"""JSON (de)serialization framework.
The framework presented here is somewhat based on `Go's "json" package`_
(especially the ``omitempty`` functionality).
.. _`Go's "json" package`: http://golang.org/pkg/encoding/json/
"""
import abc
import binascii
import logging
from typing import Dict, Type, Any, Callable, List, Mapping, Optional
from OpenSSL import crypto
import josepy.util
from josepy import b64, errors, interfaces, util
logger = logging.getLogger(__name__)
[docs]def field(json_name: str, default: Any = None, omitempty: bool = False,
decoder: Callable[[Any], Any] = None, encoder: Callable[[Any], Any] = None) -> Any:
"""Convenient function to declare a :class:`Field` with proper type annotations.
This function allows to write the following code:
import josepy
class JSON(josepy.JSONObjectWithFields):
typ: str = josepy.field('type')
def other_type(self) -> str:
return self.typ
"""
return _TypedField(json_name=json_name, default=default, omitempty=omitempty,
decoder=decoder, encoder=encoder)
[docs]class Field:
"""JSON object field.
:class:`Field` is meant to be used together with
:class:`JSONObjectWithFields`.
``encoder`` (``decoder``) is a callable that accepts a single
parameter, i.e. a value to be encoded (decoded), and returns the
serialized (deserialized) value. In case of errors it should raise
:class:`~josepy.errors.SerializationError`
(:class:`~josepy.errors.DeserializationError`).
Note, that ``decoder`` should perform partial serialization only.
:ivar str json_name: Name of the field when encoded to JSON.
:ivar default: Default value (used when not present in JSON object).
:ivar bool omitempty: If ``True`` and the field value is empty, then
it will not be included in the serialized JSON object, and
``default`` will be used for deserialization. Otherwise, if ``False``,
field is considered as required, value will always be included in the
serialized JSON objected, and it must also be present when
deserializing.
"""
__slots__ = ('json_name', 'default', 'omitempty', 'fdec', 'fenc')
def __init__(self, json_name: str, default: Any = None, omitempty: bool = False,
decoder: Callable[[Any], Any] = None,
encoder: Callable[[Any], Any] = None) -> None:
# pylint: disable=too-many-arguments
self.json_name = json_name
self.default = default
self.omitempty = omitempty
self.fdec = self.default_decoder if decoder is None else decoder
self.fenc = self.default_encoder if encoder is None else encoder
@classmethod
def _empty(cls, value: Any) -> bool:
"""Is the provided value considered "empty" for this field?
This is useful for subclasses that might want to override the
definition of being empty, e.g. for some more exotic data types.
"""
return not isinstance(value, bool) and not value
[docs] def omit(self, value: Any) -> bool:
"""Omit the value in output?"""
return self._empty(value) and self.omitempty
def _update_params(self, **kwargs: Any) -> 'Field':
current = {
"json_name": self.json_name,
"default": self.default,
"omitempty": self.omitempty,
"decoder": self.fdec,
"encoder": self.fenc,
**kwargs,
}
return type(self)(**current) # type: ignore[arg-type] # pylint: disable=star-args
[docs] def decoder(self, fdec: Callable[[Any], Any]) -> 'Field':
"""Descriptor to change the decoder on JSON object field."""
return self._update_params(decoder=fdec)
[docs] def encoder(self, fenc: Callable[[Any], Any]) -> 'Field':
"""Descriptor to change the encoder on JSON object field."""
return self._update_params(encoder=fenc)
[docs] def decode(self, value: Any) -> Any:
"""Decode a value, optionally with context JSON object."""
return self.fdec(value)
[docs] def encode(self, value: Any) -> Any:
"""Encode a value, optionally with context JSON object."""
return self.fenc(value)
[docs] @classmethod
def default_decoder(cls, value: Any) -> Any:
"""Default decoder.
Recursively deserialize into immutable types (
:class:`josepy.util.frozendict` instead of
:func:`dict`, :func:`tuple` instead of :func:`list`).
"""
# bases cases for different types returned by json.loads
if isinstance(value, list):
return tuple(cls.default_decoder(subvalue) for subvalue in value)
elif isinstance(value, dict):
return util.frozendict(
{cls.default_decoder(key): cls.default_decoder(value)
for key, value in value.items()})
else: # integer or string
return value
[docs] @classmethod
def default_encoder(cls, value: Any) -> Any:
"""Default (passthrough) encoder."""
# field.to_partial_json() is no good as encoder has to do partial
# serialization only
return value
class _TypedField(Field):
"""Specialized class to mark a JSON object field with typed annotations.
This class is kept private because fields are supposed to be declared
using the :function:`field` in this situation.
In the future the :class:`Field` may be removed in favor of this one."""
