Refactor and test app.js and routes
This commit is contained in:
Tankred Hase
@@ -41,7 +41,7 @@ class HKP {
|
||||
*add(ctx) {
|
||||
let body = yield parse.form(ctx, { limit: '1mb' });
|
||||
let publicKeyArmored = body.keytext;
|
||||
if (!util.validatePublicKey(publicKeyArmored)) {
|
||||
if (!publicKeyArmored) {
|
||||
ctx.throw(400, 'Invalid request!');
|
||||
}
|
||||
let origin = util.getOrigin(ctx);
|
||||
@@ -72,14 +72,16 @@ class HKP {
|
||||
mr: ctx.query.options === 'mr' // machine readable
|
||||
};
|
||||
if (this.checkId(ctx.query.search)) {
|
||||
params.keyid = ctx.query.search.replace(/^0x/, '');
|
||||
} else if(util.validateAddress(ctx.query.search)) {
|
||||
let id = ctx.query.search.replace(/^0x/, '');
|
||||
params.keyId = util.isKeyId(id) ? id : undefined;
|
||||
params.fingerprint = util.isFingerPrint(id) ? id : undefined;
|
||||
} else if (util.isEmail(ctx.query.search)) {
|
||||
params.email = ctx.query.search;
|
||||
}
|
||||
|
||||
if (['get','index','vindex'].indexOf(params.op) === -1) {
|
||||
ctx.throw(501, 'Not implemented!');
|
||||
} else if (!params.keyid && !params.email) {
|
||||
} else if (!params.keyId && !params.fingerprint && !params.email) {
|
||||
ctx.throw(501, 'Not implemented!');
|
||||
}
|
||||
|
||||
@@ -89,14 +91,14 @@ class HKP {
|
||||
/**
|
||||
* Checks for a valid key id in the query string. A key must be prepended
|
||||
* with '0x' and can be between 16 and 40 hex characters long.
|
||||
* @param {String} keyid The key id
|
||||
* @return {Boolean} If the key id is valid
|
||||
* @param {String} id The key id
|
||||
* @return {Boolean} If the key id is valid
|
||||
*/
|
||||
checkId(keyid) {
|
||||
if (!util.isString(keyid)) {
|
||||
checkId(id) {
|
||||
if (!util.isString(id)) {
|
||||
return false;
|
||||
}
|
||||
return /^0x[a-fA-F0-9]{16,40}$/.test(keyid);
|
||||
return /^0x[a-fA-F0-9]{16,40}$/.test(id);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -123,11 +125,12 @@ class HKP {
|
||||
ctx.body = key.publicKeyArmored;
|
||||
} else if (['index','vindex'].indexOf(params.op) !== -1) {
|
||||
const VERSION = 1, COUNT = 1; // number of keys
|
||||
let fp = key.fingerprint.toUpperCase();
|
||||
let algo = (key.algorithm.indexOf('rsa') !== -1) ? 1 : '';
|
||||
let created = key.created ? (key.created.getTime() / 1000) : '';
|
||||
|
||||
ctx.body = 'info:' + VERSION + ':' + COUNT + '\n' +
|
||||
'pub:' + key.fingerprint + ':' + algo + ':' + key.keylen + ':' + created + '::\n';
|
||||
'pub:' + fp + ':' + algo + ':' + key.keySize + ':' + created + '::\n';
|
||||
|
||||
for (let uid of key.userIds) {
|
||||
ctx.body += 'uid:' + encodeURIComponent(uid.name + ' <' + uid.email + '>') + ':::\n';
|
||||
|
||||
23
src/route/home.js
Normal file
23
src/route/home.js
Normal file
@@ -0,0 +1,23 @@
|
||||
'use strict';
|
||||
|
||||
module.exports = function () {
|
||||
let hkp = (this.secure ? 'hkps://' : 'hkp://') + this.host;
|
||||
let del = this.origin + '/api/v1/removeKey?email=user@example.com';
|
||||
this.body =
|
||||
`
|
||||
<h1>Welcome to the OpenPGP key server</h1>
|
||||
<p>This server verifies email address as well as private key ownership by sending an encrypted verification email.</p>
|
||||
<h2>Try it out</h2>
|
||||
<ol>
|
||||
<li>Configure this key server in your HKP compatible OpenPGP client using this url: <a href="${hkp}" target="_blank">${hkp}</a></li>
|
||||
<li>Now just upload a public key like you always do.</li>
|
||||
<li>Check your inbox and click on the verification link inside the encrypted message.</li>
|
||||
<li>You can delete all your data from the server at any time using this link: <a href="${del}" target="_blank">${del}</a></li>
|
||||
</ol>
|
||||
<h2>Documentation and code</h2>
