1046218969

Committed 23 Oct 2023 12:54PM UTC coverage: 80.34% (-0.03%) from 80.369%

Build # 1046218969

Build Type

push

gitlab-ci

Committed by

kacf

Commit Message

chore: Rename `Caching` to `AuthenticatingForwarder` to be more explicit.

Signed-off-by: Kristian Amlie <kristian.amlie@northern.tech>

Run Details

3 of 3 new or added lines in 2 files covered. (100.0%)

6845 of 8520 relevant lines covered (80.34%)

9440.66 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

83.33

/mender-auth/ipc/server.cpp

// Copyright 2023 Northern.tech AS
//
//    Licensed under the Apache License, Version 2.0 (the "License");
//    you may not use this file except in compliance with the License.
//    You may obtain a copy of the License at
//
//        http://www.apache.org/licenses/LICENSE-2.0
//
//    Unless required by applicable law or agreed to in writing, software
//    distributed under the License is distributed on an "AS IS" BASIS,
//    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//    See the License for the specific language governing permissions and
//    limitations under the License.

#include <mender-auth/ipc/server.hpp>

#include <functional>
#include <iostream>
#include <string>

#include <api/auth.hpp>
#include <common/error.hpp>
#include <common/expected.hpp>
#include <common/dbus.hpp>
#include <common/log.hpp>

namespace mender {
namespace auth {
namespace ipc {

namespace auth_client = mender::api::auth;
namespace error = mender::common::error;
namespace expected = mender::common::expected;
namespace dbus = mender::common::dbus;

using namespace std;

// Register DBus object handling auth methods and signals
error::Error AuthenticatingForwarder::Listen(
        const string &private_key_path, const string &identity_script_path) {
        // Cannot serve new tokens when not knowing where to fetch them from.
        AssertOrReturnError(servers_.size() > 0);

        auto dbus_obj = make_shared<dbus::DBusObject>("/io/mender/AuthenticationManager");
        dbus_obj->AddMethodHandler<dbus::ExpectedStringPair>(
                "io.mender.AuthenticationManager", "io.mender.Authentication1", "GetJwtToken", [this]() {
                        return dbus::StringPair {GetJWTToken(), GetServerURL()};
                });
        dbus_obj->AddMethodHandler<expected::ExpectedBool>(
                "io.mender.AuthenticationManager",
                "io.mender.Authentication1",
                "FetchJwtToken",
                [this, private_key_path, identity_script_path]() {
                        if (auth_in_progress_) {
                                // Already authenticating, nothing to do here.
                                return true;
                        }
                        auto err = auth_client::FetchJWTToken(
                                client_,
                                servers_,
                                private_key_path,
                                identity_script_path == "" ? default_identity_script_path_ : identity_script_path,
                                [this](auth_client::APIResponse resp) { FetchJwtTokenHandler(resp); },
                                tenant_token_);
                        if (err != error::NoError) {
                                log::Error("Failed to trigger token fetching: " + err.String());
                                return false;
                        }
                        auth_in_progress_ = true;
                        return true;
                });

        return dbus_server_.AdvertiseObject(dbus_obj);
}

void AuthenticatingForwarder::FetchJwtTokenHandler(auth_client::APIResponse &resp) {
        auth_in_progress_ = false;

        forwarder_.Cancel();

        if (resp) {
                // ":0" port number means pick random port in user range.
                auto err = forwarder_.AsyncForward("http://127.0.0.1:0", resp.value().server_url);
                if (err == error::NoError) {
                        Cache(resp.value().token, forwarder_.GetUrl());
                } else {
                        // Should not happen, but as a desperate response, give the remote url to
                        // clients instead of our local one. At least then they might be able to
                        // connect, it just won't be through the proxy.
                        log::Error("Unable to start a local HTTP proxy: " + err.String());
                        Cache(resp.value().token, resp.value().server_url);
                }

                dbus_server_.EmitSignal<dbus::StringPair>(
                        "/io/mender/AuthenticationManager",
                        "io.mender.Authentication1",
                        "JwtTokenStateChange",
                        dbus::StringPair {cached_jwt_token_, cached_server_url_});
        } else {
                ClearCache();
                log::Error("Failed to fetch new token: " + resp.error().String());
        }
}

