mirror of
https://mau.dev/maunium/synapse.git
synced 2024-11-14 14:01:59 +01:00
Update sign_json
to support inline key config (#11139)
It's been possible to configure a key inline in the homeserver.yaml since
13bc1e0746
. Update `sign_json` to work with this.
This commit is contained in:
parent
62db603fa0
commit
57501d9194
2 changed files with 26 additions and 7 deletions
1
changelog.d/11139.misc
Normal file
1
changelog.d/11139.misc
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Update the `sign_json` script to support inline configuration of the signing key.
|
|
@ -51,13 +51,19 @@ Example usage:
|
||||||
"request with.",
|
"request with.",
|
||||||
)
|
)
|
||||||
|
|
||||||
|
parser.add_argument(
|
||||||
|
"-K",
|
||||||
|
"--signing-key",
|
||||||
|
help="The private ed25519 key to sign the request with.",
|
||||||
|
)
|
||||||
|
|
||||||
parser.add_argument(
|
parser.add_argument(
|
||||||
"-c",
|
"-c",
|
||||||
"--config",
|
"--config",
|
||||||
default="homeserver.yaml",
|
default="homeserver.yaml",
|
||||||
help=(
|
help=(
|
||||||
"Path to synapse config file, from which the server name and/or signing "
|
"Path to synapse config file, from which the server name and/or signing "
|
||||||
"key path will be read. Ignored if --server-name and --signing-key-path "
|
"key path will be read. Ignored if --server-name and --signing-key(-path) "
|
||||||
"are both given."
|
"are both given."
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
@ -87,11 +93,14 @@ Example usage:
|
||||||
|
|
||||||
args = parser.parse_args()
|
args = parser.parse_args()
|
||||||
|
|
||||||
if not args.server_name or not args.signing_key_path:
|
if not args.server_name or not (args.signing_key_path or args.signing_key):
|
||||||
read_args_from_config(args)
|
read_args_from_config(args)
|
||||||
|
|
||||||
|
if args.signing_key:
|
||||||
|
keys = read_signing_keys([args.signing_key])
|
||||||
|
else:
|
||||||
with open(args.signing_key_path) as f:
|
with open(args.signing_key_path) as f:
|
||||||
key = read_signing_keys(f)[0]
|
keys = read_signing_keys(f)
|
||||||
|
|
||||||
json_to_sign = args.input_data
|
json_to_sign = args.input_data
|
||||||
if json_to_sign is None:
|
if json_to_sign is None:
|
||||||
|
@ -107,7 +116,7 @@ Example usage:
|
||||||
print("Input json was not an object", file=sys.stderr)
|
print("Input json was not an object", file=sys.stderr)
|
||||||
sys.exit(1)
|
sys.exit(1)
|
||||||
|
|
||||||
sign_json(obj, args.server_name, key)
|
sign_json(obj, args.server_name, keys[0])
|
||||||
for c in json_encoder.iterencode(obj):
|
for c in json_encoder.iterencode(obj):
|
||||||
args.output.write(c)
|
args.output.write(c)
|
||||||
args.output.write("\n")
|
args.output.write("\n")
|
||||||
|
@ -118,8 +127,17 @@ def read_args_from_config(args: argparse.Namespace) -> None:
|
||||||
config = yaml.safe_load(fh)
|
config = yaml.safe_load(fh)
|
||||||
if not args.server_name:
|
if not args.server_name:
|
||||||
args.server_name = config["server_name"]
|
args.server_name = config["server_name"]
|
||||||
if not args.signing_key_path:
|
if not args.signing_key_path and not args.signing_key:
|
||||||
|
if "signing_key" in config:
|
||||||
|
args.signing_key = config["signing_key"]
|
||||||
|
elif "signing_key_path" in config:
|
||||||
args.signing_key_path = config["signing_key_path"]
|
args.signing_key_path = config["signing_key_path"]
|
||||||
|
else:
|
||||||
|
print(
|
||||||
|
"A signing key must be given on the commandline or in the config file.",
|
||||||
|
file=sys.stderr,
|
||||||
|
)
|
||||||
|
sys.exit(1)
|
||||||
|
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
|
|
Loading…
Reference in a new issue