aux/keyserver
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Remove primaryEmail parameter from public-key service.

Browse Source
This commit is contained in:
Tankred Hase 2017-08-23 18:08:18 +08:00
parent aa850377d5
commit 1e2c85621b
2 changed files with 24 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/service/public-key.js
View File

@ -62,11 +62,10 @@ class PublicKey {
/** /**
* Persist a new public key * Persist a new public key
* @param {String} publicKeyArmored The ascii armored pgp key block * @param {String} publicKeyArmored The ascii armored pgp key block
* @param {String} primaryEmail (optional) The key's primary email address
* @param {Object} origin Required for links to the keyserver e.g. { protocol:'https', host:'openpgpkeys@example.com' } * @param {Object} origin Required for links to the keyserver e.g. { protocol:'https', host:'openpgpkeys@example.com' }
* @yield {undefined} * @yield {undefined}
*/ */
async put({publicKeyArmored, primaryEmail, origin}) { async put({publicKeyArmored, origin}) {
// lazily purge old/unverified keys on every key upload // lazily purge old/unverified keys on every key upload
await this._purgeOldUnverified(); await this._purgeOldUnverified();
// parse key block // parse key block
@ -79,7 +78,7 @@ class PublicKey {
// store key in database // store key in database
await this._persisKey(key); await this._persisKey(key);
// send mails to verify user ids (send only one if primary email is provided) // send mails to verify user ids (send only one if primary email is provided)
await this._sendVerifyEmail(key, primaryEmail, origin); await this._sendVerifyEmail(key, origin);
} }
/** /**
@ -121,17 +120,10 @@ class PublicKey {
* Send verification emails to the public keys user ids for verification. * Send verification emails to the public keys user ids for verification.
* If a primary email address is provided only one email will be sent. * If a primary email address is provided only one email will be sent.
* @param {Array} userIds user id documents containg the verification nonces * @param {Array} userIds user id documents containg the verification nonces
* @param {string} primaryEmail the public key's primary email address
* @param {Object} origin the server's origin (required for email links) * @param {Object} origin the server's origin (required for email links)
* @yield {undefined} * @yield {undefined}
*/ */
async _sendVerifyEmail({userIds, keyId, publicKeyArmored}, primaryEmail, origin) { async _sendVerifyEmail({userIds, keyId, publicKeyArmored}, origin) {
// check for primary email (send only one email)
const primaryUserId = userIds.find(uid => uid.email === primaryEmail);
if (primaryUserId) {
userIds = [primaryUserId];
}
// send emails
for (const userId of userIds) { for (const userId of userIds) {
userId.publicKeyArmored = publicKeyArmored; // set key for encryption userId.publicKeyArmored = publicKeyArmored; // set key for encryption
await this._email.send({template: tpl.verifyKey, userId, keyId, origin}); await this._email.send({template: tpl.verifyKey, userId, keyId, origin});

