-
Notifications
You must be signed in to change notification settings - Fork 59
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for Quick Connect device to the core #3388
Conversation
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #3388 +/- ##
==========================================
+ Coverage 41.31% 41.37% +0.05%
==========================================
Files 608 610 +2
Lines 22825 22942 +117
Branches 5515 5544 +29
==========================================
+ Hits 9431 9493 +62
- Misses 13394 13449 +55
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
Converted to draft while requested redesign is carried out |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
One rewording suggested in the dialog.
As for tests, I would like to see a test that verifies an invalid token is rejected when used with POST /api/v1/devices
.
Otherwise, looks good.
frontend/src/pages/team/Devices/dialogs/DeviceCredentialsDialog.vue
Outdated
Show resolved
Hide resolved
Added tests in add tests for bad otc behaviour 0027116:
|
…g.vue Co-authored-by: Nick O'Leary <nick.oleary@gmail.com>
…se/flowfuse into 3256-quick-connect-device
@knolleary addressed comments but before you merge, please consider comment here: FlowFuse/device-agent#226 (comment) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
As mentioned in my previous review, there were other instances of -u
that needed fixing - have proposed those changes in this review and will apply them.
Description
Adds support for Quick Connect feature whereby a device-agent (V2.1+) can be executed with a simple 3 word phrase (OTC aka One-Time-Code)
Following discussion, an additional API was not implemented but instead, built upon the POST route that Device Provisioning takes (
POST
api/v1/devices/
). The validation schema was updated to permit only one ofname
+type
(creating a device) ORsetup
(as in spending the OTC and setting up a device).The OTC is stored in the AccessTokens (base64 format) and is intended to be used by the Device-Agent as an authorization header (bearer token) that, through existing logic, retrieves (or expires) the OTC token, validates it, sets up the
route
session
(with device ID and a flagsetup
) and immediately destroys the OTC tokenDetails
The OTC is stored as a token in the
AccessTokens
table. It has a scope ofdevice:otc
and there can only ever be one per device. Regenerating credentials also refreshes the OTC (this was not extra work but a happy accident that I am leaving in because it improves the overall UX since anyone re-generating device credentials will be offered a new OTC setup command - win win)Tests:
All new except
regenerates a devices credentials
which was updatedRelated Issue(s)
Checklist
flowforge.yml
?FlowFuse/helm
to update ConfigMap TemplateFlowFuse/CloudProject
to update values for Staging/ProductionLabels
backport
labelarea:migration
label