From 33775c8a282e1b388f52004f2b8ae86bd98d67f2 Mon Sep 17 00:00:00 2001
From: CoprDistGit <infra@openeuler.org>
Date: Thu, 18 May 2023 05:26:45 +0000
Subject: automatic import of python-django-dreiattest

---
 .gitignore                    |   1 +
 python-django-dreiattest.spec | 319 ++++++++++++++++++++++++++++++++++++++++++
 sources                       |   1 +
 3 files changed, 321 insertions(+)
 create mode 100644 python-django-dreiattest.spec
 create mode 100644 sources

diff --git a/.gitignore b/.gitignore
index e69de29..77e32f9 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/django-dreiattest-0.0.31.tar.gz
diff --git a/python-django-dreiattest.spec b/python-django-dreiattest.spec
new file mode 100644
index 0000000..b05ade5
--- /dev/null
+++ b/python-django-dreiattest.spec
@@ -0,0 +1,319 @@
+%global _empty_manifest_terminate_build 0
+Name:		python-django-dreiattest
+Version:	0.0.31
+Release:	1
+Summary:	please add a summary manually as the author left a blank one
+License:	MIT
+URL:		https://github.com/dreipol/django-dreiattest
+Source0:	https://mirrors.nju.edu.cn/pypi/web/packages/a9/f1/0d10d54e02f94eb39d80ac59e466d33982ea9834ca66ae662ef21a2e6cae/django-dreiattest-0.0.31.tar.gz
+BuildArch:	noarch
+
+Requires:	python3-pyattest
+
+%description
+
+# django-dreiattest
+
+dreiattest leverages [pyttest](https://github.com/dreipol/pyattest) and integrates it into django. It handles routing, different config options and persistence of tokens and public keys. To use dreiAttest you need to use the corresponing libraries for [iOS](https://github.com/dreipol/dreiAttest-ios) and [Android / Kotlin Multiplatform](https://github.com/dreipol/dreiAttest-android).
+
+## Installation
+
+dreiAttest is available on PyPI and can be installed via `$ python -m pip install dreiattest-django`.
+
+After the installation make sure to add `dreiattest` to your `INSTALLED_APPS` and trigger all migrations
+with `python manage.py migrate dreiattest`. Also, you need to register the default endpoints in your urls.py
+
+```
+urlpatterns = [
+    path('admin/', admin.site.urls),
+    path('', include('dreiattest.urls')),
+    ...
+]
+```
+
+## Config
+
+There are multiple settings you can and or have to set in your settings.py. The following are mandatory:
+
+- **Apple**: `DREIATTEST_APPLE_APPID` 
+- **Google (Legacy: Safety Net)**: `DREIATTEST_GOOGLE_APK_NAME`, `DREIATTEST_GOOGLE_APK_CERTIFICATE_DIGEST`
+- **Google Play Integrity API**: `DREIATTEST_GOOGLE_APK_NAME`, `DREIATTEST_GOOGLE_DECRYPTION_KEY`, `DREIATTEST_GOOGLE_VERIFICATION_KEY`
+
+These are all the possible config values and what they do.
+
+- DREIATTEST_BASE_URL: Our different endpoints like /key and /nonce will be bellow this slug
+- DREIATTEST_UID_HEADER: Header containing the DeviceSession uid
+- DREIATTEST_ASSERTION_HEADER: Header containing the assertion
+- DREIATTEST_USER_HEADERS_HEADER: Header containing the list of comma separated headers that are included in the assertion
+- DREIATTEST_NONCE_HEADER: Header containing the server nonce that was used inside the attestation
+- DREIATTEST_BYPASS_HEADER: Header containing the shared secret to bypass the verification process. Helpfull for debugging
+- DREIATTEST_APPLE_APPID: Header containing the apple app id
+- DREIATTEST_GOOGLE_APK_NAME: Header containing the google apk name
+- DREIATTEST_GOOGLE_DECRYPTION_KEY: A Base64 encoded AES key secret as described [here](https://developer.android.com/google/play/integrity/verdict#decrypt-verify)
+- DREIATTEST_GOOGLE_VERIFICATION_KEY: A Base64 encoded public key as described [here](https://developer.android.com/google/play/integrity/verdict#decrypt-verify)
+- DREIATTEST_PRODUCTION: Indicating if we're in a production environment or not. Some extra verifications are made if this is true. Those are described in the [pyttest](https://github.com/dreipol/pyattest) readme.
