokens_round_trip(self, get_config, now, voucher_value, public_key, completed, data):
+ def test_unblinded_tokens_round_trip(
+ self, get_config, now, voucher_value, public_key, completed, data
+ ):
"""
Unblinded tokens that are added to the store can later be retrieved and counted.
"""
random_tokens, unblinded_tokens = paired_tokens(data)
store = self.useFixture(TemporaryVoucherStore(get_config, lambda: now)).store
store.add(voucher_value, len(random_tokens), 0, lambda: random_tokens)
- store.insert_unblinded_tokens_for_voucher(voucher_value, public_key, unblinded_tokens, completed, spendable=True)
+ store.insert_unblinded_tokens_for_voucher(
+ voucher_value, public_key, unblinded_tokens, completed, spendable=True
+ )
# All the tokens just inserted should be counted.
self.expectThat(
@@ -774,7 +804,9 @@ class UnblindedTokenStoreTests(TestCase):
integers(min_value=1, max_value=100),
data(),
)
- def test_mark_vouchers_redeemed(self, get_config, now, voucher_value, public_key, num_tokens, data):
+ def test_mark_vouchers_redeemed(
+ self, get_config, now, voucher_value, public_key, num_tokens, data
+ ):
"""
The voucher for unblinded tokens that are added to the store is marked as
redeemed.
@@ -798,16 +830,20 @@ class UnblindedTokenStoreTests(TestCase):
store = self.useFixture(TemporaryVoucherStore(get_config, lambda: now)).store
store.add(voucher_value, len(random), 0, lambda: random)
- store.insert_unblinded_tokens_for_voucher(voucher_value, public_key, unblinded, completed=True, spendable=True)
+ store.insert_unblinded_tokens_for_voucher(
+ voucher_value, public_key, unblinded, completed=True, spendable=True
+ )
loaded_voucher = store.get(voucher_value)
self.assertThat(
loaded_voucher,
MatchesStructure(
expected_tokens=Equals(len(random)),
- state=Equals(Redeemed(
- finished=now,
- token_count=num_tokens,
- )),
+ state=Equals(
+ Redeemed(
+ finished=now,
+ token_count=num_tokens,
+ )
+ ),
),
)
@@ -817,7 +853,9 @@ class UnblindedTokenStoreTests(TestCase):
vouchers(),
lists(random_tokens(), min_size=1, unique=True),
)
- def test_mark_vouchers_double_spent(self, get_config, now, voucher_value, random_tokens):
+ def test_mark_vouchers_double_spent(
+ self, get_config, now, voucher_value, random_tokens
+ ):
"""
A voucher which is reported as double-spent is marked in the database as
such.
@@ -829,9 +867,11 @@ class UnblindedTokenStoreTests(TestCase):
self.assertThat(
voucher,
MatchesStructure(
- state=Equals(DoubleSpend(
- finished=now,
- )),
+ state=Equals(
+ DoubleSpend(
+ finished=now,
+ )
+ ),
),
)
@@ -843,7 +883,9 @@ class UnblindedTokenStoreTests(TestCase):
integers(min_value=1, max_value=100),
data(),
)
- def test_mark_spent_vouchers_double_spent(self, get_config, now, voucher_value, public_key, num_tokens, data):
+ def test_mark_spent_vouchers_double_spent(
+ self, get_config, now, voucher_value, public_key, num_tokens, data
+ ):
"""
A voucher which has already been spent cannot be marked as double-spent.
"""
@@ -865,7 +907,9 @@ class UnblindedTokenStoreTests(TestCase):
)
store = self.useFixture(TemporaryVoucherStore(get_config, lambda: now)).store
store.add(voucher_value, len(random), 0, lambda: random)
- store.insert_unblinded_tokens_for_voucher(voucher_value, public_key, unblinded, completed=True, spendable=True)
+ store.insert_unblinded_tokens_for_voucher(
+ voucher_value, public_key, unblinded, completed=True, spendable=True
+ )
self.assertThat(
lambda: store.mark_voucher_double_spent(voucher_value),
raises(ValueError),
@@ -895,7 +939,9 @@ class UnblindedTokenStoreTests(TestCase):
integers(min_value=1),
data(),
)
- def test_not_enough_unblinded_tokens(self, get_config, now, voucher_value, public_key, completed, extra, data):
+ def test_not_enough_unblinded_tokens(
+ self, get_config, now, voucher_value, public_key, completed, extra, data
+ ):
"""
``get_unblinded_tokens`` raises ``NotEnoughTokens`` if ``count`` is
greater than the number of unblinded tokens in the store.
diff --git a/src/_zkapauthorizer/tests/test_plugin.py b/src/_zkapauthorizer/tests/test_plugin.py
index ee8f0016c0a8a197541f35dae6df6f837c1ceeaf..26929628c5bc5af150145505b2f613dc42d349e5 100644
--- a/src/_zkapauthorizer/tests/test_plugin.py
+++ b/src/_zkapauthorizer/tests/test_plugin.py
@@ -174,7 +174,6 @@ from .eliot import (
)
-
SIGNING_KEY_PATH = FilePath(__file__).sibling(u"testing-signing.key")
@@ -184,11 +183,11 @@ def get_rref(interface=None):
return LocalRemote(DummyReferenceable(interface))
-
class GetRRefTests(TestCase):
"""
Tests for ``get_rref``.
"""
+
def test_localremote(self):
"""
``get_rref`` returns an instance of ``LocalRemote``.
@@ -210,7 +209,9 @@ class GetRRefTests(TestCase):
AfterPreprocessing(
lambda ref: ref.tracker,
MatchesStructure(
- interfaceName=Equals(RIPrivacyPassAuthorizedStorageServer.__remote_name__),
+ interfaceName=Equals(
+ RIPrivacyPassAuthorizedStorageServer.__remote_name__
+ ),
),
),
)
@@ -237,6 +238,7 @@ class PluginTests(TestCase):
"""
Tests for ``twisted.plugins.zkapauthorizer.storage_server``.
"""
+
def test_discoverable(self):
"""
The plugin can be discovered.