|
||||
<p>Please refer to <a href="https://github.com/mailvelope/keyserver" target="_blank">the documentation</a> to learn more about the api.</p>
|
||||
<p>License AGPL v3.0</p>
|
||||
`;
|
||||
|
||||
this.set('Content-Type', 'text/html; charset=utf-8');
|
||||
};
|
||||
@@ -30,9 +30,8 @@ class REST {
|
||||
* @param {Object} publicKey An instance of the public key service
|
||||
* @param {Object} userId An instance of the user id service
|
||||
*/
|
||||
constructor(publicKey, userId) {
|
||||
constructor(publicKey) {
|
||||
this._publicKey = publicKey;
|
||||
this._userId = userId;
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -42,8 +41,7 @@ class REST {
|
||||
*create(ctx) {
|
||||
let q = yield parse.json(ctx, { limit: '1mb' });
|
||||
let publicKeyArmored = q.publicKeyArmored, primaryEmail = q.primaryEmail;
|
||||
if (!util.validatePublicKey(publicKeyArmored) ||
|
||||
(primaryEmail && !util.validateAddress(primaryEmail))) {
|
||||
if (!publicKeyArmored || (primaryEmail && !util.isEmail(primaryEmail))) {
|
||||
ctx.throw(400, 'Invalid request!');
|
||||
}
|
||||
let origin = util.getOrigin(ctx);
|
||||
@@ -56,11 +54,11 @@ class REST {
|
||||
* @param {Object} ctx The koa request/response context
|
||||
*/
|
||||
*verify(ctx) {
|
||||
let q = { keyid:ctx.query.keyid, nonce:ctx.query.nonce };
|
||||
if (!util.validateKeyId(q.keyid) || !util.isString(q.nonce)) {
|
||||
let q = { keyId:ctx.query.keyId, nonce:ctx.query.nonce };
|
||||
if (!util.isKeyId(q.keyId) || !util.isString(q.nonce)) {
|
||||
ctx.throw(400, 'Invalid request!');
|
||||
}
|
||||
yield this._userId.verify(q);
|
||||
yield this._publicKey.verify(q);
|
||||
ctx.body = 'Key successfully verified!';
|
||||
}
|
||||
|
||||
@@ -69,8 +67,8 @@ class REST {
|
||||
* @param {Object} ctx The koa request/response context
|
||||
*/
|
||||
*read(ctx) {
|
||||
let q = { keyid:ctx.query.keyid, email:ctx.query.email };
|
||||
if (!util.validateKeyId(q.keyid) && !util.validateAddress(q.email)) {
|
||||
let q = { keyId:ctx.query.keyId, fingerprint:ctx.query.fingerprint, email:ctx.query.email };
|
||||
if (!util.isKeyId(q.keyId) && !util.isFingerPrint(q.fingerprint) && !util.isEmail(q.email)) {
|
||||
ctx.throw(400, 'Invalid request!');
|
||||
}
|
||||
ctx.body = yield this._publicKey.get(q);
|
||||
@@ -82,7 +80,7 @@ class REST {
|
||||
*/
|
||||
*share(ctx) {
|
||||
let q = { email:ctx.params.email };
|
||||
if (!util.validateAddress(q.email)) {
|
||||
if (!util.isEmail(q.email)) {
|
||||
ctx.throw(400, 'Invalid request!');
|
||||
}
|
||||
ctx.body = (yield this._publicKey.get(q)).publicKeyArmored;
|
||||
@@ -93,8 +91,8 @@ class REST {
|
||||
* @param {Object} ctx The koa request/response context
|
||||
*/
|
||||
*remove(ctx) {
|
||||
let q = { keyid:ctx.query.keyid, email:ctx.query.email, origin:util.getOrigin(ctx) };
|
||||
if (!util.validateKeyId(q.keyid) && !util.validateAddress(q.email)) {
|
||||
let q = { keyId:ctx.query.keyId, email:ctx.query.email, origin:util.getOrigin(ctx) };
|
||||
if (!util.isKeyId(q.keyId) && !util.isEmail(q.email)) {
|
||||
ctx.throw(400, 'Invalid request!');
|
||||
}
|
||||
yield this._publicKey.requestRemove(q);
|
||||
@@ -106,8 +104,8 @@ class REST {
|
||||
* @param {Object} ctx The koa request/response context
|
||||
*/
|
||||
*verifyRemove(ctx) {
|
||||
let q = { keyid:ctx.query.keyid, nonce:ctx.query.nonce };
|
||||
if (!util.validateKeyId(q.keyid) || !util.isString(q.nonce)) {
|
||||
let q = { keyId:ctx.query.keyId, nonce:ctx.query.nonce };
|
||||
if (!util.isKeyId(q.keyId) || !util.isString(q.nonce)) {
|
||||
ctx.throw(400, 'Invalid request!');
|
||||
}
|
||||
yield this._publicKey.verifyRemove(q);
|
||||
|
||||
Reference in New Issue
Block a user