Merge pull request #13 from bitmaelum/reservation

Added checks for reservations

go.sum

@@ -98,6 +98,7 @@ github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7V
 github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
+github.com/konsorten/go-windows-terminal-sequences v1.0.3 h1:CE8S1cTafDpPvMhIxNJKvHsGVBgn1xWYf1NbHQhywc8=
 github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
 github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
@@ -151,6 +152,7 @@ github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6So
 github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
 github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
 github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
+github.com/sirupsen/logrus v1.6.0 h1:UBcNElsrwanuuMsnGSlYmtmgbb23qDR5dG+6X6Oo89I=
 github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88=
 github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
 github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=

internal/handler/address.go

@@ -33,6 +33,7 @@ import (
 	"github.com/bitmaelum/key-resolver-go/internal/address"
 	"github.com/bitmaelum/key-resolver-go/internal/http"
 	"github.com/bitmaelum/key-resolver-go/internal/organisation"
+	"github.com/bitmaelum/key-resolver-go/internal/reservation"
 )
 
 type addressUploadBody struct {
@@ -102,6 +103,11 @@ func PostAddressHash(addrHash hash.Hash, req http.Request) *http.Response {
 		return http.CreateError("cannot validate organisation token", 400)
 	}
 
+	ok, err := reservation.ReservationService.IsValidated(addrHash, uploadBody.PublicKey)
+	if !ok || err != nil {
+		return http.CreateError("reserved address", 400)
+	}
+
 	if current == nil {
 		// When specifying an organisation, we need an organisation token
 		if !uploadBody.OrgHash.IsEmpty() && uploadBody.OrgToken == "" {

internal/handler/address_test.go

@@ -32,6 +32,7 @@ import (
 	"github.com/bitmaelum/key-resolver-go/internal/address"
 	"github.com/bitmaelum/key-resolver-go/internal/http"
 	"github.com/bitmaelum/key-resolver-go/internal/organisation"
+	"github.com/bitmaelum/key-resolver-go/internal/reservation"
 	"github.com/bitmaelum/key-resolver-go/internal/routing"
 	testing2 "github.com/bitmaelum/key-resolver-go/internal/testing"
 	"github.com/stretchr/testify/assert"
@@ -713,6 +714,9 @@ func TestHistory(t *testing.T) {
 }
 
 func setupRepo() {
+	// NO reservation checks
+	reservation.ReservationService = reservation.NewMockRepository()
+
 	sr := address.NewSqliteResolver(":memory:")
 	address.SetDefaultRepository(sr)
 

internal/handler/organisation.go

@@ -30,6 +30,7 @@ import (
 	"github.com/bitmaelum/bitmaelum-suite/pkg/proofofwork"
 	"github.com/bitmaelum/key-resolver-go/internal/http"
 	"github.com/bitmaelum/key-resolver-go/internal/organisation"
+	"github.com/bitmaelum/key-resolver-go/internal/reservation"
 )
 
 var (
@@ -144,6 +145,11 @@ func createOrganisation(orgHash hash.Hash, uploadBody organisationUploadBody) *h
 		return http.CreateError(fmt.Sprintf("proof-of-work too weak (need %d bits)", MinimumProofBitsAddress), 401)
 	}
 
+	ok, err := reservation.ReservationService.IsValidated(orgHash, uploadBody.PublicKey)
+	if !ok || err != nil {
+		return http.CreateError("reserved organisation but validation in DNS not found", 401)
+	}
+
 	repo := organisation.GetResolveRepository()
 	res, err := repo.Create(orgHash.String(), uploadBody.PublicKey.String(), uploadBody.Proof.String(), uploadBody.Validations)
 

internal/prometheus.go

@@ -1,3 +1,22 @@
+// Copyright (c) 2020 BitMaelum Authors
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy of
+// this software and associated documentation files (the "Software"), to deal in
+// the Software without restriction, including without limitation the rights to
+// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+// the Software, and to permit persons to whom the Software is furnished to do so,
+// subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+// FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+// IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+// CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
 package internal
 
 import (
@@ -43,12 +62,12 @@ func ExportMetric() *events.APIGatewayV2HTTPResponse {
 	body += "# TYPE keyresolver_request counter\n"
 
 	input := &dynamodb.ScanInput{
-	    ExpressionAttributeNames: map[string]*string{
-	        "#path_code": aws.String("path_code"),
-	        "#hits": aws.String("hits"),
-	    },
-	    ProjectionExpression: aws.String("#path_code, #hits"),
-	    TableName:            aws.String("prometheus"),
+		ExpressionAttributeNames: map[string]*string{
+			"#path_code": aws.String("path_code"),
+			"#hits":      aws.String("hits"),
+		},
+		ProjectionExpression: aws.String("#path_code, #hits"),
+		TableName:            aws.String("prometheus"),
 	}
 