49
test/integration/public-key-test.js
View File

@ -73,30 +73,23 @@ describe('Public Key Integration Tests', function() {
}); });
describe('put', () => { describe('put', () => {
it('should persist key and send verification email with primaryEmail', async () => { it('should persist key and send verification email', async () => {
await publicKey.put({publicKeyArmored, primaryEmail, origin});
expect(mailsSent.length).to.equal(1);
expect(mailsSent[0].to).to.equal(primaryEmail);
expect(mailsSent[0].params.keyId).to.exist;
expect(mailsSent[0].params.nonce).to.exist;
});
it('should persist key and send verification email without primaryEmail', async () => {
await publicKey.put({publicKeyArmored, origin}); await publicKey.put({publicKeyArmored, origin});
expect(mailsSent.length).to.equal(4); expect(mailsSent.length).to.equal(4);
}); });
it('should work twice if not yet verified', async () => { it('should work twice if not yet verified', async () => {
await publicKey.put({publicKeyArmored, primaryEmail, origin}); await publicKey.put({publicKeyArmored, origin});
expect(mailsSent.length).to.equal(1); expect(mailsSent.length).to.equal(4);
await publicKey.put({publicKeyArmored, primaryEmail, origin}); await publicKey.put({publicKeyArmored, origin});
expect(mailsSent.length).to.equal(2); expect(mailsSent.length).to.equal(8);
}); });
it('should throw 304 if key already exists', async () => { it('should throw 304 if key already exists', async () => {
await publicKey.put({publicKeyArmored, primaryEmail, origin}); await publicKey.put({publicKeyArmored, origin});
await publicKey.verify(mailsSent[0].params); await publicKey.verify(mailsSent[0].params);
try { try {
await publicKey.put({publicKeyArmored, primaryEmail, origin}); await publicKey.put({publicKeyArmored, origin});
expect(false).to.be.true; expect(false).to.be.true;
} catch (e) { } catch (e) {
expect(e.status).to.equal(304); expect(e.status).to.equal(304);
@ -147,7 +140,7 @@ describe('Public Key Integration Tests', function() {
describe('verify', () => { describe('verify', () => {
it('should update the document', async () => { it('should update the document', async () => {
await publicKey.put({publicKeyArmored, primaryEmail, origin}); await publicKey.put({publicKeyArmored, origin});
const emailParams = mailsSent[0].params; const emailParams = mailsSent[0].params;
await publicKey.verify(emailParams); await publicKey.verify(emailParams);
const gotten = await mongo.get({keyId: emailParams.keyId}, DB_TYPE); const gotten = await mongo.get({keyId: emailParams.keyId}, DB_TYPE);
@ -158,7 +151,7 @@ describe('Public Key Integration Tests', function() {
}); });
it('should not find the document', async () => { it('should not find the document', async () => {
await publicKey.put({publicKeyArmored, primaryEmail, origin}); await publicKey.put({publicKeyArmored, origin});
const emailParams = mailsSent[0].params; const emailParams = mailsSent[0].params;
try { try {
await publicKey.verify({keyId: emailParams.keyId, nonce: 'fake_nonce'}); await publicKey.verify({keyId: emailParams.keyId, nonce: 'fake_nonce'});
@ -174,10 +167,10 @@ describe('Public Key Integration Tests', function() {
}); });
it('should not verify a second key for already verified user id of another key', async () => { it('should not verify a second key for already verified user id of another key', async () => {
await publicKey.put({publicKeyArmored, primaryEmail: primaryEmail2, origin}); await publicKey.put({publicKeyArmored, origin});
expect(mailsSent.length).to.equal(1); expect(mailsSent.length).to.equal(4);
await publicKey.put({publicKeyArmored: publicKeyArmored2, primaryEmail: primaryEmail2, origin}); await publicKey.put({publicKeyArmored: publicKeyArmored2, origin});
expect(mailsSent.length).to.equal(2); expect(mailsSent.length).to.equal(5);
await publicKey.verify(mailsSent[1].params); await publicKey.verify(mailsSent[1].params);
try { try {
@ -213,7 +206,7 @@ describe('Public Key Integration Tests', function() {
describe('should find a verified key', () => { describe('should find a verified key', () => {
beforeEach(async () => { beforeEach(async () => {
key = pgp.parseKey(publicKeyArmored); key = pgp.parseKey(publicKeyArmored);
await publicKey.put({publicKeyArmored, primaryEmail, origin}); await publicKey.put({publicKeyArmored, origin});
await publicKey.verify(mailsSent[0].params); await publicKey.verify(mailsSent[0].params);
}); });
@ -281,7 +274,7 @@ describe('Public Key Integration Tests', function() {
let emailParams; let emailParams;
beforeEach(async () => { beforeEach(async () => {
await publicKey.put({publicKeyArmored, primaryEmail, origin}); await publicKey.put({publicKeyArmored, origin});
emailParams = mailsSent[0].params; emailParams = mailsSent[0].params;
}); });
@ -337,24 +330,24 @@ describe('Public Key Integration Tests', function() {
let keyId; let keyId;
beforeEach(async () => { beforeEach(async () => {
await publicKey.put({publicKeyArmored, primaryEmail, origin}); await publicKey.put({publicKeyArmored, origin});
keyId = mailsSent[0].params.keyId; keyId = mailsSent[0].params.keyId;
}); });
it('should work for verified key', async () => { it('should work for verified key', async () => {
await publicKey.verify(mailsSent[0].params); await publicKey.verify(mailsSent[0].params);
await publicKey.requestRemove({keyId, origin}); await publicKey.requestRemove({keyId, origin});
expect(mailsSent.length).to.equal(5); expect(mailsSent.length).to.equal(8);
}); });
it('should work for unverified key', async () => { it('should work for unverified key', async () => {
await publicKey.requestRemove({keyId, origin}); await publicKey.requestRemove({keyId, origin});
expect(mailsSent.length).to.equal(5); expect(mailsSent.length).to.equal(8);
}); });
it('should work by email address', async () => { it('should work by email address', async () => {
await publicKey.requestRemove({email: primaryEmail, origin}); await publicKey.requestRemove({email: primaryEmail, origin});
expect(mailsSent.length).to.equal(2); expect(mailsSent.length).to.equal(5);
}); });
it('should throw 404 for no key', async () => { it('should throw 404 for no key', async () => {
@ -372,13 +365,13 @@ describe('Public Key Integration Tests', function() {
let keyId; let keyId;
beforeEach(async () => { beforeEach(async () => {
await publicKey.put({publicKeyArmored, primaryEmail, origin}); await publicKey.put({publicKeyArmored, origin});
keyId = mailsSent[0].params.keyId; keyId = mailsSent[0].params.keyId;
await publicKey.requestRemove({keyId, origin}); await publicKey.requestRemove({keyId, origin});
}); });
it('should remove key', async () => { it('should remove key', async () => {
await publicKey.verifyRemove(mailsSent[1].params); await publicKey.verifyRemove(mailsSent[4].params);
const key = await mongo.get({keyId}, DB_TYPE); const key = await mongo.get({keyId}, DB_TYPE);
expect(key).to.not.exist; expect(key).to.not.exist;
}); });