diff --git a/design/design.go b/design/design.go
index 2698af26a264baa3e77647bbe7c2aa39bc85b1bb..cbba82903578276998fad75e7ed7ab8bf54597e4 100644
--- a/design/design.go
+++ b/design/design.go
@@ -43,6 +43,17 @@ var _ = Service("signer", func() {
Response(StatusOK)
})
})
+
+ Method("GetKey", func() {
+ Description("GetKey returns key information from Vault or OCM.")
+ Payload(GetKeyRequest)
+ Result(Any)
+ HTTP(func() {
+ GET("/v1/keys/{key}")
+
+ Response(StatusOK)
+ })
+ })
})
var _ = Service("health", func() {
diff --git a/design/types.go b/design/types.go
index bfa43f588f926a4a1caaa26db7b19ff957cd6033..1ec0870d2f488196843d2f25013dd33e96447adc 100644
--- a/design/types.go
+++ b/design/types.go
@@ -18,3 +18,10 @@ var PresentationProofRequest = Type("PresentationProofRequest", func() {
Field(2, "presentation", Bytes, "Verifiable Presentation in JSON format.")
Required("presentation")
})
+
+var GetKeyRequest = Type("GetKeyRequest", func() {
+ Field(1, "key", String, "Name of requested key.", func() {
+ Example("key1")
+ })
+ Required("key")
+})
diff --git a/gen/http/cli/signer/cli.go b/gen/http/cli/signer/cli.go
index e79126c525d60bc8f83ace826365b1998cc62fb6..a9a30f25c84e3ca32a5c2a05c46ee1beaa72c631 100644
--- a/gen/http/cli/signer/cli.go
+++ b/gen/http/cli/signer/cli.go
@@ -25,14 +25,14 @@ import (
//
func UsageCommands() string {
return `health (liveness|readiness)
-signer (credential-proof|presentation-proof)
+signer (credential-proof|presentation-proof|get-key)
`
}
// UsageExamples produces an example of a valid invocation of the CLI tool.
func UsageExamples() string {
return os.Args[0] + ` health liveness` + "\n" +
- os.Args[0] + ` signer credential-proof --body "SXRhcXVlIG9mZmljaWEgY29tbW9kaSBhdXRlbSBhdCBiZWF0YWUu" --key "key1"` + "\n" +
+ os.Args[0] + ` signer credential-proof --body "RXVtIGl1cmUgbmVtby4=" --key "key1"` + "\n" +
""
}
@@ -61,6 +61,9 @@ func ParseEndpoint(
signerPresentationProofFlags = flag.NewFlagSet("presentation-proof", flag.ExitOnError)
signerPresentationProofBodyFlag = signerPresentationProofFlags.String("body", "REQUIRED", "")
signerPresentationProofKeyFlag = signerPresentationProofFlags.String("key", "", "")
+
+ signerGetKeyFlags = flag.NewFlagSet("get-key", flag.ExitOnError)
+ signerGetKeyKeyFlag = signerGetKeyFlags.String("key", "REQUIRED", "Name of requested key.")
)
healthFlags.Usage = healthUsage
healthLivenessFlags.Usage = healthLivenessUsage
@@ -69,6 +72,7 @@ func ParseEndpoint(
signerFlags.Usage = signerUsage
signerCredentialProofFlags.Usage = signerCredentialProofUsage
signerPresentationProofFlags.Usage = signerPresentationProofUsage
+ signerGetKeyFlags.Usage = signerGetKeyUsage
if err := flag.CommandLine.Parse(os.Args[1:]); err != nil {
return nil, nil, err
@@ -122,6 +126,9 @@ func ParseEndpoint(
case "presentation-proof":
epf = signerPresentationProofFlags
+ case "get-key":
+ epf = signerGetKeyFlags
+
}
}
@@ -163,6 +170,9 @@ func ParseEndpoint(
case "presentation-proof":
endpoint = c.PresentationProof()
data, err = signerc.BuildPresentationProofPayload(*signerPresentationProofBodyFlag, *signerPresentationProofKeyFlag)
+ case "get-key":
+ endpoint = c.GetKey()
+ data, err = signerc.BuildGetKeyPayload(*signerGetKeyKeyFlag)
}
}
}
@@ -216,6 +226,7 @@ Usage:
COMMAND:
credential-proof: CredentialProof adds a proof to a given Verifiable Credential.
presentation-proof: PresentationProof adds a proof to a given Verifiable Presentation.
+ get-key: GetKey returns key information from Vault or OCM.
Additional help:
%[1]s signer COMMAND --help
@@ -229,7 +240,7 @@ CredentialProof adds a proof to a given Verifiable Credential.
-key STRING:
Example:
- %[1]s signer credential-proof --body "SXRhcXVlIG9mZmljaWEgY29tbW9kaSBhdXRlbSBhdCBiZWF0YWUu" --key "key1"
+ %[1]s signer credential-proof --body "RXVtIGl1cmUgbmVtby4=" --key "key1"
`, os.Args[0])
}
@@ -241,6 +252,17 @@ PresentationProof adds a proof to a given Verifiable Presentation.
-key STRING:
Example:
- %[1]s signer presentation-proof --body "QXBlcmlhbSBxdWlhIGNvbnNlcXVhdHVyIGRvbG9yZW0u" --key "key1"
+ %[1]s signer presentation-proof --body "UGVyc3BpY2lhdGlzIG5hbSB1bGxhbSBhZGlwaXNjaSBuYXR1cy4=" --key "key1"
+`, os.Args[0])
+}
+
+func signerGetKeyUsage() {
+ fmt.Fprintf(os.Stderr, `%[1]s [flags] signer get-key -key STRING
+
+GetKey returns key information from Vault or OCM.
+ -key STRING: Name of requested key.
