Merge branch 'pgp' into 'dev'

refactor!: PGP and x509

See merge request engineering/community-relations/backend!27

src/commands/index.ts

@@ -31,6 +31,7 @@ export { default as npm } from './npm';
 export { default as offer } from './offer';
 export { default as page } from './page';
 export { default as ping } from './ping';
+export { default as pgp } from './pgp';
 export { default as profile } from './profile';
 export { default as rank } from './rank';
 export { default as role } from './role';

src/commands/pgp.ts

@@ -0,0 +1,61 @@
+import { Message } from 'eris';
+import axios, { AxiosResponse } from 'axios';
+import { Client, Command, RichEmbed } from '../class';
+
+import PGP_Upload from './pgp_upload';
+import PGP_Remove from './pgp_remove';
+
+enum PublicKeyAlgorithm {
+  RSA = 1,
+  ElGamal = 16,
+  DSA = 17,
+  ECDH = 18,
+  ECDSA = 19,
+}
+
+interface PGPKey {
+  status: true;
+  fullName: string;
+  name: string;
+  comment: string;
+  email: string;
+  creationTime: string;
+  publicKeyAlgorithm: PublicKeyAlgorithm;
+  fingerprint: string;
+  keyID: number;
+}
+
+export default class PGP extends Command {
+  constructor(client: Client) {
+    super(client);
+    this.name = 'pgp';
+    this.description = 'Uploads to or removes from your account an PGP public key.';
+    this.usage = `${this.client.config.prefix}${this.name}`;
+    this.permissions = 0;
+    this.guildOnly = true;
+    this.enabled = true;
+    this.subcmds = [PGP_Upload, PGP_Remove];
+  }
+
+  public async run(message: Message, args: string[]) {
+    const profile = await this.client.db.Member.findOne({ userID: args[0] || message.author.id });
+    if (!profile) return this.error(message.channel, 'Unable to find specified member\'s account.');
+    const embed = new RichEmbed()
+      .setAuthor(`${message.author.username}#${message.author.discriminator}`, message.author.dynamicAvatarURL())
+      .setTitle('PGP Connections')
+      .setColor('#ffc63c')
+      .setDescription(`There are no PGP keys connected to your account. Use \`${this.client.config.prefix}pgp upload\` to add one.`)
+      .setTimestamp();
+    if (profile?.pgp) {
+      embed.setColor('#2ecc71');
+      const pgp: AxiosResponse<PGPKey> = await axios.post('https://certapi.libraryofcode.org/pgp', profile.pgp);
+      embed.setDescription(`You currently have PGP key **\`${pgp.data.fingerprint.toUpperCase()}\`** owned by ${pgp.data.name} <${pgp.data.email}>.`);
+      const pka = Object.keys(PublicKeyAlgorithm).find((key) => PublicKeyAlgorithm[key] === pgp.data.publicKeyAlgorithm);
+      if (pka) embed.addField('Public Key Algorithm', pka, true);
+      const { comment } = pgp.data;
+      if (comment) embed.addField('Comment', comment, true);
+      embed.addField('Created At', new Date(pgp.data.creationTime).toUTCString(), true);
+    } else this.client.commands.get('help').run(message, ['pgp', 'upload']);
+    message.channel.createMessage({ embed });
+  }
+}

src/commands/pgp_remove.ts

@@ -0,0 +1,22 @@
+import { Message } from 'eris';
+import { Command, Client } from '../class';
+
+export default class PGP_Remove extends Command {
+  constructor(client: Client) {
+    super(client);
+    this.name = 'remove';
+    this.aliases = ['rm', 'delete', 'del', 'unlink', 'disconnect'];
+    this.description = 'Removes a currently connected PGP public key from your account.';
+    this.usage = `${this.client.config.prefix}pgp ${this.name}`;
+    this.permissions = 0;
+    this.guildOnly = true;
+    this.enabled = true;
+  }
+
+  public async run(message: Message) {
+    const profile = await this.client.db.Member.findOne({ userID: message.author.id });
+    if (!profile?.pgp) return this.error(message.channel, 'There are no PGP public keys connected to your account.');
+    await profile.updateOne({ $unset: { pgp: '' } });
+    this.success(message.channel, 'Unlinked PGP public key from your account.');
+  }
+}

