# OpenKeychain (for Android)

OpenKeychain is an OpenPGP implementation for Android.  
For a more detailed description and installation instructions go to https://www.openkeychain.org .

### Branches
* The development of OpenKeychain happens in the "master" branch.
* For every release a new branch, e.g., "3.2-fixes" is created to backport fixes from "master"

### Travis CI Build Status of master branch

[![Build Status](https://travis-ci.org/open-keychain/open-keychain.svg?branch=master)](https://travis-ci.org/open-keychain/open-keychain)

## How to help the project?

### Translate the application

Translations are managed at Transifex, please contribute there at https://www.transifex.com/projects/p/open-keychain/

### Contribute Code

1. Lookout for interesting issues on Github. We have tagged issues were we explicitly like to see contributions: https://github.com/open-keychain/open-keychain/labels/help-wanted
2. Read this README, especially the notes about coding style
3. Fork OpenKeychain and contribute code (the best part :sunglasses: )
4. Open a pull request on Github. We will help with occuring problems and merge your changes back into the main project.
5. PROFIT

### For bigger changes

1. Join the development mailinglist at https://lists.riseup.net/www/subscribe/openkeychain
2. Propose bigger changes and discuss the consequences

I am happy about every code contribution and appreciate your effort to help us developing OpenKeychain!

## Development

Development mailinglist at https://lists.riseup.net/www/subscribe/openkeychain

### Build with Gradle

1. Clone the project from GitHub
2. Get all external submodules with ``git submodule update --init --recursive``
3. Have Android SDK "tools", "platform-tools", and "build-tools" directories in your PATH (http://developer.android.com/sdk/index.html)
4. Open the Android SDK Manager (shell command: ``android``).  
Expand the Tools directory and select "Android SDK Build-tools (Version 21.1.2)".  
Expand the Extras directory and install "Android Support Repository"  
Select everything for the newest SDK Platform, API 22, and also API 21
5. Export ANDROID_HOME pointing to your Android SDK
6. Execute ``./gradlew assembleDebug``
7. You can install the app with ``adb install -r OpenKeychain/build/outputs/apk/OpenKeychain-debug-unaligned.apk``

### Run Tests
1. Use OpenJDK instead of Oracle JDK
2. Execute ``./gradlew clean testDebug --continue``

### Run Jacoco Test Coverage
1. Use OpenJDK instead of Oracle JDK
2. Execute ``./gradlew clean testDebug jacocoTestReport``
3. Report is here: OpenKeychain/build/reports/jacoco/jacocoTestReport/html/index.html

### Development with Android Studio

We are using the newest [Android Studio](http://developer.android.com/sdk/installing/studio.html) for development. Development with Eclipse is currently not possible because we are using the new [project structure](http://developer.android.com/sdk/installing/studio-tips.html).

1. Clone the project from Github
2. Get all external submodules with ``git submodule update --init --recursive``
3. From Android Studio: File -> Import Project ->  Select the cloned top folder

## Libraries

### Bouncy Castle

#### Spongy Castle

Spongy Castle is the stock Bouncy Castle libraries with a couple of small changes to make it work on Android. OpenKeychain uses a forked version with some small changes. These changes will been sent to Bouncy Castle, and Spongy Castle will be used again when they have filtered down.

see
* Fork: https://github.com/openpgp-keychain/spongycastle
* Spongy Castle: http://rtyley.github.com/spongycastle/

#### Bouncy Castle resources

* Repository: https://github.com/bcgit/bc-java
* Issue tracker: http://www.bouncycastle.org/jira/browse/BJA

#### Documentation
* Documentation project at http://www.cryptoworkshop.com/guide/
* Tests in https://github.com/bcgit/bc-java/tree/master/pg/src/test/java/org/bouncycastle/openpgp/test
* Examples in https://github.com/bcgit/bc-java/tree/master/pg/src/main/java/org/bouncycastle/openpgp/examples
* Mailinglist Archive at http://bouncy-castle.1462172.n4.nabble.com/Bouncy-Castle-Dev-f1462173.html
* Commit changelog of pg subpackage: https://github.com/bcgit/bc-java/commits/master/pg

## Build System

We try to make our builds as [reproducible/deterministic](https://blog.torproject.org/blog/deterministic-builds-part-one-cyberwar-and-global-compromise) as possible.  

