feat(auth): implement bootstrap token auth handling

2026-02-13 13:41:01 +01:00
parent 208bbbd540
commit 832d884457
4 changed files with 102 additions and 66 deletions
--- a/server/crates/arbiter-server/src/lib.rs
+++ b/server/crates/arbiter-server/src/lib.rs
@@ -1,9 +1,18 @@
 #![allow(unused)]

+use std::sync::Arc;
+
 use tracing::error;

 use arbiter_proto::{
-    proto::{ClientRequest, ClientResponse, UserAgentRequest, UserAgentResponse},
+    proto::{
+        ClientRequest, ClientResponse, UserAgentRequest, UserAgentResponse,
+        auth::{
+            self, AuthChallengeRequest, ClientMessage, client_message::Payload as ClientAuthPayload,
+        },
+        user_agent_request::Payload as UserAgentRequestPayload,
+        user_agent_request::*,
+    },
    transport::BiStream,
 };
 use async_trait::async_trait;
@@ -61,15 +70,53 @@ impl arbiter_proto::proto::arbiter_service_server::ArbiterService for Server {
        let mut req_stream = request.into_inner();
        let (tx, rx) = mpsc::channel(DEFAULT_CHANNEL_SIZE);

-        let actor = UserAgentActor::spawn(UserAgentActor::new(self.context.clone(), tx));
+        let actor = UserAgentActor::spawn(UserAgentActor::new(self.context.clone(), tx.clone()));

        tokio::task::spawn(async move {
-           while let Some(Ok(req)) = req_stream.next().await && actor.is_alive() {
-               if actor.tell(user_agent::Grpc {msg: req}).await.is_err() {
-                   error!("Failed to send message to UserAgentActor");
-                   break;
-               }
-           }
+            while let Some(Ok(req)) = req_stream.next().await
+                && actor.is_alive()
+            {
+                let Some(msg) = req.payload else {
+                    error!(actor = "useragent", "Received message with no payload");
+                    actor.kill();
+                    tx.send(Err(Status::invalid_argument(
+                        "Expected message with payload",
+                    )))
+                    .await;
+                    return;
+                };
+
+                let UserAgentRequestPayload::AuthMessage(ClientMessage {
+                    payload: Some(client_message),
+                }) = msg
+                else {
+                    error!(
+                        actor = "useragent",
+                        "Received unexpected message type during authentication"
+                    );
+                    actor.kill();
+                    tx.send(Err(Status::invalid_argument(
+                        "Expected AuthMessage with ClientMessage payload",
+                    )))
+                    .await;
+                    return;
+                };
+
+                match client_message {
+                    ClientAuthPayload::AuthChallengeRequest(req) => {}
+                    ClientAuthPayload::AuthChallengeSolution(_auth_challenge_solution) => todo!(),
+                    _ => {
+                        error!(actor = "useragent", "Received unexpected message type");
+                        actor.kill();
+                        tx.send(Err(Status::invalid_argument(
+                            "Expected AuthMessage with ClientMessage payload",
+                        )))
+                        .await;
+                        return;
+                    }
+                }
+                todo!()
+            }
        });

        Ok(Response::new(ReceiverStream::new(rx)))