feat: implement user SSH keys, GPG keys and email management #7

Open
opened 2026-06-02 06:56:57 +00:00 by a-limasov · 0 comments
Owner

Context

SSH keys authenticate git push/pull operations without passwords. GPG keys sign commits
for verification. Email management allows adding secondary addresses and controlling
which one is used for commits. All three are routine account setup operations.

Endpoints to implement

Method Path Tool name Description
GET /user/keys list_my_ssh_keys List authenticated user's SSH keys
POST /user/keys add_ssh_key Add SSH public key
GET /user/keys/{id} get_ssh_key Get SSH key by ID
DELETE /user/keys/{id} delete_ssh_key Delete SSH key
GET /user/gpg_keys list_my_gpg_keys List GPG keys
POST /user/gpg_keys add_gpg_key Add GPG key
GET /user/gpg_keys/{id} get_gpg_key Get GPG key by ID
DELETE /user/gpg_keys/{id} delete_gpg_key Delete GPG key
GET /user/emails list_my_emails List email addresses
POST /user/emails add_email Add email address
DELETE /user/emails delete_email Remove email address

Acceptance Criteria

  • add_ssh_key(title, key)key is the full public key string (e.g. ssh-rsa AAAA...)
  • add_ssh_key returns the created key object including its assigned id
  • add_gpg_key(armored_public_key) accepts full PGP armored block
  • list_my_emails returns list with email, verified, primary fields
  • add_email / delete_email accept emails: list[str]
  • All delete_* tools return {"success": true} on 204

Technical Notes

  • POST /user/keys body: {"key": "ssh-rsa AAAA...", "title": "My laptop", "read_only": false}
  • POST /user/gpg_keys body: {"armored_public_key_gpg": "-----BEGIN PGP PUBLIC KEY BLOCK-----\n..."}
  • POST /user/emails body: {"emails": ["new@example.com"]}
  • DELETE /user/emails sends email list in request body (unusual DELETE with body — use _call("DELETE", ...) with json= kwarg)
## Context SSH keys authenticate git push/pull operations without passwords. GPG keys sign commits for verification. Email management allows adding secondary addresses and controlling which one is used for commits. All three are routine account setup operations. ## Endpoints to implement | Method | Path | Tool name | Description | |--------|------|-----------|-------------| | GET | `/user/keys` | `list_my_ssh_keys` | List authenticated user's SSH keys | | POST | `/user/keys` | `add_ssh_key` | Add SSH public key | | GET | `/user/keys/{id}` | `get_ssh_key` | Get SSH key by ID | | DELETE | `/user/keys/{id}` | `delete_ssh_key` | Delete SSH key | | GET | `/user/gpg_keys` | `list_my_gpg_keys` | List GPG keys | | POST | `/user/gpg_keys` | `add_gpg_key` | Add GPG key | | GET | `/user/gpg_keys/{id}` | `get_gpg_key` | Get GPG key by ID | | DELETE | `/user/gpg_keys/{id}` | `delete_gpg_key` | Delete GPG key | | GET | `/user/emails` | `list_my_emails` | List email addresses | | POST | `/user/emails` | `add_email` | Add email address | | DELETE | `/user/emails` | `delete_email` | Remove email address | ## Acceptance Criteria - [ ] `add_ssh_key(title, key)` — `key` is the full public key string (e.g. `ssh-rsa AAAA...`) - [ ] `add_ssh_key` returns the created key object including its assigned `id` - [ ] `add_gpg_key(armored_public_key)` accepts full PGP armored block - [ ] `list_my_emails` returns list with `email`, `verified`, `primary` fields - [ ] `add_email` / `delete_email` accept `emails: list[str]` - [ ] All `delete_*` tools return `{"success": true}` on 204 ## Technical Notes - `POST /user/keys` body: `{"key": "ssh-rsa AAAA...", "title": "My laptop", "read_only": false}` - `POST /user/gpg_keys` body: `{"armored_public_key_gpg": "-----BEGIN PGP PUBLIC KEY BLOCK-----\n..."}` - `POST /user/emails` body: `{"emails": ["new@example.com"]}` - `DELETE /user/emails` sends email list in request body (unusual DELETE with body — use `_call("DELETE", ...)` with `json=` kwarg)
Sign in to join this conversation.
No Label
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: a-limasov/gitea-platform-mcp#7