From a0d3180ba83891720777c02bc88fdcf44f34c614 Mon Sep 17 00:00:00 2001
From: Kegan Dougal <kegan@matrix.org>
Date: Tue, 9 Aug 2016 17:50:14 +0100
Subject: [PATCH] Parse out the public key

---
 .../matrix-org/go-neb/realms/jira/jira.go     | 49 ++++++++++++++-----
 1 file changed, 36 insertions(+), 13 deletions(-)

diff --git a/src/github.com/matrix-org/go-neb/realms/jira/jira.go b/src/github.com/matrix-org/go-neb/realms/jira/jira.go
index 51edf57..2b1e90e 100644
--- a/src/github.com/matrix-org/go-neb/realms/jira/jira.go
+++ b/src/github.com/matrix-org/go-neb/realms/jira/jira.go
@@ -13,9 +13,12 @@ import (
 
 type jiraRealm struct {
 	id             string
+	privateKey     *rsa.PrivateKey
+	JIRAEndpoint   string
 	ConsumerName   string
 	ConsumerKey    string
 	ConsumerSecret string
+	PublicKeyPEM   string // clobbered based on PrivateKeyPEM
 	PrivateKeyPEM  string
 }
 
@@ -31,27 +34,19 @@ func (r *jiraRealm) Register() error {
 	if r.ConsumerName == "" || r.ConsumerKey == "" || r.ConsumerSecret == "" || r.PrivateKeyPEM == "" {
 		return errors.New("ConsumerName, ConsumerKey, ConsumerSecret, PrivateKeyPEM must be specified.")
 	}
+	log.Print("Registering..")
 	// Make sure the private key PEM is actually a private key.
-	_, err := loadPrivateKey(r.PrivateKeyPEM)
+	err := r.parsePrivateKey()
 	if err != nil {
 		return err
 	}
+
+	// TODO: Check to see if JIRA endpoint is valid and known
+
 	return nil
 }
 
 func (r *jiraRealm) RequestAuthSession(userID string, req json.RawMessage) interface{} {
-	reqAuth := struct {
-		JIRAURL string
-	}{}
-	if err := json.Unmarshal(req, reqAuth); err != nil {
-		log.WithError(err).Print("Error parsing request JSON")
-		return nil
-	}
-	if reqAuth.JIRAURL == "" {
-		log.Print("Missing JIRAURL")
-		return nil
-	}
-	// TODO: Check to see if JIRA endpoint is valid and known
 	return nil
 }
 
@@ -63,6 +58,20 @@ func (r *jiraRealm) AuthSession(id, userID, realmID string) types.AuthSession {
 	return nil
 }
 
+func (r *jiraRealm) parsePrivateKey() error {
+	pk, err := loadPrivateKey(r.PrivateKeyPEM)
+	if err != nil {
+		return err
+	}
+	pub, err := publicKeyAsPEM(pk)
+	if err != nil {
+		return err
+	}
+	r.PublicKeyPEM = pub
+	r.privateKey = pk
+	return nil
+}
+
 func loadPrivateKey(privKeyPEM string) (*rsa.PrivateKey, error) {
 	// Decode PEM to grab the private key type
 	block, _ := pem.Decode([]byte(privKeyPEM))
@@ -80,6 +89,20 @@ func loadPrivateKey(privKeyPEM string) (*rsa.PrivateKey, error) {
 	return priv, nil
 }
 
+func publicKeyAsPEM(pkey *rsa.PrivateKey) (string, error) {
+	// https://github.com/golang-samples/cipher/blob/master/crypto/rsa_keypair.go
+	der, err := x509.MarshalPKIXPublicKey(&pkey.PublicKey)
+	if err != nil {
+		return "", err
+	}
+	block := pem.Block{
+		Type:    "PUBLIC KEY",
+		Headers: nil,
+		Bytes:   der,
+	}
+	return string(pem.EncodeToMemory(&block)), nil
+}
+
 func init() {
 	types.RegisterAuthRealm(func(realmID string) types.AuthRealm {
 		return &jiraRealm{id: realmID}