mirrors
/
gitea
mirror of https://github.com/go-gitea/gitea.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 210 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11885 Commits
17 Branches
Tree: 2289580bb7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2289580bb7'
${ noResults }
gitea/routers/api/v1/user/gpg_key.go

gpg_key.go 8.3KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285 
  1. // Copyright 2017 The Gitea Authors. All rights reserved.

  2. // Use of this source code is governed by a MIT-style

  3. // license that can be found in the LICENSE file.

  4. 

  5. package user

  6. 

  7. import (

  8. 	"fmt"

  9. 	"net/http"

  10. 

  11. 	"code.gitea.io/gitea/models"

  12. 	"code.gitea.io/gitea/modules/context"

  13. 	"code.gitea.io/gitea/modules/convert"

  14. 	api "code.gitea.io/gitea/modules/structs"

  15. 	"code.gitea.io/gitea/modules/web"

  16. 	"code.gitea.io/gitea/routers/api/v1/utils"

  17. )

  18. 

  19. func listGPGKeys(ctx *context.APIContext, uid int64, listOptions models.ListOptions) {

  20. 	keys, err := models.ListGPGKeys(uid, listOptions)

  21. 	if err != nil {

  22. 		ctx.Error(http.StatusInternalServerError, "ListGPGKeys", err)

  23. 		return

  24. 	}

  25. 

  26. 	apiKeys := make([]*api.GPGKey, len(keys))

  27. 	for i := range keys {

  28. 		apiKeys[i] = convert.ToGPGKey(keys[i])

  29. 	}

  30. 

  31. 	total, err := models.CountUserGPGKeys(uid)

  32. 	if err != nil {

  33. 		ctx.InternalServerError(err)

  34. 		return

  35. 	}

  36. 

  37. 	ctx.SetTotalCountHeader(total)

  38. 	ctx.JSON(http.StatusOK, &apiKeys)

  39. }

  40. 

  41. //ListGPGKeys get the GPG key list of a user

  42. func ListGPGKeys(ctx *context.APIContext) {

  43. 	// swagger:operation GET /users/{username}/gpg_keys user userListGPGKeys

  44. 	// ---

  45. 	// summary: List the given user's GPG keys

  46. 	// produces:

  47. 	// - application/json

  48. 	// parameters:

  49. 	// - name: username

  50. 	//   in: path

  51. 	//   description: username of user

  52. 	//   type: string

  53. 	//   required: true

  54. 	// - name: page

  55. 	//   in: query

  56. 	//   description: page number of results to return (1-based)

  57. 	//   type: integer

  58. 	// - name: limit

  59. 	//   in: query

  60. 	//   description: page size of results

  61. 	//   type: integer

  62. 	// responses:

  63. 	//   "200":

  64. 	//     "$ref": "#/responses/GPGKeyList"

  65. 

  66. 	user := GetUserByParams(ctx)

  67. 	if ctx.Written() {

  68. 		return

  69. 	}

  70. 	listGPGKeys(ctx, user.ID, utils.GetListOptions(ctx))

  71. }

  72. 

  73. //ListMyGPGKeys get the GPG key list of the authenticated user

  74. func ListMyGPGKeys(ctx *context.APIContext) {

  75. 	// swagger:operation GET /user/gpg_keys user userCurrentListGPGKeys

  76. 	// ---

  77. 	// summary: List the authenticated user's GPG keys

  78. 	// parameters:

  79. 	// - name: page

  80. 	//   in: query

  81. 	//   description: page number of results to return (1-based)

  82. 	//   type: integer

  83. 	// - name: limit

  84. 	//   in: query

  85. 	//   description: page size of results

  86. 	//   type: integer

  87. 	// produces:

  88. 	// - application/json

  89. 	// responses:

  90. 	//   "200":

  91. 	//     "$ref": "#/responses/GPGKeyList"

  92. 

  93. 	listGPGKeys(ctx, ctx.User.ID, utils.GetListOptions(ctx))

  94. }

  95. 

  96. //GetGPGKey get the GPG key based on a id

  97. func GetGPGKey(ctx *context.APIContext) {

  98. 	// swagger:operation GET /user/gpg_keys/{id} user userCurrentGetGPGKey

  99. 	// ---

  100. 	// summary: Get a GPG key

  101. 	// produces:

  102. 	// - application/json

  103. 	// parameters:

  104. 	// - name: id

  105. 	//   in: path

  106. 	//   description: id of key to get

  107. 	//   type: integer

  108. 	//   format: int64

  109. 	//   required: true

  110. 	// responses:

  111. 	//   "200":

  112. 	//     "$ref": "#/responses/GPGKey"

  113. 	//   "404":

  114. 	//     "$ref": "#/responses/notFound"

  115. 

