zitadel/internal/command/key_pair.go
Silvan 35fb2403d6
fix(auth): read privacy policy from eventstore if not found (#2125)
* fix(auth): read privacy policy from eventstore if not found

* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2021-08-09 08:55:48 +02:00

46 lines
1.2 KiB
Go

package command
import (
"context"
"time"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/internal/crypto"
"github.com/caos/zitadel/internal/domain"
keypair "github.com/caos/zitadel/internal/repository/keypair"
)
const (
oidcUser = "OIDC"
)
func (c *Commands) GenerateSigningKeyPair(ctx context.Context, algorithm string) error {
ctx = setOIDCCtx(ctx)
privateCrypto, publicCrypto, err := crypto.GenerateEncryptedKeyPair(c.keySize, c.keyAlgorithm)
if err != nil {
return err
}
keyID, err := c.idGenerator.Next()
if err != nil {
return err
}
privateKeyExp := time.Now().UTC().Add(c.privateKeyLifetime)
publicKeyExp := time.Now().UTC().Add(c.publicKeyLifetime)
keyPairWriteModel := NewKeyPairWriteModel(keyID, domain.IAMID)
keyAgg := KeyPairAggregateFromWriteModel(&keyPairWriteModel.WriteModel)
_, err = c.eventstore.PushEvents(ctx, keypair.NewAddedEvent(
ctx,
keyAgg,
domain.KeyUsageSigning,
algorithm,
privateCrypto, publicCrypto,
privateKeyExp, publicKeyExp))
return err
}
func setOIDCCtx(ctx context.Context) context.Context {
return authz.SetCtxData(ctx, authz.CtxData{UserID: oidcUser, OrgID: domain.IAMID})
}