Add custom cafile, correctly detect 404

.gitignore

@@ -2,5 +2,3 @@ __pycache__
 *.egg-info
 build/
 *.pyc
-.venv
-.clicada

README.md

@@ -1,69 +0,0 @@
-## Clicada
-
-> Admin Command Line Interface to interact with cic-meta and cic-cache
-
-### Pre-requisites
-
-- Public key uploaded to `cic-auth-helper`
-- PGP Keyring for your key
-
-### Installation
-
-Use either of the following installation methods:
-
-1. Install from git release (recommended)
-
-```bash
-wget https://git.grassecon.net/grassrootseconomics/clicada/archive/v0.0.6.zip
-unzip clicada-v0.0.6.zip
-cd clicada
-python3 -m venv .venv
-source .venv/bin/activate
-pip install -r requirements.txt --extra-index-url=https://pip.grassrootseconomics.net
-```
-
-2. Install from pip to path (non sudo)
-
-```bash
-pip3 install -UI --extra-index-url=https://pip.grassrootseconomics.net clicada
-```
-
-### Usage
-
-```bash
-usage: clicada [...optional arguments] [...positional arguments]
-
-positional arguments:
-  {user,u,tag,t}
-    user (u)            retrieve transactions for a user
-    tag (t)             locally assign a display value to an identifier
-
-optional arguments:
-  -h, --help            show this help message and exit
-  --no-logs             Turn off all logging
-  -v                    Be verbose
-  -vv                   Be very verbose
-  -c CONFIG, --config CONFIG
-                        Configuration directory
-  -n NAMESPACE, --namespace NAMESPACE
-                        Configuration namespace
-  --dumpconfig {env,ini}
-                        Output configuration and quit. Use with --raw to omit values and output schema only.
-  --env-prefix ENV_PREFIX
-                        environment prefix for variables to overwrite configuration
-  -p P, --rpc-provider P
-                        RPC HTTP(S) provider url
-  --rpc-dialect RPC_DIALECT
-                        RPC HTTP(S) backend dialect
-  --height HEIGHT       Block height to execute against
-  -i I, --chain-spec I  Chain specification string
-  -u, --unsafe          Do not verify address checksums
-  --seq                 Use sequential rpc ids
-  -y Y, --key-file Y    Keystore file to use for signing or address
-  --raw                 Do not decode output
-  --fee-price FEE_PRICE
-                        override fee price
-  --fee-limit FEE_LIMIT
-                        override fee limit
-
-```

clicada/cli/arg.py

@@ -73,8 +73,19 @@ class CmdCtrl:
 
         self.remote_openers = {}
         if self.get('META_URL') != None:
+            sctx = None 
+            if self.cmd_args.cafile != None:
+                import ssl
+                sctx = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+                sctx.load_verify_locations(self.cmd_args.cafile)
+
             auth_client_session = PGPClientSession(self.__auth)
-            self.remote_openers['meta'] = HTTPSession(self.get('META_URL'), auth=auth_client_session, origin=self.config.get('META_HTTP_ORIGIN'))
+            self.remote_openers['meta'] = HTTPSession(
+                    self.get('META_URL'),
+                    auth=auth_client_session,
+                    origin=self.config.get('META_HTTP_ORIGIN'),
+                    ssl_context=sctx,
+                    )
 
 
     def blockchain(self):

clicada/cli/http.py

@@ -12,6 +12,7 @@ from usumbufu.client.base import (
         )
 from usumbufu.client.bearer import BearerClientSession
 from usumbufu.client.hoba import HobaClientSession
+from urlybird.host import url_apply_port_string
 
 logg = logging.getLogger(__name__)
 
@@ -21,6 +22,7 @@ class PGPClientSession(HobaClientSession):
     alg = '969'
 
     def __init__(self, auth):
+        super(PGPClientSession, self).__init__()
         self.auth = auth
         self.origin = None
         self.fingerprint = self.auth.fingerprint()
@@ -46,23 +48,12 @@ class HTTPSession:
     
     token_dir = '/run/user/{}/clicada/usumbufu/.token'.format(os.getuid())
 
