From 5c800a74a29587639a6d59db303e43e892b98011 Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Fri, 16 Feb 2024 00:59:32 -0800 Subject: [PATCH 01/15] add no cache mode --- client/command.go | 11 ++++++++++- client/get.go | 5 +++-- client/register.go | 5 +++++ 3 files changed, 18 insertions(+), 3 deletions(-) diff --git a/client/command.go b/client/command.go index 4a32544..9c2bd33 100644 --- a/client/command.go +++ b/client/command.go @@ -56,6 +56,7 @@ type VisibilityParams struct { SummaryMetrics func(map[string]uint64) InvokeMetrics func(map[string]string) GetKeyMetrics func(map[string]string) + NoCache bool } var logf = func(string, ...interface{}) {} @@ -68,9 +69,11 @@ var clientGetKeyMetrics = func(map[string]string) {} func Run( client knox.APIClient, p *VisibilityParams, - loginCommand *Command) { + loginCommand *Command, + ) { cli = client + cache := true if p != nil { if p.Logf != nil { logf = p.Logf @@ -87,6 +90,9 @@ func Run( if p.GetKeyMetrics != nil { clientGetKeyMetrics = p.GetKeyMetrics } + if p.NoCache { + cache = false + } if loginCommand == nil { fatalf("A login command was not supplied, you must supply a login command.") } @@ -111,6 +117,9 @@ func Run( if cmd.CustomFlags { args = args[1:] } else { + if !cache{ + args = append(args, "-no-cache") + } cmd.Flag.Parse(args[1:]) args = cmd.Flag.Args() } diff --git a/client/get.go b/client/get.go index 9b0336e..0257f35 100644 --- a/client/get.go +++ b/client/get.go @@ -39,6 +39,7 @@ var getNetwork = cmdGet.Flag.Bool("n", false, "") var getAll = cmdGet.Flag.Bool("a", false, "") var getTinkKeyset = cmdGet.Flag.Bool("tink-keyset", false, "get the stored tink keyset of the given knox identifier entirely") var getTinkKeysetInfo = cmdGet.Flag.Bool("tink-keyset-info", false, "get the metadata of the stored tink keyset of the given knox identifier") +var noCache = cmdGet.Flag.Bool("no-cache", false, "no cache for keys") func successGetKeyMetric(keyID string) { clientGetKeyMetrics(map[string]string{ @@ -65,7 +66,7 @@ func runGet(cmd *Command, args []string) *ErrorStatus { var err error var key *knox.Key if *getTinkKeyset { - tinkKeysetInBytes, err := retrieveTinkKeyset(keyID, *getNetwork) + tinkKeysetInBytes, err := retrieveTinkKeyset(keyID, *getNetwork||*noCache) if err != nil { failureGetKeyMetric(keyID, err) return err @@ -75,7 +76,7 @@ func runGet(cmd *Command, args []string) *ErrorStatus { return nil } if *getTinkKeysetInfo { - tinkKeysetInfo, err := retrieveTinkKeysetInfo(keyID, *getNetwork) + tinkKeysetInfo, err := retrieveTinkKeysetInfo(keyID, *getNetwork||*noCache) if err != nil { failureGetKeyMetric(keyID, err) return err diff --git a/client/register.go b/client/register.go index 79da6de..75c5265 100644 --- a/client/register.go +++ b/client/register.go @@ -41,6 +41,7 @@ var registerKey = cmdRegister.Flag.String("k", "", "") var registerKeyFile = cmdRegister.Flag.String("f", "", "") var registerAndGet = cmdRegister.Flag.Bool("g", false, "") var registerTimeout = cmdRegister.Flag.String("t", "5s", "") +var noCache = cmdRegister.Flag.Bool("no-cache", false, "no cache for keys") const registerRecheckTime = 10 * time.Millisecond @@ -57,6 +58,10 @@ func parseTimeout(val string) (time.Duration, error) { } func runRegister(cmd *Command, args []string) *ErrorStatus { + if *noCache{ + fmt.Println("Cannot Register in No Cache mode") + return nil + } timeout, err := parseTimeout(*registerTimeout) if err != nil { return &ErrorStatus{fmt.Errorf("Invalid value for timeout flag: %s", err.Error()), false} From 2cbfb5ac7518d586cea019c6fa5daf7fa6f5c626 Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Tue, 20 Feb 2024 16:37:40 -0800 Subject: [PATCH 02/15] add uncached apiClient type --- client.go | 200 +++++++++++++++++++++++++++++++++++++++++++++ client/command.go | 8 -- client/get.go | 5 +- client/register.go | 5 +- 4 files changed, 204 insertions(+), 14 deletions(-) diff --git a/client.go b/client.go index b4863b2..50c31dd 100644 --- a/client.go +++ b/client.go @@ -438,6 +438,206 @@ func (c *HTTPClient) getHTTPData(method string, path string, body url.Values, da return nil } + +// UncachedHTTPClient is a client that uses HTTP to talk to Knox without caching. +type UncachedHTTPClient struct { + // Host is used as the host for http connections + Host string + //AuthHandler returns the authorization string for authenticating to knox. Users should be prefixed by 0u, machines by 0m. On fail, return empty string. + AuthHandler func() string + // Client is the http client for making network calls + Client HTTP + // Version is the current client version, useful for debugging and sent as a header + Version string +} + +// NewClient creates a new uncached client to connect to talk to Knox. +func NewUncachedClient(host string, client HTTP, authHandler func() string, version string) APIClient { + return &HTTPClient{ + Host: host, + Client: client, + AuthHandler: authHandler, + Version: version, + } +} + +// NetworkGetKey gets a knox key by keyID and only uses network without the caches. +func (c *UncachedHTTPClient) NetworkGetKey(keyID string) (*Key, error) { + key := &Key{} + err := c.getHTTPData("GET", "/v0/keys/"+keyID+"/", nil, key) + if err != nil { + return nil, err + } + + // do not return the invalid format remote keys + if key.ID == "" || key.ACL == nil || key.VersionList == nil || key.VersionHash == "" { + return nil, fmt.Errorf("invalid key content for the remote key") + } + + return key, err +} + +// CacheGetKey acts same as NetworkGetKey for UncachedHTTPClient. +func (c *UncachedHTTPClient) CacheGetKey(keyID string) (*Key, error) { + return c.NetworkGetKey(keyID) +} + +// GetKey gets a knox key by keyID. +func (c *UncachedHTTPClient) GetKey(keyID string) (*Key, error) { + return c.NetworkGetKey(keyID) +} + +// CacheGetKeyWithStatus acts same as NetworkGetKeyWithStatus for UncachedHTTPClient. +func (c *UncachedHTTPClient) CacheGetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { + return c.NetworkGetKeyWithStatus(keyID, status) +} + +// NetworkGetKeyWithStatus gets a knox key by keyID and given version