added: extended info
This commit is contained in:
parent
2a68518b56
commit
0474f20f9a
GPG Key ID:
E0420647856EA39E
35
src/api.rs
35
src/api.rs
@ -10,7 +10,7 @@ use crate::certs::{load_cert_by_id, read_certs, read_pubkey, store_cert};
|
|||||||
use crate::env_key;
|
use crate::env_key;
|
||||||
use anyhow::Context;
|
use anyhow::Context;
|
||||||
use axum::body;
|
use axum::body;
|
||||||
use axum::extract::{Path, Query, State};
|
use axum::extract::{Query, State};
|
||||||
|
|
||||||
use axum::{http::StatusCode, response::IntoResponse, Json, Router};
|
use axum::{http::StatusCode, response::IntoResponse, Json, Router};
|
||||||
use axum_extra::routing::{
|
use axum_extra::routing::{
|
||||||
@ -27,7 +27,7 @@ use ssh_key::{certificate, Certificate, PrivateKey, PublicKey};
|
|||||||
use tokio::sync::Mutex;
|
use tokio::sync::Mutex;
|
||||||
use tower::ServiceBuilder;
|
use tower::ServiceBuilder;
|
||||||
use tower_http::{trace::TraceLayer, ServiceBuilderExt};
|
use tower_http::{trace::TraceLayer, ServiceBuilderExt};
|
||||||
use tracing::{debug, trace};
|
use tracing::{debug, info, trace};
|
||||||
|
|
||||||
use self::extract::{CertificateBody, SignatureBody};
|
use self::extract::{CertificateBody, SignatureBody};
|
||||||
|
|
||||||
@ -248,16 +248,38 @@ pub struct GetCertInfo {
|
|||||||
pub identifier: String,
|
pub identifier: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[cfg(feature = "info")]
|
||||||
|
#[derive(Debug, Serialize)]
|
||||||
|
struct CertInfo {
|
||||||
|
principals: Vec<String>,
|
||||||
|
ca: PublicKey,
|
||||||
|
identity: PublicKey,
|
||||||
|
key_id: String,
|
||||||
|
expiry: SystemTime,
|
||||||
|
}
|
||||||
|
|
||||||
|
impl From<&Certificate> for CertInfo {
|
||||||
|
fn from(cert: &Certificate) -> Self {
|
||||||
|
CertInfo {
|
||||||
|
principals: cert.valid_principals().to_vec(),
|
||||||
|
ca: cert.signature_key().clone().into(),
|
||||||
|
identity: cert.public_key().clone().into(),
|
||||||
|
key_id: cert.key_id().to_string(),
|
||||||
|
expiry: cert.valid_before_time(),
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
#[cfg(feature = "info")]
|
#[cfg(feature = "info")]
|
||||||
async fn get_cert_info(
|
async fn get_cert_info(
|
||||||
GetCertInfo { identifier }: GetCertInfo,
|
GetCertInfo { identifier }: GetCertInfo,
|
||||||
State(ApiState { certs, .. }): State<ApiState>,
|
State(ApiState { certs, .. }): State<ApiState>,
|
||||||
) -> ApiResult<Json<Certificate>> {
|
) -> ApiResult<Json<CertInfo>> {
|
||||||
let certs = certs.lock().await;
|
let certs = certs.lock().await;
|
||||||
let cert = certs
|
let cert = certs
|
||||||
.get(&identifier)
|
.get(&identifier)
|
||||||
.ok_or(ApiError::CertificateNotFound)?;
|
.ok_or(ApiError::CertificateNotFound)?;
|
||||||
Ok(Json(cert.clone()))
|
Ok(Json(cert.into()))
|
||||||
}
|
}
|
||||||
|
|
||||||
#[cfg(not(feature = "info"))]
|
#[cfg(not(feature = "info"))]
|
||||||
@ -357,6 +379,9 @@ async fn put_cert_update(
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
store_cert(&cert_dir, &ca, &cert).await?;
|
store_cert(&cert_dir, &ca, &cert).await?;
|
||||||
|
let principals = cert.valid_principals();
|
||||||
|
let identity = cert.key_id();
|
||||||
|
info!(%identity, ?principals, "updating certificate");
|
||||||
certs.lock().await.insert(cert.key_id().to_string(), cert);
|
certs.lock().await.insert(cert.key_id().to_string(), cert);
|
||||||
Ok(format!("{} -> {}", prev_serial, serial))
|
Ok(format!("{} -> {}", prev_serial, serial))
|
||||||
}
|
}
|
||||||
@ -365,7 +390,7 @@ async fn put_cert_update(
|
|||||||
mod tests {
|
mod tests {
|
||||||
use std::env::temp_dir;
|
use std::env::temp_dir;
|
||||||
|
|
||||||
use ssh_key::SshSig;
|
|
||||||
|
|
||||||
use super::*;
|
use super::*;
|
||||||
|
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user