steamguard-cli/src/accountmanager.rs

520 lines
15 KiB
Rust
Raw Normal View History

2021-08-19 22:54:18 +02:00
pub use crate::encryption::EntryEncryptionParams;
use crate::encryption::EntryEncryptor;
2021-08-01 14:43:18 +02:00
use log::*;
use serde::{Deserialize, Serialize};
2021-08-15 17:52:54 +02:00
use std::fs::File;
use std::io::{BufReader, Read, Write};
2021-03-26 00:47:44 +01:00
use std::path::Path;
use std::sync::{Arc, Mutex};
use steamguard::SteamGuardAccount;
2021-08-17 03:13:58 +02:00
use thiserror::Error;
2021-03-25 22:45:41 +01:00
2021-03-26 18:14:59 +01:00
#[derive(Debug, Serialize, Deserialize)]
2021-03-25 22:45:41 +01:00
pub struct Manifest {
2021-08-08 18:54:46 +02:00
pub entries: Vec<ManifestEntry>,
2021-08-19 22:54:18 +02:00
/// Not really used, kept mostly for compatibility with SDA.
pub encrypted: bool,
/// Not implemented, kept for compatibility with SDA.
2021-08-08 18:54:46 +02:00
pub first_run: bool,
/// Not implemented, kept for compatibility with SDA.
2021-08-08 18:54:46 +02:00
pub periodic_checking: bool,
/// Not implemented, kept for compatibility with SDA.
2021-08-08 18:54:46 +02:00
pub periodic_checking_interval: i32,
/// Not implemented, kept for compatibility with SDA.
2021-08-08 18:54:46 +02:00
pub periodic_checking_checkall: bool,
/// Not implemented, kept for compatibility with SDA.
2021-08-08 18:54:46 +02:00
pub auto_confirm_market_transactions: bool,
/// Not implemented, kept for compatibility with SDA.
2021-08-08 18:54:46 +02:00
pub auto_confirm_trades: bool,
2021-03-25 22:45:41 +01:00
2021-08-08 18:54:46 +02:00
#[serde(skip)]
pub accounts: Vec<Arc<Mutex<SteamGuardAccount>>>,
#[serde(skip)]
folder: String, // I wanted to use a Path here, but it was too hard to make it work...
2021-03-25 22:45:41 +01:00
}
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct ManifestEntry {
2021-08-08 18:54:46 +02:00
pub filename: String,
#[serde(default, rename = "steamid")]
2021-08-08 18:54:46 +02:00
pub steam_id: u64,
#[serde(default)]
pub account_name: String,
#[serde(default, flatten)]
pub encryption: Option<EntryEncryptionParams>,
}
impl Default for Manifest {
fn default() -> Self {
Manifest {
encrypted: false,
entries: vec![],
first_run: false,
periodic_checking: false,
periodic_checking_interval: 0,
periodic_checking_checkall: false,
auto_confirm_market_transactions: false,
auto_confirm_trades: false,
accounts: vec![],
folder: "".into(),
}
}
}
2021-03-26 00:47:44 +01:00
impl Manifest {
/// `path` should be the path to manifest.json
pub fn new(path: &Path) -> Self {
Manifest {
folder: String::from(path.parent().unwrap().to_str().unwrap()),
..Default::default()
}
}
pub fn load(path: &Path) -> anyhow::Result<Self> {
2021-08-08 18:54:46 +02:00
debug!("loading manifest: {:?}", &path);
let file = File::open(path)?;
let reader = BufReader::new(file);
let mut manifest: Manifest = serde_json::from_reader(reader)?;
manifest.folder = String::from(path.parent().unwrap().to_str().unwrap());
return Ok(manifest);
}
2021-03-26 19:05:54 +01:00
2021-08-17 03:13:58 +02:00
pub fn load_accounts(
&mut self,
passkey: &Option<String>,
) -> anyhow::Result<(), ManifestAccountLoadError> {
for entry in &mut self.entries {
2021-08-08 18:54:46 +02:00
let path = Path::new(&self.folder).join(&entry.filename);
debug!("loading account: {:?}", path);
