jens/flipper
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

More logs around certificates and token generation

Browse Source 
Summary: Useful for triaging defects

Reviewed By: passy

Differential Revision: D49186779

fbshipit-source-id: 743746444ce6e28753434a63d1bee2989cf4f66a
This commit is contained in:
Lorenzo Blasa
2023-09-13 04:06:58 -07:00
committed by Facebook GitHub Bot
parent a52757aadf
commit 93d94c9fc3
1 changed files with 14 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
desktop/flipper-server-core/src/app-connectivity/certificate-exchange/certificate-utils.tsx
View File

@@ -81,7 +81,7 @@ export const loadSecureServerConfig = async (): Promise<SecureServerConfig> => {
await ensureOpenSSLIsAvailable(); await ensureOpenSSLIsAvailable();
await certificateSetup(); await certificateSetup();
await generateAuthToken();
const [key, cert, ca] = await Promise.all([ const [key, cert, ca] = await Promise.all([
fs.readFile(serverKey), fs.readFile(serverKey),
fs.readFile(serverCert), fs.readFile(serverCert),
@@ -158,12 +158,20 @@ const ensureServerCertExists = async (): Promise<void> => {
fs.pathExists(serverCert), fs.pathExists(serverCert),
fs.pathExists(caCert), fs.pathExists(caCert),
]).then((exist) => exist.every(Boolean)); ]).then((exist) => exist.every(Boolean));
if (!allExist) { if (!allExist) {
return generateServerCertificate(); console.info('No certificates were found, generating new ones');
await generateServerCertificate();
await generateAuthToken();
return;
} }
try { try {
console.info('Checking for certificates validity');
await checkCertIsValid(serverCert); await checkCertIsValid(serverCert);
console.info('Checking certificate was issued by current CA');
await verifyServerCertWasIssuedByCA(); await verifyServerCertWasIssuedByCA();
} catch (e) { } catch (e) {
console.warn('Not all certs are valid, generating new ones', e); console.warn('Not all certs are valid, generating new ones', e);
@@ -174,7 +182,7 @@ const ensureServerCertExists = async (): Promise<void> => {
const generateServerCertificate = async (): Promise<void> => { const generateServerCertificate = async (): Promise<void> => {
await ensureCertificateAuthorityExists(); await ensureCertificateAuthorityExists();
console.warn('Creating new server cert', logTag); console.warn('Creating new server certificate');
await openssl('genrsa', {out: serverKey, '2048': false}); await openssl('genrsa', {out: serverKey, '2048': false});
await openssl('req', { await openssl('req', {
new: true, new: true,
@@ -300,6 +308,7 @@ const exportTokenToManifest = async (
}; };
export const generateAuthToken = async () => { export const generateAuthToken = async () => {
console.info('Generate client authentication token');
const config = getFlipperServerConfig(); const config = getFlipperServerConfig();
const privateKey = await fs.readFile(serverKey); const privateKey = await fs.readFile(serverKey);
@@ -310,7 +319,9 @@ export const generateAuthToken = async () => {
await fs.writeFile(serverAuthToken, token); await fs.writeFile(serverAuthToken, token);
console.info('Token generated and saved to disk');
if (config.environmentInfo.isHeadlessBuild) { if (config.environmentInfo.isHeadlessBuild) {
console.info('Token exported to manifest');
await exportTokenToManifest(config, token); await exportTokenToManifest(config, token);
} }