src/commands/pgp_upload.ts

@@ -0,0 +1,33 @@
+import { Message } from 'eris';
+import axios, { AxiosResponse } from 'axios';
+import { Command, Client } from '../class';
+
+export default class PGP_Upload extends Command {
+  constructor(client: Client) {
+    super(client);
+    this.name = 'upload';
+    this.aliases = ['add', 'link', 'connect'];
+    this.description = 'Uploads your PGP public key as a file to our database for authenticity and identity verification.';
+    this.usage = `${this.client.config.prefix}pgp ${this.name}`;
+    this.permissions = 0;
+    this.guildOnly = true;
+    this.enabled = true;
+  }
+
+  public async run(message: Message) {
+    if (!message.attachments.length) return this.error(message.channel, 'Please upload your PGP public key as an attachment.');
+    if (!await this.client.db.Member.exists({ userID: message.author.id })) {
+      await this.client.db.Member.create({ userID: message.author.id });
+    }
+    const [pgpAttachment] = message.attachments;
+    const pgpReq: AxiosResponse<string> = await axios(pgpAttachment.url);
+    const pgp = pgpReq.data;
+    try {
+      await axios.post('https://certapi.libraryofcode.org/pgp', pgp);
+    } catch {
+      return this.error(message.channel, 'Unable to parse your PGP public key.');
+    }
+    await this.client.db.Member.updateOne({ userID: message.author.id }, { pgp });
+    this.success(message.channel, 'PGP public key successfully uploaded to your account.');
+  }
+}

src/commands/x509.ts

@@ -1,14 +1,53 @@
 import { Message } from 'eris';
+import axios, { AxiosResponse } from 'axios';
 import { Client, Command, RichEmbed } from '../class';
 
 import X509_Upload from './x509_upload';
 import X509_Remove from './x509_remove';
 
+interface X509Certificate {
+  status: boolean,
+  message?: string,
+  subject: {
+    commonName: string,
+    organization: string[],
+    organizationalUnit: string[],
+    locality: string[],
+    country: string[],
+  },
+  issuer: {
+    commonName: string,
+    organization: string[],
+    organizationalUnit: string[],
+    locality: string[],
+    country: string[],
+  },
+  root: {
+    commonName: string,
+    organization: string[],
+    organizationalUnit: string[],
+    locality: string[],
+    country: string[],
+  },
+  notBefore: Date,
+  notAfter: Date,
+  validationType: 'DV' | 'OV' | 'EV',
+  signatureAlgorithm: string,
+  publicKeyAlgorithm: string,
+  serialNumber: string,
+  keyUsage: number[],
+  keyUsageAsText: ['CRL Signing'?, 'Certificate Signing'?, 'Content Commitment'?, 'Data Encipherment'?, 'Decipher Only'?, 'Digital Signature'?, 'Encipher Only'?, 'Key Agreement'?, 'Key Encipherment'?],
+  extendedKeyUsage: number[],
+  extendedKeyUsageAsText: ['All/Any Usages'?, 'TLS Web Server Authentication'?, 'TLS Web Client Authentication'?, 'Code Signing'?, 'E-mail Protection (S/MIME)'?],
+  san: string[],
+  fingerprint: string,
+}
+
 export default class X509 extends Command {
   constructor(client: Client) {
     super(client);
     this.name = 'x509';
-    this.description = 'Uploads to or removes from your account an x509 certificate.';
+    this.description = 'Uploads to or removes from your account an X.509 certificate.';
     this.usage = `${this.client.config.prefix}${this.name}`;
     this.permissions = 0;
     this.guildOnly = true;
@@ -16,13 +55,28 @@ export default class X509 extends Command {
     this.subcmds = [X509_Upload, X509_Remove];
   }
 
