lnbits-legend/lnbits/wallets/macaroon/macaroon.py

import base64

from loguru import logger

from lnbits.utils.crypto import AESCipher


def load_macaroon(macaroon: str) -> str:
    """Returns hex version of a macaroon encoded in base64 or the file path.

    :param macaroon: Macaroon encoded in base64 or file path.
    :type macaroon: str
    :return: Hex version of macaroon.
    :rtype: str
    """

    # if the macaroon is a file path, load it and return hex version
    if macaroon.split(".")[-1] == "macaroon":
        with open(macaroon, "rb") as f:
            macaroon_bytes = f.read()
            return macaroon_bytes.hex()
    else:
        # if macaroon is a provided string
        # check if it is hex, if so, return
        try:
            bytes.fromhex(macaroon)
            return macaroon
        except ValueError:
            pass
        # convert the bas64 macaroon to hex
        try:
            macaroon = base64.b64decode(macaroon).hex()
        except Exception:
            pass
    return macaroon


# todo: move to its own (crypto.py) file
# if this file is executed directly, ask for a macaroon and encrypt it
if __name__ == "__main__":
    macaroon = input("Enter macaroon: ")
    macaroon = load_macaroon(macaroon)
    macaroon = AESCipher(description="encryption").encrypt(macaroon.encode())
    logger.info("Encrypted macaroon:")
    logger.info(macaroon)
Support for encrypted macaroons (#521) * encrypted macaroons * fix GRPC env entry * example config entry * add pycryptodomex to requirements * documentation * Added pycryptodomex to pip file Co-authored-by: Ben Arc <ben@arc.wales> 2022-02-14 17:54:05 +01:00			`import base64`

Logging with loguru (#708) * logging * requirements * add loguru dependency * restore it * add loguru * set log level in .env file * remove service fee print * set log level * more logging * more logging * more logging * pyament.checking_id * fix 2022-07-07 14:30:16 +02:00			`from loguru import logger`

refactor: extract `AESCipher` to `crypto.py` (#2202) 2024-01-15 11:51:15 +02:00			`from lnbits.utils.crypto import AESCipher`
black formating 2022-06-01 14:53:05 +02:00
Support for encrypted macaroons (#521) * encrypted macaroons * fix GRPC env entry * example config entry * add pycryptodomex to requirements * documentation * Added pycryptodomex to pip file Co-authored-by: Ben Arc <ben@arc.wales> 2022-02-14 17:54:05 +01:00
			`def load_macaroon(macaroon: str) -> str:`
black formating 2022-06-01 14:53:05 +02:00			`"""Returns hex version of a macaroon encoded in base64 or the file path.`
Support for encrypted macaroons (#521) * encrypted macaroons * fix GRPC env entry * example config entry * add pycryptodomex to requirements * documentation * Added pycryptodomex to pip file Co-authored-by: Ben Arc <ben@arc.wales> 2022-02-14 17:54:05 +01:00
			`:param macaroon: Macaroon encoded in base64 or file path.`
			`:type macaroon: str`
			`:return: Hex version of macaroon.`
			`:rtype: str`
			`"""`

