Merge pull request #4 from bitmaelum/develop

Serial number fix

Author: jaytaph

.github/workflows/production.yml renamed to .github/workflows/deploy_production.yml

@@ -1,4 +1,4 @@
-name: production
+name: Deploy to Production
 
 on:
   push:

.github/workflows/staging.yml renamed to .github/workflows/deploy_staging.yml

@@ -1,10 +1,8 @@
-name: staging
+name: Deploy to Staging
 
 on:
   push:
-    branches: [ master ]
-  pull_request:
-    branches: [ master ]
+    branches: [ develop ]
 
 jobs:
   build:

address/dynamodb.go

@@ -2,12 +2,13 @@ package address
 
 import (
 	"errors"
+	"log"
+	"strconv"
+	"time"
+
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/service/dynamodb"
 	"github.com/aws/aws-sdk-go/service/dynamodb/dynamodbattribute"
-	"log"
-	"math/rand"
-	"strconv"
 )
 
 type dynamoDbResolver struct {
@@ -24,7 +25,7 @@ type Record struct {
 	Routing   string `dynamodbav:"routing"`
 	PublicKey string `dynamodbav:"public_key"`
 	Proof     string `dynamodbav:"proof"`
-	Serial    int    `dynamodbav:"sn"`
+	Serial    uint64 `dynamodbav:"sn"`
 }
 
 // NewDynamoDBResolver returns a new resolver based on DynamoDB
@@ -36,14 +37,14 @@ func NewDynamoDBResolver(client *dynamodb.DynamoDB, tableName string) Repository
 }
 
 func (r *dynamoDbResolver) Update(info *ResolveInfoType, routing, publicKey string) (bool, error) {
-	serial := strconv.Itoa(rand.Int())
+	serial := strconv.FormatUint(uint64(time.Now().UnixNano()), 10)
 
 	input := &dynamodb.UpdateItemInput{
 		ExpressionAttributeValues: map[string]*dynamodb.AttributeValue{
 			":s":   {S: aws.String(routing)},
 			":pk":  {S: aws.String(publicKey)},
 			":sn":  {N: aws.String(serial)},
-			":csn": {N: aws.String(strconv.Itoa(info.Serial))},
+			":csn": {N: aws.String(strconv.FormatUint(info.Serial, 10))},
 		},
 		TableName:           aws.String(r.TableName),
 		UpdateExpression:    aws.String("SET routing=:s, public_key=:pk, sn=:sn"),
@@ -68,7 +69,7 @@ func (r *dynamoDbResolver) Create(hash, routing, publicKey, proof string) (bool,
 		Routing:   routing,
 		PublicKey: publicKey,
 		Proof:     proof,
-		Serial:    rand.Int(),
+		Serial:    uint64(time.Now().UnixNano()),
 	}
 
 	av, err := dynamodbattribute.MarshalMap(record)

address/repository.go

@@ -1,9 +1,10 @@
 package address
 
 import (
+	"os"
+
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/dynamodb"
-	"os"
 )
 
 // ResolveInfoType returns information found in the resolver repository
@@ -12,7 +13,7 @@ type ResolveInfoType struct {
 	RoutingID string
 	PubKey    string
 	Proof     string
-	Serial    int
+	Serial    uint64
 }
 
 // Repository to resolve records

go.mod

@@ -5,11 +5,10 @@ go 1.13
 require (
 	github.com/aws/aws-lambda-go v1.19.1
 	github.com/aws/aws-sdk-go v1.34.14
-	github.com/bitmaelum/bitmaelum-suite v0.0.0-20200903072357-5b8a727a984e
-	github.com/davecgh/go-spew v1.1.1
+	github.com/bitmaelum/bitmaelum-suite v0.0.0-20200920071300-2c1d7ed2637f
 	github.com/fzipp/gocyclo v0.0.0-20150627053110-6acd4345c835 // indirect
 	github.com/gordonklaus/ineffassign v0.0.0-20200809085317-e36bfde3bb78 // indirect
 	github.com/stretchr/testify v1.6.1
 	golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect
-	golang.org/x/tools v0.0.0-20200923053713-ba800b16d873 // indirect
+	golang.org/x/tools v0.0.0-20201002055958-0d28ed0cbe40 // indirect
 )

