OrgGo/Mainflux.mainflux
1
0
Fork 0
mirror of https://github.com/mainflux/mainflux.git synced 2025-04-28 13:48:49 +08:00
Code Issues Projects Releases Wiki Activity
Mainflux.mainflux/provision/service.go
Dušan Borovčanin 55e09c1921
MF-1506 - Group-based Access Control (#1716) 
* Move Things and Users to Clients

Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>
Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* NOISSUE - Update Add and Delete Policies (#1792)

* Remove Policy Action Ranks

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Rebase Issues

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix CI Test Errors

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Adding Check on Subject For Clients

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Remove Check Client Exists

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Check When Sharing Clients

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Only Add User to Group When Sharing Things

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Remove clientType

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Minor Fix on ShareClient and Fix Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Policies Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Clean Up Things Authorization

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Tests on RetrieveAll

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Test ShareThing

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Merge Conflicts

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Remove Adding Policies. Only Use Ownership

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Check If Subject is same as Object

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Move Back To Union As Sometimes Policy is Empty and Fails to Evaluate on Ownership

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Entity Type For Failing Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix BUG in policy evaluation

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add Comments Regarding checkAdmin

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Tests On Rebase

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Combine Authorize For Things and Users

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Tests On Rebase

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Error on Things SVC `unsupported protocol scheme`

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

---------

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* Fix Bug on Things Authorization Cache (#1810)

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* Use Password instead of username in MQTT handler

Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* Simplify MQTT authorization

Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* Fix MQTT tests

Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* NOISSUE - Add More Functions to SDK (#1811)

* Add More Functions to SDK

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add Examples to GoDoc

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Update Unassign Interface

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Pass Subject as ID and Not Token on List Channels By Thing

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Bootstrap Errors For Element Check

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add empty line Before Return

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Reorder URLS in things mux

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Listing Things Policies

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Share Thing

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add Examples to CLI Docs

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Update Identity To Update Another User

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Identify an Update Policies on Things

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Update Things Policies

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix GoDocs on Disconnect

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Change Authorize To Use AccessRequest

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

---------

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* For Evaluate Policy Use AccessRequest (#1814)

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* NOISSUE - Add SDK Tests (#1812)

* Add Things Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add Channel Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add Certs Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add Consumer Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Enrich Group Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add Tests For Health

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add Tests For Tokens

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Rename SDK for Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add Policies Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Linter

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Fix Tests

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Make Variable Defination Inline

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

---------

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* NOISSUE - Make Cache Key Duration Configurable (#1815)

* Make Cache Key Duration Configurable

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Rename ENV Var

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

---------

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* NOISSUE - Update GoDocs (#1816)

* Add GoDocs

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add Missing GoDoc Files

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Enable godot

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

* Add License Information

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>

---------

Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

* NOISSUE - Add Call Home Client to Mainflux services (#1751)

* Move Things and Users to Clients

Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>
Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: SammyOina <sammyoina@gmail.com>

