README
¶
We allow different kind of keys to be stored. Examples are API keys, and Auth keys. In practice, these keys are very similar and creating their own storage systems for them would result in lots of duplicate code (which our CI system does not approve of).
So instead, we have a generic "key" system that allows us to store multiple types of keys, each with their own properties. This however, results in a more complex setup, as Go isn't able to do OO.
+-------------------+ +------------------+ +-----------+
| ApiKeyRepository | | (storageBackend) | | boltRepo |
| (ApiKeyRepo) | ------+-> | | -+-----> | |
+-------------------+ | +------------------+ | +-----------+
| |
| |
| |
+-------------------+ | | +-----------+
| AuthKeyRepository | | | | mockRepo |
| (AuthKeyRepo) | ------+ +-----> | |
+-------------------+ | +-----------+
| +-----------+
+-----> | redisRepo |
+-----------+
Both the ApiKeyRepository and AuthKeyRepository deal with the corresponding ApiKeyType and AuthKeyType structures. They both are a small wrapper around a storage repository that deals with interfaces{}. So, we convert these interfaces to actual correct types in the api and key repository:
func (a AuthKeyRepository) Fetch(ID string) (AuthKeyType, error) {
v := &AuthkeyType{}
err := a.repo.Fetch(ID, v)
return v, err
}
The storage repository will simply fetch data from the storage, and unmarshals this trough the given v value.
Sometimes we need to use GenericKey functionality (GetID(), GetHashAddress()), which is where we typecast this
at certain places in the storage repositories.
There is a bit of reflection going on when dealing with lists. This is because we need to allocate items, but we don't
know which items. We deal with this in the Fetch methods by passing the actual storage value, but we cannot do this
in the FetchByHash method. Instead, we pass again, a single structure (like in Fetch()), and based on that value,
we create with reflection a new variable. This variable gets marshalled through JSON and stored in the list.
Finally, the ApiKey and AuthKey repositories will retrieve these lists with undefined interfaces, and cast them to
either []ApiKeyType or []AuthKeyType.
With the amount of effort it took to get this up and running decently, DRY isn't always holy.
Documentation
¶
Index ¶
Constants ¶
const BoltDBFile = "keys.db"
BoltDBFile is the filename to store the boltdb database
Variables ¶
This section is empty.
Functions ¶
func GenerateKey ¶
GenerateKey generates a random key based on a given string length
Types ¶
type APIKeyRepo ¶
type APIKeyRepo interface {
FetchByHash(h string) ([]APIKeyType, error)
Fetch(ID string) (*APIKeyType, error)
Store(v APIKeyType) error
Remove(v APIKeyType) error
}
APIKeyRepo is the repository to the outside world. It allows us to fetch and store api keys
func NewAPIBoltRepository ¶
func NewAPIBoltRepository(dbPath string) APIKeyRepo
NewAPIBoltRepository initializes a new BoltDb repository
func NewAPIKeyRedisRepository ¶
func NewAPIKeyRedisRepository(opts *redis.Options) APIKeyRepo
NewAPIKeyRedisRepository initializes a new repository
func NewAPIMockRepository ¶
func NewAPIMockRepository() APIKeyRepo
NewAPIMockRepository initializes a new mock repository
type APIKeyRepository ¶
type APIKeyRepository struct {
// contains filtered or unexported fields
}
APIKeyRepository is a repository to fetch and store API keys
func (APIKeyRepository) Fetch ¶
func (a APIKeyRepository) Fetch(ID string) (*APIKeyType, error)
Fetch will get a single API key
func (APIKeyRepository) FetchByHash ¶
func (a APIKeyRepository) FetchByHash(h string) ([]APIKeyType, error)
FetchByHash will fetch all api keys for the given address hash
func (APIKeyRepository) Remove ¶
func (a APIKeyRepository) Remove(v APIKeyType) error
Remove will remove a single api key
func (APIKeyRepository) Store ¶
func (a APIKeyRepository) Store(v APIKeyType) error
Store will store a single api key
type APIKeyType ¶
type APIKeyType struct {
ID string `json:"key"` // ID
AddressHash *hash.Hash `json:"address_hash"` // Address hash
Expires time.Time `json:"expires"` // Time the key expires
Permissions []string `json:"permissions"` // List of permissions for this key
Admin bool `json:"admin"` // Admin key or not?
