Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

many: delay classic registration until first store interaction #4873

Closed
wants to merge 7 commits into from
Closed

many: delay classic registration until first store interaction #4873

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
1f71292
support delaying registration on classic until first store interaction
pedronis Mar 16, 2018
5f646e7
make store code trigger eagerly registration and and best-effor wait …
pedronis Mar 19, 2018
b9adbe9
fixes
pedronis Mar 19, 2018
2051fc2
simplify somewhat, host most of the logic on DeviceManager itself
pedronis Mar 28, 2018
7a3126c
make much more explicit and have tools to control when to care about …
pedronis Apr 6, 2018
5183dfe
exercize control over whether to proceed to talk to the store in snap…
pedronis Apr 6, 2018
c66d35c
make sure we consider the 2nd initialization phase timely
pedronis Apr 7, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
23 changes: 23 additions & 0 deletions overlord/auth/auth.go
View file
Open in desktop
Expand Up @@ -28,8 +28,10 @@ import (
"os"
"sort"
"strconv"
"time"

"golang.org/x/net/context"

"gopkg.in/macaroon.v1"

"github.com/snapcore/snapd/asserts"
Expand Down Expand Up @@ -372,6 +374,11 @@ type DeviceAssertions interface {
// Serial returns the device serial assertion.
Serial() (*asserts.Serial, error)

// EnsureSerial does a best-effort of triggering and waiting
// up to timeout for registration to occur and returns the
// serial if now available, or ErrNoState otherwise.
EnsureSerial(context.Context, time.Duration) (*asserts.Serial, error)

// DeviceSessionRequestParams produces a device-session-request with the given nonce, together with other required parameters, the device serial and model assertions.
DeviceSessionRequestParams(nonce string) (*DeviceSessionRequestParams, error)
// ProxyStore returns the store assertion for the proxy store if one is set.
Expand Down Expand Up @@ -403,6 +410,8 @@ type AuthContext interface {

StoreID(fallback string) (string, error)

EnsureSerial(ctx context.Context, timeout time.Duration) (*asserts.Serial, error)

DeviceSessionRequestParams(nonce string) (*DeviceSessionRequestParams, error)
ProxyStoreParams(defaultURL *url.URL) (proxyStoreID string, proxySroreURL *url.URL, err error)

Expand Down Expand Up @@ -498,6 +507,20 @@ func (ac *authContext) StoreID(fallback string) (string, error) {
return fallback, nil
}

// EnsureSerial does a best-effort of triggering and waiting
// up to timeout for registration to occur and returns the
// serial if now available, or ErrNoSerial otherwise.
func (ac *authContext) EnsureSerial(ctx context.Context, timeout time.Duration) (*asserts.Serial, error) {
if ac.deviceAsserts == nil {
return nil, ErrNoSerial
}
serial, err := ac.deviceAsserts.EnsureSerial(ctx, timeout)
if err == state.ErrNoState {
return nil, ErrNoSerial
}
return serial, err
}

// DeviceSessionRequestParams produces a device-session-request with the given nonce, together with other required parameters, the device serial and model assertions. It returns ErrNoSerial if the device serial is not yet initialized.
func (ac *authContext) DeviceSessionRequestParams(nonce string) (*DeviceSessionRequestParams, error) {
if ac.deviceAsserts == nil {
Expand Down
25 changes: 23 additions & 2 deletions overlord/auth/auth_test.go
View file
Open in desktop
@@ -1,7 +1,7 @@
// -*- Mode: Go; indent-tabs-mode: t -*-

/*
* Copyright (C) 2016 Canonical Ltd
* Copyright (C) 2016-2018 Canonical Ltd
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 3 as
Expand Down Expand Up @@ -552,6 +552,13 @@ func (as *authSuite) TestAuthContextDeviceSessionRequestParamsNilDeviceAssertion
c.Check(err, Equals, auth.ErrNoSerial)
}

func (as *authSuite) TestAuthContextEnsureSerialNilDeviceAssertions(c *C) {
authContext := auth.NewAuthContext(as.state, nil)

_, err := authContext.EnsureSerial(context.TODO(), 5*time.Second)
c.Check(err, Equals, auth.ErrNoSerial)
}

func (as *authSuite) TestAuthContextCloudInfo(c *C) {
authContext := auth.NewAuthContext(as.state, nil)

Expand Down Expand Up @@ -661,6 +668,13 @@ func (da *testDeviceAssertions) Serial() (*asserts.Serial, error) {
return a.(*asserts.Serial), nil
}

func (da *testDeviceAssertions) EnsureSerial(ctx context.Context, timeout time.Duration) (*asserts.Serial, error) {
if ctx == nil {
panic("context required")
}
return da.Serial()
}

func (da *testDeviceAssertions) DeviceSessionRequestParams(nonce string) (*auth.DeviceSessionRequestParams, error) {
if da.nothing {
return nil, state.ErrNoState
Expand Down Expand Up @@ -704,7 +718,10 @@ func (as *authSuite) TestAuthContextMissingDeviceAssertions(c *C) {
// no assertions in state
authContext := auth.NewAuthContext(as.state, &testDeviceAssertions{nothing: true})

_, err := authContext.DeviceSessionRequestParams("NONCE")
_, err := authContext.EnsureSerial(context.TODO(), 0)
c.Check(err, Equals, auth.ErrNoSerial)

_, err = authContext.DeviceSessionRequestParams("NONCE")
c.Check(err, Equals, auth.ErrNoSerial)

storeID, err := authContext.StoreID("fallback")
Expand All @@ -721,6 +738,10 @@ func (as *authSuite) TestAuthContextWithDeviceAssertions(c *C) {
// having assertions in state
authContext := auth.NewAuthContext(as.state, &testDeviceAssertions{})

serialAssert, err := authContext.EnsureSerial(context.TODO(), 0)
c.Check(err, IsNil)
c.Check(serialAssert.Serial(), Equals, "9999")

params, err := authContext.DeviceSessionRequestParams("NONCE-1")
c.Assert(err, IsNil)

Expand Down