Skip to content

Commit

Permalink
Signer API nits... (#85)
Browse files Browse the repository at this point in the history 
* Rename `KeyFringerPrint` to `KeyID`.

Internally we differentiate between IDs and Fingerprints, but in the
public API, we should be good with just an ID for now.  Shorter is
better.

* Fix two formatting issues from `goimport(1)`.

* Whitespace nit

* Comment nit: TRITON_KEY_ID is preferred over SDC_KEY_ID.

* Add a comment for GetTritonEnv().

* Rename `UserName` to `Username` in the input structs for signers.

Fixes: #84

* Rename SDC variables to be Triton variables.

* Move examples into their own directory.

Having `gorename(1)` just work is a "good thing(tm)."
  • Loading branch information
@sean- @stack72
sean- authored and stack72 committed Dec 28, 2017
1 parent 103ce3a commit 9fd3eea
Show file tree
Hide file tree
Showing 18 changed files with 119 additions and 115 deletions.
16 changes: 8 additions & 8 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,15 +15,15 @@ using a key stored with the local SSH Agent (using an [`SSHAgentSigner`][6].
To construct a Signer, use the `New*` range of methods in the `authentication`
package. In the case of `authentication.NewSSHAgentSigner`, the parameters are
the fingerprint of the key with which to sign, and the account name (normally
stored in the `TRITON_ACCOUNT` environment variable). There is also support for
stored in the `TRITON_ACCOUNT` environment variable). There is also support for
passing in a username, this will allow you to use an account other than the main
Triton account. For example:

```go
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: "a4:c6:f3:75:80:27:e0:03:a9:98:79:ef:c5:0a:06:11",
AccountName: "AccountName",
UserName: "UserName",
KeyID: "a4:c6:f3:75:80:27:e0:03:a9:98:79:ef:c5:0a:06:11",
AccountName: "AccountName",
UserName: "UserName",
}
sshKeySigner, err := authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down Expand Up @@ -162,9 +162,9 @@ func main() {

if keyMaterial == "" {
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: keyID,
AccountName: accountName,
UserName: userName,
KeyID: keyID,
AccountName: accountName,
UserName: userName,
}
signer, err = authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down Expand Up @@ -195,7 +195,7 @@ func main() {
}

input := authentication.PrivateKeySignerInput{
KeyFingerPrint: keyID,
KeyID: keyID,
PrivateKeyMaterial: keyBytes,
AccountName: accountName,
UserName: userName,
Expand Down
15 changes: 7 additions & 8 deletions authentication/private_key_signer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,8 @@ import (
"encoding/pem"
"errors"
"fmt"
"strings"

"path"
"strings"

"github.com/hashicorp/errwrap"
"golang.org/x/crypto/ssh"
Expand All @@ -29,14 +28,14 @@ type PrivateKeySigner struct {
}

type PrivateKeySignerInput struct {
KeyFingerPrint string
KeyID string
PrivateKeyMaterial []byte
AccountName string
UserName string
Username string
}

func NewPrivateKeySigner(input PrivateKeySignerInput) (*PrivateKeySigner, error) {
keyFingerprintMD5 := strings.Replace(input.KeyFingerPrint, ":", "", -1)
keyFingerprintMD5 := strings.Replace(input.KeyID, ":", "", -1)

block, _ := pem.Decode(input.PrivateKeyMaterial)
if block == nil {
Expand All @@ -61,15 +60,15 @@ func NewPrivateKeySigner(input PrivateKeySignerInput) (*PrivateKeySigner, error)

signer := &PrivateKeySigner{
formattedKeyFingerprint: displayKeyFingerprint,
keyFingerprint: input.KeyFingerPrint,
keyFingerprint: input.KeyID,
accountName: input.AccountName,

hashFunc: crypto.SHA1,
privateKey: rsakey,
}

if input.UserName != "" {
signer.userName = input.UserName
if input.Username != "" {
signer.userName = input.Username
}

_, algorithm, err := signer.SignRaw("HelloWorld")
Expand Down
17 changes: 8 additions & 9 deletions authentication/ssh_agent_signer.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,8 @@ import (
"fmt"
"net"
"os"
"strings"

"path"
"strings"

"github.com/hashicorp/errwrap"
"golang.org/x/crypto/ssh"
Expand All @@ -34,9 +33,9 @@ type SSHAgentSigner struct {
}

type SSHAgentSignerInput struct {
KeyFingerPrint string
AccountName string
UserName string
KeyID string
AccountName string
Username string
}

func NewSSHAgentSigner(input SSHAgentSignerInput) (*SSHAgentSigner, error) {