go.sum

@@ -16,8 +16,8 @@ github.com/aws/aws-sdk-go v1.34.14/go.mod h1:5zCpMtNQVjRREroY7sYe8lOMRSxkhG6MZve
 github.com/benbjohnson/clock v1.0.3/go.mod h1:bGMdMPoPVvcYyt1gHDf4J2KE153Yf9BuiUKYMaxlTDM=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
-github.com/bitmaelum/bitmaelum-suite v0.0.0-20200903072357-5b8a727a984e h1:nLU+d0D6R0YbxxLlMTb0Wjp6PQIgT+L5+SGu0T0QDvE=
-github.com/bitmaelum/bitmaelum-suite v0.0.0-20200903072357-5b8a727a984e/go.mod h1:reXCnSRPYujQURux4JCAme5UAFmqv74j9dVxqkx21/8=
+github.com/bitmaelum/bitmaelum-suite v0.0.0-20200920071300-2c1d7ed2637f h1:D+DZwTZIEOBfpPU7Wlk8i3wMf7qGStslwkPU6z53Bsw=
+github.com/bitmaelum/bitmaelum-suite v0.0.0-20200920071300-2c1d7ed2637f/go.mod h1:UJVrJfuR1TgSoPTrd0S1cAzP936oMTpV9/k1bEGMj5s=
 github.com/c2h5oh/datasize v0.0.0-20200112174442-28bbd4740fee/go.mod h1:S/7n9copUssQ56c7aAgHqftWO4LTf4xY6CGWt8Bc+3M=
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
@@ -42,6 +42,7 @@ github.com/dgryski/go-sip13 v0.0.0-20181026042036-e10d5fee7954/go.mod h1:vAd38F8
 github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 github.com/envoyproxy/go-control-plane v0.9.4/go.mod h1:6rpuAdCZL397s3pYoYcLgu1mIlRU8Am5FuJP05cCM98=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
+github.com/ernesto-jimenez/httplogger v0.0.0-20150224132909-86cc44f6150a/go.mod h1:zroVJTjbZUlS0lcewJlcPsS6JQIoFWePhxjOF0/n0f4=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
 github.com/fzipp/gocyclo v0.0.0-20150627053110-6acd4345c835 h1:roDmqJ4Qes7hrDOsWsMCce0vQHz3xiMPjJ9m4c2eeNs=
 github.com/fzipp/gocyclo v0.0.0-20150627053110-6acd4345c835/go.mod h1:BjL/N0+C+j9uNX+1xcNuM9vdSIcXCZrQZUYbXOFbgN8=
@@ -248,10 +249,10 @@ golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtn
 golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
 golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa h1:5E4dL8+NgFOgjwbTKz+OOEGGhP+ectTmF842l6KjupQ=
 golang.org/x/tools v0.0.0-20200207183749-b753a1ba74fa/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/tools v0.0.0-20200918232735-d647fc253266 h1:k7tVuG0g1JwmD3Jh8oAl1vQ1C3jb4Hi/dUl1wWDBJpQ=
-golang.org/x/tools v0.0.0-20200918232735-d647fc253266/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
-golang.org/x/tools v0.0.0-20200923053713-ba800b16d873 h1:Q5Sq7Lt0bkn6Ax1NAraQhKRN7xxxy1LV4guxsyFHZx4=
-golang.org/x/tools v0.0.0-20200923053713-ba800b16d873/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
+golang.org/x/tools v0.0.0-20200929175058-fc8742f94788 h1:0ke3pVIkdCHG9YUVT0cgwuxnrL5pAF9ysE4C27HTQrQ=
+golang.org/x/tools v0.0.0-20200929175058-fc8742f94788/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
+golang.org/x/tools v0.0.0-20201002055958-0d28ed0cbe40 h1:ErPN1Z9An7dXc56pRUCKgWJkjYzc3hE+y15ky9E8qxU=
+golang.org/x/tools v0.0.0-20201002055958-0d28ed0cbe40/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=