+
+Example:
+ %[1]s signer get-key --key "key1"
`, os.Args[0])
}
diff --git a/gen/http/openapi.json b/gen/http/openapi.json
index fa70d6c891e58cc66f5c4667cb9180bdbaad02d5..bf84e18726318d30083d75e838b80894ced7d5eb 100644
--- a/gen/http/openapi.json
+++ b/gen/http/openapi.json
@@ -1 +1 @@
-{"swagger":"2.0","info":{"title":"Signer Service","description":"The signer service exposes HTTP API for creating and verifying digital signatures.","version":""},"host":"localhost:8085","consumes":["application/json","application/xml","application/gob"],"produces":["application/json","application/xml","application/gob"],"paths":{"/liveness":{"get":{"tags":["health"],"summary":"Liveness health","operationId":"health#Liveness","responses":{"200":{"description":"OK response."}},"schemes":["http"]}},"/readiness":{"get":{"tags":["health"],"summary":"Readiness health","operationId":"health#Readiness","responses":{"200":{"description":"OK response."}},"schemes":["http"]}},"/v1/credential/proof":{"post":{"tags":["signer"],"summary":"CredentialProof signer","description":"CredentialProof adds a proof to a given Verifiable Credential.","operationId":"signer#CredentialProof","parameters":[{"name":"key","in":"query","description":"Key to use for the proof signature (optional).","required":false,"type":"string"},{"name":"bytes","in":"body","description":"Verifiable Credential in JSON format.","required":true,"schema":{"type":"string","format":"byte"}}],"responses":{"200":{"description":"OK response.","schema":{"type":"string","format":"binary"}}},"schemes":["http"]}},"/v1/presentation/proof":{"post":{"tags":["signer"],"summary":"PresentationProof signer","description":"PresentationProof adds a proof to a given Verifiable Presentation.","operationId":"signer#PresentationProof","parameters":[{"name":"key","in":"query","description":"Key to use for the proof signature (optional).","required":false,"type":"string"},{"name":"bytes","in":"body","description":"Verifiable Presentation in JSON format.","required":true,"schema":{"type":"string","format":"byte"}}],"responses":{"200":{"description":"OK response.","schema":{"type":"string","format":"binary"}}},"schemes":["http"]}}}}
\ No newline at end of file
+{"swagger":"2.0","info":{"title":"Signer Service","description":"The signer service exposes HTTP API for creating and verifying digital signatures.","version":""},"host":"localhost:8085","consumes":["application/json","application/xml","application/gob"],"produces":["application/json","application/xml","application/gob"],"paths":{"/liveness":{"get":{"tags":["health"],"summary":"Liveness health","operationId":"health#Liveness","responses":{"200":{"description":"OK response."}},"schemes":["http"]}},"/readiness":{"get":{"tags":["health"],"summary":"Readiness health","operationId":"health#Readiness","responses":{"200":{"description":"OK response."}},"schemes":["http"]}},"/v1/credential/proof":{"post":{"tags":["signer"],"summary":"CredentialProof signer","description":"CredentialProof adds a proof to a given Verifiable Credential.","operationId":"signer#CredentialProof","parameters":[{"name":"key","in":"query","description":"Key to use for the proof signature (optional).","required":false,"type":"string"},{"name":"bytes","in":"body","description":"Verifiable Credential in JSON format.","required":true,"schema":{"type":"string","format":"byte"}}],"responses":{"200":{"description":"OK response.","schema":{"type":"string","format":"binary"}}},"schemes":["http"]}},"/v1/keys/{key}":{"get":{"tags":["signer"],"summary":"GetKey signer","description":"GetKey returns key information from Vault or OCM.","operationId":"signer#GetKey","parameters":[{"name":"key","in":"path","description":"Name of requested key.","required":true,"type":"string"}],"responses":{"200":{"description":"OK response.","schema":{"type":"string","format":"binary"}}},"schemes":["http"]}},"/v1/presentation/proof":{"post":{"tags":["signer"],"summary":"PresentationProof signer","description":"PresentationProof adds a proof to a given Verifiable Presentation.","operationId":"signer#PresentationProof","parameters":[{"name":"key","in":"query","description":"Key to use for the proof signature (optional).","required":false,"type":"string"},{"name":"bytes","in":"body","description":"Verifiable Presentation in JSON format.","required":true,"schema":{"type":"string","format":"byte"}}],"responses":{"200":{"description":"OK response.","schema":{"type":"string","format":"binary"}}},"schemes":["http"]}}}}
\ No newline at end of file
diff --git a/gen/http/openapi.yaml b/gen/http/openapi.yaml
index 9de69bf02efee965db05769aafbdf9f488b426ce..8ed1f1d13636f5c6fe9e852df5043ef65c6c557d 100644
--- a/gen/http/openapi.yaml
+++ b/gen/http/openapi.yaml
@@ -63,6 +63,27 @@ paths:
format: binary
schemes:
- http
+ /v1/keys/{key}:
+ get:
+ tags:
+ - signer
+ summary: GetKey signer
+ description: GetKey returns key information from Vault or OCM.
+ operationId: signer#GetKey
+ parameters:
+ - name: key
+ in: path
+ description: Name of requested key.
+ required: true
+ type: string
+ responses:
+ "200":
+ description: OK response.
+ schema:
+ type: string
+ format: binary
+ schemes:
+ - http
/v1/presentation/proof:
post:
tags:
diff --git a/gen/http/openapi3.json b/gen/http/openapi3.json
index 44444084b6b678b58c927432dea8a4b8fdee84d0..8252c78508ef777bdbce49edf61142f9e337c7ad 100644
--- a/gen/http/openapi3.json
+++ b/gen/http/openapi3.json
@@ -1 +1 @@
-{"openapi":"3.0.3","info":{"title":"Signer Service","description":"The signer service exposes HTTP API for creating and verifying digital signatures.","version":"1.0"},"servers":[{"url":"http://localhost:8085","description":"Signer Server"}],"paths":{"/liveness":{"get":{"tags":["health"],"summary":"Liveness health","operationId":"health#Liveness","responses":{"200":{"description":"OK response."}}}},"/readiness":{"get":{"tags":["health"],"summary":"Readiness health","operationId":"health#Readiness","responses":{"200":{"description":"OK response."}}}},"/v1/credential/proof":{"post":{"tags":["signer"],"summary":"CredentialProof signer","description":"CredentialProof adds a proof to a given Verifiable Credential.","operationId":"signer#CredentialProof","parameters":[{"name":"key","in":"query","description":"Key to use for the proof signature (optional).","allowEmptyValue":true,"schema":{"type":"string","description":"Key to use for the proof signature (optional).","example":"key1"},"example":"key1"}],"requestBody":{"description":"Verifiable Credential in JSON format.","required":true,"content":{"application/json":{"schema":{"type":"string","description":"Verifiable Credential in JSON format.","example":"Q3VscGEgb2NjYWVjYXRpIGRvbG9ydW0gcXVpIGVuaW0gaW5jaWR1bnQu","format":"binary"},"example":"SXRhcXVlIGFkaXBpc2NpIHZvbHVwdGFzLg=="}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"type":"string","example":"Ipsam facere.","format":"binary"},"example":"Asperiores molestias qui."}}}}}},"/v1/presentation/proof":{"post":{"tags":["signer"],"summary":"PresentationProof signer","description":"PresentationProof adds a proof to a given Verifiable Presentation.","operationId":"signer#PresentationProof","parameters":[{"name":"key","in":"query","description":"Key to use for the proof signature (optional).","allowEmptyValue":true,"schema":{"type":"string","description":"Key to use for the proof signature (optional).","example":"key1"},"example":"key1"}],"requestBody":{"description":"Verifiable Presentation in JSON format.","required":true,"content":{"application/json":{"schema":{"type":"string","description":"Verifiable Presentation in JSON format.","example":"RXN0IHF1aWRlbSBoYXJ1bSB2ZXJvLg==","format":"binary"},"example":"SXBzYSB2ZWwgaW4gcmVwdWRpYW5kYWUgcmVwZWxsYXQu"}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"type":"string","example":"Deleniti ipsa.","format":"binary"},"example":"Laudantium exercitationem quis sunt eos."}}}}}}},"components":{},"tags":[{"name":"health","description":"Health service provides health check endpoints."},{"name":"signer","description":"Sign service provides endpoints for making digital signatures and proofs for verifiable credentials and presentations."}]}
