/
path_vault_status.go
97 lines (82 loc) · 3.12 KB
/
path_vault_status.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
package api
import (
"context"
"os"
"strconv"
// "errors"
// "fmt"
// "encoding/json"
// "fmt"
"net/http"
"github.com/hashicorp/vault/sdk/framework"
"github.com/hashicorp/vault/sdk/logical"
"github.com/ryadavDeqode/dq-vault/api/helpers"
"github.com/ryadavDeqode/dq-vault/config"
"github.com/ryadavDeqode/dq-vault/logger"
)
func checkIfNotEmpty(a string) bool {
if a == "" {
return false
}
return true
}
// pathPassphrase corresponds to POST gen/passphrase.
func (b *backend) pathGetUserVaultStatus(ctx context.Context, req *logical.Request, d *framework.FieldData) (*logical.Response, error) {
// var err error
backendLogger := b.logger
// obtain details:
identifier := d.Get("identifier").(string)
signatureECDSA := d.Get("signatureECDSA").(string)
// path where user data is stored
path := config.StorageBasePath + identifier
entry, err := req.Storage.Get(ctx, path)
if err != nil {
logger.Log(backendLogger, config.Error, "getIdentifier: could not get storage entry", err.Error())
return nil, logical.CodedError(http.StatusUnprocessableEntity, err.Error())
}
// Get User data
var userData helpers.UserDetails
err = entry.DecodeJSON(&userData)
if err != nil {
logger.Log(backendLogger, config.Error, "getIdentifier: could not get user details", err.Error())
return nil, logical.CodedError(http.StatusUnprocessableEntity, err.Error())
}
dataToValidate := map[string]string{
"identifier": identifier,
}
ecdsaVerificationState, remarks := helpers.VerifyJWTSignature(signatureECDSA, dataToValidate, userData.UserECDSAPublicKey, "ES256")
if !ecdsaVerificationState{
return &logical.Response{
Data: map[string]interface{}{
"status": false,
"remarks": remarks,
},
}, nil
}
waitPeriodStr := os.Getenv("WAIT_PERIOD")
waitPeriod, _ := strconv.Atoi(waitPeriodStr)
vaultStatus := &helpers.VaultStatus{
Identifier: userData.Identifier,
UserEmail: userData.UserEmail,
Guardians: []helpers.GuardianEmails{{checkIfNotEmpty(userData.Guardians[0]), userData.UnverifiedGuardians[0]}, {checkIfNotEmpty(userData.Guardians[1]), userData.UnverifiedGuardians[1]}, {checkIfNotEmpty(userData.Guardians[2]), userData.UnverifiedGuardians[2]}},
UserMobile: userData.UserMobile,
UserRSAPublicKey: checkIfNotEmpty(userData.UserRSAPublicKey),
UserECDSAPublicKey: checkIfNotEmpty(userData.UserECDSAPublicKey),
SignedConsentForMnemonics: checkIfNotEmpty(userData.SignedConsentForMnemonics),
SignedConsentForPrivateKey: checkIfNotEmpty(userData.SignedConsentForPrivateKey),
LastVetoedBy: userData.LastVetoedBy,
WalletThirdShard: checkIfNotEmpty(userData.WalletThirdShard),
LastRecoverySavedAt: userData.LastRecoverySavedAt,
IsRestoreInProgress: userData.IsRestoreInProgress,
RestoreInitiationTimestamp: userData.RestoreInitiationTimestamp,
RestoreCompletionTimestamp: userData.RestoreInitiationTimestamp + int64(waitPeriod),
}
// return response
return &logical.Response{
Data: map[string]interface{}{
"remarks": "success",
"status": true,
"data": vaultStatus,
},
}, nil
}