@@ -246,7 +248,6 @@ class PluginTests(TestCase):
Contains(storage_server),
)
-
def test_provides_interface(self):
"""
``storage_server`` provides ``IFoolscapStoragePlugin``.
@@ -257,12 +258,12 @@ class PluginTests(TestCase):
)
-
class ServerPluginTests(TestCase):
"""
Tests for the plugin's implementation of
``IFoolscapStoragePlugin.get_storage_server``.
"""
+
@given(server_configurations(SIGNING_KEY_PATH))
def test_returns_announceable(self, configuration):
"""
@@ -278,7 +279,6 @@ class ServerPluginTests(TestCase):
succeeded(Provides([IAnnounceableStorageServer])),
)
-
@given(server_configurations(SIGNING_KEY_PATH))
def test_returns_referenceable(self, configuration):
"""
@@ -323,7 +323,6 @@ class ServerPluginTests(TestCase):
),
)
-
@given(server_configurations(SIGNING_KEY_PATH))
def test_returns_hashable(self, configuration):
"""
@@ -352,15 +351,21 @@ class ServerPluginTests(TestCase):
tahoe_configs_with_dummy_redeemer = tahoe_configs(client_dummyredeemer_configurations())
-tahoe_configs_with_mismatched_issuer = minimal_tahoe_configs({
- u"privatestorageio-zkapauthz-v1": just({u"ristretto-issuer-root-url": u"https://another-issuer.example.invalid/"}),
-})
+tahoe_configs_with_mismatched_issuer = minimal_tahoe_configs(
+ {
+ u"privatestorageio-zkapauthz-v1": just(
+ {u"ristretto-issuer-root-url": u"https://another-issuer.example.invalid/"}
+ ),
+ }
+)
+
class ClientPluginTests(TestCase):
"""
Tests for the plugin's implementation of
``IFoolscapStoragePlugin.get_storage_client``.
"""
+
@given(tahoe_configs(), announcements())
def test_interface(self, get_config, announcement):
"""
@@ -384,7 +389,6 @@ class ClientPluginTests(TestCase):
Provides([IStorageServer]),
)
-
@given(tahoe_configs_with_mismatched_issuer, announcements())
def test_mismatched_ristretto_issuer(self, config_text, announcement):
"""
@@ -420,7 +424,6 @@ class ClientPluginTests(TestCase):
raises(IssuerConfigurationMismatch),
)
-
@given(
tahoe_configs(),
announcements(),
@@ -431,15 +434,14 @@ class ClientPluginTests(TestCase):
sizes(),
)
def test_mismatch_storage_server_furl(
- self,
- get_config,
- announcement,
- storage_index,
- renew_secret,
- cancel_secret,
- sharenums,
- size,
-
+ self,
+ get_config,
+ announcement,
+ storage_index,
+ renew_secret,
+ cancel_secret,
+ sharenums,
+ size,
):
"""
If the ``get_rref`` passed to ``get_storage_client`` returns a reference
@@ -484,14 +486,14 @@ class ClientPluginTests(TestCase):
)
@capture_logging(lambda self, logger: logger.validate())
def test_unblinded_tokens_spent(
- self,
- logger,
- get_config,
- now,
- announcement,
- voucher,
- num_passes,
- public_key,
+ self,
+ logger,
+ get_config,
+ now,
+ announcement,
+ voucher,
+ num_passes,
+ public_key,
):
"""
The ``ZKAPAuthorizerStorageServer`` returned by ``get_storage_client``
@@ -548,10 +550,12 @@ class ClientPluginTests(TestCase):
AllMatch(
AfterPreprocessing(
lambda logged_message: logged_message.message,
- ContainsDict({
- u"message": Equals(u"request binding message"),
- u"count": Equals(num_passes),
- }),
+ ContainsDict(
+ {
+ u"message": Equals(u"request binding message"),
+ u"count": Equals(num_passes),
+ }
+ ),
),
),
),
@@ -563,6 +567,7 @@ class ClientResourceTests(TestCase):
Tests for the plugin's implementation of
``IFoolscapStoragePlugin.get_client_resource``.
"""
+
@given(tahoe_configs())
def test_interface(self, get_config):
"""
@@ -617,6 +622,7 @@ class LeaseMaintenanceServiceTests(TestCase):
"""
Tests for the plugin's initialization of the lease maintenance service.
"""
+
def _created_test(self, get_config, servers_yaml, rootcap):
original_tempdir = tempfile.tempdir
@@ -654,7 +660,7 @@ class LeaseMaintenanceServiceTests(TestCase):
# suite if we don't clean it up. We can't do this with a tearDown
# or a fixture or an addCleanup because hypothesis doesn't run any
# of those at the right time. :/
- tempfile.tempdir = original_tempdir
+ tempfile.tempdir = original_tempdir
@settings(
deadline=None,
@@ -671,7 +677,6 @@ class LeaseMaintenanceServiceTests(TestCase):
"""
return self._created_test(get_config, servers_yaml, rootcap=True)
-
@settings(
deadline=None,
)
@@ -691,6 +696,7 @@ class LoadSigningKeyTests(TestCase):
"""
Tests for ``load_signing_key``.
"""
+
@given(ristretto_signing_keys())
def test_valid(self, key_bytes):
"""
diff --git a/src/_zkapauthorizer/tests/test_pricecalculator.py b/src/_zkapauthorizer/tests/test_pricecalculator.py
index 25eaa40d09102b66ffbb592d590497c33d1c8517..c1ca75d82c629d709889e80361c8de98a3f3155f 100644
--- a/src/_zkapauthorizer/tests/test_pricecalculator.py
+++ b/src/_zkapauthorizer/tests/test_pricecalculator.py
@@ -55,10 +55,12 @@ from .matchers import (
file_sizes = lists(sizes(), min_size=1)
+
class PriceCalculatorTests(TestCase):
"""
Tests for ``PriceCalculator``.
