authendicating cli

rename owner_wallet to admin_pubkey in AppContract and related functions
2025-02-18 21:03:23 +05:30 · 2025-02-18 21:03:23 +05:30 · 675933dd7c
commit 675933dd7c
parent 2cada47d24
3 changed files with 56 additions and 47 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -418,12 +418,13 @@ dependencies = [
 [[package]]
 name = "detee-shared"
 version = "0.1.0"
-source = "git+ssh://git@gitea.detee.cloud/noormohammedb/detee-shared?branch=stable_01#ee592c71d6c760ef05ef4f8b5c88b31fcbaf52aa"
+source = "git+ssh://git@gitea.detee.cloud/noormohammedb/detee-shared?branch=stable_01#54abe74d42946b238c2ce44bb33f55778490b13d"
 dependencies = [
 "base64",
 "prost",
 "serde",
- "serde_yml",
+ "serde_yaml",
+ "thiserror",
 "tonic",
 "tonic-build",
 ]
@ -1059,16 +1060,6 @@ version = "0.2.169"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b5aba8db14291edd000dfcc4d620c7ebfb122c613afb886ca8803fa4e128a20a"

-[[package]]
-name = "libyml"
-version = "0.0.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3302702afa434ffa30847a83305f0a69d6abd74293b6554c18ec85c7ef30c980"
-dependencies = [
- "anyhow",
- "version_check",
-]
-
 [[package]]
 name = "linux-raw-sys"
 version = "0.4.15"
@ -1687,18 +1678,16 @@ dependencies = [
 ]

 [[package]]
-name = "serde_yml"
-version = "0.0.12"
+name = "serde_yaml"
+version = "0.9.34+deprecated"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "59e2dd588bf1597a252c3b920e0143eb99b0f76e4e082f4c92ce34fbc9e71ddd"
+checksum = "6a8b1a1a2ebf674015cc02edccce75287f1a0130d394307b36743c2f5d504b47"
 dependencies = [
 "indexmap 2.7.1",
 "itoa",
- "libyml",
- "memchr",
 "ryu",
 "serde",
- "version_check",
+ "unsafe-libyaml",
 ]

 [[package]]
@ -2102,6 +2091,12 @@ version = "1.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a210d160f08b701c8721ba1c726c11662f877ea6b7094007e1ca9a1041945034"

+[[package]]
+name = "unsafe-libyaml"
+version = "0.2.11"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "673aac59facbab8a9007c7f6108d11f63b603f7cabff99fabf650fea5c32b861"
+
 [[package]]
 name = "untrusted"
 version = "0.9.0"
--- a/src/data.rs
+++ b/src/data.rs
@ -142,7 +142,7 @@ impl Into<grpc::VmContract> for VmContract {
 pub struct AppContract {
    pub uuid: String,
    pub package_url: String,
-    pub owner_wallet: String,
+    pub admin_pubkey: String,
    pub node_pubkey: String,
    pub mapped_ports: Vec<(u16, u16)>,
    pub host_ipv4: String,
@ -162,7 +162,7 @@ impl From<AppContract> for AppContractPB {
    fn from(value: AppContract) -> Self {
        Self {
            uuid: value.uuid,
-            owner_wallet: value.owner_wallet,
+            admin_pubkey: value.admin_pubkey,
            node_pubkey: value.node_pubkey,
            package_url: value.package_url,
            exposed_ports: value
@ -177,8 +177,8 @@ impl From<AppContract> for AppContractPB {

 #[derive(Eq, Hash, PartialEq, Clone, Debug, Default)]
 pub struct AppNode {
-    pub public_key: String,
-    pub owner_key: String,
+    pub node_pubkey: String,
+    pub operator_pubkey: String,
    pub country: String,
    pub region: String,
    pub city: String,
@ -782,9 +782,9 @@ impl BrainData {
    pub fn insert_app_node(&self, node: AppNode) {
        let mut nodes = self.app_nodes.write().unwrap();
        for n in nodes.iter_mut() {
-            if n.public_key == node.public_key {
+            if n.node_pubkey == node.node_pubkey {
                // TODO: figure what to do in this case.
-                warn!("Node {} already exists. Updating data.", n.public_key);
+                warn!("Node {} already exists. Updating data.", n.node_pubkey);
                *n = node;
                return;
            }
@ -797,17 +797,17 @@ impl BrainData {
        contracts.iter().find(|c| c.uuid == uuid).cloned()
    }

-    pub fn find_app_contracts_by_admin_pubkey(&self, owner_wallet: &str) -> Vec<AppContract> {
-        debug!("Searching contracts for admin pubkey {owner_wallet}");
+    pub fn find_app_contracts_by_admin_pubkey(&self, admin_pubkey: &str) -> Vec<AppContract> {
+        debug!("Searching contracts for admin pubkey {admin_pubkey}");
        let contracts: Vec<AppContract> = self
            .app_contracts
            .read()
            .unwrap()
            .iter()
-            .filter(|c| c.owner_wallet == owner_wallet)
+            .filter(|c| c.admin_pubkey == admin_pubkey)
            .cloned()
            .collect();
-        debug!("Found {} contracts or {owner_wallet}.", contracts.len());
+        debug!("Found {} contracts or {admin_pubkey}.", contracts.len());
        contracts
    }

