Handle credentials better

jsmnbom · jsmnbom · commit 4e13aee92d72 · 2018-08-25T18:01:17.000+02:00
diff --git a/examples/passportbot.py b/examples/passportbot.py
@@ -26,7 +26,7 @@ def msg(bot, update):
     if passport_data:
         # If our payload doesn't match what we think, this Update did not originate from us
         # Ideally you would randomize the payload on the server
-        if passport_data.decrypted_credentials.data.payload != 'thisisatest':
+        if passport_data.decrypted_credentials.payload != 'thisisatest':
             return
 
         # Print the decrypted credential data
diff --git a/telegram/__init__.py b/telegram/__init__.py
@@ -113,7 +113,8 @@
 from .passport.credentials import (Credentials,
                                    DataCredentials,
                                    SecureData,
-                                   FileCredentials)
+                                   FileCredentials,
+                                   TelegramDecryptionError)
 from .version import __version__  # flake8: noqa
 
 __author__ = 'devs@python-telegram-bot.org'
@@ -146,5 +147,5 @@
     'PassportElementErrorFiles', 'PassportElementErrorDataField', 'PassportElementErrorFile',
     'Credentials', 'DataCredentials', 'SecureData', 'FileCredentials', 'IdDocumentData',
     'PersonalDetails', 'ResidentialAddress', 'InputMediaVideo', 'InputMediaAnimation',
-    'InputMediaAudio', 'InputMediaDocument'
+    'InputMediaAudio', 'InputMediaDocument', 'TelegramDecryptionError'
 ]
diff --git a/telegram/passport/credentials.py b/telegram/passport/credentials.py
@@ -37,7 +37,7 @@ class TelegramDecryptionError(TelegramError):
     """
 
     def __init__(self, message):
-        super().__init__("TelegramDecryptionError" + message)
+        super().__init__("TelegramDecryptionError: " + message)
 
 
 def decrypt(secret, hash, data, file=False):
@@ -109,21 +109,24 @@ class EncryptedCredentials(TelegramObject):
     authentication processes.
 
     Attributes:
-        data (:class:`telegram.Credentials`): Decrypted data with unique user's payload,
-            data hashes and secrets used for EncryptedPassportElement decryption and
-            authentication.
+        data (:class:`telegram.Credentials` or :obj:`str`): Decrypted data with unique user's
+            payload, data hashes and secrets used for EncryptedPassportElement decryption and
+            authentication or base64 encrypted data.
         hash (:obj:`str`): Base64-encoded data hash for data authentication.
-        secret (:obj:`str`): Decrypted secret used for decryption.
+        secret (:obj:`str`): Decrypted or encrypted secret used for decryption.
 
     Args:
-        data (:obj:`str`): Base64-encoded encrypted JSON-serialized data with unique user's
-            payload, data hashes and secrets required for EncryptedPassportElement decryption and
-            authentication.
+        data (:class:`telegram.Credentials` or :obj:`str`): Decrypted data with unique user's
+            payload, data hashes and secrets used for EncryptedPassportElement decryption and
+            authentication or base64 encrypted data.
         hash (:obj:`str`): Base64-encoded data hash for data authentication.
-        secret (:obj:`str`): Base64-encoded secret, encrypted with the bot's public RSA key,
-            required for data decryption.
+        secret (:obj:`str`): Decrypted or encrypted secret used for decryption.
         **kwargs (:obj:`dict`): Arbitrary keyword arguments.
 
+    Note:
+        This object is decrypted only when originating from
+        :obj:`telegram.PassportData.decrypted_credentials`.
+
     """
 
     def __init__(self, data, hash, secret, bot=None, **kwargs):
@@ -135,7 +138,6 @@ def __init__(self, data, hash, secret, bot=None, **kwargs):
         self._id_attrs = (self.data, self.hash, self.secret)
 
         self.bot = bot
-
         self._decrypted_secret = None
         self._decrypted_data = None
 
@@ -146,33 +148,54 @@ def de_json(cls, data, bot):
 
         data = super(EncryptedCredentials, cls).de_json(data, bot)
 