  116. 	key, err := models.GetGPGKeyByID(ctx.ParamsInt64(":id"))

  117. 	if err != nil {

  118. 		if models.IsErrGPGKeyNotExist(err) {

  119. 			ctx.NotFound()

  120. 		} else {

  121. 			ctx.Error(http.StatusInternalServerError, "GetGPGKeyByID", err)

  122. 		}

  123. 		return

  124. 	}

  125. 	ctx.JSON(http.StatusOK, convert.ToGPGKey(key))

  126. }

  127. 

  128. // CreateUserGPGKey creates new GPG key to given user by ID.

  129. func CreateUserGPGKey(ctx *context.APIContext, form api.CreateGPGKeyOption, uid int64) {

  130. 	token := models.VerificationToken(ctx.User, 1)

  131. 	lastToken := models.VerificationToken(ctx.User, 0)

  132. 

  133. 	keys, err := models.AddGPGKey(uid, form.ArmoredKey, token, form.Signature)

  134. 	if err != nil && models.IsErrGPGInvalidTokenSignature(err) {

  135. 		keys, err = models.AddGPGKey(uid, form.ArmoredKey, lastToken, form.Signature)

  136. 	}

  137. 	if err != nil {

  138. 		HandleAddGPGKeyError(ctx, err, token)

  139. 		return

  140. 	}

  141. 	ctx.JSON(http.StatusCreated, convert.ToGPGKey(keys[0]))

  142. }

  143. 

  144. // GetVerificationToken returns the current token to be signed for this user

  145. func GetVerificationToken(ctx *context.APIContext) {

  146. 	// swagger:operation GET /user/gpg_key_token user getVerificationToken

  147. 	// ---

  148. 	// summary: Get a Token to verify

  149. 	// produces:

  150. 	// - text/plain

  151. 	// parameters:

  152. 	// responses:

  153. 	//   "200":

  154. 	//     "$ref": "#/responses/string"

  155. 	//   "404":

  156. 	//     "$ref": "#/responses/notFound"

  157. 

  158. 	token := models.VerificationToken(ctx.User, 1)

  159. 	ctx.PlainText(http.StatusOK, []byte(token))

  160. }

  161. 

  162. // VerifyUserGPGKey creates new GPG key to given user by ID.

  163. func VerifyUserGPGKey(ctx *context.APIContext) {

  164. 	// swagger:operation POST /user/gpg_key_verify user userVerifyGPGKey

  165. 	// ---

  166. 	// summary: Verify a GPG key

  167. 	// consumes:

  168. 	// - application/json

  169. 	// produces:

  170. 	// - application/json

  171. 	// responses:

  172. 	//   "201":

  173. 	//     "$ref": "#/responses/GPGKey"

  174. 	//   "404":

  175. 	//     "$ref": "#/responses/notFound"

  176. 	//   "422":

  177. 	//     "$ref": "#/responses/validationError"

  178. 

  179. 	form := web.GetForm(ctx).(*api.VerifyGPGKeyOption)

  180. 	token := models.VerificationToken(ctx.User, 1)

  181. 	lastToken := models.VerificationToken(ctx.User, 0)

  182. 

  183. 	_, err := models.VerifyGPGKey(ctx.User.ID, form.KeyID, token, form.Signature)

  184. 	if err != nil && models.IsErrGPGInvalidTokenSignature(err) {

  185. 		_, err = models.VerifyGPGKey(ctx.User.ID, form.KeyID, lastToken, form.Signature)

  186. 	}

  187. 

  188. 	if err != nil {

  189. 		if models.IsErrGPGInvalidTokenSignature(err) {

  190. 			ctx.Error(http.StatusUnprocessableEntity, "GPGInvalidSignature", fmt.Sprintf("The provided GPG key, signature and token do not match or token is out of date. Provide a valid signature for the token: %s", token))

  191. 			return

  192. 		}

  193. 		ctx.Error(http.StatusInternalServerError, "VerifyUserGPGKey", err)

  194. 	}

  195. 

