hydroxide-push/protonmail/auth.go

package protonmail

import (
	"encoding/base64"
	"net/http"

	"log"
)

type authInfoReq struct {
	ClientID string
	ClientSecret string
	Username string
}

type AuthInfo struct {
	TwoFactor int
	version int
	modulus string
	serverEphemeral string
	salt string
	srpSession string
}

type AuthInfoResp struct {
	resp
	AuthInfo
	Version int
	Modulus string
	ServerEphemeral string
	Salt string
	SRPSession string
}

func (resp *AuthInfoResp) authInfo() *AuthInfo {
	info := &resp.AuthInfo
	info.version = resp.Version
	info.modulus = resp.Modulus
	info.serverEphemeral = resp.ServerEphemeral
	info.salt = resp.Salt
	info.srpSession = resp.SRPSession
	return info
}

func (c *Client) AuthInfo(username string) (*AuthInfo, error) {
	reqData := &authInfoReq{
		ClientID: c.ClientID,
		ClientSecret: c.ClientSecret,
		Username: username,
	}

	req, err := c.newJSONRequest(http.MethodPost, "/auth/info", reqData)
	if err != nil {
		return nil, err
	}

	var respData AuthInfoResp
	if err := c.doJSON(req, &respData); err != nil {
		return nil, err
	}

	return respData.authInfo(), nil
}

type authReq struct {
	ClientID string
	ClientSecret string
	Username string
	SRPSession string
	ClientEphemeral string
	ClientProof string
	TwoFactorCode string
}

type PasswordMode int

const (
	PasswordSingle PasswordMode = 1
	PasswordTwo = 2
)

type Auth struct {
	AccessToken string
	ExpiresIn int
	TokenType string
	Scope string
	UID string `json:"Uid"`
	RefreshToken string
	EventID string
	PasswordMode PasswordMode

	privateKey string
	keySalt string
}

type authResp struct {
	resp
	Auth
	ServerProof string
	PrivateKey string
	KeySalt string
}

func (resp *authResp) auth() *Auth {
	auth := &resp.Auth
	auth.privateKey = resp.PrivateKey
	auth.keySalt = resp.KeySalt
	return auth
}

func (c *Client) Auth(username, password, twoFactorCode string, info *AuthInfo) (*Auth, error) {
	if info == nil {
		var err error
		if info, err = c.AuthInfo(username); err != nil {
			return nil, err
		}
	}

	log.Printf("%#v\n", info)

	proofs, err := srp([]byte(password), info)
	if err != nil {
		return nil, err
	}

	reqData := &authReq{
		ClientID: c.ClientID,
		ClientSecret: c.ClientSecret,
		Username: username,
		SRPSession: info.srpSession,
		ClientEphemeral: base64.StdEncoding.EncodeToString(proofs.clientEphemeral),
		ClientProof: base64.StdEncoding.EncodeToString(proofs.clientProof),
		TwoFactorCode: twoFactorCode,
	}

	req, err := c.newJSONRequest(http.MethodPost, "/auth", reqData)
	if err != nil {
		return nil, err
	}

	var respData authResp
	if err := c.doJSON(req, &respData); err != nil {
		return nil, err
	}

	log.Printf("%+v\n", respData)

	if err := proofs.VerifyServerProof(respData.ServerProof); err != nil {
		return nil, err
	}

	return respData.auth(), nil
}
Add authentication support 2017-08-22 01:04:16 +03:00			`package protonmail`

			`import (`
			`"encoding/base64"`
			`"net/http"`

			`"log"`
			`)`

			`type authInfoReq struct {`
			`ClientID string`
			`ClientSecret string`
			`Username string`
			`}`

Add AuthInfoResp.authInfo 2017-08-22 10:21:50 +03:00			`type AuthInfo struct {`
			`TwoFactor int`
			`version int`
			`modulus string`
			`serverEphemeral string`
			`salt string`
			`srpSession string`
			`}`

Add authentication support 2017-08-22 01:04:16 +03:00			`type AuthInfoResp struct {`
			`resp`
Add AuthInfoResp.authInfo 2017-08-22 10:21:50 +03:00			`AuthInfo`
Add authentication support 2017-08-22 01:04:16 +03:00			`Version int`
			`Modulus string`
			`ServerEphemeral string`
			`Salt string`
			`SRPSession string`
			`}`

Add AuthInfoResp.authInfo 2017-08-22 10:21:50 +03:00			`func (resp AuthInfoResp) authInfo() AuthInfo {`
			`info := &resp.AuthInfo`
			`info.version = resp.Version`
			`info.modulus = resp.Modulus`
			`info.serverEphemeral = resp.ServerEphemeral`
			`info.salt = resp.Salt`
			`info.srpSession = resp.SRPSession`
			`return info`
Add authentication support 2017-08-22 01:04:16 +03:00			`}`