-  public async run(message: Message) {
+  public async run(message: Message, args: string[]) {
-    const profile = await this.client.db.Member.findOne({ userID: message.author.id });
+    const profile = await this.client.db.Member.findOne({ userID: args[0] || message.author.id });
+    if (!profile) return this.error(message.channel, 'Unable to find specified member\'s account.');
     const embed = new RichEmbed()
       .setAuthor(`${message.author.username}#${message.author.discriminator}`, message.author.dynamicAvatarURL())
-      .setTitle('x509 Connections')
+      .setTitle('X.509 Connections')
-      .setDescription(profile?.x509 ? 'An x509 certificate is currently connected to your account.' : 'There are no x509 certificates connected to your account')
+      .setColor('#ffc63c')
+      .setDescription(`There are no X.509 certificates connected to your account. Use \`${this.client.config.prefix}x509 upload\` to add one.`)
       .setTimestamp();
+    if (profile?.x509) {
+      embed.setColor('#2ecc71');
+      const x509: AxiosResponse<X509Certificate> = await axios.post('https://certapi.libraryofcode.org/parse', profile.x509);
+      embed.setDescription(`You currently have X.509 certificate **\`${x509.data.serialNumber}\`** linked to your account.`);
+      embed.addField('Common Name', x509.data.subject.commonName, true);
+      embed.addField('Issuer', x509.data.issuer.commonName, true);
+      embed.addBlankField();
+      embed.addField('Public Key Algorithm', x509.data.publicKeyAlgorithm, true);
+      embed.addField('Not Before', new Date(x509.data.notBefore).toUTCString(), true);
+      embed.addField('Not After', new Date(x509.data.notAfter).toUTCString(), true);
+      if (x509.data.keyUsageAsText.length) embed.addField('Key Usages', x509.data.keyUsageAsText.join(', '), true);
+      if (x509.data.extendedKeyUsageAsText.length) embed.addField('Extended Key Usages', x509.data.extendedKeyUsageAsText.join(', '), true);
+    } else this.client.commands.get('help').run(message, ['x509', 'upload']);
     message.channel.createMessage({ embed });
   }
 }

src/commands/x509_remove.ts

@@ -6,7 +6,7 @@ export default class X509_Remove extends Command {
     super(client);
     this.name = 'remove';
     this.aliases = ['rm', 'delete', 'del', 'unlink', 'disconnect'];
-    this.description = 'Removes a currently connected x509 certificate from your account.';
+    this.description = 'Removes a currently connected X.509 certificate from your account.';
     this.usage = `${this.client.config.prefix}x509 ${this.name}`;
     this.permissions = 0;
     this.guildOnly = true;
@@ -15,8 +15,8 @@ export default class X509_Remove extends Command {
 
   public async run(message: Message) {
     const profile = await this.client.db.Member.findOne({ userID: message.author.id });
-    if (!profile?.x509) return this.error(message.channel, 'There are no x509 certificates connected to your account.');
+    if (!profile?.x509) return this.error(message.channel, 'There are no X.509 certificates connected to your account.');
     await profile.updateOne({ $unset: { x509: '' } });
-    this.success(message.channel, 'Unlinked x509 certificate from your account.');
+    this.success(message.channel, 'Unlinked X.509 certificate from your account.');
   }
 }

src/commands/x509_upload.ts

@@ -20,15 +20,14 @@ export default class X509_Upload extends Command {
       await this.client.db.Member.create({ userID: message.author.id });
     }
     const [x509Attachment] = message.attachments;
-    const x509Req: AxiosResponse<string> = await axios(x509Attachment.proxy_url);
+    const x509Req: AxiosResponse<string> = await axios(x509Attachment.url);
     const x509 = x509Req.data;
     try {
       await axios.post('https://certapi.libraryofcode.org/parse', x509);
     } catch {
       return this.error(message.channel, 'Unable to parse your x509 certificate.');
-    } finally {
+    }
     await this.client.db.Member.updateOne({ userID: message.author.id }, { x509 });
     this.success(message.channel, 'x509 certificate successfully uploaded to your account.');
   }
-  }
 }

src/models/Member.ts

@@ -10,6 +10,7 @@ export interface MemberInterface extends Document {
     bio: string,
   },
   x509?: string,
+  pgp?: string
 }
 
 const Member: Schema = new Schema({
@@ -22,6 +23,7 @@ const Member: Schema = new Schema({
     bio: String,
   },
   x509: String,
+  pgp: String,
 });
 
 export default model<MemberInterface>('Member', Member);