Skip to content

Commit

Permalink
feat(rust): implemented ockam proxy vault
Browse files Browse the repository at this point in the history
  • Loading branch information
davide-baldo committed Jan 8, 2025
1 parent 2ff3b29 commit 1e370f5
Show file tree
Hide file tree
Showing 73 changed files with 2,679 additions and 293 deletions.
2 changes: 0 additions & 2 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 0 additions & 1 deletion implementations/rust/ockam/ockam_api/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,6 @@ jaq-interpret = "1"
jaq-parse = "1"
jaq-std = "1"
kafka-protocol = "0.13"
log = "0.4"
miette = { version = "7.2.0", features = ["fancy-no-backtrace"] }
minicbor = { version = "0.25.1", default-features = false, features = ["alloc", "derive"] }
nix = { version = "0.29", features = ["signal"] }
Expand Down
11 changes: 5 additions & 6 deletions implementations/rust/ockam/ockam_api/src/cli_state/cli_state.rs
Original file line number Diff line number Diff line change
@@ -1,11 +1,10 @@
use rand::random;
use std::path::{Path, PathBuf};
use tokio::sync::broadcast::{channel, Receiver, Sender};

use ockam::SqlxDatabase;
use ockam_core::env::get_env_with_default;
use ockam_node::database::{DatabaseConfiguration, OCKAM_SQLITE_IN_MEMORY};
use ockam_node::Executor;
use rand::random;
use std::path::{Path, PathBuf};
use tokio::sync::broadcast::{channel, Receiver, Sender};

use crate::cli_state::error::Result;
use crate::cli_state::CliStateError;
Expand Down Expand Up @@ -385,10 +384,10 @@ mod tests {

// create 2 identities
let identity1 = cli
.create_identity_with_name_and_vault("identity1", "vault1")
.create_identity_with_name_and_vault(None, "identity1", "vault1")
.await?;
let identity2 = cli
.create_identity_with_name_and_vault("identity2", "vault2")
.create_identity_with_name_and_vault(None, "identity2", "vault2")
.await?;

// create 2 nodes
Expand Down
66 changes: 48 additions & 18 deletions implementations/rust/ockam/ockam_api/src/cli_state/identities.rs
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ use ockam::identity::models::ChangeHistory;
use ockam::identity::{Identifier, Identity};
use ockam_core::errcode::{Kind, Origin};
use ockam_core::Error;
use ockam_node::Context;
use ockam_vault::{HandleToSecret, SigningSecretKeyHandle};

use crate::cli_state::{random_name, CliState, Result};
Expand Down Expand Up @@ -31,6 +32,7 @@ impl CliState {
#[instrument(skip_all, fields(name = %name, vault_name = %vault_name))]
pub async fn create_identity_with_name_and_vault(
&self,
context: Option<&Context>,
name: &str,
vault_name: &str,
) -> Result<NamedIdentity> {
Expand All @@ -39,7 +41,9 @@ impl CliState {
};

let vault = self.get_named_vault(vault_name).await?;
let identities = self.make_identities(self.make_vault(vault).await?).await?;
let vault = self.make_vault(context, vault).await?;

let identities = self.make_identities(vault).await?;
let identity = identities.identities_creation().create_identity().await?;
let named_identity = self
.store_named_identity(&identity, name, vault_name)
Expand All @@ -65,9 +69,13 @@ impl CliState {
/// Create an identity associated with a name, using the default vault
/// If there is already an identity with that name, return its identifier
#[instrument(skip_all, fields(name = %name))]
pub async fn create_identity_with_name(&self, name: &str) -> Result<NamedIdentity> {
pub async fn create_identity_with_name(
&self,
context: Option<&Context>,
name: &str,
) -> Result<NamedIdentity> {
let vault = self.get_or_create_default_named_vault().await?;
self.create_identity_with_name_and_vault(name, &vault.name())
self.create_identity_with_name_and_vault(context, name, &vault.name())
.await
}

Expand All @@ -77,6 +85,7 @@ impl CliState {
#[instrument(skip_all, fields(name = %name, vault_name = %vault_name, key_id = %key_id))]
pub async fn create_identity_with_key_id(
&self,
context: Option<&Context>,
name: &str,
vault_name: &str,
key_id: &str,
Expand All @@ -96,8 +105,10 @@ impl CliState {
key_id.as_bytes().to_vec(),
));

let vault = self.make_vault(context, vault).await?;

// create the identity
let identities = self.make_identities(self.make_vault(vault).await?).await?;
let identities = self.make_identities(vault).await?;
let identifier = identities
.identities_creation()
.identity_builder()
Expand Down Expand Up @@ -154,13 +165,14 @@ impl CliState {
#[instrument(skip_all, fields(name = name.clone()))]
pub async fn get_named_identity_or_default(
&self,
context: Option<&Context>,
name: &Option<String>,
) -> Result<NamedIdentity> {
match name {
// Identity specified.
Some(name) => self.get_named_identity(name).await,
// No identity specified.
None => self.get_or_create_default_named_identity().await,
None => self.get_or_create_default_named_identity(context).await,
}
}