"""
+
@given(
integers(min_value=1),
integers(min_value=1),
@@ -103,7 +105,6 @@ class PriceCalculatorTests(TestCase):
greater_or_equal(more_needed_price),
)
-
@given(
integers(min_value=1, max_value=127),
integers(min_value=1, max_value=127),
diff --git a/src/_zkapauthorizer/tests/test_private.py b/src/_zkapauthorizer/tests/test_private.py
index 9382eb54021adea9a893b1b412c065398a4f0704..54d6d3f8ece4d1c080374bab44d80dc6a3b134f6 100644
--- a/src/_zkapauthorizer/tests/test_private.py
+++ b/src/_zkapauthorizer/tests/test_private.py
@@ -53,21 +53,25 @@ from allmydata.test.web.matchers import (
has_response_code,
)
+
class PrivacyTests(TestCase):
"""
Tests for the privacy features of the resources created by ``create_private_tree``.
"""
+
def setUp(self):
self.token = b"abcdef"
self.resource = create_private_tree(lambda: self.token, Resource())
self.agent = RequestTraversalAgent(self.resource)
- self.client = HTTPClient(self.agent)
+ self.client = HTTPClient(self.agent)
return super(PrivacyTests, self).setUp()
def _authorization(self, scheme, value):
- return Headers({
- u"authorization": [u"{} {}".format(scheme, value)],
- })
+ return Headers(
+ {
+ "authorization": ["{} {}".format(scheme, value)],
+ }
+ )
def test_unauthorized(self):
"""
@@ -86,7 +90,7 @@ class PrivacyTests(TestCase):
self.assertThat(
self.client.head(
b"http:///foo/bar",
- headers=self._authorization(u"basic", self.token),
+ headers=self._authorization("basic", self.token),
),
succeeded(has_response_code(Equals(UNAUTHORIZED))),
)
@@ -99,7 +103,7 @@ class PrivacyTests(TestCase):
self.assertThat(
self.client.head(
b"http:///foo/bar",
- headers=self._authorization(SCHEME, u"foo bar"),
+ headers=self._authorization(SCHEME, "foo bar"),
),
succeeded(has_response_code(Equals(UNAUTHORIZED))),
)
diff --git a/src/_zkapauthorizer/tests/test_schema.py b/src/_zkapauthorizer/tests/test_schema.py
index da1af22218d7431852e341f6e7a7d1106d65f6d1..a3b9d074563c02fb11d265bae3bda93a738f224e 100644
--- a/src/_zkapauthorizer/tests/test_schema.py
+++ b/src/_zkapauthorizer/tests/test_schema.py
@@ -32,6 +32,7 @@ from ..schema import (
_UPGRADES,
)
+
class UpgradeTests(TestCase):
def test_consistency(self):
"""
diff --git a/src/_zkapauthorizer/tests/test_spending.py b/src/_zkapauthorizer/tests/test_spending.py
index bb52eff98f14da6c06e63ed61aa77fbacb228321..7b3908c4eb21077276382dff6a430be72a36e3fc 100644
--- a/src/_zkapauthorizer/tests/test_spending.py
+++ b/src/_zkapauthorizer/tests/test_spending.py
@@ -56,10 +56,12 @@ from ..spending import (
SpendingController,
)
+
class PassGroupTests(TestCase):
"""
Tests for ``IPassGroup`` and the factories that create them.
"""
+
@given(vouchers(), pass_counts(), posix_safe_datetimes())
def test_get(self, voucher, num_passes, now):
"""
@@ -94,14 +96,14 @@ class PassGroupTests(TestCase):
)
def _test_token_group_operation(
- self,
- operation,
- matches_tokens,
- voucher,
- num_passes,
- now,
- random,
- data,
+ self,
+ operation,
+ matches_tokens,
+ voucher,
+ num_passes,
+ now,
+ random,
+ data,
):
configless = self.useFixture(
ConfiglessMemoryVoucherStore(
@@ -143,6 +145,7 @@ class PassGroupTests(TestCase):
Passes in a group can be marked as successfully spent to prevent them from
being re-used by a future ``get`` call.
"""
+
def matches_tokens(num_passes, group):
return AfterPreprocessing(
# The use of `backup` here to check is questionable. TODO:
@@ -150,6 +153,7 @@ class PassGroupTests(TestCase):
lambda store: store.backup()[u"unblinded-tokens"],
HasLength(num_passes - len(group.passes)),
)
+
return self._test_token_group_operation(
lambda group: group.mark_spent(),
matches_tokens,
@@ -166,6 +170,7 @@ class PassGroupTests(TestCase):
Passes in a group can be marked as invalid to prevent them from being
re-used by a future ``get`` call.
"""
+
def matches_tokens(num_passes, group):
return AfterPreprocessing(
# The use of `backup` here to check is questionable. TODO:
@@ -173,6 +178,7 @@ class PassGroupTests(TestCase):
lambda store: store.backup()[u"unblinded-tokens"],
HasLength(num_passes - len(group.passes)),
)
+
return self._test_token_group_operation(
lambda group: group.mark_invalid(u"reason"),
matches_tokens,
@@ -189,12 +195,14 @@ class PassGroupTests(TestCase):
Passes in a group can be reset to allow them to be re-used by a future
``get`` call.
"""
+
def matches_tokens(num_passes, group):
return AfterPreprocessing(
# They've been reset so we should be able to re-get them.
lambda store: store.get_unblinded_tokens(len(group.passes)),
Equals(group.unblinded_tokens),
)
+
return self._test_token_group_operation(
lambda group: group.reset(),
matches_tokens,
diff --git a/src/_zkapauthorizer/tests/test_storage_client.py b/src/_zkapauthorizer/tests/test_storage_client.py
index c697090885784e259258b873c0ce68e340e190f2..5d769282ea596abcbe8e94ba9068c106ba7bd420 100644
--- a/src/_zkapauthorizer/tests/test_storage_client.py
+++ b/src/_zkapauthorizer/tests/test_storage_client.py
@@ -96,11 +96,11 @@ from .storage_common import (
)
-
class GetConfiguredValueTests(TestCase):
"""
Tests for helpers for reading certain configuration values.
