fix: JWT Profile (#748)

* fix: correct env var for tracing type * fix: local env tracing * fix: key in detail as string * fix: implement storage * fix: machine key by id fix: store public key as bytes instead of crypto value * update oidc pkg * dont check origins for service account tokens * fix: scopes * fix: dependencies * fix: dependencies * fix: remove unused code * fix: variable naming Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2025-08-12 08:27:32 +00:00 · 2020-09-17 08:49:33 +02:00
parent 71abc4f077
commit 5a8cafcae5
19 changed files with 335 additions and 88 deletions
--- a/internal/user/repository/eventsourcing/model/user_machine.go
+++ b/internal/user/repository/eventsourcing/model/user_machine.go
@@ -69,10 +69,10 @@ func MachineToModel(machine *Machine) *model.Machine {

 type MachineKey struct {
 	es_models.ObjectRoot `json:"-"`
-	KeyID                string              `json:"keyId,omitempty"`
-	Type                 int32               `json:"type,omitempty"`
-	ExpirationDate       time.Time           `json:"expirationDate,omitempty"`
-	PublicKey            *crypto.CryptoValue `json:"publicKey,omitempty"`
+	KeyID                string    `json:"keyId,omitempty"`
+	Type                 int32     `json:"type,omitempty"`
+	ExpirationDate       time.Time `json:"expirationDate,omitempty"`
+	PublicKey            []byte    `json:"publicKey,omitempty"`
 	privateKey           []byte
 }

@@ -117,11 +117,7 @@ func (key *MachineKey) GenerateMachineKeyPair(keySize int, alg crypto.Encryption
 	if err != nil {
 		return err
 	}
-	publicKeyBytes, err := crypto.PublicKeyToBytes(publicKey)
-	if err != nil {
-		return err
-	}
-	key.PublicKey, err = crypto.Encrypt(publicKeyBytes, alg)
+	key.PublicKey, err = crypto.PublicKeyToBytes(publicKey)
 	if err != nil {
 		return err
 	}
--- a/internal/user/repository/view/machine_key_view.go
+++ b/internal/user/repository/view/machine_key_view.go
@@ -49,6 +49,18 @@ func MachineKeysByUserID(db *gorm.DB, table string, userID string) ([]*model.Mac
 	return keys, nil
 }

+func MachineKeyByID(db *gorm.DB, table string, keyID string) (*model.MachineKeyView, error) {
+	key := new(model.MachineKeyView)
+	query := repository.PrepareGetByQuery(table,
+		model.MachineKeySearchQuery{Key: usr_model.MachineKeyKeyID, Method: global_model.SearchMethodEquals, Value: keyID},
+	)
+	err := query(db, key)
+	if caos_errs.IsNotFound(err) {
+		return nil, caos_errs.ThrowNotFound(nil, "VIEW-BjN6x", "Errors.User.KeyNotFound")
+	}
+	return key, err
+}
+
 func PutMachineKey(db *gorm.DB, table string, role *model.MachineKeyView) error {
 	save := repository.PrepareSave(table)
 	return save(db, role)
--- a/internal/user/repository/view/model/machine_key.go
+++ b/internal/user/repository/view/model/machine_key.go
@@ -25,6 +25,8 @@ type MachineKeyView struct {
 	Sequence       uint64    `json:"-" gorm:"column:sequence"`

 	CreationDate time.Time `json:"-" gorm:"column:creation_date"`
+
+	PublicKey []byte `json:"publicKey" gorm:"column:public_key"`
 }

 func MachineKeyViewFromModel(key *model.MachineKeyView) *MachineKeyView {
@@ -46,6 +48,7 @@ func MachineKeyToModel(key *MachineKeyView) *model.MachineKeyView {
 		ExpirationDate: key.ExpirationDate,
 		Sequence:       key.Sequence,
 		CreationDate:   key.CreationDate,
+		PublicKey:      key.PublicKey,
 	}
 }