Expand Down Expand Up @@ -191,7 +203,11 @@ impl CliState {
/// Return a full identity from its name
/// Use the default identity if no name is given
#[instrument(skip_all, fields(name = name.clone()))]
pub async fn get_identity_by_optional_name(&self, name: &Option<String>) -> Result<Identity> {
pub async fn get_identity_by_optional_name(
&self,
context: Option<&Context>,
name: &Option<String>,
) -> Result<Identity> {
let named_identity = match name {
Some(name) => {
self.identities_repository()
Expand All @@ -209,7 +225,7 @@ impl CliState {
Some(identity) => {
let change_history = self.get_change_history(&identity.identifier()).await?;
let named_vault = self.get_named_vault(&identity.vault_name).await?;
let identity_vault = self.make_vault(named_vault).await?;
let identity_vault = self.make_vault(context, named_vault).await?;
Ok(Identity::import_from_change_history(
Some(&identity.identifier()),
change_history,
Expand Down Expand Up @@ -243,14 +259,23 @@ impl CliState {
/// Return the name of the default identity.
/// This function creates the default identity if it does not exist!
#[instrument(skip_all)]
pub async fn get_default_identity_name(&self) -> Result<String> {
Ok(self.get_or_create_default_named_identity().await?.name())
pub async fn get_or_create_default_identity_name(
&self,
context: Option<&Context>,
) -> Result<String> {
Ok(self
.get_or_create_default_named_identity(context)
.await?
.name())
}

/// Return the default named identity
/// This function creates the default identity if it does not exist!
#[instrument(skip_all)]
pub async fn get_or_create_default_named_identity(&self) -> Result<NamedIdentity> {
pub async fn get_or_create_default_named_identity(
&self,
context: Option<&Context>,
) -> Result<NamedIdentity> {
match self
.identities_repository()
.get_default_named_identity()
Expand All @@ -263,7 +288,8 @@ impl CliState {
self.notify_message(fmt_log!(
"There is no default Identity on this machine, generating one...\n"
));
self.create_identity_with_name(&random_name()).await
self.create_identity_with_name(context, &random_name())
.await
}
}
}
Expand All @@ -272,10 +298,14 @@ impl CliState {
/// - the given name if defined
/// - or the name of the default identity (which is created if it does not already exist!)
#[instrument(skip_all, fields(name = name.clone()))]
pub async fn get_identity_name_or_default(&self, name: &Option<String>) -> Result<String> {
pub async fn get_or_create_identity_name_or_default(
&self,
context: Option<&Context>,
name: &Option<String>,
) -> Result<String> {
match name {
Some(name) => Ok(name.clone()),
None => self.get_default_identity_name().await,
None => self.get_or_create_default_identity_name(context).await,
}
}

Expand Down Expand Up @@ -472,14 +502,14 @@ mod tests {
// then create an identity
let identity_name = "identity-name";
let identity = cli
.create_identity_with_name_and_vault(identity_name, vault_name)
.create_identity_with_name_and_vault(None, identity_name, vault_name)
.await?;
let expected = cli.get_named_identity(identity_name).await?;
assert_eq!(identity, expected);

// don't recreate the identity if it already exists with that name
let _ = cli
.create_identity_with_name_and_vault(identity_name, vault_name)
.create_identity_with_name_and_vault(None, identity_name, vault_name)
.await?;
let identities = cli.get_named_identities().await?;
assert_eq!(identities.len(), 1);
Expand All @@ -493,7 +523,7 @@ mod tests {

// create an identity using the default vault
let identity_name = "identity-name";
let identity = cli.create_identity_with_name(identity_name).await?;
let identity = cli.create_identity_with_name(None, identity_name).await?;
let expected = cli.get_named_identity(identity_name).await?;
assert_eq!(identity, expected);

Expand All @@ -509,7 +539,7 @@ mod tests {
let cli = CliState::test().await?;

// when we retrieve the default identity, we create it if it doesn't exist
let identity = cli.get_or_create_default_named_identity().await?;
let identity = cli.get_or_create_default_named_identity(None).await?;

// when the identity is created there is a change history + a named identity
let result = cli.get_change_history(&identity.identifier()).await;
Expand All @@ -528,7 +558,7 @@ mod tests {
#[tokio::test]
async fn test_delete_identity() -> Result<()> {
let cli = CliState::test().await?;
let identity = cli.create_identity_with_name("name").await?;
let identity = cli.create_identity_with_name(None, "name").await?;

// when the identity is created there is a change history + a named identity
let result = cli.get_change_history(&identity.identifier()).await;
Expand Down
Loading

0 comments on commit 1e370f5

Please sign in to comment.