refactor: consolidate auth messages into client and user_agent packages
This commit is contained in:
hdbg
@@ -1,8 +1,9 @@
|
||||
use arbiter_proto::{
|
||||
proto::{
|
||||
UserAgentRequest, UserAgentResponse, arbiter_service_client::ArbiterServiceClient,
|
||||
user_agent::{UserAgentRequest, UserAgentResponse},
|
||||
arbiter_service_client::ArbiterServiceClient,
|
||||
},
|
||||
transport::{IdentityRecvConverter, IdentitySendConverter, RecvConverter, grpc},
|
||||
transport::{IdentityRecvConverter, IdentitySendConverter, grpc},
|
||||
url::ArbiterUrl,
|
||||
};
|
||||
use ed25519_dalek::SigningKey;
|
||||
|
||||
@@ -1,12 +1,8 @@
|
||||
use arbiter_proto::{
|
||||
format_challenge,
|
||||
proto::{
|
||||
proto::user_agent::{
|
||||
AuthChallengeRequest, AuthChallengeSolution, AuthOk,
|
||||
UserAgentRequest, UserAgentResponse,
|
||||
auth::{
|
||||
self, AuthChallengeRequest, AuthOk, ClientMessage as AuthClientMessage,
|
||||
ServerMessage as AuthServerMessage, client_message::Payload as ClientAuthPayload,
|
||||
server_message::Payload as ServerAuthPayload,
|
||||
},
|
||||
user_agent_request::Payload as UserAgentRequestPayload,
|
||||
user_agent_response::Payload as UserAgentResponsePayload,
|
||||
},
|
||||
@@ -81,14 +77,6 @@ where
|
||||
Ok(())
|
||||
}
|
||||
|
||||
fn auth_request(payload: ClientAuthPayload) -> UserAgentRequest {
|
||||
UserAgentRequest {
|
||||
payload: Some(UserAgentRequestPayload::AuthMessage(AuthClientMessage {
|
||||
payload: Some(payload),
|
||||
})),
|
||||
}
|
||||
}
|
||||
|
||||
async fn send_auth_challenge_request(&mut self) -> Result<(), InboundError> {
|
||||
let req = AuthChallengeRequest {
|
||||
pubkey: self.key.verifying_key().to_bytes().to_vec(),
|
||||
@@ -98,9 +86,9 @@ where
|
||||
self.transition(UserAgentEvents::SentAuthChallengeRequest)?;
|
||||
|
||||
self.transport
|
||||
.send(Self::auth_request(ClientAuthPayload::AuthChallengeRequest(
|
||||
req,
|
||||
)))
|
||||
.send(UserAgentRequest {
|
||||
payload: Some(UserAgentRequestPayload::AuthChallengeRequest(req)),
|
||||
})
|
||||
.await
|
||||
.map_err(|_| InboundError::TransportSendFailed)?;
|
||||
|
||||
@@ -110,20 +98,20 @@ where
|
||||
|
||||
async fn handle_auth_challenge(
|
||||
&mut self,
|
||||
challenge: auth::AuthChallenge,
|
||||
challenge: arbiter_proto::proto::user_agent::AuthChallenge,
|
||||
) -> Result<(), InboundError> {
|
||||
self.transition(UserAgentEvents::ReceivedAuthChallenge)?;
|
||||
|
||||
let formatted = format_challenge(&challenge);
|
||||
let formatted = format_challenge(challenge.nonce, &challenge.pubkey);
|
||||
let signature = self.key.sign(&formatted);
|
||||
let solution = auth::AuthChallengeSolution {
|
||||
let solution = AuthChallengeSolution {
|
||||
signature: signature.to_bytes().to_vec(),
|
||||
};
|
||||
|
||||
self.transport
|
||||
.send(Self::auth_request(
|
||||
ClientAuthPayload::AuthChallengeSolution(solution),
|
||||
))
|
||||
.send(UserAgentRequest {
|
||||
payload: Some(UserAgentRequestPayload::AuthChallengeSolution(solution)),
|
||||
})
|
||||
.await
|
||||
.map_err(|_| InboundError::TransportSendFailed)?;
|
||||
|
||||
@@ -141,17 +129,15 @@ where
|
||||
&mut self,
|
||||
inbound: UserAgentResponse
|
||||
) -> Result<(), InboundError> {
|
||||
let payload = inbound
|
||||
let payload = inbound
|
||||
.payload
|
||||
.ok_or(InboundError::MissingResponsePayload)?;
|
||||
|
||||
match payload {
|
||||
UserAgentResponsePayload::AuthMessage(AuthServerMessage {
|
||||
payload: Some(ServerAuthPayload::AuthChallenge(challenge)),
|
||||
}) => self.handle_auth_challenge(challenge).await,
|
||||
UserAgentResponsePayload::AuthMessage(AuthServerMessage {
|
||||
payload: Some(ServerAuthPayload::AuthOk(ok)),
|
||||
}) => self.handle_auth_ok(ok),
|
||||
