Complete enroll route

python_device/src/api.py

@@ -28,7 +28,12 @@ def device_info():
     }
 
 
-def enroll_device(csr: str) -> str:
+def enroll_device(csr: str):
+    """
+    Enroll device, ie. submit CSR to API.
+
+    Certificate cannot be retrieved before device is validated.
+    """
     res = requests.post(
         f"{args.secure_origin}/devices_api/mgmt/enroll",
         json={"csr": csr, "info": device_info()},
@@ -37,4 +42,3 @@ def enroll_device(csr: str) -> str:
     if res.status_code < 200 or res.status_code > 299:
         print(res.text)
         raise Exception(f"Enrollment failed with status {res.status_code}")
-    return res.text

python_device/src/args.py

@@ -21,5 +21,6 @@ args.secure_origin_path = os.path.join(args.storage, "SECURE_ORIGIN")
 args.root_ca_path = os.path.join(args.storage, "root_ca.crt")
 args.dev_priv_key_path = os.path.join(args.storage, "dev.key")
 args.dev_csr_path = os.path.join(args.storage, "dev.csr")
+args.dev_enroll_marker = os.path.join(args.storage, "ENROLL_SUBMITTED")
 args.dev_crt_path = os.path.join(args.storage, "dev.crt")
 args.relay_gpios_list = list(map(lambda x: int(x), args.relay_gpios.split(",")))

python_device/src/main.py

@@ -44,10 +44,14 @@ if not os.path.isfile(args.dev_csr_path):
         f.write(csr)
 
 print("Check device enrollment...")
-if not os.path.isfile(args.dev_crt_path):
+if not os.path.isfile(args.dev_enroll_marker):
     with open(args.dev_csr_path, "r") as f:
         csr = "".join(f.read())
 
     print("Enrolling device...")
     crt = api.enroll_device(csr)
-    print("res" + crt)
+    
+    with open(args.dev_enroll_marker, "w") as f:
+        f.write("submitted")
+
+# TODO : "intelligent" enrollment management (re-enroll if cancelled)