* collect and send data package

Signed-off-by: SammyOina <sammyoina@gmail.com>

* create telemetry migrations

Signed-off-by: SammyOina <sammyoina@gmail.com>

* add telemetry endpoints

Signed-off-by: SammyOina <sammyoina@gmail.com>

* add transport

Signed-off-by: SammyOina <sammyoina@gmail.com>

* create service

Signed-off-by: SammyOina <sammyoina@gmail.com>

* remove homing server

Signed-off-by: SammyOina <sammyoina@gmail.com>

* add call home to adapters

Signed-off-by: SammyOina <sammyoina@gmail.com>

* add last seen

Signed-off-by: SammyOina <sammyoina@gmail.com>

* rename logger

Signed-off-by: SammyOina <sammyoina@gmail.com>

* remove homing client

Signed-off-by: SammyOina <sammyoina@gmail.com>

* use unmerged repo

Signed-off-by: SammyOina <sammyoina@gmail.com>

* use renamed module

Signed-off-by: SammyOina <sammyoina@gmail.com>

* update call home version

Signed-off-by: SammyOina <sammyoina@gmail.com>

* edit documentation

Signed-off-by: SammyOina <sammyoina@gmail.com>

* align table

Signed-off-by: SammyOina <sammyoina@gmail.com>

* use alias for call home client

Signed-off-by: SammyOina <sammyoina@gmail.com>

* update callhome

Signed-off-by: SammyOina <sammyoina@gmail.com>

* update call home pkg

Signed-off-by: SammyOina <sammyoina@gmail.com>

* update call home

Signed-off-by: SammyOina <sammyoina@gmail.com>

* fix modules

Signed-off-by: SammyOina <sammyoina@gmail.com>

* use mf build version

Signed-off-by: SammyOina <sammyoina@gmail.com>

* use mf build version

Signed-off-by: SammyOina <sammyoina@gmail.com>

* restore default

Signed-off-by: SammyOina <sammyoina@gmail.com>

* add call home for users and things

Signed-off-by: SammyOina <sammyoina@gmail.com>

* enable opting on call home

Signed-off-by: SammyOina <sammyoina@gmail.com>

* remove full stops

Signed-off-by: SammyOina <sammyoina@gmail.com>

* update callhome client

Signed-off-by: SammyOina <sammyoina@gmail.com>

* add call home to all services

Signed-off-by: SammyOina <sammyoina@gmail.com>

* fix build

Signed-off-by: SammyOina <sammyoina@gmail.com>

* restore sdk tests

Signed-off-by: SammyOina <sammyoina@gmail.com>

* remove unnecessary changes

Signed-off-by: SammyOina <sammyoina@gmail.com>

* restore health_test.go

Signed-off-by: SammyOina <sammyoina@gmail.com>

---------

Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>
Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: SammyOina <sammyoina@gmail.com>
Co-authored-by: b1ackd0t <blackd0t@protonmail.com>
Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>

---------

Signed-off-by: dusanb94 <dusan.borovcanin@mainflux.com>
Signed-off-by: rodneyosodo <blackd0t@protonmail.com>
Signed-off-by: SammyOina <sammyoina@gmail.com>
Co-authored-by: b1ackd0t <blackd0t@protonmail.com>
Co-authored-by: Sammy Kerata Oina <44265300+SammyOina@users.noreply.github.com>
2023-06-14 12:40:37 +02:00

