mirrors/nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus synced 2026-02-03 19:42:39 +00:00
Code Issues Releases Wiki Activity

Rename DNL and SMDRL "login" to "loginAndPassword"

Browse Source 
They are passed around in the format username:password, whereas just saying
"login" implies it's just a username and not necessarily also a secret
password. Putting password in the variable name makes it obvious what this is
and reduces the likelihood of anyone ever logging it or otherwise using it
inappropriately.

Note that this does not require data migrations as the actual key used to store
the data in KMS remains unchanged.

This is a follow-up to []

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=231253964
This commit is contained in:
mcilwain
2019-01-28 11:13:15 -08:00
committed by Ben McIlwain
parent 0130f91830
commit f0c677b18b
17 changed files with 65 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
java/google/registry/tmch/Marksdb.java
View File

@@ -112,9 +112,9 @@ public final class Marksdb {
}
}
byte[] fetch(URL url, Optional<String> login) throws IOException {
byte[] fetch(URL url, Optional<String> loginAndPassword) throws IOException {
HTTPRequest req = new HTTPRequest(url, GET, validateCertificate().setDeadline(60d));
setAuthorizationHeader(req, login);
setAuthorizationHeader(req, loginAndPassword);
HTTPResponse rsp = fetchService.fetch(req);
if (rsp.getResponseCode() != SC_OK) {
throw new UrlFetchException("Failed to fetch from MarksDB", req, rsp);
@@ -122,16 +122,17 @@ public final class Marksdb {
return rsp.getContent();
}
List<String> fetchSignedCsv(Optional<String> login, String csvPath, String sigPath)
List<String> fetchSignedCsv(Optional<String> loginAndPassword, String csvPath, String sigPath)
throws IOException, SignatureException, PGPException {
checkArgument(login.isPresent(), "Cannot fetch from MarksDB without login credentials");
checkArgument(
loginAndPassword.isPresent(), "Cannot fetch from MarksDB without login credentials");
String csvUrl = tmchMarksdbUrl + csvPath;
byte[] csv = fetch(new URL(csvUrl), login);
byte[] csv = fetch(new URL(csvUrl), loginAndPassword);
logFetchedBytes(csvUrl, csv);
String sigUrl = tmchMarksdbUrl + sigPath;
byte[] sig = fetch(new URL(sigUrl), login);
byte[] sig = fetch(new URL(sigUrl), loginAndPassword);
logFetchedBytes(sigUrl, sig);
pgpVerifySignature(csv, sig, marksdbPublicKey);