Change validators to use the validator_context

Change InstanceKeys to take a namedtuple for context
2018-05-25 15:42:27 -04:00 · 2018-05-25 15:42:27 -04:00 · 554d4f47a8
commit 554d4f47a8
parent e967fde3ae
31 changed files with 172 additions and 69 deletions
--- a/util/security/instancekeys.py
+++ b/util/security/instancekeys.py
@ -1,3 +1,4 @@
+from collections import namedtuple
 from cachetools import lru_cache
 from data import model
 from util.expiresdict import ExpiresDict, ExpiresEntry
@ -25,9 +26,10 @@ class InstanceKeys(object):
  """ InstanceKeys defines a helper class for interacting with the Quay instance service keys
      used for JWT signing of registry tokens as well as requests from Quay to other services
      such as Clair. Each container will have a single registered instance key.
+      :param keys_context: InstanceKeysContext
  """
-  def __init__(self, app):
-    self.app = app
+  def __init__(self, keys_context):
+    self.keys_context = keys_context
    self.instance_keys = ExpiresDict(self._load_instance_keys)

  def clear_cache(self):
@ -45,24 +47,24 @@ class InstanceKeys(object):
  @property
  def service_name(self):
    """ Returns the name of the instance key's service (i.e. 'quay'). """
-    return self.app.config['INSTANCE_SERVICE_KEY_SERVICE']
+    return self.keys_context.instance_key_service

  @property
  def service_key_expiration(self):
    """ Returns the defined expiration for instance service keys, in minutes. """
-    return self.app.config.get('INSTANCE_SERVICE_KEY_EXPIRATION', 120)
+    return self.keys_context.service_key_expiration

  @property
  @lru_cache(maxsize=1)
  def local_key_id(self):
    """ Returns the ID of the local instance service key. """
-    return _load_file_contents(self.app.config['INSTANCE_SERVICE_KEY_KID_LOCATION'])
+    return _load_file_contents(self.keys_context.service_key_kid_location)

  @property
  @lru_cache(maxsize=1)
  def local_private_key(self):
    """ Returns the private key of the local instance service key. """
-    return _load_file_contents(self.app.config['INSTANCE_SERVICE_KEY_LOCATION'])
+    return _load_file_contents(self.keys_context.service_key_location)

  def get_service_key_public_key(self, kid):
    """ Returns the public key associated with the given instance service key or None if none. """
@ -77,3 +79,15 @@ def _load_file_contents(path):
  """ Returns the contents of the specified file path. """
  with open(path) as f:
    return f.read()
+
+
+InstanceKeysContext = namedtuple('InstanceKeysContext', ['instance_key_service',
+                                                         'service_key_expiration',
+                                                         'service_key_kid_location',
+                                                         'service_key_location'])
+
+def instance_keys_context_from_app_config(app_config):
+  return InstanceKeysContext(app_config['INSTANCE_SERVICE_KEY_SERVICE'],
+                             app_config.get('INSTANCE_SERVICE_KEY_EXPIRATION', 120),
+                             app_config['INSTANCE_SERVICE_KEY_KID_LOCATION'],
+                             app_config['INSTANCE_SERVICE_KEY_LOCATION'])