-    def __init__(self, url, auth=None, origin=None):
+    def __init__(self, url, auth=None, origin=None, ssl_context=None):
         self.base_url = url
-        url_parts = urllib.parse.urlsplit(self.base_url)
-        url_parts_origin_host = url_parts[1].split(":")
-        host = url_parts_origin_host[0]
-        try:
-            host = host + ':' + url_parts_origin_host[1]
-        except IndexError:
-            host = host + ':' + str(getservbyname(url_parts[0]))
-            logg.info('changed origin with missing port number from {} to {}'.format(url_parts[1], host))
-        url_parts_origin = (url_parts[0], host, '', '', '',)
-            
+
+        if origin == None:
+            origin = url_apply_port_string(url, as_origin=True)
         self.origin = origin
-        if self.origin == None:
-            self.origin = urllib.parse.urlunsplit(url_parts_origin)
-        else:
-            logg.debug('overriding http origin for {} with {}'.format(url, self.origin))
 
         h = hashlib.sha256()
         h.update(self.base_url.encode('utf-8'))
@@ -72,7 +63,7 @@ class HTTPSession:
         os.makedirs(token_store_dir, exist_ok=True)
         self.token_store = BaseTokenStore(path=token_store_dir)
 
-        self.session = ClientSession(self.origin, token_store=self.token_store)
+        self.session = ClientSession(self.origin, token_store=self.token_store, ssl_context=ssl_context)
 
         bearer_handler = BearerClientSession(self.origin, token_store=self.token_store)
         self.session.add_subhandler(bearer_handler)
@@ -88,6 +79,9 @@ class HTTPSession:
         url = urllib.parse.urljoin(self.base_url, endpoint)
         logg.debug('open {} with opener {}'.format(url, self))
         r = self.opener.open(url)
+        logg.debug('response code {} for {}'.format(r.code, endpoint))
+        if r.code == 404:
+            raise FileNotFoundError()
         return r.read().decode('utf-8')
 
 

clicada/cli/user.py

@@ -29,6 +29,7 @@ tx_normalizer = TxHexNormalizer()
 def process_args(argparser):
     argparser.add_argument('-m', '--method', type=str, help='lookup method')
     argparser.add_argument('--meta-url', dest='meta_url', type=str, help='Url to retrieve metadata from')
+    argparser.add_argument('--cafile', type=str, help='CA certificate chain file to use for verifying SSL session')
     argparser.add_argument('-f', '--force-update', dest='force_update', action='store_true', help='Update records of mutable entries')
     argparser.add_argument('identifier', type=str, help='user identifier')
 

clicada/user/file.py

@@ -268,7 +268,7 @@ class FileUserStore:
             r = getter.open(ptr)
         except Exception as e:
             logg.debug('no metadata found for {}: {}'.format(address, e))
-        
+       
         if r == None:
             self.failed_entities[address] = True
             raise MetadataNotFoundError()

requirements.txt

@@ -1,5 +1,5 @@
-usumbufu~=0.3.5
-confini~=0.5.3
+usumbufu~=0.3.6
+confini~=0.5.4
 cic-eth-registry~=0.6.1
 cic-types~=0.2.1a8
 phonenumbers==8.12.12
@@ -8,3 +8,4 @@ hexathon~=0.1.0
 pycryptodome~=3.10.1
 chainlib-eth~=0.0.21
 chainlib~=0.0.17
+urlybird~=0.0.2

setup.cfg

@@ -1,6 +1,6 @@
 [metadata]
 name = clicada
-version = 0.0.6
+version = 0.0.6a2
 description = CLI CRM tool for the cic-stack custodial wallet system
 author = Louis Holbrook
 author_email = dev@holbrook.no