pairing: Add pairing session approval

Adds the approval of the old device. This does not check the signature and does also not check the restrictions. This soley approves the pairing request. This needs a tls cert and a rune to be present as we need these to sign and attestate the approval. Signed-off-by: Peter Neuroth <[email protected]>
Blockstream · Dec 1, 2023 · 3ccf411 · 3ccf411
1 parent d1bd152
commit 3ccf411
Show file tree

Hide file tree

Showing 12 changed files with 305 additions and 16 deletions.
diff --git a/libs/gl-client-py/glclient/__init__.py b/libs/gl-client-py/glclient/__init__.py
@@ -126,6 +126,9 @@ def pair_device(self, name: str, desc: str, restrs: str) -> Generator[Union[sche
     def get_pairing_data(self, session_id: str) -> schedpb.GetPairingDataResponse:
         res = self.inner.get_pairing_data(session_id=session_id)
         return schedpb.GetPairingDataResponse.FromString(bytes(res))
+
+    def approve_pairing(self, session_id: str, node_id: bytes, device_name: str, restrs: str):
+        self.inner.approve_pairing(session_id, node_id, device_name, restrs)
 
 class Node(object):
     def __init__(self, node_id: bytes, network: str, grpc_uri: str, tls: Optional[TlsConfig] = None, rune: Optional[str] = None, auth: Optional[bytes] = None) -> None:

diff --git a/libs/gl-client-py/glclient/glclient.pyi b/libs/gl-client-py/glclient/glclient.pyi
@@ -40,6 +40,8 @@ class PairingService:
     def __init__(self, tls: Optional["TlsConfig"], rune: Optional[str], uri: Optional[str]): ...
     def pair_device(self, name: str, desc: str, restrs: str): ...
     def get_pairing_data(self, session_id: str) -> bytes: ...
+    def approve_pairing(self, session_id: str, node_id: bytes, device_name: str, restrs: str):...
+
 
 class Node:
     def __init__(

diff --git a/libs/gl-client-py/glclient/scheduler_pb2.py b/libs/gl-client-py/glclient/scheduler_pb2.py
diff --git a/libs/gl-client-py/glclient/scheduler_pb2.pyi b/libs/gl-client-py/glclient/scheduler_pb2.pyi
diff --git a/libs/gl-client-py/glclient/scheduler_pb2_grpc.py b/libs/gl-client-py/glclient/scheduler_pb2_grpc.py
diff --git a/libs/gl-client-py/src/pairing.rs b/libs/gl-client-py/src/pairing.rs
@@ -1,6 +1,7 @@
 use crate::runtime::exec;
 use crate::scheduler::convert;
 use crate::tls::TlsConfig;
+use anyhow::Error;
 use bytes::BufMut;
 use gl_client::pairing::service::{Pairing, PairingSessionData};
 use prost::Message;
@@ -60,6 +61,21 @@ impl PairingService {
             self.inner.get_pairing_data(session_id).await
         }))
     }
+
+    fn approve_pairing(
+        &self,
+        session_id: &str,
+        node_id: &[u8],
+        device_name: &str,
+        restrs: &str,
+    ) -> PyResult<Vec<u8>> {
+        convert(exec(async move {
+            self.inner
+                .approve_pairing(session_id, node_id, device_name, restrs)
+                .await
+                .map_err(|e| Error::new(e))
+        }))
+    }
 }
 
 /// A wrapper class to return an iterable from a mpsc channel.

diff --git a/libs/gl-client-py/tests/test_pairing.py b/libs/gl-client-py/tests/test_pairing.py
@@ -1,7 +1,8 @@
 from gltesting.fixtures import *
 from glclient import PairingService
+from test_scheduler import tls, signer, sclient
 
-def test_pairing_session(scheduler, nobody_id):
+def test_pairing_session(scheduler, nobody_id, sclient, signer, tls):
     name = "new_device"
     desc = "my description"
     restrs = "method^list"
@@ -24,6 +25,20 @@ def test_pairing_session(scheduler, nobody_id):
     assert(m.desc == desc)
     assert(m.restrs == restrs)
 
+    # We are happy with the pairing_data and want to approve the 
+    # request. Therefor we need a PairingService with our tls cert
+    # and with our rune.
+    res = sclient.register(signer)
+    tls = tls.identity_from_auth(res.auth)
+    rune = res.rune
+    ps1 = PairingService(tls=tls, rune=rune)
+    ps1.approve_pairing(
+        m.session_id,
+        sclient.node_id,
+        m.device_name,
+        m.restrs
+    )
+
     # check that response is returned.
     m = next(session_iter)
     assert(m.session_id)