ExternalVendorCode/balena-supervisor
1
0
Fork 0
mirror of https://github.com/balena-os/balena-supervisor.git synced 2025-01-12 07:52:55 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #424 from resin-io/improve-key-exchange

Browse Source 
Improve key exchange by first checking if an existing device api key is valid.
This commit is contained in:
Page- 2017-04-24 12:42:51 -07:00 committed by GitHub
commit 26fb0b4f64
1 changed files with 33 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
src/bootstrap.coffee
View File

@ -35,17 +35,29 @@ loadPreloadedApps = ->
.catch (err) -> .catch (err) ->
utils.mixpanelTrack('Loading preloaded apps failed', { error: err }) utils.mixpanelTrack('Loading preloaded apps failed', { error: err })
exchangeKey = -> fetchDevice = (apiKey) ->
resinApi.get resinApi.get
resource: 'device' resource: 'device'
options: options:
filter: filter:
uuid: userConfig.uuid uuid: userConfig.uuid
customOptions: customOptions:
apikey: userConfig.apiKey apikey: apiKey
.catchReturn([]) .get(0)
.catchReturn(null)
.timeout(config.apiTimeout) .timeout(config.apiTimeout)
.then ([ device ]) ->
exchangeKey = ->
Promise.try ->
# If we have an existing device key we first check if it's valid, because if it is we can just use that
if userConfig.deviceApiKey?
fetchDevice(userConfig.deviceApiKey)
.then (device) ->
if device?
return device
# If it's not valid/doesn't exist then we try to use the user/provisioning api key for the exchange
fetchDevice(userConfig.apiKey)
.then (device) ->
if not device? if not device?
throw new ExchangeKeyError("Couldn't fetch device with provisioning key") throw new ExchangeKeyError("Couldn't fetch device with provisioning key")
# We found the device, we can try to generate a working device key for it # We found the device, we can try to generate a working device key for it
@ -73,28 +85,14 @@ bootstrap = ->
) )
.timeout(config.apiTimeout) .timeout(config.apiTimeout)
.catch DuplicateUuidError, -> .catch DuplicateUuidError, ->
console.log('UUID already registered, checking if our device key is valid for it') console.log('UUID already registered, trying a key exchange')
resinApi.get
resource: 'device'
options:
filter:
uuid: userConfig.uuid
customOptions:
apikey: userConfig.deviceApiKey
.catchReturn([])
.timeout(config.apiTimeout)
.then ([ device ]) ->
if device?
console.log('Fetched device, all is good')
return device
# If we couldn't fetch with the device key then we can try to key exchange in case the provisioning key is an old 'user-api-key'
console.log("Couldn't fetch the device, trying to exchange for a valid key")
exchangeKey() exchangeKey()
.tap ->
console.log('Key exchange succeeded, all good')
.tapCatch ExchangeKeyError, (err) -> .tapCatch ExchangeKeyError, (err) ->
# If it fails we just have to reregister as a provisioning key doesn't have the ability to change existing devices # If it fails we just have to reregister as a provisioning key doesn't have the ability to change existing devices
console.log('Exchanging key failed, having to reregister') console.log('Exchanging key failed, having to reregister')
generateRegistration(true) generateRegistration(true)
.then (device) ->
.then ({ id }) -> .then ({ id }) ->
userConfig.registered_at = Date.now() userConfig.registered_at = Date.now()
userConfig.deviceId = id userConfig.deviceId = id