From c5eea51f0a02033eeaf2eaf0276d3205fded11a8 Mon Sep 17 00:00:00 2001 From: scx1332 Date: Thu, 26 Sep 2024 12:13:16 +0200 Subject: [PATCH 1/2] Improve default identity generation by adding environment variable to set it on start, but only on start --- core/identity/src/autoconf.rs | 12 +++--- core/identity/src/service/appkey.rs | 2 +- core/identity/src/service/identity.rs | 56 +++++++++++++++++++-------- 3 files changed, 45 insertions(+), 25 deletions(-) diff --git a/core/identity/src/autoconf.rs b/core/identity/src/autoconf.rs index 77d62b0b3b..0cb28eadad 100644 --- a/core/identity/src/autoconf.rs +++ b/core/identity/src/autoconf.rs @@ -8,23 +8,21 @@ use ya_core_model::NodeId; use crate::id_key::IdentityKey; use anyhow::Context; -// autoconfiguration -const ENV_AUTOCONF_PK: &str = "YAGNA_AUTOCONF_ID_SECRET"; const ENV_AUTOCONF_APP_KEY: &str = "YAGNA_AUTOCONF_APPKEY"; -pub fn preconfigured_identity(password: Protected) -> anyhow::Result> { - let secret_hex: Vec = match env::var(ENV_AUTOCONF_PK) { +pub fn identity_from_env(password: Protected, env_name: &str) -> anyhow::Result> { + let secret_hex: Vec = match env::var(env_name) { Ok(v) => v .from_hex() - .with_context(|| format!("Failed to parse identity from {}", ENV_AUTOCONF_PK))?, + .with_context(|| format!("Failed to parse identity from {}", env_name))?, Err(_) => return Ok(None), }; let secret = SecretKey::from_raw(&secret_hex)?; Ok(Some(IdentityKey::from_secret(None, secret, password))) } -pub fn preconfigured_node_id() -> anyhow::Result> { - let secret_hex: Vec = match env::var(ENV_AUTOCONF_PK) { +pub fn preconfigured_node_id(env_name: &str) -> anyhow::Result> { + let secret_hex: Vec = match env::var(env_name) { Ok(v) => v.from_hex()?, Err(_) => return Ok(None), }; diff --git a/core/identity/src/service/appkey.rs b/core/identity/src/service/appkey.rs index 8d98440054..966200342b 100644 --- a/core/identity/src/service/appkey.rs +++ b/core/identity/src/service/appkey.rs @@ -94,7 +94,7 @@ pub async fn activate(db: &DbExecutor, gsb: Arc) -> anyhow::Resul let create_tx = tx.clone(); let preconfigured_appkey = crate::autoconf::preconfigured_appkey(); - let preconfigured_node_id = crate::autoconf::preconfigured_node_id()?; + let preconfigured_node_id = crate::autoconf::preconfigured_node_id("YAGNA_AUTOCONF_ID_SECRET")?; let start_datetime = Utc::now().naive_utc(); { diff --git a/core/identity/src/service/identity.rs b/core/identity/src/service/identity.rs index 4b1d940913..7f79522761 100644 --- a/core/identity/src/service/identity.rs +++ b/core/identity/src/service/identity.rs @@ -4,12 +4,12 @@ use std::convert::{TryFrom, TryInto}; use std::rc::Rc; use std::sync::Arc; -use anyhow::bail; +use anyhow::{bail}; use chrono::Utc; use ethsign::{KeyFile, Protected, PublicKey}; use futures::lock::Mutex; use futures::prelude::*; - +use structopt::lazy_static::lazy_static; use ya_client_model::NodeId; use ya_core_model::bus::GsbBindPoints; use ya_service_bus::{typed as bus, RpcEndpoint, RpcMessage}; @@ -17,11 +17,14 @@ use ya_service_bus::{typed as bus, RpcEndpoint, RpcMessage}; use ya_core_model::identity as model; use ya_core_model::identity::event::IdentityEvent; use ya_persistence::executor::DbExecutor; - use crate::dao::identity::Identity; -use crate::dao::{Error as DaoError, IdentityDao}; +use crate::dao::{Error as DaoError, Error, IdentityDao}; use crate::id_key::{default_password, generate_identity_key, IdentityKey}; +lazy_static! ( + static ref DEFAULT_IDENTITY_INIT_PRIVATE_KEY: Arc>> = Arc::new(Mutex::new(None)); +); + #[derive(Default)] struct Subscription { subscriptions: Vec, @@ -93,7 +96,7 @@ impl IdentityService { } let default_key = - if let Some(key) = crate::autoconf::preconfigured_identity(default_password())? { + if let Some(key) = crate::autoconf::identity_from_env(default_password(), "YAGNA_AUTOCONF_ID_SECRET")? { db.as_dao::() .init_preconfigured(Identity { identity_id: key.id(), @@ -109,18 +112,37 @@ impl IdentityService { } else { db.as_dao::() .init_default_key(|| { - log::info!("generating new default identity"); - let key: IdentityKey = generate_identity_key(None, "".into(), None); - - Ok(Identity { - identity_id: key.id(), - key_file_json: key.to_key_file().map_err(DaoError::internal)?, - is_default: true, - is_deleted: false, - alias: None, - note: None, - created_date: Utc::now().naive_utc(), - }) + match crate::autoconf::identity_from_env(default_password(), "YAGNA_DEFAULT_SECRET_KEY") { + Ok(Some(key)) => { + log::info!