\ No newline at end of file
+{"openapi":"3.0.3","info":{"title":"Signer Service","description":"The signer service exposes HTTP API for creating and verifying digital signatures.","version":"1.0"},"servers":[{"url":"http://localhost:8085","description":"Signer Server"}],"paths":{"/liveness":{"get":{"tags":["health"],"summary":"Liveness health","operationId":"health#Liveness","responses":{"200":{"description":"OK response."}}}},"/readiness":{"get":{"tags":["health"],"summary":"Readiness health","operationId":"health#Readiness","responses":{"200":{"description":"OK response."}}}},"/v1/credential/proof":{"post":{"tags":["signer"],"summary":"CredentialProof signer","description":"CredentialProof adds a proof to a given Verifiable Credential.","operationId":"signer#CredentialProof","parameters":[{"name":"key","in":"query","description":"Key to use for the proof signature (optional).","allowEmptyValue":true,"schema":{"type":"string","description":"Key to use for the proof signature (optional).","example":"key1"},"example":"key1"}],"requestBody":{"description":"Verifiable Credential in JSON format.","required":true,"content":{"application/json":{"schema":{"type":"string","description":"Verifiable Credential in JSON format.","example":"RGVsZW5pdGkgaXBzYS4=","format":"binary"},"example":"RW5pbSBkZXNlcnVudC4="}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"type":"string","example":"Itaque adipisci voluptas.","format":"binary"},"example":"Cupiditate et aliquid reiciendis pariatur."}}}}}},"/v1/keys/{key}":{"get":{"tags":["signer"],"summary":"GetKey signer","description":"GetKey returns key information from Vault or OCM.","operationId":"signer#GetKey","parameters":[{"name":"key","in":"path","description":"Name of requested key.","required":true,"schema":{"type":"string","description":"Name of requested key.","example":"key1"},"example":"key1"}],"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"type":"string","example":"Laudantium exercitationem quis sunt eos.","format":"binary"},"example":"Eum molestiae."}}}}}},"/v1/presentation/proof":{"post":{"tags":["signer"],"summary":"PresentationProof signer","description":"PresentationProof adds a proof to a given Verifiable Presentation.","operationId":"signer#PresentationProof","parameters":[{"name":"key","in":"query","description":"Key to use for the proof signature (optional).","allowEmptyValue":true,"schema":{"type":"string","description":"Key to use for the proof signature (optional).","example":"key1"},"example":"key1"}],"requestBody":{"description":"Verifiable Presentation in JSON format.","required":true,"content":{"application/json":{"schema":{"type":"string","description":"Verifiable Presentation in JSON format.","example":"QXNwZXJpb3JlcyBtb2xlc3RpYXMgcXVpLg==","format":"binary"},"example":"TW9sZXN0aWFlIHZlbGl0IG1haW9yZXMgZXQgcXVpYS4="}}},"responses":{"200":{"description":"OK response.","content":{"application/json":{"schema":{"type":"string","example":"Ipsa vel in repudiandae repellat.","format":"binary"},"example":"Voluptatem consectetur."}}}}}}},"components":{},"tags":[{"name":"health","description":"Health service provides health check endpoints."},{"name":"signer","description":"Sign service provides endpoints for making digital signatures and proofs for verifiable credentials and presentations."}]}
\ No newline at end of file
diff --git a/gen/http/openapi3.yaml b/gen/http/openapi3.yaml
index 502993a6ed52590afccf536b71251a91d0810839..a0b57111324702aa270e67a22ab4d4e41ce1d5bf 100644
--- a/gen/http/openapi3.yaml
+++ b/gen/http/openapi3.yaml
@@ -51,74 +51,35 @@ paths:
type: string
description: Verifiable Credential in JSON format.
example:
- - 67
- - 117
- - 108
- - 112
- - 97
- - 32
- - 111
- - 99
- - 99
- - 97
+ - 68
- 101
- - 99
- - 97
- - 116
- - 105
- - 32
- - 100
- - 111
- 108
- - 111
- - 114
- - 117
- - 109
- - 32
- - 113
- - 117
- - 105
- - 32
- 101
- 110
- 105
- - 109
- - 32
+ - 116
- 105
- - 110
- - 99
+ - 32
- 105
- - 100
- - 117
- - 110
- - 116
+ - 112
+ - 115
+ - 97
- 46
format: binary
example:
- - 73
- - 116
- - 97
- - 113
- - 117
- - 101
+ - 69
+ - 110
+ - 105
+ - 109
- 32
- - 97
- 100
- - 105
- - 112
- - 105
+ - 101
- 115
- - 99
- - 105
- - 32
- - 118
- - 111
- - 108
+ - 101
+ - 114
- 117
- - 112
+ - 110
- 116
- - 97
- - 115
- 46
responses:
"200":
@@ -127,9 +88,36 @@ paths:
application/json:
schema:
type: string
- example: Ipsam facere.
+ example: Itaque adipisci voluptas.
format: binary
- example: Asperiores molestias qui.
+ example: Cupiditate et aliquid reiciendis pariatur.
+ /v1/keys/{key}:
+ get:
+ tags:
+ - signer
+ summary: GetKey signer
+ description: GetKey returns key information from Vault or OCM.
+ operationId: signer#GetKey
+ parameters:
+ - name: key
+ in: path
+ description: Name of requested key.
+ required: true
+ schema:
+ type: string
+ description: Name of requested key.
+ example: key1
+ example: key1
+ responses:
+ "200":
+ description: OK response.
+ content:
+ application/json:
+ schema:
+ type: string
+ example: Laudantium exercitationem quis sunt eos.
+ format: binary
+ example: Eum molestiae.
/v1/presentation/proof:
post:
tags:
@@ -156,62 +144,64 @@ paths:
type: string
description: Verifiable Presentation in JSON format.
example:
- - 69
+ - 65
- 115
- - 116
- - 32
- - 113
- - 117
+ - 112
+ - 101
+ - 114
- 105
- - 100
+ - 111
+ - 114
- 101
- - 109
+ - 115
- 32
- - 104
- - 97
- - 114
- - 117
- 109
- - 32
- - 118
- - 101
- - 114
- 111
+ - 108
+ - 101
+ - 115
+ - 116
+ - 105
+ - 97
+ - 115
+ - 32
+ - 113
+ - 117
+ - 105
- 46
format: binary
example:
- - 73
- - 112
+ - 77
+ - 111
+ - 108
+ - 101
- 115
+ - 116
+ - 105
- 97
+ - 101
- 32
- 118
- 101
- 108
- - 32
- 105
- - 110
+ - 116
- 32
- - 114
- - 101
- - 112
- - 117
- - 100
- - 105
- - 97
- - 110
- - 100
+ - 109
- 97
- - 101
- - 32
+ - 105
+ - 111
- 114
- 101
- - 112
+ - 115
+ - 32
- 101
- - 108
- - 108
- - 97
- 116
+ - 32
+ - 113
+ - 117
+ - 105
+ - 97
- 46
responses:
"200":
@@ -220,9 +210,9 @@ paths:
application/json:
schema:
type: string
- example: Deleniti ipsa.
+ example: Ipsa vel in repudiandae repellat.
format: binary
- example: Laudantium exercitationem quis sunt eos.