handler_address.go

@@ -2,13 +2,17 @@ package main
 
 import (
 	"encoding/json"
+	"log"
+	"regexp"
+	"strconv"
+	"strings"
+
 	"github.com/aws/aws-lambda-go/events"
+	pkgAddress "github.com/bitmaelum/bitmaelum-suite/pkg/address"
 	"github.com/bitmaelum/bitmaelum-suite/pkg/bmcrypto"
 	"github.com/bitmaelum/bitmaelum-suite/pkg/proofofwork"
 	"github.com/bitmaelum/key-resolver-go/address"
-	"log"
-	"regexp"
-	"strings"
+	"github.com/bitmaelum/key-resolver-go/organisation"
 )
 
 type addressUploadBody struct {
@@ -17,6 +21,11 @@ type addressUploadBody struct {
 	Proof     proofofwork.ProofOfWork `json:"proof"`
 }
 
+type organizationRequestBody struct {
+	UserHash         string `json:"user_hash"`
+	OrganizationHash string `json:"org_hash"`
+}
+
 func getAddressHash(hash string, _ events.APIGatewayV2HTTPRequest) *events.APIGatewayV2HTTPResponse {
 	repo := address.GetResolveRepository()
 	info, err := repo.Get(hash)
@@ -30,10 +39,11 @@ func getAddressHash(hash string, _ events.APIGatewayV2HTTPRequest) *events.APIGa
 		return createError("hash not found", 404)
 	}
 
-	data := jsonOut{
-		"hash":       info.Hash,
-		"routing_id": info.RoutingID,
-		"public_key": info.PubKey,
+	data := rawJSONOut{
+		"hash":          info.Hash,
+		"routing_id":    info.RoutingID,
+		"public_key":    info.PubKey,
+		"serial_number": info.Serial,
 	}
 
 	return createOutput(data, 200)
@@ -68,6 +78,21 @@ func postAddressHash(hash string, req events.APIGatewayV2HTTPRequest) *events.AP
 }
 
 func deleteAddressHash(hash string, req events.APIGatewayV2HTTPRequest) *events.APIGatewayV2HTTPResponse {
+	requestBody := &organizationRequestBody{}
+	err := json.Unmarshal([]byte(req.Body), requestBody)
+	if err != nil {
+		log.Print(err)
+		return createError("invalid body data", 400)
+	}
+
+	if requestBody.OrganizationHash != "" {
+		return deleteAddressHashByOrganization(hash, requestBody, req)
+	}
+
+	return deleteAddressHashByOwner(hash, req)
+}
+
+func deleteAddressHashByOwner(hash string, req events.APIGatewayV2HTTPRequest) *events.APIGatewayV2HTTPResponse {
 	repo := address.GetResolveRepository()
 	current, err := repo.Get(hash)
 	if err != nil {
@@ -79,7 +104,7 @@ func deleteAddressHash(hash string, req events.APIGatewayV2HTTPRequest) *events.
 		return createError("cannot find record", 404)
 	}
 
-	if !validateSignature(req, current.PubKey, current.Hash+current.RoutingID) {
+	if !validateSignature(req, current.PubKey, current.Hash+current.RoutingID+strconv.FormatUint(current.Serial, 10)) {
 		return createError("unauthenticated", 401)
 	}
 
@@ -92,8 +117,49 @@ func deleteAddressHash(hash string, req events.APIGatewayV2HTTPRequest) *events.
 	return createOutput("ok", 200)
 }
 
