Merge pull request #1291 from ripienaar/account_sk

ripienaar · web-flow · commit a790e20c4ab3 · 2025-03-10T12:32:43.000+01:00
Support signing keys for accounts
diff --git a/cli/auth_account_command.go b/cli/auth_account_command.go
@@ -101,6 +101,7 @@ type authAccountCommand struct {
 	prefix                  string
 	tags                    []string
 	rmTags                  []string
+	signingKey              string
 }
 
 func configureAuthAccountCommand(auth commandHost) {
@@ -135,6 +136,7 @@ func configureAuthAccountCommand(auth commandHost) {
 	add := acct.Command("add", "Adds a new Account").Alias("create").Alias("new").Action(c.addAction)
 	add.Arg("name", "Unique name for this Account").StringVar(&c.accountName)
 	add.Flag("operator", "Operator to add the account to").StringVar(&c.operatorName)
+	add.Flag("key", "The public key to use when signing the user").StringVar(&c.signingKey)
 	addCreateFlags(add, false)
 	add.Flag("defaults", "Accept default values without prompting").UnNegatableBoolVar(&c.defaults)
 
@@ -912,6 +914,21 @@ func (c *authAccountCommand) addAction(_ *fisk.ParseContext) error {
 		return err
 	}
 
+	if c.signingKey != "" {
+		sk, err := au.SelectSigningKey(acct, c.signingKey)
+		if err != nil {
+			return err
+		}
+		c.signingKey = sk.Key()
+	}
+
+	if c.signingKey != "" {
+		err = acct.SetIssuer(c.signingKey)
+		if err != nil {
+			return err
+		}
+	}
+
 	err = au.UpdateTags(acct.Tags(), c.tags, c.rmTags)
 	if err != nil {
 		return err
diff --git a/cli/consumer_command.go b/cli/consumer_command.go
@@ -261,7 +261,7 @@ func configureConsumerCommand(app commandHost) {
 	consNext.Flag("wait", "Wait up to this period to acknowledge messages").DurationVar(&c.ackWait)
 	consNext.Flag("count", "Number of messages to try to fetch from the pull consumer").Default("1").IntVar(&c.pullCount)
 
-	consSub := cons.Command("sub", "Retrieves messages from Consumers").Action(c.subAction)
+	consSub := cons.Command("sub", "Retrieves messages from Consumers").Action(c.subAction).Hidden()
 	consSub.Arg("stream", "Stream name").StringVar(&c.stream)
 	consSub.Arg("consumer", "Consumer name").StringVar(&c.consumer)
 	consSub.Flag("ack", "Acknowledge received message").Default("true").BoolVar(&c.ack)
diff --git a/go.mod b/go.mod
@@ -26,7 +26,7 @@ require (
 	github.com/nats-io/nuid v1.0.1
 	github.com/prometheus/client_golang v1.21.1
 	github.com/santhosh-tekuri/jsonschema/v5 v5.3.1
-	github.com/synadia-io/jwt-auth-builder.go v0.0.6
+	github.com/synadia-io/jwt-auth-builder.go v0.0.7-0.20250307212657-0e3f1ee00864
 	github.com/tylertreat/hdrhistogram-writer v0.0.0-20210816161836-2e440612a39f
 	golang.org/x/crypto v0.36.0
 	golang.org/x/term v0.30.0
diff --git a/go.sum b/go.sum
@@ -154,6 +154,8 @@ github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOf
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/synadia-io/jwt-auth-builder.go v0.0.6 h1:F3bTGWlKzWHwRqtTt35fRmhrxXLgkI8qz8QvvzxKSko=
 github.com/synadia-io/jwt-auth-builder.go v0.0.6/go.mod h1:8WYR7+nLQcDMBpocuPgdFJ5/2UOr+HPll3qv+KNdGvs=
+github.com/synadia-io/jwt-auth-builder.go v0.0.7-0.20250307212657-0e3f1ee00864 h1:itO+DjIffRn+nN3jHxHNcCiJIsL1BMZF7p3wYeTN7xs=
+github.com/synadia-io/jwt-auth-builder.go v0.0.7-0.20250307212657-0e3f1ee00864/go.mod h1:8WYR7+nLQcDMBpocuPgdFJ5/2UOr+HPll3qv+KNdGvs=
 github.com/tylertreat/hdrhistogram-writer v0.0.0-20210816161836-2e440612a39f h1:SGznmvCovewbaSgBsHgdThtWsLj5aCLX/3ZXMLd1UD0=
 github.com/tylertreat/hdrhistogram-writer v0.0.0-20210816161836-2e440612a39f/go.mod h1:IY84XkhrEJTdHYLNy/zObs8mXuUAp9I65VyarbPSCCY=
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