-        # If already decrypted just create the data object directly
-        if isinstance(data['data'], dict):
-            data['data'] = Credentials.de_json(data['data'], bot=bot)
-        else:
+        return cls(bot=bot, **data)
+
+    @property
+    def decrypted_secret(self):
+        """
+        :obj:`str`: The secret as decrypted using the bot's private key.
+
+        Raises:
+            telegram.TelegramDecryptionError: If a decryption error happened while attempting
+                to decrypt the data. This is most often a wrong/missing private_key, but will
+                also happen in cases of tampered data.
+        """
+        if not self._decrypted_secret:
+            # Try decrypting according to step 1 at
+            # https://core.telegram.org/passport#decrypting-data
+            # We make sure to base64 decode the secret first.
+            # Telegram says to use OAEP padding so we do that. The Mask Generation Function
+            # is the default for OAEP, the algorithm is the default for PHP which is what
+            # Telegram's backend servers run.
             try:
-                # Try decrypting according to step 1 at
-                # https://core.telegram.org/passport#decrypting-data
-                # We make sure to base64 decode the secret first.
-                # Telegram says to use OAEP padding so we do that. The Mask Generation Function
-                # is the default for OAEP, the algorithm is the default for PHP which is what
-                # Telegram's backend servers run.
-                data['secret'] = bot.private_key.decrypt(b64decode(data.get('secret')), OAEP(
+                self._decrypted_secret = self.bot.private_key.decrypt(b64decode(self.secret), OAEP(
                     mgf=MGF1(algorithm=SHA1()),
                     algorithm=SHA1(),
                     label=None
                 ))
             except ValueError as e:
                 # If decryption fails raise exception
                 raise TelegramDecryptionError(e)
+        return self._decrypted_secret
 
-            # Now that secret is decrypted, we can decrypt the data
-            data['data'] = Credentials.de_json(decrypt_json(data.get('secret'),
-                                                            data.get('hash'),
-                                                            data.get('data')),
-                                               bot=bot)
-
-        return cls(bot=bot, **data)
+    @property
+    def decrypted_data(self):
+        """
+        :class:`telegram.Credentials`: Decrypted credentials that were used to decrypt
+        the data. This object also contains the user specified payload as
+        `decrypted_data.payload`.
+
+        Raises:
+            telegram.TelegramDecryptionError: If a decryption error happened while attempting
+                to decrypt the data. This is most often a wrong/missing private_key, but will
+                also happen in cases of tampered data.
+        """
+        if not self._decrypted_data:
+            self._decrypted_data = Credentials.de_json(decrypt_json(self.decrypted_secret,
+                                                                    self.hash,
+                                                                    self.data),
+                                                       self.bot)
+        return self._decrypted_data
 
 
 class Credentials(TelegramObject):
diff --git a/telegram/passport/encryptedpassportelement.py b/telegram/passport/encryptedpassportelement.py
@@ -1,5 +1,5 @@
 #!/usr/bin/env python
-#
+# flake8: noqa: E501
 # A library that provides a Python interface to the Telegram Bot API
 # Copyright (C) 2015-2018
 # Leandro Toledo de Souza <devs@python-telegram-bot.org>
@@ -24,70 +24,66 @@
 
 
 class EncryptedPassportElement(TelegramObject):
-    """Contains information about documents or other Telegram Passport elements shared with the bot
-       by the user. The data has been automatically decrypted by python-telegram-bot.
+    """
+    Contains information about documents or other Telegram Passport elements shared with the bot
+    by the user. The data has been automatically decrypted by python-telegram-bot.
 
     Attributes:
         type (:obj:`str`): Element type. One of "personal_details", "passport", "driver_license",
             "identity_card", "internal_passport", "address", "utility_bill", "bank_statement",
             "rental_agreement", "passport_registration", "temporary_registration", "phone_number",
             "email".
-        data (:obj:`str`): Optional. Base64-encoded encrypted Telegram Passport element data
-            provided by the user, available for "personal_details", "passport", "driver_license",
-            "identity_card", "identity_passport" and "address" types. Can be decrypted and verified
-            using the accompanying EncryptedCredentials.
+        data (:class:`telegram.PersonalDetails` or :class:`telegram.IdDocument` or :class:`telegram.ResidentialAddress` or :obj:`str`):
+            Optional. Decrypted or encrypted data, available for "personal_details", "passport",
+            "driver_license", "identity_card", "identity_passport" and "address" types.
         phone_number (:obj:`str`): Optional. User's verified phone number, available only for
-            "phone_number" type
+            "phone_number" type.
         email (:obj:`str`): Optional. User's verified email address, available only for "email"
-            type
-        files (List[:class:`telegram.PassportFile`]): Optional. Array of encrypted files with
-            documents provided by the user, available for "utility_bill", "bank_statement",
+            type.
+        files (List[:class:`telegram.PassportFile`]): Optional. Array of encrypted/decrypted files
+            with documents provided by the user, available for "utility_bill", "bank_statement",
             "rental_agreement", "passport_registration" and "temporary_registration" types.
-            Files can be decrypted and verified using the accompanying EncryptedCredentials.
-        front_side (:class:`PassportFile`): Optional. Encrypted file with the front side of the
-            document, provided by the user. Available for "passport", "driver_license",
-            "identity_card" and "internal_passport". The file can be decrypted and verified using
-            the accompanying EncryptedCredentials.
-        reverse_side (:class:`PassportFile`): Optional. Encrypted file with the reverse side of the
-            document, provided by the user. Available for "driver_license" and "identity_card".
-            The file can be decrypted and verified using the accompanying EncryptedCredentials.
-        selfie (:class:`PassportFile`): Optional. Encrypted file with the selfie of the user
-            holding a document, provided by the user; available for "passport", "driver_license",
-            "identity_card" and "internal_passport". The file can be decrypted and verified using
-            the accompanying EncryptedCredentials.
+        front_side (:class:`PassportFile`): Optional. Encrypted/decrypted file with the front side
+            of the document, provided by the user. Available for "passport", "driver_license",
+            "identity_card" and "internal_passport".
+        reverse_side (:class:`PassportFile`): Optional. Encrypted/decrypted file with the reverse
+            side of the document, provided by the user. Available for "driver_license" and
+            "identity_card".
+        selfie (:class:`PassportFile`): Optional. Encrypted/decrypted file with the selfie of the
+            user holding a document, provided by the user; available for "passport",
+            "driver_license", "identity_card" and "internal_passport".
         bot (:class:`telegram.Bot`): Optional. The Bot to use for instance methods.
 
     Args:
         type (:obj:`str`): Element type. One of "personal_details", "passport", "driver_license",
             "identity_card", "internal_passport", "address", "utility_bill", "bank_statement",
             "rental_agreement", "passport_registration", "temporary_registration", "phone_number",
             "email".
-        data (:obj:`str`, optional): Base64-encoded encrypted Telegram Passport element data
-            provided by the user, available for "personal_details", "passport", "driver_license",
-            "identity_card", "identity_passport" and "address" types. Can be decrypted and verified
-            using the accompanying EncryptedCredentials.
+        data (:class:`telegram.PersonalDetails` or :class:`telegram.IdDocument` or :class:`telegram.ResidentialAddress` or :obj:`str`, optional):
+            Decrypted or encrypted data, available for "personal_details", "passport",
+            "driver_license", "identity_card", "identity_passport" and "address" types.
         phone_number (:obj:`str`, optional): User's verified phone number, available only for
-            "phone_number" type
+            "phone_number" type.
         email (:obj:`str`, optional): User's verified email address, available only for "email"
-            type
-        files (List[:class:`telegram.PassportFile`], optional): Array of encrypted files with
-            documents provided by the user, available for "utility_bill", "bank_statement",
+            type.
+        files (List[:class:`telegram.PassportFile`], optional): Array of encrypted/decrypted files
+            with documents provided by the user, available for "utility_bill", "bank_statement",
             "rental_agreement", "passport_registration" and "temporary_registration" types.
-            Files can be decrypted and verified using the accompanying EncryptedCredentials.
-        front_side (:class:`PassportFile`, optional): Encrypted file with the front side of the
-            document, provided by the user. Available for "passport", "driver_license",
-            "identity_card" and "internal_passport". The file can be decrypted and verified using
-            the accompanying EncryptedCredentials.
-        reverse_side (:class:`PassportFile`, optional): Encrypted file with the reverse side of the
-            document, provided by the user. Available for "driver_license" and "identity_card".
-            The file can be decrypted and verified using the accompanying EncryptedCredentials.
-        selfie (:class:`PassportFile`, optional): Encrypted file with the selfie of the user
-            holding a document, provided by the user; available for "passport", "driver_license",
-            "identity_card" and "internal_passport". The file can be decrypted and verified using
-            the accompanying EncryptedCredentials.
+        front_side (:class:`PassportFile`, optional): Encrypted/decrypted file with the front side
+            of the document, provided by the user. Available for "passport", "driver_license",
+            "identity_card" and "internal_passport".
+        reverse_side (:class:`PassportFile`, optional): Encrypted/decrypted file with the reverse
+            side of the document, provided by the user. Available for "driver_license" and
+            "identity_card".
+        selfie (:class:`PassportFile`, optional): Encrypted/decrypted file with the selfie of the
+            user holding a document, provided by the user; available for "passport",
+            "driver_license", "identity_card" and "internal_passport".
         bot (:class:`telegram.Bot`, optional): The Bot to use for instance methods.
         **kwargs (:obj:`dict`): Arbitrary keyword arguments.
 
+    Note:
+        This object is decrypted only when originating from
+        :obj:`telegram.PassportData.decrypted_data`.
     """
 
     def __init__(self,
@@ -117,53 +113,55 @@ def __init__(self,
                           self.front_side, self.reverse_side, self.selfie)
 
         self.bot = bot
-        self._credentials = credentials
 
     # noinspection PyMethodOverriding
     @classmethod
-    def de_json(cls, data, bot, credentials):
+    def de_json(cls, data, bot, decrypt=False, credentials=None):
         if not data:
             return None
 
         data = super(EncryptedPassportElement, cls).de_json(data, bot)
 
         secure_data = None
-        if data['type'] not in ('phone_number', 'email'):
-            secure_data = getattr(credentials.data.secure_data, data['type'])
-
-            if secure_data.data is not None:
-                # If not already decrypted
-                if not isinstance(data['data'], dict):
-                    data['data'] = decrypt_json(secure_data.data.secret,
-                                                secure_data.data.hash,
-                                                data['data'])
-                if data['type'] == 'personal_details':
-                    data['data'] = PersonalDetails.de_json(data['data'], bot=bot)
-                elif data['type'] in ('passport', 'internal_passport',
-                                      'driver_license', 'identity_card'):
-                    data['data'] = IdDocumentData.de_json(data['data'], bot=bot)
-                elif data['type'] == 'address':
-                    data['data'] = ResidentialAddress.de_json(data['data'], bot=bot)
-
-            if secure_data:
-                data['files'] = PassportFile.de_list(data.get('files'), bot, secure_data)
-                data['front_side'] = PassportFile.de_json(data.get('front_side'),
-                                                          bot, secure_data.front_side)
-                data['reverse_side'] = PassportFile.de_json(data.get('reverse_side'),
-                                                            bot, secure_data.reverse_side)
-                data['selfie'] = PassportFile.de_json(data.get('selfie'),
-                                                      bot, secure_data.selfie)
-
-        return cls(bot=bot, credentials=secure_data, **data)
+        if decrypt:
+            if data['type'] not in ('phone_number', 'email'):
+                secure_data = getattr(credentials.secure_data, data['type'])
+
+                if secure_data.data is not None:
+                    # If not already decrypted
+                    if not isinstance(data['data'], dict):
+                        data['data'] = decrypt_json(secure_data.data.secret,
+                                                    secure_data.data.hash,
+                                                    data['data'])
+                    if data['type'] == 'personal_details':
+                        data['data'] = PersonalDetails.de_json(data['data'], bot=bot)
+                    elif data['type'] in ('passport', 'internal_passport',
+                                          'driver_license', 'identity_card'):
+                        data['data'] = IdDocumentData.de_json(data['data'], bot=bot)
+                    elif data['type'] == 'address':
+                        data['data'] = ResidentialAddress.de_json(data['data'], bot=bot)
+
+        data['files'] = PassportFile.de_list(data.get('files'), bot,
+                                             secure_data if secure_data else None)
+        data['front_side'] = PassportFile.de_json(data.get('front_side'), bot,
+                                                  secure_data.front_side
+                                                  if secure_data else None)
+        data['reverse_side'] = PassportFile.de_json(data.get('reverse_side'), bot,
+                                                    secure_data.reverse_side
+                                                    if secure_data else None)
+        data['selfie'] = PassportFile.de_json(data.get('selfie'), bot,
+                                              secure_data.selfie if secure_data else None)
+
+        return cls(bot=bot, **data)
 
     @classmethod
-    def de_list(cls, data, bot, credentials):
+    def de_list(cls, data, bot):
         if not data:
             return []
 
         encrypted_passport_elements = list()
         for element in data:
-            encrypted_passport_elements.append(cls.de_json(element, bot, credentials))
+            encrypted_passport_elements.append(cls.de_json(element, bot))
 
         return encrypted_passport_elements
 
diff --git a/telegram/passport/passportdata.py b/telegram/passport/passportdata.py
diff --git a/telegram/passport/passportfile.py b/telegram/passport/passportfile.py