+- DREIATTEST_GOOGLE_APK_CERTIFICATE_DIGEST: SHA256 hex of the Google APK Certificate
+- DREIATTEST_PLUGINS: List of classes implementing `BasePlugin` - gives you the option to handle extra verification
+- DREIATTEST_BYPASS_SECRET: **DANGERZONE** If this is set and DREIATTEST_BYPASS_HEADER is sent by the client, the veirification is skipped.
+
+You can find the default value (if any) for each of them in the [settings.py](https://github.com/dreipol/django-dreiattest/blob/master/dreiattest/settings.py)
+
+## Usage
+
+All that's left is to add the `signature_required` view decorator.
+
+```python
+from dreiattest.decorators import signature_required
+
+@signature_required()
+def demo(request: WSGIRequest):
+    return JsonResponse({'foo': 'bar'})
+```
+
+## Error Handling
+
+The main two exceptions that should be handled by you are `PyAttestException` and `DreiAttestException`. dreiattest ships with the `HandleDreiattestExceptionsMiddleware` you could use if you don't want to handle those errors by yourself. The middleware only catches those two exception classes and returns a `JsonResponse` with status code 400. 
+
+```
+MIDDLEWARE = [
+    ...
+    'dreiattest.middlewares.HandleDreiattestExceptionsMiddleware',
+]
+```
+
+## Typical Flow
+
+1. CLIENT (could be android or google) makes a request to dreiattest/nonce with a device session identifier to obtain a server nonce. The session id as well as the nonce are persisted on the server.
+2. CLIENT sends an attestation to dreiattest/key. This request again holds the device session identifier as well as the nonce from step 1. The nonce will be marked as "used" and used to verify the attestation. The public key from the client is then assigned to the device session and also persisted in the database. 
+3. CLIENT sends a request to any view decorated with `@signature_required`. The request holds an assertion which will be verified before the actual django view is executed.
+
+## Publishing / Contributing
+
+- Create a branch from `master` for possible pull requests
+- To publish a new version to pypi:
+  - Update the version in `__version__.py` 
+  - Trigger `$ pipenv run upload` - This will automatically create and push the correct tag in git and upload that version to pypi
+
+
+%package -n python3-django-dreiattest
+Summary:	please add a summary manually as the author left a blank one
+Provides:	python-django-dreiattest
+BuildRequires:	python3-devel
+BuildRequires:	python3-setuptools
+BuildRequires:	python3-pip
+%description -n python3-django-dreiattest
+
+# django-dreiattest
+
+dreiattest leverages [pyttest](https://github.com/dreipol/pyattest) and integrates it into django. It handles routing, different config options and persistence of tokens and public keys. To use dreiAttest you need to use the corresponing libraries for [iOS](https://github.com/dreipol/dreiAttest-ios) and [Android / Kotlin Multiplatform](https://github.com/dreipol/dreiAttest-android).
+
+## Installation
+
+dreiAttest is available on PyPI and can be installed via `$ python -m pip install dreiattest-django`.
+
+After the installation make sure to add `dreiattest` to your `INSTALLED_APPS` and trigger all migrations
+with `python manage.py migrate dreiattest`. Also, you need to register the default endpoints in your urls.py
+
+```
+urlpatterns = [
+    path('admin/', admin.site.urls),
+    path('', include('dreiattest.urls')),
+    ...
+]
+```
+
+## Config
+
+There are multiple settings you can and or have to set in your settings.py. The following are mandatory:
+
+- **Apple**: `DREIATTEST_APPLE_APPID` 
+- **Google (Legacy: Safety Net)**: `DREIATTEST_GOOGLE_APK_NAME`, `DREIATTEST_GOOGLE_APK_CERTIFICATE_DIGEST`
+- **Google Play Integrity API**: `DREIATTEST_GOOGLE_APK_NAME`, `DREIATTEST_GOOGLE_DECRYPTION_KEY`, `DREIATTEST_GOOGLE_VERIFICATION_KEY`
+
+These are all the possible config values and what they do.
+
+- DREIATTEST_BASE_URL: Our different endpoints like /key and /nonce will be bellow this slug
+- DREIATTEST_UID_HEADER: Header containing the DeviceSession uid
+- DREIATTEST_ASSERTION_HEADER: Header containing the assertion
+- DREIATTEST_USER_HEADERS_HEADER: Header containing the list of comma separated headers that are included in the assertion
+- DREIATTEST_NONCE_HEADER: Header containing the server nonce that was used inside the attestation
+- DREIATTEST_BYPASS_HEADER: Header containing the shared secret to bypass the verification process. Helpfull for debugging
+- DREIATTEST_APPLE_APPID: Header containing the apple app id
+- DREIATTEST_GOOGLE_APK_NAME: Header containing the google apk name
+- DREIATTEST_GOOGLE_DECRYPTION_KEY: A Base64 encoded AES key secret as described [here](https://developer.android.com/google/play/integrity/verdict#decrypt-verify)
+- DREIATTEST_GOOGLE_VERIFICATION_KEY: A Base64 encoded public key as described [here](https://developer.android.com/google/play/integrity/verdict#decrypt-verify)
+- DREIATTEST_PRODUCTION: Indicating if we're in a production environment or not. Some extra verifications are made if this is true. Those are described in the [pyttest](https://github.com/dreipol/pyattest) readme.
