diff --git a/src/bin/brain.rs b/src/bin/brain.rs index 62e1fb8..f549f6d 100644 --- a/src/bin/brain.rs +++ b/src/bin/brain.rs @@ -1,11 +1,13 @@ -use std::sync::Arc; - +use detee_shared::app_proto::brain_app_cli_server::BrainAppCliServer; +use detee_shared::app_proto::brain_app_daemon_server::BrainAppDaemonServer; use detee_shared::general_proto::brain_general_cli_server::BrainGeneralCliServer; use detee_shared::vm_proto::brain_vm_cli_server::BrainVmCliServer; use detee_shared::vm_proto::brain_vm_daemon_server::BrainVmDaemonServer; use dotenv::dotenv; +use std::sync::Arc; use surreal_brain::constants::{BRAIN_GRPC_ADDR, CERT_KEY_PATH, CERT_PATH}; use surreal_brain::db; +use surreal_brain::grpc::app::{AppCliServer, AppDaemonServer}; use surreal_brain::grpc::general::GeneralCliServer; use surreal_brain::grpc::vm::{VmCliServer, VmDaemonServer}; use tonic::transport::{Identity, Server, ServerTlsConfig}; @@ -31,6 +33,8 @@ async fn main() { let snp_daemon_server = BrainVmDaemonServer::new(VmDaemonServer::new(db_arc.clone())); let snp_cli_server = BrainVmCliServer::new(VmCliServer::new(db_arc.clone())); let general_service_server = BrainGeneralCliServer::new(GeneralCliServer::new(db_arc.clone())); + let sgx_daemon_server = BrainAppDaemonServer::new(AppDaemonServer::new(db_arc.clone())); + let sgx_cli_server = BrainAppCliServer::new(AppCliServer::new(db_arc.clone())); let cert_path = std::env::var("CERT_PATH").unwrap_or(CERT_PATH.to_string()); let key_path = std::env::var("CERT_KEY_PATH").unwrap_or(CERT_KEY_PATH.to_string()); @@ -45,6 +49,8 @@ async fn main() { .add_service(snp_daemon_server) .add_service(snp_cli_server) .add_service(general_service_server) + .add_service(sgx_daemon_server) + .add_service(sgx_cli_server) .serve(addr) .await .unwrap(); diff --git a/src/grpc/app.rs b/src/grpc/app.rs index 8b13789..b672cef 100644 --- a/src/grpc/app.rs +++ b/src/grpc/app.rs @@ -1 +1,154 @@ +use crate::grpc::{check_sig_from_parts, check_sig_from_req}; +use detee_shared::app_proto::brain_app_cli_server::BrainAppCli; +use detee_shared::app_proto::brain_app_daemon_server::BrainAppDaemon; +use detee_shared::app_proto::{ + daemon_message_app, AppContract, AppNodeFilters, AppNodeListResp, BrainMessageApp, DaemonAuth, + DaemonMessageApp, DelAppReq, ListAppContractsReq, RegisterAppNodeReq, +}; +use detee_shared::common_proto::Empty; +use log::info; +use std::pin::Pin; +use std::sync::Arc; +use surrealdb::engine::remote::ws::Client; +use surrealdb::Surreal; +use tokio_stream::{Stream, StreamExt}; +use tonic::{Status, Streaming}; +pub struct AppDaemonServer { + pub db: Arc>, +} + +impl AppDaemonServer { + pub fn new(db: Arc>) -> Self { + Self { db } + } +} + +#[tonic::async_trait] +impl BrainAppDaemon for AppDaemonServer { + type RegisterAppNodeStream = Pin> + Send>>; + type BrainMessagesStream = Pin> + Send>>; + + async fn register_app_node( + &self, + req: tonic::Request, + ) -> Result::RegisterAppNodeStream>, tonic::Status> + { + let req = check_sig_from_req(req)?; + info!("Starting app_node registration process for {:?}", req); + + todo!() + } + + async fn brain_messages( + &self, + req: tonic::Request, + ) -> Result::BrainMessagesStream>, tonic::Status> { + let auth = req.into_inner(); + let pubkey = auth.pubkey.clone(); + check_sig_from_parts( + &pubkey, + &auth.timestamp, + &format!("{:?}", auth.contracts), + &auth.signature, + )?; + + info!