"""
+
@given(integers(min_value=1, max_value=255))
def test_get_configured_shares_needed(self, expected):
"""
@@ -115,7 +115,9 @@ class GetConfiguredValueTests(TestCase):
shares.needed = {}
shares.happy = 5
shares.total = 10
-""".format(expected),
+""".format(
+ expected
+ ),
)
self.assertThat(
@@ -137,7 +139,9 @@ shares.total = 10
shares.needed = 5
shares.happy = 5
shares.total = {}
-""".format(expected),
+""".format(
+ expected
+ ),
)
self.assertThat(
@@ -163,7 +167,9 @@ shares.total = 10
[storageclient.plugins.privatestorageio-zkapauthz-v1]
pass-value={}
-""".format(expected),
+""".format(
+ expected
+ ),
)
self.assertThat(
@@ -189,7 +195,9 @@ shares.total = 10
[storageclient.plugins.privatestorageio-zkapauthz-v1]
allowed-public-keys = {}
-""".format(",".join(expected)),
+""".format(
+ ",".join(expected)
+ ),
)
self.assertThat(
@@ -202,6 +210,7 @@ class CallWithPassesTests(TestCase):
"""
Tests for ``call_with_passes``.
"""
+
@given(pass_counts())
def test_success_result(self, num_passes):
"""
@@ -321,7 +330,9 @@ class CallWithPassesTests(TestCase):
def reject_even_pass_values(group):
passes = group.passes
good_passes = list(idx for (idx, p) in enumerate(passes) if p % 2)
- bad_passes = list(idx for (idx, p) in enumerate(passes) if idx not in good_passes)
+ bad_passes = list(
+ idx for (idx, p) in enumerate(passes) if idx not in good_passes
+ )
if len(good_passes) < num_passes:
_ValidationResult(
valid=good_passes,
@@ -463,12 +474,15 @@ class CallWithPassesTests(TestCase):
),
)
+
def reset(group):
group.reset()
+
def spend(group):
group.mark_spent()
+
def invalidate(group):
group.mark_invalid(u"reason")
@@ -480,6 +494,7 @@ class PassFactoryTests(TestCase):
It is unfortunate that this isn't the same test suite as
``test_spending.PassGroupTests``.
"""
+
@given(pass_counts(), pass_counts())
def test_returned_passes_reused(self, num_passes_a, num_passes_b):
"""
diff --git a/src/_zkapauthorizer/tests/test_storage_protocol.py b/src/_zkapauthorizer/tests/test_storage_protocol.py
index ae54c30eb40679a86fe955108f30daf13f00f837..f5e51f7c5df87730d4b14ce5469836c5410600fd 100644
--- a/src/_zkapauthorizer/tests/test_storage_protocol.py
+++ b/src/_zkapauthorizer/tests/test_storage_protocol.py
@@ -39,6 +39,7 @@ from testtools.twistedsupport import (
succeeded,
failed,
)
+
# I'd rather use https://twistedmatrix.com/trac/ticket/8900 but efforts
# there appear to have stalled.
from testtools.twistedsupport._deferred import (
@@ -137,6 +138,7 @@ class RequiredPassesTests(TestCase):
"""
Tests for ``required_passes``.
"""
+
@given(integers(min_value=1), sets(integers(min_value=0)))
def test_incorrect_types(self, bytes_per_pass, share_sizes):
"""
@@ -159,11 +161,7 @@ class RequiredPassesTests(TestCase):
"""
actual = required_passes(
bytes_per_pass,
- list(
- passes * bytes_per_pass
- for passes
- in expected_per_share
- ),
+ list(passes * bytes_per_pass for passes in expected_per_share),
)
self.assertThat(
actual,
@@ -190,13 +188,16 @@ class ShareTests(TestCase):
:ivar pass_factory: An object which is responsible for creating passes
which are used by these tests.
"""
+
pass_value = 128 * 1024
def setUp(self):
super(ShareTests, self).setUp()
self.canary = LocalReferenceable(None)
self.signing_key = random_signing_key()
- self.pass_factory = pass_factory(get_passes=privacypass_passes(self.signing_key))
+ self.pass_factory = pass_factory(
+ get_passes=privacypass_passes(self.signing_key)
+ )
self.clock = Clock()
self.anonymous_storage_server = self.useFixture(
@@ -245,7 +246,9 @@ class ShareTests(TestCase):
size=sizes(),
data=data_strategy(),
)
- def test_rejected_passes_reported(self, storage_index, renew_secret, cancel_secret, sharenums, size, data):
+ def test_rejected_passes_reported(
+ self, storage_index, renew_secret, cancel_secret, sharenums, size, data
+ ):
"""
Any passes rejected by the storage server are reported with a
``MorePassesRequired`` exception sent to the client.
@@ -300,11 +303,7 @@ class ShareTests(TestCase):
# it.
self.local_remote_server.callRemote(
"allocate_buckets",
- list(
- pass_.pass_text.encode("ascii")
- for pass_
- in all_passes
- ),
+ list(pass_.pass_text.encode("ascii") for pass_ in all_passes),
storage_index,
renew_secret,
cancel_secret,
@@ -333,7 +332,9 @@ class ShareTests(TestCase):
sharenums=sharenum_sets(),
size=sizes(),
)
- def test_create_immutable(self, storage_index, renew_secret, cancel_secret, sharenums, size):
+ def test_create_immutable(
+ self, storage_index, renew_secret, cancel_secret, sharenums, size
+ ):
"""
Immutable share data created using *allocate_buckets* and methods of the
resulting buckets can be read back using *get_buckets* and methods of
@@ -398,14 +399,12 @@ class ShareTests(TestCase):
MatchesStructure(
issued=HasLength(anticipated_passes),
spent=HasLength(anticipated_passes),
-
returned=HasLength(0),
in_use=HasLength(0),
invalid=HasLength(0),
),
)
-
@given(
storage_index=storage_indexes(),
renew_secret=lease_renew_secrets(),
@@ -415,13 +414,13 @@ class ShareTests(TestCase):
size=sizes(),
)
def test_shares_already_exist(
- self,
- storage_index,
- renew_secret,
- cancel_secret,
- existing_sharenums,
- additional_sharenums,
- size,
+ self,
+ storage_index,
+ renew_secret,
+ cancel_secret,
+ existing_sharenums,
+ additional_sharenums,
+ size,
):
"""
When the remote *allocate_buckets* implementation reports that shares
@@ -492,7 +491,6 @@ class ShareTests(TestCase):
issued=HasLength(anticipated_passes),
spent=HasLength(expected_spent_passes),
returned=HasLength(expected_returned_passes),
-
in_use=HasLength(0),
invalid=HasLength(0),
),
@@ -505,7 +503,9 @@ class ShareTests(TestCase):
sharenums=sharenum_sets(),
size=sizes(),
)
- def test_add_lease(self, storage_index, renew_secrets, cancel_secret, sharenums, size):
+ def test_add_lease(
+ self, storage_index, renew_secrets, cancel_secret, sharenums, size
+ ):
"""
A lease can be added to an existing immutable share.
