Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: save enrollment details to local keystore #599

Merged
merged 38 commits into from
Jul 25, 2024
Merged

fix: save enrollment details to local keystore #599

merged 38 commits into from
Jul 25, 2024

Conversation

murali-shris
Copy link
Member

@murali-shris murali-shris commented Jun 18, 2024
edited by srieteja
Loading

Closes #556
Enroll details are needed in local storage for at_client to perform enrollment authorization checks for local secondary verbs. While we started implementing authorization checks in at_client, we wanted to use enroll:fetch instead of local key to get enrollment details. But enroll:fetch approach will not work for 1) offline at_client 2) every verb operation will result in remote call. So we decided to store a local key for enrollment details

- What I did

  • Store enrollment details on LocalSecondary after approval and successful auth using a new enrollment
  • Handle edge cases, when null SelfEncryptionKey or EncryptionPrivateKey is received from server
  • Changes to OnboardingService.close() :
    • call AtLookup.close() only if AtLookup.isConnectionAvailable is true (to NOT trigger the null exception)
    • Also close atClient.notificationService as this might keep a monitor connection running in the background in some cases
  • Changed OnboardingService._readAtKeysFile () to visibleForTesting
  • introduced a setter for enrollmentBase to allow injection of mocks (only visibleForTesting)
  • Formatted method docs
  • Some refactoring to support mocking

- How to verify it

  • unit tests and functional tests added to assert the changes

- Description for the changelog

fix: save enrollment details to local keystore

@murali-shris murali-shris marked this pull request as ready for review June 18, 2024 07:01
@murali-shris murali-shris marked this pull request as draft June 18, 2024 07:02
@srieteja srieteja marked this pull request as ready for review June 24, 2024 11:10
@srieteja srieteja requested a review from sitaram-kalluri June 26, 2024 07:20
sitaram-kalluri
sitaram-kalluri previously approved these changes Jul 1, 2024
View reviewed changes
srieteja added 15 commits July 5, 2024 14:59
@srieteja
feat: introduce option to not exit onboardingCLI when close() is called.
6cbc2e4
@srieteja
test: add functional test
85f21c0
@srieteja
test: more change to EnrollmentOperations
c80b7d1
@srieteja
feat: changes in onboarding_cli to improve testability
8c9ce28
@srieteja
test: make EnrollmentOperations stateless
90bcc76
@srieteja
feat: introduce option to not exit onboardingCLI when close() is called.
3a7ac2c
@srieteja
test: add functional test
9cdb6db
@srieteja
test: more change to EnrollmentOperations
fc8e5e5
@srieteja
feat: changes in onboarding_cli to improve testability
ff72043
@srieteja
test: make EnrollmentOperations stateless
08f5154
@srieteja
Merge remote-tracking branch 'origin/apkam_functional_tests' into apk…
bbb74a3 
…am_functional_tests

# Conflicts:
#	tests/at_onboarding_cli_functional_tests/pubspec.yaml
@srieteja
test: fix failing functional test
8b68baf
@srieteja
build[deps]: introduce at_commons into functional test pubspec
aaf1c0f
@srieteja
test: add functional test
9f6db8c
@srieteja
chore: minor refactoring
e5d85f7
@srieteja srieteja requested a review from sitaram-kalluri July 17, 2024 15:53
@srieteja
Copy link
Contributor

waiting for #606 to be merged into this branch.

@gkc gkc mentioned this pull request Jul 19, 2024
Closed
@gkc
Merge pull request #606 from atsign-foundation/apkam_functional_tests
c83999a 
test: add couple of functional tests related to APKAM
@gkc
Copy link
Contributor

gkc commented Jul 19, 2024
edited
Loading

waiting for #606 to be merged into this branch.

#606 has been merged to trunk

@gkc
Copy link
Contributor

gkc commented Jul 19, 2024

waiting for #606 to be merged into this branch.

#606 has been merged to trunk

@srieteja I'll resolve the merge conflicts and merge trunk into this branch

@gkc
Merge remote-tracking branch 'origin/trunk' into save_enrollment_deta…
e45c614 
…ils_new

# Conflicts:
#	packages/at_onboarding_cli/lib/src/onboard/at_onboarding_service_impl.dart
@srieteja
Copy link
Contributor

@gkc once the conflicts are resolved, functional tests will fail as a result of changes. Working on updating them

@gkc
Copy link
Contributor

gkc commented Jul 19, 2024

@gkc once the conflicts are resolved, functional tests will fail as a result of changes. Working on updating them

I've fixed all the ripple effects and pushed to the branch

gkc
gkc requested changes Jul 19, 2024
View reviewed changes
Copy link
Contributor

@gkc gkc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. The PR description explains what has been done, but not why. Please add an explanation of the problem that is being addressed here (or link to a ticket which has that explanation).
  2. This PR handles writing to the keystore ... is the intent that there will be code elsewhere which reads this information from the keystore?
  3. The information is currently written to '${enrollmentResponse.enrollmentId}.new.enrollments.__manage${atClient!.getCurrentAtSign()}'
  • Given that this is purely for local client-side use, we should use a local key
  • And we should not be using the __manage namespace

@murali-shris
Copy link
Member Author

murali-shris commented Jul 19, 2024
edited
Loading

  1. The PR description explains what has been done, but not why. Please add an explanation of the problem that is being addressed here (or link to a ticket which has that explanation).
  2. This PR handles writing to the keystore ... is the intent that there will be code elsewhere which reads this information from the keystore?
  3. The information is currently written to '${enrollmentResponse.enrollmentId}.new.enrollments.__manage${atClient!.getCurrentAtSign()}'
  • Given that this is purely for local client-side use, we should use a local key
  • And we should not be using the __manage namespace
  1. added to the PR description
  2. the local key which stores the enrollment details will be read from LocalSecondary --> isEnrollmentAuthorizedForOperation(..) in at_client
  3. agreed. Will make the change

@murali-shris murali-shris mentioned this pull request Jul 23, 2024
Merged
@srieteja srieteja requested a review from gkc July 25, 2024 12:42
gkc
gkc reviewed Jul 25, 2024
View reviewed changes
tests/at_onboarding_cli_functional_tests/test/enrollment_test.dart Outdated

// The put operation is expected to fail as the new enrollment only has
// access to wavi namespace
expect(() => client?.put(buzzKey, 'value'), throwsA(predicate((e) {
expect(() async => await client?.put(buzzKey, 'value'),
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it's cleaner to do await expectLater(...)

gkc
gkc requested changes Jul 25, 2024
View reviewed changes
Copy link
Contributor

@gkc gkc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please un-skip the test(s) in test/at_onboarding_cli_test.dart

gkc
gkc approved these changes Jul 25, 2024
View reviewed changes
Copy link
Contributor

@gkc gkc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@srieteja srieteja merged commit 922195b into trunk Jul 25, 2024
11 checks passed
@srieteja srieteja deleted the save_enrollment_details_new branch July 25, 2024 16:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gkc gkc gkc approved these changes

@sitaram-kalluri sitaram-kalluri Awaiting requested review from sitaram-kalluri

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat: at_onboarding_cli store enrollment details in local secondary after apkam auth is success
4 participants
@murali-shris @srieteja @gkc @sitaram-kalluri