1056184062

Committed 31 Oct 2023 12:41PM UTC coverage: 80.182% (+0.3%) from 79.877%

Build # 1056184062

Build Type

push

gitlab-ci

Committed by

kacf

Commit Message

chore: Do not try to resume requests that were cancelled by callers.

This requires us to move the destruction of the inner reader until
after the body handler has been called, otherwise it will trigger
another `operation_canceled` error which we don't want.

Ticket: MEN-6807

Signed-off-by: Kristian Amlie <kristian.amlie@northern.tech>

Run Details

5 of 5 new or added lines in 1 file covered. (100.0%)

6890 of 8593 relevant lines covered (80.18%)

9363.89 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

83.78

/src/mender-auth/ipc/server.cpp

// Copyright 2023 Northern.tech AS
//
//    Licensed under the Apache License, Version 2.0 (the "License");
//    you may not use this file except in compliance with the License.
//    You may obtain a copy of the License at
//
//        http://www.apache.org/licenses/LICENSE-2.0
//
//    Unless required by applicable law or agreed to in writing, software
//    distributed under the License is distributed on an "AS IS" BASIS,
//    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
//    See the License for the specific language governing permissions and
//    limitations under the License.

#include <mender-auth/ipc/server.hpp>

#include <functional>
#include <iostream>
#include <string>

#include <api/auth.hpp>
#include <common/error.hpp>
#include <common/expected.hpp>
#include <common/dbus.hpp>
#include <common/log.hpp>

namespace mender {
namespace auth {
namespace ipc {

namespace auth_client = mender::api::auth;
namespace error = mender::common::error;
namespace expected = mender::common::expected;
namespace dbus = mender::common::dbus;

using namespace std;

// Register DBus object handling auth methods and signals
error::Error AuthenticatingForwarder::Listen(
        const string &private_key_path, const string &identity_script_path) {
        // Cannot serve new tokens when not knowing where to fetch them from.
        AssertOrReturnError(servers_.size() > 0);

        auto dbus_obj = make_shared<dbus::DBusObject>("/io/mender/AuthenticationManager");
        dbus_obj->AddMethodHandler<dbus::ExpectedStringPair>(
                "io.mender.Authentication1", "GetJwtToken", [this]() {
                        return dbus::StringPair {GetJWTToken(), GetServerURL()};
                });
        dbus_obj->AddMethodHandler<expected::ExpectedBool>(
                "io.mender.Authentication1",
                "FetchJwtToken",
                [this, private_key_path, identity_script_path]() {
                        if (auth_in_progress_) {
                                // Already authenticating, nothing to do here.
                                return true;
                        }
                        auto err = auth_client::FetchJWTToken(
                                client_,
                                servers_,
                                private_key_path,
                                identity_script_path == "" ? default_identity_script_path_ : identity_script_path,
                                [this](auth_client::APIResponse resp) { FetchJwtTokenHandler(resp); },
                                tenant_token_);
                        if (err != error::NoError) {
                                log::Error("Failed to trigger token fetching: " + err.String());
                                return false;
                        }
                        auth_in_progress_ = true;
                        return true;
                });

        return dbus_server_.AdvertiseObject(dbus_obj);
}

void AuthenticatingForwarder::FetchJwtTokenHandler(auth_client::APIResponse &resp) {
        auth_in_progress_ = false;

        forwarder_.Cancel();

        if (resp) {
                // ":0" port number means pick random port in user range.
                auto err = forwarder_.AsyncForward("http://127.0.0.1:0", resp.value().server_url);
                if (err == error::NoError) {
                        Cache(resp.value().token, forwarder_.GetUrl());
                } else {
                        // Should not happen, but as a desperate response, give the remote url to
                        // clients instead of our local one. At least then they might be able to
                        // connect, it just won't be through the proxy.
                        log::Error("Unable to start a local HTTP proxy: " + err.String());
                        Cache(resp.value().token, resp.value().server_url);
                }

                log::Info("Successfully received new authorization data");
                dbus_server_.EmitSignal<dbus::StringPair>(
                        "/io/mender/AuthenticationManager",
                        "io.mender.Authentication1",
                        "JwtTokenStateChange",
                        dbus::StringPair {cached_jwt_token_, cached_server_url_});
        } else {
                ClearCache();
                log::Error("Failed to fetch new token: " + resp.error().String());
        }
}

