mirror of
https://github.com/gopasspw/gopass.git
synced 2025-12-08 19:24:54 +00:00
7281ca8ab4
* [chore] Migrate to golangci-lint v2 Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [chore] Fix more lint issues Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [chore] Fix more lint issue Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [chore] Fix more lint issues Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [chore] Add more package comments. Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [chore] Fix golangci-lint config and the remaining checks Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [fix] Use Go 1.24 Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [fix] Fix container builds Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * Fix more failing tests Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * Fix test failure Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * Fix another len assertion Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * Move location tests Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [fix] Fix most remaining lint issues Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [fix] Only run XDG specific tests on linux Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> * [fix] Attempt to address on source of flaky failures Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org> --------- Signed-off-by: Dominik Schulz <dominik.schulz@gauner.org>
86 lines
1.8 KiB
Go
86 lines
1.8 KiB
Go
// Package ghssh provides a cache for github ssh keys.
|
|
// It fetches the keys from github and caches them on disk.
|
|
package ghssh
|
|
|
|
import (
|
|
"bufio"
|
|
"context"
|
|
"crypto/tls"
|
|
"fmt"
|
|
"net/http"
|
|
"strings"
|
|
"time"
|
|
|
|
"github.com/gopasspw/gopass/pkg/debug"
|
|
)
|
|
|
|
var httpClient = &http.Client{
|
|
Transport: &http.Transport{
|
|
TLSClientConfig: &tls.Config{
|
|
// enforce TLS 1.3
|
|
MinVersion: tls.VersionTLS13,
|
|
},
|
|
},
|
|
}
|
|
|
|
var baseURL = "https://github.com"
|
|
|
|
// ListKeys returns the public keys for a github user. It will
|
|
// cache results up to a configurable amount of time (default: 6h).
|
|
func (c *Cache) ListKeys(ctx context.Context, user string) ([]string, error) {
|
|
pk, err := c.disk.Get(user)
|
|
if err != nil {
|
|
debug.Log("failed to fetch %s from cache: %s", user, err)
|
|
}
|
|
|
|
if len(pk) > 0 {
|
|
return pk, nil
|
|
}
|
|
|
|
keys, err := c.fetchKeys(ctx, user)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
if len(keys) < 1 {
|
|
return nil, fmt.Errorf("key not found")
|
|
}
|
|
|
|
_ = c.disk.Set(user, keys)
|
|
|
|
return keys, nil
|
|
}
|
|
|
|
// fetchKeys returns the public keys for a github user.
|
|
func (c *Cache) fetchKeys(ctx context.Context, user string) ([]string, error) {
|
|
ctx, cancel := context.WithTimeout(ctx, 30*time.Second)
|
|
defer cancel()
|
|
|
|
url := fmt.Sprintf("%s/%s.keys", baseURL, user)
|
|
debug.Log("fetching public keys for %s from github: %s", user, url)
|
|
|
|
req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
resp, err := httpClient.Do(req)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer resp.Body.Close() //nolint:errcheck
|
|
|
|
if resp.StatusCode != http.StatusOK {
|
|
return nil, fmt.Errorf("failed to fetch keys from %s: %s", url, resp.Status)
|
|
}
|
|
|
|
out := make([]string, 0, 5)
|
|
scanner := bufio.NewScanner(resp.Body)
|
|
|
|
for scanner.Scan() {
|
|
out = append(out, strings.TrimSpace(scanner.Text()))
|
|
}
|
|
|
|
return out, nil
|
|
}
|