diff --git a/main.go b/main.go index d60fcb7..08b1042 100644 --- a/main.go +++ b/main.go @@ -362,7 +362,7 @@ func validateUCAN(token string, params *types.FilterParams) error { if err == nil { if cid, ok := claims["cid"].(string); ok { ctx := context.Background() - revoked, err := am.IsUCANRevoked(ctx, cid) + revoked, err := am.IsDelegationRevoked(ctx, cid) if err == nil && revoked { return errors.New("token has been revoked") } @@ -675,40 +675,44 @@ func executeUCANAction(params *types.FilterParams) (json.RawMessage, error) { switch params.Action { case "list": - ucans, err := am.ListUCANs(ctx) + delegations, err := am.ListDelegations(ctx) if err != nil { - return nil, fmt.Errorf("list ucans: %w", err) + return nil, fmt.Errorf("list delegations: %w", err) } - return json.Marshal(ucans) + return json.Marshal(delegations) case "get": if params.Subject == "" { return nil, errors.New("subject (cid) required for get action") } - ucan, err := am.GetUCANByCID(ctx, params.Subject) + delegation, err := am.GetDelegationByCID(ctx, params.Subject) if err != nil { - return nil, fmt.Errorf("get ucan: %w", err) + return nil, fmt.Errorf("get delegation: %w", err) } - return json.Marshal(ucan) + return json.Marshal(delegation) case "revoke": if params.Subject == "" { return nil, errors.New("subject (cid) required for revoke action") } - if err := am.RevokeUCAN(ctx, params.Subject); err != nil { - return nil, fmt.Errorf("revoke ucan: %w", err) + if err := am.RevokeDelegation(ctx, keybase.RevokeDelegationParams{ + DelegationCID: params.Subject, + RevokedBy: state.GetDID(), + Reason: "user revoked", + }); err != nil { + return nil, fmt.Errorf("revoke delegation: %w", err) } return json.Marshal(map[string]bool{"revoked": true}) case "verify": if params.Subject == "" { return nil, errors.New("subject (cid) required for verify action") } - revoked, err := am.IsUCANRevoked(ctx, params.Subject) + revoked, err := am.IsDelegationRevoked(ctx, params.Subject) if err != nil { - return nil, fmt.Errorf("check ucan: %w", err) + return nil, fmt.Errorf("check delegation: %w", err) } return json.Marshal(map[string]bool{"valid": !revoked, "revoked": revoked}) case "cleanup": - if err := am.CleanExpiredUCANs(ctx); err != nil { - return nil, fmt.Errorf("cleanup ucans: %w", err) + if err := am.CleanExpiredDelegations(ctx); err != nil { + return nil, fmt.Errorf("cleanup delegations: %w", err) } return json.Marshal(map[string]bool{"cleaned": true}) default: @@ -727,56 +731,61 @@ func executeDelegationAction(params *types.FilterParams) (json.RawMessage, error switch params.Action { case "list": if params.Subject == "" { - return nil, errors.New("subject (delegator or delegate DID) required for list action") + return nil, errors.New("subject (issuer DID) required for list action") } - delegations, err := am.ListDelegationsByDelegator(ctx, params.Subject) + delegations, err := am.ListDelegationsByIssuer(ctx, params.Subject) if err != nil { return nil, fmt.Errorf("list delegations: %w", err) } return json.Marshal(delegations) case "list_received": if params.Subject == "" { - return nil, errors.New("subject (delegate DID) required for list_received action") + return nil, errors.New("subject (audience DID) required for list_received action") } - delegations, err := am.ListDelegationsByDelegate(ctx, params.Subject) + delegations, err := am.ListDelegationsByAudience(ctx, params.Subject) if err != nil { return nil, fmt.Errorf("list received delegations: %w", err) } return json.Marshal(delegations) - case "list_resource": + case "list_command": if params.Subject == "" { - return nil, errors.New("subject (resource) required for list_resource action") + return nil, errors.New("subject (command) required for list_command action") } - delegations, err := am.ListDelegationsForResource(ctx, params.Subject) + delegations, err := am.ListDelegationsForCommand(ctx, params.Subject) if err != nil { - return nil, fmt.Errorf("list delegations for resource: %w", err) + return nil, fmt.Errorf("list delegations for command: %w", err) } return json.Marshal(delegations) - case "chain": + case "get": if params.Subject == "" { - return nil, errors.New("subject (delegation_id) required for chain action") + return nil, errors.New("subject (cid) required for get action") } - var delegationID int64 - if _, err := fmt.Sscanf(params.Subject, "%d", &delegationID); err != nil { - return nil, fmt.Errorf("invalid delegation_id: %w", err) - } - chain, err := am.GetDelegationChain(ctx, delegationID) + delegation, err := am.GetDelegationByCID(ctx, params.Subject) if err != nil { - return nil, fmt.Errorf("get delegation chain: %w", err) + return nil, fmt.Errorf("get delegation: %w", err) } - return json.Marshal(chain) + return json.Marshal(delegation) case "revoke": if params.Subject == "" { - return nil, errors.New("subject (delegation_id) required for revoke action") + return nil, errors.New("subject (cid) required for revoke action") } - var delegationID int64 - if _, err := fmt.Sscanf(params.Subject, "%d", &delegationID); err != nil { - return nil, fmt.Errorf("invalid delegation_id: %w", err) - } - if err := am.RevokeDelegation(ctx, delegationID); err != nil { + if err := am.RevokeDelegation(ctx, keybase.RevokeDelegationParams{ + DelegationCID: params.Subject, + RevokedBy: state.GetDID(), + Reason: "user revoked", + }); err != nil { return nil, fmt.Errorf("revoke delegation: %w", err) } return json.Marshal(map[string]bool{"revoked": true}) + case "verify": + if params.Subject == "" { + return nil, errors.New("subject (cid) required for verify action") + } + revoked, err := am.IsDelegationRevoked(ctx, params.Subject) + if err != nil { + return nil, fmt.Errorf("check delegation: %w", err) + } + return json.Marshal(map[string]bool{"valid": !revoked, "revoked": revoked}) default: return nil, fmt.Errorf("unknown action for delegations: %s", params.Action) }