+ example: Voluptatem consectetur.
components: {}
tags:
- name: health
diff --git a/gen/http/signer/client/cli.go b/gen/http/signer/client/cli.go
index 007efc105b2105801f3f2f75c4cb3d48e32679f3..2cf112e1838c0cad5fae44a95395028091eab9e8 100644
--- a/gen/http/signer/client/cli.go
+++ b/gen/http/signer/client/cli.go
@@ -54,3 +54,16 @@ func BuildPresentationProofPayload(signerPresentationProofBody string, signerPre
return res, nil
}
+
+// BuildGetKeyPayload builds the payload for the signer GetKey endpoint from
+// CLI flags.
+func BuildGetKeyPayload(signerGetKeyKey string) (*signer.GetKeyRequest, error) {
+ var key string
+ {
+ key = signerGetKeyKey
+ }
+ v := &signer.GetKeyRequest{}
+ v.Key = key
+
+ return v, nil
+}
diff --git a/gen/http/signer/client/client.go b/gen/http/signer/client/client.go
index 8088ebd580ccc0e5d098a0ce900c6ef0e72da7c2..23faec1df044c274f889691fad73d7bda79912e5 100644
--- a/gen/http/signer/client/client.go
+++ b/gen/http/signer/client/client.go
@@ -25,6 +25,9 @@ type Client struct {
// PresentationProof endpoint.
PresentationProofDoer goahttp.Doer
+ // GetKey Doer is the HTTP client used to make requests to the GetKey endpoint.
+ GetKeyDoer goahttp.Doer
+
// RestoreResponseBody controls whether the response bodies are reset after
// decoding so they can be read again.
RestoreResponseBody bool
@@ -47,6 +50,7 @@ func NewClient(
return &Client{
CredentialProofDoer: doer,
PresentationProofDoer: doer,
+ GetKeyDoer: doer,
RestoreResponseBody: restoreBody,
scheme: scheme,
host: host,
@@ -102,3 +106,22 @@ func (c *Client) PresentationProof() goa.Endpoint {
return decodeResponse(resp)
}
}
+
+// GetKey returns an endpoint that makes HTTP requests to the signer service
+// GetKey server.
+func (c *Client) GetKey() goa.Endpoint {
+ var (
+ decodeResponse = DecodeGetKeyResponse(c.decoder, c.RestoreResponseBody)
+ )
+ return func(ctx context.Context, v interface{}) (interface{}, error) {
+ req, err := c.BuildGetKeyRequest(ctx, v)
+ if err != nil {
+ return nil, err
+ }
+ resp, err := c.GetKeyDoer.Do(req)
+ if err != nil {
+ return nil, goahttp.ErrRequestError("signer", "GetKey", err)
+ }
+ return decodeResponse(resp)
+ }
+}
diff --git a/gen/http/signer/client/encode_decode.go b/gen/http/signer/client/encode_decode.go
index 004dc905c53bbbdec5abc8fa6e3a5cd81ab04e02..968db274bcf0c376026388da71bbf85f02578591 100644
--- a/gen/http/signer/client/encode_decode.go
+++ b/gen/http/signer/client/encode_decode.go
@@ -159,3 +159,63 @@ func DecodePresentationProofResponse(decoder func(*http.Response) goahttp.Decode
}
}
}
+
+// BuildGetKeyRequest instantiates a HTTP request object with method and path
+// set to call the "signer" service "GetKey" endpoint
+func (c *Client) BuildGetKeyRequest(ctx context.Context, v interface{}) (*http.Request, error) {
+ var (
+ key string
+ )
+ {
+ p, ok := v.(*signer.GetKeyRequest)
+ if !ok {
+ return nil, goahttp.ErrInvalidType("signer", "GetKey", "*signer.GetKeyRequest", v)
+ }
+ key = p.Key
+ }
+ u := &url.URL{Scheme: c.scheme, Host: c.host, Path: GetKeySignerPath(key)}
+ req, err := http.NewRequest("GET", u.String(), nil)
+ if err != nil {
+ return nil, goahttp.ErrInvalidURL("signer", "GetKey", u.String(), err)
+ }
+ if ctx != nil {
+ req = req.WithContext(ctx)
+ }
+
+ return req, nil
+}
+
+// DecodeGetKeyResponse returns a decoder for responses returned by the signer
+// GetKey endpoint. restoreBody controls whether the response body should be
+// restored after having been read.
+func DecodeGetKeyResponse(decoder func(*http.Response) goahttp.Decoder, restoreBody bool) func(*http.Response) (interface{}, error) {
+ return func(resp *http.Response) (interface{}, error) {
+ if restoreBody {
+ b, err := ioutil.ReadAll(resp.Body)
+ if err != nil {
+ return nil, err
+ }
+ resp.Body = ioutil.NopCloser(bytes.NewBuffer(b))
+ defer func() {
+ resp.Body = ioutil.NopCloser(bytes.NewBuffer(b))
+ }()
+ } else {
+ defer resp.Body.Close()
+ }
+ switch resp.StatusCode {
+ case http.StatusOK:
+ var (
+ body interface{}
+ err error
+ )
+ err = decoder(resp).Decode(&body)
+ if err != nil {
+ return nil, goahttp.ErrDecodingError("signer", "GetKey", err)
+ }
+ return body, nil
+ default:
+ body, _ := ioutil.ReadAll(resp.Body)
+ return nil, goahttp.ErrInvalidResponse("signer", "GetKey", resp.StatusCode, string(body))
+ }
+ }
+}
diff --git a/gen/http/signer/client/paths.go b/gen/http/signer/client/paths.go
index 308da7a1f7119f5a91820ab7c227fd5ee0256886..be07924e0608892930f5b955e70fbcb2618c53a6 100644
--- a/gen/http/signer/client/paths.go
+++ b/gen/http/signer/client/paths.go
@@ -7,6 +7,10 @@
package client
+import (
+ "fmt"
+)
+
// CredentialProofSignerPath returns the URL path to the signer service CredentialProof HTTP endpoint.
func CredentialProofSignerPath() string {
return "/v1/credential/proof"
@@ -16,3 +20,8 @@ func CredentialProofSignerPath() string {
func PresentationProofSignerPath() string {
return "/v1/presentation/proof"
}
+
+// GetKeySignerPath returns the URL path to the signer service GetKey HTTP endpoint.
+func GetKeySignerPath(key string) string {
+ return fmt.Sprintf("/v1/keys/%v", key)
+}
diff --git a/gen/http/signer/server/encode_decode.go b/gen/http/signer/server/encode_decode.go
index 558cd47c13782e5c835412d2fb7997d02cf88765..f6c4cdb8f25684dde5e1ebde0b474abba8a2ff5d 100644
--- a/gen/http/signer/server/encode_decode.go
+++ b/gen/http/signer/server/encode_decode.go
@@ -97,3 +97,31 @@ func DecodePresentationProofRequest(mux goahttp.Muxer, decoder func(*http.Reques
return payload, nil
}
}
+
+// EncodeGetKeyResponse returns an encoder for responses returned by the signer
+// GetKey endpoint.