#### Update Gradle version
* Always use a fixed Android Gradle plugin version not a dynamic one, e.g. ``0.7.3`` instead of ``0.7.+`` (allows offline builds without lookups for new versions, also some minor Android plugin versions had serious issues, i.e. [0.7.2 and 0.8.1](http://tools.android.com/tech-docs/new-build-system))
* Update every build.gradle file with the new gradle version and/or gradle plugin version
    * build.gradle
    * OpenKeychain/build.gradle
* run ./gradlew wrapper twice to update gradle and download the new gradle jar file
* commit the corresponding [Gradle wrapper](http://www.gradle.org/docs/current/userguide/gradle_wrapper.html) to the repository (allows easy building for new contributors without the need to install the required Gradle version using a package manager)
  
#### Update SDK and Build Tools
* Open build.gradle and change:
```
ext {
    compileSdkVersion = 21
    buildToolsVersion = '21.1.2'
}
```
* Change SDK and Build Tools in git submodules "openkeychain-api-lib" and "openpgp-api-lib" manually. They should also build on their own without the ext variables.

#### Add new library
* You can add the library as a Maven dependency or as a git submodule (if patches are required) in the "extern" folder.
* If added as a Maven dependency, pin the library using [Gradle Witness](https://github.com/WhisperSystems/gradle-witness) (Do ``./gradlew -q calculateChecksums`` for Trust on First Use)
* If added as a git submodule, change the ``compileSdkVersion`` and ``buildToolsVersion`` in build.gradle to use the variables from the root project:
```
android {
    compileSdkVersion rootProject.ext.compileSdkVersion
    buildToolsVersion rootProject.ext.buildToolsVersion
}
```
* You can check for wrong ``compileSdkVersion`` by ``find -name build.gradle | xargs grep compileSdkVersion``

#### Slow Gradle?

* https://www.timroes.de/2013/09/12/speed-up-gradle/
* Disable Lint checking if it is enabled in build.gradle

#### Error:Configuration with name 'default' not found.

Gradle project dependencies are missing. Do a ``git submodule init && git submodule update``

#### Build on Mac OS X fails?

Try exporting JAVA_TOOL_OPTIONS="-Dfile.encoding=UTF8"

## Translations

Translations are hosted on Transifex, which is configured by ".tx/config".

1. To pull newest translations install transifex client (e.g. ``apt-get install transifex-client``)
2. Config Transifex client with "~/.transifexrc"
3. Go into root folder of git repo
4. execute ``tx pull -af --skip``

see http://help.transifex.net/features/client/index.html#user-client

## Coding Style

### Code
* Indentation: 4 spaces, no tabs.
* Maximum line width for code and comments: 100.
* Opening braces don't go on their own line.
* Field names: Non-public, non-static fields start with m.
* Acronyms are words: Treat acronyms as words in names, yielding !XmlHttpRequest, getUrl(), etc.
* Fully Qualify Imports: Do *not* use wildcard-imports such as ``import foo.*;``
* Android Studio warnings should be fixed, or suppressed if they are incorrect.

The full coding style can be found at http://source.android.com/source/code-style.html

### Automated syntax check with CheckStyle

#### Linux
1. Paste the `tools/checkstyle.xml` file to `~/.AndroidStudioPreview/config/codestyles/`
2. Go to Settings > Code Style > Java, select OpenPgpChecker, as well as Code Style > XML and select OpenPgpChecker again.
3. Start code inspection and see the results by selecting Analyze > Inspect Code from Android-Studio or you can directly run checkstyle via cli with `.tools/checkstyle`. Make sure it's executable first.

#### Mac OSX
1. Paste the `tools/checkstyle.xml` file to `~/Library/Preferences/AndroidStudioPreview/codestyles`
2. Go to Preferences > Code Style > Java, select OpenPgpChecker, as well as Code Style > XML and select OpenPgpChecker again.
3. Start code inspection and see the results by selecting Analyze > Inspect Code from Android-Studio or you can directly run checkstyle via cli with `.tools/checkstyle`. Make sure it's executable first.

