func getDevopsClient(peerAddress string) (obc.DevopsClient, error) { var opts []grpc.DialOption if viper.GetBool("pki.validity-period.tls.enabled") { var sn string if viper.GetString("pki.validity-period.tls.serverhostoverride") != "" { sn = viper.GetString("pki.validity-period.tls.serverhostoverride") } var creds credentials.TransportAuthenticator if viper.GetString("pki.validity-period.tls.cert.file") != "" { var err error creds, err = credentials.NewClientTLSFromFile(viper.GetString("pki.validity-period.tls.cert.file"), sn) if err != nil { grpclog.Fatalf("Failed to create TLS credentials %v", err) } } else { creds = credentials.NewClientTLSFromCert(nil, sn) } opts = append(opts, grpc.WithTransportCredentials(creds)) } opts = append(opts, grpc.WithTimeout(systemChaincodeTimeout)) opts = append(opts, grpc.WithBlock()) opts = append(opts, grpc.WithInsecure()) conn, err := grpc.Dial(peerAddress, opts...) if err != nil { return nil, fmt.Errorf("Error trying to connect to local peer: %s", err) } devopsClient := obc.NewDevopsClient(conn) return devopsClient, nil }
// GetDevopsClient returns a new client connection for this peer func GetDevopsClient(cmd *cobra.Command) (pb.DevopsClient, error) { clientConn, err := peer.NewPeerClientConnection() if err != nil { return nil, fmt.Errorf("Error trying to connect to local peer: %s", err) } devopsClient := pb.NewDevopsClient(clientConn) return devopsClient, nil }
// login confirms the enrollmentID and secret password of the client with the // CA and stores the enrollment certificate and key in the Devops server. func networkLogin(args []string) (err error) { logger.Info("CLI client login...") // Check for username argument if len(args) == 0 { err = errors.New("Must supply username") return } // Check for other extraneous arguments if len(args) != 1 { err = errors.New("Must supply username as the 1st and only parameter") return } // Retrieve the CLI data storage path // Returns /var/openchain/production/client/ localStore := getCliFilePath() logger.Infof("Local data store for client loginToken: %s", localStore) // If the user is already logged in, return if _, err = os.Stat(localStore + "loginToken_" + args[0]); err == nil { logger.Infof("User '%s' is already logged in.\n", args[0]) return } // If the '--password' flag is not specified, need read it from the terminal if loginPW == "" { // User is not logged in, prompt for password fmt.Printf("Enter password for user '%s': ", args[0]) var pw []byte if pw, err = gopass.GetPasswdMasked(); err != nil { err = fmt.Errorf("Error trying to read password from console: %s", err) return } loginPW = string(pw) } // Log in the user logger.Infof("Logging in user '%s' on CLI interface...\n", args[0]) // Get a devopsClient to perform the login clientConn, err := peer.NewPeerClientConnection() if err != nil { err = fmt.Errorf("Error trying to connect to local peer: %s", err) return } devopsClient := pb.NewDevopsClient(clientConn) // Build the login spec and login loginSpec := &pb.Secret{EnrollId: args[0], EnrollSecret: loginPW} loginResult, err := devopsClient.Login(context.Background(), loginSpec) // Check if login is successful if loginResult.Status == pb.Response_SUCCESS { // If /var/openchain/production/client/ directory does not exist, create it if _, err := os.Stat(localStore); err != nil { if os.IsNotExist(err) { // Directory does not exist, create it if err := os.Mkdir(localStore, 0755); err != nil { panic(fmt.Errorf("Fatal error when creating %s directory: %s\n", localStore, err)) } } else { // Unexpected error panic(fmt.Errorf("Fatal error on os.Stat of %s directory: %s\n", localStore, err)) } } // Store client security context into a file logger.Infof("Storing login token for user '%s'.\n", args[0]) err = ioutil.WriteFile(localStore+"loginToken_"+args[0], []byte(args[0]), 0755) if err != nil { panic(fmt.Errorf("Fatal error when storing client login token: %s\n", err)) } logger.Infof("Login successful for user '%s'.\n", args[0]) } else { err = fmt.Errorf("Error on client login: %s", string(loginResult.Msg)) return } return nil }