+func EncodeGetKeyResponse(encoder func(context.Context, http.ResponseWriter) goahttp.Encoder) func(context.Context, http.ResponseWriter, interface{}) error {
+ return func(ctx context.Context, w http.ResponseWriter, v interface{}) error {
+ res, _ := v.(interface{})
+ enc := encoder(ctx, w)
+ body := res
+ w.WriteHeader(http.StatusOK)
+ return enc.Encode(body)
+ }
+}
+
+// DecodeGetKeyRequest returns a decoder for requests sent to the signer GetKey
+// endpoint.
+func DecodeGetKeyRequest(mux goahttp.Muxer, decoder func(*http.Request) goahttp.Decoder) func(*http.Request) (interface{}, error) {
+ return func(r *http.Request) (interface{}, error) {
+ var (
+ key string
+
+ params = mux.Vars(r)
+ )
+ key = params["key"]
+ payload := NewGetKeyRequest(key)
+
+ return payload, nil
+ }
+}
diff --git a/gen/http/signer/server/paths.go b/gen/http/signer/server/paths.go
index 7bc55146b94c7fe8a6283513609f4cf569538492..06d2a0b2794f379f19f8d438282e46a9fc9e8c57 100644
--- a/gen/http/signer/server/paths.go
+++ b/gen/http/signer/server/paths.go
@@ -7,6 +7,10 @@
package server
+import (
+ "fmt"
+)
+
// CredentialProofSignerPath returns the URL path to the signer service CredentialProof HTTP endpoint.
func CredentialProofSignerPath() string {
return "/v1/credential/proof"
@@ -16,3 +20,8 @@ func CredentialProofSignerPath() string {
func PresentationProofSignerPath() string {
return "/v1/presentation/proof"
}
+
+// GetKeySignerPath returns the URL path to the signer service GetKey HTTP endpoint.
+func GetKeySignerPath(key string) string {
+ return fmt.Sprintf("/v1/keys/%v", key)
+}
diff --git a/gen/http/signer/server/server.go b/gen/http/signer/server/server.go
index 350a87ef40e9c4260e0ded1c602bbd35a81e5b8a..9941acc2fd47c9602bbc1d830ef5c2290107ed62 100644
--- a/gen/http/signer/server/server.go
+++ b/gen/http/signer/server/server.go
@@ -21,6 +21,7 @@ type Server struct {
Mounts []*MountPoint
CredentialProof http.Handler
PresentationProof http.Handler
+ GetKey http.Handler
}
// ErrorNamer is an interface implemented by generated error structs that
@@ -58,9 +59,11 @@ func New(
Mounts: []*MountPoint{
{"CredentialProof", "POST", "/v1/credential/proof"},
{"PresentationProof", "POST", "/v1/presentation/proof"},
+ {"GetKey", "GET", "/v1/keys/{key}"},
},
CredentialProof: NewCredentialProofHandler(e.CredentialProof, mux, decoder, encoder, errhandler, formatter),
PresentationProof: NewPresentationProofHandler(e.PresentationProof, mux, decoder, encoder, errhandler, formatter),
+ GetKey: NewGetKeyHandler(e.GetKey, mux, decoder, encoder, errhandler, formatter),
}
}
@@ -71,12 +74,14 @@ func (s *Server) Service() string { return "signer" }
func (s *Server) Use(m func(http.Handler) http.Handler) {
s.CredentialProof = m(s.CredentialProof)
s.PresentationProof = m(s.PresentationProof)
+ s.GetKey = m(s.GetKey)
}
// Mount configures the mux to serve the signer endpoints.
func Mount(mux goahttp.Muxer, h *Server) {
MountCredentialProofHandler(mux, h.CredentialProof)
MountPresentationProofHandler(mux, h.PresentationProof)
+ MountGetKeyHandler(mux, h.GetKey)
}
// Mount configures the mux to serve the signer endpoints.
@@ -185,3 +190,54 @@ func NewPresentationProofHandler(
}
})
}
+
+// MountGetKeyHandler configures the mux to serve the "signer" service "GetKey"
+// endpoint.
+func MountGetKeyHandler(mux goahttp.Muxer, h http.Handler) {
+ f, ok := h.(http.HandlerFunc)
+ if !ok {
+ f = func(w http.ResponseWriter, r *http.Request) {
+ h.ServeHTTP(w, r)
+ }
+ }
+ mux.Handle("GET", "/v1/keys/{key}", f)
+}
+
+// NewGetKeyHandler creates a HTTP handler which loads the HTTP request and
+// calls the "signer" service "GetKey" endpoint.
+func NewGetKeyHandler(
+ endpoint goa.Endpoint,
+ mux goahttp.Muxer,
+ decoder func(*http.Request) goahttp.Decoder,
+ encoder func(context.Context, http.ResponseWriter) goahttp.Encoder,
+ errhandler func(context.Context, http.ResponseWriter, error),
+ formatter func(err error) goahttp.Statuser,
+) http.Handler {
+ var (
+ decodeRequest = DecodeGetKeyRequest(mux, decoder)
+ encodeResponse = EncodeGetKeyResponse(encoder)
+ encodeError = goahttp.ErrorEncoder(encoder, formatter)
+ )
+ return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+ ctx := context.WithValue(r.Context(), goahttp.AcceptTypeKey, r.Header.Get("Accept"))
+ ctx = context.WithValue(ctx, goa.MethodKey, "GetKey")
+ ctx = context.WithValue(ctx, goa.ServiceKey, "signer")
+ payload, err := decodeRequest(r)
+ if err != nil {
+ if err := encodeError(ctx, w, err); err != nil {
+ errhandler(ctx, w, err)
+ }
+ return
+ }
+ res, err := endpoint(ctx, payload)
+ if err != nil {
+ if err := encodeError(ctx, w, err); err != nil {
+ errhandler(ctx, w, err)
+ }
+ return
+ }
+ if err := encodeResponse(ctx, w, res); err != nil {
+ errhandler(ctx, w, err)
+ }
+ })
+}
diff --git a/gen/http/signer/server/types.go b/gen/http/signer/server/types.go
index c86ba033b724cc98e99410669edf69c1ff8c44e6..8419c2800cc7358ee722fae53a9a495ddac6129e 100644
--- a/gen/http/signer/server/types.go
+++ b/gen/http/signer/server/types.go
@@ -34,3 +34,11 @@ func NewPresentationProofRequest(body []byte, key *string) *signer.PresentationP
return res
}
+
+// NewGetKeyRequest builds a signer service GetKey endpoint payload.
+func NewGetKeyRequest(key string) *signer.GetKeyRequest {
+ v := &signer.GetKeyRequest{}
+ v.Key = key
+
+ return v
+}
diff --git a/gen/signer/client.go b/gen/signer/client.go
index 033d69f43c586f8c1450c8eed9afa39088a8f98a..eaeeb45448aeca1c334fc812f152d7e58f634933 100644
--- a/gen/signer/client.go
+++ b/gen/signer/client.go
@@ -17,13 +17,15 @@ import (
type Client struct {
CredentialProofEndpoint goa.Endpoint
PresentationProofEndpoint goa.Endpoint
+ GetKeyEndpoint goa.Endpoint
}
// NewClient initializes a "signer" service client given the endpoints.
