feat: check revocation mode configuration

1649a6d3 · Sietse Ringers · 76ea866a · 1649a6d3 · 1649a6d3
Commit 1649a6d3 authored Nov 11, 2019 by Sietse Ringers
--- a/internal/servercore/handle.go
+++ b/internal/servercore/handle.go
@@ -214,6 +214,7 @@ func (session *session) handlePostCommitments(commitments *irma.IssueCommitmentM
 	return sigs, nil
 }

+// POST -/revocation/records
 func (s *Server) handlePostRevocationRecords(records []*irma.RevocationRecord) (interface{}, *irma.RemoteError) {
 	if err := s.conf.IrmaConfiguration.RevocationStorage.AddRevocationRecords(records); err != nil {
 		return nil, server.RemoteError(server.ErrorUnknown, err.Error()) // TODO error type
@@ -221,6 +222,7 @@ func (s *Server) handlePostRevocationRecords(records []*irma.RevocationRecord) (
 	return nil, nil
 }

+// GET -/revocation/records/{credtype}/{index}
 func (s *Server) handleGetRevocationRecords(
 	cred irma.CredentialTypeIdentifier, index uint64,
 ) ([]*irma.RevocationRecord, *irma.RemoteError) {
@@ -234,6 +236,7 @@ func (s *Server) handleGetRevocationRecords(
 	return records, nil
 }

+// GET -/revocation/latestrecords/{credtype}/{count}
 func (s *Server) handleGetLatestRevocationRecords(
 	cred irma.CredentialTypeIdentifier, count uint64,
 ) ([]*irma.RevocationRecord, *irma.RemoteError) {
@@ -247,6 +250,7 @@ func (s *Server) handleGetLatestRevocationRecords(
 	return records, nil
 }

+// POST -/revocation/issuancerecord/{credtype}/{keycounter}
 func (s *Server) handlePostIssuanceRecord(
 	cred irma.CredentialTypeIdentifier, counter uint64, message []byte,
 ) (string, *irma.RemoteError) {

--- a/revocation.go
+++ b/revocation.go
@@ -38,7 +38,7 @@ type (
 		updated  time.Time
 	}

-	RevocationMode int
+	RevocationMode string

 	RevocationRecord struct {
 		revocation.Record `gorm:"embedded"`
@@ -62,9 +62,9 @@ type (
 )

 const (
-	RevocationModeRequestor RevocationMode = iota
-	RevocationModeProxy
-	RevocationModeServer
+	RevocationModeRequestor RevocationMode = ""
+	RevocationModeProxy     RevocationMode = "proxy"
+	RevocationModeServer    RevocationMode = "server"
 )

 // Revocation record methods
@@ -362,13 +362,19 @@ func (rs *RevocationStorage) SaveIssuanceRecord(typ CredentialTypeIdentifier, re
 // Misscelaneous methods

 func (rs *RevocationStorage) Load(debug bool, connstr string, settings map[CredentialTypeIdentifier]*RevocationSetting) error {
-	if connstr == "" {
-		for typ, s := range settings {
-			if s.Mode != RevocationModeRequestor {
-				return errors.Errorf("revocation mode for %s requires SQL database but no connection string given", typ)
-			}
+	var t *CredentialTypeIdentifier
+	for typ, s := range settings {
+		switch s.Mode {
+		case RevocationModeServer, RevocationModeProxy:
+			t = &typ
+		default:
+			return errors.Errorf("invalid revocation mode '%s' for %s (supported: %s, %s)",
+				s.Mode, typ, RevocationModeServer, RevocationModeProxy)
 		}
 	}
+	if t != nil && connstr == "" {
+		return errors.Errorf("revocation mode for %s requires SQL database but no connection string given", *t)
+	}

 	if connstr == "" {
 		Logger.Trace("Using memory revocation database")