fix: add publickey endpoints

2025-12-09 01:32:56 +00:00 · 2024-09-26 19:15:03 +02:00
parent f7b6dafe81
commit 1afd9bc198
14 changed files with 1350 additions and 40 deletions
--- a/internal/command/user_v3_publickey_model.go
+++ b/internal/command/user_v3_publickey_model.go
@@ -0,0 +1,127 @@
+package command
+
+import (
+	"context"
+	"time"
+
+	"github.com/zitadel/zitadel/internal/api/authz"
+	"github.com/zitadel/zitadel/internal/domain"
+	"github.com/zitadel/zitadel/internal/eventstore"
+	"github.com/zitadel/zitadel/internal/repository/user/authenticator"
+	"github.com/zitadel/zitadel/internal/zerrors"
+)
+
+type PublicKeyV3WriteModel struct {
+	eventstore.WriteModel
+	UserID         string
+	ExpirationDate time.Time
+	PrivateKey     []byte
+	PublicKey      []byte
+
+	checkPermission domain.PermissionCheck
+}
+
+func (wm *PublicKeyV3WriteModel) GetWriteModel() *eventstore.WriteModel {
+	return &wm.WriteModel
+}
+
+func NewPublicKeyV3WriteModel(resourceOwner, userID, id string, checkPermission domain.PermissionCheck) *PublicKeyV3WriteModel {
+	return &PublicKeyV3WriteModel{
+		WriteModel: eventstore.WriteModel{
+			AggregateID:   id,
+			ResourceOwner: resourceOwner,
+		},
+		UserID:          userID,
+		checkPermission: checkPermission,
+	}
+}
+
+func (wm *PublicKeyV3WriteModel) Reduce() error {
+	for _, event := range wm.Events {
+		switch e := event.(type) {
+		case *authenticator.PublicKeyCreatedEvent:
+			if e.UserID != wm.UserID {
+				continue
+			}
+			wm.UserID = e.UserID
+			wm.PublicKey = e.PublicKey
+			wm.ExpirationDate = e.ExpirationDate
+		case *authenticator.PublicKeyDeletedEvent:
+			wm.UserID = ""
+			wm.PublicKey = nil
+			wm.ExpirationDate = time.Time{}
+		}
+	}
+	return wm.WriteModel.Reduce()
+}
+
+func (wm *PublicKeyV3WriteModel) Query() *eventstore.SearchQueryBuilder {
+	return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
+		ResourceOwner(wm.ResourceOwner).
+		AddQuery().
+		AggregateTypes(authenticator.AggregateType).
+		AggregateIDs(wm.AggregateID).
+		EventTypes(
+			authenticator.PublicKeyCreatedType,
+			authenticator.PublicKeyDeletedType,
+		).Builder()
+}
+
+func (wm *PublicKeyV3WriteModel) checkPermissionWrite(ctx context.Context) error {
+	if wm.UserID == authz.GetCtxData(ctx).UserID {
+		return nil
+	}
+	if err := wm.checkPermission(ctx, domain.PermissionUserWrite, wm.ResourceOwner, wm.UserID); err != nil {
+		return err
+	}
+	return nil
+}
+
+func (wm *PublicKeyV3WriteModel) NewCreate(
+	ctx context.Context,
+	expirationDate time.Time,
+	publicKey []byte,
+) ([]eventstore.Command, error) {
+	if err := wm.NotExists(); err != nil {
+		return nil, err
+	}
+	if err := wm.checkPermissionWrite(ctx); err != nil {
+		return nil, err
+	}
+	return []eventstore.Command{
+		authenticator.NewPublicKeyCreatedEvent(ctx,
+			AuthenticatorAggregateFromWriteModel(wm.GetWriteModel()),
+			wm.UserID,
+			expirationDate,
+			publicKey,
+		),
+	}, nil
+}
+
+func (wm *PublicKeyV3WriteModel) NewDelete(ctx context.Context) ([]eventstore.Command, error) {
+	if err := wm.Exists(); err != nil {
+		return nil, err
+	}
+	if err := wm.checkPermissionWrite(ctx); err != nil {
+		return nil, err
+	}
+	return []eventstore.Command{
+		authenticator.NewPublicKeyDeletedEvent(ctx,
+			AuthenticatorAggregateFromWriteModel(wm.GetWriteModel()),
+		),
+	}, nil
+}
+
+func (wm *PublicKeyV3WriteModel) Exists() error {
+	if len(wm.PublicKey) == 0 {
+		return zerrors.ThrowNotFound(nil, "TODO", "TODO")
+	}
+	return nil
+}
+
+func (wm *PublicKeyV3WriteModel) NotExists() error {
+	if err := wm.Exists(); err != nil {
+		return nil
+	}
+	return zerrors.ThrowAlreadyExists(nil, "TODO", "TODO")
+}