LeineLab-Public/leinelab-key-app
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
leinelab-key-app/lib/main.dart
lemoer 3786af992c Remove unused makeAlert() code
2025-07-06 14:55:05 +02:00

789 lines
23 KiB
Dart
Raw Blame History

import 'dart:convert';
import 'dart:io';
import 'package:dartssh2/dartssh2.dart';
import 'package:flutter/material.dart';
// for ed2219 key generation
import 'package:cryptography/cryptography.dart';
import 'package:flutter/services.dart';
// secret storage
import 'package:flutter_secure_storage/flutter_secure_storage.dart';
import 'package:oauth2/oauth2.dart' as oauth2;
import 'package:url_launcher/url_launcher.dart';
import 'package:provider/provider.dart';
import 'authentik_api.dart' as authentik;
void main() {
runApp(
MultiProvider(
providers: [
ChangeNotifierProvider(
create: (context) => AuthentikUserSettingsChangeDialogState(),
),
],
child: const MyApp(),
),
);
}
Future<OpenSSHEd25519KeyPair> generateKeyPair() async {
final algorithm = Ed25519();
// Generate a key pair
final cryptographyKeyPair = await algorithm.newKeyPair();
final privateKey = await cryptographyKeyPair.extractPrivateKeyBytes();
final publicKey = (await cryptographyKeyPair.extractPublicKey()).bytes;
final dartsshKeyPair = OpenSSHEd25519KeyPair(
Uint8List.fromList(publicKey),
Uint8List.fromList(privateKey + publicKey),
"",
);
return dartsshKeyPair;
}
String encodePublicKey(OpenSSHEd25519KeyPair keyPair, {String comment = ''}) {
final publicKeyBytes = keyPair.toPublicKey().encode();
return "ssh-ed25519 ${base64.encode(publicKeyBytes)} $comment";
}
class MyApp extends StatelessWidget {
const MyApp({super.key});
@override
Widget build(BuildContext context) {
return MaterialApp(
title: 'Flutter Demo',
theme: ThemeData(
colorScheme: ColorScheme.fromSeed(seedColor: Colors.yellow),
),
home: const MyHomePage(title: 'LeineLab e.V. Key App'),
);
}
}
class MyHomePage extends StatefulWidget {
const MyHomePage({super.key, required this.title});
final String title;
@override
State<MyHomePage> createState() => _MyHomePageState();
}
class _MyHomePageState extends State<MyHomePage> {
int navIndex = 0;
OpenSSHEd25519KeyPair? keyPair;
String _output = '';
String key = '';
Future<void> doSSH(String user) async {
SSHSocket? socket;
try {
socket = await SSHSocket.connect(
'192.168.0.15',
22,
timeout: const Duration(seconds: 0, milliseconds: 500),
);
final client = SSHClient(
socket,
username: user,
identities: List.of(keyPair != null ? [keyPair!] : []),
);
final uptime = await client.run('uptime');
print(uptime);
setState(() {
_output = utf8.decode(uptime);
});
} on SSHAuthError catch (_) {
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(
content: Text(
"Error! Server rejected your key. Maybe you need to register it first? Or you do not have access to this lock?",
),
duration: const Duration(seconds: 3),
),
);
return;
} on SocketException catch (_) {
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(
content: Text(
"Error! Could not connect to SSH server. Maybe you are not in the right wifi network?",
),
duration: const Duration(seconds: 3),
),
);
return;
}
}
Future<void> obtainKeyPair({bool regenerate = false}) async {
// Generate a key pair
final storage = const FlutterSecureStorage();
final storedKey = await storage.read(key: 'ssh_key_pair');
// Restore the key if we have one stored and regeneration is not requested
if (storedKey != null && !regenerate) {
// If we have a stored key, use it
final keyPairsFromStorage = SSHKeyPair.fromPem(storedKey);
assert(keyPairsFromStorage.length == 1);
assert(keyPairsFromStorage[0] is OpenSSHEd25519KeyPair);
final keyPairFromStorage =
keyPairsFromStorage[0] as OpenSSHEd25519KeyPair;
setState(() {
keyPair = keyPairFromStorage;
key = encodePublicKey(keyPairFromStorage, comment: "leinelab-app-key");
});
return;
}
final generatedKeyPair =
await generateKeyPair(); // local variable avoids downcast to ? ptr
await storage.write(key: 'ssh_key_pair', value: generatedKeyPair.toPem());
setState(() {
keyPair = generatedKeyPair;
key = encodePublicKey(generatedKeyPair, comment: "leinelab-app-key");
});
await SystemChannels.platform.invokeMethod<void>(
'Clipboard.setData',
<String, dynamic>{'text': key},
);
}
@override
void initState() {
super.initState();
// we do not await generateKey() here, as this is the intended way
obtainKeyPair();
}
@override
Widget build(BuildContext context) {
final String outputText = _output.isNotEmpty
? 'Output: $_output'
: 'Press the button to run a command.';
final authentikApiState = context
.watch<AuthentikUserSettingsChangeDialogState>();
//final userSettingsDialog =
final bodyComponentMain = Center(
child: Column(
mainAxisAlignment: MainAxisAlignment.center,
children: <Widget>[
Padding(
padding: EdgeInsets.all(20),
child: Card(
child: Column(
children: [
Padding(
padding: EdgeInsets.all(20),
child: Row(
mainAxisAlignment: MainAxisAlignment.center,
children: [
Padding(
padding: EdgeInsets.only(right: 15),
child: Icon(Icons.diversity_1, size: 25),
),
Text(
"Hauptraum (oben)",
style: TextStyle(fontSize: 25),
),
],
),
),
Padding(
padding: EdgeInsets.fromLTRB(20, 0, 20, 20),
child: Wrap(
spacing:
8.0, // horizontaler Abstand zwischen den Elementen
runSpacing: 4.0, // vertikaler Abstand zwischen den Zeilen
children: [
TextButton(
onPressed: () => doSSH("innentuer-open"),
child: const Text('Open Inside Door'),
),
TextButton(
onPressed: () => doSSH("aussentuer-open"),
child: const Text('Open Outdoor'),
),
TextButton(
onPressed: () => doSSH("lab-close"),
child: const Text('Close All Doors'),
),
],
),
),
],
),
),
),
Padding(
padding: EdgeInsets.all(20),
child: Card(
child: Column(
children: [
Padding(
padding: EdgeInsets.all(20),
child: Row(
mainAxisAlignment: MainAxisAlignment.center,
children: [
Padding(
padding: EdgeInsets.only(right: 15),
child: Icon(Icons.construction, size: 25),
),
Text(
"Werkstatt (oben)",
style: TextStyle(fontSize: 25),
),
],
),
),
Padding(
padding: EdgeInsets.fromLTRB(20, 0, 20, 20),
child: Wrap(
spacing:
8.0, // horizontaler Abstand zwischen den Elementen
runSpacing: 4.0, // vertikaler Abstand zwischen den Zeilen
children: [
TextButton(
onPressed: () => doSSH("werkstatt-open"),
child: const Text('Open'),
),
TextButton(
onPressed: () => doSSH("werkstatt-close"),
child: const Text('Close'),
),
],
),
),
],
),
),
),
],
),
);
final bodyComponentInfo = Center(
child: Column(
mainAxisAlignment: MainAxisAlignment.center,
children: <Widget>[
Padding(
padding: EdgeInsets.all(20),
child: Card(
child: Column(
children: [
Padding(
padding: EdgeInsets.all(20),
child: Row(
mainAxisAlignment: MainAxisAlignment.center,
children: [
Padding(
padding: EdgeInsets.only(right: 15),
child: Icon(Icons.key, size: 25),
),
Text(
"Your Current Key",
style: TextStyle(fontSize: 25),
),
],
),
),
Padding(
padding: EdgeInsets.fromLTRB(20, 0, 20, 20),
child: Text(key, style: TextStyle(fontSize: 15)),
),
Padding(
padding: EdgeInsets.fromLTRB(20, 0, 20, 20),
child: TextButton(