418 lines
12 KiB
Go
Raw Blame History

package provision
import (
"encoding/json"
"fmt"
mflog "github.com/mainflux/mainflux/logger"
"github.com/mainflux/mainflux/pkg/errors"
SDK "github.com/mainflux/mainflux/pkg/sdk/go"
)
const (
externalIDKey = "external_id"
gateway = "gateway"
Active = 1
control = "control"
data = "data"
export = "export"
)
var (
ErrUnauthorized = errors.New("unauthorized access")
ErrFailedToCreateToken = errors.New("failed to create access token")
ErrEmptyThingsList = errors.New("things list in configuration empty")
ErrThingUpdate = errors.New("failed to update thing")
ErrEmptyChannelsList = errors.New("channels list in configuration is empty")
ErrFailedChannelCreation = errors.New("failed to create channel")
ErrFailedChannelRetrieval = errors.New("failed to retrieve channel")
ErrFailedThingCreation = errors.New("failed to create thing")
ErrFailedThingRetrieval = errors.New("failed to retrieve thing")
ErrMissingCredentials = errors.New("missing credentials")
ErrFailedBootstrapRetrieval = errors.New("failed to retrieve bootstrap")
ErrFailedCertCreation = errors.New("failed to create certificates")
ErrFailedBootstrap = errors.New("failed to create bootstrap config")
ErrFailedBootstrapValidate = errors.New("failed to validate bootstrap config creation")
ErrGatewayUpdate = errors.New("failed to updated gateway metadata")
limit uint = 10
offset uint = 0
)
var _ Service = (*provisionService)(nil)
// Service specifies Provision service API.
type Service interface {
// Provision is the only method this API specifies. Depending on the configuration,
// the following actions will can be executed:
// - create a Thing based on external_id (eg. MAC address)
// - create multiple Channels
// - create Bootstrap configuration
// - whitelist Thing in Bootstrap configuration == connect Thing to Channels
Provision(token, name, externalID, externalKey string) (Result, error)
// Mapping returns current configuration used for provision
// useful for using in ui to create configuration that matches
// one created with Provision method.
Mapping(token string) (map[string]interface{}, error)
// Certs creates certificate for things that communicate over mTLS
// A duration string is a possibly signed sequence of decimal numbers,
// each with optional fraction and a unit suffix, such as "300ms", "-1.5h" or "2h45m".
// Valid time units are "ns", "us" (or "µs"), "ms", "s", "m", "h".
Cert(token, thingID, duration string) (string, string, error)
}
type provisionService struct {
logger mflog.Logger
sdk SDK.SDK
conf Config
}
// Result represent what is created with additional info.
type Result struct {
Things []SDK.Thing `json:"things,omitempty"`
Channels []SDK.Channel `json:"channels,omitempty"`
ClientCert map[string]string `json:"client_cert,omitempty"`
ClientKey map[string]string `json:"client_key,omitempty"`
CACert string `json:"ca_cert,omitempty"`
Whitelisted map[string]bool `json:"whitelisted,omitempty"`
Error string `json:"error,omitempty"`
}
// New returns new provision service.
func New(cfg Config, sdk SDK.SDK, logger mflog.Logger) Service {
return &provisionService{
logger: logger,
conf: cfg,
sdk: sdk,
}
}
// Mapping retrieves current configuration.
func (ps *provisionService) Mapping(token string) (map[string]interface{}, error) {
userFilter := SDK.PageMetadata{
Email: "",
Offset: uint64(offset),
Limit: uint64(limit),
Metadata: make(map[string]interface{}),
}
if _, err := ps.sdk.Users(userFilter, token); err != nil {
return map[string]interface{}{}, errors.Wrap(ErrUnauthorized, err)
}
return ps.conf.Bootstrap.Content, nil
}
// Provision is provision method for creating setup according to
// provision layout specified in config.toml.
