Skip to main content

auths_id/storage/
git_refs.rs

1use crate::error::StorageError;
2use crate::storage::layout;
3use auths_verifier::types::DeviceDID;
4use chrono::{DateTime, Utc};
5use git2::Repository;
6use std::collections::HashMap;
7
8/// Optional extra fields for the attestation commit metadata.
9#[derive(Debug, Clone, Default)]
10pub struct AttestationMetadata {
11    /// Free-form note or reason for linking devices, e.g. "added second laptop".
12    pub note: Option<String>,
13    /// Optional custom timestamp; if not set, we'll use `Utc::now()`.
14    pub timestamp: Option<DateTime<Utc>>,
15    // Add more fields as needed, e.g. device IP, user ID, etc.
16    pub expires_at: Option<DateTime<Utc>>,
17}
18
19/// Aggregates all refs from `refs/namespaces/<nid>/refs/*` across known devices.
20/// Returns a canonical merged view of refname -> commit hash.
21pub fn aggregate_canonical_refs(
22    repo: &Repository,
23    device_dids: &[DeviceDID],
24) -> Result<HashMap<String, String>, StorageError> {
25    let mut canonical = HashMap::new();
26
27    for did in device_dids {
28        let prefix = layout::device_namespace_prefix(did.as_str());
29        let refs = repo.references_glob(&format!("{}/refs/**", prefix))?;
30
31        for r in refs.flatten() {
32            if let Some(name) = r.name()
33                && let Some(target) = r.target()
34            {
35                // Use first seen version of each ref
36                canonical
37                    .entry(name.to_string())
38                    .or_insert_with(|| target.to_string());
39            }
40        }
41    }
42    Ok(canonical)
43}