  196. 	key, err := models.GetGPGKeysByKeyID(form.KeyID)

  197. 	if err != nil {

  198. 		if models.IsErrGPGKeyNotExist(err) {

  199. 			ctx.NotFound()

  200. 		} else {

  201. 			ctx.Error(http.StatusInternalServerError, "GetGPGKeysByKeyID", err)

  202. 		}

  203. 		return

  204. 	}

  205. 	ctx.JSON(http.StatusOK, convert.ToGPGKey(key[0]))

  206. }

  207. 

  208. // swagger:parameters userCurrentPostGPGKey

  209. type swaggerUserCurrentPostGPGKey struct {

  210. 	// in:body

  211. 	Form api.CreateGPGKeyOption

  212. }

  213. 

  214. //CreateGPGKey create a GPG key belonging to the authenticated user

  215. func CreateGPGKey(ctx *context.APIContext) {

  216. 	// swagger:operation POST /user/gpg_keys user userCurrentPostGPGKey

  217. 	// ---

  218. 	// summary: Create a GPG key

  219. 	// consumes:

  220. 	// - application/json

  221. 	// produces:

  222. 	// - application/json

  223. 	// responses:

  224. 	//   "201":

  225. 	//     "$ref": "#/responses/GPGKey"

  226. 	//   "404":

  227. 	//     "$ref": "#/responses/notFound"

  228. 	//   "422":

  229. 	//     "$ref": "#/responses/validationError"

  230. 

  231. 	form := web.GetForm(ctx).(*api.CreateGPGKeyOption)

  232. 	CreateUserGPGKey(ctx, *form, ctx.User.ID)

  233. }

  234. 

  235. //DeleteGPGKey remove a GPG key belonging to the authenticated user

  236. func DeleteGPGKey(ctx *context.APIContext) {

  237. 	// swagger:operation DELETE /user/gpg_keys/{id} user userCurrentDeleteGPGKey

  238. 	// ---

  239. 	// summary: Remove a GPG key

  240. 	// produces:

  241. 	// - application/json

  242. 	// parameters:

  243. 	// - name: id

  244. 	//   in: path

  245. 	//   description: id of key to delete

  246. 	//   type: integer

  247. 	//   format: int64

  248. 	//   required: true

  249. 	// responses:

  250. 	//   "204":

  251. 	//     "$ref": "#/responses/empty"

  252. 	//   "403":

  253. 	//     "$ref": "#/responses/forbidden"

  254. 	//   "404":

  255. 	//     "$ref": "#/responses/notFound"

  256. 

  257. 	if err := models.DeleteGPGKey(ctx.User, ctx.ParamsInt64(":id")); err != nil {

  258. 		if models.IsErrGPGKeyAccessDenied(err) {

  259. 			ctx.Error(http.StatusForbidden, "", "You do not have access to this key")

  260. 		} else {

  261. 			ctx.Error(http.StatusInternalServerError, "DeleteGPGKey", err)

  262. 		}

  263. 		return

  264. 	}

  265. 

  266. 	ctx.Status(http.StatusNoContent)

  267. }

  268. 

  269. // HandleAddGPGKeyError handle add GPGKey error

  270. func HandleAddGPGKeyError(ctx *context.APIContext, err error, token string) {

  271. 	switch {

  272. 	case models.IsErrGPGKeyAccessDenied(err):

  273. 		ctx.Error(http.StatusUnprocessableEntity, "GPGKeyAccessDenied", "You do not have access to this GPG key")

  274. 	case models.IsErrGPGKeyIDAlreadyUsed(err):

  275. 		ctx.Error(http.StatusUnprocessableEntity, "GPGKeyIDAlreadyUsed", "A key with the same id already exists")

  276. 	case models.IsErrGPGKeyParsing(err):

  277. 		ctx.Error(http.StatusUnprocessableEntity, "GPGKeyParsing", err)

  278. 	case models.IsErrGPGNoEmailFound(err):

  279. 		ctx.Error(http.StatusNotFound, "GPGNoEmailFound", fmt.Sprintf("None of the emails attached to the GPG key could be found. It may still be added if you provide a valid signature for the token: %s", token))

  280. 	case models.IsErrGPGInvalidTokenSignature(err):

  281. 		ctx.Error(http.StatusUnprocessableEntity, "GPGInvalidSignature", fmt.Sprintf("The provided GPG key, signature and token do not match or token is out of date. Provide a valid signature for the token: %s", token))

  282. 	default:

  283. 		ctx.Error(http.StatusInternalServerError, "AddGPGKey", err)

  284. 	}

  285. }