loafle/openapi-generator
3
0
Fork 0
forked from loafle/openapi-generator-original
Code Pull Requests Activity

[Go][Client] Secret key content string in http signing support (#8570)

Browse Source 
* accept private key content string

* sample update

* Add comments to new methods

* update samples with comments

* Update modules/openapi-generator/src/main/resources/go/signing.mustache

Co-authored-by: Jiri Kuncar <jiri.kuncar@gmail.com>

* Update modules/openapi-generator/src/main/resources/go/signing.mustache

Co-authored-by: Jiri Kuncar <jiri.kuncar@gmail.com>

* Update signing.mustache

* update sample comments

* Update modules/openapi-generator/src/main/resources/go/signing.mustache

Co-authored-by: Sebastien Rosset <serosset@cisco.com>

* Update modules/openapi-generator/src/main/resources/go/signing.mustache

Co-authored-by: Sebastien Rosset <serosset@cisco.com>

* update empty checks for privateKey

Co-authored-by: Vikrant Balyan <vvb@users.noreply.github.com>
Co-authored-by: Jiri Kuncar <jiri.kuncar@gmail.com>
Co-authored-by: Sebastien Rosset <serosset@cisco.com>
This commit is contained in:
Aanisha Mishra 2021-02-04 08:03:17 +05:30 committed by GitHub
parent d7bdd7f490
commit d869544ce1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 32 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
modules/openapi-generator/src/main/resources/go/signing.mustache vendored
View File

@ -116,6 +116,11 @@ type HttpSignatureAuth struct {
privateKey crypto.PrivateKey // The private key used to sign HTTP requests. privateKey crypto.PrivateKey // The private key used to sign HTTP requests.
} }
// SetPrivateKey accepts a private key string and sets it.
func (h *HttpSignatureAuth) SetPrivateKey(privateKey string) error {
return h.parsePrivateKey([]byte(privateKey))
}
// ContextWithValue validates the HttpSignatureAuth configuration parameters and returns a context // ContextWithValue validates the HttpSignatureAuth configuration parameters and returns a context
// suitable for HTTP signature. An error is returned if the HttpSignatureAuth configuration parameters // suitable for HTTP signature. An error is returned if the HttpSignatureAuth configuration parameters
// are invalid. // are invalid.
@ -123,7 +128,7 @@ func (h *HttpSignatureAuth) ContextWithValue(ctx context.Context) (context.Conte
if h.KeyId == "" { if h.KeyId == "" {
return nil, fmt.Errorf("Key ID must be specified") return nil, fmt.Errorf("Key ID must be specified")
} }
if h.PrivateKeyPath == "" { if h.PrivateKeyPath == "" && h.privateKey == nil {
return nil, fmt.Errorf("Private key path must be specified") return nil, fmt.Errorf("Private key path must be specified")
} }
if _, ok := supportedSigningSchemes[h.SigningScheme]; !ok { if _, ok := supportedSigningSchemes[h.SigningScheme]; !ok {
@ -168,7 +173,11 @@ func (h *HttpSignatureAuth) GetPublicKey() (crypto.PublicKey, error) {
} }
// loadPrivateKey reads the private key from the file specified in the HttpSignatureAuth. // loadPrivateKey reads the private key from the file specified in the HttpSignatureAuth.
// The key is loaded only when privateKey is not already set.
func (h *HttpSignatureAuth) loadPrivateKey() (err error) { func (h *HttpSignatureAuth) loadPrivateKey() (err error) {
if h.privateKey != nil {
return nil
}
var file *os.File var file *os.File
file, err = os.Open(h.PrivateKeyPath) file, err = os.Open(h.PrivateKeyPath)
if err != nil { if err != nil {
@ -182,12 +191,18 @@ func (h *HttpSignatureAuth) loadPrivateKey() (err error) {
if err != nil { if err != nil {
return err return err
} }
return h.parsePrivateKey(priv)
}
// parsePrivateKey decodes privateKey byte array to crypto.PrivateKey type.
func (h *HttpSignatureAuth) parsePrivateKey(priv []byte) error {
pemBlock, _ := pem.Decode(priv) pemBlock, _ := pem.Decode(priv)
if pemBlock == nil { if pemBlock == nil {
// No PEM data has been found. // No PEM data has been found.
return fmt.Errorf("File '%s' does not contain PEM data", h.PrivateKeyPath) return fmt.Errorf("File '%s' does not contain PEM data", h.PrivateKeyPath)
} }
var privKey []byte var privKey []byte
var err error
if x509.IsEncryptedPEMBlock(pemBlock) { if x509.IsEncryptedPEMBlock(pemBlock) {
// The PEM data is encrypted. // The PEM data is encrypted.
privKey, err = x509.DecryptPEMBlock(pemBlock, []byte(h.Passphrase)) privKey, err = x509.DecryptPEMBlock(pemBlock, []byte(h.Passphrase))

