authendication with brain

2025-02-11 11:37:40 +00:00 · 2025-02-11 11:37:40 +00:00 · ede3edccfe
commit ede3edccfe
parent 4cc15184f0
3 changed files with 31 additions and 17 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -410,7 +410,7 @@ dependencies = [
 [[package]]
 name = "detee-shared"
 version = "0.1.0"
-source = "git+ssh://git@gitea.detee.cloud/noormohammedb/detee-shared?branch=stable_01#606c0ad395e2bad10b93f619a8c9d150ab806108"
+source = "git+ssh://git@gitea.detee.cloud/noormohammedb/detee-shared?branch=stable_01#f2bc29149e32df09508519f3f88cdf880728e6dd"
 dependencies = [
 "base64",
 "prost",
--- a/src/global.rs
+++ b/src/global.rs
@ -5,9 +5,6 @@ use std::fs::File;
 use std::io::Write;
 use std::sync::LazyLock;

-pub const NODE_PUBKEY: &str = "0xd0837609aedd53854651210327db90f5c2626188a00e940bbc9eea2c7e6838b7";
-pub const ADMIN_PUBKEY: &str = "0x28a3a71197250b0fa4dd0f86288e07ec9cc78ce3338e21e2ebef84dd7780e3eb";
-
 pub const PACKAGE_ARCHIVE_POSTFIX: &str = "-enclave_packager.tar.gz";
 pub const PACKAGE_ARCHIVE_DIR_PATH: &str = "./enclave_archives";
 pub const PACKAGE_DIR_PATH: &str = "./enclaves";
@ -21,7 +18,7 @@ pub static IP_INFO: LazyLock<IPInfo> = LazyLock::new(|| get_ip_info().unwrap());
 pub static USED_RESOURCES_PATH: LazyLock<String> = LazyLock::new(|| {
    let home = home::home_dir().unwrap().to_string_lossy().into_owned();
    std::env::var(DETEE_DIR_ENV_NAME)
-        .unwrap_or(format!("{home}/.detee/app_daemon/USED_RESOURCES_PATH.yaml"))
+        .unwrap_or(format!("{home}/.detee/app_daemon/used_resources.yaml"))
 });

 pub static DAEMON_CONFIG_PATH: LazyLock<String> = LazyLock::new(|| {
--- a/src/grpc.rs
+++ b/src/grpc.rs
@ -1,7 +1,7 @@
 use anyhow::Result;
 use detee_shared::pb::brain::brain_app_daemon_client::BrainAppDaemonClient;
 use detee_shared::pb::brain::{
-    AppContract, BrainMessageApp, DaemonMessageApp, Pubkey, RegisterAppNodeReq,
+    AppContract, BrainMessageApp, DaemonAuth, DaemonMessageApp, RegisterAppNodeReq,
 };
 use tokio::sync::mpsc::Receiver;
 use tokio::sync::mpsc::Sender;
@ -14,7 +14,6 @@ use tonic::Request;

 use crate::global::IP_INFO;
 use crate::global::PUBLIC_KEY;
-use crate::global::{ADMIN_PUBKEY, NODE_PUBKEY};

 pub struct ConnectionData {
    pub brain_url: String,
@ -30,8 +29,8 @@ pub async fn register_node(config: &crate::HostConfig) -> Result<Vec<AppContract
    log::debug!("registering node with brain");

    let req = RegisterAppNodeReq {
-        node_pubkey: NODE_PUBKEY.to_string(),
-        owner_pubkey: ADMIN_PUBKEY.to_string(),
+        node_pubkey: PUBLIC_KEY.to_string(),
+        owner_pubkey: config.owner_wallet.clone(),
        main_ip: IP_INFO.ip.clone(),
        city: IP_INFO.city.clone(),
        region: IP_INFO.region.clone(),
@ -82,6 +81,7 @@ pub async fn connect_and_run(conn_data: ConnectionData) -> Result<()> {
    ));
    streaming_tasks.spawn(send_messages(
        client.clone(),
+        conn_data.app_contracts_uuid.clone(),
        conn_data.daemon_msg_rx,
        conn_data.daemon_msg_tx,
    ));
@ -91,15 +91,29 @@ pub async fn connect_and_run(conn_data: ConnectionData) -> Result<()> {
    Ok(())
 }

+fn sign_stream_auth(contracts: Vec<String>) -> Result<DaemonAuth> {
+    let pubkey = PUBLIC_KEY.clone();
+    let timestamp = chrono::Utc::now().to_rfc3339();
+    let signature =
+        crate::global::sign_message(&(timestamp.to_string() + &format!("{contracts:?}")))?;
+    Ok(DaemonAuth {
+        timestamp,
+        pubkey,
+        contracts,
+        signature,
+    })
+}
+
 pub async fn receive_messages(
    mut client: BrainAppDaemonClient<Channel>,
-    _contracts: Vec<String>,
+    contracts: Vec<String>,
    tx: Sender<BrainMessageApp>,
 ) -> Result<()> {
-    let pubkey = NODE_PUBKEY.to_string();
-
    log::debug!("starting to listen for messages from brain");
-    let mut grpc_stream = client.brain_messages(Pubkey { pubkey }).await?.into_inner();
+    let mut grpc_stream = client
+        .brain_messages(sign_stream_auth(contracts)?)
+        .await?
+        .into_inner();

    while let Some(stream_update) = grpc_stream.next().await {
        match stream_update {
@ -118,14 +132,17 @@ pub async fn receive_messages(

 pub async fn send_messages(
    mut client: BrainAppDaemonClient<Channel>,
+    contracts: Vec<String>,
    rx: Receiver<DaemonMessageApp>,
    tx: Sender<DaemonMessageApp>,
 ) -> Result<()> {
-    let pubkey = NODE_PUBKEY.to_string();
-
    let rx_stream = ReceiverStream::new(rx);
-
-    tx.send(pubkey.into()).await?;
+    tx.send(DaemonMessageApp {
+        msg: Some(detee_shared::pb::brain::daemon_message_app::Msg::Auth(
+            sign_stream_auth(contracts)?,
+        )),
+    })
+    .await?;
    client.daemon_messages(rx_stream).await?;
    log::debug!("daemon_messages is about to exit");
    Ok(())