Fix PR comments

hslatman · hslatman · commit 02cd3b6b3bf7 · 2021-09-16T23:09:24.000+02:00
diff --git a/acme/account.go b/acme/account.go
@@ -44,13 +44,13 @@ func KeyToID(jwk *jose.JSONWebKey) (string, error) {
 }
 
 type ExternalAccountKey struct {
-	ID              string    `json:"id"`
-	ProvisionerName string    `json:"provisionerName"`
-	Name            string    `json:"name"`
-	AccountID       string    `json:"-"`
-	KeyBytes        []byte    `json:"-"`
-	CreatedAt       time.Time `json:"createdAt"`
-	BoundAt         time.Time `json:"boundAt,omitempty"`
+	ID          string    `json:"id"`
+	Provisioner string    `json:"provisioner"`
+	Reference   string    `json:"reference"`
+	AccountID   string    `json:"-"`
+	KeyBytes    []byte    `json:"-"`
+	CreatedAt   time.Time `json:"createdAt"`
+	BoundAt     time.Time `json:"boundAt,omitempty"`
 }
 
 func (eak *ExternalAccountKey) AlreadyBound() bool {
diff --git a/acme/api/account.go b/acme/api/account.go
@@ -257,7 +257,7 @@ func (h *Handler) validateExternalAccountBinding(ctx context.Context, nar *NewAc
 	// about the handler and thus about its dependencies.
 	eabJSONBytes, err := json.Marshal(nar.ExternalAccountBinding)
 	if err != nil {
-		return nil, acme.WrapErrorISE(err, "error marshaling externalAccountBinding into JSON")
+		return nil, acme.WrapErrorISE(err, "error marshaling externalAccountBinding into bytes")
 	}
 
 	eabJWS, err := squarejose.ParseSigned(string(eabJSONBytes))
diff --git a/acme/api/account_test.go b/acme/api/account_test.go
@@ -686,11 +686,11 @@ func TestHandler_NewAccount(t *testing.T) {
 					},
 					MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
 						return &acme.ExternalAccountKey{
-							ID:              "eakID",
-							ProvisionerName: escProvName,
-							Name:            "testeak",
-							KeyBytes:        []byte{1, 3, 3, 7},
-							CreatedAt:       time.Now(),
+							ID:          "eakID",
+							Provisioner: escProvName,
+							Reference:   "testeak",
+							KeyBytes:    []byte{1, 3, 3, 7},
+							CreatedAt:   time.Now(),
 						}, nil
 					},
 					MockUpdateExternalAccountKey: func(ctx context.Context, provisionerName string, eak *acme.ExternalAccountKey) error {
@@ -1059,11 +1059,11 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
 				db: &acme.MockDB{
 					MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
 						return &acme.ExternalAccountKey{
-							ID:              "eakID",
-							ProvisionerName: escProvName,
-							Name:            "testeak",
-							KeyBytes:        []byte{1, 3, 3, 7},
-							CreatedAt:       time.Now(),
+							ID:          "eakID",
+							Provisioner: escProvName,
+							Reference:   "testeak",
+							KeyBytes:    []byte{1, 3, 3, 7},
+							CreatedAt:   time.Now(),
 						}, nil
 					},
 				},
@@ -1200,12 +1200,12 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
 				db: &acme.MockDB{
 					MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
 						return &acme.ExternalAccountKey{
-							ID:              "eakID",
-							ProvisionerName: escProvName,
-							Name:            "testeak",
-							CreatedAt:       createdAt,
-							AccountID:       "some-account-id",
-							BoundAt:         boundAt,
+							ID:          "eakID",
+							Provisioner: escProvName,
+							Reference:   "testeak",
+							CreatedAt:   createdAt,
+							AccountID:   "some-account-id",
+							BoundAt:     boundAt,
 						}, nil
 					},
 				},
@@ -1235,11 +1235,11 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
 				db: &acme.MockDB{
 					MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
 						return &acme.ExternalAccountKey{
-							ID:              "eakID",
-							ProvisionerName: escProvName,
-							Name:            "testeak",
-							KeyBytes:        []byte{1, 2, 3, 4},
-							CreatedAt:       time.Now(),
+							ID:          "eakID",
+							Provisioner: escProvName,
+							Reference:   "testeak",
+							KeyBytes:    []byte{1, 2, 3, 4},
+							CreatedAt:   time.Now(),
 						}, nil
 					},
 				},
@@ -1271,11 +1271,11 @@ func TestHandler_validateExternalAccountBinding(t *testing.T) {
 				db: &acme.MockDB{
 					MockGetExternalAccountKey: func(ctx context.Context, provisionerName string, keyID string) (*acme.ExternalAccountKey, error) {
 						return &acme.ExternalAccountKey{
-							ID:              "eakID",
-							ProvisionerName: escProvName,
-							Name:            "testeak",
-							KeyBytes:        []byte{1, 3, 3, 7},
-							CreatedAt:       time.Now(),
+							ID:          "eakID",
+							Provisioner: escProvName,
+							Reference:   "testeak",
+							KeyBytes:    []byte{1, 3, 3, 7},
+							CreatedAt:   time.Now(),
 						}, nil
 					},
 				},
diff --git a/acme/db/nosql/account.go b/acme/db/nosql/account.go
@@ -28,13 +28,13 @@ func (dba *dbAccount) clone() *dbAccount {
 }
 
