Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Improve default identity generation #3331

Closed
wants to merge 2 commits into from
Closed

Improve default identity generation #3331

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
c5eea51
Improve default identity generation by adding environment variable to…
scx1332 Sep 26, 2024
312b980
fmt
scx1332 Sep 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 8 additions & 7 deletions core/identity/src/autoconf.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,23 +8,24 @@ use ya_core_model::NodeId;
use crate::id_key::IdentityKey;
use anyhow::Context;

// autoconfiguration
const ENV_AUTOCONF_PK: &str = "YAGNA_AUTOCONF_ID_SECRET";
const ENV_AUTOCONF_APP_KEY: &str = "YAGNA_AUTOCONF_APPKEY";

pub fn preconfigured_identity(password: Protected) -> anyhow::Result<Option<IdentityKey>> {
let secret_hex: Vec<u8> = match env::var(ENV_AUTOCONF_PK) {
pub fn identity_from_env(
password: Protected,
env_name: &str,
) -> anyhow::Result<Option<IdentityKey>> {
let secret_hex: Vec<u8> = match env::var(env_name) {
Ok(v) => v
.from_hex()
.with_context(|| format!("Failed to parse identity from {}", ENV_AUTOCONF_PK))?,
.with_context(|| format!("Failed to parse identity from {}", env_name))?,
Err(_) => return Ok(None),
};
let secret = SecretKey::from_raw(&secret_hex)?;
Ok(Some(IdentityKey::from_secret(None, secret, password)))
}

pub fn preconfigured_node_id() -> anyhow::Result<Option<NodeId>> {
let secret_hex: Vec<u8> = match env::var(ENV_AUTOCONF_PK) {
pub fn preconfigured_node_id(env_name: &str) -> anyhow::Result<Option<NodeId>> {
let secret_hex: Vec<u8> = match env::var(env_name) {
Ok(v) => v.from_hex()?,
Err(_) => return Ok(None),
};
Expand Down
2 changes: 1 addition & 1 deletion core/identity/src/service/appkey.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,7 +94,7 @@ pub async fn activate(db: &DbExecutor, gsb: Arc<GsbBindPoints>) -> anyhow::Resul

let create_tx = tx.clone();
let preconfigured_appkey = crate::autoconf::preconfigured_appkey();
let preconfigured_node_id = crate::autoconf::preconfigured_node_id()?;
let preconfigured_node_id = crate::autoconf::preconfigured_node_id("YAGNA_AUTOCONF_ID_SECRET")?;
let start_datetime = Utc::now().naive_utc();

{
Expand Down
90 changes: 57 additions & 33 deletions core/identity/src/service/identity.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,18 +9,22 @@
use ethsign::{KeyFile, Protected, PublicKey};
use futures::lock::Mutex;
use futures::prelude::*;

use structopt::lazy_static::lazy_static;
use ya_client_model::NodeId;
use ya_core_model::bus::GsbBindPoints;
use ya_service_bus::{typed as bus, RpcEndpoint, RpcMessage};

use crate::dao::identity::Identity;
use crate::dao::{Error as DaoError, Error, IdentityDao};
use crate::id_key::{default_password, generate_identity_key, IdentityKey};
use ya_core_model::identity as model;
use ya_core_model::identity::event::IdentityEvent;
use ya_persistence::executor::DbExecutor;

use crate::dao::identity::Identity;
use crate::dao::{Error as DaoError, IdentityDao};
use crate::id_key::{default_password, generate_identity_key, IdentityKey};
lazy_static! {
static ref DEFAULT_IDENTITY_INIT_PRIVATE_KEY: Arc<Mutex<Option<String>>> =
Arc::new(Mutex::new(None));
};

Check failure on line 27 in core/identity/src/service/identity.rs

View workflow job for this annotation

GitHub Actions / Check formatting 

expected item, found `;`

Check failure on line 27 in core/identity/src/service/identity.rs

View workflow job for this annotation

GitHub Actions / Unit Tests (ubuntu-latest) 

expected item, found `;`

Check failure on line 27 in core/identity/src/service/identity.rs

View workflow job for this annotation

GitHub Actions / Unit Tests (macos-latest) 

expected item, found `;`

Check failure on line 27 in core/identity/src/service/identity.rs

View workflow job for this annotation

GitHub Actions / System Tests (ubuntu-latest) 

expected item, found `;`

Check failure on line 27 in core/identity/src/service/identity.rs

View workflow job for this annotation

GitHub Actions / Market Test Suite (macos-latest) 

expected item, found `;`

Check failure on line 27 in core/identity/src/service/identity.rs

View workflow job for this annotation

GitHub Actions / Market Test Suite (ubuntu-latest) 

expected item, found `;`

Check failure on line 27 in core/identity/src/service/identity.rs

View workflow job for this annotation

GitHub Actions / Build binaries (aarch64) 

expected item, found `;`

Check failure on line 27 in core/identity/src/service/identity.rs

View workflow job for this annotation

GitHub Actions / build-aarch64 

expected item, found `;`

Check failure on line 27 in core/identity/src/service/identity.rs

View workflow job for this annotation

GitHub Actions / Unit Tests (windows-latest) 

expected item, found `;`

Check failure on line 27 in core/identity/src/service/identity.rs

View workflow job for this annotation

GitHub Actions / Market Test Suite (windows-latest) 

expected item, found `;`

#[derive(Default)]
struct Subscription {
Expand Down Expand Up @@ -92,39 +96,59 @@
});
}

let default_key =
if let Some(key) = crate::autoconf::preconfigured_identity(default_password())? {
db.as_dao::<IdentityDao>()
.init_preconfigured(Identity {
identity_id: key.id(),
key_file_json: key.to_key_file()?,
is_default: true,
is_deleted: false,
alias: None,
note: None,
created_date: Utc::now().naive_utc(),
})
.await?
.identity_id
} else {
db.as_dao::<IdentityDao>()
let default_key = if let Some(key) =
crate::autoconf::identity_from_env(default_password(), "YAGNA_AUTOCONF_ID_SECRET")?
{
db.as_dao::<IdentityDao>()
.init_preconfigured(Identity {
identity_id: key.id(),
key_file_json: key.to_key_file()?,
is_default: true,
is_deleted: false,
alias: None,
note: None,
created_date: Utc::now().naive_utc(),
})
.await?
.identity_id
} else {
db.as_dao::<IdentityDao>()
.init_default_key(|| {
log::info!("generating new default identity");
let key: IdentityKey = generate_identity_key(None, "".into(), None);

Ok(Identity {
identity_id: key.id(),
key_file_json: key.to_key_file().map_err(DaoError::internal)?,
is_default: true,
is_deleted: false,
alias: None,
note: None,
created_date: Utc::now().naive_utc(),
})
match crate::autoconf::identity_from_env(default_password(), "YAGNA_DEFAULT_SECRET_KEY") {
Ok(Some(key)) => {
log::info!("Using default identity from given private key YAGNA_DEFAULT_SECRET_KEY, id: {}", key.id());
Ok(Identity {
identity_id: key.id(),
key_file_json: key.to_key_file().map_err(DaoError::internal)?,
is_default: true,
is_deleted: false,
alias: None,
note: None,
created_date: Utc::now().naive_utc(),
})
}
Ok(None) => {
let key: IdentityKey = generate_identity_key(None, "".into(), None);
log::info!("Generated new default identity: {}", key.id());

Ok(Identity {
identity_id: key.id(),
key_file_json: key.to_key_file().map_err(DaoError::internal)?,
is_default: true,
is_deleted: false,
alias: None,
note: None,
created_date: Utc::now().naive_utc(),
})
},
Err(err) => {
Err(Error::internal(format!("Failed to get default secret key from env: {:?}", err)))
}
}
})
.await?
.identity_id
};
};

log::info!("using default identity: {:?}", default_key);

Expand Down
Loading