"""
@@ -540,7 +540,9 @@ class ShareTests(TestCase):
leases = list(self.anonymous_storage_server.get_leases(storage_index))
self.assertThat(leases, HasLength(2))
- def _stat_shares_immutable_test(self, storage_index, sharenum, size, when, leases, write_shares):
+ def _stat_shares_immutable_test(
+ self, storage_index, sharenum, size, when, leases, write_shares
+ ):
# Hypothesis causes our storage server to be used many times. Clean
# up between iterations.
cleanup_storage_server(self.anonymous_storage_server)
@@ -578,12 +580,14 @@ class ShareTests(TestCase):
finally:
patch.cleanUp()
- expected = [{
- sharenum: ShareStat(
- size=size,
- lease_expiration=int(self.clock.seconds() + LEASE_INTERVAL),
- ),
- }]
+ expected = [
+ {
+ sharenum: ShareStat(
+ size=size,
+ lease_expiration=int(self.clock.seconds() + LEASE_INTERVAL),
+ ),
+ }
+ ]
self.assertThat(
self.client.stat_shares([storage_index]),
succeeded(Equals(expected)),
@@ -598,7 +602,9 @@ class ShareTests(TestCase):
when=posix_timestamps(),
leases=lists(lease_renew_secrets(), unique=True),
)
- def test_stat_shares_immutable(self, storage_index, renew_secret, cancel_secret, sharenum, size, when, leases):
+ def test_stat_shares_immutable(
+ self, storage_index, renew_secret, cancel_secret, sharenum, size, when, leases
+ ):
"""
Size and lease information about immutable shares can be retrieved from a
storage server.
@@ -628,7 +634,9 @@ class ShareTests(TestCase):
leases=lists(lease_renew_secrets(), unique=True, min_size=1),
version=share_versions(),
)
- def test_stat_shares_immutable_wrong_version(self, storage_index, sharenum, size, when, leases, version):
+ def test_stat_shares_immutable_wrong_version(
+ self, storage_index, sharenum, size, when, leases, version
+ ):
"""
If a share file with an unexpected version is found, ``stat_shares``
declines to offer a result (by raising ``ValueError``).
@@ -673,7 +681,9 @@ class ShareTests(TestCase):
# Encode our knowledge of the share header format and size right here...
position=integers(min_value=0, max_value=11),
)
- def test_stat_shares_truncated_file(self, storage_index, sharenum, size, when, version, position):
+ def test_stat_shares_truncated_file(
+ self, storage_index, sharenum, size, when, version, position
+ ):
"""
If a share file is truncated in the middle of the header,
``stat_shares`` declines to offer a result (by raising
@@ -712,8 +722,10 @@ class ShareTests(TestCase):
),
)
-
- @skipIf(platform.isWindows(), "Creating large files on Windows (no sparse files) is too slow")
+ @skipIf(
+ platform.isWindows(),
+ "Creating large files on Windows (no sparse files) is too slow",
+ )
@given(
storage_index=storage_indexes(),
sharenum=sharenums(),
@@ -721,7 +733,9 @@ class ShareTests(TestCase):
when=posix_timestamps(),
leases=lists(lease_renew_secrets(), unique=True, min_size=1),
)
- def test_stat_shares_immutable_large(self, storage_index, sharenum, size, when, leases):
+ def test_stat_shares_immutable_large(
+ self, storage_index, sharenum, size, when, leases
+ ):
"""
Size and lease information about very large immutable shares can be
retrieved from a storage server.
@@ -730,6 +744,7 @@ class ShareTests(TestCase):
share placement and layout. This is necessary to avoid having to
write real multi-gigabyte files to exercise the behavior.
"""
+
def write_shares(storage_server, storage_index, sharenums, size, canary):
sharedir = FilePath(storage_server.sharedir).preauthChild(
# storage_index_to_dir likes to return multiple segments
@@ -767,7 +782,9 @@ class ShareTests(TestCase):
test_and_write_vectors_for_shares=slot_test_and_write_vectors_for_shares(),
when=posix_timestamps(),
)
- def test_stat_shares_mutable(self, storage_index, secrets, test_and_write_vectors_for_shares, when):
+ def test_stat_shares_mutable(
+ self, storage_index, secrets, test_and_write_vectors_for_shares, when
+ ):
"""
Size and lease information about mutable shares can be retrieved from a
storage server.
@@ -788,8 +805,7 @@ class ShareTests(TestCase):
secrets=secrets,
tw_vectors={
k: v.for_call()
- for (k, v)
- in test_and_write_vectors_for_shares.items()
+ for (k, v) in test_and_write_vectors_for_shares.items()
},
r_vector=[],
),
@@ -802,23 +818,23 @@ class ShareTests(TestCase):
u"Server rejected a write to a new mutable slot",
)
- expected = [{
- sharenum: ShareStat(
- size=get_implied_data_length(
- vectors.write_vector,
- vectors.new_length,
- ),
- lease_expiration=int(self.clock.seconds() + LEASE_INTERVAL),
- )
- for (sharenum, vectors)
- in test_and_write_vectors_for_shares.items()
- }]
+ expected = [
+ {
+ sharenum: ShareStat(
+ size=get_implied_data_length(
+ vectors.write_vector,
+ vectors.new_length,
+ ),
+ lease_expiration=int(self.clock.seconds() + LEASE_INTERVAL),
+ )
+ for (sharenum, vectors) in test_and_write_vectors_for_shares.items()
+ }
+ ]
self.assertThat(
self.client.stat_shares([storage_index]),
succeeded(Equals(expected)),
)
-
@skipIf(
platform.isWindows(),
"StorageServer fails to create necessary directory for corruption advisories in Windows.",
@@ -830,7 +846,9 @@ class ShareTests(TestCase):
sharenum=sharenums(),
size=sizes(),
)
- def test_advise_corrupt_share(self, storage_index, renew_secret, cancel_secret, sharenum, size):
+ def test_advise_corrupt_share(
+ self, storage_index, renew_secret, cancel_secret, sharenum, size
+ ):
"""
An advisory of corruption in a share can be sent to the server.