 type dbExternalAccountKey struct {
-	ID              string    `json:"id"`
-	ProvisionerName string    `json:"provisioner_name"`
-	Name            string    `json:"name"`
-	AccountID       string    `json:"accountID,omitempty"`
-	KeyBytes        []byte    `json:"key"`
-	CreatedAt       time.Time `json:"createdAt"`
-	BoundAt         time.Time `json:"boundAt"`
+	ID          string    `json:"id"`
+	Provisioner string    `json:"provisioner"`
+	Reference   string    `json:"reference"`
+	AccountID   string    `json:"accountID,omitempty"`
+	KeyBytes    []byte    `json:"key"`
+	CreatedAt   time.Time `json:"createdAt"`
+	BoundAt     time.Time `json:"boundAt"`
 }
 
 func (db *DB) getAccountIDByKeyID(ctx context.Context, kid string) (string, error) {
@@ -165,7 +165,7 @@ func (db *DB) UpdateAccount(ctx context.Context, acc *acme.Account) error {
 }
 
 // CreateExternalAccountKey creates a new External Account Binding key with a name
-func (db *DB) CreateExternalAccountKey(ctx context.Context, provisionerName string, name string) (*acme.ExternalAccountKey, error) {
+func (db *DB) CreateExternalAccountKey(ctx context.Context, provisionerName string, reference string) (*acme.ExternalAccountKey, error) {
 	keyID, err := randID()
 	if err != nil {
 		return nil, err
@@ -178,24 +178,24 @@ func (db *DB) CreateExternalAccountKey(ctx context.Context, provisionerName stri
 	}
 
 	dbeak := &dbExternalAccountKey{
-		ID:              keyID,
-		ProvisionerName: provisionerName,
-		Name:            name,
-		KeyBytes:        random,
-		CreatedAt:       clock.Now(),
+		ID:          keyID,
+		Provisioner: provisionerName,
+		Reference:   reference,
+		KeyBytes:    random,
+		CreatedAt:   clock.Now(),
 	}
 
 	if err = db.save(ctx, keyID, dbeak, nil, "external_account_key", externalAccountKeyTable); err != nil {
 		return nil, err
 	}
 	return &acme.ExternalAccountKey{
-		ID:              dbeak.ID,
-		ProvisionerName: dbeak.ProvisionerName,
-		Name:            dbeak.Name,
-		AccountID:       dbeak.AccountID,
-		KeyBytes:        dbeak.KeyBytes,
-		CreatedAt:       dbeak.CreatedAt,
-		BoundAt:         dbeak.BoundAt,
+		ID:          dbeak.ID,
+		Provisioner: dbeak.Provisioner,
+		Reference:   dbeak.Reference,
+		AccountID:   dbeak.AccountID,
+		KeyBytes:    dbeak.KeyBytes,
+		CreatedAt:   dbeak.CreatedAt,
+		BoundAt:     dbeak.BoundAt,
 	}, nil
 }
 
@@ -206,18 +206,18 @@ func (db *DB) GetExternalAccountKey(ctx context.Context, provisionerName string,
 		return nil, err
 	}
 