+- DREIATTEST_GOOGLE_APK_CERTIFICATE_DIGEST: SHA256 hex of the Google APK Certificate
+- DREIATTEST_PLUGINS: List of classes implementing `BasePlugin` - gives you the option to handle extra verification
+- DREIATTEST_BYPASS_SECRET: **DANGERZONE** If this is set and DREIATTEST_BYPASS_HEADER is sent by the client, the veirification is skipped.
+
+You can find the default value (if any) for each of them in the [settings.py](https://github.com/dreipol/django-dreiattest/blob/master/dreiattest/settings.py)
+
+## Usage
+
+All that's left is to add the `signature_required` view decorator.
+
+```python
+from dreiattest.decorators import signature_required
+
+@signature_required()
+def demo(request: WSGIRequest):
+    return JsonResponse({'foo': 'bar'})
+```
+
+## Error Handling
+
+The main two exceptions that should be handled by you are `PyAttestException` and `DreiAttestException`. dreiattest ships with the `HandleDreiattestExceptionsMiddleware` you could use if you don't want to handle those errors by yourself. The middleware only catches those two exception classes and returns a `JsonResponse` with status code 400. 
+
+```
+MIDDLEWARE = [
+    ...
+    'dreiattest.middlewares.HandleDreiattestExceptionsMiddleware',
+]
+```
+
+## Typical Flow
+
+1. CLIENT (could be android or google) makes a request to dreiattest/nonce with a device session identifier to obtain a server nonce. The session id as well as the nonce are persisted on the server.
+2. CLIENT sends an attestation to dreiattest/key. This request again holds the device session identifier as well as the nonce from step 1. The nonce will be marked as "used" and used to verify the attestation. The public key from the client is then assigned to the device session and also persisted in the database. 
+3. CLIENT sends a request to any view decorated with `@signature_required`. The request holds an assertion which will be verified before the actual django view is executed.
+
+## Publishing / Contributing
+
+- Create a branch from `master` for possible pull requests
+- To publish a new version to pypi:
+  - Update the version in `__version__.py` 
+  - Trigger `$ pipenv run upload` - This will automatically create and push the correct tag in git and upload that version to pypi
+
+
+%package help
+Summary:	Development documents and examples for django-dreiattest
+Provides:	python3-django-dreiattest-doc
+%description help
+
+# django-dreiattest
+
+dreiattest leverages [pyttest](https://github.com/dreipol/pyattest) and integrates it into django. It handles routing, different config options and persistence of tokens and public keys. To use dreiAttest you need to use the corresponing libraries for [iOS](https://github.com/dreipol/dreiAttest-ios) and [Android / Kotlin Multiplatform](https://github.com/dreipol/dreiAttest-android).
+
+## Installation
+
+dreiAttest is available on PyPI and can be installed via `$ python -m pip install dreiattest-django`.
+
+After the installation make sure to add `dreiattest` to your `INSTALLED_APPS` and trigger all migrations
+with `python manage.py migrate dreiattest`. Also, you need to register the default endpoints in your urls.py
+
+```
+urlpatterns = [
+    path('admin/', admin.site.urls),
+    path('', include('dreiattest.urls')),
+    ...
+]
+```
+
+## Config
+
+There are multiple settings you can and or have to set in your settings.py. The following are mandatory:
+
+- **Apple**: `DREIATTEST_APPLE_APPID` 
+- **Google (Legacy: Safety Net)**: `DREIATTEST_GOOGLE_APK_NAME`, `DREIATTEST_GOOGLE_APK_CERTIFICATE_DIGEST`
+- **Google Play Integrity API**: `DREIATTEST_GOOGLE_APK_NAME`, `DREIATTEST_GOOGLE_DECRYPTION_KEY`, `DREIATTEST_GOOGLE_VERIFICATION_KEY`
+
+These are all the possible config values and what they do.