17
samples/openapi3/client/petstore/go/go-petstore/signing.go
View File

@ -125,6 +125,11 @@ type HttpSignatureAuth struct {
privateKey crypto.PrivateKey // The private key used to sign HTTP requests. privateKey crypto.PrivateKey // The private key used to sign HTTP requests.
} }
// SetPrivateKey accepts a private key string and sets it.
func (h *HttpSignatureAuth) SetPrivateKey(privateKey string) error {
return h.parsePrivateKey([]byte(privateKey))
}
// ContextWithValue validates the HttpSignatureAuth configuration parameters and returns a context // ContextWithValue validates the HttpSignatureAuth configuration parameters and returns a context
// suitable for HTTP signature. An error is returned if the HttpSignatureAuth configuration parameters // suitable for HTTP signature. An error is returned if the HttpSignatureAuth configuration parameters
// are invalid. // are invalid.
@ -132,7 +137,7 @@ func (h *HttpSignatureAuth) ContextWithValue(ctx context.Context) (context.Conte
if h.KeyId == "" { if h.KeyId == "" {
return nil, fmt.Errorf("Key ID must be specified") return nil, fmt.Errorf("Key ID must be specified")
} }
if h.PrivateKeyPath == "" { if h.PrivateKeyPath == "" && h.privateKey == nil {
return nil, fmt.Errorf("Private key path must be specified") return nil, fmt.Errorf("Private key path must be specified")
} }
if _, ok := supportedSigningSchemes[h.SigningScheme]; !ok { if _, ok := supportedSigningSchemes[h.SigningScheme]; !ok {
@ -177,7 +182,11 @@ func (h *HttpSignatureAuth) GetPublicKey() (crypto.PublicKey, error) {
} }
// loadPrivateKey reads the private key from the file specified in the HttpSignatureAuth. // loadPrivateKey reads the private key from the file specified in the HttpSignatureAuth.
// The key is loaded only when privateKey is not already set.
func (h *HttpSignatureAuth) loadPrivateKey() (err error) { func (h *HttpSignatureAuth) loadPrivateKey() (err error) {
if h.privateKey != nil {
return nil
}
var file *os.File var file *os.File
file, err = os.Open(h.PrivateKeyPath) file, err = os.Open(h.PrivateKeyPath)
if err != nil { if err != nil {
@ -191,12 +200,18 @@ func (h *HttpSignatureAuth) loadPrivateKey() (err error) {
if err != nil { if err != nil {
return err return err
} }
return h.parsePrivateKey(priv)
}
// parsePrivateKey decodes privateKey byte array to crypto.PrivateKey type.
func (h *HttpSignatureAuth) parsePrivateKey(priv []byte) error {
pemBlock, _ := pem.Decode(priv) pemBlock, _ := pem.Decode(priv)
if pemBlock == nil { if pemBlock == nil {
// No PEM data has been found. // No PEM data has been found.
return fmt.Errorf("File '%s' does not contain PEM data", h.PrivateKeyPath) return fmt.Errorf("File '%s' does not contain PEM data", h.PrivateKeyPath)
} }
var privKey []byte var privKey []byte
var err error
if x509.IsEncryptedPEMBlock(pemBlock) { if x509.IsEncryptedPEMBlock(pemBlock) {
// The PEM data is encrypted. // The PEM data is encrypted.
privKey, err = x509.DecryptPEMBlock(pemBlock, []byte(h.Passphrase)) privKey, err = x509.DecryptPEMBlock(pemBlock, []byte(h.Passphrase))