-func NewClient(credentialProof, presentationProof goa.Endpoint) *Client {
+func NewClient(credentialProof, presentationProof, getKey goa.Endpoint) *Client {
return &Client{
CredentialProofEndpoint: credentialProof,
PresentationProofEndpoint: presentationProof,
+ GetKeyEndpoint: getKey,
}
}
@@ -47,3 +49,13 @@ func (c *Client) PresentationProof(ctx context.Context, p *PresentationProofRequ
}
return ires.(interface{}), nil
}
+
+// GetKey calls the "GetKey" endpoint of the "signer" service.
+func (c *Client) GetKey(ctx context.Context, p *GetKeyRequest) (res interface{}, err error) {
+ var ires interface{}
+ ires, err = c.GetKeyEndpoint(ctx, p)
+ if err != nil {
+ return
+ }
+ return ires.(interface{}), nil
+}
diff --git a/gen/signer/endpoints.go b/gen/signer/endpoints.go
index a5ebf6c81a72589682f2394ffc8489988a662534..c67546fef4fd2372b0e50856225dde64b4140129 100644
--- a/gen/signer/endpoints.go
+++ b/gen/signer/endpoints.go
@@ -17,6 +17,7 @@ import (
type Endpoints struct {
CredentialProof goa.Endpoint
PresentationProof goa.Endpoint
+ GetKey goa.Endpoint
}
// NewEndpoints wraps the methods of the "signer" service with endpoints.
@@ -24,6 +25,7 @@ func NewEndpoints(s Service) *Endpoints {
return &Endpoints{
CredentialProof: NewCredentialProofEndpoint(s),
PresentationProof: NewPresentationProofEndpoint(s),
+ GetKey: NewGetKeyEndpoint(s),
}
}
@@ -31,6 +33,7 @@ func NewEndpoints(s Service) *Endpoints {
func (e *Endpoints) Use(m func(goa.Endpoint) goa.Endpoint) {
e.CredentialProof = m(e.CredentialProof)
e.PresentationProof = m(e.PresentationProof)
+ e.GetKey = m(e.GetKey)
}
// NewCredentialProofEndpoint returns an endpoint function that calls the
@@ -50,3 +53,12 @@ func NewPresentationProofEndpoint(s Service) goa.Endpoint {
return s.PresentationProof(ctx, p)
}
}
+
+// NewGetKeyEndpoint returns an endpoint function that calls the method
+// "GetKey" of service "signer".
+func NewGetKeyEndpoint(s Service) goa.Endpoint {
+ return func(ctx context.Context, req interface{}) (interface{}, error) {
+ p := req.(*GetKeyRequest)
+ return s.GetKey(ctx, p)
+ }
+}
diff --git a/gen/signer/service.go b/gen/signer/service.go
index a1c7d2c184985bf5cc7f5eadb09848e84e4a9684..247f2c9d8b178cc203a9fcaf0e6b2f34776105ac 100644
--- a/gen/signer/service.go
+++ b/gen/signer/service.go
@@ -18,6 +18,8 @@ type Service interface {
CredentialProof(context.Context, *CredentialProofRequest) (res interface{}, err error)
// PresentationProof adds a proof to a given Verifiable Presentation.
PresentationProof(context.Context, *PresentationProofRequest) (res interface{}, err error)
+ // GetKey returns key information from Vault or OCM.
+ GetKey(context.Context, *GetKeyRequest) (res interface{}, err error)
}
// ServiceName is the name of the service as defined in the design. This is the
@@ -28,7 +30,7 @@ const ServiceName = "signer"
// MethodNames lists the service method names as defined in the design. These
// are the same values that are set in the endpoint request contexts under the
// MethodKey key.
-var MethodNames = [2]string{"CredentialProof", "PresentationProof"}
+var MethodNames = [3]string{"CredentialProof", "PresentationProof", "GetKey"}
// CredentialProofRequest is the payload type of the signer service
// CredentialProof method.
@@ -39,6 +41,12 @@ type CredentialProofRequest struct {
Credential []byte
}
+// GetKeyRequest is the payload type of the signer service GetKey method.
+type GetKeyRequest struct {
+ // Name of requested key.
+ Key string
+}
+
// PresentationProofRequest is the payload type of the signer service
// PresentationProof method.
type PresentationProofRequest struct {
diff --git a/go.sum b/go.sum
index f98bc6a0ea0775687210eff1e0f6405758eb3678..704f4b92c9a696867df056ff6549948b66eb9931 100644
--- a/go.sum
+++ b/go.sum
@@ -30,8 +30,6 @@ cloud.google.com/go/storage v1.5.0/go.mod h1:tpKbwo567HUNpVclU5sGELwQWBDZ8gh0Zeo
cloud.google.com/go/storage v1.6.0/go.mod h1:N7U0C8pVQ/+NIKOBQyamJIeKQKkZ+mxpohlUTyfDhBk=
cloud.google.com/go/storage v1.8.0/go.mod h1:Wv1Oy7z6Yz3DshWRJFhqM/UCfaWIRTdp0RXyy7KQOVs=
cloud.google.com/go/storage v1.10.0/go.mod h1:FLPqc6j+Ki4BU591ie1oL6qBQGu2Bl/tZ9ullr3+Kg0=
-code.vereign.com/gaiax/tsa/golib v0.0.0-20220603082703-12e9e3c06615 h1:EdWAZfrfEzWiIo0iMkCcs4bPTW7gItLLgJSU5I143vI=
-code.vereign.com/gaiax/tsa/golib v0.0.0-20220603082703-12e9e3c06615/go.mod h1:bDorhOdL8/uRy56rvdBLWiRiOKlDjC5tQvpS5eN6wzo=
code.vereign.com/gaiax/tsa/golib v0.0.0-20220615064316-ca49265d8b0e h1:Tf+6cXb+hh/EsoNLyeGJ/T+hhJMn8Hdbo43cVkeAQZ4=
code.vereign.com/gaiax/tsa/golib v0.0.0-20220615064316-ca49265d8b0e/go.mod h1:bDorhOdL8/uRy56rvdBLWiRiOKlDjC5tQvpS5eN6wzo=
dmitri.shuralyov.com/gpu/mtl v0.0.0-20190408044501-666a987793e9/go.mod h1:H6x//7gZCb22OMCxBHrMx7a5I7Hp++hsVxbQ4BYO7hU=
diff --git a/internal/clients/vault/client.go b/internal/clients/vault/client.go
index d5e199372cbb10d8a5091175a826c946c16b2e6b..bf2b160f18c56426b90619508ab33903c6710f11 100644
--- a/internal/clients/vault/client.go
+++ b/internal/clients/vault/client.go
@@ -1,6 +1,7 @@
package vault
import (
+ "context"
"encoding/base64"
"encoding/json"
"fmt"
@@ -58,27 +59,23 @@ func (c *Client) WithKey(key string) signer.Signer {
}
// Key tries to fetch a key with the given name from the Vault.
-func (c *Client) Key(key string) (*signer.SignKey, error) {
+func (c *Client) Key(ctx context.Context, key string) (*signer.SignKey, error) {
req := c.client.NewRequest(http.MethodGet, pathKeys+key)
- res, err := c.client.RawRequest(req)
+ res, err := c.client.RawRequestWithContext(ctx, req)
if err != nil {
return nil, errors.New(errors.GetKind(res.StatusCode), err)
}
defer res.Body.Close()
- var response struct {
- Data struct {
- Name string `json:"name"`
- Type string `json:"type"`
- } `json:"data"`
- }
+ var response getKeyResponse
if err := json.NewDecoder(res.Body).Decode(&response); err != nil {
return nil, err
}
return &signer.SignKey{
- Name: response.Data.Name,
- Type: response.Data.Type,
+ Name: response.Data.Name,
+ Type: response.Data.Type,
+ PublicKey: response.lastPublicKeyVersion(),
}, nil
}
diff --git a/internal/clients/vault/client_test.go b/internal/clients/vault/client_test.go
index 66258b01eaa6589094ecec26cf9b56358f5a8919..d0fc41e473dab450c53000374c766dd1810777bf 100644
--- a/internal/clients/vault/client_test.go
+++ b/internal/clients/vault/client_test.go
@@ -1,6 +1,7 @@
package vault_test
import (
+ "context"
"net/http"
"net/http/httptest"
"testing"
@@ -68,7 +69,7 @@ func TestClient_Key(t *testing.T) {
client, err := vault.New(vaultsrv.URL, "token", false, http.DefaultClient)
assert.NoError(t, err)
- res, err := client.Key(test.key)
+ res, err := client.Key(context.Background(), test.key)
if err != nil {
assert.Nil(t, res)
diff --git a/internal/clients/vault/transport.go b/internal/clients/vault/transport.go
new file mode 100644
index 0000000000000000000000000000000000000000..612f13e433120afbb3b05c15ba28e09502d89988
--- /dev/null
+++ b/internal/clients/vault/transport.go
@@ -0,0 +1,33 @@
+package vault
+
+import "strconv"
+
+type getKeyResponse struct {
+ Data struct {
+ Name string `json:"name"`
+ Type string `json:"type"`
+ Keys map[string]struct {
+ PublicKey string `json:"public_key"`
+ } `json:"keys"`
+ } `json:"data"`
+}
+
+// lastPublicKeyVersion iterates the map with key versions and
+// returns the latest public key.
+func (r *getKeyResponse) lastPublicKeyVersion() string {
+ var lastVerString string
+ var lastVerInt int
+ for ver := range r.Data.Keys {
+ verInt, err := strconv.Atoi(ver)
+ if err != nil {
+ continue
+ }
+
+ if verInt > lastVerInt {
+ lastVerInt = verInt
+ lastVerString = ver
+ }
+ }
+
+ return r.Data.Keys[lastVerString].PublicKey
+}
diff --git a/internal/clients/vault/transport_test.go b/internal/clients/vault/transport_test.go
new file mode 100644
index 0000000000000000000000000000000000000000..8b5a82e64ceaba9d2a89d74dc1ca7e28b4d4756b
--- /dev/null
+++ b/internal/clients/vault/transport_test.go
@@ -0,0 +1,72 @@
+package vault
+
+import (
+ "testing"
+
+ "github.com/stretchr/testify/assert"
+)
+
+func Test_lastPublicKeyVersion(t *testing.T) {
+ tests := []struct {
+ name string
+ keys map[string]struct {
+ PublicKey string `json:"public_key"`
+ }
+ key string
+ }{
+ {
+ name: "no keys in response",
+ },
+ {
+ name: "one key in response",
+ keys: map[string]struct {
+ PublicKey string `json:"public_key"`
+ }{
+ "1": {PublicKey: "key1"},
+ },
+ key: "key1",
+ },
+ {
+ name: "two keys in response",
+ keys: map[string]struct {
+ PublicKey string `json:"public_key"`
+ }{
+ "2": {PublicKey: "key2"},
+ "1": {PublicKey: "key1"},
+ },
+ key: "key2",
+ },
+ {
+ name: "three keys in response",
+ keys: map[string]struct {
+ PublicKey string `json:"public_key"`
+ }{
+ "2": {PublicKey: "key2"},
+ "1": {PublicKey: "key1"},
+ "4": {PublicKey: "key4"},
+ },
+ key: "key4",
+ },
+ {
+ name: "four keys in response",
+ keys: map[string]struct {
+ PublicKey string `json:"public_key"`
+ }{
+ "2": {PublicKey: "key2"},
+ "8": {PublicKey: "key8"},
+ "1": {PublicKey: "key1"},
+ "4": {PublicKey: "key4"},
+ },
+ key: "key8",
+ },
+ }
+
+ for _, test := range tests {
+ t.Run(test.name, func(t *testing.T) {
+ response := &getKeyResponse{}
+ response.Data.Keys = test.keys
+ key := response.lastPublicKeyVersion()
+ assert.Equal(t, test.key, key)
+ })
+ }
+}
diff --git a/internal/service/signer/service.go b/internal/service/signer/service.go
index 06755754577a21cf4db4c77c181f216d651783c6..6e19f0b1b22b1efb3a4fc9f89b4cdf2ffdb3777c 100644
--- a/internal/service/signer/service.go
+++ b/internal/service/signer/service.go
@@ -21,12 +21,13 @@ import (
//go:generate counterfeiter . Signer
type SignKey struct {
- Name string
- Type string
+ Name string `json:"name"`
+ Type string `json:"type"`
+ PublicKey string `json:"public_key,omitempty"`
}
type Signer interface {
- Key(key string) (*SignKey, error)
+ Key(ctx context.Context, key string) (*SignKey, error)
Sign(data []byte) ([]byte, error)
WithKey(key string) Signer
}
@@ -48,6 +49,17 @@ func New(signer Signer, defaultKey string, httpClient *http.Client, logger *zap.
}
}
+// GetKey returns a key from Vault or OCM.
+func (s *Service) GetKey(ctx context.Context, req *signer.GetKeyRequest) (interface{}, error) {
+ key, err := s.signer.Key(ctx, req.Key)
+ if err != nil {
+ s.logger.Error("error getting key", zap.Error(err))
+ return nil, err
+ }
+
+ return key, nil
+}
+
// CredentialProof adds a proof to a given Verifiable Credential.
func (s *Service) CredentialProof(ctx context.Context, req *signer.CredentialProofRequest) (interface{}, error) {
logger := s.logger.With(zap.String("operation", "credentialProof"))
@@ -63,7 +75,7 @@ func (s *Service) CredentialProof(ctx context.Context, req *signer.CredentialPro
keyname = *req.Key
}
- key, err := s.signer.Key(keyname)
+ key, err := s.signer.Key(ctx, keyname)
if err != nil {
logger.Error("error getting signing key", zap.String("key", keyname), zap.Error(err))
return nil, errors.New("error getting signing key", err)
@@ -98,7 +110,7 @@ func (s *Service) PresentationProof(ctx context.Context, req *signer.Presentatio
keyname = *req.Key
}
- key, err := s.signer.Key(keyname)
+ key, err := s.signer.Key(ctx, keyname)
if err != nil {
logger.Error("error getting signing key", zap.String("key", keyname), zap.Error(err))
return nil, errors.New("error getting signing key", err)
diff --git a/internal/service/signer/service_test.go b/internal/service/signer/service_test.go
index 9a44fb3b27cf0dc41b44aafb7340c34a9693d682..3c34e982648ec97a1086d226415b7d234e130931 100644
--- a/internal/service/signer/service_test.go
+++ b/internal/service/signer/service_test.go
@@ -17,6 +17,46 @@ import (
"code.vereign.com/gaiax/tsa/signer/internal/service/signer/signerfakes"
)
+func TestService_GetKey(t *testing.T) {
+ t.Run("signer returns error when getting key", func(t *testing.T) {
+ signerError := &signerfakes.FakeSigner{
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
+ return nil, errors.New(errors.NotFound, "key not found")
+ },
+ }
+
+ svc := signer.New(signerError, "default key", http.DefaultClient, zap.NewNop())
+ result, err := svc.GetKey(context.Background(), &goasigner.GetKeyRequest{Key: "key1"})
+ assert.Nil(t, result)
+ assert.Error(t, err)
+ e, ok := err.(*errors.Error)
+ assert.True(t, ok)
+ assert.Equal(t, errors.NotFound, e.Kind)
+ })
+
+ t.Run("signer returns key successfully", func(t *testing.T) {
+ signerOK := &signerfakes.FakeSigner{
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
+ return &signer.SignKey{
+ Name: "keyname",
+ Type: "ed25519",
+ PublicKey: "public key",
+ }, nil
+ },
+ }
+
+ svc := signer.New(signerOK, "default key", http.DefaultClient, zap.NewNop())
+ result, err := svc.GetKey(context.Background(), &goasigner.GetKeyRequest{Key: "key1"})
+ assert.NotNil(t, result)
+ assert.NoError(t, err)
+ assert.Equal(t, &signer.SignKey{
+ Name: "keyname",
+ Type: "ed25519",
+ PublicKey: "public key",
+ }, result)
+ })
+}
+
func TestService_CredentialProof(t *testing.T) {
tests := []struct {
name string
@@ -68,7 +108,7 @@ func TestService_CredentialProof(t *testing.T) {
Credential: []byte(validCredential),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return nil, errors.New(errors.NotFound)
},
},
@@ -83,7 +123,7 @@ func TestService_CredentialProof(t *testing.T) {
Credential: []byte(validCredential),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return nil, errors.New(errors.Internal)
},
},
@@ -98,7 +138,7 @@ func TestService_CredentialProof(t *testing.T) {
Credential: []byte(validCredential),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return nil, errors.New(errors.Internal)
},
},
@@ -113,7 +153,7 @@ func TestService_CredentialProof(t *testing.T) {
Credential: []byte(validCredential),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return &signer.SignKey{
Name: "key23",
Type: "rsa4096",
@@ -131,7 +171,7 @@ func TestService_CredentialProof(t *testing.T) {
Credential: []byte(validCredential),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return &signer.SignKey{
Name: "key123",
Type: "ed25519",
@@ -164,7 +204,7 @@ func TestService_CredentialProof(t *testing.T) {
Credential: []byte(validCredential),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return &signer.SignKey{
Name: "key123",
Type: "ecdsa-p256",
@@ -273,7 +313,7 @@ func TestService_PresentationProof(t *testing.T) {
Presentation: []byte(validPresentation),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return nil, errors.New(errors.NotFound)
},
},
@@ -288,7 +328,7 @@ func TestService_PresentationProof(t *testing.T) {
Presentation: []byte(validPresentation),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return nil, errors.New(errors.Internal)
},
},
@@ -303,7 +343,7 @@ func TestService_PresentationProof(t *testing.T) {
Presentation: []byte(validPresentation),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return nil, errors.New(errors.Internal)
},
},
@@ -318,7 +358,7 @@ func TestService_PresentationProof(t *testing.T) {
Presentation: []byte(validPresentation),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return &signer.SignKey{
Name: "key23",
Type: "rsa4096",
@@ -336,7 +376,7 @@ func TestService_PresentationProof(t *testing.T) {
Presentation: []byte(validPresentation),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return &signer.SignKey{
Name: "key123",
Type: "ed25519",
@@ -367,7 +407,7 @@ func TestService_PresentationProof(t *testing.T) {
Presentation: []byte(validPresentation),
},
signer: &signerfakes.FakeSigner{
- KeyStub: func(key string) (*signer.SignKey, error) {
+ KeyStub: func(ctx context.Context, key string) (*signer.SignKey, error) {
return &signer.SignKey{
Name: "key123",
Type: "ecdsa-p256",
diff --git a/internal/service/signer/signerfakes/fake_signer.go b/internal/service/signer/signerfakes/fake_signer.go
index 5b2b696013317d774fe2aae6793758037054f786..9cd9bfbec59386f657a0a197d127c26462dca3b4 100644
--- a/internal/service/signer/signerfakes/fake_signer.go
+++ b/internal/service/signer/signerfakes/fake_signer.go
@@ -2,16 +2,18 @@
package signerfakes
import (
+ "context"
"sync"
"code.vereign.com/gaiax/tsa/signer/internal/service/signer"
)
type FakeSigner struct {
- KeyStub func(string) (*signer.SignKey, error)
+ KeyStub func(context.Context, string) (*signer.SignKey, error)
keyMutex sync.RWMutex
keyArgsForCall []struct {
- arg1 string
+ arg1 context.Context
+ arg2 string
}
keyReturns struct {
result1 *signer.SignKey
@@ -49,18 +51,19 @@ type FakeSigner struct {
invocationsMutex sync.RWMutex
}
-func (fake *FakeSigner) Key(arg1 string) (*signer.SignKey, error) {
+func (fake *FakeSigner) Key(arg1 context.Context, arg2 string) (*signer.SignKey, error) {
fake.keyMutex.Lock()
ret, specificReturn := fake.keyReturnsOnCall[len(fake.keyArgsForCall)]
fake.keyArgsForCall = append(fake.keyArgsForCall, struct {
- arg1 string
- }{arg1})
+ arg1 context.Context
+ arg2 string
+ }{arg1, arg2})
stub := fake.KeyStub
fakeReturns := fake.keyReturns
- fake.recordInvocation("Key", []interface{}{arg1})
+ fake.recordInvocation("Key", []interface{}{arg1, arg2})
fake.keyMutex.Unlock()
if stub != nil {
- return stub(arg1)
+ return stub(arg1, arg2)
}
if specificReturn {
return ret.result1, ret.result2
@@ -74,17 +77,17 @@ func (fake *FakeSigner) KeyCallCount() int {
return len(fake.keyArgsForCall)
}
-func (fake *FakeSigner) KeyCalls(stub func(string) (*signer.SignKey, error)) {
+func (fake *FakeSigner) KeyCalls(stub func(context.Context, string) (*signer.SignKey, error)) {
fake.keyMutex.Lock()
defer fake.keyMutex.Unlock()
fake.KeyStub = stub
}
-func (fake *FakeSigner) KeyArgsForCall(i int) string {
+func (fake *FakeSigner) KeyArgsForCall(i int) (context.Context, string) {
fake.keyMutex.RLock()
defer fake.keyMutex.RUnlock()
argsForCall := fake.keyArgsForCall[i]
- return argsForCall.arg1
+ return argsForCall.arg1, argsForCall.arg2
}
func (fake *FakeSigner) KeyReturns(result1 *signer.SignKey, result2 error) {