func (ps *provisionService) Provision(token, name, externalID, externalKey string) (res Result, err error) {
var channels []SDK.Channel
var things []SDK.Thing
defer ps.recover(&err, &things, &channels, &token)
token, err = ps.createTokenIfEmpty(token)
if err != nil {
return res, err
}
if len(ps.conf.Things) == 0 {
return res, ErrEmptyThingsList
}
if len(ps.conf.Channels) == 0 {
return res, ErrEmptyChannelsList
}
for _, thing := range ps.conf.Things {
// If thing in configs contains metadata with external_id
// set value for it from the provision request
if _, ok := thing.Metadata[externalIDKey]; ok {
thing.Metadata[externalIDKey] = externalID
}
th := SDK.Thing{
Metadata: thing.Metadata,
}
if name == "" {
name = thing.Name
}
th.Name = name
th, err := ps.sdk.CreateThing(th, token)
if err != nil {
res.Error = err.Error()
return res, errors.Wrap(ErrFailedThingCreation, err)
}
// Get newly created thing (in order to get the key).
th, err = ps.sdk.Thing(th.ID, token)
if err != nil {
e := errors.Wrap(err, fmt.Errorf("thing id: %s", th.ID))
return res, errors.Wrap(ErrFailedThingRetrieval, e)
}
things = append(things, th)
}
for _, channel := range ps.conf.Channels {
ch := SDK.Channel{
Name: channel.Name,
Metadata: SDK.Metadata(channel.Metadata),
}
ch, err := ps.sdk.CreateChannel(ch, token)
if err != nil {
return res, err
}
ch, err = ps.sdk.Channel(ch.ID, token)
if err != nil {
e := errors.Wrap(err, fmt.Errorf("channel id: %s", ch.ID))
return res, errors.Wrap(ErrFailedChannelRetrieval, e)
}
channels = append(channels, ch)
}
res = Result{
Things: things,
Channels: channels,
Whitelisted: map[string]bool{},
ClientCert: map[string]string{},
ClientKey: map[string]string{},
}
var cert SDK.Cert
var bsConfig SDK.BootstrapConfig
for _, thing := range things {
var chanIDs []string
for _, ch := range channels {
chanIDs = append(chanIDs, ch.ID)
}
content, err := json.Marshal(ps.conf.Bootstrap.Content)
if err != nil {
return Result{}, errors.Wrap(ErrFailedBootstrap, err)
}
if ps.conf.Bootstrap.Provision && needsBootstrap(thing) {
bsReq := SDK.BootstrapConfig{
ThingID: thing.ID,
ExternalID: externalID,
ExternalKey: externalKey,
Channels: chanIDs,
CACert: res.CACert,
ClientCert: cert.ClientCert,
ClientKey: cert.ClientKey,
Content: string(content),
}
bsid, err := ps.sdk.AddBootstrap(bsReq, token)
if err != nil {
return Result{}, errors.Wrap(ErrFailedBootstrap, err)
}
bsConfig, err = ps.sdk.ViewBootstrap(bsid, token)
if err != nil {
return Result{}, errors.Wrap(ErrFailedBootstrapValidate, err)
}
}
if ps.conf.Bootstrap.X509Provision {
var cert SDK.Cert
cert, err = ps.sdk.IssueCert(thing.ID, ps.conf.Cert.TTL, token)
if err != nil {
e := errors.Wrap(err, fmt.Errorf("thing id: %s", thing.ID))
return res, errors.Wrap(ErrFailedCertCreation, e)
}
res.ClientCert[thing.ID] = cert.ClientCert
res.ClientKey[thing.ID] = cert.ClientKey
res.CACert = ""
if needsBootstrap(thing) {
if err = ps.sdk.UpdateBootstrapCerts(bsConfig.MFThing, cert.ClientCert, cert.ClientKey, "", token); err != nil {
return Result{}, errors.Wrap(ErrFailedCertCreation, err)
}
}
}
if ps.conf.Bootstrap.AutoWhiteList {
wlReq := SDK.BootstrapConfig{
MFThing: thing.ID,
State: Active,
}
if err := ps.sdk.Whitelist(wlReq, token); err != nil {
res.Error = err.Error()
return res, ErrThingUpdate
}
res.Whitelisted[thing.ID] = true
}
}
if err = ps.updateGateway(token, bsConfig, channels); err != nil {
return res, err
}
return res, nil
}
func (ps *provisionService) Cert(token, thingID, ttl string) (string, string, error) {
token, err := ps.createTokenIfEmpty(token)
if err != nil {
return "", "", err
}
th, err := ps.sdk.Thing(thingID, token)
if err != nil {
return "", "", errors.Wrap(ErrUnauthorized, err)
}
cert, err := ps.sdk.IssueCert(th.ID, ps.conf.Cert.TTL, token)