("App Daemon {} connected to receive brain messages", pubkey); + + todo!() + } + + async fn daemon_messages( + &self, + req: tonic::Request>, + ) -> Result, tonic::Status> { + let mut req_stream = req.into_inner(); + let pubkey: String; + if let Some(Ok(msg)) = req_stream.next().await { + log::debug!("App daemon_messages received auth message: {:?}", msg); + if let Some(daemon_message_app::Msg::Auth(auth)) = msg.msg { + pubkey = auth.pubkey.clone(); + check_sig_from_parts( + &pubkey, + &auth.timestamp, + &format!("{:?}", &auth.contracts), + &auth.signature, + )?; + } else { + return Err(Status::unauthenticated( + "Could not authenticate the app daemon: could not extract auth signature", + )); + } + } else { + return Err(Status::unauthenticated("Could not authenticate the app daemon")); + } + + todo!() + } +} + +pub struct AppCliServer { + pub db: Arc>, +} + +impl AppCliServer { + pub fn new(db: Arc>) -> Self { + Self { db } + } +} + +#[tonic::async_trait] +impl BrainAppCli for AppCliServer { + type ListAppContractsStream = Pin> + Send>>; + type ListAppNodesStream = Pin> + Send>>; + + async fn deploy_app( + &self, + req: tonic::Request, + ) -> Result, tonic::Status> { + let req = check_sig_from_req(req)?; + info!("deploy_app process starting for {:?}", req); + + todo!() + } + + async fn delete_app( + &self, + req: tonic::Request, + ) -> Result, tonic::Status> { + let req = check_sig_from_req(req)?; + info!("delete_app process starting for {:?}", req); + + todo!() + } + + async fn list_app_contracts( + &self, + req: tonic::Request, + ) -> Result::ListAppContractsStream>, tonic::Status> { + let req = check_sig_from_req(req)?; + info!("list_app_contracts process starting for {:?}", req); + + todo!() + } + + async fn list_app_nodes( + &self, + req: tonic::Request, + ) -> Result::ListAppNodesStream>, tonic::Status> { + let req = check_sig_from_req(req)?; + info!("list_app_nodes process starting for {:?}", req); + + todo!() + } + + async fn get_one_app_node( + &self, + req: tonic::Request, + ) -> Result, tonic::Status> { + let req = check_sig_from_req(req)?; + info!("get_one_app_node process starting for {:?}", req); + + todo!() + } +} diff --git a/src/grpc/mod.rs b/src/grpc/mod.rs index 07bb334..1dec498 100644 --- a/src/grpc/mod.rs +++ b/src/grpc/mod.rs @@ -4,11 +4,12 @@ pub mod types; pub mod vm; use crate::constants::ADMIN_ACCOUNTS; +use detee_shared::app_proto::*; use detee_shared::common_proto::{Empty, Pubkey}; use detee_shared::general_proto::{ AirdropReq, BanUserReq, KickReq, RegOperatorReq, ReportNodeReq, SlashReq, }; -use detee_shared::vm_proto::{ListVmContractsReq, *}; +use detee_shared::vm_proto::*; use tonic::{Request, Status}; pub trait PubkeyGetter { @@ -49,12 +50,12 @@ impl_pubkey_getter!(Empty); impl_pubkey_getter!(AirdropReq); impl_pubkey_getter!(SlashReq); -// impl_pubkey_getter!(NewAppReq, admin_pubkey); -// impl_pubkey_getter!(DelAppReq, admin_pubkey); -// impl_pubkey_getter!(ListAppContractsReq, admin_pubkey); -// -// impl_pubkey_getter!(RegisterAppNodeReq); -// impl_pubkey_getter!(AppNodeFilters); +impl_pubkey_getter!(NewAppReq, admin_pubkey); +impl_pubkey_getter!(DelAppReq, admin_pubkey); +impl_pubkey_getter!(ListAppContractsReq, admin_pubkey); + +impl_pubkey_getter!(RegisterAppNodeReq); +impl_pubkey_getter!(AppNodeFilters); pub fn check_sig_from_req(req: Request) -> Result { let time = match req.metadata().get("timestamp") {