internal static Account[] GetVaultAccounts(string id,
AesKey sessionKey,
Keychain keychain,
JsonHttpClient jsonHttp)
{
var response = GetEncryptedJson(string.Format("v1/vault/{0}/0/items", id),
sessionKey,
jsonHttp);
return(response.At("items", new JArray()).Select(i => ParseAccount(i, keychain)).ToArray());
}
internal static JObject PostEncryptedJson(string endpoint,
Dictionary <string, string> parameters,
AesKey sessionKey,
JsonHttpClient jsonHttp)
{
var payload = JsonConvert.SerializeObject(parameters);
var encryptedPayload = sessionKey.Encrypt(payload.ToBytes());
var response = jsonHttp.Post(endpoint, encryptedPayload.ToDictionary());
return(Decrypt(response, sessionKey));
}
internal static Vault[] GetVaults(JToken accountInfo,
AesKey sessionKey,
Keychain keychain,
JsonHttpClient jsonHttp)
{
var accessibleVaults = new HashSet <string>(BuildListOfAccessibleVaults(accountInfo));
return(accountInfo.At("vaults")
.Where(i => accessibleVaults.Contains(i.StringAt("uuid", "")))
.Select(i => GetVault(i, sessionKey, keychain, jsonHttp))
.ToArray());
}
internal static Vault GetVault(JToken json,
AesKey sessionKey,
Keychain keychain,
JsonHttpClient jsonHttp)
{
var id = json.StringAt("uuid");
var attributes = Decrypt(json.At("encAttrs"), keychain);
return(new Vault(id: id,
name: attributes.StringAt("name", ""),
description: attributes.StringAt("desc", ""),
accounts: GetVaultAccounts(id, sessionKey, keychain, jsonHttp)));
}
public static byte[] CalculateSessionHmacSalt(AesKey sessionKey)
{
return(Hmac256(sessionKey.Key, SessionHmacSecret));
}
public void Add(AesKey key)
{
_aes[key.Id] = key;
}
public MacRequestSigner(Session session, AesKey sessionKey, uint seed)
{
_sessionId = session.Id;
_salt = Crypto.CalculateSessionHmacSalt(sessionKey);
_requestId = seed;
}
public MacRequestSigner(Session session, AesKey sessionKey)
: this(session, sessionKey, Crypto.RandonUInt32())
{
}
internal static JObject Decrypt(JToken json, AesKey sessionKey)
{
return(JObject.Parse(sessionKey.Decrypt(Encrypted.Parse(json)).ToUtf8()));
}
//
// HTTP
//
internal static JObject GetEncryptedJson(string endpoint,
AesKey sessionKey,
JsonHttpClient jsonHttp)
{
return(Decrypt(jsonHttp.Get(endpoint), sessionKey));
}
internal static void DecryptAesKey(JToken key, Keychain keychain)
{
keychain.Add(AesKey.Parse(Decrypt(key, keychain)));
}
internal static JObject GetKeysets(AesKey sessionKey, JsonHttpClient jsonHttp)
{
return(GetEncryptedJson("v1/account/keysets", sessionKey, jsonHttp));
}
internal static JObject GetAccountInfo(AesKey sessionKey, JsonHttpClient jsonHttp)
{
return(GetEncryptedJson("v1/account?attrs=billing,counts,groups,invite,me,settings,tier,user-flags,users,vaults", sessionKey, jsonHttp));
}
internal static void VerifySessionKey(ClientInfo clientInfo,
Session session,
AesKey sessionKey,
JsonHttpClient jsonHttp)
{
try
{
var response = PostEncryptedJson(
"v2/auth/verify",
new Dictionary <string, string>
{
{ "sessionID", session.Id },
{ "clientVerifyHash", Crypto.CalculateClientHash(clientInfo, session) },
{ "client", ClientId },
},
sessionKey,
jsonHttp);
// Just to verify that it's a valid JSON and it has some keys.
// Technically it should have failed by now either in decrypt or JSON parse
response.StringAt("userUuid");
}
catch (ClientException e)
{
// This is a quite ugly attempt at handling a very special case.
// When this specific request fails with 400, the response contains
// the error code. It seems 102 means invalid credentials.
// TODO: Write a test for this case.
if (e.Reason != ClientException.FailureReason.NetworkError)
{
throw;
}
var web = e.InnerException as WebException;
if (web == null)
{
throw;
}
var response = web.Response as HttpWebResponse;
if (response == null)
{
throw;
}
var stream = response.GetResponseStream();
if (stream == null)
{
throw;
}
stream.Position = 0;
var text = new System.IO.StreamReader(stream).ReadToEnd();
var json = JObject.Parse(text);
if (json.IntAt("errorCode", 0) == 102)
{
throw new ClientException(ClientException.FailureReason.IncorrectCredentials,
"Username, password or account key is incorrect",
e);
}
throw;
}
}
