Automatically download certificate on Python device

2024-07-03 22:19:56 +02:00
parent 9cba9c5f0a
commit 6ad50657a5
4 changed files with 50 additions and 2 deletions
--- a/central_backend/src/server/devices_api/mgmt_controller.rs
+++ b/central_backend/src/server/devices_api/mgmt_controller.rs
@ -1,3 +1,4 @@
+use crate::app_config::AppConfig;
 use crate::devices::device::{DeviceId, DeviceInfo};
 use crate::energy::energy_actor;
 use crate::server::custom_error::HttpResult;
@ -73,7 +74,7 @@ pub async fn enroll(req: web::Json<EnrollRequest>, actor: WebEnergyActor) -> Htt
 }

 #[derive(serde::Deserialize)]
-pub struct EnrollmentStatusQuery {
+pub struct ReqWithDevID {
    id: DeviceId,
 }

@ -87,7 +88,7 @@ enum EnrollmentDeviceStatus {

 /// Check device enrollment status
 pub async fn enrollment_status(
-    query: web::Query<EnrollmentStatusQuery>,
+    query: web::Query<ReqWithDevID>,
    actor: WebEnergyActor,
 ) -> HttpResult {
    let dev = actor
@ -102,3 +103,24 @@ pub async fn enrollment_status(

    Ok(HttpResponse::Ok().json(status))
 }
+
+/// Get device certificate
+pub async fn get_certificate(query: web::Query<ReqWithDevID>, actor: WebEnergyActor) -> HttpResult {
+    let dev = actor
+        .send(energy_actor::GetSingleDevice(query.id.clone()))
+        .await?;
+
+    let dev = match dev {
+        Some(d) if d.validated => d,
+        _ => {
+            log::error!("Device attempted to retrieve an unavailable certificate!");
+            return Ok(HttpResponse::UnprocessableEntity().json("Certificate not available yet!"));
+        }
+    };
+
+    let cert = std::fs::read(AppConfig::get().device_cert_path(&dev.id))?;
+
+    Ok(HttpResponse::Ok()
+        .content_type("application/x-pem-file")
+        .body(cert))
+}
--- a/central_backend/src/server/servers.rs
+++ b/central_backend/src/server/servers.rs
@ -160,6 +160,10 @@ pub async fn secure_server(energy_actor: EnergyActorAddr) -> anyhow::Result<()>
                "/devices_api/mgmt/enrollment_status",
                web::get().to(mgmt_controller::enrollment_status),
            )
+            .route(
+                "/devices_api/mgmt/get_certificate",
+                web::get().to(mgmt_controller::get_certificate),
+            )
    })
    .bind_openssl(&AppConfig::get().listen_address, builder)?
    .run()