-	if dbeak.ProvisionerName != provisionerName {
+	if dbeak.Provisioner != provisionerName {
 		return nil, acme.NewError(acme.ErrorUnauthorizedType, "name of provisioner does not match provisioner for which the EAB key was created")
 	}
 
 	return &acme.ExternalAccountKey{
-		ID:              dbeak.ID,
-		ProvisionerName: dbeak.ProvisionerName,
-		Name:            dbeak.Name,
-		AccountID:       dbeak.AccountID,
-		KeyBytes:        dbeak.KeyBytes,
-		CreatedAt:       dbeak.CreatedAt,
-		BoundAt:         dbeak.BoundAt,
+		ID:          dbeak.ID,
+		Provisioner: dbeak.Provisioner,
+		Reference:   dbeak.Reference,
+		AccountID:   dbeak.AccountID,
+		KeyBytes:    dbeak.KeyBytes,
+		CreatedAt:   dbeak.CreatedAt,
+		BoundAt:     dbeak.BoundAt,
 	}, nil
 }
 
@@ -240,21 +240,24 @@ func (db *DB) GetExternalAccountKeys(ctx context.Context, provisionerName string
 		return nil, err
 	}
 
-	keys := make([]*acme.ExternalAccountKey, len(entries))
-	for i, entry := range entries {
+	keys := []*acme.ExternalAccountKey{}
+	for _, entry := range entries {
 		dbeak := new(dbExternalAccountKey)
 		if err = json.Unmarshal(entry.Value, dbeak); err != nil {
 			return nil, errors.Wrapf(err, "error unmarshaling external account key %s into dbExternalAccountKey", string(entry.Key))
 		}
-		keys[i] = &acme.ExternalAccountKey{
-			ID:              dbeak.ID,
-			KeyBytes:        dbeak.KeyBytes,
-			ProvisionerName: dbeak.ProvisionerName,
-			Name:            dbeak.Name,
-			AccountID:       dbeak.AccountID,
-			CreatedAt:       dbeak.CreatedAt,
-			BoundAt:         dbeak.BoundAt,
+		if dbeak.Provisioner != provisionerName {
+			continue
 		}
+		keys = append(keys, &acme.ExternalAccountKey{
+			ID:          dbeak.ID,
+			KeyBytes:    dbeak.KeyBytes,
+			Provisioner: dbeak.Provisioner,
+			Reference:   dbeak.Reference,
+			AccountID:   dbeak.AccountID,
+			CreatedAt:   dbeak.CreatedAt,
+			BoundAt:     dbeak.BoundAt,
+		})
 	}
 
 	return keys, nil
@@ -266,18 +269,18 @@ func (db *DB) UpdateExternalAccountKey(ctx context.Context, provisionerName stri
 		return err
 	}
 
-	if old.ProvisionerName != provisionerName {
+	if old.Provisioner != provisionerName {
 		return acme.NewError(acme.ErrorUnauthorizedType, "name of provisioner does not match provisioner for which the EAB key was created")
 	}
 
 	nu := dbExternalAccountKey{
-		ID:              eak.ID,
-		ProvisionerName: eak.ProvisionerName,
-		Name:            eak.Name,
-		AccountID:       eak.AccountID,
-		KeyBytes:        eak.KeyBytes,
-		CreatedAt:       eak.CreatedAt,
-		BoundAt:         eak.BoundAt,
+		ID:          eak.ID,
+		Provisioner: eak.Provisioner,
+		Reference:   eak.Reference,
+		AccountID:   eak.AccountID,
+		KeyBytes:    eak.KeyBytes,
+		CreatedAt:   eak.CreatedAt,
+		BoundAt:     eak.BoundAt,
 	}
 
 	return db.save(ctx, nu.ID, nu, old, "external_account_key", externalAccountKeyTable)
diff --git a/authority/admin/api/acme.go b/authority/admin/api/acme.go

Original file line number	Diff line number	Diff line change
`@@ -257,7 +257,7 @@ func (h Handler) validateExternalAccountBinding(ctx context.Context, nar NewAc`
`257`	`257`	`// about the handler and thus about its dependencies.`
`258`	`258`	`eabJSONBytes, err := json.Marshal(nar.ExternalAccountBinding)`
`259`	`259`	`if err != nil {`
`260`		`- return nil, acme.WrapErrorISE(err, "error marshaling externalAccountBinding into JSON")`
	`260`	`+ return nil, acme.WrapErrorISE(err, "error marshaling externalAccountBinding into bytes")`
`261`	`261`	`}`
`262`	`262`
`263`	`263`	`eabJWS, err := squarejose.ParseSigned(string(eabJSONBytes))`