simonvareille/keyserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor and test app.js and routes

Browse Source
This commit is contained in:
Tankred Hase
2016-06-09 18:08:15 +02:00
parent fe03ae213a
commit 65dbd81333
6 changed files with 125 additions and 71 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
src/app.js
View File

@@ -22,52 +22,56 @@ const app = require('koa')();
const log = require('npmlog');
const config = require('config');
const router = require('koa-router')();
const openpgp = require('openpgp');
const nodemailer = require('nodemailer');
const openpgpEncrypt = require('nodemailer-openpgp').openpgpEncrypt;
const Mongo = require('./dao/mongo');
const Email = require('./email/email');
const UserId = require('./service/user-id');
const PGP = require('./service/pgp');
const PublicKey = require('./service/public-key');
const HKP = require('./route/hkp');
const REST = require('./route/rest');
const home = require('./route/home');
let mongo, email, userId, publicKey, hkp, rest;
let mongo, email, pgp, publicKey, hkp, rest;
//
// Configure koa HTTP server
//
// HKP routes
router.post('/pks/add', function *() { // no query params
router.post('/pks/add', function *() {
yield hkp.add(this);
});
router.get('/pks/lookup', function *() { // ?op=get&search=0x1234567890123456
router.get('/pks/lookup', function *() {
yield hkp.lookup(this);
});
// REST api routes
router.post('/api/v1/key', function *() { // { publicKeyArmored, primaryEmail } hint the primary email address
router.post('/api/v1/key', function *() {
yield rest.create(this);
});
router.get('/api/v1/key', function *() { // ?keyid=keyid OR ?email=email
router.get('/api/v1/key', function *() {
yield rest.read(this);
});
router.del('/api/v1/key', function *() { // ?keyid=keyid OR ?email=email
router.del('/api/v1/key', function *() {
yield rest.remove(this);
});
// links for verification and sharing
router.get('/api/v1/verify', function *() { // ?keyid=keyid&nonce=nonce
// links for verification, removal and sharing
router.get('/api/v1/verify', function *() {
yield rest.verify(this);
});
router.get('/api/v1/verifyRemove', function *() { // ?keyid=keyid&nonce=nonce
router.get('/api/v1/removeKey', function *() {
yield rest.remove(this);
});
router.get('/api/v1/verifyRemove', function *() {
yield rest.verifyRemove(this);
});
router.get('/user/:email', function *() { // shorthand link for sharing
router.get('/user/:email', function *() {
yield rest.share(this);
});
// display homepage
router.get('/', home);
// Set HTTP response headers
app.use(function *(next) {
this.set('Strict-Transport-Security', 'max-age=16070400');
@@ -75,7 +79,6 @@ app.use(function *(next) {
this.set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
this.set('Access-Control-Allow-Headers', 'Content-Type');
this.set('Cache-Control', 'no-cache');
this.set('Pragma', 'no-cache');
this.set('Connection', 'keep-alive');
yield next;
});
@@ -105,13 +108,12 @@ app.on('error', (error, ctx) => {
//
function injectDependencies() {
mongo = new Mongo(config.mongo);
email = new Email(nodemailer, openpgpEncrypt);
email.init(config.email);
userId = new UserId(mongo);
publicKey = new PublicKey(openpgp, mongo, email, userId);
mongo = new Mongo();
email = new Email();
pgp = new PGP();
publicKey = new PublicKey(pgp, mongo, email);
hkp = new HKP(publicKey);
rest = new REST(publicKey, userId);
rest = new REST(publicKey);
}
//
@@ -129,8 +131,9 @@ if (!global.testing) { // don't automatically start server in tests
function *init() {
log.level = config.log.level; // set log level depending on process.env.NODE_ENV
injectDependencies();
email.init(config.email);
log.info('app', 'Connecting to MongoDB ...');
yield mongo.connect();
yield mongo.init(config.mongo);
return app;
}

23
src/route/hkp.js
View File

@@ -41,7 +41,7 @@ class HKP {
*add(ctx) {
let body = yield parse.form(ctx, { limit: '1mb' });
let publicKeyArmored = body.keytext;
if (!util.validatePublicKey(publicKeyArmored)) {
if (!publicKeyArmored) {
ctx.throw(400, 'Invalid request!');
}
let origin = util.getOrigin(ctx);
@@ -72,14 +72,16 @@ class HKP {
mr: ctx.query.options === 'mr' // machine readable
};
if (this.checkId(ctx.query.search)) {
params.keyid = ctx.query.search.replace(/^0x/, '');
} else if(util.validateAddress(ctx.query.search)) {
let id = ctx.query.search.replace(/^0x/, '');
params.keyId = util.isKeyId(id) ? id : undefined;
params.fingerprint = util.isFingerPrint(id) ? id : undefined;
} else if (util.isEmail(ctx.query.search)) {
params.email = ctx.query.search;
}
if (['get','index','vindex'].indexOf(params.op) === -1) {
ctx.throw(501, 'Not implemented!');
} else if (!params.keyid && !params.email) {
} else if (!params.keyId && !params.fingerprint && !params.email) {
ctx.throw(501, 'Not implemented!');
}
@@ -89,14 +91,14 @@ class HKP {
/**
* Checks for a valid key id in the query string. A key must be prepended
* with '0x' and can be between 16 and 40 hex characters long.
* @param {String} keyid The key id
* @return {Boolean} If the key id is valid
* @param {String} id The key id
* @return {Boolean} If the key id is valid
*/
checkId(keyid) {
if (!util.isString(keyid)) {
checkId(id) {
if (!util.isString(id)) {
return false;
}
return /^0x[a-fA-F0-9]{16,40}$/.test(keyid);
return /^0x[a-fA-F0-9]{16,40}$/.test(id);
}
/**
@@ -123,11 +125,12 @@ class HKP {
ctx.body = key.publicKeyArmored;
} else if (['index','vindex'].indexOf(params.op) !== -1) {
const VERSION = 1, COUNT = 1; // number of keys
let fp = key.fingerprint.toUpperCase();
let algo = (key.algorithm.indexOf('rsa') !== -1) ? 1 : '';
let created = key.created ? (key.created.getTime() / 1000) : '';
ctx.body = 'info:' + VERSION + ':' + COUNT + '\n' +
'pub:' + key.fingerprint + ':' + algo + ':' + key.keylen + ':' + created + '::\n';
'pub:' + fp + ':' + algo + ':' + key.keySize + ':' + created + '::\n';
for (let uid of key.userIds) {
ctx.body += 'uid:' + encodeURIComponent(uid.name + ' <' + uid.email + '>') + ':::\n';