let file = File::open(path)?;
2021-08-15 17:52:54 +02:00
let mut reader = BufReader::new(file);
let account: SteamGuardAccount;
match (passkey, entry.encryption.as_ref()) {
(Some(passkey), Some(params)) => {
let mut ciphertext: Vec<u8> = vec![];
reader.read_to_end(&mut ciphertext)?;
2021-08-19 22:54:18 +02:00
let plaintext = crate::encryption::LegacySdaCompatible::decrypt(
passkey, params, ciphertext,
)?;
2021-08-20 16:01:23 +02:00
if plaintext[0] != '{' as u8 && plaintext[plaintext.len() - 1] != '}' as u8 {
return Err(ManifestAccountLoadError::IncorrectPasskey);
}
2021-08-19 22:54:18 +02:00
let s = std::str::from_utf8(&plaintext).unwrap();
2021-08-16 05:20:49 +02:00
account = serde_json::from_str(&s)?;
2021-08-15 17:52:54 +02:00
}
(None, Some(_)) => {
2021-08-17 03:13:58 +02:00
return Err(ManifestAccountLoadError::MissingPasskey);
2021-08-15 17:52:54 +02:00
}
(_, None) => {
account = serde_json::from_reader(reader)?;
}
};
entry.account_name = account.account_name.clone();
2021-08-08 18:54:46 +02:00
self.accounts.push(Arc::new(Mutex::new(account)));
}
Ok(())
}
2021-08-01 17:20:57 +02:00
pub fn account_exists(&self, account_name: &String) -> bool {
for entry in &self.entries {
if &entry.account_name == account_name {
return true;
}
}
return false;
}
2021-08-08 18:54:46 +02:00
pub fn add_account(&mut self, account: SteamGuardAccount) {
debug!("adding account to manifest: {}", account.account_name);
let steamid = account.session.as_ref().map_or(0, |s| s.steam_id);
2021-08-08 18:54:46 +02:00
self.entries.push(ManifestEntry {
filename: format!("{}.maFile", &account.account_name),
steam_id: steamid,
account_name: account.account_name.clone(),
encryption: None,
2021-08-08 18:54:46 +02:00
});
self.accounts.push(Arc::new(Mutex::new(account)));
}
2021-08-01 17:20:57 +02:00
2021-08-14 01:04:03 +02:00
pub fn import_account(&mut self, import_path: String) -> anyhow::Result<()> {
let path = Path::new(&import_path);
ensure!(path.exists(), "{} does not exist.", import_path);
ensure!(path.is_file(), "{} is not a file.", import_path);
let file = File::open(path)?;
let reader = BufReader::new(file);
let account: SteamGuardAccount = serde_json::from_reader(reader)?;
2021-09-06 22:57:36 +02:00
ensure!(
!self.account_exists(&account.account_name),
"Account already exists in manifest, please remove it first."
);
2021-08-14 01:04:03 +02:00
self.add_account(account);
return Ok(());
}
2021-08-12 01:39:29 +02:00
pub fn remove_account(&mut self, account_name: String) {
let index = self
.accounts
.iter()
.position(|a| a.lock().unwrap().account_name == account_name)
.unwrap();
self.accounts.remove(index);
self.entries.remove(index);
}
2021-08-17 03:13:58 +02:00
pub fn save(&self, passkey: &Option<String>) -> anyhow::Result<()> {
2021-08-08 18:54:46 +02:00
ensure!(
self.entries.len() == self.accounts.len(),
"Manifest entries don't match accounts."
);
2021-09-01 14:52:23 +02:00
info!("Saving manifest and accounts...");
2021-08-08 18:54:46 +02:00
for (entry, account) in self.entries.iter().zip(&self.accounts) {
debug!("saving {}", entry.filename);
2021-08-16 05:20:49 +02:00
let serialized = serde_json::to_vec(account.as_ref())?;
2021-08-08 18:54:46 +02:00
ensure!(
serialized.len() > 2,
"Something extra weird happened and the account was serialized into nothing."
