From 539d1b86c6c9336cb2a3e660b167c60830f2972a Mon Sep 17 00:00:00 2001 From: Joel Guittet Date: Sat, 3 Aug 2024 22:18:47 +0200 Subject: [PATCH] client: move jwt from api and create getter --- add-ons/src/mender-configure.c | 2 +- add-ons/src/mender-inventory.c | 2 +- add-ons/src/mender-troubleshoot.c | 3 +- core/src/mender-api.c | 75 +++++++++++-------------------- core/src/mender-client.c | 22 +++++++-- include/mender-api.h | 21 ++++++--- include/mender-client.h | 6 +++ 7 files changed, 68 insertions(+), 63 deletions(-) diff --git a/add-ons/src/mender-configure.c b/add-ons/src/mender-configure.c index 163c8ea..fb01edc 100644 --- a/add-ons/src/mender-configure.c +++ b/add-ons/src/mender-configure.c @@ -394,7 +394,7 @@ mender_configure_work_function(void) { #endif /* CONFIG_MENDER_CLIENT_CONFIGURE_STORAGE */ /* Publish configuration */ - if (MENDER_OK != (ret = mender_api_publish_configuration_data(mender_configure_keystore))) { + if (MENDER_OK != (ret = mender_api_publish_configuration_data(mender_client_get_jwt(), mender_configure_keystore))) { mender_log_error("Unable to publish configuration data"); } diff --git a/add-ons/src/mender-inventory.c b/add-ons/src/mender-inventory.c index 48e9d5c..b709f5d 100644 --- a/add-ons/src/mender-inventory.c +++ b/add-ons/src/mender-inventory.c @@ -205,7 +205,7 @@ mender_inventory_work_function(void) { } /* Publish inventory */ - if (MENDER_OK != (ret = mender_api_publish_inventory_data(mender_inventory_keystore))) { + if (MENDER_OK != (ret = mender_api_publish_inventory_data(mender_client_get_jwt(), mender_inventory_keystore))) { mender_log_error("Unable to publish inventory data"); } diff --git a/add-ons/src/mender-troubleshoot.c b/add-ons/src/mender-troubleshoot.c index ffd088d..2889372 100644 --- a/add-ons/src/mender-troubleshoot.c +++ b/add-ons/src/mender-troubleshoot.c @@ -513,7 +513,8 @@ mender_troubleshoot_healthcheck_work_function(void) { } /* Connect the device to the server */ - if (MENDER_OK != (ret = mender_api_troubleshoot_connect(&mender_troubleshoot_data_received_callback, &mender_troubleshoot_handle))) { + if (MENDER_OK + != (ret = mender_api_troubleshoot_connect(mender_client_get_jwt(), &mender_troubleshoot_data_received_callback, &mender_troubleshoot_handle))) { mender_log_error("Unable to connect the device to the server"); goto END; } diff --git a/core/src/mender-api.c b/core/src/mender-api.c index 0ee5073..15577f8 100644 --- a/core/src/mender-api.c +++ b/core/src/mender-api.c @@ -42,11 +42,6 @@ */ static mender_api_config_t mender_api_config; -/** - * @brief Authentication token - */ -static char *mender_api_jwt = NULL; - /** * @brief HTTP callback used to handle text content * @param event HTTP client event @@ -119,8 +114,9 @@ mender_api_init(mender_api_config_t *config) { } mender_err_t -mender_api_perform_authentication(void) { +mender_api_perform_authentication(char **jwt) { + assert(NULL != jwt); mender_err_t ret; char *public_key_pem = NULL; cJSON *json_identity = NULL; @@ -193,10 +189,10 @@ mender_api_perform_authentication(void) { ret = MENDER_FAIL; goto END; } - if (NULL != mender_api_jwt) { - free(mender_api_jwt); + if (NULL != *jwt) { + free(*jwt); } - if (NULL == (mender_api_jwt = strdup(response))) { + if (NULL == (*jwt = strdup(response))) { mender_log_error("Unable to allocate memory"); ret = MENDER_FAIL; goto END; @@ -236,8 +232,9 @@ mender_api_perform_authentication(void) { } mender_err_t -mender_api_check_for_deployment(char **id, char **artifact_name, char **uri) { +mender_api_check_for_deployment(char *jwt, char **id, char **artifact_name, char **uri) { + assert(NULL != jwt); assert(NULL != id); assert(NULL != artifact_name); assert(NULL != uri); @@ -262,8 +259,7 @@ mender_api_check_for_deployment(char **id, char **artifact_name, char **uri) { mender_api_config.device_type); /* Perform HTTP request */ - if (MENDER_OK - != (ret = mender_http_perform(mender_api_jwt, path, MENDER_HTTP_GET, NULL, NULL, &mender_api_http_text_callback, (void *)&response, &status))) { + if (MENDER_OK != (ret = mender_http_perform(jwt, path, MENDER_HTTP_GET, NULL, NULL, &mender_api_http_text_callback, (void *)&response, &status))) { mender_log_error("Unable to perform HTTP request"); goto END; } @@ -336,8 +332,9 @@ mender_api_check_for_deployment(char **id, char **artifact_name, char **uri) { } mender_err_t -mender_api_publish_deployment_status(char *id, mender_deployment_status_t deployment_status) { +mender_api_publish_deployment_status(char *jwt, char *id, mender_deployment_status_t deployment_status) { + assert(NULL != jwt); assert(NULL != id); mender_err_t ret; char *value = NULL; @@ -377,8 +374,7 @@ mender_api_publish_deployment_status(char *id, mender_deployment_status_t deploy snprintf(path, str_length, MENDER_API_PATH_PUT_DEPLOYMENT_STATUS, id); /* Perform HTTP request */ - if (MENDER_OK - != (ret = mender_http_perform(mender_api_jwt, path, MENDER_HTTP_PUT, payload, NULL, &mender_api_http_text_callback, (void *)&response, &status))) { + if (MENDER_OK != (ret = mender_http_perform(jwt, path, MENDER_HTTP_PUT, payload, NULL, &mender_api_http_text_callback, (void *)&response, &status))) { mender_log_error("Unable to perform HTTP request"); goto END; } @@ -443,8 +439,9 @@ mender_api_download_artifact(char *uri, mender_err_t (*callback)(char *, cJSON * #ifndef CONFIG_MENDER_CLIENT_CONFIGURE_STORAGE mender_err_t -mender_api_download_configuration_data(mender_keystore_t **configuration) { +mender_api_download_configuration_data(char *jwt, mender_keystore_t **configuration) { + assert(NULL != jwt); assert(NULL != configuration); mender_err_t ret; char *response = NULL; @@ -452,14 +449,8 @@ mender_api_download_configuration_data(mender_keystore_t **configuration) { /* Perform HTTP request */ if (MENDER_OK - != (ret = mender_http_perform(mender_api_jwt, - MENDER_API_PATH_GET_DEVICE_CONFIGURATION, - MENDER_HTTP_GET, - NULL, - NULL, - &mender_api_http_text_callback, - (void *)&response, - &status))) { + != (ret = mender_http_perform( + jwt, MENDER_API_PATH_GET_DEVICE_CONFIGURATION, MENDER_HTTP_GET, NULL, NULL, &mender_api_http_text_callback, (void *)&response, &status))) { mender_log_error("Unable to perform HTTP request"); goto END; } @@ -495,8 +486,9 @@ mender_api_download_configuration_data(mender_keystore_t **configuration) { #endif /* CONFIG_MENDER_CLIENT_CONFIGURE_STORAGE */ mender_err_t -mender_api_publish_configuration_data(mender_keystore_t *configuration) { +mender_api_publish_configuration_data(char *jwt, mender_keystore_t *configuration) { + assert(NULL != jwt); mender_err_t ret; cJSON *json_configuration = NULL; char *payload = NULL; @@ -516,14 +508,8 @@ mender_api_publish_configuration_data(mender_keystore_t *configuration) { /* Perform HTTP request */ if (MENDER_OK - != (ret = mender_http_perform(mender_api_jwt, - MENDER_API_PATH_PUT_DEVICE_CONFIGURATION, - MENDER_HTTP_PUT, - payload, - NULL, - &mender_api_http_text_callback, - (void *)&response, - &status))) { + != (ret = mender_http_perform( + jwt, MENDER_API_PATH_PUT_DEVICE_CONFIGURATION, MENDER_HTTP_PUT, payload, NULL, &mender_api_http_text_callback, (void *)&response, &status))) { mender_log_error("Unable to perform HTTP request"); goto END; } @@ -558,12 +544,12 @@ mender_api_publish_configuration_data(mender_keystore_t *configuration) { #ifdef CONFIG_MENDER_CLIENT_ADD_ON_TROUBLESHOOT mender_err_t -mender_api_troubleshoot_connect(mender_err_t (*callback)(void *, size_t), void **handle) { +mender_api_troubleshoot_connect(char *jwt, mender_err_t (*callback)(void *, size_t), void **handle) { mender_err_t ret; /* Open websocket connection */ - if (MENDER_OK != (ret = mender_websocket_connect(mender_api_jwt, MENDER_API_PATH_GET_DEVICE_CONNECT, &mender_api_websocket_callback, callback, handle))) { + if (MENDER_OK != (ret = mender_websocket_connect(jwt, MENDER_API_PATH_GET_DEVICE_CONNECT, &mender_api_websocket_callback, callback, handle))) { mender_log_error("Unable to open websocket connection"); goto END; } @@ -610,8 +596,9 @@ mender_api_troubleshoot_disconnect(void *handle) { #ifdef CONFIG_MENDER_CLIENT_ADD_ON_INVENTORY mender_err_t -mender_api_publish_inventory_data(mender_keystore_t *inventory) { +mender_api_publish_inventory_data(char *jwt, mender_keystore_t *inventory) { + assert(NULL != jwt); mender_err_t ret; char *payload = NULL; char *response = NULL; @@ -673,14 +660,8 @@ mender_api_publish_inventory_data(mender_keystore_t *inventory) { /* Perform HTTP request */ if (MENDER_OK - != (ret = mender_http_perform(mender_api_jwt, - MENDER_API_PATH_PUT_DEVICE_ATTRIBUTES, - MENDER_HTTP_PUT, - payload, - NULL, - &mender_api_http_text_callback, - (void *)&response, - &status))) { + != (ret = mender_http_perform( + jwt, MENDER_API_PATH_PUT_DEVICE_ATTRIBUTES, MENDER_HTTP_PUT, payload, NULL, &mender_api_http_text_callback, (void *)&response, &status))) { mender_log_error("Unable to perform HTTP request"); goto END; } @@ -721,12 +702,6 @@ mender_api_exit(void) { #endif /* CONFIG_MENDER_CLIENT_ADD_ON_TROUBLESHOOT */ mender_http_exit(); - /* Release memory */ - if (NULL != mender_api_jwt) { - free(mender_api_jwt); - mender_api_jwt = NULL; - } - return MENDER_OK; } diff --git a/core/src/mender-client.c b/core/src/mender-client.c index 73f0240..db6e956 100644 --- a/core/src/mender-client.c +++ b/core/src/mender-client.c @@ -77,6 +77,11 @@ typedef enum { */ static mender_client_state_t mender_client_state = MENDER_CLIENT_STATE_INITIALIZATION; +/** + * @brief Mender client authentication token + */ +static char *mender_client_jwt = NULL; + /** * @brief Counter and mutex for the management of network connect/release callbacks */ @@ -433,6 +438,13 @@ mender_client_register_addon(mender_addon_instance_t *addon, void *config, void return ret; } +char * +mender_client_get_jwt(void) { + + /* Return authentification token provided by the mender-server */ + return mender_client_jwt; +} + mender_err_t mender_client_activate(void) { @@ -632,6 +644,10 @@ mender_client_exit(void) { mender_scheduler_mutex_give(mender_client_addons_mutex); mender_scheduler_mutex_delete(mender_client_addons_mutex); mender_client_addons_mutex = NULL; + if (NULL != mender_client_jwt) { + free(mender_client_jwt); + mender_client_jwt = NULL; + } return ret; } @@ -726,7 +742,7 @@ mender_client_authentication_work_function(void) { mender_err_t ret; /* Perform authentication with the mender server */ - if (MENDER_OK != (ret = mender_api_perform_authentication())) { + if (MENDER_OK != (ret = mender_api_perform_authentication(&mender_client_jwt))) { /* Invoke authentication error callback */ if (NULL != mender_client_callbacks.authentication_failure) { @@ -874,7 +890,7 @@ mender_client_update_work_function(void) { char *uri = NULL; char *deployment_data = NULL; mender_log_info("Checking for deployment..."); - if (MENDER_OK != (ret = mender_api_check_for_deployment(&id, &artifact_name, &uri))) { + if (MENDER_OK != (ret = mender_api_check_for_deployment(mender_client_jwt, &id, &artifact_name, &uri))) { mender_log_error("Unable to check for deployment"); goto END; } @@ -1149,7 +1165,7 @@ mender_client_publish_deployment_status(char *id, mender_deployment_status_t dep mender_err_t ret; /* Publish status to the mender server */ - ret = mender_api_publish_deployment_status(id, deployment_status); + ret = mender_api_publish_deployment_status(mender_client_jwt, id, deployment_status); /* Invoke deployment status callback if defined */ if (NULL != mender_client_callbacks.deployment_status) { diff --git a/include/mender-api.h b/include/mender-api.h index 693ef98..37f79b7 100644 --- a/include/mender-api.h +++ b/include/mender-api.h @@ -46,26 +46,29 @@ mender_err_t mender_api_init(mender_api_config_t *config); /** * @brief Perform authentication of the device, retrieve token from mender-server used for the next requests + * @param jwt Authentification token provided by the mender-server * @return MENDER_OK if the function succeeds, error code otherwise */ -mender_err_t mender_api_perform_authentication(void); +mender_err_t mender_api_perform_authentication(char **jwt); /** * @brief Check for deployments for the device from the mender-server + * @param jwt Authentification token provided by the mender-server * @param id ID of the deployment, if one is pending * @param artifact_name Artifact name of the deployment, if one is pending * @param uri URI of the deployment, if