onPressed: () => authentikApiState.start(key),
child: Text("Manage Keys Registered To Locks"),
),
),
],
),
),
),
],
),
);
final actionButtonInfo = FloatingActionButton(
onPressed: () => obtainKeyPair(regenerate: true),
tooltip: 'Regenerate Key',
child: const Icon(Icons.refresh),
);
var bodyComponent = bodyComponentMain;
Widget? actionButton;
if (navIndex == 0) {
// Main page
bodyComponent = bodyComponentMain;
actionButton = null;
} else if (navIndex == 1) {
// Info page
bodyComponent = bodyComponentInfo;
actionButton = actionButtonInfo;
} else {
throw Exception('Unknown navIndex: $navIndex');
}
final mainPage = Scaffold(
appBar: AppBar(backgroundColor: Colors.amber, title: Text(widget.title)),
body: bodyComponent,
floatingActionButton: actionButton,
drawer: Drawer(
child: ListView(
padding: EdgeInsets.zero,
children: <Widget>[
DrawerHeader(
decoration: BoxDecoration(color: Colors.amber),
child: Text(
widget.title,
style: TextStyle(color: Colors.black, fontSize: 24),
),
),
ListTile(
title: const Text('Actions'),
onTap: () {
setState(() {
navIndex = 0;
});
Navigator.pop(context);
},
),
ListTile(
title: const Text('Key Management'),
onTap: () {
setState(() {
navIndex = 1;
});
Navigator.pop(context);
},
),
],
),
),
);
if (authentikApiState.isClosed()) {
return mainPage;
}
var title;
var children = <Widget>[];
var actions = [
TextButton(onPressed: authentikApiState.exit, child: Text("Cancel")),
];
switch (authentikApiState.status) {
case AuthentikUserSettingsChangeDialogStatus.closed:
return mainPage;
case AuthentikUserSettingsChangeDialogStatus.waitingForOAuth:
title = Text("Waiting for OAuth");
children = [Text("Please complete the OAuth flow in your browser.")];
case AuthentikUserSettingsChangeDialogStatus.loadingUserSettings:
title = Text("Loading User Settings");
children = [Text("Loading...")];
case AuthentikUserSettingsChangeDialogStatus.userSettingsObtained:
title = Text("User Settings Obtained");
children = [Text("You can now edit your user settings.")];
children.add(KeepOrDeleteKey(sshKey: key, isOurKey: true));
for (var k in authentikApiState.allKeys) {
if (k == key) {
// Skip our key, since the widget is on top already
continue;
}
children.add(KeepOrDeleteKey(sshKey: k));
}
actions.add(
TextButton(
onPressed: () {
// Close the dialog and return to the main page
authentikApiState.save();
},
child: Text("Save and Close"),
),
);
case AuthentikUserSettingsChangeDialogStatus.savingUserSettings:
title = Text("Saving User Settings");
children = [Text("Saving...")];
}
final dialog = AlertDialog(
title: title,
content: SingleChildScrollView(child: Column(children: children)),
actions: actions,
);
return Stack(
children: [
mainPage,
ModalBarrier(dismissible: false, color: Colors.black54),
dialog,
],
);
}
}
enum AuthentikUserSettingsChangeDialogStatus {
closed,
waitingForOAuth,
loadingUserSettings,
userSettingsObtained,
savingUserSettings,
}
class AuthentikUserSettingsChangeDialogState extends ChangeNotifier {
AuthentikUserSettingsChangeDialogStatus _status =
AuthentikUserSettingsChangeDialogStatus.closed;
oauth2.Client? oauthClient;
String? sessionCookie;
Map<String, dynamic>? userSettings;
HttpServer? server;
AuthentikUserSettingsChangeDialogStatus get status => _status;
List<String> _allKeys = [];
List<String> _keysToKeep = [];
List<String> get allKeys => _allKeys;
List<String> get keysToKeep => _keysToKeep;
Future<oauth2.Client?> getOAuth2Client() async {
// This is a placeholder for OAuth2 client initialization.