#### Windows
1. Paste the `tools/checkstyle.xml` file to `C:\Users\<UserName>\.AndroidStudioPreview\config\codestyles`
2. Go to File > Settings > Code Style > Java, select OpenPgpChecker, as well as Code Style > XML and select OpenPgpChecker again.
3. Start code inspection and see the resul<style>pre { line-height: 125%; margin: 0; }
td.linenos pre { color: #000000; background-color: #f0f0f0; padding: 0 5px 0 5px; }
span.linenos { color: #000000; background-color: #f0f0f0; padding: 0 5px 0 5px; }
td.linenos pre.special { color: #000000; background-color: #ffffc0; padding: 0 5px 0 5px; }
span.linenos.special { color: #000000; background-color: #ffffc0; padding: 0 5px 0 5px; }
.highlight .hll { background-color: #ffffcc }
.highlight { background: #ffffff; }
.highlight .c { color: #888888 } /* Comment */
.highlight .err { color: #a61717; background-color: #e3d2d2 } /* Error */
.highlight .k { color: #008800; font-weight: bold } /* Keyword */
.highlight .ch { color: #888888 } /* Comment.Hashbang */
.highlight .cm { color: #888888 } /* Comment.Multiline */
.highlight .cp { color: #cc0000; font-weight: bold } /* Comment.Preproc */
.highlight .cpf { color: #888888 } /* Comment.PreprocFile */
.highlight .c1 { color: #888888 } /* Comment.Single */
.highlight .cs { color: #cc0000; font-weight: bold; background-color: #fff0f0 } /* Comment.Special */
.highlight .gd { color: #000000; background-color: #ffdddd } /* Generic.Deleted */
.highlight .ge { font-style: italic } /* Generic.Emph */
.highlight .gr { color: #aa0000 } /* Generic.Error */
.highlight .gh { color: #333333 } /* Generic.Heading */
.highlight .gi { color: #000000; background-color: #ddffdd } /* Generic.Inserted */
.highlight .go { color: #888888 } /* Generic.Output */
.highlight .gp { color: #555555 } /* Generic.Prompt */
.highlight .gs { font-weight: bold } /* Generic.Strong */
.highlight .gu { color: #666666 } /* Generic.Subheading */
.highlight .gt { color: #aa0000 } /* Generic.Traceback */
.highlight .kc { color: #008800; font-weight: bold } /* Keyword.Constant */
.highlight .kd { color: #008800; font-weight: bold } /* Keyword.Declaration */
.highlight .kn { color: #008800; font-weight: bold } /* Keyword.Namespace */
.highlight .kp { color: #008800 } /* Keyword.Pseudo */
.highlight .kr { color: #008800; font-weight: bold } /* Keyword.Reserved */
.highlight .kt { color: #888888; font-weight: bold } /* Keyword.Type */
.highlight .m { color: #0000DD; font-weight: bold } /* Literal.Number */
.highlight .s { color: #dd2200; background-color: #fff0f0 } /* Literal.String */
.highlight .na { color: #336699 } /* Name.Attribute */
.highlight .nb { color: #003388 } /* Name.Builtin */
.highlight .nc { color: #bb0066; font-weight: bold } /* Name.Class */
.highlight .no { color: #003366; font-weight: bold } /* Name.Constant */
.highlight .nd { color: #555555 } /* Name.Decorator */
.highlight .ne { color: #bb0066; font-weight: bold } /* Name.Exception */
.highlight .nf { color: #0066bb; font-weight: bold } /* Name.Function */
.highlight .nl { color: #336699; font-style: italic } /* Name.Label */
.highlight .nn { color: #bb0066; font-weight: bold } /* Name.Namespace */
.highlight .py { color: #336699; font-weight: bold } /* Name.Property */
.highlight .nt { color: #bb0066; font-weight: bold } /* Name.Tag */
.highlight .nv { color: #336699 } /* Name.Variable */
.highlight .ow { color: #008800 } /* Operator.Word */
.highlight .w { color: #bbbbbb } /* Text.Whitespace */
.highlight .mb { color: #0000DD; font-weight: bold } /* Literal.Number.Bin */
.highlight .mf { color: #0000DD; font-weight: bold } /* Literal.Number.Float */
.highlight .mh { color: #0000DD; font-weight: bold } /* Literal.Number.Hex */
.highlight .mi { color: #0000DD; font-weight: bold } /* Literal.Number.Integer */
.highlight .mo { color: #0000DD; font-weight: bold } /* Literal.Number.Oct */
.highlight .sa { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Affix */
.highlight .sb { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Backtick */
.highlight .sc { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Char */
.highlight .dl { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Delimiter */
.highlight .sd { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Doc */
.highlight .s2 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Double */
.highlight .se { color: #0044dd; background-color: #fff0f0 } /* Literal.String.Escape */
.highlight .sh { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Heredoc */
.highlight .si { color: #3333bb; background-color: #fff0f0 } /* Literal.String.Interpol */
.highlight .sx { color: #22bb22; background-color: #f0fff0 } /* Literal.String.Other */
.highlight .sr { color: #008800; background-color: #fff0ff } /* Literal.String.Regex */
.highlight .s1 { color: #dd2200; background-color: #fff0f0 } /* Literal.String.Single */
.highlight .ss { color: #aa6600; background-color: #fff0f0 } /* Literal.String.Symbol */
.highlight .bp { color: #003388 } /* Name.Builtin.Pseudo */
.highlight .fm { color: #0066bb; font-weight: bold } /* Name.Function.Magic */
.highlight .vc { color: #336699 } /* Name.Variable.Class */
.highlight .vg { color: #dd7700 } /* Name.Variable.Global */
.highlight .vi { color: #3333bb } /* Name.Variable.Instance */
.highlight .vm { color: #336699 } /* Name.Variable.Magic */
.highlight .il { color: #0000DD; font-weight: bold } /* Literal.Number.Integer.Long */</style><div class="highlight"><pre><span></span><span class="kn">from</span> <span class="nn">__future__</span> <span class="kn">import</span> <span class="p">(</span><span class="n">absolute_import</span><span class="p">,</span> <span class="n">print_function</span><span class="p">,</span> <span class="n">division</span><span class="p">)</span>
<span class="kn">import</span> <span class="nn">argparse</span>
<span class="kn">import</span> <span class="nn">binascii</span>


<span class="k">def</span> <span class="nf">parse_http_basic_auth</span><span class="p">(</span><span class="n">s</span><span class="p">):</span>
    <span class="n">words</span> <span class="o">=</span> <span class="n">s</span><span class="o">.</span><span class="n">split</span><span class="p">()</span>
    <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">words</span><span class="p">)</span> <span class="o">!=</span> <span class="mi">2</span><span class="p">:</span>
        <span class="k">return</span> <span class="kc">None</span>
    <span class="n">scheme</span> <span class="o">=</span> <span class="n">words</span><span class="p">[</span><span class="mi">0</span><span class="p">]</span>
    <span class="k">try</span><span class="p">:</span>
        <span class="n">user</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">a2b_base64</span><span class="p">(</span><span class="n">words</span><span class="p">[</span><span class="mi">1</span><span class="p">])</span><span class="o">.</span><span class="n">decode</span><span class="p">(</span><span class="s2">&quot;utf8&quot;</span><span class="p">,</span> <span class="s2">&quot;replace&quot;</span><span class="p">)</span>
    <span class="k">except</span> <span class="n">binascii</span><span class="o">.</span><span class="n">Error</span><span class="p">:</span>
        <span class="k">return</span> <span class="kc">None</span>
    <span class="n">parts</span> <span class="o">=</span> <span class="n">user</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s1">&#39;:&#39;</span><span class="p">)</span>
    <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">parts</span><span class="p">)</span> <span class="o">!=</span> <span class="mi">2</span><span class="p">:</span>
        <span class="k">return</span> <span class="kc">None</span>
    <span class="k">return</span> <span class="n">scheme</span><span class="p">,</span> <span class="n">parts</span><span class="p">[</span><span class="mi">0</span><span class="p">],</span> <span class="n">parts</span><span class="p">[</span><span class="mi">1</span><span class="p">]</span>


<span class="k">def</span> <span class="nf">assemble_http_basic_auth</span><span class="p">(</span><span class="n">scheme</span><span class="p">,</span> <span class="n">username</span><span class="p">,</span> <span class="n">password</span><span class="p">):</span>
    <span class="n">v</span> <span class="o">=</span> <span class="n">binascii</span><span class="o">.</span><span class="n">b2a_base64</span><span class="p">((</span><span class="n">username</span> <span class="o">+</span> <span class="s2">&quot;:&quot;</span> <span class="o">+</span> <span class="n">password</span><span class="p">)</span><span class="o">.</span><span class="n">encode</span><span class="p">(</span><span class="s2">&quot;utf8&quot;</span><span class="p">))</span><span class="o">.</span><span class="n">decode</span><span class="p">(</span><span class="s2">&quot;ascii&quot;</span><span class="p">)</span>
    <span class="k">return</span> <span class="n">scheme</span> <span class="o">+</span> <span class="s2">&quot; &quot;</span> <span class="o">+</span> <span class="n">v</span>


