Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: LookupVerifier returns interface (#2631) #2632

Merged
merged 1 commit into from
Aug 7, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 4 additions & 4 deletions libs/httpsignature/httpsignature.go
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ type ParameterizedSignator struct {
// Keystore provides a way to lookup a public key based on the keyID a request was signed with
type Keystore interface {
// LookupVerifier based on the keyID
LookupVerifier(ctx context.Context, keyID string) (context.Context, *Verifier, error)
LookupVerifier(ctx context.Context, keyID string) (context.Context, Verifier, error)
}

// StaticKeystore is a keystore that always returns a static verifier independent of keyID
Expand Down Expand Up @@ -85,8 +85,8 @@ var (
)

// LookupVerifier by returning a static verifier
func (sk *StaticKeystore) LookupVerifier(ctx context.Context, keyID string) (context.Context, *Verifier, error) {
return ctx, &sk.Verifier, nil
func (sk *StaticKeystore) LookupVerifier(ctx context.Context, keyID string) (context.Context, Verifier, error) {
return ctx, sk.Verifier, nil
}

// TODO Add New function
Expand Down Expand Up @@ -236,7 +236,7 @@ func (pkv *ParameterizedKeystoreVerifier) VerifyRequest(req *http.Request) (cont
sp.Algorithm = pkv.SignatureParams.Algorithm
sp.Headers = pkv.SignatureParams.Headers

valid, err := sp.Verify(*verifier, pkv.Opts, req)
valid, err := sp.Verify(verifier, pkv.Opts, req)
if err != nil {
return nil, "", err
}
Expand Down
4 changes: 2 additions & 2 deletions libs/middleware/http_signed_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,9 @@ type mockKeystore struct {
httpsignature.Verifier
}

func (m *mockKeystore) LookupVerifier(ctx context.Context, keyID string) (context.Context, *httpsignature.Verifier, error) {
func (m *mockKeystore) LookupVerifier(ctx context.Context, keyID string) (context.Context, httpsignature.Verifier, error) {
if keyID == "primary" {
return ctx, &m.Verifier, nil
return ctx, m.Verifier, nil
}
return nil, nil, nil
}
Expand Down
5 changes: 2 additions & 3 deletions services/promotion/controllers.go
Original file line number Diff line number Diff line change
Expand Up @@ -121,7 +121,7 @@ func WalletEventRouter(service *Service, vbatExpires time.Time) chi.Router {
}

// LookupVerifier based on the HTTP signing keyID, which in our case is the walletID
func (service *Service) LookupVerifier(ctx context.Context, keyID string) (context.Context, *httpsignature.Verifier, error) {
func (service *Service) LookupVerifier(ctx context.Context, keyID string) (context.Context, httpsignature.Verifier, error) {
walletID, err := uuid.FromString(keyID)
if err != nil {
return nil, nil, errorutils.Wrap(err, "KeyID format is invalid")
Expand All @@ -144,8 +144,7 @@ func (service *Service) LookupVerifier(ctx context.Context, keyID string) (conte
return nil, nil, err
}
}
tmp := httpsignature.Verifier(publicKey)
return ctx, &tmp, nil
return ctx, publicKey, nil
}

// PromotionsResponse is a list of known promotions to be consumed by the browser
Expand Down
5 changes: 2 additions & 3 deletions services/skus/key.go
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ func GenerateSecret() (secret string, nonce string, err error) {
}

// LookupVerifier returns the merchant key corresponding to the keyID used for verifying requests
func (s *Service) LookupVerifier(ctx context.Context, keyID string) (context.Context, *httpsignature.Verifier, error) {
func (s *Service) LookupVerifier(ctx context.Context, keyID string) (context.Context, httpsignature.Verifier, error) {
rootKeyIDStr, caveats, err := cryptography.DecodeKeyID(keyID)
if err != nil {
return nil, nil, err
Expand Down Expand Up @@ -139,8 +139,7 @@ func (s *Service) LookupVerifier(ctx context.Context, keyID string) (context.Con

ctx = context.WithValue(ctx, merchantCtxKey{}, key.Merchant)

verifier := httpsignature.Verifier(httpsignature.HMACKey(secretKeyStr))
return ctx, &verifier, nil
return ctx, httpsignature.HMACKey(secretKeyStr), nil
}

// caveatsFromCtx returns authorized caveats from ctx.
Expand Down
10 changes: 4 additions & 6 deletions services/wallet/keystore.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import (
)

// LookupVerifier based on the HTTP signing keyID, which in our case is the walletID
func (service *Service) LookupVerifier(ctx context.Context, keyID string) (context.Context, *httpsignature.Verifier, error) {
func (service *Service) LookupVerifier(ctx context.Context, keyID string) (context.Context, httpsignature.Verifier, error) {
walletID, err := uuid.FromString(keyID)
if err != nil {
return nil, nil, errorutils.Wrap(err, "KeyID format is invalid")
Expand All @@ -35,15 +35,14 @@ func (service *Service) LookupVerifier(ctx context.Context, keyID string) (conte
return nil, nil, err
}
}
tmp := httpsignature.Verifier(publicKey)
return ctx, &tmp, nil
return ctx, publicKey, nil
}

// DecodeEd25519Keystore is a keystore that "looks up" a verifier by attempting to decode the keyID as a base64 encoded ed25519 public key
type DecodeEd25519Keystore struct{}

// LookupVerifier by decoding keyID
func (d *DecodeEd25519Keystore) LookupVerifier(ctx context.Context, keyID string) (context.Context, *httpsignature.Verifier, error) {
func (d *DecodeEd25519Keystore) LookupVerifier(ctx context.Context, keyID string) (context.Context, httpsignature.Verifier, error) {
var publicKey httpsignature.Ed25519PubKey
if len(keyID) > 0 {
var err error
Expand All @@ -54,6 +53,5 @@ func (d *DecodeEd25519Keystore) LookupVerifier(ctx context.Context, keyID string
} else {
return nil, nil, errors.New("empty KeyId is not valid")
}
verifier := httpsignature.Verifier(publicKey)
return ctx, &verifier, nil
return ctx, publicKey, nil
}
Loading