// Replace with your actual OAuth2 client setup.
final authorizationEndpoint = Uri.parse(
'https://auth.leinelab.org/application/o/authorize/',
);
final tokenEndpoint = Uri.parse(
'https://auth.leinelab.org/application/o/token/',
);
final identifier = 'UwSMm8gTwBTUURSaxp5uPpuwX1OkGO4FRHeO9v3i';
final secret = null; // = 'my client secret';
final redirectUrl = Uri.parse('http://localhost:30165/');
// final credentialsFile = File('~/.myapp/credentials.json');
// //....
// var exists = await credentialsFile.exists();
// if (exists) {
// var credentials = oauth2.Credentials.fromJson(
// await credentialsFile.readAsString(),
// );
// return oauth2.Client(credentials, identifier: identifier, secret: secret);
// }
var grant = oauth2.AuthorizationCodeGrant(
identifier,
authorizationEndpoint,
tokenEndpoint,
secret: secret,
);
var authorizationUrl = grant.getAuthorizationUrl(
redirectUrl,
scopes: ["profile", "email", "goauthentik.io/api", "openid"],
);
// TODO: clicking the button twice might try to bind the server twice
server = await HttpServer.bind("127.0.0.1", 30165);
await launchUrl(authorizationUrl);
var queryParameters;
if (server == null) {
// exit() might have been called before we arrived here.
return null;
}
await server!.forEach((HttpRequest request) {
request.response.write(
'Success! You can close this window now and go back to the app.',
);
queryParameters = request.uri.queryParameters;
request.response.close();
server!.close();
});
return await grant.handleAuthorizationResponse(queryParameters);
}
Future<void> start(String currentKey) async {
// Reset the state to be sure
oauthClient = null;
sessionCookie = null;
userSettings = null;
_status = AuthentikUserSettingsChangeDialogStatus.waitingForOAuth;
notifyListeners();
oauthClient = await getOAuth2Client();
if (isClosed()) {
// If the dialog was closed before we got the client, exit
return;
}
sessionCookie = await authentik.getSessionCookie(oauthClient!);
if (isClosed()) {
// If the dialog was closed before we got the session cookie, exit
return;
}
_status = AuthentikUserSettingsChangeDialogStatus.loadingUserSettings;
notifyListeners();
userSettings = await authentik.getUserSettings(
oauthClient!,
sessionCookie!,
);
if (isClosed()) {
// If the dialog was closed before we got the user settings, exit
return;
}
_status = AuthentikUserSettingsChangeDialogStatus.userSettingsObtained;
if (userSettings != null &&
userSettings!['attributes.sshPublicKeys'] != null) {
// If we have SSH keys, add them to the list of all keys
final sshKeysString = userSettings!['attributes.sshPublicKeys'] as String;
_allKeys = sshKeysString
.split('\n')
.where((key) => key.isNotEmpty)
.toList();
_keysToKeep = _allKeys.toList();
if (!_keysToKeep.contains(currentKey)) {
// If the current key is not in the list of keys to keep, add it
_keysToKeep.add(currentKey);
}
} else {
throw Exception(
"Expected 'attributes.sshPublicKeys' in user settings, but got: $userSettings",
);
}
notifyListeners();
}
void exit() {
_status = AuthentikUserSettingsChangeDialogStatus.closed;
oauthClient = null;
sessionCookie = null;
userSettings = null;
if (server != null) {
server!.close();
server = null;
}
notifyListeners();
}
bool isClosed() {
return _status == AuthentikUserSettingsChangeDialogStatus.closed;
}
Future<void> save() async {
if (isClosed()) {
return;
}
if (_status !=
AuthentikUserSettingsChangeDialogStatus.userSettingsObtained) {
throw Exception("Cannot save, not started or no settings obtained.");