);
2021-08-16 05:20:49 +02:00
let final_buffer: Vec<u8>;
match (passkey, entry.encryption.as_ref()) {
(Some(passkey), Some(params)) => {
2021-08-19 22:54:18 +02:00
final_buffer = crate::encryption::LegacySdaCompatible::encrypt(
passkey, params, serialized,
)?;
2021-08-16 05:20:49 +02:00
}
(None, Some(_)) => {
bail!("maFiles are encrypted, but no passkey was provided.");
}
(_, None) => {
final_buffer = serialized;
}
};
2021-08-08 18:54:46 +02:00
let path = Path::new(&self.folder).join(&entry.filename);
let mut file = File::create(path)?;
2021-08-16 05:20:49 +02:00
file.write_all(final_buffer.as_slice())?;
2021-08-08 18:54:46 +02:00
file.sync_data()?;
}
debug!("saving manifest");
let manifest_serialized = serde_json::to_string(&self)?;
let path = Path::new(&self.folder).join("manifest.json");
let mut file = File::create(path)?;
file.write_all(manifest_serialized.as_bytes())?;
file.sync_data()?;
Ok(())
}
2021-03-26 00:47:44 +01:00
}
2021-08-17 03:13:58 +02:00
#[derive(Debug, Error)]
pub enum ManifestAccountLoadError {
#[error("Manifest accounts are encrypted, but no passkey was provided.")]
MissingPasskey,
2021-08-20 16:01:23 +02:00
#[error("Incorrect passkey provided.")]
IncorrectPasskey,
2021-08-19 22:54:18 +02:00
#[error("Failed to decrypt account. {self:?}")]
DecryptionFailed(#[from] crate::encryption::EntryEncryptionError),
2021-08-17 03:13:58 +02:00
#[error("Failed to deserialize the account.")]
DeserializationFailed(#[from] serde_json::Error),
#[error(transparent)]
Unknown(#[from] anyhow::Error),
}
impl From<block_modes::BlockModeError> for ManifestAccountLoadError {
fn from(error: block_modes::BlockModeError) -> Self {
return Self::Unknown(anyhow::Error::from(error));
}
}
impl From<base64::DecodeError> for ManifestAccountLoadError {
fn from(error: base64::DecodeError) -> Self {
return Self::Unknown(anyhow::Error::from(error));
}
}
impl From<block_modes::InvalidKeyIvLength> for ManifestAccountLoadError {
fn from(error: block_modes::InvalidKeyIvLength) -> Self {
return Self::Unknown(anyhow::Error::from(error));
}
}
impl From<std::io::Error> for ManifestAccountLoadError {
fn from(error: std::io::Error) -> Self {
return Self::Unknown(anyhow::Error::from(error));
}
}
#[cfg(test)]
mod tests {
use super::*;
use tempdir::TempDir;
#[test]
fn test_should_save_new_manifest() {
let tmp_dir = TempDir::new("steamguard-cli-test").unwrap();
let manifest_path = tmp_dir.path().join("manifest.json");
let manifest = Manifest::new(manifest_path.as_path());
2021-08-17 03:13:58 +02:00
assert!(matches!(manifest.save(&None), Ok(_)));
}
#[test]
fn test_should_save_and_load_manifest() -> anyhow::Result<()> {
let tmp_dir = TempDir::new("steamguard-cli-test")?;
let manifest_path = tmp_dir.path().join("manifest.json");
println!("tempdir: {}", manifest_path.display());
let mut manifest = Manifest::new(manifest_path.as_path());
let mut account = SteamGuardAccount::new();
account.account_name = "asdf1234".into();
account.revocation_code = "R12345".into();
account.shared_secret = steamguard::token::TwoFactorSecret::parse_shared_secret(
"zvIayp3JPvtvX/QGHqsqKBk/44s=".into(),
)?;
manifest.add_account(account);
manifest.save(&None)?;
let mut loaded_manifest = Manifest::load(manifest_path.as_path())?;
assert_eq!(loaded_manifest.entries.len(), 1);
assert_eq!(loaded_manifest.entries[0].filename, "asdf1234.maFile");
loaded_manifest.load_accounts(&None)?;
assert_eq!(