<span class="k">class</span> <span class="nc">NullProxyAuth</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>

    <span class="sd">&quot;&quot;&quot;</span>
<span class="sd">        No proxy auth at all (returns empty challange headers)</span>
<span class="sd">    &quot;&quot;&quot;</span>

    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">password_manager</span><span class="p">):</span>
        <span class="bp">self</span><span class="o">.</span><span class="n">password_manager</span> <span class="o">=</span> <span class="n">password_manager</span>

    <span class="k">def</span> <span class="nf">clean</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">headers_</span><span class="p">):</span>
        <span class="sd">&quot;&quot;&quot;</span>
<span class="sd">            Clean up authentication headers, so they&#39;re not passed upstream.</span>
<span class="sd">        &quot;&quot;&quot;</span>

    <span class="k">def</span> <span class="nf">authenticate</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">headers_</span><span class="p">):</span>
        <span class="sd">&quot;&quot;&quot;</span>
<span class="sd">            Tests that the user is allowed to use the proxy</span>
<span class="sd">        &quot;&quot;&quot;</span>
        <span class="k">return</span> <span class="kc">True</span>

    <span class="k">def</span> <span class="nf">auth_challenge_headers</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="sd">&quot;&quot;&quot;</span>
<span class="sd">            Returns a dictionary containing the headers require to challenge the user</span>
<span class="sd">        &quot;&quot;&quot;</span>
        <span class="k">return</span> <span class="p">{}</span>


<span class="k">class</span> <span class="nc">BasicProxyAuth</span><span class="p">(</span><span class="n">NullProxyAuth</span><span class="p">):</span>
    <span class="n">CHALLENGE_HEADER</span> <span class="o">=</span> <span class="s1">&#39;Proxy-Authenticate&#39;</span>
    <span class="n">AUTH_HEADER</span> <span class="o">=</span> <span class="s1">&#39;Proxy-Authorization&#39;</span>

    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">password_manager</span><span class="p">,</span> <span class="n">realm</span><span class="p">):</span>
        <span class="n">NullProxyAuth</span><span class="o">.</span><span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">password_manager</span><span class="p">)</span>
        <span class="bp">self</span><span class="o">.</span><span class="n">realm</span> <span class="o">=</span> <span class="n">realm</span>

    <span class="k">def</span> <span class="nf">clean</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">headers</span><span class="p">):</span>
        <span class="k">del</span> <span class="n">headers</span><span class="p">[</span><span class="bp">self</span><span class="o">.</span><span class="n">AUTH_HEADER</span><span class="p">]</span>

    <span class="k">def</span> <span class="nf">authenticate</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">headers</span><span class="p">):</span>
        <span class="n">auth_value</span> <span class="o">=</span> <span class="n">headers</span><span class="o">.</span><span class="n">get</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">AUTH_HEADER</span><span class="p">)</span>
        <span class="k">if</span> <span class="ow">not</span> <span class="n">auth_value</span><span class="p">:</span>
            <span class="k">return</span> <span class="kc">False</span>
        <span class="n">parts</span> <span class="o">=</span> <span class="n">parse_http_basic_auth</span><span class="p">(</span><span class="n">auth_value</span><span class="p">)</span>
        <span class="k">if</span> <span class="ow">not</span> <span class="n">parts</span><span class="p">:</span>
            <span class="k">return</span> <span class="kc">False</span>
        <span class="n">scheme</span><span class="p">,</span> <span class="n">username</span><span class="p">,</span> <span class="n">password</span> <span class="o">=</span> <span class="n">parts</span>
        <span class="k">if</span> <span class="n">scheme</span><span class="o">.</span><span class="n">lower</span><span class="p">()</span> <span class="o">!=</span> <span class="s1">&#39;basic&#39;</span><span class="p">:</span>
            <span class="k">return</span> <span class="kc">False</span>
        <span class="k">if</span> <span class="ow">not</span> <span class="bp">self</span><span class="o">.</span><span class="n">password_manager</span><span class="o">.</span><span class="n">test</span><span class="p">(</span><span class="n">username</span><span class="p">,</span> <span class="n">password</span><span class="p">):</span>
            <span class="k">return</span> <span class="kc">False</span>
        <span class="bp">self</span><span class="o">.</span><span class="n">username</span> <span class="o">=</span> <span class="n">username</span>
        <span class="k">return</span> <span class="kc">True</span>

    <span class="k">def</span> <span class="nf">auth_challenge_headers</span><span class="p">(</span><span class="bp">self</span><span class="p">):</span>
        <span class="k">return</span> <span class="p">{</span><span class="bp">self</span><span class="o">.</span><span class="n">CHALLENGE_HEADER</span><span class="p">:</span> <span class="s1">&#39;Basic realm=&quot;</span><span class="si">%s</span><span class="s1">&quot;&#39;</span> <span class="o">%</span> <span class="bp">self</span><span class="o">.</span><span class="n">realm</span><span class="p">}</span>


<span class="k">class</span> <span class="nc">PassMan</span><span class="p">(</span><span class="nb">object</span><span class="p">):</span>

    <span class="k">def</span> <span class="nf">test</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">username_</span><span class="p">,</span> <span class="n">password_token_</span><span class="p">):</span>
        <span class="k">return</span> <span class="kc">False</span>


<span class="k">class</span> <span class="nc">PassManNonAnon</span><span class="p">(</span><span class="n">PassMan</span><span class="p">):</span>

    <span class="sd">&quot;&quot;&quot;</span>
<span class="sd">        Ensure the user specifies a username, accept any password.</span>
<span class="sd">    &quot;&quot;&quot;</span>

    <span class="k">def</span> <span class="nf">test</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">username</span><span class="p">,</span> <span class="n">password_token_</span><span class="p">):</span>
        <span class="k">if</span> <span class="n">username</span><span class="p">:</span>
            <span class="k">return</span> <span class="kc">True</span>
        <span class="k">return</span> <span class="kc">False</span>


<span class="k">class</span> <span class="nc">PassManHtpasswd</span><span class="p">(</span><span class="n">PassMan</span><span class="p">):</span>

    <span class="sd">&quot;&quot;&quot;</span>
<span class="sd">        Read usernames and passwords from an htpasswd file</span>
<span class="sd">    &quot;&quot;&quot;</span>

    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">path</span><span class="p">):</span>
        <span class="sd">&quot;&quot;&quot;</span>
<span class="sd">            Raises ValueError if htpasswd file is invalid.</span>
<span class="sd">        &quot;&quot;&quot;</span>
        <span class="kn">import</span> <span class="nn">passlib.apache</span>
        <span class="bp">self</span><span class="o">.</span><span class="n">htpasswd</span> <span class="o">=</span> <span class="n">passlib</span><span class="o">.</span><span class="n">apache</span><span class="o">.</span><span class="n">HtpasswdFile</span><span class="p">(</span><span class="n">path</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">test</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">username</span><span class="p">,</span> <span class="n">password_token</span><span class="p">):</span>
        <span class="k">return</span> <span class="nb">bool</span><span class="p">(</span><span class="bp">self</span><span class="o">.</span><span class="n">htpasswd</span><span class="o">.</span><span class="n">check_password</span><span class="p">(</span><span class="n">username</span><span class="p">,</span> <span class="n">password_token</span><span class="p">))</span>


<span class="k">class</span> <span class="nc">PassManSingleUser</span><span class="p">(</span><span class="n">PassMan</span><span class="p">):</span>

    <span class="k">def</span> <span class="fm">__init__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">username</span><span class="p">,</span> <span class="n">password</span><span class="p">):</span>
        <span class="bp">self</span><span class="o">.</span><span class="n">username</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">password</span> <span class="o">=</span> <span class="n">username</span><span class="p">,</span> <span class="n">password</span>

    <span class="k">def</span> <span class="nf">test</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">username</span><span class="p">,</span> <span class="n">password_token</span><span class="p">):</span>
        <span class="k">return</span> <span class="bp">self</span><span class="o">.</span><span class="n">username</span> <span class="o">==</span> <span class="n">username</span> <span class="ow">and</span> <span class="bp">self</span><span class="o">.</span><span class="n">password</span> <span class="o">==</span> <span class="n">password_token</span>


<span class="k">class</span> <span class="nc">AuthAction</span><span class="p">(</span><span class="n">argparse</span><span class="o">.</span><span class="n">Action</span><span class="p">):</span>