status (always calls network). +func (c *UncachedHTTPClient) NetworkGetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { + // If clients need to know + s, err := status.MarshalJSON() + if err != nil { + return nil, err + } + + key := &Key{} + err = c.getHTTPData("GET", "/v0/keys/"+keyID+"/?status="+string(s), nil, key) + return key, err +} + +// GetKeyWithStatus gets a knox key by keyID and status (no cache). +func (c *UncachedHTTPClient) GetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { + return c.NetworkGetKeyWithStatus(keyID, status) +} + +// CreateKey creates a knox key with given keyID data and ACL. +func (c *UncachedHTTPClient) CreateKey(keyID string, data []byte, acl ACL) (uint64, error) { + var i uint64 + d := url.Values{} + d.Set("id", keyID) + d.Set("data", base64.StdEncoding.EncodeToString(data)) + s, err := json.Marshal(acl) + if err != nil { + return i, err + } + d.Set("acl", string(s)) + err = c.getHTTPData("POST", "/v0/keys/", d, &i) + return i, err +} + +// GetKeys gets all Knox (if empty map) or gets all keys in map that do not match key version hash. +func (c *UncachedHTTPClient) GetKeys(keys map[string]string) ([]string, error) { + var l []string + + d := url.Values{} + for k, v := range keys { + d.Set(k, v) + } + + err := c.getHTTPData("GET", "/v0/keys/?"+d.Encode(), nil, &l) + return l, err +} + +// DeleteKey deletes a key from Knox. +func (c UncachedHTTPClient) DeleteKey(keyID string) error { + err := c.getHTTPData("DELETE", "/v0/keys/"+keyID+"/", nil, nil) + return err +} + +// GetACL gets a knox key by keyID. +func (c *UncachedHTTPClient) GetACL(keyID string) (*ACL, error) { + acl := &ACL{} + err := c.getHTTPData("GET", "/v0/keys/"+keyID+"/access/", nil, acl) + return acl, err +} + +// PutAccess will add an ACL rule to a specific key. +func (c *UncachedHTTPClient) PutAccess(keyID string, a ...Access) error { + d := url.Values{} + s, err := json.Marshal(a) + if err != nil { + return err + } + d.Set("acl", string(s)) + err = c.getHTTPData("PUT", "/v0/keys/"+keyID+"/access/", d, nil) + return err +} + +// AddVersion adds a key version to a specific key. +func (c *UncachedHTTPClient) AddVersion(keyID string, data []byte) (uint64, error) { + var i uint64 + d := url.Values{} + d.Set("data", base64.StdEncoding.EncodeToString(data)) + err := c.getHTTPData("POST", "/v0/keys/"+keyID+"/versions/", d, &i) + return i, err +} + +// UpdateVersion either promotes or demotes a specific key version. +func (c *UncachedHTTPClient) UpdateVersion(keyID, versionID string, status VersionStatus) error { + d := url.Values{} + s, err := status.MarshalJSON() + if err != nil { + return err + } + d.Set("status", string(s)) + + err = c.getHTTPData("PUT", "/v0/keys/"+keyID+"/versions/"+versionID+"/", d, nil) + return err +} + +func (c *UncachedHTTPClient) getClient() (HTTP, error) { + if c.Client == nil { + c.Client = &http.Client{} + } + return c.Client, nil +} + +func (c *UncachedHTTPClient) getHTTPData(method string, path string, body url.Values, data interface{}) error { + r, err := http.NewRequest(method, "https://"+c.Host+path, bytes.NewBufferString(body.Encode())) + + if err != nil { + return err + } + + auth := c.AuthHandler() + if auth == "" { + return fmt.Errorf("No authentication data given. Use 'knox login' or set KNOX_USER_AUTH or KNOX_MACHINE_AUTH") + } + // Get user from env variable and machine hostname from elsewhere. + r.Header.Set("Authorization", auth) + r.Header.Set("User-Agent", fmt.Sprintf("Knox_Client/%s", c.Version)) + + if body != nil { + r.Header.Set("Content-Type", "application/x-www-form-urlencoded") + } + + cli, err := c.getClient() + if err != nil { + return err + } + + resp := &Response{} + resp.Data = data + // Contains retry logic if we decode a 500 error. + for i := 1; i <= maxRetryAttempts; i++ { + err = getHTTPResp(cli, r, resp) + if err != nil { + return err + } + if resp.Status != "ok" { + if (resp.Code != InternalServerErrorCode) || (i == maxRetryAttempts) { + return fmt.Errorf(resp.Message) + } + time.Sleep(GetBackoffDuration(i)) + } else { + break + } + } + + return nil +} + + func getHTTPResp(cli HTTP, r *http.Request, resp *Response) error { w, err := cli.Do(r) if err != nil { diff --git a/client/command.go b/client/command.go index 9c2bd33..f838a59 100644 --- a/client/command.go +++ b/client/command.go @@ -56,7 +56,6 @@ type VisibilityParams struct { SummaryMetrics func(map[string]uint64) InvokeMetrics func(map[string]string) GetKeyMetrics func(map[string]string) - NoCache bool } var logf = func(string, ...interface{}) {} @@ -73,7 +72,6 @@ func Run( ) { cli = client - cache := true if p != nil { if p.Logf != nil { logf = p.Logf @@ -90,9 +88,6 @@ func Run( if p.GetKeyMetrics != nil { clientGetKeyMetrics = p.GetKeyMetrics } - if p.NoCache { - cache = false - } if loginCommand == nil { fatalf("A login command was not supplied, you must supply a login command.") } @@ -117,9 +112,6 @@ func Run( if cmd.CustomFlags { args = args[1:] } else { - if !cache{ - args = append(args, "-no-cache") - } cmd.Flag.Parse(args[1:]) args = cmd.Flag.Args() } diff --git a/client/get.go b/client/get.go index 0257f35..9b0336e 100644 --- a/client/get.go +++ b/client/get.go @@ -39,7 +39,6 @@ var getNetwork = cmdGet.Flag.Bool("n", false, "") var getAll = cmdGet.Flag.Bool("a", false, "") var getTinkKeyset = cmdGet.Flag.Bool("tink-keyset", false, "get the stored tink keyset of the given knox identifier entirely") var getTinkKeysetInfo = cmdGet.Flag.Bool("tink-keyset-info", false, "get the metadata of the stored tink keyset of the given knox identifier") -var noCache = cmdGet.Flag.Bool("no-cache", false, "no cache for keys") func successGetKeyMetric(keyID string) { clientGetKeyMetrics(map[string]string{ @@ -66,7 +65,7 @@ func runGet(cmd *Command, args []string) *ErrorStatus { var err error var key *knox.Key if *getTinkKeyset { - tinkKeysetInBytes, err := retrieveTinkKeyset(keyID, *getNetwork||*noCache) + tinkKeysetInBytes, err := retrieveTinkKeyset(keyID, *getNetwork) if err != nil { failureGetKeyMetric(keyID, err) return err @@ -76,7 +75,7 @@ func runGet(cmd *Command, args []string) *ErrorStatus { return nil } if *getTinkKeysetInfo { - tinkKeysetInfo, err := retrieveTinkKeysetInfo(keyID, *getNetwork||*noCache) + tinkKeysetInfo, err := retrieveTinkKeysetInfo(keyID, *getNetwork) if err != nil { failureGetKeyMetric(keyID, err) return err diff --git a/client/register.go b/client/register.go index 75c5265..4384555 100644 --- a/client/register.go +++ b/client/register.go @@ -41,7 +41,6 @@ var registerKey = cmdRegister.Flag.String("k", "", "") var registerKeyFile = cmdRegister.Flag.String("f", "", "") var registerAndGet = cmdRegister.Flag.Bool("g", false, "") var registerTimeout = cmdRegister.Flag.String("t", "5s", "") -var noCache = cmdRegister.Flag.Bool("no-cache", false, "no cache for keys") const registerRecheckTime = 10 * time.Millisecond @@ -58,10 +57,10 @@ func parseTimeout(val string) (time.Duration, error) { } func runRegister(cmd *Command, args []string) *ErrorStatus { - if *noCache{ + if _, ok := cli.Type().FieldByName("KeyFolder"); !ok { fmt.Println("Cannot Register in No Cache mode") return nil - } + } timeout, err := parseTimeout(*registerTimeout) if err != nil { return &ErrorStatus{fmt.Errorf("Invalid value for timeout flag: %s", err.Error()), false} From 1780934950c2e1e4613e98a6ad7365ebd60da78c Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Wed, 21 Feb 2024 16:46:22 -0800 Subject: [PATCH 03/15] embed cached client --- client.go | 144 ++++++------------------------------------------------ 1 file changed, 16 insertions(+), 128 deletions(-) diff --git a/client.go b/client.go index 50c31dd..2b4ba45 100644 --- a/client.go +++ b/client.go @@ -441,40 +441,20 @@ func (c *HTTPClient) getHTTPData(method string, path string, body url.Values, da // UncachedHTTPClient is a client that uses HTTP to talk to Knox without caching. type UncachedHTTPClient struct { - // Host is used as the host for http connections - Host string - //AuthHandler returns the authorization string for authenticating to knox. Users should be prefixed by 0u, machines by 0m. On fail, return empty string. - AuthHandler func() string - // Client is the http client for making network calls - Client HTTP - // Version is the current client version, useful for debugging and sent as a header - Version string + // CachedClient is the normal functional client + CachedClient HTTPClient } // NewClient creates a new uncached client to connect to talk to Knox. -func NewUncachedClient(host string, client HTTP, authHandler func() string, version string) APIClient { - return &HTTPClient{ - Host: host, - Client: client, - AuthHandler: authHandler, - Version: version, +func NewUncachedClient(host string, client HTTP, cachedClient HTTPClient, authHandler func() string, version string) APIClient { + return &UncachedHTTPClient{ + CachedClient: cachedClient, } } // NetworkGetKey gets a knox key by keyID and only uses network without the caches. func (c *UncachedHTTPClient) NetworkGetKey(keyID string) (*Key, error) { - key := &Key{} - err := c.getHTTPData("GET", "/v0/keys/"+keyID+"/", nil, key) - if err != nil { - return nil, err - } - - // do not return the invalid format remote keys - if key.ID == "" || key.ACL == nil || key.VersionList == nil || key.VersionHash == "" { - return nil, fmt.Errorf("invalid key content for the remote key") - } - - return key, err + return c.CachedClient.NetworkGetKey(keyID) } // CacheGetKey acts same as NetworkGetKey for UncachedHTTPClient. @@ -494,15 +474,7 @@ func (c *UncachedHTTPClient) CacheGetKeyWithStatus(keyID string, status VersionS // NetworkGetKeyWithStatus gets a knox key by keyID and given version status (always calls network). func (c *UncachedHTTPClient) NetworkGetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { - // If clients need to know - s, err := status.MarshalJSON() - if err != nil { - return nil, err - } - - key := &Key{} - err = c.getHTTPData("GET", "/v0/keys/"+keyID+"/?status="+string(s), nil, key) - return key, err + return c.CachedClient.NetworkGetKeyWithStatus(keyID, status) } // GetKeyWithStatus gets a knox key by keyID and status (no cache). @@ -512,129 +484,45 @@ func (c *UncachedHTTPClient) GetKeyWithStatus(keyID string, status VersionStatus // CreateKey creates a knox key with given keyID data and ACL. func (c *UncachedHTTPClient) CreateKey(keyID string, data []byte, acl ACL) (uint64, error) { - var i uint64 - d := url.Values{} - d.Set("id", keyID) - d.Set("data", base64.StdEncoding.EncodeToString(data)) - s, err := json.Marshal(acl) - if err != nil { - return i, err - } - d.Set("acl", string(s)) - err = c.getHTTPData("POST", "/v0/keys/", d, &i) - return i, err + return c.CachedClient.CreateKey(keyID, data, acl) } // GetKeys gets all Knox (if empty map) or gets all keys in map that do not match key version hash. func (c *UncachedHTTPClient) GetKeys(keys map[string]string) ([]string, error) { - var l []string - - d := url.Values{} - for k, v := range keys { - d.Set(k, v) - } - - err := c.getHTTPData("GET", "/v0/keys/?"+d.Encode(), nil, &l) - return l, err + return c.CachedClient.GetKeys(keys) } // DeleteKey deletes a key from Knox. func (c UncachedHTTPClient) DeleteKey(keyID string) error { - err := c.getHTTPData("DELETE", "/v0/keys/"+keyID+"/", nil, nil) - return err + return c.CachedClient.DeleteKey(keyID) } // GetACL gets a knox key by keyID. func (c *UncachedHTTPClient) GetACL(keyID string) (*ACL, error) { - acl := &ACL{} - err := c.getHTTPData("GET", "/v0/keys/"+keyID+"/access/", nil, acl) - return acl, err + return c.CachedClient.GetACL(keyID) } // PutAccess will add an ACL rule to a specific key. func (c *UncachedHTTPClient) PutAccess(keyID string, a ...Access) error { - d := url.Values{} - s, err := json.Marshal(a) - if err != nil { - return err - } - d.Set("acl", string(s)) - err = c.getHTTPData("PUT", "/v0/keys/"+keyID+"/access/", d, nil) - return err + return c.CachedClient.PutAccess(keyID, a) } // AddVersion adds a key version to a specific key. func (c *UncachedHTTPClient) AddVersion(keyID string, data []byte) (uint64, error) { - var i uint64 - d := url.Values{} - d.Set("data", base64.StdEncoding.EncodeToString(data)) - err := c.getHTTPData("POST", "/v0/keys/"+keyID+"/versions/", d, &i) - return i, err + return c.CachedClient.AddVersion(keyID, data) } // UpdateVersion either promotes or demotes a specific key version. func (c *UncachedHTTPClient) UpdateVersion(keyID, versionID string, status VersionStatus) error { - d := url.Values{} - s, err := status.MarshalJSON() - if err != nil { - return err - } - d.Set("status", string(s)) - - err = c.getHTTPData("PUT", "/v0/keys/"+keyID+"/versions/"+versionID+"/", d, nil) - return err + return c.CachedClient.UpdateVersion(keyID, versionID, status) } func (c *UncachedHTTPClient) getClient() (HTTP, error) { - if c.Client == nil { - c.Client = &http.Client{} - } - return c.Client, nil + return c.CachedClient.getClient() } func (c *UncachedHTTPClient) getHTTPData(method string, path string, body url.Values, data interface{}) error { - r, err := http.NewRequest(method, "https://"+c.Host+path, bytes.NewBufferString(body.Encode())) - - if err != nil { - return err - } - - auth := c.AuthHandler() - if auth == "" { - return fmt.Errorf("No authentication data given. Use 'knox login' or set KNOX_USER_AUTH or KNOX_MACHINE_AUTH") - } - // Get user from env variable and machine hostname from elsewhere. - r.Header.Set("Authorization", auth) - r.Header.Set("User-Agent", fmt.Sprintf("Knox_Client/%s", c.Version)) - - if body != nil { - r.Header.Set("Content-Type", "application/x-www-form-urlencoded") - } - - cli, err := c.getClient() - if err != nil { - return err - } - - resp := &Response{} - resp.Data = data - // Contains retry logic if we decode a 500 error. - for i := 1; i <= maxRetryAttempts; i++ { - err = getHTTPResp(cli, r, resp) - if err != nil { - return err - } - if resp.Status != "ok" { - if (resp.Code != InternalServerErrorCode) || (i == maxRetryAttempts) { - return fmt.Errorf(resp.Message) - } - time.Sleep(GetBackoffDuration(i)) - } else { - break - } - } - - return nil + return c.CachedClient.getHTTPData(method, path, body, data) } From 16deb6d8e930ea33ced4e086013db89f09cf36e3 Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Thu, 22 Feb 2024 10:12:43 -0800 Subject: [PATCH 04/15] fix new UncachedClient --- client.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client.go b/client.go index 2b4ba45..f1ca0e3 100644 --- a/client.go +++ b/client.go @@ -446,7 +446,7 @@ type UncachedHTTPClient struct { } // NewClient creates a new uncached client to connect to talk to Knox. -func NewUncachedClient(host string, client HTTP, cachedClient HTTPClient, authHandler func() string, version string) APIClient { +func NewUncachedClient(cachedClient HTTPClient) APIClient { return &UncachedHTTPClient{ CachedClient: cachedClient, } From eb9d7315656a56b077f542413b53fe20ab5bd2f3 Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Fri, 23 Feb 2024 14:59:39 -0800 Subject: [PATCH 05/15] embed UncachedClient to cachedClient --- client.go | 251 +++++++++++++++++++++++++++--------------------------- 1 file changed, 126 insertions(+), 125 deletions(-) diff --git a/client.go b/client.go index f1ca0e3..09c5aec 100644 --- a/client.go +++ b/client.go @@ -195,26 +195,17 @@ type HTTP interface { // HTTPClient is a client that uses HTTP to talk to Knox. type HTTPClient struct { - // Host is used as the host for http connections - Host string - //AuthHandler returns the authorization string for authenticating to knox. Users should be prefixed by 0u, machines by 0m. On fail, return empty string. - AuthHandler func() string // KeyFolder is the location of cached keys on the file system. If empty, does not check for cached keys. KeyFolder string // Client is the http client for making network calls - Client HTTP - // Version is the current client version, useful for debugging and sent as a header - Version string + UncachedClient UncachedHTTPClient } // NewClient creates a new client to connect to talk to Knox. func NewClient(host string, client HTTP, authHandler func() string, keyFolder, version string) APIClient { return &HTTPClient{ - Host: host, - Client: client, - AuthHandler: authHandler, KeyFolder: keyFolder, - Version: version, + UncachedClient: NewUncachedClient(host, client, authHandler, version) } } @@ -244,18 +235,7 @@ func (c *HTTPClient) CacheGetKey(keyID string) (*Key, error) { // NetworkGetKey gets a knox key by keyID and only uses network without the caches. func (c *HTTPClient) NetworkGetKey(keyID string) (*Key, error) { - key := &Key{} - err := c.getHTTPData("GET", "/v0/keys/"+keyID+"/", nil, key) - if err != nil { - return nil, err - } - - // do not return the invalid format remote keys - if key.ID == "" || key.ACL == nil || key.VersionList == nil || key.VersionHash == "" { - return nil, fmt.Errorf("invalid key content for the remote key") - } - - return key, err + return c.UncachedClient.NetworkGetKey(keyID) } // GetKey gets a knox key by keyID. @@ -291,6 +271,118 @@ func (c *HTTPClient) CacheGetKeyWithStatus(keyID string, status VersionStatus) ( // NetworkGetKeyWithStatus gets a knox key by keyID and given version status (always calls network). func (c *HTTPClient) NetworkGetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { + // If clients need to know + return c.UncachedClient.NetworkGetKeyWithStatus(keyID, status) +} + +// GetKeyWithStatus gets a knox key by keyID and status (leverages cache). +func (c *HTTPClient) GetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { + key, err := c.CacheGetKeyWithStatus(keyID, status) + if err != nil { + return c.NetworkGetKeyWithStatus(keyID, status) + } + return key, err +} + +// CreateKey creates a knox key with given keyID data and ACL. +func (c *HTTPClient) CreateKey(keyID string, data []byte, acl ACL) (uint64, error) { + return c.UncachedClient.CreateKey(keyID, data, acl) +} + +// GetKeys gets all Knox (if empty map) or gets all keys in map that do not match key version hash. +func (c *HTTPClient) GetKeys(keys map[string]string) ([]string, error) { + return c.UncachedClient.GetKeys(keys) +} + +// DeleteKey deletes a key from Knox. +func (c HTTPClient) DeleteKey(keyID string) error { + return c.UncachedClient.DeleteKey(keyID) +} + +// GetACL gets a knox key by keyID. +func (c *HTTPClient) GetACL(keyID string) (*ACL, error) { + return c.UncachedClient.GetACL(keyID) +} + +// PutAccess will add an ACL rule to a specific key. +func (c *HTTPClient) PutAccess(keyID string, a ...Access) error { + return c.UncachedClient.PutAccess(keyID, a) +} + +// AddVersion adds a key version to a specific key. +func (c *HTTPClient) AddVersion(keyID string, data []byte) (uint64, error) { + return c.UncachedClient.AddVersion(keyID, data) +} + +// UpdateVersion either promotes or demotes a specific key version. +func (c *HTTPClient) UpdateVersion(keyID, versionID string, status VersionStatus) error { + return c.UncachedClient.UpdateVersion(keyID, versionID, status) +} + +func (c *HTTPClient) getClient() (HTTP, error) { + return c.UncachedClient.getClient() +} + +func (c *HTTPClient) getHTTPData(method string, path string, body url.Values, data interface{}) error { + return c.UncachedClient.getHTTPData(method, path, body, data) +} + + +// UncachedHTTPClient is a client that uses HTTP to talk to Knox without caching. +type UncachedHTTPClient struct { + // Host is used as the host for http connections + Host string + //AuthHandler returns the authorization string for authenticating to knox. Users should be prefixed by 0u, machines by 0m. On fail, return empty string. + AuthHandler func() string + // Client is the http client for making network calls + Client HTTP + // Version is the current client version, useful for debugging and sent as a header + Version string +} + +// NewClient creates a new uncached client to connect to talk to Knox. +func NewUncachedClient(host string, client HTTP, authHandler func() string, version string) APIClient { + return &UncachedHTTPClient{ + Host: host, + Client: client, + AuthHandler: authHandler, + Version: version, + } +} + +// NetworkGetKey gets a knox key by keyID and only uses network without the caches. +func (c *UncachedHTTPClient) NetworkGetKey(keyID string) (*Key, error) { + key := &Key{} + err := c.getHTTPData("GET", "/v0/keys/"+keyID+"/", nil, key) + if err != nil { + return nil, err + } + + // do not return the invalid format remote keys + if key.ID == "" || key.ACL == nil || key.VersionList == nil || key.VersionHash == "" { + return nil, fmt.Errorf("invalid key content for the remote key") + } + + return key, err +} + +// CacheGetKey acts same as NetworkGetKey for UncachedHTTPClient. +func (c *UncachedHTTPClient) CacheGetKey(keyID string) (*Key, error) { + return c.NetworkGetKey(keyID) +} + +// GetKey gets a knox key by keyID. +func (c *UncachedHTTPClient) GetKey(keyID string) (*Key, error) { + return c.NetworkGetKey(keyID) +} + +// CacheGetKeyWithStatus acts same as NetworkGetKeyWithStatus for UncachedHTTPClient. +func (c *UncachedHTTPClient) CacheGetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { + return c.NetworkGetKeyWithStatus(keyID, status) +} + +// NetworkGetKeyWithStatus gets a knox key by keyID and given version status (always calls network). +func (c *UncachedHTTPClient) NetworkGetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { // If clients need to know s, err := status.MarshalJSON() if err != nil { @@ -302,17 +394,13 @@ func (c *HTTPClient) NetworkGetKeyWithStatus(keyID string, status VersionStatus) return key, err } -// GetKeyWithStatus gets a knox key by keyID and status (leverages cache). -func (c *HTTPClient) GetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { - key, err := c.CacheGetKeyWithStatus(keyID, status) - if err != nil { +// GetKeyWithStatus gets a knox key by keyID and status (no cache). +func (c *UncachedHTTPClient) GetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { return c.NetworkGetKeyWithStatus(keyID, status) - } - return key, err } // CreateKey creates a knox key with given keyID data and ACL. -func (c *HTTPClient) CreateKey(keyID string, data []byte, acl ACL) (uint64, error) { +func (c *UncachedHTTPClient) CreateKey(keyID string, data []byte, acl ACL) (uint64, error) { var i uint64 d := url.Values{} d.Set("id", keyID) @@ -327,7 +415,7 @@ func (c *HTTPClient) CreateKey(keyID string, data []byte, acl ACL) (uint64, erro } // GetKeys gets all Knox (if empty map) or gets all keys in map that do not match key version hash. -func (c *HTTPClient) GetKeys(keys map[string]string) ([]string, error) { +func (c *UncachedHTTPClient) GetKeys(keys map[string]string) ([]string, error) { var l []string d := url.Values{} @@ -340,20 +428,20 @@ func (c *HTTPClient) GetKeys(keys map[string]string) ([]string, error) { } // DeleteKey deletes a key from Knox. -func (c HTTPClient) DeleteKey(keyID string) error { +func (c UncachedHTTPClient) DeleteKey(keyID string) error { err := c.getHTTPData("DELETE", "/v0/keys/"+keyID+"/", nil, nil) return err } // GetACL gets a knox key by keyID. -func (c *HTTPClient) GetACL(keyID string) (*ACL, error) { +func (c *UncachedHTTPClient) GetACL(keyID string) (*ACL, error) { acl := &ACL{} err := c.getHTTPData("GET", "/v0/keys/"+keyID+"/access/", nil, acl) return acl, err } // PutAccess will add an ACL rule to a specific key. -func (c *HTTPClient) PutAccess(keyID string, a ...Access) error { +func (c *UncachedHTTPClient) PutAccess(keyID string, a ...Access) error { d := url.Values{} s, err := json.Marshal(a) if err != nil { @@ -365,7 +453,7 @@ func (c *HTTPClient) PutAccess(keyID string, a ...Access) error { } // AddVersion adds a key version to a specific key. -func (c *HTTPClient) AddVersion(keyID string, data []byte) (uint64, error) { +func (c *UncachedHTTPClient) AddVersion(keyID string, data []byte) (uint64, error) { var i uint64 d := url.Values{} d.Set("data", base64.StdEncoding.EncodeToString(data)) @@ -374,7 +462,7 @@ func (c *HTTPClient) AddVersion(keyID string, data []byte) (uint64, error) { } // UpdateVersion either promotes or demotes a specific key version. -func (c *HTTPClient) UpdateVersion(keyID, versionID string, status VersionStatus) error { +func (c *UncachedHTTPClient) UpdateVersion(keyID, versionID