Hesap yönetimi
In this part, we will learn how to manage a Jami account. This means, how to create a Jami account, modify the basic settings and delete the account. This part will NOT explain what all the settings mean or how we can use the account to do any action like adding a contact.
What is an account
In Jami, an account is a X509 certificate chain generally containing 3 certificates:
CA (Self-Signed if locally generated or a company)
Account (Where the fingerprint of the public key is called the “Jami ID”)
Aygıt
This allow a company to revoke an account if needed and an account to revoke a device (if one get stolen for example).
Yeni bir hesap oluştur
Daemon tarafı
API
cx.ring.Ring.ConfigurationManager’da:
<method name="addAccount" tp:name-for-bindings="addAccount">
<tp:docstring>
Add a new account. When created, the signal <tp:member-ref>accountsChanged</tp:member-ref> is emitted. The clients must then call <tp:member-ref>getAccountList</tp:member-ref> to update their internal data structure.
<tp:rationale>If no details are specified, the default parameters are used.</tp:rationale>
<tp:rationale>The core tries to register the account as soon it is created.</tp:rationale>
</tp:docstring>
<annotation name="org.qtproject.QtDBus.QtTypeName.In0" value="MapStringString"/>
<arg type="a{ss}" name="details" direction="in" tp:type="String_String_Map">
<tp:docstring>
The new account settings
</tp:docstring>
</arg>
<arg type="s" name="createdAccountId" direction="out">
<tp:docstring>
A new account ID
</tp:docstring>
</arg>
</method>
The details can be retrieved from the method getAccountTemplate(type) with type=JAMI or type=SIP. For example, this is the following code used in LRC.
std::string
NewAccountModel::createNewAccount(profile::Type type,
const std::string& displayName,
const std::string& archivePath,
const std::string& password,
const std::string& pin)
{
MapStringString details = type == profile::Type::SIP?
ConfigurationManager::instance().getAccountTemplate("SIP") :
ConfigurationManager::instance().getAccountTemplate("JAMI");
using namespace libjami::Account;
details[ConfProperties::TYPE] = type == profile::Type::SIP? "SIP" : "JAMI";
details[ConfProperties::DISPLAYNAME] = displayName.c_str();
details[ConfProperties::ALIAS] = displayName.c_str();
details[ConfProperties::UPNP_ENABLED] = "true";
details[ConfProperties::ARCHIVE_PASSWORD] = password.c_str();
details[ConfProperties::ARCHIVE_PIN] = pin.c_str();
details[ConfProperties::ARCHIVE_PATH] = archivePath.c_str();
QString accountId = ConfigurationManager::instance().addAccount(details);
return accountId.toStdString();
}
Yeni bir hesap eklendiğinde accountsChanged sinyalini gönderir.Müşterek bu sinyalden sonra diğer yöntemlerle iç yapısını ConfigurationManager’de güncellemeli.
Çekirdek
Yeni bir hesap oluşturmak için ana mantık src/ringdht/ringaccount.cpp, RingAccount::createAccount’de yer almaktadır.
Nasıl çalışıyor, sıfırdan
A Jami account is in fact represented by some files stored in a gzip archive. If a password is provided during the account creation, the archive will be encrypted as following: dht::crypto::aesEncrypt(archive, password) (dht::crypto::aesEncrypt is defined in OpenDHT and use nettle/{aes,gcm}). This is what the archive will contain a big JSON file with:
Özel anahtarı
ringAccountKeyve sertifika zinciriringAccountCert(base64 kodlanmış)Yaratılan CA anahtarı (kendinden imzalanan sertifikalar için)
ringCAKeyİptal edilen cihazlar
ringAccountCRLThe ethereum private key
ethKeyfor the device. It’s only used when you register your name onns.jami.net. Not mandatory.The contacts
Hesap ayarları
Hadi üretelim!
TDO
Hesabı sil
Deleting a Jami account is pretty simple. Because the keys are only on the device, if the keys are deleted… the account is deleted! The only thing outside the device is the username, on the nameserver. To remove this info, it depends how the nameserver work. For example, it’s not possible with https://ns.jami.net
Daemon tarafı
API
cx.ring.Ring.ConfigurationManager’da:
<method name="removeAccount" tp:name-for-bindings="removeAccount">
<tp:docstring>
Remove an existing account. When removed, the signal <tp:member-ref>accountsChanged</tp:member-ref> is emitted. The clients must then call <tp:member-ref>getAccountList</tp:member-ref> to update their internal data structure.
