fix(schema): add parameters to paste/private route

chore: upgrade version

.gitignore

@@ -9,6 +9,4 @@
 **/__pycache__/
 .DS_Store
 .coverage
-/*.md
+/*.md
-/.eggs/
-/devel/

README.md

@@ -2,40 +2,28 @@
 
 ![](docs/_assets/images/favpng_parrot-royalty-free-cartoon.png)
 
-**NOTE**: httpaste is publicly hosted at [httpaste.it](http://httpaste.it) and as a hidden Tor service ([https://paste77ubkwxy4fqezffsmthxdh3xerwi72tlsw2mch7ecjhw2xn7iyd.onion](https://paste77ubkwxy4fqezffsmthxdh3xerwi72tlsw2mch7ecjhw2xn7iyd.onion)).
+httpaste is a pastebin application for easily pasting and retrieving data over
-Both services are to be considered evaluatory, as long as the source code
+HTTP from shell environments and web browsers. It is inspired by [sprunge.us](http://sprunge.us)
-is in pre-release. Regarding voidance of pre-release status, see [Open Issues](https://victorykit.atlassian.net/issues/?jql=project%20%3D%20HTTPASTE%20AND%20fixVersion%20in%20(1.1.0-beta%2C%201.2.0-beta%2C%201.3.0)), for more information.
+and [ix.io](http://ix.io/), but focuses on extendability, advanced security, with little to
+no trade-off to simplicity. It can be hosted through WSGI, CGI, Fast CGI, or
+as a standalone evaluation server. It offers multiple storage backends, such as
+a filesystem backend, SQLite backend, MySQL backend, or MongoDB backend.
 
-This program offers an HTTP interface for storing public and private data
+All pastes are being encrypted on the fly and can only be retrieved by an
-(a.k.a. pastes), commonly referred to as a pastebin application. It is inspired by [sprunge.us](http://sprunge.us) and [ix.io](http://ix.io/). It can be hosted through WSGI, CGI, Fast
+authorized user, either through knowing the paste id of a public paste, or
-CGI, or as a standalone evaluation server. It offers multiple storage backends,
+having authentication credentials, as well as the paste id of a private paste.
-such as a filesystem backend, SQLite backend, or MySQL backend.
+This makes httpaste ideal as a pastebin for sensitive environments such as the
+Tor network. Authentication credentials are created on-the-fly and don’t  require a sign-up process.
 
-Public data can be accessed through an URL, where as private pastes
+httpaste supports output formatting for syntax highlighting (powered by
-additionally require HTTP basic authentication. Creation of authentication
-credentials happens on the fly, there is no sign-up process. Public pastes can
-only be accessed by knowing their paste ids, they are not listed on any index,
-since it isn’t technically possible (by design).
-
-All pastes are symetrically encrypted server-side with an HMAC derived key and
-SHA-256 hashing, a server-side salt and a randomly generated password. Public
-paste’s passwords are derived from their ids. Private paste’s passwords are
-randomly generated and stored inside a symetrically encrypted personal
-database, with the encryption key also being derived through the same HMAC
-mechanism, where the HTTP basic authentication credentials act as the master
-password.
-
-Paste ids, usernames, and any other identifiable attributes are only stored
-inside storage backends as keyed and salted BLAKE2 hashes.
-
-The program supports output formatting for syntax highlighting (powered by
 [pygments](https://pygments.org/)), as well as MIME type output manipulation, and input encoding.
-The program can therefore serve as a minimalist, anonymous object storage for
+Therefore httpaste can server as an anonymous object storage for small data.
-small data.
 
-Minute-based and ‘burn-after-read’ paste expiration are also supported.
+Minute-based and ‘burn-after-read’ paste expiration are supported.
 
-# Getting Started
+httpaste focuses on security through cryptography, making it a computationally intensive application.
+
+# Get Started
 
 ## Install
 

docs/README.rst

@@ -9,41 +9,28 @@ httpaste - versatile HTTP pastebin
 
     .. image:: _assets/images/favpng_parrot-royalty-free-cartoon.png
 
-.. note::
+httpaste is a pastebin application for easily pasting and retrieving data over 
-    httpaste is publicly hosted at `httpaste.it`_ and as a hidden Tor service (`<https://paste77ubkwxy4fqezffsmthxdh3xerwi72tlsw2mch7ecjhw2xn7iyd.onion>`_). 
+HTTP from shell environments and web browsers. It is inspired by `sprunge.us`_ 
-    Both services are to be considered evaluatory, as long as the source code 
+and `ix.io`_, but focuses on extendability, advanced security, with little to 
-    is in pre-release. Regarding voidance of pre-release status, see `Open Issues`_, for more information.
+no trade-off to simplicity. It can be hosted through WSGI, CGI, Fast CGI, or 
+as a standalone evaluation server. It offers multiple storage backends, such as 
+a filesystem backend, SQLite backend, MySQL backend, or MongoDB backend.
 
