Blind authentication (#675)

* auth server

* cleaning up

* auth ledger class

* class variables -> instance variables

* annotations

* add models and api route

* custom amount and api prefix

* add auth db

* blind auth token working

* jwt working

* clean up

* JWT works

* using openid connect server

* use oauth server with password flow

* new realm

* add keycloak docker

* hopefully not garbage

* auth works

* auth kinda working

* fix cli

* auth works for send and receive

* pass auth_db to Wallet

* auth in info

* refactor

* fix supported

* cache mint info

* fix settings and endpoints

* add description to .env.example

* track changes for openid connect client

* store mint in db

* store credentials

* clean up v1_api.py

* load mint info into auth wallet

* fix first login

* authenticate if refresh token fails

* clear auth also middleware

* use regex

* add cli command

* pw works

* persist keyset amounts

* add errors.py

* do not start auth server if disabled in config

* upadte poetry

* disvoery url

* fix test

* support device code flow

* adopt latest spec changes

* fix code flow

* mint max bat dynamic

* mypy ignore

* fix test

* do not serialize amount in authproof

* all auth flows working

* fix tests

* submodule

* refactor

* test

* dont sleep

* test

* add wallet auth tests

* test differently

* test only keycloak for now

* fix creds

* daemon

* fix test

* install everything

* install jinja

* delete wallet for every test

* auth: use global rate limiter

* test auth rate limit

* keycloak hostname

* move keycloak test data

* reactivate all tests

* add readme

* load proofs

* remove unused code

* remove unused code

* implement change suggestions by ok300

* add error codes

* test errors

cashu/mint/verification.py

@@ -1,4 +1,4 @@
-from typing import Dict, List, Literal, Optional, Tuple, Union
+from typing import List, Literal, Optional, Tuple, Union
 
 from loguru import logger
 
@@ -6,14 +6,13 @@ from ..core.base import (
     BlindedMessage,
     BlindedSignature,
     Method,
-    MintKeyset,
     MintQuote,
     Proof,
     Unit,
 )
 from ..core.crypto import b_dhke
 from ..core.crypto.secp import PublicKey
-from ..core.db import Connection, Database
+from ..core.db import Connection
 from ..core.errors import (
     InvalidProofsError,
     NoSecretInProofsError,
@@ -25,11 +24,7 @@ from ..core.errors import (
 )
 from ..core.nuts import nut20
 from ..core.settings import settings
-from ..lightning.base import LightningBackend
-from ..mint.crud import LedgerCrud
 from .conditions import LedgerSpendingConditions
-from .db.read import DbReadHelper
-from .db.write import DbWriteHelper
 from .protocols import SupportsBackends, SupportsDb, SupportsKeysets
 
 
@@ -38,14 +33,6 @@ class LedgerVerification(
 ):
     """Verification functions for the ledger."""
 
-    keyset: MintKeyset
-    keysets: Dict[str, MintKeyset]
-    crud: LedgerCrud
-    db: Database
-    db_read: DbReadHelper
-    db_write: DbWriteHelper
-    lightning: Dict[Unit, LightningBackend]
-
     async def verify_inputs_and_outputs(
         self,
         *,
@@ -55,6 +42,8 @@ class LedgerVerification(
     ):
         """Checks all proofs and outputs for validity.
 
+        Warning: Does NOT check if the proofs were already spent. Use `db_write._verify_proofs_spendable` for that.
+
         Args:
             proofs (List[Proof]): List of proofs to check.
             outputs (Optional[List[BlindedMessage]], optional): List of outputs to check.