+func deleteAddressHashByOrganization(hash string, organizationInfo *organizationRequestBody, req events.APIGatewayV2HTTPRequest) *events.APIGatewayV2HTTPResponse {
+	addressRepo := address.GetResolveRepository()
+	currentAddress, err := addressRepo.Get(hash)
+	if err != nil {
+		log.Print(err)
+		return createError("error while fetching address record", 500)
+	}
+
+	orgRepo := organisation.GetResolveRepository()
+	currentOrg, err := orgRepo.Get(organizationInfo.OrganizationHash)
+	if err != nil {
+		log.Print(err)
+		return createError("error while fetching organization record", 500)
+	}
+
+	if currentAddress == nil {
+		return createError("cannot find address record", 404)
+	}
+
+	if currentOrg == nil {
+		return createError("cannot find organization record", 404)
+	}
+
+	//Checks if the userhash+orghash matches the hash to be deleted
+	if !pkgAddress.VerifyHash(hash, organizationInfo.UserHash, organizationInfo.OrganizationHash) {
+		return createError("error validating address", 401)
+	}
+
+	if !validateSignature(req, currentOrg.PubKey, currentAddress.Hash+strconv.FormatUint(currentAddress.Serial, 10)) {
+		return createError("unauthenticated", 401)
+	}
+
+	res, err := addressRepo.Delete(currentAddress.Hash)
+	if err != nil || res == false {
+		log.Print(err)
+		return createError("error while deleting address record", 500)
+	}
+
+	return createOutput("ok", 200)
+}
+
 func updateAddress(uploadBody addressUploadBody, req events.APIGatewayV2HTTPRequest, current *address.ResolveInfoType) *events.APIGatewayV2HTTPResponse {
-	if !validateSignature(req, current.PubKey, current.Hash+current.RoutingID) {
+	if !validateSignature(req, current.PubKey, current.Hash+current.RoutingID+strconv.FormatUint(current.Serial, 10)) {
 		return createError("unauthenticated", 401)
 	}
 

handler_organisation.go

@@ -2,16 +2,19 @@ package main
 
 import (
 	"encoding/json"
+	"log"
+	"strconv"
+
 	"github.com/aws/aws-lambda-go/events"
 	"github.com/bitmaelum/bitmaelum-suite/pkg/bmcrypto"
 	"github.com/bitmaelum/bitmaelum-suite/pkg/proofofwork"
 	"github.com/bitmaelum/key-resolver-go/organisation"
-	"log"
 )
 
 type organisationUploadBody struct {
-	PublicKey bmcrypto.PubKey         `json:"public_key"`
-	Proof     proofofwork.ProofOfWork `json:"proof"`
+	PublicKey   bmcrypto.PubKey         `json:"public_key"`
+	Proof       proofofwork.ProofOfWork `json:"proof"`
+	Validations []string                `json:"validations"`
 }
 
 func getOrganisationHash(hash string, _ events.APIGatewayV2HTTPRequest) *events.APIGatewayV2HTTPResponse {
@@ -27,9 +30,11 @@ func getOrganisationHash(hash string, _ events.APIGatewayV2HTTPRequest) *events.
 		return createError("hash not found", 404)
 	}
 
-	data := jsonOut{
-		"hash":       info.Hash,
-		"public_key": info.PubKey,
+	data := rawJSONOut{
+		"hash":          info.Hash,
+		"public_key":    info.PubKey,
+		"validations":   info.Validations,
+		"serial_number": info.Serial,
 	}
 
 	return createOutput(data, 200)
@@ -75,7 +80,7 @@ func deleteOrganisationHash(hash string, req events.APIGatewayV2HTTPRequest) *ev
 		return createError("cannot find record", 404)
 	}
 
