// GetTimestampHandler returns a timestamp.json given a GUN func GetTimestampHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) error { s := ctx.Value("metaStore") store, ok := s.(storage.MetaStore) if !ok { return errors.ErrNoStorage.WithDetail(nil) } cryptoServiceVal := ctx.Value("cryptoService") cryptoService, ok := cryptoServiceVal.(signed.CryptoService) if !ok { return errors.ErrNoCryptoService.WithDetail(nil) } vars := mux.Vars(r) gun := vars["imageName"] out, err := timestamp.GetOrCreateTimestamp(gun, store, cryptoService) if err != nil { switch err.(type) { case *storage.ErrNoKey, *storage.ErrNotFound: return errors.ErrMetadataNotFound.WithDetail(nil) default: return errors.ErrUnknown.WithDetail(err) } } logrus.Debugf("[Notary Server] 200 GET timestamp: %s", gun) w.Write(out) return nil }
// getMaybeServerSigned writes the current snapshot or timestamp (based on the // role passed) to the provided writer or returns an error. In retrieving // the timestamp and snapshot, based on the keys held by the server, a new one // might be generated and signed due to expiry of the previous one or updates // to other roles. func getMaybeServerSigned(ctx context.Context, w io.Writer, store storage.MetaStore, gun, role string) error { cryptoServiceVal := ctx.Value("cryptoService") cryptoService, ok := cryptoServiceVal.(signed.CryptoService) if !ok { return errors.ErrNoCryptoService.WithDetail(nil) } var ( out []byte err error ) switch role { case data.CanonicalSnapshotRole: out, err = snapshot.GetOrCreateSnapshot(gun, store, cryptoService) case data.CanonicalTimestampRole: out, err = timestamp.GetOrCreateTimestamp(gun, store, cryptoService) } if err != nil { switch err.(type) { case *storage.ErrNoKey, storage.ErrNotFound: return errors.ErrMetadataNotFound.WithDetail(err) default: return errors.ErrUnknown.WithDetail(err) } } w.Write(out) return nil }
// getMaybeServerSigned writes the current snapshot or timestamp (based on the // role passed) to the provided writer or returns an error. In retrieving // the timestamp and snapshot, based on the keys held by the server, a new one // might be generated and signed due to expiry of the previous one or updates // to other roles. func getMaybeServerSigned(ctx context.Context, store storage.MetaStore, gun, role string) (*time.Time, []byte, error) { cryptoServiceVal := ctx.Value(notary.CtxKeyCryptoSvc) cryptoService, ok := cryptoServiceVal.(signed.CryptoService) if !ok { return nil, nil, errors.ErrNoCryptoService.WithDetail(nil) } var ( lastModified *time.Time out []byte err error ) if role != data.CanonicalTimestampRole && role != data.CanonicalSnapshotRole { return nil, nil, fmt.Errorf("role %s cannot be server signed", role) } lastModified, out, err = timestamp.GetOrCreateTimestamp(gun, store, cryptoService) if err != nil { switch err.(type) { case *storage.ErrNoKey, storage.ErrNotFound: return nil, nil, errors.ErrMetadataNotFound.WithDetail(err) default: return nil, nil, errors.ErrUnknown.WithDetail(err) } } // If we wanted the snapshot, get it by checksum from the timestamp data if role == data.CanonicalSnapshotRole { ts := new(data.SignedTimestamp) if err := json.Unmarshal(out, ts); err != nil { return nil, nil, err } snapshotChecksums, err := ts.GetSnapshot() if err != nil || snapshotChecksums == nil { return nil, nil, fmt.Errorf("could not retrieve latest snapshot checksum") } if snapshotSHA256Bytes, ok := snapshotChecksums.Hashes[notary.SHA256]; ok { snapshotSHA256Hex := hex.EncodeToString(snapshotSHA256Bytes[:]) return store.GetChecksum(gun, role, snapshotSHA256Hex) } return nil, nil, fmt.Errorf("could not retrieve sha256 snapshot checksum") } return lastModified, out, nil }
// GetTimestampHandler returns a timestamp.json given a GUN func GetTimestampHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *errors.HTTPError { s := ctx.Value("metaStore") store, ok := s.(storage.MetaStore) if !ok { return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, Err: fmt.Errorf("Version store not configured"), } } cryptoServiceVal := ctx.Value("cryptoService") cryptoService, ok := cryptoServiceVal.(signed.CryptoService) if !ok { return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, Err: fmt.Errorf("CryptoService not configured"), } } vars := mux.Vars(r) gun := vars["imageName"] out, err := timestamp.GetOrCreateTimestamp(gun, store, cryptoService) if err != nil { if _, ok := err.(*storage.ErrNoKey); ok { return &errors.HTTPError{ HTTPStatus: http.StatusNotFound, Code: 9999, Err: err, } } return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, Err: err, } } logrus.Debug("Writing data") w.Write(out) return nil }
// getTimestampHandler returns a timestamp.json given a GUN func getTimestamp(ctx context.Context, w http.ResponseWriter, logger ctxu.Logger, store storage.MetaStore, gun string) error { cryptoServiceVal := ctx.Value("cryptoService") cryptoService, ok := cryptoServiceVal.(signed.CryptoService) if !ok { return errors.ErrNoCryptoService.WithDetail(nil) } out, err := timestamp.GetOrCreateTimestamp(gun, store, cryptoService) if err != nil { switch err.(type) { case *storage.ErrNoKey, storage.ErrNotFound: logger.Error("404 GET timestamp") return errors.ErrMetadataNotFound.WithDetail(nil) default: logger.Error("500 GET timestamp") return errors.ErrUnknown.WithDetail(err) } } logger.Debug("200 GET timestamp") w.Write(out) return nil }
func GetTimestampHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) *errors.HTTPError { s := ctx.Value("metaStore") store, ok := s.(storage.MetaStore) if !ok { return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, Err: fmt.Errorf("Version store not configured"), } } sign := ctx.Value("signer") signer, ok := sign.(*signed.Signer) if !ok { return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, Err: fmt.Errorf("Signer not configured"), } } vars := mux.Vars(r) gun := vars["imageName"] out, err := timestamp.GetOrCreateTimestamp(gun, store, signer) if err != nil { return &errors.HTTPError{ HTTPStatus: http.StatusInternalServerError, Code: 9999, Err: err, } } logrus.Debug("Writing data") w.Write(out) return nil }