Desc string `json:"description"` // Description of the key
}
APIKeyType represents a key with a validity and permissions. When admin is true, permission checks are always true
func NewAPIAccountKey ¶
NewAPIAccountKey creates a new key with the given permissions and duration for the given account
func NewAPIAdminKey ¶
func NewAPIAdminKey(expiry time.Time, desc string) APIKeyType
NewAPIAdminKey creates a new admin key
func NewAPIKey ¶
func NewAPIKey(perms []string, expiry time.Time, desc string) APIKeyType
NewAPIKey creates a new key with the given permissions and duration
func (*APIKeyType) GetAddressHash ¶
func (key *APIKeyType) GetAddressHash() *hash.Hash
GetAddressHash returns address hash or nil
func (*APIKeyType) HasPermission ¶
func (key *APIKeyType) HasPermission(perm string, addrHash *hash.Hash) bool
HasPermission returns true when this key contains the given permission, or when the key is an admin key (granted all permissions)
type AuthKeyRepo ¶
type AuthKeyRepo interface {
FetchByHash(h string) ([]AuthKeyType, error)
Fetch(ID string) (*AuthKeyType, error)
Store(v AuthKeyType) error
Remove(v AuthKeyType) error
}
AuthKeyRepo is the repository to the outside world. It allows us to fetch and store auth keys
func NewAuthBoltRepository ¶
func NewAuthBoltRepository(dbPath string) AuthKeyRepo
NewAuthBoltRepository initializes a new BoltDb repository
func NewAuthKeyRedisRepository ¶
func NewAuthKeyRedisRepository(opts *redis.Options) AuthKeyRepo
NewAuthKeyRedisRepository initializes a new Redis repository
func NewAuthMockRepository ¶
func NewAuthMockRepository() AuthKeyRepo
NewAuthMockRepository initializes a new mock repository
type AuthKeyRepository ¶
type AuthKeyRepository struct {
// contains filtered or unexported fields
}
AuthKeyRepository is a repository to fetch and store auth keys
func (AuthKeyRepository) Fetch ¶
func (a AuthKeyRepository) Fetch(ID string) (*AuthKeyType, error)
Fetch will get a single API key
func (AuthKeyRepository) FetchByHash ¶
func (a AuthKeyRepository) FetchByHash(h string) ([]AuthKeyType, error)
FetchByHash will fetch all api keys for the given address hash
func (AuthKeyRepository) Remove ¶
func (a AuthKeyRepository) Remove(v AuthKeyType) error
Remove will remove a single api key
func (AuthKeyRepository) Store ¶
func (a AuthKeyRepository) Store(v AuthKeyType) error
Store will store a single api key
type AuthKeyType ¶
type AuthKeyType struct {
Fingerprint string `json:"fingerprint"` // Fingerprint / ID
AddressHash hash.Hash `json:"address_hash"` // Address hash
Expires time.Time `json:"expires"` // Expiry time
PublicKey *bmcrypto.PubKey `json:"public_key"` // Actual public key
Signature string `json:"signature"` // Signed public key by the owner's private key
Description string `json:"description"` // User description
}
AuthKeyType represents a public key that is authorized to send email. This public key is signed by the private key of the owner and stored in the signature.
func NewAuthKey ¶
func NewAuthKey(addrHash hash.Hash, pubKey *bmcrypto.PubKey, signature string, expiry time.Time, desc string) AuthKeyType
NewAuthKey creates a new authorized key
func (AuthKeyType) GetAddressHash ¶
func (a AuthKeyType) GetAddressHash() *hash.Hash
GetAddressHash returns address hash
func (AuthKeyType) GetID ¶
func (a AuthKeyType) GetID() string
GetID returns fingerprint of the public key
type GenericKey ¶
GenericKey is a generic structure for storing and fetching keys
type StorageBackend ¶
type StorageBackend interface {
FetchByHash(h string, v interface{}) (interface{}, error)
Fetch(ID string, v interface{}) error
Store(v GenericKey) error
Remove(v GenericKey) error
}
StorageBackend is the main backend interface which can stores undefined structures. This can be api keys or auth key or even other kind of keys.
Source Files