one is pending * @return MENDER_OK if the function succeeds, error code otherwise */ -mender_err_t mender_api_check_for_deployment(char **id, char **artifact_name, char **uri); +mender_err_t mender_api_check_for_deployment(char *jwt, char **id, char **artifact_name, char **uri); /** * @brief Publish deployment status of the device to the mender-server + * @param jwt Authentification token provided by the mender-server * @param id ID of the deployment received from mender_api_check_for_deployment function * @param deployment_status Deployment status * @return MENDER_OK if the function succeeds, error code otherwise */ -mender_err_t mender_api_publish_deployment_status(char *id, mender_deployment_status_t deployment_status); +mender_err_t mender_api_publish_deployment_status(char *jwt, char *id, mender_deployment_status_t deployment_status); /** * @brief Download artifact from the mender-server @@ -80,19 +83,21 @@ mender_err_t mender_api_download_artifact(char *uri, mender_err_t (*callback)(ch /** * @brief Download configure data of the device from the mender-server + * @param jwt Authentification token provided by the mender-server * @param configuration Mender configuration key/value pairs table, ends with a NULL/NULL element, NULL if not defined * @return MENDER_OK if the function succeeds, error code otherwise */ -mender_err_t mender_api_download_configuration_data(mender_keystore_t **configuration); +mender_err_t mender_api_download_configuration_data(char *jwt, mender_keystore_t **configuration); #endif /* CONFIG_MENDER_CLIENT_CONFIGURE_STORAGE */ /** * @brief Publish configure data of the device to the mender-server + * @param jwt Authentification token provided by the mender-server * @param configuration Mender configuration key/value pairs table, must end with a NULL/NULL element, NULL if not defined * @return MENDER_OK if the function succeeds, error code otherwise */ -mender_err_t mender_api_publish_configuration_data(mender_keystore_t *configuration); +mender_err_t mender_api_publish_configuration_data(char *jwt, mender_keystore_t *configuration); #endif /* CONFIG_MENDER_CLIENT_ADD_ON_CONFIGURE */ @@ -100,11 +105,12 @@ mender_err_t mender_api_publish_configuration_data(mender_keystore_t *configurat /** * @brief Connect the device and make it available to the server + * @param jwt Authentification token provided by the mender-server * @param callback Callback function to be invoked to perform the treatment of the data from the websocket * @param handle Connection handle * @return MENDER_OK if the function succeeds, error code otherwise */ -mender_err_t mender_api_troubleshoot_connect(mender_err_t (*callback)(void *, size_t), void **handle); +mender_err_t mender_api_troubleshoot_connect(char *jwt, mender_err_t (*callback)(void *, size_t), void **handle); /** * @brief Send binary data to the server @@ -128,10 +134,11 @@ mender_err_t mender_api_troubleshoot_disconnect(void *handle); /** * @brief Publish inventory data of the device to the mender-server + * @param jwt Authentification token provided by the mender-server * @param inventory Mender inventory key/value pairs table, must end with a NULL/NULL element, NULL if not defined * @return MENDER_OK if the function succeeds, error code otherwise */ -mender_err_t mender_api_publish_inventory_data(mender_keystore_t *inventory); +mender_err_t mender_api_publish_inventory_data(char *jwt, mender_keystore_t *inventory); #endif /* CONFIG_MENDER_CLIENT_ADD_ON_INVENTORY */ diff --git a/include/mender-client.h b/include/mender-client.h index bab02a0..65c728b 100644 --- a/include/mender-client.h +++ b/include/mender-client.h @@ -89,6 +89,12 @@ mender_err_t mender_client_register_artifact_type(char *type, */ mender_err_t mender_client_register_addon(mender_addon_instance_t *addon, void *config, void *callbacks); +/** + * @brief Return authentification token provided by the mender-server + * @return MENDER_OK if the function succeeds, error code otherwise + */ +char *mender_client_get_jwt(void); + /** * @brief Activate mender client * @return MENDER_OK if the function succeeds, error code otherwise