}
userSettings!['attributes.sshPublicKeys'] = _keysToKeep.join('\n');
_status = AuthentikUserSettingsChangeDialogStatus.savingUserSettings;
notifyListeners();
await authentik.setUserSettings(
oauthClient!,
sessionCookie!,
userSettings!,
);
exit();
}
void keepKey(String key) {
if (_keysToKeep.contains(key)) {
// If the key is already in the list, do nothing
return;
}
_keysToKeep.add(key);
notifyListeners();
}
void selectKeyForDeletion(String key) {
_keysToKeep.remove(key);
notifyListeners();
}
bool isKeySelectedToKeep(String key) {
return _keysToKeep.contains(key);
}
void clearKeys() {
_keysToKeep.clear();
notifyListeners();
}
}
class KeepOrDeleteKey extends StatelessWidget {
final String sshKey;
final bool isOurKey;
const KeepOrDeleteKey({
super.key,
required this.sshKey,
this.isOurKey = false,
});
@override
Widget build(BuildContext context) {
final key = sshKey;
final isKeyPreviouslyExisting = context
.select<AuthentikUserSettingsChangeDialogState, bool>(
(keylist) => keylist.allKeys.contains(key),
);
final isKeySelectedToKeep = context
.select<AuthentikUserSettingsChangeDialogState, bool>(
(keylist) => keylist.isKeySelectedToKeep(key),
);
final buttonStyleKeepActive = ButtonStyle(
backgroundColor: MaterialStateProperty.all(Colors.blue),
foregroundColor: MaterialStateProperty.all(Colors.white),
);
final buttonStyleDeleteActive = ButtonStyle(
backgroundColor: MaterialStateProperty.all(Colors.red),
foregroundColor: MaterialStateProperty.all(Colors.white),
);
ButtonStyle? buttonStyleKeep;
ButtonStyle? buttonStyleDelete = buttonStyleDeleteActive;
if (isKeySelectedToKeep) {
buttonStyleKeep = buttonStyleKeepActive;
buttonStyleDelete = null;
}
var title = "Unnamed Key";
final sshKeySplit = sshKey.split(' ');
if (sshKeySplit.length >= 3) {
final potentialTitle = sshKeySplit.sublist(2).join(' ');
if (potentialTitle != "") {
title = potentialTitle;
}
}
var textPush = "Keep Key";
var textDoNotPush = "Select for Deletion";
if (!isKeyPreviouslyExisting) {
textPush = "Push Key";
textDoNotPush = "Do Not Push Key";
}
Widget titleWidget = Text(title, style: TextStyle(fontSize: 25));
if (isOurKey) {
titleWidget = Wrap(
spacing: 8.0, // horizontaler Abstand zwischen den Elementen
runSpacing: 4.0, // vertikaler Abstand zwischen den Zeilen
children: [
titleWidget,
Container(
decoration: BoxDecoration(
color: Colors.green,
borderRadius: BorderRadius.circular(5),
),
padding: EdgeInsets.all(5),
child: Text(
"This Device",
style: TextStyle(fontSize: 15, color: Colors.white),
),
),
],
);
}
return Card(
margin: EdgeInsets.fromLTRB(20, 20, 20, 0),
child: Column(
children: [
Padding(padding: EdgeInsets.all(20), child: titleWidget),
Padding(
padding: EdgeInsets.fromLTRB(20, 0, 20, 20),
child: Text(sshKey, style: TextStyle(fontSize: 15)),
),
Padding(
padding: EdgeInsets.fromLTRB(20, 0, 20, 20),
child: Wrap(
spacing: 8.0, // horizontaler Abstand zwischen den Elementen
runSpacing: 4.0, // vertikaler Abstand zwischen den Zeilen
children: [
TextButton(
onPressed: () {
Provider.of<AuthentikUserSettingsChangeDialogState>(
context,
listen: false,
).keepKey(sshKey);
},
style: buttonStyleKeep,
child: Text(textPush),
),
TextButton(
onPressed: () {
Provider.of<AuthentikUserSettingsChangeDialogState>(
context,
listen: false,
).selectKeyForDeletion(sshKey);
},
style: buttonStyleDelete,
child: Text(textDoNotPush),
),
],
),
),
],
),
);
}
}
Reference in New Issue View Git Blame Copy Permalink