package handlers import ( "crypto/rand" "crypto/sha256" "encoding/base64" "encoding/hex" "encoding/json" "net/http" "strconv" "time" "github.com/go-chi/chi/v5" "xorm.io/xorm" "github.com/forgeo/forgebucket/internal/api/middleware" "github.com/forgeo/forgebucket/internal/models" ) type DeployKeyHandler struct{ db *xorm.Engine } func NewDeployKeyHandler(db *xorm.Engine) *DeployKeyHandler { return &DeployKeyHandler{db: db} } // generateToken produces a prefixed random token and its SHA-256 hex hash. func generateToken(prefix string) (raw, hash string, err error) { b := make([]byte, 32) if _, err = rand.Read(b); err != nil { return } raw = prefix + base64.RawURLEncoding.EncodeToString(b) sum := sha256.Sum256([]byte(raw)) hash = hex.EncodeToString(sum[:]) return } func sha256Hex(s string) string { sum := sha256.Sum256([]byte(s)) return hex.EncodeToString(sum[:]) } type deployKeyResponse struct { ID int64 `json:"id"` Title string `json:"title"` ReadOnly bool `json:"readOnly"` CreatedAt string `json:"createdAt"` // Token is only populated on creation; empty on subsequent list calls. Token string `json:"token,omitempty"` } func (h *DeployKeyHandler) lookupRepo(w http.ResponseWriter, r *http.Request) (*models.Repository, *models.User, bool) { repo, ok := resolveRepo(h.db, w, r) if !ok { return nil, nil, false } var owner models.User h.db.ID(repo.OwnerID).Get(&owner) return repo, &owner, true } func (h *DeployKeyHandler) canManage(repo *models.Repository, callerID int64) bool { if callerID == repo.OwnerID { return true } var m models.RepoMember found, _ := h.db.Where("repo_id = ? AND user_id = ? AND permission = 'admin'", repo.ID, callerID).Get(&m) return found } func (h *DeployKeyHandler) List(w http.ResponseWriter, r *http.Request) { repo, _, ok := h.lookupRepo(w, r) if !ok { return } var keys []models.RepoDeployKey h.db.Where("repo_id = ?", repo.ID).OrderBy("created_at desc").Find(&keys) resp := make([]deployKeyResponse, 0, len(keys)) for _, k := range keys { resp = append(resp, deployKeyResponse{ ID: k.ID, Title: k.Title, ReadOnly: k.ReadOnly, CreatedAt: k.CreatedAt.Format(time.RFC3339), }) } jsonOK(w, resp) } func (h *DeployKeyHandler) Create(w http.ResponseWriter, r *http.Request) { repo, _, ok := h.lookupRepo(w, r) if !ok { return } callerID, _ := middleware.UserIDFromContext(r.Context()) if !h.canManage(repo, callerID) { jsonError(w, "only the owner or an admin can manage access keys", http.StatusForbidden) return } var body struct { Title string `json:"title"` ReadOnly bool `json:"readOnly"` } if err := json.NewDecoder(r.Body).Decode(&body); err != nil || body.Title == "" { jsonError(w, "title is required", http.StatusBadRequest) return } raw, hash, err := generateToken("fbdk_") if err != nil { jsonError(w, "could not generate token", http.StatusInternalServerError) return } key := &models.RepoDeployKey{ RepoID: repo.ID, Title: body.Title, TokenHash: hash, ReadOnly: body.ReadOnly, } if _, err := h.db.Insert(key); err != nil { jsonError(w, "could not save key", http.StatusInternalServerError) return } w.Header().Set("Content-Type", "application/json") w.WriteHeader(http.StatusCreated) json.NewEncoder(w).Encode(deployKeyResponse{ ID: key.ID, Title: key.Title, ReadOnly: key.ReadOnly, CreatedAt: key.CreatedAt.Format(time.RFC3339), Token: raw, }) } func (h *DeployKeyHandler) Delete(w http.ResponseWriter, r *http.Request) { repo, _, ok := h.lookupRepo(w, r) if !ok { return } callerID, _ := middleware.UserIDFromContext(r.Context()) if !h.canManage(repo, callerID) { jsonError(w, "only the owner or an admin can manage access keys", http.StatusForbidden) return } keyID, err := strconv.ParseInt(chi.URLParam(r, "keyID"), 10, 64) if err != nil { jsonError(w, "invalid key ID", http.StatusBadRequest) return } h.db.Where("id = ? AND repo_id = ?", keyID, repo.ID).Delete(&models.RepoDeployKey{}) w.WriteHeader(http.StatusNoContent) } // AuthenticateDeployKey checks if the given raw token is a valid deploy key for the repo. // Returns (readOnly, ok). func AuthenticateDeployKey(db *xorm.Engine, repoID int64, rawToken string) (readOnly bool, ok bool) { if len(rawToken) < 5 { return false, false } hash := sha256Hex(rawToken) var key models.RepoDeployKey found, _ := db.Where("repo_id = ? AND token_hash = ?", repoID, hash).Get(&key) if !found { return false, false } // Update last_used now := time.Now() key.LastUsed = &now db.ID(key.ID).Cols("last_used_at").Update(&key) return key.ReadOnly, true }