174 lines
4.6 KiB
Go
174 lines
4.6 KiB
Go
package handlers
|
|
|
|
import (
|
|
"crypto/rand"
|
|
"crypto/sha256"
|
|
"encoding/base64"
|
|
"encoding/hex"
|
|
"encoding/json"
|
|
"net/http"
|
|
"strconv"
|
|
"time"
|
|
|
|
"github.com/go-chi/chi/v5"
|
|
"xorm.io/xorm"
|
|
|
|
"github.com/forgeo/forgebucket/internal/api/middleware"
|
|
"github.com/forgeo/forgebucket/internal/models"
|
|
)
|
|
|
|
type DeployKeyHandler struct{ db *xorm.Engine }
|
|
|
|
func NewDeployKeyHandler(db *xorm.Engine) *DeployKeyHandler { return &DeployKeyHandler{db: db} }
|
|
|
|
// generateToken produces a prefixed random token and its SHA-256 hex hash.
|
|
func generateToken(prefix string) (raw, hash string, err error) {
|
|
b := make([]byte, 32)
|
|
if _, err = rand.Read(b); err != nil {
|
|
return
|
|
}
|
|
raw = prefix + base64.RawURLEncoding.EncodeToString(b)
|
|
sum := sha256.Sum256([]byte(raw))
|
|
hash = hex.EncodeToString(sum[:])
|
|
return
|
|
}
|
|
|
|
func sha256Hex(s string) string {
|
|
sum := sha256.Sum256([]byte(s))
|
|
return hex.EncodeToString(sum[:])
|
|
}
|
|
|
|
type deployKeyResponse struct {
|
|
ID int64 `json:"id"`
|
|
Title string `json:"title"`
|
|
ReadOnly bool `json:"readOnly"`
|
|
CreatedAt string `json:"createdAt"`
|
|
// Token is only populated on creation; empty on subsequent list calls.
|
|
Token string `json:"token,omitempty"`
|
|
}
|
|
|
|
func (h *DeployKeyHandler) lookupRepo(w http.ResponseWriter, r *http.Request) (*models.Repository, *models.User, bool) {
|
|
repo, ok := resolveRepo(h.db, w, r)
|
|
if !ok {
|
|
return nil, nil, false
|
|
}
|
|
var owner models.User
|
|
h.db.ID(repo.OwnerID).Get(&owner)
|
|
return repo, &owner, true
|
|
}
|
|
|
|
func (h *DeployKeyHandler) canManage(repo *models.Repository, callerID int64) bool {
|
|
if callerID == repo.OwnerID {
|
|
return true
|
|
}
|
|
var m models.RepoMember
|
|
found, _ := h.db.Where("repo_id = ? AND user_id = ? AND permission = 'admin'", repo.ID, callerID).Get(&m)
|
|
return found
|
|
}
|
|
|
|
func (h *DeployKeyHandler) List(w http.ResponseWriter, r *http.Request) {
|
|
repo, _, ok := h.lookupRepo(w, r)
|
|
if !ok {
|
|
return
|
|
}
|
|
var keys []models.RepoDeployKey
|
|
h.db.Where("repo_id = ?", repo.ID).OrderBy("created_at desc").Find(&keys)
|
|
resp := make([]deployKeyResponse, 0, len(keys))
|
|
for _, k := range keys {
|
|
resp = append(resp, deployKeyResponse{
|
|
ID: k.ID,
|
|
Title: k.Title,
|
|
ReadOnly: k.ReadOnly,
|
|
CreatedAt: k.CreatedAt.Format(time.RFC3339),
|
|
})
|
|
}
|
|
jsonOK(w, resp)
|
|
}
|
|
|
|
func (h *DeployKeyHandler) Create(w http.ResponseWriter, r *http.Request) {
|
|
repo, _, ok := h.lookupRepo(w, r)
|
|
if !ok {
|
|
return
|
|
}
|
|
callerID, _ := middleware.UserIDFromContext(r.Context())
|
|
if !h.canManage(repo, callerID) {
|
|
jsonError(w, "only the owner or an admin can manage access keys", http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
var body struct {
|
|
Title string `json:"title"`
|
|
ReadOnly bool `json:"readOnly"`
|
|
}
|
|
if err := json.NewDecoder(r.Body).Decode(&body); err != nil || body.Title == "" {
|
|
jsonError(w, "title is required", http.StatusBadRequest)
|
|
return
|
|
}
|
|
|
|
raw, hash, err := generateToken("fbdk_")
|
|
if err != nil {
|
|
jsonError(w, "could not generate token", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
key := &models.RepoDeployKey{
|
|
RepoID: repo.ID,
|
|
Title: body.Title,
|
|
TokenHash: hash,
|
|
ReadOnly: body.ReadOnly,
|
|
}
|
|
if _, err := h.db.Insert(key); err != nil {
|
|
jsonError(w, "could not save key", http.StatusInternalServerError)
|
|
return
|
|
}
|
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
w.WriteHeader(http.StatusCreated)
|
|
json.NewEncoder(w).Encode(deployKeyResponse{
|
|
ID: key.ID,
|
|
Title: key.Title,
|
|
ReadOnly: key.ReadOnly,
|
|
CreatedAt: key.CreatedAt.Format(time.RFC3339),
|
|
Token: raw,
|
|
})
|
|
}
|
|
|
|
func (h *DeployKeyHandler) Delete(w http.ResponseWriter, r *http.Request) {
|
|
repo, _, ok := h.lookupRepo(w, r)
|
|
if !ok {
|
|
return
|
|
}
|
|
callerID, _ := middleware.UserIDFromContext(r.Context())
|
|
if !h.canManage(repo, callerID) {
|
|
jsonError(w, "only the owner or an admin can manage access keys", http.StatusForbidden)
|
|
return
|
|
}
|
|
|
|
keyID, err := strconv.ParseInt(chi.URLParam(r, "keyID"), 10, 64)
|
|
if err != nil {
|
|
jsonError(w, "invalid key ID", http.StatusBadRequest)
|
|
return
|
|
}
|
|
h.db.Where("id = ? AND repo_id = ?", keyID, repo.ID).Delete(&models.RepoDeployKey{})
|
|
w.WriteHeader(http.StatusNoContent)
|
|
}
|
|
|
|
// AuthenticateDeployKey checks if the given raw token is a valid deploy key for the repo.
|
|
// Returns (readOnly, ok).
|
|
func AuthenticateDeployKey(db *xorm.Engine, repoID int64, rawToken string) (readOnly bool, ok bool) {
|
|
if len(rawToken) < 5 {
|
|
return false, false
|
|
}
|
|
hash := sha256Hex(rawToken)
|
|
var key models.RepoDeployKey
|
|
found, _ := db.Where("repo_id = ? AND token_hash = ?", repoID, hash).Get(&key)
|
|
if !found {
|
|
return false, false
|
|
}
|
|
// Update last_used
|
|
now := time.Now()
|
|
key.LastUsed = &now
|
|
db.ID(key.ID).Cols("last_used_at").Update(&key)
|
|
return key.ReadOnly, true
|
|
}
|