"""
@@ -872,7 +890,9 @@ class ShareTests(TestCase):
),
test_and_write_vectors_for_shares=slot_test_and_write_vectors_for_shares(),
)
- def test_create_mutable(self, storage_index, secrets, test_and_write_vectors_for_shares):
+ def test_create_mutable(
+ self, storage_index, secrets, test_and_write_vectors_for_shares
+ ):
"""
Mutable share data written using *slot_testv_and_readv_and_writev* can be
read back as-written and without spending any more passes.
@@ -887,8 +907,7 @@ class ShareTests(TestCase):
secrets=secrets,
tw_vectors={
k: v.for_call()
- for (k, v)
- in test_and_write_vectors_for_shares.items()
+ for (k, v) in test_and_write_vectors_for_shares.items()
},
r_vector=[],
),
@@ -905,7 +924,9 @@ class ShareTests(TestCase):
)
# Now we can read it back without spending any more passes.
before_passes = len(self.pass_factory.issued)
- assert_read_back_data(self, storage_index, secrets, test_and_write_vectors_for_shares)
+ assert_read_back_data(
+ self, storage_index, secrets, test_and_write_vectors_for_shares
+ )
after_passes = len(self.pass_factory.issued)
self.assertThat(
before_passes,
@@ -921,7 +942,9 @@ class ShareTests(TestCase):
),
test_and_write_vectors_for_shares=slot_test_and_write_vectors_for_shares(),
)
- def test_mutable_rewrite_preserves_lease(self, storage_index, secrets, test_and_write_vectors_for_shares):
+ def test_mutable_rewrite_preserves_lease(
+ self, storage_index, secrets, test_and_write_vectors_for_shares
+ ):
"""
When mutable share data is rewritten using
*slot_testv_and_readv_and_writev* any leases on the corresponding slot
@@ -934,8 +957,9 @@ class ShareTests(TestCase):
def leases():
return list(
lease.to_mutable_data()
- for lease
- in self.anonymous_storage_server.get_slot_leases(storage_index)
+ for lease in self.anonymous_storage_server.get_slot_leases(
+ storage_index
+ )
)
def write():
@@ -944,8 +968,7 @@ class ShareTests(TestCase):
secrets=secrets,
tw_vectors={
k: v.for_call()
- for (k, v)
- in test_and_write_vectors_for_shares.items()
+ for (k, v) in test_and_write_vectors_for_shares.items()
},
r_vector=[],
)
@@ -984,15 +1007,15 @@ class ShareTests(TestCase):
test_and_write_vectors_for_shares=slot_test_and_write_vectors_for_shares(),
)
def test_mutable_rewrite_renews_expired_lease(
- self,
- storage_index,
- when,
- sharenum,
- size,
- write_enabler,
- renew_secret,
- cancel_secret,
- test_and_write_vectors_for_shares,
+ self,
+ storage_index,
+ when,
+ sharenum,
+ size,
+ write_enabler,
+ renew_secret,
+ cancel_secret,
+ test_and_write_vectors_for_shares,
):
"""
When mutable share data with an expired lease is rewritten using
@@ -1012,8 +1035,7 @@ class ShareTests(TestCase):
secrets=secrets,
tw_vectors={
k: v.for_call()
- for (k, v)
- in test_and_write_vectors_for_shares.items()
+ for (k, v) in test_and_write_vectors_for_shares.items()
},
r_vector=[],
)
@@ -1037,17 +1059,23 @@ class ShareTests(TestCase):
# marked as expiring one additional lease period into the future.
self.assertThat(
self.server.remote_stat_shares([storage_index]),
- Equals([{
- num: ShareStat(
- size=get_implied_data_length(
- test_and_write_vectors_for_shares[num].write_vector,
- test_and_write_vectors_for_shares[num].new_length,
- ),
- lease_expiration=int(self.clock.seconds() + self.server.LEASE_PERIOD.total_seconds()),
- )
- for num
- in test_and_write_vectors_for_shares
- }]),
+ Equals(
+ [
+ {
+ num: ShareStat(
+ size=get_implied_data_length(
+ test_and_write_vectors_for_shares[num].write_vector,
+ test_and_write_vectors_for_shares[num].new_length,
+ ),
+ lease_expiration=int(
+ self.clock.seconds()
+ + self.server.LEASE_PERIOD.total_seconds()
+ ),
+ )
+ for num in test_and_write_vectors_for_shares
+ }
+ ]
+ ),
)
@given(
@@ -1059,7 +1087,9 @@ class ShareTests(TestCase):
),
test_and_write_vectors_for_shares=slot_test_and_write_vectors_for_shares(),
)
- def test_client_cannot_control_lease_behavior(self, storage_index, secrets, test_and_write_vectors_for_shares):
+ def test_client_cannot_control_lease_behavior(
+ self, storage_index, secrets, test_and_write_vectors_for_shares
+ ):
"""
If the client passes ``renew_leases`` to *slot_testv_and_readv_and_writev*
it fails with ``TypeError``, no lease is updated, and no share data is
@@ -1086,11 +1116,7 @@ class ShareTests(TestCase):
# secrets
secrets,
# tw_vectors
- {
- k: v.for_call()
- for (k, v)
- in test_and_write_vectors_for_shares.items()
- },
+ {k: v.for_call() for (k, v) in test_and_write_vectors_for_shares.items()},
# r_vector
[],
# add_leases
@@ -1115,8 +1141,7 @@ class ShareTests(TestCase):
shares=None,
r_vector=list(
list(map(write_vector_to_read_vector, vector.write_vector))
- for vector
- in test_and_write_vectors_for_shares.values()
+ for vector in test_and_write_vectors_for_shares.values()
),
)
self.expectThat(
@@ -1133,7 +1158,9 @@ class ShareTests(TestCase):
)
-def assert_read_back_data(self, storage_index, secrets, test_and_write_vectors_for_shares):
+def assert_read_back_data(
+ self, storage_index, secrets, test_and_write_vectors_for_shares
+):
"""
Assert that the data written by ``test_and_write_vectors_for_shares`` can
be read back from ``storage_index``.