UserAgentResponsePayload::AuthChallenge(challenge) => {
|
||||
self.handle_auth_challenge(challenge).await
|
||||
}
|
||||
UserAgentResponsePayload::AuthOk(ok) => self.handle_auth_ok(ok),
|
||||
_ => Err(InboundError::UnexpectedResponsePayload),
|
||||
}
|
||||
}
|
||||
@@ -206,4 +192,4 @@ where
|
||||
}
|
||||
|
||||
mod grpc;
|
||||
pub use grpc::{connect_grpc, ConnectError};
|
||||
pub use grpc::{connect_grpc, ConnectError};
|
||||
|
||||
@@ -1,18 +1,14 @@
|
||||
use arbiter_proto::{
|
||||
format_challenge,
|
||||
proto::{
|
||||
proto::user_agent::{
|
||||
AuthChallenge, AuthOk,
|
||||
UserAgentRequest, UserAgentResponse,
|
||||
auth::{
|
||||
AuthChallenge, AuthOk, ClientMessage as AuthClientMessage,
|
||||
ServerMessage as AuthServerMessage, client_message::Payload as ClientAuthPayload,
|
||||
server_message::Payload as ServerAuthPayload,
|
||||
},
|
||||
user_agent_request::Payload as UserAgentRequestPayload,
|
||||
user_agent_response::Payload as UserAgentResponsePayload,
|
||||
},
|
||||
transport::Bi,
|
||||
};
|
||||
use arbiter_useragent::{InboundError, UserAgentActor};
|
||||
use arbiter_useragent::UserAgentActor;
|
||||
use ed25519_dalek::SigningKey;
|
||||
use kameo::actor::Spawn;
|
||||
use tokio::sync::mpsc;
|
||||
@@ -57,14 +53,6 @@ fn test_key() -> SigningKey {
|
||||
SigningKey::from_bytes(&[7u8; 32])
|
||||
}
|
||||
|
||||
fn auth_response(payload: ServerAuthPayload) -> UserAgentResponse {
|
||||
UserAgentResponse {
|
||||
payload: Some(UserAgentResponsePayload::AuthMessage(AuthServerMessage {
|
||||
payload: Some(payload),
|
||||
})),
|
||||
}
|
||||
}
|
||||
|
||||
#[tokio::test]
|
||||
async fn sends_auth_request_on_start_with_bootstrap_token() {
|
||||
let key = test_key();
|
||||
@@ -80,9 +68,7 @@ async fn sends_auth_request_on_start_with_bootstrap_token() {
|
||||
.expect("channel closed before auth request");
|
||||
|
||||
let UserAgentRequest {
|
||||
payload: Some(UserAgentRequestPayload::AuthMessage(AuthClientMessage {
|
||||
payload: Some(ClientAuthPayload::AuthChallengeRequest(req)),
|
||||
})),
|
||||
payload: Some(UserAgentRequestPayload::AuthChallengeRequest(req)),
|
||||
} = outbound
|
||||
else {
|
||||
panic!("expected auth challenge request");
|
||||
@@ -113,7 +99,9 @@ async fn challenge_flow_sends_solution_from_transport_inbound() {
|
||||
nonce: 42,
|
||||
};
|
||||
inbound_tx
|
||||
.send(auth_response(ServerAuthPayload::AuthChallenge(challenge.clone())))
|
||||
.send(UserAgentResponse {
|
||||
payload: Some(UserAgentResponsePayload::AuthChallenge(challenge.clone())),
|
||||
})
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
@@ -123,15 +111,13 @@ async fn challenge_flow_sends_solution_from_transport_inbound() {
|
||||
.expect("missing challenge solution");
|
||||
|
||||
let UserAgentRequest {
|
||||
payload: Some(UserAgentRequestPayload::AuthMessage(AuthClientMessage {
|
||||
payload: Some(ClientAuthPayload::AuthChallengeSolution(solution)),
|
||||
})),
|
||||
payload: Some(UserAgentRequestPayload::AuthChallengeSolution(solution)),
|
||||
} = outbound
|
||||
else {
|
||||
panic!("expected auth challenge solution");
|
||||
};
|
||||
|
||||
let formatted = format_challenge(&challenge);
|
||||
let formatted = format_challenge(challenge.nonce, &challenge.pubkey);
|
||||
let sig: ed25519_dalek::Signature = solution
|
||||
.signature
|
||||
.as_slice()
|
||||
@@ -142,7 +128,9 @@ async fn challenge_flow_sends_solution_from_transport_inbound() {
|
||||
.expect("solution signature should verify");
|
||||
|
||||
inbound_tx
|
||||
.send(auth_response(ServerAuthPayload::AuthOk(AuthOk {})))
|
||||
.send(UserAgentResponse {
|
||||
payload: Some(UserAgentResponsePayload::AuthOk(AuthOk {})),
|
||||
})
|
||||
.await
|
||||
.unwrap();
|
||||
|
||||
|
||||
Reference in New Issue
Block a user