Example 6 with PublicKeyStore
use of com.google.gerrit.gpg.PublicKeyStore in project gerrit by GerritCodeReview.
the class DeleteGpgKey method apply.
@Override
public Response<?> apply(GpgKey rsrc, Input input) throws RestApiException, PGPException, IOException, ConfigInvalidException {
PGPPublicKey key = rsrc.getKeyRing().getPublicKey();
String fingerprint = BaseEncoding.base16().encode(key.getFingerprint());
Optional<ExternalId> extId = externalIds.get(externalIdKeyFactory.create(SCHEME_GPGKEY, fingerprint));
if (!extId.isPresent()) {
throw new ResourceNotFoundException(fingerprint);
}
accountsUpdateProvider.get().update("Delete GPG Key via API", rsrc.getUser().getAccountId(), u -> u.deleteExternalId(extId.get()));
try (PublicKeyStore store = storeProvider.get()) {
store.remove(rsrc.getKeyRing().getPublicKey().getFingerprint());
CommitBuilder cb = new CommitBuilder();
PersonIdent committer = serverIdent.get();
cb.setAuthor(rsrc.getUser().newCommitterIdent(committer));
cb.setCommitter(committer);
cb.setMessage("Delete public key " + keyIdToString(key.getKeyID()));
RefUpdate.Result saveResult = store.save(cb);
switch(saveResult) {
case NO_CHANGE:
case FAST_FORWARD:
try {
deleteKeySenderFactory.create(rsrc.getUser(), ImmutableList.of(PublicKeyStore.keyToString(key))).send();
} catch (EmailException e) {
logger.atSevere().withCause(e).log("Cannot send GPG key deletion message to %s", rsrc.getUser().getAccount().preferredEmail());
}
break;
case LOCK_FAILURE:
case FORCED:
case IO_FAILURE:
case NEW:
case NOT_ATTEMPTED:
case REJECTED:
case REJECTED_CURRENT_BRANCH:
case RENAMED:
case REJECTED_MISSING_OBJECT:
case REJECTED_OTHER_REASON:
default:
throw new StorageException(String.format("Failed to delete public key: %s", saveResult));
}
}
return Response.none();
}
Also used :
PersonIdent(org.eclipse.jgit.lib.PersonIdent)
GerritPersonIdent(com.google.gerrit.server.GerritPersonIdent)
ExternalId(com.google.gerrit.server.account.externalids.ExternalId)
PublicKeyStore(com.google.gerrit.gpg.PublicKeyStore)
EmailException(com.google.gerrit.exceptions.EmailException)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
CommitBuilder(org.eclipse.jgit.lib.CommitBuilder)
PublicKeyStore.keyIdToString(com.google.gerrit.gpg.PublicKeyStore.keyIdToString)
ResourceNotFoundException(com.google.gerrit.extensions.restapi.ResourceNotFoundException)
StorageException(com.google.gerrit.exceptions.StorageException)
RefUpdate(org.eclipse.jgit.lib.RefUpdate)
Example 7 with PublicKeyStore
use of com.google.gerrit.gpg.PublicKeyStore in project gerrit by GerritCodeReview.
the class PostGpgKeys method apply.
@Override
public Response<Map<String, GpgKeyInfo>> apply(AccountResource rsrc, GpgKeysInput input) throws RestApiException, PGPException, IOException, ConfigInvalidException {
GpgKeys.checkVisible(self, rsrc);
Collection<ExternalId> existingExtIds = externalIds.byAccount(rsrc.getUser().getAccountId(), SCHEME_GPGKEY);
try (PublicKeyStore store = storeProvider.get()) {
Map<ExternalId, Fingerprint> toRemove = readKeysToRemove(input, existingExtIds);
Collection<Fingerprint> fingerprintsToRemove = toRemove.values();
List<PGPPublicKeyRing> newKeys = readKeysToAdd(input, fingerprintsToRemove);
List<ExternalId> newExtIds = new ArrayList<>(existingExtIds.size());
for (PGPPublicKeyRing keyRing : newKeys) {
PGPPublicKey key = keyRing.getPublicKey();
ExternalId.Key extIdKey = toExtIdKey(key.getFingerprint());
Account account = getAccountByExternalId(extIdKey);
if (account != null) {
if (!account.id().equals(rsrc.getUser().getAccountId())) {
throw new ResourceConflictException("GPG key already associated with another account");
}
} else {
newExtIds.add(externalIdFactory.create(extIdKey, rsrc.getUser().getAccountId()));
}
}
storeKeys(rsrc, newKeys, fingerprintsToRemove);
accountsUpdateProvider.get().update("Update GPG Keys via API", rsrc.getUser().getAccountId(), u -> u.replaceExternalIds(toRemove.keySet(), newExtIds));
return Response.ok(toJson(newKeys, fingerprintsToRemove, store, rsrc.getUser()));
}
}
Also used :
PGPPublicKeyRing(org.bouncycastle.openpgp.PGPPublicKeyRing)
Account(com.google.gerrit.entities.Account)
Fingerprint(com.google.gerrit.gpg.Fingerprint)
ExternalId(com.google.gerrit.server.account.externalids.ExternalId)
ArrayList(java.util.ArrayList)
PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey)
ResourceConflictException(com.google.gerrit.extensions.restapi.ResourceConflictException)
PublicKeyStore(com.google.gerrit.gpg.PublicKeyStore)
Aggregations
PublicKeyStore (com.google.gerrit.gpg.PublicKeyStore)7
PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)6
PGPPublicKeyRing (org.bouncycastle.openpgp.PGPPublicKeyRing)6
Fingerprint (com.google.gerrit.gpg.Fingerprint)4
PublicKeyStore.keyIdToString (com.google.gerrit.gpg.PublicKeyStore.keyIdToString)4
GerritPersonIdent (com.google.gerrit.server.GerritPersonIdent)4
ExternalId (com.google.gerrit.server.account.externalids.ExternalId)4
ArrayList (java.util.ArrayList)4
CommitBuilder (org.eclipse.jgit.lib.CommitBuilder)4
PersonIdent (org.eclipse.jgit.lib.PersonIdent)4
RefUpdate (org.eclipse.jgit.lib.RefUpdate)4
BadRequestException (com.google.gerrit.extensions.restapi.BadRequestException)3
ResourceConflictException (com.google.gerrit.extensions.restapi.ResourceConflictException)3
ResourceNotFoundException (com.google.gerrit.extensions.restapi.ResourceNotFoundException)3
CheckResult (com.google.gerrit.gpg.CheckResult)3
PublicKeyStore.keyToString (com.google.gerrit.gpg.PublicKeyStore.keyToString)3
EmailException (com.google.gerrit.common.errors.EmailException)2
EmailException (com.google.gerrit.exceptions.EmailException)2
StorageException (com.google.gerrit.exceptions.StorageException)2
IdentifiedUser (com.google.gerrit.server.IdentifiedUser)2
