diff --git a/src/_zkapauthorizer/_storage_server.py b/src/_zkapauthorizer/_storage_server.py
index fa9aedb748d624558834b727e7db6a9a4a03629d..8bae23d92c31d59ee4405d3ccfca4c0c09f30d51 100644
--- a/src/_zkapauthorizer/_storage_server.py
+++ b/src/_zkapauthorizer/_storage_server.py
@@ -49,7 +49,7 @@ from privacypass import (
SigningKey,
)
from .foolscap import (
- RITokenAuthorizedStorageServer,
+ RIPrivacyPassAuthorizedStorageServer,
)
from .storage_common import (
BYTES_PER_PASS,
@@ -85,7 +85,7 @@ class MorePassesRequired(Exception):
return repr(self)
-@implementer_only(RITokenAuthorizedStorageServer, IReferenceable, IRemotelyCallable)
+@implementer_only(RIPrivacyPassAuthorizedStorageServer, IReferenceable, IRemotelyCallable)
# It would be great to use `frozen=True` (value-based hashing) instead of
# `cmp=False` (identity based hashing) but Referenceable wants to set some
# attributes on self and it's hard to avoid that.
diff --git a/src/_zkapauthorizer/foolscap.py b/src/_zkapauthorizer/foolscap.py
index 213eca4476aed796fa4ba166014a7e4fcd6a75ac..cd605c07732fe6f55f6cb0905586ee749e66026e 100644
--- a/src/_zkapauthorizer/foolscap.py
+++ b/src/_zkapauthorizer/foolscap.py
@@ -18,34 +18,32 @@ from allmydata.interfaces import (
)
# The Foolscap convention seems to be to try to constrain inputs to valid
-# values. So we'll try to limit the number of tokens a client can supply.
+# values. So we'll try to limit the number of passes a client can supply.
# Foolscap may be moving away from this so we may eventually drop this as
# well. Though it may still make sense on a non-Foolscap protocol (eg HTTP)
# which Tahoe-LAFS may eventually support.
#
# In any case, for now, pick some fairly arbitrary value. I am deliberately
# picking a small number here and expect to have to raise. However, ideally,
-# a client could accomplish a lot with a few tokens while also not wasting a
+# a client could accomplish a lot with a few passes while also not wasting a
# lot of value.
-MAXIMUM_TOKENS_PER_CALL = 10
+MAXIMUM_PASSES_PER_CALL = 10
-# This is the length of a serialized Ristretto-flavored PrivacyPass pass
-# (there's a lot of confusion between "tokens" and "passes" here, sadly).
-#
-# The pass is a combination of base64-encoded token preimages and unblinded
-# token signatures.
-TOKEN_LENGTH = 177
+# This is the length of a serialized Ristretto-flavored PrivacyPass pass The
+# pass is a combination of token preimages and unblinded token signatures,
+# each base64-encoded.
+PASS_LENGTH = 177
# Take those values and turn them into the appropriate Foolscap constraint
# objects. Foolscap seems to have a convention of representing these as
# CamelCase module-level values so I replicate that here.
-Token = ByteStringConstraint(maxLength=TOKEN_LENGTH, minLength=TOKEN_LENGTH)
-TokenList = ListOf(Token, maxLength=MAXIMUM_TOKENS_PER_CALL)
+Pass = ByteStringConstraint(maxLength=PASS_LENGTH, minLength=PASS_LENGTH)
+PassList = ListOf(Pass, maxLength=MAXIMUM_PASSES_PER_CALL)
-def add_tokens(schema):
+def add_passes(schema):
"""
- Add a ``tokens`` parameter to the given method schema.
+ Add a ``passes`` parameter to the given method schema.
:param foolscap.remoteinterface.RemoteMethodSchema schema: An existing
method schema to modify.
@@ -53,7 +51,7 @@ def add_tokens(schema):
:return foolscap.remoteinterface.RemoteMethodSchema: A schema like
``schema`` but with one additional required argument.
"""
- return add_arguments(schema, [(b"tokens", TokenList)])
+ return add_arguments(schema, [(b"passes", PassList)])
def add_arguments(schema, kwargs):
@@ -88,33 +86,33 @@ def add_arguments(schema, kwargs):
-class RITokenAuthorizedStorageServer(RemoteInterface):
+class RIPrivacyPassAuthorizedStorageServer(RemoteInterface):
"""
- An object which can store and retrieve shares, subject to token-based
+ An object which can store and retrieve shares, subject to pass-based
authorization.
This is much the same as ``allmydata.interfaces.RIStorageServer`` but
- several of its methods take an additional ``tokens`` parameter. Clients
- are expected to supply suitable tokens and only after the tokens have been
+ several of its methods take an additional ``passes`` parameter. Clients
+ are expected to supply suitable passes and only after the passes have been
validated is service provided.
"""
__remote_name__ = (
- "RITokenAuthorizedStorageServer.tahoe.privatestorage.io"
+ "RIPrivacyPassAuthorizedStorageServer.tahoe.privatestorage.io"
)
get_version = RIStorageServer["get_version"]
- allocate_buckets = add_tokens(RIStorageServer["allocate_buckets"])
+ allocate_buckets = add_passes(RIStorageServer["allocate_buckets"])
- add_lease = add_tokens(RIStorageServer["add_lease"])
+ add_lease = add_passes(RIStorageServer["add_lease"])
- renew_lease = add_tokens(RIStorageServer["renew_lease"])
+ renew_lease = add_passes(RIStorageServer["renew_lease"])
get_buckets = RIStorageServer["get_buckets"]
slot_readv = RIStorageServer["slot_readv"]
- slot_testv_and_readv_and_writev = add_tokens(
+ slot_testv_and_readv_and_writev = add_passes(
RIStorageServer["slot_testv_and_readv_and_writev"],
)
diff --git a/src/_zkapauthorizer/tests/matchers.py b/src/_zkapauthorizer/tests/matchers.py
index c54c99067b80438f119edbc9521b9d1e84d87499..bcb4edbd37f4e8a5642405cf070e20f1d805b213 100644
--- a/src/_zkapauthorizer/tests/matchers.py
+++ b/src/_zkapauthorizer/tests/matchers.py
@@ -47,7 +47,7 @@ def matches_version_dictionary():
"""
Match the dictionary returned by Tahoe-LAFS'
``RIStorageServer.get_version`` which is also the dictionary returned by
- our own ``RITokenAuthorizedStorageServer.get_version``.
+ our own ``RIPrivacyPassAuthorizedStorageServer.get_version``.
"""
return ContainsDict({
# It has these two top-level keys, at least. Try not to be too