return cert.ClientCert, cert.ClientKey, err
}
func (ps *provisionService) createTokenIfEmpty(token string) (string, error) {
if token != "" {
return token, nil
}
// If no token in request is provided
// use API key provided in config file or env
if ps.conf.Server.MfAPIKey != "" {
return ps.conf.Server.MfAPIKey, nil
}
// If no API key use username and password provided to create access token.
if ps.conf.Server.MfUser == "" || ps.conf.Server.MfPass == "" {
return token, ErrMissingCredentials
}
u := SDK.User{
Credentials: SDK.Credentials{
Identity: ps.conf.Server.MfUser,
Secret: ps.conf.Server.MfPass,
},
}
tkn, err := ps.sdk.CreateToken(u)
if err != nil {
return token, errors.Wrap(ErrFailedToCreateToken, err)
}
return tkn.AccessToken, nil
}
func (ps *provisionService) updateGateway(token string, bs SDK.BootstrapConfig, channels []SDK.Channel) error {
var gw Gateway
for _, ch := range channels {
switch ch.Metadata["type"] {
case control:
gw.CtrlChannelID = ch.ID
case data:
gw.DataChannelID = ch.ID
case export:
gw.ExportChannelID = ch.ID
}
}
gw.ExternalID = bs.ExternalID
gw.ExternalKey = bs.ExternalKey
gw.CfgID = bs.MFThing
gw.Type = gateway
th, sdkerr := ps.sdk.Thing(bs.MFThing, token)
if sdkerr != nil {
return errors.Wrap(ErrGatewayUpdate, sdkerr)
}
b, err := json.Marshal(gw)
if err != nil {
return errors.Wrap(ErrGatewayUpdate, err)
}
if err := json.Unmarshal(b, &th.Metadata); err != nil {
return errors.Wrap(ErrGatewayUpdate, err)
}
if _, err := ps.sdk.UpdateThing(th, token); err != nil {
return errors.Wrap(ErrGatewayUpdate, err)
}
return nil
}
func (ps *provisionService) errLog(err error) {
if err != nil {
ps.logger.Error(fmt.Sprintf("Error recovering: %s", err))
}
}
func clean(ps *provisionService, things []SDK.Thing, channels []SDK.Channel, token string) {
for _, t := range things {
_, err := ps.sdk.DisableThing(t.ID, token)
ps.errLog(err)
}
for _, c := range channels {
_, err := ps.sdk.DisableChannel(c.ID, token)
ps.errLog(err)
}
}
func (ps *provisionService) recover(e *error, ths *[]SDK.Thing, chs *[]SDK.Channel, tkn *string) {
if e == nil {
return
}
things, channels, token, err := *ths, *chs, *tkn, *e
if errors.Contains(err, ErrFailedThingRetrieval) || errors.Contains(err, ErrFailedChannelCreation) {
for _, th := range things {
_, err := ps.sdk.DisableThing(th.ID, token)
ps.errLog(err)
}
return
}
if errors.Contains(err, ErrFailedBootstrap) || errors.Contains(err, ErrFailedChannelRetrieval) {
clean(ps, things, channels, token)
return
}
if errors.Contains(err, ErrFailedBootstrapValidate) || errors.Contains(err, ErrFailedCertCreation) {
clean(ps, things, channels, token)
for _, th := range things {
if needsBootstrap(th) {
ps.errLog(ps.sdk.RemoveBootstrap(th.ID, token))
}
}
return
}
if errors.Contains(err, ErrFailedBootstrapValidate) || errors.Contains(err, ErrFailedCertCreation) {
clean(ps, things, channels, token)
for _, th := range things {
if needsBootstrap(th) {
bs, err := ps.sdk.ViewBootstrap(th.ID, token)
ps.errLog(errors.Wrap(ErrFailedBootstrapRetrieval, err))
ps.errLog(ps.sdk.RemoveBootstrap(bs.MFThing, token))
}
}
}
if errors.Contains(err, ErrThingUpdate) || errors.Contains(err, ErrGatewayUpdate) {
clean(ps, things, channels, token)
for _, th := range things {
if ps.conf.Bootstrap.X509Provision && needsBootstrap(th) {
_, err := ps.sdk.RevokeCert(th.ID, token)
ps.errLog(err)
}
if needsBootstrap(th) {
bs, err := ps.sdk.ViewBootstrap(th.ID, token)
ps.errLog(errors.Wrap(ErrFailedBootstrapRetrieval, err))
ps.errLog(ps.sdk.RemoveBootstrap(bs.MFThing, token))
}
}
return
}
}
func needsBootstrap(th SDK.Thing) bool {
if th.Metadata == nil {
return false
}
if _, ok := th.Metadata[externalIDKey]; ok {
return true
}
return false
}
Reference in New Issue View Git Blame Copy Permalink