[docs]class JSONObjectWithFields(util.ImmutableMap,
interfaces.JSONDeSerializable,
metaclass=JSONObjectWithFieldsMeta):
# pylint: disable=too-few-public-methods
"""JSON object with fields.
Example::
class Foo(JSONObjectWithFields):
bar = Field('Bar')
empty = Field('Empty', omitempty=True)
@bar.encoder
def bar(value):
return value + 'bar'
@bar.decoder
def bar(value):
if not value.endswith('bar'):
raise errors.DeserializationError('No bar suffix!')
return value[:-3]
assert Foo(bar='baz').to_partial_json() == {'Bar': 'bazbar'}
assert Foo.from_json({'Bar': 'bazbar'}) == Foo(bar='baz')
assert (Foo.from_json({'Bar': 'bazbar', 'Empty': '!'})
== Foo(bar='baz', empty='!'))
assert Foo(bar='baz').bar == 'baz'
"""
@classmethod
def _defaults(cls) -> Dict[str, Any]:
"""Get default fields values."""
return {
slot: field.default for slot, field in cls._fields.items()
}
def __init__(self, **kwargs: Any) -> None:
# pylint: disable=star-args
super().__init__(
**{**self._defaults(), **kwargs})
[docs] def encode(self, name: str) -> Any:
"""Encode a single field.
:param str name: Name of the field to be encoded.
:raises errors.SerializationError: if field cannot be serialized
:raises errors.Error: if field could not be found
"""
try:
field = self._fields[name] # type: ignore[attr-defined]
except KeyError:
raise errors.Error("Field not found: {0}".format(name))
return field.encode(getattr(self, name))
[docs] def fields_to_partial_json(self) -> Dict[str, Any]:
"""Serialize fields to JSON."""
jobj = {}
omitted = set()
for slot, field in self._fields.items(): # type: ignore[attr-defined]
value = getattr(self, slot)
if field.omit(value):
omitted.add((slot, value))
else:
try:
jobj[field.json_name] = field.encode(value)
except errors.SerializationError as error:
raise errors.SerializationError(
'Could not encode {0} ({1}): {2}'.format(
slot, value, error))
return jobj
[docs] def to_partial_json(self) -> Dict[str, Any]:
return self.fields_to_partial_json()
@classmethod
def _check_required(cls, jobj: Mapping[str, Any]) -> None:
missing = set()
for _, field in cls._fields.items():
if not field.omitempty and field.json_name not in jobj:
missing.add(field.json_name)
if missing:
raise errors.DeserializationError(
'The following fields are required: {0}'.format(
','.join(missing)))
[docs] @classmethod
def fields_from_json(cls, jobj: Mapping[str, Any]) -> Any:
"""Deserialize fields from JSON."""
cls._check_required(jobj)
fields = {}
for slot, field in cls._fields.items():
if field.json_name not in jobj and field.omitempty:
fields[slot] = field.default
else:
value = jobj[field.json_name]
try:
fields[slot] = field.decode(value)
except errors.DeserializationError as error:
raise errors.DeserializationError(
'Could not decode {0!r} ({1!r}): {2}'.format(
slot, value, error))
return fields
@classmethod
def from_json(cls, jobj: Dict[str, Any]) -> 'JSONObjectWithFields':
return cls(**cls.fields_from_json(jobj))
[docs]def encode_b64jose(data: bytes) -> str:
"""Encode JOSE Base-64 field.
:param bytes data:
:rtype: `str`
"""
# b64encode produces ASCII characters only
return b64.b64encode(data).decode('ascii')
[docs]def decode_b64jose(data: str, size: Optional[int] = None, minimum: bool = False) -> bytes:
"""Decode JOSE Base-64 field.
:param unicode data:
:param int size: Required length (after decoding).
:param bool minimum: If ``True``, then `size` will be treated as
minimum required length, as opposed to exact equality.
:rtype: bytes
"""
try:
decoded = b64.b64decode(data.encode())
except binascii.Error as error:
raise errors.DeserializationError(error)
if size is not None and ((not minimum and len(decoded) != size) or
(minimum and len(decoded) < size)):
raise errors.DeserializationError(
"Expected at least or exactly {0} bytes".format(size))
return decoded
[docs]def encode_hex16(value: bytes) -> str:
"""Hexlify.
:param bytes value:
:rtype: unicode
"""
return binascii.hexlify(value).decode()
[docs]def decode_hex16(value: str, size: Optional[int] = None, minimum: bool = False) -> bytes:
"""Decode hexlified field.
:param unicode value:
:param int size: Required length (after decoding).
:param bool minimum: If ``True``, then `size` will be treated as
minimum required length, as opposed to exact equality.
