dehub/sigcred/signifier.go
mediocregopher b01fe1524a Completely refactor naming of everything, in light of new SPEC
---
type: change
description: |-
  Completely refactor naming of everything, in light of new SPEC

  Writing the SPEC shed some light on just how weakly a lot of concepts, like
  "commit", had been defined, and prompted the delineation of a lot of things
  along specific lines (commit vs payload, repo vs project). This commit makes the
  code reflect the SPEC much better in quite a few ways:

  * Repo is now Project
  * Commit is now Payload
  * GitCommit is now just Commit
  * Hash is now Fingerprint
  * A lot of minor fields got renamed
  * All the XXXInterface types are now just XXX, and their old XXX type is now
    XXXUnion.

  More than likely there's still some comments and variable names that have
  slipped passed, but overall I feel like I got most of the changes.
fingerprint: AKkDC5BKhKbfXzZQ/F4KquHeMgVvcNxgLmkZFz/nP/tY
credentials:
- type: pgp_signature
  pub_key_id: 95C46FA6A41148AC
  body: iQIzBAABAgAdFiEEJ6tQKp6olvZKJ0lwlcRvpqQRSKwFAl6l7aYACgkQlcRvpqQRSKxFrA//VQ+f8B6pwGS3ORB4VVBnHvvJTGZvAYTvB0fHuHJx2EreR4FwjhaNakk5ClkwbO7WFMq++2OV4xIkvzwswLdbXZF0IHx3wScQM59v4vIkR4V9Lj5p1aGGhQna52uIKugF2gTqKdU4tqYzmBjDND/c2XDwCN5CwTwwnAHXUSSsHxviiPUYPWV5wzFP7uyRW0ZeK8Isv7QECKRXlsDjcSJa+g+jc091FG/jG9Dkai8fbDbW8YXj7W3ALaXgXWEBJMrgQxZcJJRjgCvLY72FIIrUBquu3FepiyzMtZ0yaIvi4NmGCsYqIv00NcMvMtD7iwhOCZn10Sku4wvaKJ8YBMRduhqC99fnr/ZDW0/HvTNcL7GKx11GjwtmzkJgwsHFPy3zX+kMdF4m3WgtoeI0GwEsBXXZE2C49yAk3Mb/3puegl3a1PPMvOabTzo7Xm6xpWkI6gISChI7My71H3EuKZWhkb+IubPmMvJJXIdVxHnsHPz2dl/BZXLgpfVdEgQa2qWeXtYI4NNm37pLl3gv92V4kka+Kr4gfdoq8mJ7aqvc9was35baJbHg4+fEVJG2Wj+2AQU+ncx3nAFzgYyMxwo9K8VuC4QdfRF4ImyxTnWkuokEn9H6JRrbkBDKIELj6vzdPmsjOUEQ4nsYX66/zSibFD7UvhQmdXFs8Gp8/Qq6g4M=
  account: mediocregopher
2020-04-26 14:23:10 -06:00

96 lines
3.0 KiB
Go

package sigcred
import (
"dehub.dev/src/dehub.git/fs"
"dehub.dev/src/dehub.git/typeobj"
)
// Signifier describes the methods that all signifiers must implement.
type Signifier interface {
// Sign returns a credential containing a signature of the given data.
//
// tree can be used to find the Signifier at a particular snapshot.
Sign(fs.FS, []byte) (CredentialUnion, error)
// Signed returns true if the Signifier was used to sign the credential.
Signed(fs.FS, CredentialUnion) (bool, error)
// Verify asserts that the Signifier produced the given credential for the
// given data set, or returns an error.
//
// tree can be used to find the Signifier at a particular snapshot.
Verify(fs.FS, []byte, CredentialUnion) error
}
// SignifierUnion represents a single signifier for an account. Only one field
// should be set on each SignifierUnion.
type SignifierUnion struct {
PGPPublicKey *SignifierPGP `type:"pgp_public_key"`
// LegacyPGPPublicKeyFile is deprecated, only PGPPublicKey should be used
LegacyPGPPublicKeyFile *SignifierPGPFile `type:"pgp_public_key_file"`
}
// MarshalYAML implements the yaml.Marshaler interface.
func (s SignifierUnion) MarshalYAML() (interface{}, error) {
return typeobj.MarshalYAML(s)
}
// UnmarshalYAML implements the yaml.Unmarshaler interface.
func (s *SignifierUnion) UnmarshalYAML(unmarshal func(interface{}) error) error {
if err := typeobj.UnmarshalYAML(s, unmarshal); err != nil {
return err
}
// TODO deprecate PGPPublicKeyFile
if s.LegacyPGPPublicKeyFile != nil {
s.PGPPublicKey = &SignifierPGP{Path: s.LegacyPGPPublicKeyFile.Path}
s.LegacyPGPPublicKeyFile = nil
}
return nil
}
// Signifier returns the Signifier instance encapsulated by this SignifierUnion.
//
// This will panic if no Signifier field is populated.
//
// accountID is given so as to automatically fill the AccountID field of
// credentials returned from Sign, since the underlying implementation doesn't
// know what account it's signing for.
func (s SignifierUnion) Signifier(accountID string) Signifier {
el, _, err := typeobj.Element(s)
if err != nil {
panic(err)
}
return accountSignifier(accountID, el.(Signifier))
}
type signifierMiddleware struct {
Signifier
signCallback func(*CredentialUnion)
}
func (sm signifierMiddleware) Sign(fs fs.FS, data []byte) (CredentialUnion, error) {
cred, err := sm.Signifier.Sign(fs, data)
if err != nil || sm.signCallback == nil {
return cred, err
}
sm.signCallback(&cred)
return cred, nil
}
// accountSignifier wraps a Signifier to always set the accountID field on
// credentials it produces via the Sign method.
//
// TODO accountSignifier shouldn't be necessary, it's very ugly. It indicates
// that CredentialUnion probably shouldn't have AccountID on it, which makes
// sense. Some refactoring is required here.
func accountSignifier(accountID string, sig Signifier) Signifier {
return signifierMiddleware{
Signifier: sig,
signCallback: func(cred *CredentialUnion) {
cred.AccountID = accountID
},
}
}