Wallets: add cln-rest (#1775) * receive and pay works * fix linter issues * import Paymentstatus from core.models * fix test real payment * fix get_payment_status check in lnbits * fix tests? * simplify * refactor AsyncClient * inline import of get_wallet_class fixes the previous cyclic import * invoice stream working * add notes as a reminder to get rid of labels when cln-rest supports payment_hash * create Payment dummy classmethod * remove unnecessary fields from dummy * fixes tests? * fix model * fix cln bug (#1814) * auth header * rename cln to corelightning * add clnrest to admin_ui * add to clnrest allowed sources * add allowed sources to .env.example * allow macaroon files * add corelightning rest to workflow * proper env names * cleanup routine * log wallet connection errors and fix macaroon clnrest * print error on connection fails * clnrest: handle disconnects faster * fix test use of get_payment_status * make format * clnrest: add unhashed_description * add unhashed_description to test * description_hash test * unhashed_description not supported by clnrest * fix checking_id return in api_payments_create_invoice * refactor test to use client instead of api_payments * formatting, some errorlogging * fix test 1 * fix other tests, paid statuses was missing * error handling * revert unnecessary changes (#1854) * apply review of motorina0 --------- Co-authored-by: jackstar12 <jkranawetter05@gmail.com> Co-authored-by: jackstar12 <62219658+jackstar12@users.noreply.github.com> Co-authored-by: dni ⚡ <office@dnilabs.com> 2023-08-23 08:59:39 +02:00			`# if the macaroon is a file path, load it and return hex version`
Support for encrypted macaroons (#521) * encrypted macaroons * fix GRPC env entry * example config entry * add pycryptodomex to requirements * documentation * Added pycryptodomex to pip file Co-authored-by: Ben Arc <ben@arc.wales> 2022-02-14 17:54:05 +01:00			`if macaroon.split(".")[-1] == "macaroon":`
			`with open(macaroon, "rb") as f:`
			`macaroon_bytes = f.read()`
			`return macaroon_bytes.hex()`
			`else:`
Wallets: add cln-rest (#1775) * receive and pay works * fix linter issues * import Paymentstatus from core.models * fix test real payment * fix get_payment_status check in lnbits * fix tests? * simplify * refactor AsyncClient * inline import of get_wallet_class fixes the previous cyclic import * invoice stream working * add notes as a reminder to get rid of labels when cln-rest supports payment_hash * create Payment dummy classmethod * remove unnecessary fields from dummy * fixes tests? * fix model * fix cln bug (#1814) * auth header * rename cln to corelightning * add clnrest to admin_ui * add to clnrest allowed sources * add allowed sources to .env.example * allow macaroon files * add corelightning rest to workflow * proper env names * cleanup routine * log wallet connection errors and fix macaroon clnrest * print error on connection fails * clnrest: handle disconnects faster * fix test use of get_payment_status * make format * clnrest: add unhashed_description * add unhashed_description to test * description_hash test * unhashed_description not supported by clnrest * fix checking_id return in api_payments_create_invoice * refactor test to use client instead of api_payments * formatting, some errorlogging * fix test 1 * fix other tests, paid statuses was missing * error handling * revert unnecessary changes (#1854) * apply review of motorina0 --------- Co-authored-by: jackstar12 <jkranawetter05@gmail.com> Co-authored-by: jackstar12 <62219658+jackstar12@users.noreply.github.com> Co-authored-by: dni ⚡ <office@dnilabs.com> 2023-08-23 08:59:39 +02:00			`# if macaroon is a provided string`
			`# check if it is hex, if so, return`
			`try:`
			`bytes.fromhex(macaroon)`
			`return macaroon`
			`except ValueError:`
			`pass`
Support for encrypted macaroons (#521) * encrypted macaroons * fix GRPC env entry * example config entry * add pycryptodomex to requirements * documentation * Added pycryptodomex to pip file Co-authored-by: Ben Arc <ben@arc.wales> 2022-02-14 17:54:05 +01:00			`# convert the bas64 macaroon to hex`
			`try:`
			`macaroon = base64.b64decode(macaroon).hex()`
[CHORE] E722 bare exception fix (#1871) * [CHORE] E722 bare exception fix remove all bare exceptions from codebase and change it in `.flake8` 2023-08-16 12:17:54 +02:00			`except Exception:`
Support for encrypted macaroons (#521) * encrypted macaroons * fix GRPC env entry * example config entry * add pycryptodomex to requirements * documentation * Added pycryptodomex to pip file Co-authored-by: Ben Arc <ben@arc.wales> 2022-02-14 17:54:05 +01:00			`pass`
			`return macaroon`

