blob: 59cce2cc86d7cf1e22991f5c4a332e4ae9d0e97b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
;;; Guix Data Service -- Information about Guix over time
;;; Copyright © 2019 Christopher Baines <mail@cbaines.net>
;;;
;;; This program is free software: you can redistribute it and/or
;;; modify it under the terms of the GNU Affero General Public License
;;; as published by the Free Software Foundation, either version 3 of
;;; the License, or (at your option) any later version.
;;;
;;; This program is distributed in the hope that it will be useful,
;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
;;; Affero General Public License for more details.
;;;
;;; You should have received a copy of the GNU Affero General Public
;;; License along with this program. If not, see
;;; <http://www.gnu.org/licenses/>.
(define-module (guix-data-service model build-server-token-seed)
#:use-module (ice-9 match)
#:use-module (rnrs bytevectors)
#:use-module (squee)
#:use-module (gcrypt hash)
#:use-module (gcrypt base64)
#:use-module (guix memoization)
#:export (compute-tokens-for-build-server))
(define compute-token
(memoize
(lambda (secret-key-base build-server-id token-seed)
(let ((source-string
(simple-format #f "~A:~A:~A"
secret-key-base
build-server-id
token-seed)))
(string-filter
;; Remove the + / and = to make handling the value easier
char-set:letter+digit
(base64-encode
(bytevector-hash
(string->utf8 source-string)
(hash-algorithm sha1))))))))
(define (compute-tokens-for-build-server conn secret-key-base build-server-id)
(define query
"
SELECT token_seed
FROM build_server_token_seeds
WHERE build_server_id = $1
ORDER BY token_seed")
(map
(match-lambda
((token-seed)
(cons token-seed
(compute-token secret-key-base
build-server-id
token-seed))))
(exec-query conn query (list (number->string build-server-id)))))
|