Skip to content

Commit

Permalink
fix: pass firebase aud id to signer node (#143)
Browse files Browse the repository at this point in the history
  • Loading branch information
itegulov authored Apr 26, 2023
1 parent 21c0ba0 commit 16c0692
Show file tree
Hide file tree
Showing 5 changed files with 26 additions and 6 deletions.
3 changes: 3 additions & 0 deletions integration-tests/tests/docker/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -285,6 +285,7 @@ impl SignNode {
sk_share: &ExpandedKeyPair,
datastore_url: &str,
gcp_project_id: &str,
pagoda_firebase_audience_id: &str,
) -> anyhow::Result<SignNode> {
create_network(docker, network).await?;
let web_port = portpicker::pick_unused_port().expect("no free ports");
Expand All @@ -297,6 +298,8 @@ impl SignNode {
serde_json::to_string(&sk_share)?,
"--web-port".to_string(),
web_port.to_string(),
"--pagoda-firebase-audience-id".to_string(),
pagoda_firebase_audience_id.to_string(),
"--gcp-project-id".to_string(),
gcp_project_id.to_string(),
"--gcp-datastore-url".to_string(),
Expand Down
5 changes: 3 additions & 2 deletions integration-tests/tests/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,8 @@ where
)
.await?;

let pagoda_firebase_audience_id = "not actually used in integration tests";

let mut signer_nodes = Vec::new();
for (i, share) in sk_shares.iter().enumerate().take(nodes) {
let addr = SignNode::start(
Expand All @@ -83,13 +85,12 @@ where
share,
&datastore.address,
GCP_PROJECT_ID,
pagoda_firebase_audience_id,
)
.await?;
signer_nodes.push(addr);
}

let pagoda_firebase_audience_id = "not actually used in integration tests";

let signer_urls: &Vec<_> = &signer_nodes.iter().map(|n| n.address.clone()).collect();

let leader_node = LeaderNode::start(
Expand Down
10 changes: 8 additions & 2 deletions mpc-recovery/src/leader_node/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -289,7 +289,10 @@ async fn new_account<T: OAuthTokenVerifier>(
);

match process_new_account::<T>(state, request).await {
Ok(response) => (StatusCode::OK, Json(response)),
Ok(response) => {
tracing::debug!("responding with OK");
(StatusCode::OK, Json(response))
}
Err(ref e @ NewAccountError::MalformedPublicKey(ref pk, _)) => {
tracing::error!(err = ?e);
response::new_acc_bad_request(format!("bad public_key: {}", pk))
Expand Down Expand Up @@ -458,7 +461,10 @@ async fn add_key<T: OAuthTokenVerifier>(
);

match process_add_key::<T>(state, request).await {
Ok(response) => (StatusCode::OK, Json(response)),
Ok(response) => {
tracing::debug!("responding with OK");
(StatusCode::OK, Json(response))
}
Err(ref e @ AddKeyError::MalformedPublicKey(ref pk, _)) => {
tracing::error!(err = ?e);
response::add_key_bad_request(format!("bad public_key: {}", pk))
Expand Down
7 changes: 7 additions & 0 deletions mpc-recovery/src/main.rs
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ enum Cli {
default_value("https://api.kitwallet.app")
)]
account_lookup_url: String,
/// Firebase Audience ID
#[arg(long, env("PAGODA_FIREBASE_AUDIENCE_ID"))]
pagoda_firebase_audience_id: String,
/// GCP project ID
Expand All @@ -79,6 +80,9 @@ enum Cli {
/// The web port for this server
#[arg(long, env("MPC_RECOVERY_WEB_PORT"))]
web_port: u16,
/// Firebase Audience ID
#[arg(long, env("PAGODA_FIREBASE_AUDIENCE_ID"))]
pagoda_firebase_audience_id: String,
/// GCP project ID
#[arg(long, env("MPC_RECOVERY_GCP_PROJECT_ID"))]
gcp_project_id: String,
Expand Down Expand Up @@ -197,6 +201,7 @@ async fn main() -> anyhow::Result<()> {
node_id,
sk_share,
web_port,
pagoda_firebase_audience_id,
gcp_project_id,
gcp_datastore_url,
test,
Expand All @@ -214,6 +219,7 @@ async fn main() -> anyhow::Result<()> {
node_id,
sk_share,
web_port,
pagoda_firebase_audience_id,
)
.await;
} else {
Expand All @@ -222,6 +228,7 @@ async fn main() -> anyhow::Result<()> {
node_id,
sk_share,
web_port,
pagoda_firebase_audience_id,
)
.await;
}
Expand Down
7 changes: 5 additions & 2 deletions mpc-recovery/src/sign_node/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ pub async fn run<T: OAuthTokenVerifier + 'static>(
our_index: NodeId,
node_key: ExpandedKeyPair,
port: u16,
pagoda_firebase_audience_id: String,
) {
tracing::debug!("running a sign node");
let our_index = usize::try_from(our_index).expect("This index is way to big");
Expand All @@ -32,7 +33,6 @@ pub async fn run<T: OAuthTokenVerifier + 'static>(
.await
.unwrap_or_default();

let pagoda_firebase_audience_id = "pagoda-firebase-audience-id".to_string();
let signing_state = Arc::new(RwLock::new(SigningState::new()));
let state = SignNodeState {
gcp_service,
Expand Down Expand Up @@ -152,7 +152,10 @@ async fn commit<T: OAuthTokenVerifier>(
tracing::error!(err = ?e);
(
StatusCode::BAD_REQUEST,
Json(Err(format!("failed to verify oidc token: {}", err_msg))),
Json(Err(format!(
"signer failed to verify oidc token: {}",
err_msg
))),
)
}
Err(e) => {
Expand Down

0 comments on commit 16c0692

Please sign in to comment.