-This program offers an HTTP interface for storing public and private data
+All pastes are being encrypted on the fly and can only be retrieved by an 
-(a.k.a. pastes), commonly referred to as a pastebin application. It is inspired by `sprunge.us`_ and `ix.io`_. It can be hosted through WSGI, CGI, Fast 
+authorized user, either through knowing the paste id of a public paste, or 
-CGI, or as a standalone evaluation server. It offers multiple storage backends, 
+having authentication credentials, as well as the paste id of a private paste. 
-such as a filesystem backend, SQLite backend, or MySQL backend.
+This makes httpaste ideal as a pastebin for sensitive environments such as the 
+Tor network. Authentication credentials are created on-the-fly and don't  require a sign-up process.
 
-Public data can be accessed through an URL, where as private pastes 
+httpaste supports output formatting for syntax highlighting (powered by 
-additionally require HTTP basic authentication. Creation of authentication 
-credentials happens on the fly, there is no sign-up process. Public pastes can 
-only be accessed by knowing their paste ids, they are not listed on any index, 
-since it isn't technically possible (by design).
-
-All pastes are symetrically encrypted server-side with an HMAC derived key and 
-SHA-256 hashing, a server-side salt and a randomly generated password. Public 
-paste's passwords are derived from their ids. Private paste's passwords are 
-randomly generated and stored inside a symetrically encrypted personal 
-database, with the encryption key also being derived through the same HMAC 
-mechanism, where the HTTP basic authentication credentials act as the master 
-password.
-
-Paste ids, usernames, and any other identifiable attributes are only stored
-inside storage backends as keyed and salted BLAKE2 hashes.
-
-The program supports output formatting for syntax highlighting (powered by 
 `pygments`_), as well as MIME type output manipulation, and input encoding. 
-The program can therefore serve as a minimalist, anonymous object storage for
+Therefore httpaste can server as an anonymous object storage for small data.
-small data.
 
-Minute-based and 'burn-after-read' paste expiration are also supported.
+Minute-based and 'burn-after-read' paste expiration are supported.
 
-.. include:: guide/getting-started.rst
+httpaste focuses on security through cryptography, making it a computationally intensive application.
+
+.. include:: guide/get-started.rst
 
 Documentation
 -------------
@@ -82,8 +69,4 @@ This program uses licensed third-party software.
 .. _ix.io: http://ix.io/
 .. _sprunge.us: http://sprunge.us
 .. _pygments: https://pygments.org/
-.. _icon: https://favpng.com/png_view/parrot-parrot-royalty-free-cartoon-png/gps7HM42
+.. _icon: https://favpng.com/png_view/parrot-parrot-royalty-free-cartoon-png/gps7HM42
-
-.. _Open Issues: https://victorykit.atlassian.net/issues/?jql=project%20%3D%20HTTPASTE%20AND%20fixVersion%20in%20(1.1.0-beta%2C%201.2.0-beta%2C%201.3.0)
-
-.. _httpaste.it: http://httpaste.it

docs/guide/get-started.rst

@@ -1,5 +1,5 @@
-Getting Started
+Get Started
-===============
+===========
 
 Install
 """""""

docs/index.rst

@@ -4,7 +4,7 @@
     :maxdepth: 1
     :caption: Guides
 
-    guide/getting-started
+    guide/get-started
     guide/advanced-usage
     guide/backend
     guide/cli

pyproject.toml

@@ -1,8 +1,7 @@
 [build-system]
 requires = [
     "setuptools",
-    "wheel",
+    "wheel"
-    "setuptools-scm[toml]"
 ]
 build-backend = "setuptools.build_meta"
 
@@ -10,6 +9,4 @@ build-backend = "setuptools.build_meta"
 max_line_length = 80
 aggressive = 3
 recursive = true
-in-place = true
+in-place = true
-
-[tool.setuptools_scm]

setup.cfg

@@ -1,5 +1,6 @@
 [metadata]
 name = httpaste-victorykit
+version = 1.0.4-alpha
 author = Tiara Rodney
 author_email = t.rodney@victoryk.it
 description = a versatile HTTP pastebin
@@ -38,6 +39,4 @@ console_scripts =
 where = src
 
 [options.package_data]
-* = 
+schema = src/httpaste/schema/httpaste.openapi.json
-	*.json
-	*.sql

src/httpaste/__init__.py

@@ -143,8 +143,6 @@ from inspect import isclass
 from configparser import ConfigParser
 from ast import literal_eval
 from io import StringIO
-from os import environ
-from importlib.resources import path as resource_path
 
 from connexion import FlaskApp
 from connexion.resolver import RestyResolver
@@ -160,7 +158,7 @@ from httpaste.helper.http import (
     UnauthorizedError)
 
 
-CONFIGPATH_ENVIRON = 'HTTPASTE_CONFIGPATH'
+CONFIGPATH_ENVIRON = 'HTTPASTE_CONFIG'
 
 
 def get_sanitized_config_charset(charset: str):
@@ -200,17 +198,17 @@ class ServerConfig:
     bind_address = None
 
 
-def get_config_path(var_name: str = CONFIGPATH_ENVIRON):
+def get_config_path(environ: str = CONFIGPATH_ENVIRON):
     """
     """
 
     try:
 
-        return environ[var_name]
+        return os.environ[environ]
     except KeyError as e:
 
         raise ConfigError(
-            f'environment variable \'{var_name}\' not set.') from e
+            'environment variable \'{environ}\' not set.') from e
 
 
 def load_config(path: str) -> Tuple[Config, ServerConfig]:
@@ -302,16 +300,13 @@ def get_flask_app(
 
     options = {"swagger_ui": server_config.swagger_ui}
 
-    #context manager returns a pathlib.Path object
+    application = FlaskApp(__name__, specification_dir='schema/')
-    with resource_path('httpaste.schema', 'httpaste.openapi.json') as path:
 
-        application = FlaskApp(__name__, specification_dir=path.parent)
+    application.add_api(
-
+        'httpaste.openapi.json',
-        application.add_api(
+        options=options,
-            path.name,
+        resolver=RestyResolver('httpaste.controller')
-            options=options,
+    )
-            resolver=RestyResolver('httpaste.controller')
-        )
 
     for err_cls in [
         BadRequestError,
@@ -327,14 +322,6 @@ def get_flask_app(
     with application.app.app_context():
         application.app.httpaste = config
 
-    #add header for browsers to present a sign-in prompt
-    @application.app.after_request
-    def rewrite_forbidden_request(response):
-
-        if response.status_code in [401]:
-            response.headers['WWW-Authenticate'] = 'Basic realm="private"'
-        return response
-
     return application
 
 

src/httpaste/__main__.py

@@ -2,7 +2,6 @@
 """
 import argparse
 import os
-from importlib.resources import open_text
 
 
 def _this_dir(basename: str) -> str:
@@ -21,7 +20,7 @@ def _path_output(path, echo: bool = False) -> str:
         return path
     else:
 
-        with open_text('httpaste', path) as fh:
+        with open(path, 'r') as fh:
 
             return fh.read()
 
@@ -52,21 +51,21 @@ def command_wsgi(**kwargs):
     """get WSGI script
     """
 
-    print(_path_output('wsgi.py', kwargs.get('echo')))
+    print(_path_output(_this_dir('wsgi.py'), kwargs.get('echo')))
 
 
 def command_cgi(**kwargs):
     """get CGI script
     """
 
-    print(_path_output('cgi.py', kwargs.get('echo')))
+    print(_path_output(_this_dir('cgi.py'), kwargs.get('echo')))
 
 
 def command_fcgi(**kwargs):
     """get FastCGI script
     """
 
-    print(_path_output('fcgi.py', kwargs.get('echo')))
+    print(_path_output(_this_dir('fcgi.py'), kwargs.get('echo')))
 
 
 def command_default_config(**kwargs):

src/httpaste/backend/sqlite/paste.py

@@ -3,7 +3,6 @@
 from os import path
 from sqlite3 import Connection
 from time import time
-from importlib.resources import open_text
 
 
 def load(proto: object, connection: Connection, model_class: type):
@@ -64,7 +63,7 @@ def init(connection: Connection):
 
     cur = connection.cursor()
 
-    with open_text('httpaste.backend.sqlite', 'paste.sql') as fh:
+    with open(path.join(path.dirname(__file__), 'paste.sql'), 'r') as fh:
 
         cur.execute(fh.read())
 

src/httpaste/backend/sqlite/user.py

@@ -3,7 +3,6 @@
 from os import path
 from sqlite3 import Connection
 from httpaste.model import User
-from importlib.resources import open_text
 
 
 def load(proto: User, connection: Connection):
@@ -49,7 +48,7 @@ def init(connection: Connection):
 
     cur = connection.cursor()
 
-    with open_text('httpaste.backend.sqlite', 'user.sql') as fh:
+    with open(path.join(path.dirname(__file__), 'user.sql'), 'r') as fh:
 
         cur.execute(fh.read())
 

src/httpaste/helper/common.py

@@ -1,10 +1,6 @@
 from random import choice
 from base64 import b64decode
 from urllib.parse import urljoin
-from tempfile import mkdtemp
-from pathlib import Path
-from contextlib import contextmanager
-
 
 class DecodeError(Exception):
     """
@@ -33,4 +29,4 @@ def decode(data: str, encoding: str) -> bytes:
 
 def join_url(base:str, url: str) -> str:
 
-    return urljoin(base, url, True)
+    return urljoin(base, url, True)

src/httpaste/wsgi.py

@@ -3,6 +3,6 @@
 """
 from httpaste import load_config, get_flask_app, get_config_path
 
-config, server_config = load_config(get_config_path())
+config, server_config = load_config(get_config_path)
 
 application = get_flask_app(config, server_config)