loaded_manifest.entries.len(),
loaded_manifest.accounts.len()
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().account_name,
"asdf1234"
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().revocation_code,
"R12345"
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().shared_secret,
steamguard::token::TwoFactorSecret::parse_shared_secret(
"zvIayp3JPvtvX/QGHqsqKBk/44s=".into()
)?,
);
return Ok(());
}
2021-08-16 05:20:49 +02:00
#[test]
fn test_should_save_and_load_manifest_encrypted() {
2021-08-17 03:13:58 +02:00
let passkey: Option<String> = Some("password".into());
2021-08-16 05:20:49 +02:00
let tmp_dir = TempDir::new("steamguard-cli-test").unwrap();
let manifest_path = tmp_dir.path().join("manifest.json");
let mut manifest = Manifest::new(manifest_path.as_path());
let mut account = SteamGuardAccount::new();
account.account_name = "asdf1234".into();
account.revocation_code = "R12345".into();
account.shared_secret = steamguard::token::TwoFactorSecret::parse_shared_secret(
"zvIayp3JPvtvX/QGHqsqKBk/44s=".into(),
)
.unwrap();
2021-08-16 05:20:49 +02:00
manifest.add_account(account);
manifest.entries[0].encryption = Some(EntryEncryptionParams::generate());
2021-08-17 03:13:58 +02:00
assert!(matches!(manifest.save(&passkey), Ok(_)));
2021-08-16 05:20:49 +02:00
let mut loaded_manifest = Manifest::load(manifest_path.as_path()).unwrap();
assert_eq!(loaded_manifest.entries.len(), 1);
assert_eq!(loaded_manifest.entries[0].filename, "asdf1234.maFile");
2021-08-17 03:13:58 +02:00
assert!(matches!(loaded_manifest.load_accounts(&passkey), Ok(_)));
2021-08-16 05:20:49 +02:00
assert_eq!(
loaded_manifest.entries.len(),
loaded_manifest.accounts.len()
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().account_name,
"asdf1234"
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().revocation_code,
"R12345"
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().shared_secret,
steamguard::token::TwoFactorSecret::parse_shared_secret(
"zvIayp3JPvtvX/QGHqsqKBk/44s=".into()
)
.unwrap(),
2021-08-16 05:20:49 +02:00
);
}
#[test]
fn test_should_save_and_load_manifest_encrypted_longer() -> anyhow::Result<()> {
let passkey: Option<String> = Some("password".into());
let tmp_dir = TempDir::new("steamguard-cli-test").unwrap();
let manifest_path = tmp_dir.path().join("manifest.json");
let mut manifest = Manifest::new(manifest_path.as_path());
let mut account = SteamGuardAccount::new();
account.account_name = "asdf1234".into();
account.revocation_code = "R12345".into();
account.shared_secret = steamguard::token::TwoFactorSecret::parse_shared_secret(
"zvIayp3JPvtvX/QGHqsqKBk/44s=".into(),
)
.unwrap();
account.uri = "otpauth://;laksdjf;lkasdjf;lkasdj;flkasdjlkf;asjdlkfjslk;adjfl;kasdjf;lksdjflk;asjd;lfajs;ldkfjaslk;djf;lsakdjf;lksdj".into();
account.token_gid = "asdf1234".into();
manifest.add_account(account);
manifest.entries[0].encryption = Some(EntryEncryptionParams::generate());
manifest.save(&passkey)?;
let mut loaded_manifest = Manifest::load(manifest_path.as_path())?;
assert_eq!(loaded_manifest.entries.len(), 1);
assert_eq!(loaded_manifest.entries[0].filename, "asdf1234.maFile");
loaded_manifest.load_accounts(&passkey)?;
assert_eq!(
loaded_manifest.entries.len(),
loaded_manifest.accounts.len()
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().account_name,
"asdf1234"
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().revocation_code,
"R12345"
