0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-11-14 14:01:59 +01:00

Update sign_json to support inline key config (#11139)

It's been possible to configure a key inline in the homeserver.yaml since
13bc1e0746. Update `sign_json` to work with this.
This commit is contained in:
Richard van der Hoff 2021-10-20 19:49:20 +02:00 committed by GitHub
parent 62db603fa0
commit 57501d9194
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 26 additions and 7 deletions

1
changelog.d/11139.misc Normal file
View file

@ -0,0 +1 @@
Update the `sign_json` script to support inline configuration of the signing key.

View file

@ -51,13 +51,19 @@ Example usage:
"request with.", "request with.",
) )
parser.add_argument(
"-K",
"--signing-key",
help="The private ed25519 key to sign the request with.",
)
parser.add_argument( parser.add_argument(
"-c", "-c",
"--config", "--config",
default="homeserver.yaml", default="homeserver.yaml",
help=( help=(
"Path to synapse config file, from which the server name and/or signing " "Path to synapse config file, from which the server name and/or signing "
"key path will be read. Ignored if --server-name and --signing-key-path " "key path will be read. Ignored if --server-name and --signing-key(-path) "
"are both given." "are both given."
), ),
) )
@ -87,11 +93,14 @@ Example usage:
args = parser.parse_args() args = parser.parse_args()
if not args.server_name or not args.signing_key_path: if not args.server_name or not (args.signing_key_path or args.signing_key):
read_args_from_config(args) read_args_from_config(args)
if args.signing_key:
keys = read_signing_keys([args.signing_key])
else:
with open(args.signing_key_path) as f: with open(args.signing_key_path) as f:
key = read_signing_keys(f)[0] keys = read_signing_keys(f)
json_to_sign = args.input_data json_to_sign = args.input_data
if json_to_sign is None: if json_to_sign is None:
@ -107,7 +116,7 @@ Example usage:
print("Input json was not an object", file=sys.stderr) print("Input json was not an object", file=sys.stderr)
sys.exit(1) sys.exit(1)
sign_json(obj, args.server_name, key) sign_json(obj, args.server_name, keys[0])
for c in json_encoder.iterencode(obj): for c in json_encoder.iterencode(obj):
args.output.write(c) args.output.write(c)
args.output.write("\n") args.output.write("\n")
@ -118,8 +127,17 @@ def read_args_from_config(args: argparse.Namespace) -> None:
config = yaml.safe_load(fh) config = yaml.safe_load(fh)
if not args.server_name: if not args.server_name:
args.server_name = config["server_name"] args.server_name = config["server_name"]
if not args.signing_key_path: if not args.signing_key_path and not args.signing_key:
if "signing_key" in config:
args.signing_key = config["signing_key"]
elif "signing_key_path" in config:
args.signing_key_path = config["signing_key_path"] args.signing_key_path = config["signing_key_path"]
else:
print(
"A signing key must be given on the commandline or in the config file.",
file=sys.stderr,
)
sys.exit(1)
if __name__ == "__main__": if __name__ == "__main__":