string, status VersionStatus) error { d := url.Values{} s, err := status.MarshalJSON() if err != nil { @@ -386,14 +474,14 @@ func (c *HTTPClient) UpdateVersion(keyID, versionID string, status VersionStatus return err } -func (c *HTTPClient) getClient() (HTTP, error) { +func (c *UncachedHTTPClient) getClient() (HTTP, error) { if c.Client == nil { c.Client = &http.Client{} } return c.Client, nil } -func (c *HTTPClient) getHTTPData(method string, path string, body url.Values, data interface{}) error { +func (c *UncachedHTTPClient) getHTTPData(method string, path string, body url.Values, data interface{}) error { r, err := http.NewRequest(method, "https://"+c.Host+path, bytes.NewBufferString(body.Encode())) if err != nil { @@ -439,93 +527,6 @@ func (c *HTTPClient) getHTTPData(method string, path string, body url.Values, da } -// UncachedHTTPClient is a client that uses HTTP to talk to Knox without caching. -type UncachedHTTPClient struct { - // CachedClient is the normal functional client - CachedClient HTTPClient -} - -// NewClient creates a new uncached client to connect to talk to Knox. -func NewUncachedClient(cachedClient HTTPClient) APIClient { - return &UncachedHTTPClient{ - CachedClient: cachedClient, - } -} - -// NetworkGetKey gets a knox key by keyID and only uses network without the caches. -func (c *UncachedHTTPClient) NetworkGetKey(keyID string) (*Key, error) { - return c.CachedClient.NetworkGetKey(keyID) -} - -// CacheGetKey acts same as NetworkGetKey for UncachedHTTPClient. -func (c *UncachedHTTPClient) CacheGetKey(keyID string) (*Key, error) { - return c.NetworkGetKey(keyID) -} - -// GetKey gets a knox key by keyID. -func (c *UncachedHTTPClient) GetKey(keyID string) (*Key, error) { - return c.NetworkGetKey(keyID) -} - -// CacheGetKeyWithStatus acts same as NetworkGetKeyWithStatus for UncachedHTTPClient. -func (c *UncachedHTTPClient) CacheGetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { - return c.NetworkGetKeyWithStatus(keyID, status) -} - -// NetworkGetKeyWithStatus gets a knox key by keyID and given version status (always calls network). -func (c *UncachedHTTPClient) NetworkGetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { - return c.CachedClient.NetworkGetKeyWithStatus(keyID, status) -} - -// GetKeyWithStatus gets a knox key by keyID and status (no cache). -func (c *UncachedHTTPClient) GetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { - return c.NetworkGetKeyWithStatus(keyID, status) -} - -// CreateKey creates a knox key with given keyID data and ACL. -func (c *UncachedHTTPClient) CreateKey(keyID string, data []byte, acl ACL) (uint64, error) { - return c.CachedClient.CreateKey(keyID, data, acl) -} - -// GetKeys gets all Knox (if empty map) or gets all keys in map that do not match key version hash. -func (c *UncachedHTTPClient) GetKeys(keys map[string]string) ([]string, error) { - return c.CachedClient.GetKeys(keys) -} - -// DeleteKey deletes a key from Knox. -func (c UncachedHTTPClient) DeleteKey(keyID string) error { - return c.CachedClient.DeleteKey(keyID) -} - -// GetACL gets a knox key by keyID. -func (c *UncachedHTTPClient) GetACL(keyID string) (*ACL, error) { - return c.CachedClient.GetACL(keyID) -} - -// PutAccess will add an ACL rule to a specific key. -func (c *UncachedHTTPClient) PutAccess(keyID string, a ...Access) error { - return c.CachedClient.PutAccess(keyID, a) -} - -// AddVersion adds a key version to a specific key. -func (c *UncachedHTTPClient) AddVersion(keyID string, data []byte) (uint64, error) { - return c.CachedClient.AddVersion(keyID, data) -} - -// UpdateVersion either promotes or demotes a specific key version. -func (c *UncachedHTTPClient) UpdateVersion(keyID, versionID string, status VersionStatus) error { - return c.CachedClient.UpdateVersion(keyID, versionID, status) -} - -func (c *UncachedHTTPClient) getClient() (HTTP, error) { - return c.CachedClient.getClient() -} - -func (c *UncachedHTTPClient) getHTTPData(method string, path string, body url.Values, data interface{}) error { - return c.CachedClient.getHTTPData(method, path, body, data) -} - - func getHTTPResp(cli HTTP, r *http.Request, resp *Response) error { w, err := cli.Do(r) if err != nil { From b14cd7dfbb79de150af03b9560826ab392d536f9 Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Tue, 27 Feb 2024 11:14:38 -0800 Subject: [PATCH 06/15] fix build --- client.go | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/client.go b/client.go index 09c5aec..9e84ff8 100644 --- a/client.go +++ b/client.go @@ -205,7 +205,7 @@ type HTTPClient struct { func NewClient(host string, client HTTP, authHandler func() string, keyFolder, version string) APIClient { return &HTTPClient{ KeyFolder: keyFolder, - UncachedClient: NewUncachedClient(host, client, authHandler, version) + UncachedClient: NewUncachedClient(host, client, authHandler, version), } } @@ -306,7 +306,7 @@ func (c *HTTPClient) GetACL(keyID string) (*ACL, error) { // PutAccess will add an ACL rule to a specific key. func (c *HTTPClient) PutAccess(keyID string, a ...Access) error { - return c.UncachedClient.PutAccess(keyID, a) + return c.UncachedClient.PutAccess(keyID, a...) } // AddVersion adds a key version to a specific key. @@ -320,7 +320,10 @@ func (c *HTTPClient) UpdateVersion(keyID, versionID string, status VersionStatus } func (c *HTTPClient) getClient() (HTTP, error) { - return c.UncachedClient.getClient() + if c.UncachedClient.Client == nil { + c.UncachedClient.Client = &http.Client{} + } + return c.UncachedClient.Client, nil } func (c *HTTPClient) getHTTPData(method string, path string, body url.Values, data interface{}) error { @@ -341,8 +344,8 @@ type UncachedHTTPClient struct { } // NewClient creates a new uncached client to connect to talk to Knox. -func NewUncachedClient(host string, client HTTP, authHandler func() string, version string) APIClient { - return &UncachedHTTPClient{ +func NewUncachedClient(host string, client HTTP, authHandler func() string, version string) UncachedHTTPClient { + return UncachedHTTPClient{ Host: host, Client: client, AuthHandler: authHandler, @@ -541,12 +544,14 @@ func getHTTPResp(cli HTTP, r *http.Request, resp *Response) error { // MockClient builds a client that ignores certs and talks to the given host. func MockClient(host, keyFolder string) *HTTPClient { return &HTTPClient{ - Host: host, - AuthHandler: func() string { - return "TESTAUTH" - }, KeyFolder: keyFolder, - Client: &http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: true}}}, - Version: "mock", + UncachedClient: UncachedHTTPClient{ + Host: host, + AuthHandler: func() string { + return "TESTAUTH" + }, + Client: &http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: true}}}, + Version: "mock", + }, } } From d978210016c41f1693f585105d11e0a3294a689f Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Thu, 29 Feb 2024 00:44:48 -0800 Subject: [PATCH 07/15] fix buildable --- client/register.