feat(server): assert agent is accepted for api operations

internal/auth/agent/user.go

@@ -1,6 +1,7 @@
 package agent
 
 import (
+	"encoding/json"
 	"fmt"
 
 	"forge.cadoles.com/Cadoles/emissary/internal/auth"
@@ -29,4 +30,18 @@ func (u *User) Agent() *datastore.Agent {
 	return u.agent
 }
 
+func (u *User) MarshalJSON() ([]byte, error) {
+	type user struct {
+		Subject string `json:"subject"`
+		Tenant  string `json:"tenant"`
+	}
+
+	jsonUser := user{
+		Subject: u.Subject(),
+		Tenant:  string(u.Tenant()),
+	}
+
+	return json.Marshal(jsonUser)
+}
+
 var _ auth.User = &User{}

internal/auth/middleware.go

@@ -64,16 +64,16 @@ func Middleware(authenticators ...Authenticator) func(http.Handler) http.Handler
 			}
 
 			if user == nil {
-				isUnauthorized, isUnauthenticated, isUnknown := checkErrors(errs)
+				hasUnauthorized, hasUnauthenticated, hasUnknown := checkErrors(errs)
 
 				switch {
-				case isUnauthorized && !isUnknown:
+				case hasUnauthorized && !hasUnknown:
 					api.ErrorResponse(w, http.StatusForbidden, api.ErrCodeForbidden, nil)
 					return
-				case isUnauthenticated && !isUnknown:
-					api.ErrorResponse(w, http.StatusForbidden, api.ErrCodeForbidden, nil)
+				case hasUnauthenticated && !hasUnknown:
+					api.ErrorResponse(w, http.StatusUnauthorized, api.ErrCodeUnauthorized, nil)
 					return
-				case isUnknown:
+				case hasUnknown:
 					api.ErrorResponse(w, http.StatusInternalServerError, api.ErrCodeUnknownError, nil)
 					return
 				default:
@@ -101,10 +101,8 @@ func checkErrors(errs []error) (isUnauthorized bool, isUnauthenticated bool, isU
 		switch {
 		case errors.Is(e, ErrUnauthorized):
 			isUnauthorized = true
-			continue
 		case errors.Is(e, ErrUnauthenticated):
 			isUnauthenticated = true
-			continue
 		default:
 			isUnknown = true
 		}

internal/auth/user/user.go

@@ -1,6 +1,8 @@
 package user
 
 import (
+	"encoding/json"
+
 	"forge.cadoles.com/Cadoles/emissary/internal/auth"
 	"forge.cadoles.com/Cadoles/emissary/internal/datastore"
 )
@@ -39,4 +41,20 @@ func (u *User) Role() Role {
 	return u.role
 }
 
+func (u *User) MarshalJSON() ([]byte, error) {
+	type user struct {
+		Subject string `json:"subject"`
+		Tenant  string `json:"tenant"`
+		Role    string `json:"role"`
+	}
+
+	jsonUser := user{
+		Subject: u.Subject(),
+		Tenant:  string(u.Tenant()),
+		Role:    string(u.Role()),
+	}
+
+	return json.Marshal(jsonUser)
+}
+
 var _ auth.User = &User{}

internal/server/api/authorization.go

@@ -183,7 +183,7 @@ func assertMatchingAgent() assertAgent {
 		}
 
 		agent := u.Agent()
-		if agent != nil && agent.ID == agentID {
+		if agent != nil && agent.ID == agentID && agent.Status == datastore.AgentStatusAccepted {
 			return true
 		}
 

internal/server/api/get_session.go

@@ -0,0 +1,35 @@
+package api
+
+import (
+	"net/http"
+
+	"forge.cadoles.com/Cadoles/emissary/internal/auth"
+	"forge.cadoles.com/Cadoles/emissary/internal/datastore"
+	"github.com/pkg/errors"
+	"gitlab.com/wpetit/goweb/api"
+	"gitlab.com/wpetit/goweb/logger"
+)
+
+func (m *Mount) getSession(w http.ResponseWriter, r *http.Request) {
+	user, ok := assertRequestUser(w, r)
+	if !ok {
+		return
+	}
+
+	ctx := r.Context()
+
+	tenant, err := m.tenantRepo.Get(ctx, user.Tenant())
+	if err != nil && !errors.Is(err, datastore.ErrNotFound) {
+		err = errors.WithStack(err)
+		logger.Error(ctx, "could not retrieve user tenant", logger.CapturedE(err))
+		api.ErrorResponse(w, http.StatusInternalServerError, ErrCodeUnknownError, nil)
+	}
+
+	api.DataResponse(w, http.StatusOK, struct {
+		User   auth.User         `json:"user"`
+		Tenant *datastore.Tenant `json:"tenant"`
+	}{
+		User:   user,
+		Tenant: tenant,
+	})
+}

internal/server/api/mount.go

@@ -23,6 +23,8 @@ func (m *Mount) Mount(r chi.Router) {
 	r.Group(func(r chi.Router) {
 		r.Use(auth.Middleware(m.authenticators...))
 