-	if !validateSignature(req, current.PubKey, current.Hash) {
+	if !validateSignature(req, current.PubKey, current.Hash+strconv.FormatUint(current.Serial, 10)) {
 		return createError("unauthenticated", 401)
 	}
 
@@ -89,12 +94,12 @@ func deleteOrganisationHash(hash string, req events.APIGatewayV2HTTPRequest) *ev
 }
 
 func updateOrganisation(uploadBody organisationUploadBody, req events.APIGatewayV2HTTPRequest, current *organisation.ResolveInfoType) *events.APIGatewayV2HTTPResponse {
-	if !validateSignature(req, current.PubKey, current.Hash) {
+	if !validateSignature(req, current.PubKey, current.Hash+strconv.FormatUint(current.Serial, 10)) {
 		return createError("unauthenticated", 401)
 	}
 
 	repo := organisation.GetResolveRepository()
-	res, err := repo.Update(current, uploadBody.PublicKey.String(), uploadBody.Proof.String())
+	res, err := repo.Update(current, uploadBody.PublicKey.String(), uploadBody.Proof.String(), uploadBody.Validations)
 
 	if err != nil || res == false {
 		log.Print(err)
@@ -110,7 +115,7 @@ func createOrganisation(hash string, uploadBody organisationUploadBody) *events.
 	}
 
 	repo := organisation.GetResolveRepository()
-	res, err := repo.Create(hash, uploadBody.PublicKey.String(), uploadBody.Proof.String())
+	res, err := repo.Create(hash, uploadBody.PublicKey.String(), uploadBody.Proof.String(), uploadBody.Validations)
 
 	if err != nil || res == false {
 		log.Print(err)

handler_routing.go

@@ -2,11 +2,13 @@ package main
 
 import (
 	"encoding/json"
+	"log"
+	"net"
+	"strconv"
+
 	"github.com/aws/aws-lambda-go/events"
 	"github.com/bitmaelum/bitmaelum-suite/pkg/bmcrypto"
 	"github.com/bitmaelum/key-resolver-go/routing"
-	"log"
-	"net"
 )
 
 type routingUploadBody struct {
@@ -27,10 +29,11 @@ func getRoutingHash(hash string, _ events.APIGatewayV2HTTPRequest) *events.APIGa
 		return createError("hash not found", 404)
 	}
 
-	data := jsonOut{
-		"hash":       info.Hash,
-		"routing":    info.Routing,
-		"public_key": info.PubKey,
+	data := rawJSONOut{
+		"hash":          info.Hash,
+		"routing":       info.Routing,
+		"public_key":    info.PubKey,
+		"serial_number": info.Serial,
 	}
 
 	return createOutput(data, 200)
@@ -65,7 +68,7 @@ func postRoutingHash(hash string, req events.APIGatewayV2HTTPRequest) *events.AP
 }
 
 func updateRouting(uploadBody routingUploadBody, req events.APIGatewayV2HTTPRequest, current *routing.ResolveInfoType) *events.APIGatewayV2HTTPResponse {
-	if !validateSignature(req, current.PubKey, current.Hash) {
+	if !validateSignature(req, current.PubKey, current.Hash+strconv.FormatUint(current.Serial, 10)) {
 		return createError("unauthenticated", 401)
 	}
 
@@ -104,7 +107,7 @@ func deleteRoutingHash(hash string, req events.APIGatewayV2HTTPRequest) *events.
 		return createError("cannot find record", 404)
 	}
 
-	if !validateSignature(req, current.PubKey, current.Hash) {
+	if !validateSignature(req, current.PubKey, current.Hash+strconv.FormatUint(current.Serial, 10)) {
 		return createError("unauthenticated", 401)
 	}
 

http.go

@@ -11,6 +11,7 @@ import (
 )
 
 type jsonOut map[string]string
+type rawJSONOut map[string]interface{}
 
 // createError creates an error message json structure
 func createError(msg string, statusCode int) *events.APIGatewayV2HTTPResponse {