github.com/vchain-us/vcn@v0.9.11-0.20210921212052-a2484d23c0b3/pkg/cmd/serve/verify.go (about) 1 /* 2 * Copyright (c) 2018-2020 vChain, Inc. All Rights Reserved. 3 * This software is released under GPL3. 4 * The full license information can be found under: 5 * https://www.gnu.org/licenses/gpl-3.0.en.html 6 * 7 */ 8 9 package serve 10 11 import ( 12 "fmt" 13 "net/http" 14 "strings" 15 16 "github.com/gorilla/mux" 17 18 "github.com/vchain-us/vcn/pkg/api" 19 "github.com/vchain-us/vcn/pkg/cmd/internal/types" 20 "github.com/vchain-us/vcn/pkg/meta" 21 ) 22 23 func (sh *handler) verify(w http.ResponseWriter, r *http.Request) { 24 vars := mux.Vars(r) 25 hash := strings.ToLower(vars["hash"]) 26 27 if sh.lcHost != "" && sh.lcPort != "" { 28 // todo @Michele move getLcUser in handler sh constructor 29 lcUser, err := getLcUser(r, sh.lcHost, sh.lcPort, sh.lcCert, sh.lcSkipTlsVerify, sh.lcNoTls) 30 if err != nil { 31 writeError(w, http.StatusBadGateway, err) 32 return 33 } 34 if lcUser.Client.ApiKey == "" { 35 writeError(w, http.StatusUnauthorized, fmt.Errorf("api key not provided")) 36 return 37 } 38 err = lcUser.Client.Connect() 39 if err != nil { 40 writeError(w, http.StatusBadGateway, err) 41 return 42 } 43 44 ar, verified, err := lcUser.LoadArtifact( 45 hash, 46 "", 47 "", 48 0, 49 map[string][]string{meta.VcnLCCmdHeaderName: {meta.VcnLCVerifyCmdHeaderValue}}) 50 if err != nil { 51 if err == api.ErrNotVerified { 52 writeError(w, http.StatusConflict, err) 53 return 54 } 55 writeError(w, http.StatusBadRequest, err) 56 return 57 } 58 writeLcResult(w, http.StatusOK, types.NewLcResult(ar, verified, nil)) 59 return 60 } 61 62 var keys []string 63 org := r.URL.Query().Get("org") 64 if org != "" { 65 bo, err := api.GetBlockChainOrganisation(org) 66 if err != nil { 67 writeError(w, http.StatusBadRequest, err) 68 return 69 } 70 keys = bo.MembersIDs() 71 } else { 72 ks := r.URL.Query().Get("signers") 73 if ks != "" { 74 keys = strings.Split(ks, ",") 75 // add 0x if missing, lower case 76 for i, k := range keys { 77 if !strings.HasPrefix(k, "0x") { 78 keys[i] = "0x" + k 79 } 80 keys[i] = strings.ToLower(keys[i]) 81 } 82 } 83 } 84 85 var err error 86 var verification *api.BlockchainVerification 87 user, _, err := getCredential(r) 88 if err != nil { 89 writeError(w, http.StatusBadRequest, err) 90 return 91 } 92 93 // if keys have been passed, check for a verification matching them 94 if len(keys) > 0 { 95 verification, err = api.VerifyMatchingSignerIDs(hash, keys) 96 } else { 97 // if we have an user, check for verification matching user's key first 98 userKey := "" 99 if user != nil { 100 userKey, err = user.SignerID() 101 if err != nil { 102 writeError(w, http.StatusConflict, err) 103 return 104 } 105 } 106 if userKey != "" { 107 verification, err = api.VerifyMatchingSignerIDWithFallback(hash, userKey) 108 } else { 109 // if no passed keys nor user, 110 // just get the last with highest level available verification 111 verification, err = api.Verify(hash) 112 } 113 } 114 115 if err != nil { 116 writeError(w, http.StatusConflict, err) 117 return 118 } 119 120 name := "" 121 var artifact *api.ArtifactResponse 122 if !verification.Unknown() { 123 artifact, _ = api.LoadArtifact(user, hash, verification.MetaHash()) 124 if artifact != nil { 125 name = artifact.Name 126 } 127 } 128 129 // todo(ameingast/leogr): remove reduntat event - need backend improvement 130 api.TrackPublisher(user, meta.VcnVerifyEvent) 131 api.TrackVerify(user, hash, name) 132 133 writeResult(w, http.StatusOK, types.NewResult(nil, artifact, verification)) 134 }