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/register.go b/client/register.go index 4384555..c7edbc9 100644 --- a/client/register.go +++ b/client/register.go @@ -57,7 +57,7 @@ func parseTimeout(val string) (time.Duration, error) { } func runRegister(cmd *Command, args []string) *ErrorStatus { - if _, ok := cli.Type().FieldByName("KeyFolder"); !ok { + if _, ok := cli.(*UncachedHTTPClient); ok { fmt.Println("Cannot Register in No Cache mode") return nil } From 97961d5a747e14d56cabfa69412d15db2d6b808a Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Thu, 29 Feb 2024 02:22:42 -0800 Subject: [PATCH 08/15] Retry buildable --- client/register.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/register.go b/client/register.go index c7edbc9..cf3c322 100644 --- a/client/register.go +++ b/client/register.go @@ -57,7 +57,7 @@ func parseTimeout(val string) (time.Duration, error) { } func runRegister(cmd *Command, args []string) *ErrorStatus { - if _, ok := cli.(*UncachedHTTPClient); ok { + if _, ok := cli.(*HTTPClient); !ok { fmt.Println("Cannot Register in No Cache mode") return nil } From bd518c086bcb81c06cb4eccf41eb37fa956e53cb Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Thu, 29 Feb 2024 02:32:39 -0800 Subject: [PATCH 09/15] Retry buildable --- client.go | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/client.go b/client.go index 9e84ff8..a1f3595 100644 --- a/client.go +++ b/client.go @@ -133,6 +133,15 @@ func NewMock(primary string, active []string) Client { return &fileClient{primary: primary, active: active, keyObject: Key{VersionList: KeyVersionList(kvl)}} } + +// HTTPClient is a client that uses HTTP to talk to Knox. +type HTTPClient struct { + // KeyFolder is the location of cached keys on the file system. If empty, does not check for cached keys. + KeyFolder string + // Client is the http client for making network calls + UncachedClient UncachedHTTPClient +} + // Register registers the given keyName with knox. If the operation fails, it returns an error. func Register(keyID string) ([]byte, error) { var stdout, stderr bytes.Buffer @@ -193,14 +202,6 @@ type HTTP interface { Do(req *http.Request) (*http.Response, error) } -// HTTPClient is a client that uses HTTP to talk to Knox. -type HTTPClient struct { - // KeyFolder is the location of cached keys on the file system. If empty, does not check for cached keys. - KeyFolder string - // Client is the http client for making network calls - UncachedClient UncachedHTTPClient -} - // NewClient creates a new client to connect to talk to Knox. func NewClient(host string, client HTTP, authHandler func() string, keyFolder, version string) APIClient { return &HTTPClient{ From 74ad8fa8f255f9d063ac0c487fe5fa2171be0f88 Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Thu, 29 Feb 2024 02:37:06 -0800 Subject: [PATCH 10/15] Retry buildable --- client.go | 17 ++++++++--------- client/register.go | 3 ++- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/client.go b/client.go index a1f3595..9e84ff8 100644 --- a/client.go +++ b/client.go @@ -133,15 +133,6 @@ func NewMock(primary string, active []string) Client { return &fileClient{primary: primary, active: active, keyObject: Key{VersionList: KeyVersionList(kvl)}} } - -// HTTPClient is a client that uses HTTP to talk to Knox. -type HTTPClient struct { - // KeyFolder is the location of cached keys on the file system. If empty, does not check for cached keys. - KeyFolder string - // Client is the http client for making network calls - UncachedClient UncachedHTTPClient -} - // Register registers the given keyName with knox. If the operation fails, it returns an error. func Register(keyID string) ([]byte, error) { var stdout, stderr bytes.Buffer @@ -202,6 +193,14 @@ type HTTP interface { Do(req *http.Request) (*http.Response, error) } +// HTTPClient is a client that uses HTTP to talk to Knox. +type HTTPClient struct { + // KeyFolder is the location of cached keys on the file system. If empty, does not check for cached keys. + KeyFolder string + // Client is the http client for making network calls + UncachedClient UncachedHTTPClient +} + // NewClient creates a new client to connect to talk to Knox. func NewClient(host string, client HTTP, authHandler func() string, keyFolder, version string) APIClient { return &HTTPClient{ diff --git a/client/register.go b/client/register.go index cf3c322..d6a66b6 100644 --- a/client/register.go +++ b/client/register.go @@ -6,6 +6,7 @@ import ( "path" "strconv" "time" + "reflect" ) func init() { @@ -57,7 +58,7 @@ func parseTimeout(val string) (time.Duration, error) { } func runRegister(cmd *Command, args []string) *ErrorStatus { - if _, ok := cli.