func checkForValidMachineAgent(entity taggedAuthenticator, c params.Creds) error {
// If this is a machine agent connecting, we need to check the
// nonce matches, otherwise the wrong agent might be trying to
// connect.
if machine, ok := entity.(*state.Machine); ok {
if !machine.CheckProvisioned(c.Nonce) {
return state.NotProvisionedError(machine.Id())
}
}
return nil
}
// Authenticate authenticates the provided entity and returns an error on authentication failure.
func (*AgentAuthenticator) Authenticate(entity state.Entity, password, nonce string) error {
authenticator, ok := entity.(taggedAuthenticator)
if !ok {
return common.ErrBadRequest
}
if !authenticator.PasswordValid(password) {
return common.ErrBadCreds
}
// If this is a machine agent connecting, we need to check the
// nonce matches, otherwise the wrong agent might be trying to
// connect.
if machine, ok := authenticator.(*state.Machine); ok {
if !machine.CheckProvisioned(nonce) {
return state.NotProvisionedError(machine.Id())
}
}
return nil
}
code: params.CodeNoAddressSet,
helperFunc: params.IsCodeNoAddressSet,
}, {
err: common.ErrBadCreds,
code: params.CodeUnauthorized,
helperFunc: params.IsCodeUnauthorized,
}, {
err: common.ErrPerm,
code: params.CodeUnauthorized,
helperFunc: params.IsCodeUnauthorized,
}, {
err: common.ErrNotLoggedIn,
code: params.CodeUnauthorized,
helperFunc: params.IsCodeUnauthorized,
}, {
err: state.NotProvisionedError("0"),
code: params.CodeNotProvisioned,
helperFunc: params.IsCodeNotProvisioned,
}, {
err: errors.AlreadyExistsf("blah"),
code: params.CodeAlreadyExists,
helperFunc: params.IsCodeAlreadyExists,
}, {
err: common.ErrUnknownWatcher,
code: params.CodeNotFound,
helperFunc: params.IsCodeNotFound,
}, {
err: &state.NotAssignedError{&state.Unit{}}, // too sleazy?! nah..
code: params.CodeNotAssigned,
helperFunc: params.IsCodeNotAssigned,
}, {
func (m *testMachine) InstanceId() (instance.Id, error) {
if m.instanceId == "" {
return "", state.NotProvisionedError(m.Id())
}
return m.instanceId, m.instanceIdErr
}