@ -908,7 +908,7 @@ impl BrainData {
        if let Err(err) = new_container_req.1.send(new_container_resp.clone()) {
            log::error!(
                "CLI RX for {} dropped before receiving confirmation {:?}.\n{:?}",
-                &new_container_req.0.owner_wallet,
+                &new_container_req.0.admin_pubkey,
                new_container_resp,
                err
            );
@ -918,7 +918,7 @@ impl BrainData {
            uuid: new_container_req.0.uuid,
            node_pubkey: new_container_req.0.node_pubkey.clone(),
            package_url: new_container_req.0.package_url,
-            owner_wallet: new_container_req.0.owner_wallet,
+            admin_pubkey: new_container_req.0.admin_pubkey,
            ..Default::default()
        };
        log::info!("Created new app contract: {app_contracts:?}");
--- a/src/grpc.rs
+++ b/src/grpc.rs
@ -366,15 +366,15 @@ impl BrainAppCli for BrainAppCliMock {
        &self,
        req: tonic::Request<NewAppReq>,
    ) -> Result<tonic::Response<NewAppRes>, Status> {
-        let req = req.into_inner();
-        log::info!("Creating new container: {req:?}");
-        let owner_wallet = req.owner_wallet.clone();
+        let req_data = check_sig_from_req(req)?;
+        log::info!("Creating new container: {req_data:?}");
+        let admin_pubkey = req_data.admin_pubkey.clone();
        let (oneshot_tx, oneshot_rx) = tokio::sync::oneshot::channel();
-        self.data.send_new_container_req(req, oneshot_tx).await;
+        self.data.send_new_container_req(req_data, oneshot_tx).await;

        match oneshot_rx.await {
            Ok(response) => {
-                info!("responding container confirmation to {owner_wallet}: {response:?}");
+                info!("responding container confirmation to {admin_pubkey}: {response:?}");
                Ok(Response::new(response))
            }
            Err(e) => {
@ -390,9 +390,9 @@ impl BrainAppCli for BrainAppCliMock {
        &self,
        req: tonic::Request<DelAppReq>,
    ) -> Result<tonic::Response<detee_shared::sgx::pb::brain::Empty>, Status> {
-        let req = req.into_inner();
-        log::info!("deleting container: {}", req.uuid.clone());
-        if let Err(er) = self.data.send_del_container_req(req).await {
+        let req_data = check_sig_from_req(req)?;
+        log::info!("deleting container: {}", req_data.uuid.clone());
+        if let Err(er) = self.data.send_del_container_req(req_data).await {
            info!("Could not delete container: {er}");
            return Err(Status::not_found("Could not find container"));
        };
@ -404,12 +404,10 @@ impl BrainAppCli for BrainAppCliMock {
        &self,
        req: tonic::Request<ListAppContractsReq>,
    ) -> Result<tonic::Response<Self::ListAppContractsStream>, Status> {
-        let req_data = req.into_inner();
-        dbg!(&req_data);
-
+        let req_data = check_sig_from_req(req)?;
        let app_contracts = self
            .data
-            .find_app_contracts_by_admin_pubkey(&req_data.owner_wallet);
+            .find_app_contracts_by_admin_pubkey(&req_data.admin_pubkey);

        let (tx, rx) = mpsc::channel(6);
        tokio::spawn(async move {
@ -437,12 +435,12 @@ impl BrainAppDaemon for BrainAppDaemonMock {
        log::info!(
            "registering app node_key : {}, owner_key: {}",
            &req_data.node_pubkey,
-            &req_data.owner_pubkey
+            &req_data.operator_pubkey
        );

        let app_node = crate::data::AppNode {
-            public_key: req_data.node_pubkey.clone(),
-            owner_key: req_data.owner_pubkey,
+            node_pubkey: req_data.node_pubkey.clone(),
+            operator_pubkey: req_data.operator_pubkey,
            ip: req_data.main_ip,
            city: req_data.city,
            region: req_data.region,
@ -528,8 +526,6 @@ impl BrainAppDaemon for BrainAppDaemonMock {
                    Some(detee_shared::sgx::pb::brain::daemon_message_app::Msg::Auth(
                        daemon_auth,
                    )) => {
-                        dbg!(&daemon_auth);
-                        // TODO: wip on authendication
                        pubkey = daemon_auth.pubkey;
                    }
                    Some(detee_shared::sgx::pb::brain::daemon_message_app::Msg::NewAppRes(
@ -617,6 +613,24 @@ impl PubkeyGetter for RegisterAppNodeReq {
    }
 }

+impl PubkeyGetter for NewAppReq {
+    fn get_pubkey(&self) -> Option<String> {
+        Some(self.admin_pubkey.clone())
+    }
+}
+
+impl PubkeyGetter for DelAppReq {
+    fn get_pubkey(&self) -> Option<String> {
+        Some(self.admin_pubkey.clone())
+    }
+}
+
+impl PubkeyGetter for ListAppContractsReq {
+    fn get_pubkey(&self) -> Option<String> {
+        Some(self.admin_pubkey.clone())
+    }
+}
+
 fn check_sig_from_req<T: std::fmt::Debug + PubkeyGetter>(req: Request<T>) -> Result<T, Status> {
    let time = match req.metadata().get("timestamp") {
        Some(t) => t.clone(),