Poodletooth-iLand/toontown/rpc/ToontownRPCHandlerBase.py

from direct.directnotify.DirectNotifyGlobal import directNotify
import json
import time

from Crypto.Cipher import AES


UNKNOWN = 700
USER = 100
COMMUNITY_MANAGER = 200
MODERATOR = 300
ARTIST = 400
PROGRAMMER = 500
ADMINISTRATOR = 600
SYSTEM_ADMINISTRATOR = 700


class RPCMethod:
    def __init__(self, accessLevel=UNKNOWN):
        self.accessLevel = accessLevel

    def __call__(self, method):
        method.accessLevel = self.accessLevel
        return method


rpcmethod = RPCMethod


class ToontownRPCHandlerBase:
    notify = directNotify.newCategory('ToontownRPCHandlerBase')

    def __init__(self, air):
        self.air = air

    def authenticate(self, token, method):
        """
        Ensure the provided token is valid, and meets the access level
        requirements of the method.
        """
        # First, base64 decode the token:
        try:
            token = token.decode('base64')
        except TypeError:
            return (-32001, 'Token decode failure')

        # Ensure this token is a valid size:
        if (not token) or ((len(token) % 16) != 0):
            return (-32002, 'Invalid token length')

        # Next, decrypt the token using AES-128 in CBC mode:
        rpcServerSecret = config.GetString('rpc-server-secret', '6163636f756e7473')

        # Ensure that our secret is the correct size:
        if len(rpcServerSecret) > AES.block_size:
            self.notify.error('rpc-server-secret is too big!')
        elif len(rpcServerSecret) < AES.block_size:
            self.notify.error('rpc-server-secret is too small!')

        # Take the initialization vector off the front of the token:
        iv = token[:AES.block_size]

        # Truncate the token to get our cipher text:
        cipherText = token[AES.block_size:]

        # Decrypt!
        cipher = AES.new(rpcServerSecret, mode=AES.MODE_CBC, IV=iv)
        try:
            token = json.loads(cipher.decrypt(cipherText).replace('\x00', ''))
            if ('timestamp' not in token) or (not isinstance(token['timestamp'], int)):
                raise ValueError
            if ('accesslevel' not in token) or (not isinstance(token['accesslevel'], int)):
                raise ValueError
        except ValueError:
            return (-32003, 'Invalid token')

        # Next, check if this token has expired:
        period = config.GetInt('rpc-token-period', 5)
        delta = int(time.time()) - token['timestamp']
        if delta > period:
            return (-32004, 'Token expired')

        if token['accesslevel'] < method.accessLevel:
            return (-32005, 'Insufficient access')
Official files 2015-11-14 13:28:53 -06:00			`from direct.directnotify.DirectNotifyGlobal import directNotify`
			`import json`
			`import time`

			`from Crypto.Cipher import AES`


			`UNKNOWN = 700`
			`USER = 100`
			`COMMUNITY_MANAGER = 200`
			`MODERATOR = 300`
			`ARTIST = 400`
			`PROGRAMMER = 500`
			`ADMINISTRATOR = 600`
			`SYSTEM_ADMINISTRATOR = 700`


			`class RPCMethod:`
			`def __init__(self, accessLevel=UNKNOWN):`
			`self.accessLevel = accessLevel`

			`def __call__(self, method):`
			`method.accessLevel = self.accessLevel`
			`return method`


			`rpcmethod = RPCMethod`


			`class ToontownRPCHandlerBase:`
			`notify = directNotify.newCategory('ToontownRPCHandlerBase')`

			`def __init__(self, air):`
			`self.air = air`

			`def authenticate(self, token, method):`
			`"""`
			`Ensure the provided token is valid, and meets the access level`
			`requirements of the method.`
			`"""`
			`# First, base64 decode the token:`
			`try:`
			`token = token.decode('base64')`
			`except TypeError:`
			`return (-32001, 'Token decode failure')`

			`# Ensure this token is a valid size:`
			`if (not token) or ((len(token) % 16) != 0):`
			`return (-32002, 'Invalid token length')`

			`# Next, decrypt the token using AES-128 in CBC mode:`
			`rpcServerSecret = config.GetString('rpc-server-secret', '6163636f756e7473')`

			`# Ensure that our secret is the correct size:`
			`if len(rpcServerSecret) > AES.block_size:`
			`self.notify.error('rpc-server-secret is too big!')`
			`elif len(rpcServerSecret) < AES.block_size:`
			`self.notify.error('rpc-server-secret is too small!')`

			`# Take the initialization vector off the front of the token:`
			`iv = token[:AES.block_size]`

			`# Truncate the token to get our cipher text:`
			`cipherText = token[AES.block_size:]`

			`# Decrypt!`
			`cipher = AES.new(rpcServerSecret, mode=AES.MODE_CBC, IV=iv)`
			`try:`
			`token = json.loads(cipher.decrypt(cipherText).replace('\x00', ''))`
			`if ('timestamp' not in token) or (not isinstance(token['timestamp'], int)):`
			`raise ValueError`
			`if ('accesslevel' not in token) or (not isinstance(token['accesslevel'], int)):`
			`raise ValueError`
			`except ValueError:`
			`return (-32003, 'Invalid token')`

			`# Next, check if this token has expired:`
			`period = config.GetInt('rpc-token-period', 5)`
			`delta = int(time.time()) - token['timestamp']`
			`if delta > period:`
			`return (-32004, 'Token expired')`

			`if token['accesslevel'] < method.accessLevel:`
			`return (-32005, 'Insufficient access')`