Expand All @@ -53,7 +52,7 @@ func NewSSHAgentSigner(input SSHAgentSignerInput) (*SSHAgentSigner, error) {
ag := agent.NewClient(conn)

signer := &SSHAgentSigner{
keyFingerprint: input.KeyFingerPrint,
keyFingerprint: input.KeyID,
accountName: input.AccountName,
agent: ag,
}
Expand All @@ -64,9 +63,9 @@ func NewSSHAgentSigner(input SSHAgentSignerInput) (*SSHAgentSigner, error) {
}
signer.key = matchingKey
signer.formattedKeyFingerprint = formatPublicKeyFingerprint(signer.key, true)
if input.UserName != "" {
signer.userName = input.UserName
signer.keyIdentifier = path.Join("/", signer.accountName, "users", input.UserName, "keys", signer.formattedKeyFingerprint)
if input.Username != "" {
signer.userName = input.Username
signer.keyIdentifier = path.Join("/", signer.accountName, "users", input.Username, "keys", signer.formattedKeyFingerprint)
} else {
signer.keyIdentifier = path.Join("/", signer.accountName, "keys", signer.formattedKeyFingerprint)
}
Expand Down
14 changes: 10 additions & 4 deletions client/client.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,7 @@ func New(tritonURL string, mantaURL string, accountName string, signers ...authe
}

// Default to constructing an SSHAgentSigner if there are no other signers
// passed into NewClient and there's an SDC_KEY_ID and SSH_AUTH_SOCK
// passed into NewClient and there's an TRITON_KEY_ID and SSH_AUTH_SOCK
// available in the user's environ(7).
if len(newClient.Authorizers) == 0 {
if err := newClient.DefaultAuth(); err != nil {
Expand All @@ -95,12 +95,18 @@ func New(tritonURL string, mantaURL string, accountName string, signers ...authe

var envPrefixes = []string{"TRITON", "SDC"}

// GetTritonEnv looks up environment variables using the preferred "TRITON"
// prefix, but falls back to the SDC prefix. For example, looking up "USER"
// will search for "TRITON_USER" followed by "SDC_USER". If the environment
// variable is not set, an empty string is returned. GetTritonEnv() is used to
// aid in the transition and deprecation of the SDC_* environment variables.
func GetTritonEnv(name string) string {
for _, prefix := range envPrefixes {
if val, found := os.LookupEnv(prefix + "_" + name); found {
return val
}
}

return ""
}

Expand All @@ -112,9 +118,9 @@ func (c *Client) DefaultAuth() error {
tritonKeyId := GetTritonEnv("KEY_ID")
if tritonKeyId != "" {
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: tritonKeyId,
AccountName: c.AccountName,
UserName: c.Username,
KeyID: tritonKeyId,
AccountName: c.AccountName,
Username: c.Username,
}
defaultSigner, err := authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down
10 changes: 5 additions & 5 deletions examples/account/account_info.go → examples/account/account_info/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@ func main() {

if keyMaterial == "" {
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: keyID,
AccountName: accountName,
UserName: userName,
KeyID: keyID,
AccountName: accountName,
Username: userName,
}
signer, err = authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down Expand Up @@ -64,10 +64,10 @@ func main() {
}

input := authentication.PrivateKeySignerInput{
KeyFingerPrint: keyID,
KeyID: keyID,
PrivateKeyMaterial: keyBytes,
AccountName: accountName,
UserName: userName,
Username: userName,
}
signer, err = authentication.NewPrivateKeySigner(input)
if err != nil {
Expand Down
10 changes: 5 additions & 5 deletions examples/account/config.go → examples/account/config/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,9 +26,9 @@ func main() {

if keyMaterial == "" {
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: keyID,
AccountName: accountName,
UserName: userName,
KeyID: keyID,
AccountName: accountName,
Username: userName,
}
signer, err = authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down Expand Up @@ -59,10 +59,10 @@ func main() {
}

input := authentication.PrivateKeySignerInput{
KeyFingerPrint: keyID,
KeyID: keyID,
PrivateKeyMaterial: keyBytes,
AccountName: accountName,
UserName: userName,
Username: userName,
}
signer, err = authentication.NewPrivateKeySigner(input)
if err != nil {
Expand Down
10 changes: 5 additions & 5 deletions examples/account/keys.go → examples/account/keys/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,9 @@ func main() {

if keyMaterial == "" {
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: keyID,