@@ -1149,22 +1176,17 @@ def assert_read_back_data(self, storage_index, secrets, test_and_write_vectors_f
# Create a buffer and pile up all the write operations in it.
# This lets us make correct assertions about overlapping writes.
for sharenum, vectors in test_and_write_vectors_for_shares.items():
- length = max(
- offset + len(data)
- for (offset, data)
- in vectors.write_vector
- )
+ length = max(offset + len(data) for (offset, data) in vectors.write_vector)
expected = b"\x00" * length
for (offset, data) in vectors.write_vector:
- expected = expected[:offset] + data + expected[offset + len(data):]
+ expected = expected[:offset] + data + expected[offset + len(data) :]
if vectors.new_length is not None and vectors.new_length < length:
- expected = expected[:vectors.new_length]
+ expected = expected[: vectors.new_length]
expected_result = list(
# Get the expected value out of our scratch buffer.
- expected[offset:offset + len(data)]
- for (offset, data)
- in vectors.write_vector
+ expected[offset : offset + len(data)]
+ for (offset, data) in vectors.write_vector
)
_, single_read = extract_result(
diff --git a/src/_zkapauthorizer/tests/test_storage_server.py b/src/_zkapauthorizer/tests/test_storage_server.py
index 1adab62a8b9e6e6605424f2a2ee78dc75f2f87bd..004534c2ba153ee5baeb084c5ac74cdb9fd3334a 100644
--- a/src/_zkapauthorizer/tests/test_storage_server.py
+++ b/src/_zkapauthorizer/tests/test_storage_server.py
@@ -111,6 +111,7 @@ class ValidationResultTests(TestCase):
"""
Tests for ``_ValidationResult``.
"""
+
def setUp(self):
super(ValidationResultTests, self).setUp()
self.signing_key = random_signing_key()
@@ -128,9 +129,7 @@ class ValidationResultTests(TestCase):
list(RandomToken.create() for i in range(valid_count)),
)
all_passes = valid_passes + list(
- pass_.pass_text.encode("ascii")
- for pass_
- in invalid_passes
+ pass_.pass_text.encode("ascii") for pass_ in invalid_passes
)
shuffle(all_passes)
@@ -144,14 +143,12 @@ class ValidationResultTests(TestCase):
_ValidationResult(
valid=list(
idx
- for (idx, pass_)
- in enumerate(all_passes)
+ for (idx, pass_) in enumerate(all_passes)
if pass_ in valid_passes
),
signature_check_failed=list(
idx
- for (idx, pass_)
- in enumerate(all_passes)
+ for (idx, pass_) in enumerate(all_passes)
if pass_ not in valid_passes
),
),
@@ -183,7 +180,9 @@ class ValidationResultTests(TestCase):
),
AfterPreprocessing(
str,
- Equals("MorePassesRequired(valid_count=4, required_count=10, signature_check_failed=frozenset([4]))"),
+ Equals(
+ "MorePassesRequired(valid_count=4, required_count=10, signature_check_failed=frozenset([4]))"
+ ),
),
),
)
@@ -193,6 +192,7 @@ class PassValidationTests(TestCase):
"""
Tests for pass validation performed by ``ZKAPAuthorizerStorageServer``.
"""
+
pass_value = 128 * 1024
@skipIf(platform.isWindows(), "Storage server is not supported on Windows")
@@ -238,13 +238,14 @@ class PassValidationTests(TestCase):
allocate_buckets = lambda: self.storage_server.doRemoteCall(
"allocate_buckets",
- (valid_passes,
- storage_index,
- renew_secret,
- cancel_secret,
- share_nums,
- allocated_size,
- LocalReferenceable(None),
+ (
+ valid_passes,
+ storage_index,
+ renew_secret,
+ cancel_secret,
+ share_nums,
+ allocated_size,
+ LocalReferenceable(None),
),
{},
)
@@ -253,7 +254,6 @@ class PassValidationTests(TestCase):
raises(MorePassesRequired),
)
-
@given(
storage_index=storage_indexes(),
secrets=tuples(
@@ -305,13 +305,12 @@ class PassValidationTests(TestCase):
else:
self.fail("expected MorePassesRequired, got {}".format(result))
-
def _test_extend_mutable_fails_without_passes(
- self,
- storage_index,
- secrets,
- test_and_write_vectors_for_shares,
- make_data_vector,
+ self,
+ storage_index,
+ secrets,
+ test_and_write_vectors_for_shares,
+ make_data_vector,
):
"""
Verify that increasing the storage requirements of a slot without
@@ -327,9 +326,7 @@ class PassValidationTests(TestCase):
cleanup_storage_server(self.anonymous_storage_server)
tw_vectors = {
- k: v.for_call()
- for (k, v)
- in test_and_write_vectors_for_shares.items()
+ k: v.for_call() for (k, v) in test_and_write_vectors_for_shares.items()
}
note("tw_vectors summarized: {}".format(summarize(tw_vectors)))
@@ -344,11 +341,7 @@ class PassValidationTests(TestCase):
valid_passes = make_passes(
self.signing_key,
slot_testv_and_readv_and_writev_message(storage_index),
- list(
- RandomToken.create()
- for i
- in range(required_pass_count)
- ),
+ list(RandomToken.create() for i in range(required_pass_count)),
)