} // namespace ipc
} // namespace auth
} // namespace mender

1	// Copyright 2023 Northern.tech AS
2	//
3	// Licensed under the Apache License, Version 2.0 (the "License");
4	// you may not use this file except in compliance with the License.
5	// You may obtain a copy of the License at
6	//
7	// http://www.apache.org/licenses/LICENSE-2.0
8	//
9	// Unless required by applicable law or agreed to in writing, software
10	// distributed under the License is distributed on an "AS IS" BASIS,
11	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12	// See the License for the specific language governing permissions and
13	// limitations under the License.
14
15	#include <mender-auth/ipc/server.hpp>
16
17	#include <functional>
18	#include <iostream>
19	#include <string>
20
21	#include <api/auth.hpp>
22	#include <common/error.hpp>
23	#include <common/expected.hpp>
24	#include <common/dbus.hpp>
25	#include <common/log.hpp>
26
27	namespace mender {
28	namespace auth {
29	namespace ipc {
30
31	namespace auth_client = mender::api::auth;
32	namespace error = mender::common::error;
33	namespace expected = mender::common::expected;
34	namespace dbus = mender::common::dbus;
35
36	using namespace std;
37
38	// Register DBus object handling auth methods and signals
39	error::Error AuthenticatingForwarder::Listen(	3✔
40	const string &private_key_path, const string &identity_script_path) {
41	// Cannot serve new tokens when not knowing where to fetch them from.
42	AssertOrReturnError(servers_.size() > 0);	3✔
43
44	auto dbus_obj = make_shared<dbus::DBusObject>("/io/mender/AuthenticationManager");	3✔
45	dbus_obj->AddMethodHandler<dbus::ExpectedStringPair>(	3✔
46	"io.mender.Authentication1", "GetJwtToken", [this]() {	1✔
47	return dbus::StringPair {GetJWTToken(), GetServerURL()};	2✔
48	});	6✔
49	dbus_obj->AddMethodHandler<expected::ExpectedBool>(	3✔
50	"io.mender.Authentication1",
51	"FetchJwtToken",
52	[this, private_key_path, identity_script_path]() {	6✔
53	if (auth_in_progress_) {	2✔
54	// Already authenticating, nothing to do here.
55	return true;
56	}
57	auto err = auth_client::FetchJWTToken(
58	client_,	2✔
59	servers_,
60	private_key_path,	2✔
61	identity_script_path == "" ? default_identity_script_path_ : identity_script_path,	2✔
62	[this](auth_client::APIResponse resp) { FetchJwtTokenHandler(resp); },	2✔
63	tenant_token_);	2✔
64	if (err != error::NoError) {	2✔
65	log::Error("Failed to trigger token fetching: " + err.String());	×
66	return false;	×
67	}
68	auth_in_progress_ = true;	2✔
69	return true;	2✔
70	});	6✔
71
72	return dbus_server_.AdvertiseObject(dbus_obj);	6✔
73	}
74
75	void AuthenticatingForwarder::FetchJwtTokenHandler(auth_client::APIResponse &resp) {	2✔
76	auth_in_progress_ = false;	2✔
77
78	forwarder_.Cancel();	2✔
79
80	if (resp) {	2✔
81	// ":0" port number means pick random port in user range.
82	auto err = forwarder_.AsyncForward("http://127.0.0.1:0", resp.value().server_url);	4✔
83	if (err == error::NoError) {	2✔
84	Cache(resp.value().token, forwarder_.GetUrl());	4✔
85	} else {
86	// Should not happen, but as a desperate response, give the remote url to
87	// clients instead of our local one. At least then they might be able to
88	// connect, it just won't be through the proxy.
89	log::Error("Unable to start a local HTTP proxy: " + err.String());	×
90	Cache(resp.value().token, resp.value().server_url);	×
91	}
92
93	log::Info("Successfully received new authorization data");	4✔
94	dbus_server_.EmitSignal<dbus::StringPair>(	2✔
95	"/io/mender/AuthenticationManager",
96	"io.mender.Authentication1",
97	"JwtTokenStateChange",
98	dbus::StringPair {cached_jwt_token_, cached_server_url_});	4✔
99	} else {
100	ClearCache();	×
101	log::Error("Failed to fetch new token: " + resp.error().String());	×
102	}
103	}	2✔
104
105	} // namespace ipc
106	} // namespace auth
107	} // namespace mender

mendersoftware / mender / 1056184062

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous