|
|
|
@ -26,6 +26,7 @@ import (
|
|
|
|
|
"embed"
|
|
|
|
|
"encoding/base64"
|
|
|
|
|
"encoding/pem"
|
|
|
|
|
"errors"
|
|
|
|
|
"flag"
|
|
|
|
|
"fmt"
|
|
|
|
|
"html/template"
|
|
|
|
@ -674,9 +675,17 @@ func (h *directVoteHandler) Handle(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
|
|
|
|
|
switch r.Method {
|
|
|
|
|
case http.MethodPost:
|
|
|
|
|
clientCert, err := getPEMClientCert(r)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Errorf("could not get client certificate from request: %v", err)
|
|
|
|
|
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
|
|
|
|
|
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
voteResult := &Vote{
|
|
|
|
|
VoterID: voter.ID, Vote: vote, DecisionID: decision.ID, Voted: time.Now().UTC(),
|
|
|
|
|
Notes: fmt.Sprintf("Direct Vote\n\n%s", getPEMClientCert(r))}
|
|
|
|
|
Notes: fmt.Sprintf("Direct Vote\n\n%s", clientCert)}
|
|
|
|
|
if err := voteResult.Save(); err != nil {
|
|
|
|
|
log.Errorf("Problem saving vote: %v", err)
|
|
|
|
|
http.Error(w, "Problem saving vote", http.StatusInternalServerError)
|
|
|
|
@ -719,16 +728,22 @@ type proxyVoteHandler struct {
|
|
|
|
|
authenticationRequiredHandler
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func getPEMClientCert(r *http.Request) string {
|
|
|
|
|
clientCertPEM := bytes.NewBufferString("")
|
|
|
|
|
authenticatedCertificate := r.Context().Value(ctxAuthenticatedCert).(*x509.Certificate)
|
|
|
|
|
func getPEMClientCert(r *http.Request) (string, error) {
|
|
|
|
|
cert := r.Context().Value(ctxAuthenticatedCert)
|
|
|
|
|
|
|
|
|
|
authenticatedCertificate, ok := cert.(*x509.Certificate)
|
|
|
|
|
if !ok {
|
|
|
|
|
return "", errors.New("could not handle certificate as x509.Certificate")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
clientCertPEM := bytes.NewBuffer(make([]byte, 0))
|
|
|
|
|
|
|
|
|
|
err := pem.Encode(clientCertPEM, &pem.Block{Type: "CERTIFICATE", Bytes: authenticatedCertificate.Raw})
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Errorf("error encoding client certificate: %v", err)
|
|
|
|
|
return "", fmt.Errorf("error encoding client certificate: %w", err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return clientCertPEM.String()
|
|
|
|
|
return clientCertPEM.String(), nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (h *proxyVoteHandler) Handle(w http.ResponseWriter, r *http.Request) {
|
|
|
|
@ -788,11 +803,17 @@ func (h *proxyVoteHandler) Handle(w http.ResponseWriter, r *http.Request) {
|
|
|
|
|
|
|
|
|
|
renderTemplate(w, r, templates, templateContext)
|
|
|
|
|
} else {
|
|
|
|
|
clientCert, err := getPEMClientCert(r)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Errorf("could not get client certificate information: %v", err)
|
|
|
|
|
http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
|
|
|
|
|
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
data.DecisionID = decision.ID
|
|
|
|
|
data.Voted = time.Now().UTC()
|
|
|
|
|
data.Notes = fmt.Sprintf(
|
|
|
|
|
"Proxy-Vote by %s\n\n%s\n\n%s",
|
|
|
|
|
proxy.Name, justification, getPEMClientCert(r))
|
|
|
|
|
data.Notes = fmt.Sprintf("Proxy-Vote by %s\n\n%s\n\n%s", proxy.Name, justification, clientCert)
|
|
|
|
|
|
|
|
|
|
if err := data.Save(); err != nil {
|
|
|
|
|
log.Errorf("Error saving vote: %s", err)
|
|
|
|
|