} // namespace ipc
} // namespace auth
} // namespace mender

1	// Copyright 2023 Northern.tech AS
2	//
3	// Licensed under the Apache License, Version 2.0 (the "License");
4	// you may not use this file except in compliance with the License.
5	// You may obtain a copy of the License at
6	//
7	// http://www.apache.org/licenses/LICENSE-2.0
8	//
9	// Unless required by applicable law or agreed to in writing, software
10	// distributed under the License is distributed on an "AS IS" BASIS,
11	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12	// See the License for the specific language governing permissions and
13	// limitations under the License.
14
15	#include <mender-auth/ipc/server.hpp>
16
17	#include <functional>
18	#include <iostream>
19	#include <string>
20
21	#include <api/auth.hpp>
22	#include <common/error.hpp>
23	#include <common/expected.hpp>
24	#include <common/dbus.hpp>
25	#include <common/log.hpp>
26
27	namespace mender {
28	namespace auth {
29	namespace ipc {
30
31	namespace auth_client = mender::api::auth;
32	namespace error = mender::common::error;
33	namespace expected = mender::common::expected;
34	namespace dbus = mender::common::dbus;
35
36	using namespace std;
37
38	// Register DBus object handling auth methods and signals
39	error::Error AuthenticatingForwarder::Listen(	3✔
40	const string &private_key_path, const string &identity_script_path) {
41	// Cannot serve new tokens when not knowing where to fetch them from.
42	AssertOrReturnError(servers_.size() > 0);	3✔
43
44	auto dbus_obj = make_shared<dbus::DBusObject>("/io/mender/AuthenticationManager");	3✔
45	dbus_obj->AddMethodHandler<dbus::ExpectedStringPair>(	3✔
46	"io.mender.AuthenticationManager", "io.mender.Authentication1", "GetJwtToken", [this]() {	1✔
47	return dbus::StringPair {GetJWTToken(), GetServerURL()};	2✔
48	});	6✔
49	dbus_obj->AddMethodHandler<expected::ExpectedBool>(	3✔
50	"io.mender.AuthenticationManager",
51	"io.mender.Authentication1",
52	"FetchJwtToken",
53	[this, private_key_path, identity_script_path]() {	6✔
54	if (auth_in_progress_) {	2✔
55	// Already authenticating, nothing to do here.
56	return true;
57	}
58	auto err = auth_client::FetchJWTToken(
59	client_,	2✔
60	servers_,
61	private_key_path,	2✔
62	identity_script_path == "" ? default_identity_script_path_ : identity_script_path,	2✔
63	[this](auth_client::APIResponse resp) { FetchJwtTokenHandler(resp); },	2✔
64	tenant_token_);	2✔
65	if (err != error::NoError) {	2✔
66	log::Error("Failed to trigger token fetching: " + err.String());	×
67	return false;	×
68	}
69	auth_in_progress_ = true;	2✔
70	return true;	2✔
71	});	6✔
72
73	return dbus_server_.AdvertiseObject(dbus_obj);	6✔
74	}
75
76	void AuthenticatingForwarder::FetchJwtTokenHandler(auth_client::APIResponse &resp) {	2✔
77	auth_in_progress_ = false;	2✔
78
79	forwarder_.Cancel();	2✔
80
81	if (resp) {	2✔
82	// ":0" port number means pick random port in user range.
83	auto err = forwarder_.AsyncForward("http://127.0.0.1:0", resp.value().server_url);	4✔
84	if (err == error::NoError) {	2✔
85	Cache(resp.value().token, forwarder_.GetUrl());	4✔
86	} else {
87	// Should not happen, but as a desperate response, give the remote url to
88	// clients instead of our local one. At least then they might be able to
89	// connect, it just won't be through the proxy.
90	log::Error("Unable to start a local HTTP proxy: " + err.String());	×
91	Cache(resp.value().token, resp.value().server_url);	×
92	}
93
94	dbus_server_.EmitSignal<dbus::StringPair>(	2✔
95	"/io/mender/AuthenticationManager",
96	"io.mender.Authentication1",
97	"JwtTokenStateChange",
98	dbus::StringPair {cached_jwt_token_, cached_server_url_});	4✔
99	} else {
100	ClearCache();	×
101	log::Error("Failed to fetch new token: " + resp.error().String());	×
102	}
103	}	2✔
104
105	} // namespace ipc
106	} // namespace auth
107	} // namespace mender

mendersoftware / mender / 1046218969

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous