func (app *AdminApp) RegisterNextNode() {
orgId := app.entities.org.Data.Body.Id
regJson, err := app.fs.api.PopIncoming("registration")
checkAppFatal("Can't pop registration: %s", err)
container, err := document.NewContainer(regJson)
if err != nil {
app.fs.api.PushIncoming(orgId, "registration", regJson)
checkAppFatal("Can't load registration: %s", err)
}
pairingId := container.Data.Options.SignatureInputs["key-id"]
logger.Infof("Reading pairing key: %s", pairingId)
pairingKey := app.index.org.Data.Body.PairingKeys[pairingId]
logger.Info("Verifying and decrypting node registration")
nodeJson, err := app.entities.org.VerifyAuthenticationThenDecrypt(container, pairingKey.Key)
if err != nil {
app.fs.api.PushIncoming(orgId, "registration", regJson)
checkAppFatal("Couldn't verify then decrypt registration: %s", err)
}
node, err := node.New(nodeJson)
if err != nil {
app.fs.api.PushIncoming(orgId, "registration", regJson)
checkAppFatal("Couldn't create node from registration: %s", err)
}
logger.Info("Adding node to index")
app.index.org.AddEntityTags(node.Data.Body.Id, pairingKey.Tags)
app.index.org.AddNode(node.Data.Body.Name, node.Data.Body.Id)
logger.Info("Encrypting and signing node for Org")
nodeContainer, err := app.entities.org.EncryptThenSignString(node.Dump(), nil)
if err != nil {
app.fs.api.PushIncoming(orgId, "registration", regJson)
checkAppFatal("Couldn't encrypt then sign node: %s", err)
}
if err := app.fs.api.SendPrivate(orgId, node.Data.Body.Id, nodeContainer.Dump()); err != nil {
checkAppFatal("Could not save node: %s", err)
}
for _, tag := range pairingKey.Tags {
logger.Infof("Looking for CAs for tag %s", tag)
for _, caId := range app.index.org.Data.Body.Tags.CAForward[tag] {
logger.Infof("Found CA %s", caId)
app.SignCSRForNode(node, caId, tag)
}
}
}
func (cont *OrgController) RegisterNextNode() error {
logger.Debug("registering next node")
org := cont.env.controllers.org.org
logger.Debug("popping next registration from org")
regJson, err := cont.env.api.PopIncoming(org.Id(), "registration")
if err != nil {
return err
}
logger.Debug("creating new registration container")
container, err := document.NewContainer(regJson)
if err != nil {
logger.Warn("unable to create container from registration json. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
return err
}
pairingId := container.Data.Options.SignatureInputs["key-id"]
logger.Debugf("reading pairing key for '%s'", pairingId)
index, err := cont.GetIndex()
if err != nil {
return err
}
pairingKey, ok := index.Data.Body.PairingKeys[pairingId]
if !ok {
logger.Warn("unable to find pairing key. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
logger.Trace("returning nil error")
return nil
}
logger.Debug("verifying and decrypting node registration")
nodeJson, err := org.VerifyAuthenticationThenDecrypt(container, pairingKey.Key)
if err != nil {
logger.Warn("unable to decrypt node registration. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
return err
}
logger.Debug("creating new node from JSON")
node, err := node.New(nodeJson)
if err != nil {
logger.Warn("unable to create node. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
return err
}
index.AddEntityTags(node.Data.Body.Id, pairingKey.Tags)
index.AddNode(node.Data.Body.Name, node.Data.Body.Id)
logger.Debug("encrypting and signing node for org")
nodeContainer, err := org.EncryptThenSignString(node.Dump(), nil)
if err != nil {
logger.Warn("unable to encrypt node for org. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
return err
}
logger.Debug("sending node to org")
if err := cont.env.api.SendPrivate(org.Id(), node.Data.Body.Id, nodeContainer.Dump()); err != nil {
logger.Warn("Unable to send node to org. Pushing back to incoming registration queue")
cont.env.api.PushIncoming(org.Id(), "registration", regJson)
return err
}
for _, tag := range pairingKey.Tags {
logger.Debugf("looking for CAs for tag '%s'", tag)
for _, caId := range index.Data.Body.Tags.CAForward[tag] {
logger.Debugf("found CA '%s'", caId)
if err := cont.SignCSR(node, caId, tag); err != nil {
return err
}
}
}
if err := cont.SaveIndex(index); err != nil {
return err
}
logger.Trace("returning nil error")
return nil
}