("Using default identity from given private key YAGNA_DEFAULT_SECRET_KEY, id: {}", key.id()); + Ok(Identity { + identity_id: key.id(), + key_file_json: key.to_key_file().map_err(DaoError::internal)?, + is_default: true, + is_deleted: false, + alias: None, + note: None, + created_date: Utc::now().naive_utc(), + }) + } + Ok(None) => { + let key: IdentityKey = generate_identity_key(None, "".into(), None); + log::info!("Generated new default identity: {}", key.id()); + + Ok(Identity { + identity_id: key.id(), + key_file_json: key.to_key_file().map_err(DaoError::internal)?, + is_default: true, + is_deleted: false, + alias: None, + note: None, + created_date: Utc::now().naive_utc(), + }) + }, + Err(err) => { + Err(Error::internal(format!("Failed to get default secret key from env: {:?}", err))) + } + } }) .await? .identity_id From 312b980f7e938194869ec0bd1fb28188bea80610 Mon Sep 17 00:00:00 2001 From: scx1332 Date: Thu, 26 Sep 2024 12:17:41 +0200 Subject: [PATCH 2/2] fmt --- core/identity/src/autoconf.rs | 5 ++- core/identity/src/service/identity.rs | 50 ++++++++++++++------------- 2 files changed, 30 insertions(+), 25 deletions(-) diff --git a/core/identity/src/autoconf.rs b/core/identity/src/autoconf.rs index 0cb28eadad..51808fb2c0 100644 --- a/core/identity/src/autoconf.rs +++ b/core/identity/src/autoconf.rs @@ -10,7 +10,10 @@ use anyhow::Context; const ENV_AUTOCONF_APP_KEY: &str = "YAGNA_AUTOCONF_APPKEY"; -pub fn identity_from_env(password: Protected, env_name: &str) -> anyhow::Result> { +pub fn identity_from_env( + password: Protected, + env_name: &str, +) -> anyhow::Result> { let secret_hex: Vec = match env::var(env_name) { Ok(v) => v .from_hex() diff --git a/core/identity/src/service/identity.rs b/core/identity/src/service/identity.rs index 7f79522761..af33479fbf 100644 --- a/core/identity/src/service/identity.rs +++ b/core/identity/src/service/identity.rs @@ -4,7 +4,7 @@ use std::convert::{TryFrom, TryInto}; use std::rc::Rc; use std::sync::Arc; -use anyhow::{bail}; +use anyhow::bail; use chrono::Utc; use ethsign::{KeyFile, Protected, PublicKey}; use futures::lock::Mutex; @@ -14,16 +14,17 @@ use ya_client_model::NodeId; use ya_core_model::bus::GsbBindPoints; use ya_service_bus::{typed as bus, RpcEndpoint, RpcMessage}; -use ya_core_model::identity as model; -use ya_core_model::identity::event::IdentityEvent; -use ya_persistence::executor::DbExecutor; use crate::dao::identity::Identity; use crate::dao::{Error as DaoError, Error, IdentityDao}; use crate::id_key::{default_password, generate_identity_key, IdentityKey}; +use ya_core_model::identity as model; +use ya_core_model::identity::event::IdentityEvent; +use ya_persistence::executor::DbExecutor; -lazy_static! ( - static ref DEFAULT_IDENTITY_INIT_PRIVATE_KEY: Arc>> = Arc::new(Mutex::new(None)); -); +lazy_static! { + static ref DEFAULT_IDENTITY_INIT_PRIVATE_KEY: Arc>> = + Arc::new(Mutex::new(None)); +}; #[derive(Default)] struct Subscription { @@ -95,22 +96,23 @@ impl IdentityService { }); } - let default_key = - if let Some(key) = crate::autoconf::identity_from_env(default_password(), "YAGNA_AUTOCONF_ID_SECRET")? { - db.as_dao::() - .init_preconfigured(Identity { - identity_id: key.id(), - key_file_json: key.to_key_file()?, - is_default: true, - is_deleted: false, - alias: None, - note: None, - created_date: Utc::now().naive_utc(), - }) - .await? - .identity_id - } else { - db.as_dao::() + let default_key = if let Some(key) = + crate::autoconf::identity_from_env(default_password(), "YAGNA_AUTOCONF_ID_SECRET")? + { + db.as_dao::() + .init_preconfigured(Identity { + identity_id: key.id(), + key_file_json: key.to_key_file()?, + is_default: true, + is_deleted: false, + alias: None, + note: None, + created_date: Utc::now().naive_utc(), + }) + .await? + .identity_id + } else { + db.as_dao::() .init_default_key(|| { match crate::autoconf::identity_from_env(default_password(), "YAGNA_DEFAULT_SECRET_KEY") { Ok(Some(key)) => { @@ -146,7 +148,7 @@ impl IdentityService { }) .await? .identity_id - }; + }; log::info!("using default identity: {:?}", default_key);