authendicating daemon

2025-02-11 11:37:07 +00:00 · 2025-02-11 11:37:07 +00:00 · 784878d0a1
commit 784878d0a1
parent 3b3221099f
2 changed files with 43 additions and 7 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -418,6 +418,7 @@ dependencies = [
 [[package]]
 name = "detee-shared"
 version = "0.1.0"
+source = "git+ssh://git@gitea.detee.cloud/noormohammedb/detee-shared?branch=stable_01#f2bc29149e32df09508519f3f88cdf880728e6dd"
 dependencies = [
 "base64",
 "prost",
--- a/src/grpc.rs
+++ b/src/grpc.rs
@ -469,12 +469,23 @@ impl BrainAppDaemon for BrainAppDaemonMock {

    async fn brain_messages(
        &self,
-        req: tonic::Request<detee_shared::pb::brain::Pubkey>,
+        req: tonic::Request<detee_shared::pb::brain::DaemonAuth>,
    ) -> Result<tonic::Response<Self::BrainMessagesStream>, Status> {
-        let req = req.into_inner();
-        info!("Daemon {} connected to receive brain messages", req.pubkey);
+        let req_data = req.into_inner();
+        let pubkey = req_data.pubkey.clone();
+        check_sig_from_parts(
+            &pubkey,
+            &req_data.timestamp,
+            &format!("{:?}", req_data.contracts),
+            &req_data.signature,
+        )?;
+
+        info!(
+            "Daemon {} connected to receive brain messages",
+            req_data.pubkey
+        );
        let (tx, rx) = mpsc::channel(6);
-        self.data.add_app_daemon_tx(&req.pubkey, tx);
+        self.data.add_app_daemon_tx(&req_data.pubkey, tx);
        let output_stream = ReceiverStream::new(rx).map(Ok);
        Ok(Response::new(
            Box::pin(output_stream) as Self::BrainMessagesStream
@ -488,11 +499,35 @@ impl BrainAppDaemon for BrainAppDaemonMock {
        let mut req_stream = req.into_inner();
        let mut pubkey = String::new();

+        if let Some(Ok(msg)) = req_stream.next().await {
+            log::debug!(
+                "demon_messages received the following auth message: {:?}",
+                msg.msg
+            );
+            if let Some(detee_shared::pb::brain::daemon_message_app::Msg::Auth(auth)) = msg.msg {
+                pubkey = auth.pubkey.clone();
+                check_sig_from_parts(
+                    &pubkey,
+                    &auth.timestamp,
+                    &format!("{:?}", auth.contracts),
+                    &auth.signature,
+                )?;
+            } else {
+                return Err(Status::unauthenticated(
+                    "Could not authenticate the daemon: could not extract auth signature",
+                ));
+            }
+        } else {
+            return Err(Status::unauthenticated("Could not authenticate the daemon"));
+        }
+
        while let Some(daemon_message) = req_stream.next().await {
            match daemon_message {
                Ok(msg) => match msg.msg {
-                    Some(detee_shared::pb::brain::daemon_message_app::Msg::Pubkey(node_pubkey)) => {
-                        pubkey = node_pubkey;
+                    Some(detee_shared::pb::brain::daemon_message_app::Msg::Auth(daemon_auth)) => {
+                        dbg!(&daemon_auth);
+                        // TODO: wip on authendication
+                        pubkey = daemon_auth.pubkey;
                    }
                    Some(detee_shared::pb::brain::daemon_message_app::Msg::NewAppRes(new_cont)) => {
                        self.data.send_new_container_resp(new_cont).await;
@ -500,7 +535,7 @@ impl BrainAppDaemon for BrainAppDaemonMock {
                    Some(detee_shared::pb::brain::daemon_message_app::Msg::AppNodeResources(_)) => {
                        todo!("AppNodeResources not implemented yet");
                    }
-                    None => {
+                    _ => {
                        dbg!("None");
                    }
                },