10 """
11 This is a store for use in the worst case, when you have no way of
12 saving state on the consumer site. Using this store makes the
13 consumer vulnerable to replay attacks (though only within the
14 lifespan of the tokens), as it's unable to use nonces. Avoid
15 using this store if it is at all possible.
16
17 Most of the methods of this class are implementation details.
18 Users of this class need to worry only about the C{L{__init__}}
19 method.
20
21 @sort: __init__
22 """
24 """
25 Creates a new DumbStore instance. For the security of the
26 tokens generated by the library, this class attempts to at
27 least have a secure implementation of C{L{getAuthKey}}.
28
29 When you create an instance of this class, pass in a secret
30 phrase. The phrase is hashed with sha1 to make it the correct
31 length and form for an auth key. That allows you to use a
32 long string as the secret phrase, which means you can make it
33 very difficult to guess.
34
35 Each C{L{DumbStore}} instance that is created for use by your
36 consumer site needs to use the same C{secret_phrase}.
37
38 @param secret_phrase: The phrase used to create the auth key
39 returned by C{L{getAuthKey}}
40
41 @type secret_phrase: C{str}
42 """
43 self.auth_key = cryptutil.sha1(secret_phrase)
44
46 """
47 This implementation does nothing.
48 """
49 pass
50
52 """
53 This implementation always returns C{None}.
54
55
56 @return: C{None}
57
58 @rtype: C{None}
59 """
60 return None
61
63 """
64 This implementation always returns C{False}.
65
66
67 @return: C{False}
68
69 @rtype: C{bool}
70 """
71 return False
72
74 """
75 This implementation does nothing.
76 """
77 pass
78
80 """
81 In a system truly limited to dumb mode, nonces must all be
82 accepted. This therefore always returns C{True}, which makes
83 replay attacks feasible during the lifespan of the token.
84
85
86 @return: C{True}
87
88 @rtype: C{bool}
89 """
90 return True
91
93 """
94 This method returns the auth key generated by the constructor.
95
96
97 @return: The auth key generated by the constructor.
98
99 @rtype: C{str}
100 """
101 return self.auth_key
102
104 """
105 This store is a dumb mode store, so this method is overridden
106 to return C{True}.
107
108
109 @return: C{True}
110
111 @rtype: C{bool}
112 """
113 return True