Fix tuf api calls

2017-05-23 10:11:48 -04:00 · 2017-05-23 10:11:48 -04:00 · 897da1df67
commit 897da1df67
parent 961ebdfe44
3 changed files with 43 additions and 28 deletions
--- a/util/tufmetadata/api.py
+++ b/util/tufmetadata/api.py
@ -11,7 +11,7 @@ from data.database import CloseForLongOperation
 from util.abchelpers import nooper
 from util.failover import failover, FailoverException
 from util.security.instancekeys import InstanceKeys
-from util.security.registry_jwt import build_context_and_subject, generate_bearer_token, QUAY_TUF_ROOT
+from util.security.registry_jwt import build_context_and_subject, generate_bearer_token, QUAY_TUF_ROOT, SIGNER_TUF_ROOT


 DEFAULT_HTTP_HEADERS = {'Connection': 'close'}
@ -150,16 +150,21 @@ class ImplementedTUFMetadataAPI(TUFMetadataAPIInterface):

    if not targets_file:
      targets_file = 'targets.json'
+
+    targets_name = targets_file
+    if targets_name.endswith('.json'):
+      targets_name = targets_name[:-5]
      
    if not targets_map:
      targets_map = {}
      
    signed = self._get_signed(namespace, repository, targets_file)
    if not signed:
-      return None
+      targets_map[targets_name] = None
+      return targets_map

    if signed.get('targets'):
-      targets_map[targets_file] = {
+      targets_map[targets_name] = {
        'targets':  signed.get('targets'),
        'expiration':  signed.get('expires'),
      }
@ -167,7 +172,7 @@ class ImplementedTUFMetadataAPI(TUFMetadataAPIInterface):
    delegation_names = [role.get('name') for role in signed.get('delegations').get('roles')]

    for delegation in delegation_names:
-      targets_map = self.get_all_tags_with_expiration(namespace, repository, targets_file=delegation, targets_map=targets_map)
+      targets_map = self.get_all_tags_with_expiration(namespace, repository, targets_file=delegation + '.json', targets_map=targets_map)
   
    return targets_map

@ -235,7 +240,7 @@ class ImplementedTUFMetadataAPI(TUFMetadataAPIInterface):
      'name': gun,
      'actions': actions,
    }]
-    context, subject = build_context_and_subject(user=None, token=None, oauthtoken=None, tuf_root=QUAY_TUF_ROOT)
+    context, subject = build_context_and_subject(user=None, token=None, oauthtoken=None, tuf_root=SIGNER_TUF_ROOT)
    token = generate_bearer_token(self._config["SERVER_HOSTNAME"], subject, context, access,
                                  TOKEN_VALIDITY_LIFETIME_S, self._instance_keys)
    return {'Authorization': 'Bearer %s' % token}