AccountName: accountName,
UserName: userName,
KeyID: keyID,
AccountName: accountName,
Username: userName,
}
signer, err = authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down Expand Up @@ -58,10 +58,10 @@ func main() {
}

input := authentication.PrivateKeySignerInput{
KeyFingerPrint: keyID,
KeyID: keyID,
PrivateKeyMaterial: keyBytes,
AccountName: accountName,
UserName: userName,
Username: userName,
}
signer, err = authentication.NewPrivateKeySigner(input)
if err != nil {
Expand Down
10 changes: 5 additions & 5 deletions examples/compute/create_instance.go → examples/compute/create_instance/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,9 +33,9 @@ func main() {

if keyMaterial == "" {
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: keyID,
AccountName: accountName,
UserName: userName,
KeyID: keyID,
AccountName: accountName,
Username: userName,
}
signer, err = authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down Expand Up @@ -66,10 +66,10 @@ func main() {
}

input := authentication.PrivateKeySignerInput{
KeyFingerPrint: keyID,
KeyID: keyID,
PrivateKeyMaterial: keyBytes,
AccountName: accountName,
UserName: userName,
Username: userName,
}
signer, err = authentication.NewPrivateKeySigner(input)
if err != nil {
Expand Down
10 changes: 5 additions & 5 deletions examples/compute/instances.go → examples/compute/instances/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,9 @@ func main() {

if keyMaterial == "" {
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: keyID,
AccountName: accountName,
UserName: userName,
KeyID: keyID,
AccountName: accountName,
Username: userName,
}
signer, err = authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down Expand Up @@ -57,10 +57,10 @@ func main() {
}

input := authentication.PrivateKeySignerInput{
KeyFingerPrint: keyID,
KeyID: keyID,
PrivateKeyMaterial: keyBytes,
AccountName: accountName,
UserName: userName,
Username: userName,
}
signer, err = authentication.NewPrivateKeySigner(input)
if err != nil {
Expand Down
10 changes: 5 additions & 5 deletions examples/network/create_fabric.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,9 @@ func main() {

if keyMaterial == "" {
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: keyID,
AccountName: accountName,
UserName: userName,
KeyID: keyID,
AccountName: accountName,
Username: userName,
}
signer, err = authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down Expand Up @@ -58,10 +58,10 @@ func main() {
}

input := authentication.PrivateKeySignerInput{
KeyFingerPrint: keyID,
KeyID: keyID,
PrivateKeyMaterial: keyBytes,
AccountName: accountName,
UserName: userName,
Username: userName,
}
signer, err = authentication.NewPrivateKeySigner(input)
if err != nil {
Expand Down
10 changes: 5 additions & 5 deletions examples/storage/createjob.go → examples/storage/create_job/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,9 @@ func main() {

if keyMaterial == "" {
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: keyID,
AccountName: accountName,
UserName: userName,
KeyID: keyID,
AccountName: accountName,
Username: userName,
}
signer, err = authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down Expand Up @@ -60,10 +60,10 @@ func main() {
}

input := authentication.PrivateKeySignerInput{
KeyFingerPrint: keyID,
KeyID: keyID,
PrivateKeyMaterial: keyBytes,
AccountName: accountName,
UserName: userName,
Username: userName,
}
signer, err = authentication.NewPrivateKeySigner(input)
if err != nil {
Expand Down
10 changes: 5 additions & 5 deletions examples/storage/forceDelete.go → examples/storage/force_delete/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,9 +27,9 @@ func main() {

if keyMaterial == "" {
input := authentication.SSHAgentSignerInput{
KeyFingerPrint: keyID,
AccountName: mantaUser,
UserName: userName,
KeyID: keyID,
AccountName: mantaUser,
Username: userName,
}
signer, err = authentication.NewSSHAgentSigner(input)
if err != nil {
Expand Down Expand Up @@ -60,10 +60,10 @@ func main() {
}

input := authentication.PrivateKeySignerInput{
KeyFingerPrint: keyID,
KeyID: keyID,
PrivateKeyMaterial: keyBytes,
AccountName: mantaUser,
UserName: userName,
Username: userName,
}
signer, err = authentication.NewPrivateKeySigner(input)
if err != nil {
Expand Down
Loading

0 comments on commit 9fd3eea

Please sign in to comment.