black formating 2022-06-01 14:53:05 +02:00
[FEAT] Auth, Login, OAuth, create account with username and password #1653 (#2092) no more superuser url! delete cookie on logout add usr login feature fix node management * Cleaned up login form * CreateUser * information leak * cleaner parsing usr from url * rename decorators * login secret * fix: add back `superuser` command * chore: remove `fastapi_login` * fix: extract `token` from cookie * chore: prepare to extract user * feat: check user * chore: code clean-up * feat: happy flow working * fix: usr only login * fix: user already logged in * feat: check user in URL * fix: verify password at DB level * fix: do not show `Login` controls if user already logged in * fix: separate login endpoints * fix: remove `usr` param * chore: update error message * refactor: register method * feat: logout * chore: move comments * fix: remove user auth check from API * fix: user check unnecessary * fix: redirect after logout * chore: remove garbage files * refactor: simplify constructor call * fix: hide user icon if not authorized * refactor: rename auth env vars * chore: code clean-up * fix: add types for `python-jose` * fix: add types for `passlib` * fix: return type * feat: set default value for `auth_secret_key` to hash of super user * fix: default value * feat: rework login page * feat: ui polishing * feat: google auth * feat: add google auth * chore: remove `authlib` dependency * refactor: extract `_handle_sso_login` method * refactor: convert methods to `properties` * refactor: rename: `user_api` to `auth_api` * feat: store user info from SSO * chore: re-arange the buttons * feat: conditional rendering of login options * feat: correctly render buttons * fix: re-add `Claim Bitcoin` from the main page * fix: create wallet must send new user * fix: no `username-password` auth method * refactor: rename auth method * fix: do not force API level UUID4 validation * feat: add validation for username * feat: add account page * feat: update account * feat: add `has_password` for user * fix: email not editable * feat: validate email for existing account * fix: register check * feat: reset password * chore: code clean-up * feat: handle token expired * fix: only redirect if `text/html` * refactor: remove `OAuth2PasswordRequestForm` * chore: remove `python-multipart` dependency * fix: handle no headers for exception * feat: add back button on error screen * feat: show user profile image * fix: check account creation permissions * fix: auth for internal api call * chore: add some docs * chore: code clean-up * fix: rebase stuff * fix: default value types * refactor: customize error messages * fix: move types libs to dev dependencies * doc: specify the `Authorization callback URL` * fix: pass missing superuser id in node ui test * fix: keep usr param on wallet redirect removing usr param causes an issue if the browser doesnt yet have an access token. * fix: do not redirect if `wal` query param not present * fix: add nativeBuildInputs and buildInputs overrides to flake.nix * bump fastapi-sso to 0.9.0 which fixes some security issues * refactor: move the `lnbits_admin_extensions` to decorators * chore: bring package config from `dev` * chore: re-add dependencies * chore: re-add cev dependencies * chore: re-add mypy ignores * feat: i18n * refactor: move admin ext check to decorator (fix after rebase) * fix: label mapping * fix: re-fetch user after first wallet was created * fix: unlikely case that `user` is not found * refactor translations (move '' to code) reorganize deps in pyproject.toml, add comment * update flake.lock and simplify flake.nix after upstreaming overrides for fastapi-sso, types-passlib, types-pyasn1, types-python-jose were upstreamed in https://github.com/nix-community/poetry2nix/pull/1463 * fix: more relaxed email verification (by @prusnak) * fix: remove `\b` (boundaries) since we re using `fullmatch` * chore: `make bundle` --------- Co-authored-by: dni ⚡ <office@dnilabs.com> Co-authored-by: Arc <ben@arc.wales> Co-authored-by: jackstar12 <jkranawetter05@gmail.com> Co-authored-by: Pavol Rusnak <pavol@rusnak.io> 2023-12-12 12:38:19 +02:00			`# todo: move to its own (crypto.py) file`
Support for encrypted macaroons (#521) * encrypted macaroons * fix GRPC env entry * example config entry * add pycryptodomex to requirements * documentation * Added pycryptodomex to pip file Co-authored-by: Ben Arc <ben@arc.wales> 2022-02-14 17:54:05 +01:00			`# if this file is executed directly, ask for a macaroon and encrypt it`
			`if __name__ == "__main__":`
			`macaroon = input("Enter macaroon: ")`
			`macaroon = load_macaroon(macaroon)`
			`macaroon = AESCipher(description="encryption").encrypt(macaroon.encode())`
Logging with loguru (#708) * logging * requirements * add loguru dependency * restore it * add loguru * set log level in .env file * remove service fee print * set log level * more logging * more logging * more logging * pyament.checking_id * fix 2022-07-07 14:30:16 +02:00			`logger.info("Encrypted macaroon:")`
			`logger.info(macaroon)`