    <span class="sd">&quot;&quot;&quot;</span>
<span class="sd">    Helper class to allow seamless integration int argparse. Example usage:</span>
<span class="sd">    parser.add_argument(</span>
<span class="sd">        &quot;--nonanonymous&quot;,</span>
<span class="sd">        action=NonanonymousAuthAction, nargs=0,</span>
<span class="sd">        help=&quot;Allow access to any user long as a credentials are specified.&quot;</span>
<span class="sd">    )</span>
<span class="sd">    &quot;&quot;&quot;</span>

    <span class="k">def</span> <span class="fm">__call__</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">parser</span><span class="p">,</span> <span class="n">namespace</span><span class="p">,</span> <span class="n">values</span><span class="p">,</span> <span class="n">option_string</span><span class="o">=</span><span class="kc">None</span><span class="p">):</span>
        <span class="n">passman</span> <span class="o">=</span> <span class="bp">self</span><span class="o">.</span><span class="n">getPasswordManager</span><span class="p">(</span><span class="n">values</span><span class="p">)</span>
        <span class="n">authenticator</span> <span class="o">=</span> <span class="n">BasicProxyAuth</span><span class="p">(</span><span class="n">passman</span><span class="p">,</span> <span class="s2">&quot;mitmproxy&quot;</span><span class="p">)</span>
        <span class="nb">setattr</span><span class="p">(</span><span class="n">namespace</span><span class="p">,</span> <span class="bp">self</span><span class="o">.</span><span class="n">dest</span><span class="p">,</span> <span class="n">authenticator</span><span class="p">)</span>

    <span class="k">def</span> <span class="nf">getPasswordManager</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">s</span><span class="p">):</span>  <span class="c1"># pragma: no cover</span>
        <span class="k">raise</span> <span class="ne">NotImplementedError</span><span class="p">()</span>


<span class="k">class</span> <span class="nc">SingleuserAuthAction</span><span class="p">(</span><span class="n">AuthAction</span><span class="p">):</span>

    <span class="k">def</span> <span class="nf">getPasswordManager</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">s</span><span class="p">):</span>
        <span class="k">if</span> <span class="nb">len</span><span class="p">(</span><span class="n">s</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s1">&#39;:&#39;</span><span class="p">))</span> <span class="o">!=</span> <span class="mi">2</span><span class="p">:</span>
            <span class="k">raise</span> <span class="n">argparse</span><span class="o">.</span><span class="n">ArgumentTypeError</span><span class="p">(</span>
                <span class="s2">&quot;Invalid single-user specification. Please use the format username:password&quot;</span>
            <span class="p">)</span>
        <span class="n">username</span><span class="p">,</span> <span class="n">password</span> <span class="o">=</span> <span class="n">s</span><span class="o">.</span><span class="n">split</span><span class="p">(</span><span class="s1">&#39;:&#39;</span><span class="p">)</span>
        <span class="k">return</span> <span class="n">PassManSingleUser</span><span class="p">(</span><span class="n">username</span><span class="p">,</span> <span class="n">password</span><span class="p">)</span>


<span class="k">class</span> <span class="nc">NonanonymousAuthAction</span><span class="p">(</span><span class="n">AuthAction</span><span class="p">):</span>

    <span class="k">def</span> <span class="nf">getPasswordManager</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">s</span><span class="p">):</span>
        <span class="k">return</span> <span class="n">PassManNonAnon</span><span class="p">()</span>


<span class="k">class</span> <span class="nc">HtpasswdAuthAction</span><span class="p">(</span><span class="n">AuthAction</span><span class="p">):</span>

    <span class="k">def</span> <span class="nf">getPasswordManager</span><span class="p">(</span><span class="bp">self</span><span class="p">,</span> <span class="n">s</span><span class="p">):</span>
        <span class="k">return</span> <span class="n">PassManHtpasswd</span><span class="p">(</span><span class="n">s</span><span class="p">)</span>
</pre></div>
</code></pre></td></tr></table>
</div> <!-- class=content -->
<div class='footer'>generated by <a href='https://git.zx2c4.com/cgit/about/'>cgit v1.2.3</a> (<a href='https://git-scm.com/'>git 2.25.1</a>) at 2025-07-21 09:21:42 +0000</div>
</div> <!-- id=cgit -->
</body>
</html>