-
Notifications
You must be signed in to change notification settings - Fork 22
/
client_list_keys.go
127 lines (105 loc) · 4.43 KB
/
client_list_keys.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
// Copyright (C) 2023 Gobalsky Labs Limited
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
package api
import (
"context"
"errors"
"fmt"
"code.vegaprotocol.io/vega/libs/jsonrpc"
"code.vegaprotocol.io/vega/wallet/wallet"
)
const PermissionsSuccessfullyUpdated = "The permissions have been successfully updated."
type ClientListKeysResult struct {
Keys []ClientNamedPublicKey `json:"keys"`
}
type ClientNamedPublicKey struct {
Name string `json:"name"`
PublicKey string `json:"publicKey"`
}
type ClientListKeys struct {
walletStore WalletStore
interactor Interactor
}
// Handle returns the public keys the third-party application has access to.
//
// This requires a "read" access on "public_keys".
func (h *ClientListKeys) Handle(ctx context.Context, connectedWallet ConnectedWallet) (jsonrpc.Result, *jsonrpc.ErrorDetails) {
traceID := jsonrpc.TraceIDFromContext(ctx)
if !connectedWallet.CanListKeys() {
if err := h.updatePublicKeysPermissions(ctx, traceID, &connectedWallet); err != nil {
return nil, err
}
}
allowedKeys := connectedWallet.AllowedKeys()
keys := make([]ClientNamedPublicKey, 0, len(allowedKeys))
for _, allowedKey := range allowedKeys {
keys = append(keys, ClientNamedPublicKey{
Name: allowedKey.Name(),
PublicKey: allowedKey.PublicKey(),
})
}
return ClientListKeysResult{
Keys: keys,
}, nil
}
func (h *ClientListKeys) updatePublicKeysPermissions(ctx context.Context, traceID string, connectedWallet *ConnectedWallet) *jsonrpc.ErrorDetails {
if err := h.interactor.NotifyInteractionSessionBegan(ctx, traceID, PermissionRequestWorkflow, 2); err != nil {
return RequestNotPermittedError(err)
}
defer h.interactor.NotifyInteractionSessionEnded(ctx, traceID)
freshWallet, err := h.walletStore.GetWallet(ctx, connectedWallet.Name())
if err != nil {
if errors.Is(err, ErrWalletIsLocked) {
h.interactor.NotifyError(ctx, traceID, ApplicationErrorType, err)
} else {
h.interactor.NotifyError(ctx, traceID, InternalErrorType, fmt.Errorf("could not retrieve the wallet for the permissions update: %w", err))
}
return InternalError(ErrCouldNotListKeys)
}
perms := freshWallet.Permissions(connectedWallet.Hostname())
// At this point, we need a "read" access on public keys.
perms.PublicKeys.Access = wallet.ReadAccess
approved, err := h.interactor.RequestPermissionsReview(ctx, traceID, 1, connectedWallet.Hostname(), connectedWallet.Name(), perms.Summary())
if err != nil {
if errDetails := HandleRequestFlowError(ctx, traceID, h.interactor, err); errDetails != nil {
return errDetails
}
h.interactor.NotifyError(ctx, traceID, InternalErrorType, fmt.Errorf("requesting the permissions review failed: %w", err))
return InternalError(ErrCouldNotListKeys)
}
if !approved {
return UserRejectionError(ErrUserRejectedAccessToKeys)
}
if err := freshWallet.UpdatePermissions(connectedWallet.Hostname(), perms); err != nil {
h.interactor.NotifyError(ctx, traceID, InternalErrorType, fmt.Errorf("could not update the permissions on the wallet: %w", err))
return InternalError(ErrCouldNotListKeys)
}
if err := connectedWallet.RefreshFromWallet(freshWallet); err != nil {
h.interactor.NotifyError(ctx, traceID, InternalErrorType, fmt.Errorf("could not refresh the connection information after the permissions update: %w", err))
return InternalError(ErrCouldNotListKeys)
}
if err := h.walletStore.UpdateWallet(ctx, freshWallet); err != nil {
h.interactor.NotifyError(ctx, traceID, InternalErrorType, fmt.Errorf("could not save the permissions update on the wallet: %w", err))
return InternalError(ErrCouldNotListKeys)
}
h.interactor.NotifySuccessfulRequest(ctx, traceID, 2, PermissionsSuccessfullyUpdated)
return nil
}
func NewListKeys(walletStore WalletStore, interactor Interactor) *ClientListKeys {
return &ClientListKeys{
walletStore: walletStore,
interactor: interactor,
}
}