 	dyna := getDyna()

internal/reservation/mock.go

@@ -0,0 +1,102 @@
+// Copyright (c) 2020 BitMaelum Authors
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy of
+// this software and associated documentation files (the "Software"), to deal in
+// the Software without restriction, including without limitation the rights to
+// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+// the Software, and to permit persons to whom the Software is furnished to do so,
+// subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+// FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+// IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+// CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+package reservation
+
+import (
+	"github.com/bitmaelum/bitmaelum-suite/pkg/bmcrypto"
+	"github.com/bitmaelum/bitmaelum-suite/pkg/hash"
+)
+
+type domainEntry struct {
+	Hash   hash.Hash
+	Domain string
+}
+
+// MockRepository is a simple repository that allows you to easily mock reserved accounts and organisations
+type MockRepository struct {
+	Entries []domainEntry
+	DNS     map[string]string
+}
+
+func NewMockRepository() *MockRepository {
+	return &MockRepository{
+		Entries: []domainEntry{},
+		DNS:     make(map[string]string),
+	}
+}
+
+// Adds a new entry to the mock reservations
+func (m *MockRepository) AddEntry(h hash.Hash, domains []string) {
+	for i := range domains {
+		m.Entries = append(m.Entries, domainEntry{
+			Hash:   h,
+			Domain: domains[i],
+		})
+	}
+}
+
+// Adds a DNS entry so we can verify
+func (m *MockRepository) AddDNS(domain, value string) {
+	m.DNS[domain] = value
+}
+
+// IsValidated will check if a hash has a DNS entry with the correct value
+func (m *MockRepository) IsValidated(h hash.Hash, pk *bmcrypto.PubKey) (bool, error) {
+	domains, err := m.GetDomains(h)
+	if err != nil {
+		return false, err
+	}
+
+	// NO domains, so not a reserved hash
+	if len(domains) == 0 {
+		return true, nil
+	}
+
+	for i := range domains {
+		if m.DNS[domains[i]] == pk.Fingerprint() {
+			return true, nil
+		}
+	}
+
+	return false, nil
+}
+
+// IsReserved will return true when the hash is a reserved hash
+func (m *MockRepository) IsReserved(h hash.Hash) (bool, error) {
+	d, err := m.GetDomains(h)
+	if err != nil {
+		return false, err
+	}
+
+	return len(d) > 0, nil
+}
+
+// GetDomains will return the domains for the given reserved hash, or empty slice when not reserved
+func (m *MockRepository) GetDomains(h hash.Hash) ([]string, error) {
+	var domains []string
+
+	for i := range m.Entries {
+		if m.Entries[i].Hash.String() == h.String() {
+			domains = append(domains, m.Entries[i].Domain)
+		}
+	}
+
+	return domains, nil
+}

internal/reservation/mock_test.go

@@ -0,0 +1,63 @@
+// Copyright (c) 2020 BitMaelum Authors
+//
+// Permission is hereby granted, free of charge, to any person obtaining a copy of
+// this software and associated documentation files (the "Software"), to deal in
+// the Software without restriction, including without limitation the rights to
+// use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
+// the Software, and to permit persons to whom the Software is furnished to do so,
+// subject to the following conditions:
+//
+// The above copyright notice and this permission notice shall be included in all
+// copies or substantial portions of the Software.
+//
+// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
+// FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
+// COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
+// IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
+// CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+package reservation
+
+import (
+	"testing"
+
+	"github.com/bitmaelum/bitmaelum-suite/pkg/bmcrypto"
+	"github.com/bitmaelum/bitmaelum-suite/pkg/hash"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestMockRepository(t *testing.T) {
+	r := NewMockRepository()
+
+	h := hash.New("foobar")
+	r.AddEntry(h, []string{"foobar.com", "foobar.nl"})
+
+	ok, err := r.IsReserved(h)
+	assert.NoError(t, err)
+	assert.True(t, ok)
+
+	ok, err = r.IsReserved(hash.New("not-reserved"))
+	assert.NoError(t, err)
+	assert.False(t, ok)
+
+	d, err := r.GetDomains(hash.New("not-reserved"))
+	assert.NoError(t, err)
+	assert.Len(t, d, 0)
+
+	d, err = r.GetDomains(hash.New("foobar"))
+	assert.NoError(t, err)
+	assert.Len(t, d, 2)
+
+	_, pk, _ := bmcrypto.GenerateKeyPair(bmcrypto.KeyTypeED25519)
+
+	ok, err = r.IsValidated(h, pk)
+	assert.NoError(t, err)
+	assert.False(t, ok)
+
+	r.AddDNS("foobar.nl", pk.Fingerprint())
+
+	ok, err = r.IsValidated(h, pk)
+	assert.NoError(t, err)
+	assert.True(t, ok)
+}