(*HTTPClient); !ok { + if reflect.TypeOf(cli).Name() == "UncachedHTTPClient" { fmt.Println("Cannot Register in No Cache mode") return nil } From fbbf405d20d711b576aebdb991da3f167591cb75 Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Thu, 29 Feb 2024 02:42:03 -0800 Subject: [PATCH 11/15] fix buildable for dev_client --- cmd/dev_client/main.go | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/cmd/dev_client/main.go b/cmd/dev_client/main.go index 21ef507..1bf153d 100644 --- a/cmd/dev_client/main.go +++ b/cmd/dev_client/main.go @@ -116,10 +116,12 @@ func main() { } cli := &knox.HTTPClient{ - Host: hostname, - AuthHandler: authHandler, KeyFolder: keyFolder, - Client: &http.Client{Transport: &http.Transport{TLSClientConfig: tlsConfig}}, + UncachedClient: knox.UncachedHTTPClient{ + Host: hostname, + AuthHandler: authHandler, + Client: &http.Client{Transport: &http.Transport{TLSClientConfig: tlsConfig}}, + }, } loginCommand := client.NewLoginCommand(clientID, tokenEndpoint, "", "", "", "") From 4a06ff6ce814d3637fe36690dce9c7a6ad192ced Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Thu, 29 Feb 2024 11:13:02 -0800 Subject: [PATCH 12/15] gofmt --- client.go | 12 +++++------- client/command.go | 4 ++-- client/register.go | 6 +++--- cmd/dev_client/main.go | 2 +- 4 files changed, 11 insertions(+), 13 deletions(-) diff --git a/client.go b/client.go index 9e84ff8..d1aa4e9 100644 --- a/client.go +++ b/client.go @@ -204,7 +204,7 @@ type HTTPClient struct { // NewClient creates a new client to connect to talk to Knox. func NewClient(host string, client HTTP, authHandler func() string, keyFolder, version string) APIClient { return &HTTPClient{ - KeyFolder: keyFolder, + KeyFolder: keyFolder, UncachedClient: NewUncachedClient(host, client, authHandler, version), } } @@ -330,7 +330,6 @@ func (c *HTTPClient) getHTTPData(method string, path string, body url.Values, da return c.UncachedClient.getHTTPData(method, path, body, data) } - // UncachedHTTPClient is a client that uses HTTP to talk to Knox without caching. type UncachedHTTPClient struct { // Host is used as the host for http connections @@ -376,7 +375,7 @@ func (c *UncachedHTTPClient) CacheGetKey(keyID string) (*Key, error) { // GetKey gets a knox key by keyID. func (c *UncachedHTTPClient) GetKey(keyID string) (*Key, error) { - return c.NetworkGetKey(keyID) + return c.NetworkGetKey(keyID) } // CacheGetKeyWithStatus acts same as NetworkGetKeyWithStatus for UncachedHTTPClient. @@ -399,7 +398,7 @@ func (c *UncachedHTTPClient) NetworkGetKeyWithStatus(keyID string, status Versio // GetKeyWithStatus gets a knox key by keyID and status (no cache). func (c *UncachedHTTPClient) GetKeyWithStatus(keyID string, status VersionStatus) (*Key, error) { - return c.NetworkGetKeyWithStatus(keyID, status) + return c.NetworkGetKeyWithStatus(keyID, status) } // CreateKey creates a knox key with given keyID data and ACL. @@ -529,7 +528,6 @@ func (c *UncachedHTTPClient) getHTTPData(method string, path string, body url.Va return nil } - func getHTTPResp(cli HTTP, r *http.Request, resp *Response) error { w, err := cli.Do(r) if err != nil { @@ -550,8 +548,8 @@ func MockClient(host, keyFolder string) *HTTPClient { AuthHandler: func() string { return "TESTAUTH" }, - Client: &http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: true}}}, - Version: "mock", + Client: &http.Client{Transport: &http.Transport{TLSClientConfig: &tls.Config{InsecureSkipVerify: true}}}, + Version: "mock", }, } } diff --git a/client/command.go b/client/command.go index f838a59..2c136e0 100644 --- a/client/command.go +++ b/client/command.go @@ -68,8 +68,8 @@ var clientGetKeyMetrics = func(map[string]string) {} func Run( client knox.APIClient, p *VisibilityParams, - loginCommand *Command, - ) { + loginCommand *Command, +) { cli = client if p != nil { diff --git a/client/register.go b/client/register.go index d6a66b6..aa77d32 100644 --- a/client/register.go +++ b/client/register.go @@ -4,9 +4,9 @@ import ( "encoding/json" "fmt" "path" + "reflect" "strconv" "time" - "reflect" ) func init() { @@ -58,10 +58,10 @@ func parseTimeout(val string) (time.Duration, error) { } func runRegister(cmd *Command, args []string) *ErrorStatus { - if reflect.TypeOf(cli).Name() == "UncachedHTTPClient" { + if reflect.TypeOf(cli).Name() == "UncachedHTTPClient" { fmt.Println("Cannot Register in No Cache mode") return nil - } + } timeout, err := parseTimeout(*registerTimeout) if err != nil { return &ErrorStatus{fmt.Errorf("Invalid value for timeout flag: %s", err.Error()), false} diff --git a/cmd/dev_client/main.go b/cmd/dev_client/main.go index 1bf153d..153a6f4 100644 --- a/cmd/dev_client/main.go +++ b/cmd/dev_client/main.go @@ -116,7 +116,7 @@ func main() { } cli := &knox.HTTPClient{ - KeyFolder: keyFolder, + KeyFolder: keyFolder, UncachedClient: knox.UncachedHTTPClient{ Host: hostname, AuthHandler: authHandler, From ea875989ca0fafdfe595393ce3eead5469dec3b5 Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Thu, 29 Feb 2024 16:02:51 -0800 Subject: [PATCH 13/15] retry buildable --- client/register.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/client/register.go b/client/register.go index aa77d32..2fedef3 100644 --- a/client/register.go +++ b/client/register.go @@ -7,6 +7,7 @@ import ( "reflect" "strconv" "time" + "github.com/pinterest/knox" ) func init() { @@ -58,7 +59,7 @@ func parseTimeout(val string) (time.Duration, error) { } func runRegister(cmd *Command, args []string) *ErrorStatus { - if reflect.TypeOf(cli).Name() == "UncachedHTTPClient" { + if _, ok := cli.(*knox.UncachedHTTPClient); ok { fmt.Println("Cannot Register in No Cache mode") return nil } From adde83ed9a793d3d3d632f5d80ab02f1b732926a Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Thu, 29 Feb 2024 16:05:24 -0800 Subject: [PATCH 14/15] retry buildable --- client/register.go | 1 - 1 file changed, 1 deletion(-) diff --git a/client/register.go b/client/register.go index 2fedef3..226da07 100644 --- a/client/register.go +++ b/client/register.go @@ -4,7 +4,6 @@ import ( "encoding/json" "fmt" "path" - "reflect" "strconv" "time" "github.com/pinterest/knox" From fa64b5be868ba9a8e5012c5feafc3e8353303652 Mon Sep 17 00:00:00 2001 From: Youwen Zhu Date: Thu, 29 Feb 2024 16:08:11 -0800 Subject: [PATCH 15/15] gofmt --- client/register.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/register.go b/client/register.go index 226da07..16d82a3 100644 --- a/client/register.go +++ b/client/register.go @@ -3,10 +3,10 @@ package client import ( "encoding/json" "fmt" + "github.com/pinterest/knox" "path" "strconv" "time" - "github.com/pinterest/knox" ) func init() {