diff options
| author | zeripath <art27@cantab.net> | 2021-07-13 14:28:07 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2021-07-13 15:28:07 +0200 |
| commit | b82293270c7d2d36d79cb9c5731d07c3f5b33f6b (patch) | |
| tree | a79131e08ecf19cc8e642fcc032bfee0e30959c0 /modules/structs | |
| parent | 67f135ca5ddfcab4391a00af4936d0260079cd97 (diff) | |
| download | gitea-b82293270c7d2d36d79cb9c5731d07c3f5b33f6b.tar.gz gitea-b82293270c7d2d36d79cb9c5731d07c3f5b33f6b.zip | |
Add option to provide signature for a token to verify key ownership (#14054)
* Add option to provide signed token to verify key ownership
Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.
* Ensure verified keys can act for all active emails for the user
* Add code to mark keys as verified
* Slight UI adjustments
* Slight UI adjustments 2
* Simplify signature verification slightly
* fix postgres test
* add api routes
* handle swapped primary-keys
* Verify the no-reply address for verified keys
* Only add email addresses that are activated to keys
* Fix committer shortcut properly
* Restructure gpg_keys.go
* Use common Verification Token code
Signed-off-by: Andrew Thornton <art27@cantab.net>
Diffstat (limited to 'modules/structs')
| -rw-r--r-- | modules/structs/user_gpgkey.go | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/modules/structs/user_gpgkey.go b/modules/structs/user_gpgkey.go index f501a09cb9..a2ebf7df93 100644 --- a/modules/structs/user_gpgkey.go +++ b/modules/structs/user_gpgkey.go @@ -20,6 +20,7 @@ type GPGKey struct { CanEncryptComms bool `json:"can_encrypt_comms"` CanEncryptStorage bool `json:"can_encrypt_storage"` CanCertify bool `json:"can_certify"` + Verified bool `json:"verified"` // swagger:strfmt date-time Created time.Time `json:"created_at,omitempty"` // swagger:strfmt date-time @@ -40,4 +41,14 @@ type CreateGPGKeyOption struct { // required: true // unique: true ArmoredKey string `json:"armored_public_key" binding:"Required"` + Signature string `json:"armored_signature,omitempty"` +} + +// VerifyGPGKeyOption options verifies user GPG key +type VerifyGPGKeyOption struct { + // An Signature for a GPG key token + // + // required: true + KeyID string `json:"key_id" binding:"Required"` + Signature string `json:"armored_signature" binding:"Required"` } |