			`func (c Client) AuthInfo(username string) (AuthInfo, error) {`
			`reqData := &authInfoReq{`
			`ClientID: c.ClientID,`
			`ClientSecret: c.ClientSecret,`
			`Username: username,`
			`}`

			`req, err := c.newJSONRequest(http.MethodPost, "/auth/info", reqData)`
			`if err != nil {`
			`return nil, err`
			`}`

			`var respData AuthInfoResp`
			`if err := c.doJSON(req, &respData); err != nil {`
			`return nil, err`
			`}`

Add AuthInfoResp.authInfo 2017-08-22 10:21:50 +03:00			`return respData.authInfo(), nil`
Add authentication support 2017-08-22 01:04:16 +03:00			`}`

			`type authReq struct {`
			`ClientID string`
			`ClientSecret string`
			`Username string`
			`SRPSession string`
			`ClientEphemeral string`
			`ClientProof string`
			`TwoFactorCode string`
			`}`

			`type PasswordMode int`

			`const (`
			`PasswordSingle PasswordMode = 1`
			`PasswordTwo = 2`
			`)`

Add Auth, add computeKeyPassword 2017-08-22 10:41:47 +03:00			`type Auth struct {`
Add authentication support 2017-08-22 01:04:16 +03:00			`AccessToken string`
			`ExpiresIn int`
			`TokenType string`
			`Scope string`
			UID string `json:"Uid"`
			`RefreshToken string`
			`EventID string`
			`PasswordMode PasswordMode`
Add Auth, add computeKeyPassword 2017-08-22 10:41:47 +03:00
			`privateKey string`
			`keySalt string`
			`}`

			`type authResp struct {`
			`resp`
			`Auth`
			`ServerProof string`
Add authentication support 2017-08-22 01:04:16 +03:00			`PrivateKey string`
			`KeySalt string`
			`}`

Add Auth, add computeKeyPassword 2017-08-22 10:41:47 +03:00			`func (resp authResp) auth() Auth {`
			`auth := &resp.Auth`
			`auth.privateKey = resp.PrivateKey`
			`auth.keySalt = resp.KeySalt`
			`return auth`
			`}`

			`func (c Client) Auth(username, password, twoFactorCode string, info AuthInfo) (*Auth, error) {`
Add authentication support 2017-08-22 01:04:16 +03:00			`if info == nil {`
			`var err error`
			`if info, err = c.AuthInfo(username); err != nil {`
Add Auth, add computeKeyPassword 2017-08-22 10:41:47 +03:00			`return nil, err`
Add authentication support 2017-08-22 01:04:16 +03:00			`}`
			`}`

			`log.Printf("%#v\n", info)`

			`proofs, err := srp([]byte(password), info)`
			`if err != nil {`
Add Auth, add computeKeyPassword 2017-08-22 10:41:47 +03:00			`return nil, err`
Add authentication support 2017-08-22 01:04:16 +03:00			`}`

			`reqData := &authReq{`
			`ClientID: c.ClientID,`
			`ClientSecret: c.ClientSecret,`
			`Username: username,`
			`SRPSession: info.srpSession,`
			`ClientEphemeral: base64.StdEncoding.EncodeToString(proofs.clientEphemeral),`
			`ClientProof: base64.StdEncoding.EncodeToString(proofs.clientProof),`
			`TwoFactorCode: twoFactorCode,`
			`}`

			`req, err := c.newJSONRequest(http.MethodPost, "/auth", reqData)`
			`if err != nil {`
Add Auth, add computeKeyPassword 2017-08-22 10:41:47 +03:00			`return nil, err`
Add authentication support 2017-08-22 01:04:16 +03:00			`}`

			`var respData authResp`
			`if err := c.doJSON(req, &respData); err != nil {`
Add Auth, add computeKeyPassword 2017-08-22 10:41:47 +03:00			`return nil, err`
Add authentication support 2017-08-22 01:04:16 +03:00			`}`

Add Auth, add computeKeyPassword 2017-08-22 10:41:47 +03:00			`log.Printf("%+v\n", respData)`
Add authentication support 2017-08-22 01:04:16 +03:00
			`if err := proofs.VerifyServerProof(respData.ServerProof); err != nil {`
Add Auth, add computeKeyPassword 2017-08-22 10:41:47 +03:00			`return nil, err`
Add authentication support 2017-08-22 01:04:16 +03:00			`}`

Add Auth, add computeKeyPassword 2017-08-22 10:41:47 +03:00			`return respData.auth(), nil`
Add authentication support 2017-08-22 01:04:16 +03:00			`}`