+
+- DREIATTEST_BASE_URL: Our different endpoints like /key and /nonce will be bellow this slug
+- DREIATTEST_UID_HEADER: Header containing the DeviceSession uid
+- DREIATTEST_ASSERTION_HEADER: Header containing the assertion
+- DREIATTEST_USER_HEADERS_HEADER: Header containing the list of comma separated headers that are included in the assertion
+- DREIATTEST_NONCE_HEADER: Header containing the server nonce that was used inside the attestation
+- DREIATTEST_BYPASS_HEADER: Header containing the shared secret to bypass the verification process. Helpfull for debugging
+- DREIATTEST_APPLE_APPID: Header containing the apple app id
+- DREIATTEST_GOOGLE_APK_NAME: Header containing the google apk name
+- DREIATTEST_GOOGLE_DECRYPTION_KEY: A Base64 encoded AES key secret as described [here](https://developer.android.com/google/play/integrity/verdict#decrypt-verify)
+- DREIATTEST_GOOGLE_VERIFICATION_KEY: A Base64 encoded public key as described [here](https://developer.android.com/google/play/integrity/verdict#decrypt-verify)
+- DREIATTEST_PRODUCTION: Indicating if we're in a production environment or not. Some extra verifications are made if this is true. Those are described in the [pyttest](https://github.com/dreipol/pyattest) readme.
+- DREIATTEST_GOOGLE_APK_CERTIFICATE_DIGEST: SHA256 hex of the Google APK Certificate
+- DREIATTEST_PLUGINS: List of classes implementing `BasePlugin` - gives you the option to handle extra verification
+- DREIATTEST_BYPASS_SECRET: **DANGERZONE** If this is set and DREIATTEST_BYPASS_HEADER is sent by the client, the veirification is skipped.
+
+You can find the default value (if any) for each of them in the [settings.py](https://github.com/dreipol/django-dreiattest/blob/master/dreiattest/settings.py)
+
+## Usage
+
+All that's left is to add the `signature_required` view decorator.
+
+```python
+from dreiattest.decorators import signature_required
+
+@signature_required()
+def demo(request: WSGIRequest):
+    return JsonResponse({'foo': 'bar'})
+```
+
+## Error Handling
+
+The main two exceptions that should be handled by you are `PyAttestException` and `DreiAttestException`. dreiattest ships with the `HandleDreiattestExceptionsMiddleware` you could use if you don't want to handle those errors by yourself. The middleware only catches those two exception classes and returns a `JsonResponse` with status code 400. 
+
+```
+MIDDLEWARE = [
+    ...
+    'dreiattest.middlewares.HandleDreiattestExceptionsMiddleware',
+]
+```
+
+## Typical Flow
+
+1. CLIENT (could be android or google) makes a request to dreiattest/nonce with a device session identifier to obtain a server nonce. The session id as well as the nonce are persisted on the server.
+2. CLIENT sends an attestation to dreiattest/key. This request again holds the device session identifier as well as the nonce from step 1. The nonce will be marked as "used" and used to verify the attestation. The public key from the client is then assigned to the device session and also persisted in the database. 
+3. CLIENT sends a request to any view decorated with `@signature_required`. The request holds an assertion which will be verified before the actual django view is executed.
+
+## Publishing / Contributing
+
+- Create a branch from `master` for possible pull requests
+- To publish a new version to pypi:
+  - Update the version in `__version__.py` 
+  - Trigger `$ pipenv run upload` - This will automatically create and push the correct tag in git and upload that version to pypi
+
+
+%prep
+%autosetup -n django-dreiattest-0.0.31
+
+%build
+%py3_build
+
+%install
+%py3_install
+install -d -m755 %{buildroot}/%{_pkgdocdir}
+if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
+if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
+if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
+if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
+pushd %{buildroot}
+if [ -d usr/lib ]; then
+	find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/lib64 ]; then
+	find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/bin ]; then
+	find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/sbin ]; then
+	find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+touch doclist.lst
+if [ -d usr/share/man ]; then
+	find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
+fi
+popd
+mv %{buildroot}/filelist.lst .
+mv %{buildroot}/doclist.lst .
+
+%files -n python3-django-dreiattest -f filelist.lst
+%dir %{python3_sitelib}/*
+
+%files help -f doclist.lst
+%{_docdir}/*
+
+%changelog
+* Thu May 18 2023 Python_Bot <Python_Bot@openeuler.org> - 0.0.31-1
+- Package Spec generated
diff --git a/sources b/sources
new file mode 100644
index 0000000..f03440d
--- /dev/null
+++ b/sources
@@ -0,0 +1 @@
+0ba8367943b1c8b7201359d0b15bed39  django-dreiattest-0.0.31.tar.gz
-- 
cgit v1.2.3