:rtype: bytes
"""
value_b = value.encode()
if size is not None and ((not minimum and len(value_b) != size * 2) or
(minimum and len(value_b) < size * 2)):
raise errors.DeserializationError()
try:
return binascii.unhexlify(value_b)
except binascii.Error as error:
raise errors.DeserializationError(error)
[docs]def encode_cert(cert: josepy.util.ComparableX509) -> str:
"""Encode certificate as JOSE Base-64 DER.
:type cert: `OpenSSL.crypto.X509` wrapped in `.ComparableX509`
:rtype: unicode
"""
if isinstance(cert.wrapped, crypto.X509Req):
raise ValueError("Error input is actually a certificate request.")
return encode_b64jose(crypto.dump_certificate(
crypto.FILETYPE_ASN1, cert.wrapped))
[docs]def decode_cert(b64der: str) -> josepy.util.ComparableX509:
"""Decode JOSE Base-64 DER-encoded certificate.
:param unicode b64der:
:rtype: `OpenSSL.crypto.X509` wrapped in `.ComparableX509`
"""
try:
return util.ComparableX509(crypto.load_certificate(
crypto.FILETYPE_ASN1, decode_b64jose(b64der)))
except crypto.Error as error:
raise errors.DeserializationError(error)
[docs]def encode_csr(csr: josepy.util.ComparableX509) -> str:
"""Encode CSR as JOSE Base-64 DER.
:type csr: `OpenSSL.crypto.X509Req` wrapped in `.ComparableX509`
:rtype: unicode
"""
if isinstance(csr.wrapped, crypto.X509):
raise ValueError("Error input is actually a certificate.")
return encode_b64jose(crypto.dump_certificate_request(
crypto.FILETYPE_ASN1, csr.wrapped))
[docs]def decode_csr(b64der: str) -> josepy.util.ComparableX509:
"""Decode JOSE Base-64 DER-encoded CSR.
:param unicode b64der:
:rtype: `OpenSSL.crypto.X509Req` wrapped in `.ComparableX509`
"""
try:
return util.ComparableX509(crypto.load_certificate_request(
crypto.FILETYPE_ASN1, decode_b64jose(b64der)))
except crypto.Error as error:
raise errors.DeserializationError(error)
[docs]class TypedJSONObjectWithFields(JSONObjectWithFields):
"""JSON object with type."""
typ: str = NotImplemented
"""Type of the object. Subclasses must override."""
type_field_name: str = "type"
"""Field name used to distinguish different object types.
Subclasses will probably have to override this.
"""
TYPES: Dict[str, Type] = NotImplemented
"""Types registered for JSON deserialization"""
[docs] @classmethod
def register(cls, type_cls: Type['TypedJSONObjectWithFields'],
typ: Optional[str] = None) -> Type['TypedJSONObjectWithFields']:
"""Register class for JSON deserialization."""
typ = type_cls.typ if typ is None else typ
cls.TYPES[typ] = type_cls
return type_cls
[docs] @classmethod
def get_type_cls(cls, jobj: Mapping[str, Any]) -> Type['TypedJSONObjectWithFields']:
"""Get the registered class for ``jobj``."""
if cls in cls.TYPES.values():
if cls.type_field_name not in jobj:
raise errors.DeserializationError(
"Missing type field ({0})".format(cls.type_field_name))
# cls is already registered type_cls, force to use it
# so that, e.g Revocation.from_json(jobj) fails if
# jobj["type"] != "revocation".
return cls
if not isinstance(jobj, dict):
raise errors.DeserializationError(
"{0} is not a dictionary object".format(jobj))
try:
typ = jobj[cls.type_field_name]
except KeyError:
raise errors.DeserializationError("missing type field")
try:
return cls.TYPES[typ]
except KeyError:
raise errors.UnrecognizedTypeError(typ, jobj)
[docs] def to_partial_json(self) -> Dict[str, Any]:
"""Get JSON serializable object.
:returns: Serializable JSON object representing ACME typed object.
:meth:`validate` will almost certainly not work, due to reasons
explained in :class:`josepy.interfaces.IJSONSerializable`.
:rtype: dict
"""
jobj = self.fields_to_partial_json()
jobj[self.type_field_name] = self.typ
return jobj
[docs] @classmethod
def from_json(cls, jobj: Mapping[str, Any]) -> 'TypedJSONObjectWithFields':
"""Deserialize ACME object from valid JSON object.
:raises josepy.errors.UnrecognizedTypeError: if type
of the ACME object has not been registered.
"""
# make sure subclasses don't cause infinite recursive from_json calls
type_cls = cls.get_type_cls(jobj)
return type_cls(**type_cls.fields_from_json(jobj))