Compare commits
4 Commits
2024.3.3-s
...
2024.3.4-s
Author | SHA1 | Date | |
---|---|---|---|
0b34b485da | |||
ab08d30d2a | |||
f6ffb68c43 | |||
4a1a434556 |
@ -183,7 +183,7 @@ func assertMatchingAgent() assertAgent {
|
||||
}
|
||||
|
||||
agent := u.Agent()
|
||||
if agent != nil && agent.ID == agentID {
|
||||
if agent != nil && agent.ID == agentID && agent.Status == datastore.AgentStatusAccepted {
|
||||
return true
|
||||
}
|
||||
|
||||
|
@ -50,8 +50,8 @@ func (m *Mount) registerAgent(w http.ResponseWriter, r *http.Request) {
|
||||
}
|
||||
|
||||
if !validSignature {
|
||||
logger.Warn(ctx, "conflicting signature", logger.F("signature", registerAgentReq.Signature))
|
||||
api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
|
||||
logger.Warn(ctx, "invalid thumbprint signature", logger.F("signature", registerAgentReq.Signature))
|
||||
api.ErrorResponse(w, http.StatusBadRequest, api.ErrCodeInvalidRequest, nil)
|
||||
|
||||
return
|
||||
}
|
||||
@ -109,29 +109,39 @@ func (m *Mount) registerAgent(w http.ResponseWriter, r *http.Request) {
|
||||
return
|
||||
}
|
||||
|
||||
validSignature, err = jwk.Verify(agent.KeySet.Set, registerAgentReq.Signature, registerAgentReq.Thumbprint, registerAgentReq.Metadata)
|
||||
if err != nil {
|
||||
err = errors.WithStack(err)
|
||||
logger.Error(ctx, "could not validate signature using previous keyset", logger.CapturedE(err))
|
||||
if agent.Status != datastore.AgentStatusForgotten {
|
||||
validSignature, err = jwk.Verify(agent.KeySet.Set, registerAgentReq.Signature, registerAgentReq.Thumbprint, registerAgentReq.Metadata)
|
||||
if err != nil {
|
||||
err = errors.WithStack(err)
|
||||
logger.Error(ctx, "could not validate signature using previous keyset", logger.CapturedE(err))
|
||||
|
||||
api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
|
||||
api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
|
||||
|
||||
return
|
||||
return
|
||||
}
|
||||
|
||||
if !validSignature {
|
||||
logger.Error(ctx, "invalid signature")
|
||||
api.ErrorResponse(w, http.StatusConflict, ErrCodeConflict, nil)
|
||||
|
||||
return
|
||||
}
|
||||
}
|
||||
|
||||
if !validSignature {
|
||||
logger.Error(ctx, "invalid signature")
|
||||
api.ErrorResponse(w, http.StatusBadRequest, api.ErrCodeInvalidRequest, nil)
|
||||
updates := []datastore.AgentUpdateOptionFunc{
|
||||
datastore.WithAgentUpdateKeySet(keySet),
|
||||
datastore.WithAgentUpdateMetadata(metadata),
|
||||
datastore.WithAgentUpdateThumbprint(registerAgentReq.Thumbprint),
|
||||
}
|
||||
|
||||
return
|
||||
if agent.Status == datastore.AgentStatusForgotten {
|
||||
updates = append(updates, datastore.WithAgentUpdateStatus(datastore.AgentStatusPending))
|
||||
}
|
||||
|
||||
agent, err = m.agentRepo.Update(
|
||||
ctx,
|
||||
agents[0].ID,
|
||||
datastore.WithAgentUpdateKeySet(keySet),
|
||||
datastore.WithAgentUpdateMetadata(metadata),
|
||||
datastore.WithAgentUpdateThumbprint(registerAgentReq.Thumbprint),
|
||||
updates...,
|
||||
)
|
||||
if err != nil {
|
||||
err = errors.WithStack(err)
|
||||
|
@ -1,3 +1,5 @@
|
||||
PRAGMA foreign_keys = 0;
|
||||
|
||||
CREATE TABLE tenants (
|
||||
id TEXT PRIMARY KEY,
|
||||
label TEXT NOT NULL,
|
||||
@ -49,4 +51,6 @@ CREATE TABLE specs
|
||||
|
||||
INSERT INTO specs SELECT id, agent_id, name, revision, data, created_at, updated_at, 0 FROM _specs;
|
||||
|
||||
DROP TABLE _specs;
|
||||
DROP TABLE _specs;
|
||||
|
||||
PRAGMA foreign_keys = 1;
|
@ -5,6 +5,7 @@ import (
|
||||
"context"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io"
|
||||
"net/http"
|
||||
|
||||
"github.com/pkg/errors"
|
||||
@ -95,12 +96,15 @@ func (c *Client) apiDo(ctx context.Context, method string, path string, payload
|
||||
|
||||
defer res.Body.Close()
|
||||
|
||||
decoder := json.NewDecoder(res.Body)
|
||||
|
||||
if err := decoder.Decode(&response); err != nil {
|
||||
data, err := io.ReadAll(res.Body)
|
||||
if err != nil {
|
||||
return errors.WithStack(err)
|
||||
}
|
||||
|
||||
if err := json.Unmarshal(data, &response); err != nil {
|
||||
return errors.Wrapf(err, "could not parse json: got '%s'", data)
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
|
Reference in New Issue
Block a user