mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-10 12:53:40 +00:00
f60d200d5a
* key rotation * fix: rotate signing key * cleanup * introspect * testingapplication key * date * client keys * fix client keys * fix client keys * access tokens only for users * AuthMethodPrivateKeyJWT * client keys * set introspection info correctly * managae apis * update oidc pkg * cleanup * merge msater * set current sequence in migration * set current sequence in migration * set current sequence in migration * ensure authn keys uptodate * improve key rotation * fix: return api config in ApplicationView * fix mocks for tests * fix(mock): corrected unit tests for updated mock package Co-authored-by: Stefan Benz <stefan@caos.ch>
90 lines
2.6 KiB
Go
90 lines
2.6 KiB
Go
package view
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/caos/zitadel/internal/errors"
|
|
"github.com/caos/zitadel/internal/eventstore/models"
|
|
key_model "github.com/caos/zitadel/internal/key/model"
|
|
"github.com/caos/zitadel/internal/key/repository/view"
|
|
"github.com/caos/zitadel/internal/key/repository/view/model"
|
|
"github.com/caos/zitadel/internal/view/repository"
|
|
)
|
|
|
|
const (
|
|
keyTable = "auth.keys"
|
|
)
|
|
|
|
func (v *View) KeyByIDAndType(keyID string, private bool) (*model.KeyView, error) {
|
|
return view.KeyByIDAndType(v.Db, keyTable, keyID, private)
|
|
}
|
|
|
|
func (v *View) GetActivePrivateKeyForSigning(expiry time.Time) (*key_model.KeyView, error) {
|
|
key, err := view.GetSigningKey(v.Db, keyTable, expiry)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return model.KeyViewToModel(key), nil
|
|
}
|
|
|
|
func (v *View) GetSigningKey(expiry time.Time) (*key_model.SigningKey, time.Time, error) {
|
|
key, err := view.GetSigningKey(v.Db, keyTable, expiry)
|
|
if err != nil {
|
|
return nil, time.Time{}, err
|
|
}
|
|
signingKey, err := key_model.SigningKeyFromKeyView(model.KeyViewToModel(key), v.keyAlgorithm)
|
|
return signingKey, key.Expiry, err
|
|
}
|
|
|
|
func (v *View) GetActiveKeySet() ([]*key_model.PublicKey, error) {
|
|
keys, err := view.GetActivePublicKeys(v.Db, keyTable)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return key_model.PublicKeysFromKeyView(model.KeyViewsToModel(keys), v.keyAlgorithm)
|
|
}
|
|
|
|
func (v *View) PutKeys(privateKey, publicKey *model.KeyView, event *models.Event) error {
|
|
err := view.PutKeys(v.Db, keyTable, privateKey, publicKey)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return v.ProcessedKeySequence(event)
|
|
}
|
|
|
|
func (v *View) DeleteKey(keyID string, private bool, event *models.Event) error {
|
|
err := view.DeleteKey(v.Db, keyTable, keyID, private)
|
|
if err != nil && !errors.IsNotFound(err) {
|
|
return err
|
|
}
|
|
return v.ProcessedKeySequence(event)
|
|
}
|
|
|
|
func (v *View) DeleteKeyPair(keyID string, event *models.Event) error {
|
|
err := view.DeleteKeyPair(v.Db, keyTable, keyID)
|
|
if err != nil && !errors.IsNotFound(err) {
|
|
return err
|
|
}
|
|
return v.ProcessedKeySequence(event)
|
|
}
|
|
|
|
func (v *View) GetLatestKeySequence() (*repository.CurrentSequence, error) {
|
|
return v.latestSequence(keyTable)
|
|
}
|
|
|
|
func (v *View) ProcessedKeySequence(event *models.Event) error {
|
|
return v.saveCurrentSequence(keyTable, event)
|
|
}
|
|
|
|
func (v *View) UpdateKeySpoolerRunTimestamp() error {
|
|
return v.updateSpoolerRunSequence(keyTable)
|
|
}
|
|
|
|
func (v *View) GetLatestKeyFailedEvent(sequence uint64) (*repository.FailedEvent, error) {
|
|
return v.latestFailedEvent(keyTable, sequence)
|
|
}
|
|
|
|
func (v *View) ProcessedKeyFailedEvent(failedEvent *repository.FailedEvent) error {
|
|
return v.saveFailedEvent(failedEvent)
|
|
}
|