add share secret to api client

Covata · Feb 20, 2017 · 9c094e0 · 9c094e0
1 parent e6ce52d
commit 9c094e0
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 3 deletions.
diff --git a/src/main/python/covata/delta/api/requestsclient.py b/src/main/python/covata/delta/api/requestsclient.py
@@ -76,8 +76,29 @@ def create_secret(self, requestor_id, content, encryption_details):
             auth=self.signer(requestor_id))
 
         response.raise_for_status()
-        created_secret = response.json()
-        return created_secret
+        return response.json()
+
+    def share_secret(self, requestor_id, content, encryption_details,
+                     base_secret_id, rsa_key_owner_id):
+        content_b64 = b64encode(content).decode('utf-8')
+        encryption_details_b64 = dict(
+            (k, b64encode(v).decode('utf-8'))
+            for k, v in encryption_details.items())
+
+        response = requests.post(
+            url="{base_url}{resource}".format(
+                base_url=self.DELTA_URL,
+                resource=self.RESOURCE_SECRETS),
+            json=dict(
+                content=content_b64,
+                encryptionDetails=encryption_details_b64,
+                baseSecret=base_secret_id,
+                rsaKeyOwner=rsa_key_owner_id
+            ),
+            auth=self.signer(requestor_id))
+
+        response.raise_for_status()
+        return response.json()
 
     def get_secret_content(self, requestor_id, secret_id):
         response = requests.get(

diff --git a/src/main/python/covata/delta/interfaces.py b/src/main/python/covata/delta/interfaces.py
@@ -74,7 +74,27 @@ def create_secret(self, requestor_id, content, encryption_details):
         :param bytes content: the contents of the secret
         :param encryption_details: the encryption details
         :type encryption_details: dict[str, bytes]
-        :return: the created secret
+        :return: the created base secret
+        :rtype: dict[str, str]
+        """
+
+    @abstractmethod
+    def share_secret(self, requestor_id, content, encryption_details,
+                     base_secret_id, rsa_key_owner_id):
+        """
+        Shares the base secret with the specified target RSA key owner. The
+        contents must be encrypted with the public encryption key of the
+        RSA key owner, and the encrypted key and initialisation vector must
+        be provided. This call will result in a new derived secret being created
+        and returned as a response.
+
+        :param str requestor_id: the authenticating identity id
+        :param bytes content: the contents of the secret
+        :param encryption_details: the encryption details
+        :type encryption_details: dict[str, bytes]
+        :param str base_secret_id: the id of the base secret
+        :param str rsa_key_owner_id: the id of the rsa key owner
+        :return: the created derived secret
         :rtype: dict[str, str]
         """