feat(server): allow registering renewal for forgotten agents
arcad/emissary/pipeline/head This commit looks good Details

This commit is contained in:
wpetit 2024-03-04 18:52:19 +01:00
parent f6ffb68c43
commit ab08d30d2a
1 changed files with 25 additions and 15 deletions

View File

@ -50,8 +50,8 @@ func (m *Mount) registerAgent(w http.ResponseWriter, r *http.Request) {
} }
if !validSignature { if !validSignature {
logger.Warn(ctx, "conflicting signature", logger.F("signature", registerAgentReq.Signature)) logger.Warn(ctx, "invalid thumbprint signature", logger.F("signature", registerAgentReq.Signature))
api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil) api.ErrorResponse(w, http.StatusBadRequest, api.ErrCodeInvalidRequest, nil)
return return
} }
@ -109,6 +109,7 @@ func (m *Mount) registerAgent(w http.ResponseWriter, r *http.Request) {
return return
} }
if agent.Status != datastore.AgentStatusForgotten {
validSignature, err = jwk.Verify(agent.KeySet.Set, registerAgentReq.Signature, registerAgentReq.Thumbprint, registerAgentReq.Metadata) validSignature, err = jwk.Verify(agent.KeySet.Set, registerAgentReq.Signature, registerAgentReq.Thumbprint, registerAgentReq.Metadata)
if err != nil { if err != nil {
err = errors.WithStack(err) err = errors.WithStack(err)
@ -121,17 +122,26 @@ func (m *Mount) registerAgent(w http.ResponseWriter, r *http.Request) {
if !validSignature { if !validSignature {
logger.Error(ctx, "invalid signature") logger.Error(ctx, "invalid signature")
api.ErrorResponse(w, http.StatusBadRequest, api.ErrCodeInvalidRequest, nil) api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
return return
} }
}
updates := []datastore.AgentUpdateOptionFunc{
datastore.WithAgentUpdateKeySet(keySet),
datastore.WithAgentUpdateMetadata(metadata),
datastore.WithAgentUpdateThumbprint(registerAgentReq.Thumbprint),
}
if agent.Status == datastore.AgentStatusForgotten {
updates = append(updates, datastore.WithAgentUpdateStatus(datastore.AgentStatusPending))
}
agent, err = m.agentRepo.Update( agent, err = m.agentRepo.Update(
ctx, ctx,
agents[0].ID, agents[0].ID,
datastore.WithAgentUpdateKeySet(keySet), updates...,
datastore.WithAgentUpdateMetadata(metadata),
datastore.WithAgentUpdateThumbprint(registerAgentReq.Thumbprint),
) )
if err != nil { if err != nil {
err = errors.WithStack(err) err = errors.WithStack(err)