linotp.controllers.migrate module

migration controller -

support the migration of encrypted data towards new encryption key or new hsm

class linotp.controllers.migrate.MigrateController(name, install_name='', **kwargs)

Bases: BaseController

after_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.AfterRequestCallable]]

A data structure of functions to call at the end of each request, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the after_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

backup()

POST /migrate/backup

create a backup of

  • the encrypted token data, which could be seed or pin (if encrypted) or userpin (used in motp, ocra2)

  • the config entries of type password

the data

  • is encrypted with a given passphrase

  • and stored in an backup file (defined by the hash of backupid)

Parameters:

  • pass – passphrase used for encrypting data in the backup file

  • backupid – used to controll the intermediate backup file

before_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.BeforeRequestCallable]]

A data structure of functions to call at the beginning of each request, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the before_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

deferred_functions: t.List[DeferredSetupFunction]
error_handler_spec: t.Dict[ft.AppOrBlueprintKey, t.Dict[t.Optional[int], t.Dict[t.Type[Exception], ft.ErrorHandlerCallable]]]

A data structure of registered error handlers, in the format {scope: {code: {class: handler}}}. The scope key is the name of a blueprint the handlers are active for, or None for all requests. The code key is the HTTP status code for HTTPException, or None for other exceptions. The innermost dictionary maps exception classes to handler functions.

To register an error handler, use the errorhandler() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

name: str
restore()

POST /migrate/restore

restore the encrypted config and token data from a backup file

the restore relies on a backup file, which was created by the migrate/backup command. The file contains per line a config or token entry, where each line is a json dump. The first line of the backup file contains the salt, the last one the number of entries written

Parameters:

  • pass – passphrase used for encrypting data in the backup file

  • backupid – used to controll the intermediate backup file

  • (optional) (remove_backup) – if set to False, backup file will not be deleted after backup. Default is that backup is deleted, even in case of error

teardown_request_funcs: t.Dict[ft.AppOrBlueprintKey, t.List[ft.TeardownCallable]]

A data structure of functions to call at the end of each request even if an exception is raised, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the teardown_request() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

template_context_processors: t.Dict[ft.AppOrBlueprintKey, t.List[ft.TemplateContextProcessorCallable]]

A data structure of functions to call to pass extra context values when rendering templates, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the context_processor() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

url_default_functions: t.Dict[ft.AppOrBlueprintKey, t.List[ft.URLDefaultCallable]]

A data structure of functions to call to modify the keyword arguments when generating URLs, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the url_defaults() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

url_value_preprocessors: t.Dict[ft.AppOrBlueprintKey, t.List[ft.URLValuePreprocessorCallable]]

A data structure of functions to call to modify the keyword arguments passed to the view function, in the format {scope: [functions]}. The scope key is the name of a blueprint the functions are active for, or None for all requests.

To register a function, use the url_value_preprocessor() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.

view_functions: t.Dict[str, t.Callable]

A dictionary mapping endpoint names to view functions.

To register a view function, use the route() decorator.

This data structure is internal. It should not be modified directly and its format may change at any time.