# Create an initial share to toy with.
@@ -417,7 +410,9 @@ class PassValidationTests(TestCase):
),
test_and_write_vectors_for_shares=slot_test_and_write_vectors_for_shares(),
)
- def test_extend_mutable_with_write_fails_without_passes(self, storage_index, secrets, test_and_write_vectors_for_shares):
+ def test_extend_mutable_with_write_fails_without_passes(
+ self, storage_index, secrets, test_and_write_vectors_for_shares
+ ):
"""
If ``remote_slot_testv_and_readv_and_writev`` is invoked to increase
storage usage by performing a write past the end of a share without
@@ -435,13 +430,13 @@ class PassValidationTests(TestCase):
)
def _test_lease_operation_fails_without_passes(
- self,
- storage_index,
- secrets,
- sharenums,
- allocated_size,
- lease_operation,
- lease_operation_message,
+ self,
+ storage_index,
+ secrets,
+ sharenums,
+ allocated_size,
+ lease_operation,
+ lease_operation_message,
):
"""
Assert that a lease-taking operation fails if it is not supplied with
@@ -461,7 +456,9 @@ class PassValidationTests(TestCase):
renew_secret, cancel_secret = secrets
- required_count = required_passes(self.pass_value, [allocated_size] * len(sharenums))
+ required_count = required_passes(
+ self.pass_value, [allocated_size] * len(sharenums)
+ )
# Create some shares at a slot which will require lease renewal.
write_toy_shares(
self.anonymous_storage_server,
@@ -514,16 +511,20 @@ class PassValidationTests(TestCase):
sharenums=sharenum_sets(),
allocated_size=sizes(),
)
- def test_add_lease_fails_without_passes(self, storage_index, secrets, sharenums, allocated_size):
+ def test_add_lease_fails_without_passes(
+ self, storage_index, secrets, sharenums, allocated_size
+ ):
"""
If ``remote_add_lease`` is invoked without supplying enough passes to
cover the storage for all shares on the given storage index, the
operation fails with ``MorePassesRequired``.
"""
renew_secret, cancel_secret = secrets
+
def add_lease(storage_server, passes):
return storage_server.doRemoteCall(
- "add_lease", (
+ "add_lease",
+ (
passes,
storage_index,
renew_secret,
@@ -531,6 +532,7 @@ class PassValidationTests(TestCase):
),
{},
)
+
return self._test_lease_operation_fails_without_passes(
storage_index,
secrets,
@@ -550,7 +552,9 @@ class PassValidationTests(TestCase):
sharenums=one_of(just(None), sharenum_sets()),
test_and_write_vectors_for_shares=slot_test_and_write_vectors_for_shares(),
)
- def test_mutable_share_sizes(self, slot, secrets, sharenums, test_and_write_vectors_for_shares):
+ def test_mutable_share_sizes(
+ self, slot, secrets, sharenums, test_and_write_vectors_for_shares
+ ):
"""
``share_sizes`` returns the size of the requested mutable shares in the
requested slot.
@@ -560,9 +564,7 @@ class PassValidationTests(TestCase):
cleanup_storage_server(self.anonymous_storage_server)
tw_vectors = {
- k: v.for_call()
- for (k, v)
- in test_and_write_vectors_for_shares.items()
+ k: v.for_call() for (k, v) in test_and_write_vectors_for_shares.items()
}
# Create an initial share to toy with.
@@ -574,11 +576,7 @@ class PassValidationTests(TestCase):
valid_passes = make_passes(
self.signing_key,
slot_testv_and_readv_and_writev_message(slot),
- list(
- RandomToken.create()
- for i
- in range(required_pass_count)
- ),
+ list(RandomToken.create() for i in range(required_pass_count)),
)
test, read = self.storage_server.doRemoteCall(
"slot_testv_and_readv_and_writev",
@@ -599,13 +597,13 @@ class PassValidationTests(TestCase):
expected_sizes = {
sharenum: get_implied_data_length(data_vector, new_length)
- for (sharenum, (testv, data_vector, new_length))
- in tw_vectors.items()
+ for (sharenum, (testv, data_vector, new_length)) in tw_vectors.items()
if sharenums is None or sharenum in sharenums
}
actual_sizes = self.storage_server.doRemoteCall(
- "share_sizes", (
+ "share_sizes",
+ (
slot,
sharenums,
),
diff --git a/src/_zkapauthorizer/tests/test_strategies.py b/src/_zkapauthorizer/tests/test_strategies.py
index 3f60fcd8a617e344e20b7c5e2bb496143e07d571..408053e91de8b74ae114c5fd12971d15ea203a07 100644
--- a/src/_zkapauthorizer/tests/test_strategies.py
+++ b/src/_zkapauthorizer/tests/test_strategies.py
@@ -47,10 +47,12 @@ from .strategies import (
share_parameters,
)
+
class TahoeConfigsTests(TestCase):
"""
Tests for ``tahoe_configs``.
"""
+
@given(data())
def test_parses(self, data):
"""
diff --git a/src/_zkapauthorizer/validators.py b/src/_zkapauthorizer/validators.py
index bd1545144b3a9ed39d10c656ccd9ebbbde549804..8bea8f19eed1aab1192205e722bdbf935d3fa4a3 100644
--- a/src/_zkapauthorizer/validators.py
+++ b/src/_zkapauthorizer/validators.py
@@ -20,6 +20,7 @@ from base64 import (
b64decode,
)
+
def is_base64_encoded(b64decode=b64decode):
def validate_is_base64_encoded(inst, attr, value):
try:
@@ -31,8 +32,10 @@ def is_base64_encoded(b64decode=b64decode):
value=value,
),
)
+
return validate_is_base64_encoded
+
def has_length(expected):
def validate_has_length(inst, attr, value):
if len(value) != expected:
@@ -43,8 +46,10 @@ def has_length(expected):
actual=len(value),
),
)
+
return validate_has_length
+
def greater_than(expected):
def validate_relation(inst, attr, value):
if value > expected:
@@ -57,4 +62,5 @@ def greater_than(expected):
actual=value,
),
)
+
return validate_relation