23
src/route/home.js Normal file
View File

@@ -0,0 +1,23 @@
'use strict';
module.exports = function () {
let hkp = (this.secure ? 'hkps://' : 'hkp://') + this.host;
let del = this.origin + '/api/v1/removeKey?email=user@example.com';
this.body =
`
<h1>Welcome to the OpenPGP key server</h1>
<p>This server verifies email address as well as private key ownership by sending an encrypted verification email.</p>
<h2>Try it out</h2>
<ol>
<li>Configure this key server in your HKP compatible OpenPGP client using this url: <a href="${hkp}" target="_blank">${hkp}</a></li>
<li>Now just upload a public key like you always do.</li>
<li>Check your inbox and click on the verification link inside the encrypted message.</li>
<li>You can delete all your data from the server at any time using this link: <a href="${del}" target="_blank">${del}</a></li>
</ol>
<h2>Documentation and code</h2>
<p>Please refer to <a href="https://github.com/mailvelope/keyserver" target="_blank">the documentation</a> to learn more about the api.</p>
<p>License AGPL v3.0</p>
`;
this.set('Content-Type', 'text/html; charset=utf-8');
};

26
src/route/rest.js
View File

@@ -30,9 +30,8 @@ class REST {
* @param {Object} publicKey An instance of the public key service
* @param {Object} userId An instance of the user id service
*/
constructor(publicKey, userId) {
constructor(publicKey) {
this._publicKey = publicKey;
this._userId = userId;
}
/**
@@ -42,8 +41,7 @@ class REST {
*create(ctx) {
let q = yield parse.json(ctx, { limit: '1mb' });
let publicKeyArmored = q.publicKeyArmored, primaryEmail = q.primaryEmail;
if (!util.validatePublicKey(publicKeyArmored) ||
(primaryEmail && !util.validateAddress(primaryEmail))) {
if (!publicKeyArmored || (primaryEmail && !util.isEmail(primaryEmail))) {
ctx.throw(400, 'Invalid request!');
}
let origin = util.getOrigin(ctx);
@@ -56,11 +54,11 @@ class REST {
* @param {Object} ctx The koa request/response context
*/
*verify(ctx) {
let q = { keyid:ctx.query.keyid, nonce:ctx.query.nonce };
if (!util.validateKeyId(q.keyid) || !util.isString(q.nonce)) {
let q = { keyId:ctx.query.keyId, nonce:ctx.query.nonce };
if (!util.isKeyId(q.keyId) || !util.isString(q.nonce)) {
ctx.throw(400, 'Invalid request!');
}
yield this._userId.verify(q);
yield this._publicKey.verify(q);
ctx.body = 'Key successfully verified!';
}
@@ -69,8 +67,8 @@ class REST {
* @param {Object} ctx The koa request/response context
*/
*read(ctx) {
let q = { keyid:ctx.query.keyid, email:ctx.query.email };
if (!util.validateKeyId(q.keyid) && !util.validateAddress(q.email)) {
let q = { keyId:ctx.query.keyId, fingerprint:ctx.query.fingerprint, email:ctx.query.email };
if (!util.isKeyId(q.keyId) && !util.isFingerPrint(q.fingerprint) && !util.isEmail(q.email)) {
ctx.throw(400, 'Invalid request!');
}
ctx.body = yield this._publicKey.get(q);
@@ -82,7 +80,7 @@ class REST {
*/
*share(ctx) {
let q = { email:ctx.params.email };
if (!util.validateAddress(q.email)) {
if (!util.isEmail(q.email)) {
ctx.throw(400, 'Invalid request!');
}
ctx.body = (yield this._publicKey.get(q)).publicKeyArmored;
@@ -93,8 +91,8 @@ class REST {
* @param {Object} ctx The koa request/response context
*/
*remove(ctx) {
let q = { keyid:ctx.query.keyid, email:ctx.query.email, origin:util.getOrigin(ctx) };
if (!util.validateKeyId(q.keyid) && !util.validateAddress(q.email)) {
let q = { keyId:ctx.query.keyId, email:ctx.query.email, origin:util.getOrigin(ctx) };
if (!util.isKeyId(q.keyId) && !util.isEmail(q.email)) {
ctx.throw(400, 'Invalid request!');
}
yield this._publicKey.requestRemove(q);
@@ -106,8 +104,8 @@ class REST {
* @param {Object} ctx The koa request/response context
*/
*verifyRemove(ctx) {
let q = { keyid:ctx.query.keyid, nonce:ctx.query.nonce };
if (!util.validateKeyId(q.keyid) || !util.isString(q.nonce)) {
let q = { keyId:ctx.query.keyId, nonce:ctx.query.nonce };
if (!util.isKeyId(q.keyId) || !util.isString(q.nonce)) {
ctx.throw(400, 'Invalid request!');
}
yield this._publicKey.verifyRemove(q);