+		r.Get("/session", m.getSession)
+
 		r.Route("/agents", func(r chi.Router) {
 			r.With(assertUserWithWriteAccess).Post("/claim", m.claimAgent)
 

internal/server/api/register_agent.go

@@ -50,8 +50,8 @@ func (m *Mount) registerAgent(w http.ResponseWriter, r *http.Request) {
 	}
 
 	if !validSignature {
-		logger.Warn(ctx, "conflicting signature", logger.F("signature", registerAgentReq.Signature))
-		api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
+		logger.Warn(ctx, "invalid thumbprint signature", logger.F("signature", registerAgentReq.Signature))
+		api.ErrorResponse(w, http.StatusBadRequest, api.ErrCodeInvalidRequest, nil)
 
 		return
 	}
@@ -109,29 +109,39 @@ func (m *Mount) registerAgent(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
-		validSignature, err = jwk.Verify(agent.KeySet.Set, registerAgentReq.Signature, registerAgentReq.Thumbprint, registerAgentReq.Metadata)
-		if err != nil {
-			err = errors.WithStack(err)
-			logger.Error(ctx, "could not validate signature using previous keyset", logger.CapturedE(err))
+		if agent.Status != datastore.AgentStatusForgotten {
+			validSignature, err = jwk.Verify(agent.KeySet.Set, registerAgentReq.Signature, registerAgentReq.Thumbprint, registerAgentReq.Metadata)
+			if err != nil {
+				err = errors.WithStack(err)
+				logger.Error(ctx, "could not validate signature using previous keyset", logger.CapturedE(err))
 
-			api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
+				api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
 
-			return
+				return
+			}
+
+			if !validSignature {
+				logger.Error(ctx, "invalid signature")
+				api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
+
+				return
+			}
 		}
 
-		if !validSignature {
-			logger.Error(ctx, "invalid signature")
-			api.ErrorResponse(w, http.StatusBadRequest, api.ErrCodeInvalidRequest, nil)
+		updates := []datastore.AgentUpdateOptionFunc{
+			datastore.WithAgentUpdateKeySet(keySet),
+			datastore.WithAgentUpdateMetadata(metadata),
+			datastore.WithAgentUpdateThumbprint(registerAgentReq.Thumbprint),
+		}
 
-			return
+		if agent.Status == datastore.AgentStatusForgotten {
+			updates = append(updates, datastore.WithAgentUpdateStatus(datastore.AgentStatusPending))
 		}
 
 		agent, err = m.agentRepo.Update(
 			ctx,
 			agents[0].ID,
-			datastore.WithAgentUpdateKeySet(keySet),
-			datastore.WithAgentUpdateMetadata(metadata),
-			datastore.WithAgentUpdateThumbprint(registerAgentReq.Thumbprint),
+			updates...,
 		)
 		if err != nil {
 			err = errors.WithStack(err)

migrations/sqlite/0000003_tenant.up.sql

@@ -1,3 +1,5 @@
+PRAGMA foreign_keys = 0;
+
 CREATE TABLE tenants (
     id TEXT PRIMARY KEY,
     label TEXT NOT NULL,
@@ -49,4 +51,6 @@ CREATE TABLE specs
 
 INSERT INTO specs SELECT id, agent_id, name, revision, data, created_at, updated_at, 0 FROM _specs;
 
-DROP TABLE _specs;
+DROP TABLE _specs;
+
+PRAGMA foreign_keys = 1;

pkg/client/client.go

@@ -5,6 +5,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"io"
 	"net/http"
 
 	"github.com/pkg/errors"
@@ -95,12 +96,15 @@ func (c *Client) apiDo(ctx context.Context, method string, path string, payload
 
 	defer res.Body.Close()
 
-	decoder := json.NewDecoder(res.Body)
-
-	if err := decoder.Decode(&response); err != nil {
+	data, err := io.ReadAll(res.Body)
+	if err != nil {
 		return errors.WithStack(err)
 	}
 
+	if err := json.Unmarshal(data, &response); err != nil {
+		return errors.Wrapf(err, "could not parse json: got '%s'", data)
+	}
+
 	return nil
 }