</tp:docstring>
<arg type="s" name="accoundID" direction="in">
<tp:docstring>
The account to remove, identified by its ID
</tp:docstring>
</arg>
</method>
Hesap silindiğinde accountChanged sinyalini gönderir.Müşterin bu sinyalden sonra iç yapısını ConfigurationManager’deki diğer yöntemlerle güncellemelidir.
Çekirdek
Yeni bir hesap oluşturmanın ana mantığı src/manager.cpp, Manager::removeAccount’de bulunur. Hesap dosyalarını kaldırır ve yapılandırmayı güncelleyir (dring.yml).
Update the details of an account
API
cx.ring.Ring.ConfigurationManager’da:
<method name="setAccountDetails" tp:name-for-bindings="setAccountDetails">
<tp:docstring>
Send new account parameters, or account parameters changes, to the core. The hash table is not required to be complete, only the updated parameters may be specified.
<tp:rationale>Account settings are written to the configuration file when the app properly quits.</tp:rationale>
<tp:rationale>After calling this method, the core will emit the signal <tp:member-ref>accountDetailsChanged</tp:member-ref> with the updated data. The client must subscribe to this signal and use it to update its internal data structure.</tp:rationale>
</tp:docstring>
<arg type="s" name="accountID" direction="in">
</arg>
<annotation name="org.qtproject.QtDBus.QtTypeName.In1" value="MapStringString"/>
<arg type="a{ss}" name="details" direction="in" tp:type="String_String_Map">
</arg>
</method>
The map can contains a partial update and accountDetailsChanged will be emitted on success. getAccountDetails
Bir aygıt ekle
There is two possibilities to add a device.
Backup archive (Then import from backup)
API
cx.ring.Ring.ConfigurationManager’da:
<method name="exportToFile" tp:name-for-bindings="exportToFile">
<tp:added version="5.1.0"/>
<tp:docstring>
Copy the account archive to the path provided in argument.
</tp:docstring>
<arg type="s" name="accountID" direction="in">
</arg>
<arg type="s" name="destinationPath" direction="in">
</arg>
<arg type="s" name="password" direction="in">
</arg>
<arg type="b" name="success" direction="out">
<tp:docstring>
True if the operation was initialized successfully.
</tp:docstring>
</arg>
</method>
Export on DHT
API
cx.ring.Ring.ConfigurationManager’da:
<method name="exportOnRing" tp:name-for-bindings="exportOnRing">
<tp:docstring>
Export account on the DHT using the given password and generated PIN (returned through exportOnRingEnded signal).
</tp:docstring>
<arg type="s" name="accountID" direction="in">
</arg>
<arg type="s" name="password" direction="in">
</arg>
<arg type="b" name="success" direction="out">
<tp:docstring>
True if the operation was initialized successfully. exportOnRingEnded will be trigered on completion.
</tp:docstring>
</arg>
</method>
Then exportOnRingEnded is emitted.
Aygıtı kaldır
API
<method name="revokeDevice" tp:name-for-bindings="revokeDevice">
<tp:docstring>
Revoke device attached to the given Jami account, and publish the new revocation list.
</tp:docstring>
<arg type="s" name="accountID" direction="in">
</arg>
<arg type="s" name="password" direction="in">
</arg>
<arg type="s" name="deviceId" direction="in">
</arg>
<arg type="b" name="success" direction="out">
<tp:docstring>
True if the operation was performed successfully.
</tp:docstring>
</arg>
</method>
<signal name="deviceRevocationEnded" tp:name-for-bindings="deviceRevocationEnded">
<tp:docstring>
Notify clients when the revokeDevice operation ended.
</tp:docstring>
<arg type="s" name="accountID">
</arg>
<arg type="s" name="deviceId">
</arg>
<arg type="i" name="status">
<tp:docstring>
Status code: 0 for success
<ul>
<li>SUCCESS = 0 everything went fine. Device is now revoked.</li>
<li>WRONG_PASSWORD = 1 revocation failed: wrong password.</li>
<li>UNKNOWN_DEVICE = 2 revocation failed: unknown device.</li>
</ul>
</tp:docstring>
</arg>
</signal>