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().shared_secret,
steamguard::token::TwoFactorSecret::parse_shared_secret(
"zvIayp3JPvtvX/QGHqsqKBk/44s=".into()
)
.unwrap(),
);
return Ok(());
}
#[test]
fn test_should_import() {
let tmp_dir = TempDir::new("steamguard-cli-test").unwrap();
let manifest_path = tmp_dir.path().join("manifest.json");
let mut manifest = Manifest::new(manifest_path.as_path());
let mut account = SteamGuardAccount::new();
account.account_name = "asdf1234".into();
account.revocation_code = "R12345".into();
account.shared_secret = steamguard::token::TwoFactorSecret::parse_shared_secret(
"zvIayp3JPvtvX/QGHqsqKBk/44s=".into(),
)
.unwrap();
manifest.add_account(account);
2021-08-17 03:13:58 +02:00
assert!(matches!(manifest.save(&None), Ok(_)));
std::fs::remove_file(&manifest_path).unwrap();
let mut loaded_manifest = Manifest::new(manifest_path.as_path());
assert!(matches!(
loaded_manifest.import_account(
tmp_dir
.path()
.join("asdf1234.maFile")
.into_os_string()
.into_string()
.unwrap()
),
Ok(_)
));
assert_eq!(
loaded_manifest.entries.len(),
loaded_manifest.accounts.len()
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().account_name,
"asdf1234"
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().revocation_code,
"R12345"
);
assert_eq!(
loaded_manifest.accounts[0].lock().unwrap().shared_secret,
steamguard::token::TwoFactorSecret::parse_shared_secret(
"zvIayp3JPvtvX/QGHqsqKBk/44s=".into()
)
.unwrap(),
);
}
#[test]
fn test_sda_compatibility_1() {
2021-08-19 23:45:20 +02:00
let path = Path::new("src/fixtures/maFiles/compat/1-account/manifest.json");
assert!(path.is_file());
let result = Manifest::load(path);
assert!(matches!(result, Ok(_)));
let mut manifest = result.unwrap();
assert!(matches!(manifest.entries.last().unwrap().encryption, None));
2021-08-17 03:13:58 +02:00
assert!(matches!(manifest.load_accounts(&None), Ok(_)));
assert_eq!(
manifest.entries.last().unwrap().account_name,
manifest
.accounts
.last()
.unwrap()
.lock()
.unwrap()
.account_name
);
}
2021-08-15 17:52:54 +02:00
#[test]
fn test_sda_compatibility_1_encrypted() {
2021-08-19 23:45:20 +02:00
let path = Path::new("src/fixtures/maFiles/compat/1-account-encrypted/manifest.json");
2021-08-15 17:52:54 +02:00
assert!(path.is_file());
let result = Manifest::load(path);
assert!(matches!(result, Ok(_)));
let mut manifest = result.unwrap();
assert!(matches!(
manifest.entries.last().unwrap().encryption,
Some(_)
));
2021-08-17 03:13:58 +02:00
let result = manifest.load_accounts(&Some("password".into()));
2021-08-15 17:52:54 +02:00
assert!(
matches!(result, Ok(_)),
"error when loading accounts: {:?}",
result.unwrap_err()
);
assert_eq!(
manifest.entries.last().unwrap().account_name,
manifest
.accounts
.last()
.unwrap()
.lock()
.unwrap()
.account_name
);
}
#[test]
fn test_sda_compatibility_no_webcookie() {
let path = Path::new("src/fixtures/maFiles/compat/no-webcookie/manifest.json");
assert!(path.is_file());
let result = Manifest::load(path);
assert!(matches!(result, Ok(_)));
let mut manifest = result.unwrap();
assert!(matches!(manifest.entries.last().unwrap().encryption, None));
assert!(matches!(manifest.load_accounts(&None), Ok(_)));
assert_eq!(
manifest.entries.last().unwrap().account_name,
manifest
.accounts
.last()
.unwrap()
.lock()
.unwrap()
.account_name
);
assert_eq!(
manifest
.accounts
.last()
.unwrap()
.lock()
.unwrap()
.session
.as_ref()
.unwrap()
.web_cookie,
None
);
}
}