Skip to content

Commit 566120d

Browse files
thomasm-ttdthomasm-ttd
authored
Merge pull request #1082 from IABTechLab/tjm-UID2-4246-only-shutdown-on-401
Only shut the operator down when receiving an AttestationFailure response from Core
2 parents e08e05e + 2f87dae commit 566120d

4 files changed

Lines changed: 20 additions & 16 deletions

File tree

pom.xml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@
66

77
<groupId>com.uid2</groupId>
88
<artifactId>uid2-operator</artifactId>
9-
<version>5.40.106</version>
9+
<version>5.40.107-alpha-111-SNAPSHOT</version>
1010

1111
<properties>
1212
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -22,7 +22,7 @@
2222
<enclave-aws.version>2.1.0</enclave-aws.version>
2323
<enclave-azure.version>2.1.0</enclave-azure.version>
2424
<enclave-gcp.version>2.1.0</enclave-gcp.version>
25-
<uid2-shared.version>7.19.0</uid2-shared.version>
25+
<uid2-shared.version>7.20.0</uid2-shared.version>
2626
<image.version>${project.version}</image.version>
2727
<maven.compiler.source>21</maven.compiler.source>
2828
<maven.compiler.target>21</maven.compiler.target>

src/main/java/com/uid2/operator/Main.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -467,14 +467,14 @@ public DistributionStatisticConfig configure(Meter.Id id, DistributionStatisticC
467467
.register(globalRegistry);
468468
}
469469

470-
private Map.Entry<UidCoreClient, UidOptOutClient> createUidClients(Vertx vertx, String attestationUrl, String clientApiToken, Handler<Pair<Integer, String>> responseWatcher) throws Exception {
470+
private Map.Entry<UidCoreClient, UidOptOutClient> createUidClients(Vertx vertx, String attestationUrl, String clientApiToken, Handler<Pair<AttestationResponseCode, String>> responseWatcher) throws Exception {
471471
AttestationResponseHandler attestationResponseHandler = getAttestationTokenRetriever(vertx, attestationUrl, clientApiToken, responseWatcher);
472472
UidCoreClient coreClient = new UidCoreClient(clientApiToken, CloudUtils.defaultProxy, attestationResponseHandler);
473473
UidOptOutClient optOutClient = new UidOptOutClient(clientApiToken, CloudUtils.defaultProxy, attestationResponseHandler);
474474
return new AbstractMap.SimpleEntry<>(coreClient, optOutClient);
475475
}
476476

477-
private AttestationResponseHandler getAttestationTokenRetriever(Vertx vertx, String attestationUrl, String clientApiToken, Handler<Pair<Integer, String>> responseWatcher) throws Exception {
477+
private AttestationResponseHandler getAttestationTokenRetriever(Vertx vertx, String attestationUrl, String clientApiToken, Handler<Pair<AttestationResponseCode, String>> responseWatcher) throws Exception {
478478
String enclavePlatform = this.config.getString(Const.Config.EnclavePlatformProp);
479479
String operatorType = this.config.getString(Const.Config.OperatorTypeProp, "");
480480

src/main/java/com/uid2/operator/vertx/OperatorShutdownHandler.java

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,8 @@
11
package com.uid2.operator.vertx;
22

33
import com.uid2.operator.service.ShutdownService;
4+
import com.uid2.shared.attest.AttestationResponseCode;
5+
import lombok.extern.java.Log;
46
import org.slf4j.Logger;
57
import org.slf4j.LoggerFactory;
68
import software.amazon.awssdk.utils.Pair;
@@ -52,12 +54,12 @@ public void logSaltFailureAtInterval() {
5254
}
5355
}
5456

55-
public void handleAttestResponse(Pair<Integer, String> response) {
56-
if (response.left() == 401) {
57-
LOGGER.error("core attestation failed with 401, shutting down operator, core response: " + response.right());
57+
public void handleAttestResponse(Pair<AttestationResponseCode, String> response) {
58+
if (response.left() == AttestationResponseCode.AttestationFailure) {
59+
LOGGER.error("core attestation failed with AttestationFailure, shutting down operator, core response: {}", response.right());
5860
this.shutdownService.Shutdown(1);
5961
}
60-
if (response.left() == 200) {
62+
if (response.left() == AttestationResponseCode.Success) {
6163
attestFailureStartTime.set(null);
6264
} else {
6365
Instant t = attestFailureStartTime.get();

src/test/java/com/uid2/operator/OperatorShutdownHandlerTest.java

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@
55
import ch.qos.logback.core.read.ListAppender;
66
import com.uid2.operator.service.ShutdownService;
77
import com.uid2.operator.vertx.OperatorShutdownHandler;
8+
import com.uid2.shared.attest.AttestationResponseCode;
89
import io.vertx.core.Vertx;
910
import io.vertx.junit5.VertxExtension;
1011
import io.vertx.junit5.VertxTestContext;
@@ -51,17 +52,18 @@ void afterEach() throws Exception {
5152
}
5253

5354
@Test
54-
void shutdownOnAttest401(VertxTestContext testContext) {
55+
void shutdownOnAttestFailure(VertxTestContext testContext) {
5556
ListAppender<ILoggingEvent> logWatcher = new ListAppender<>();
5657
logWatcher.start();
5758
((Logger) LoggerFactory.getLogger(OperatorShutdownHandler.class)).addAppender(logWatcher);
5859

5960
// Revoke auth
6061
try {
61-
this.operatorShutdownHandler.handleAttestResponse(Pair.of(401, "Unauthorized"));
62+
this.operatorShutdownHandler.handleAttestResponse(Pair.of(AttestationResponseCode.AttestationFailure, "Unauthorized"));
6263
} catch (RuntimeException e) {
6364
verify(shutdownService).Shutdown(1);
64-
Assertions.assertTrue(logWatcher.list.get(0).getFormattedMessage().contains("core attestation failed with 401, shutting down operator, core response: "));
65+
String message = logWatcher.list.get(0).getFormattedMessage();
66+
Assertions.assertEquals("core attestation failed with AttestationFailure, shutting down operator, core response: Unauthorized", logWatcher.list.get(0).getFormattedMessage());
6567
testContext.completeNow();
6668
}
6769
}
@@ -72,11 +74,11 @@ void shutdownOnAttestFailedTooLong(VertxTestContext testContext) {
7274
logWatcher.start();
7375
((Logger) LoggerFactory.getLogger(OperatorShutdownHandler.class)).addAppender(logWatcher);
7476

75-
this.operatorShutdownHandler.handleAttestResponse(Pair.of(500, ""));
77+
this.operatorShutdownHandler.handleAttestResponse(Pair.of(AttestationResponseCode.RetryableFailure, ""));
7678

7779
when(clock.instant()).thenAnswer(i -> Instant.now().plus(12, ChronoUnit.HOURS).plusSeconds(60));
7880
try {
79-
this.operatorShutdownHandler.handleAttestResponse(Pair.of(500, ""));
81+
this.operatorShutdownHandler.handleAttestResponse(Pair.of(AttestationResponseCode.RetryableFailure, ""));
8082
} catch (RuntimeException e) {
8183
verify(shutdownService).Shutdown(1);
8284
Assertions.assertTrue(logWatcher.list.get(0).getFormattedMessage().contains("core attestation has been in failed state for too long. shutting down operator"));
@@ -90,13 +92,13 @@ void attestRecoverOnSuccess(VertxTestContext testContext) {
9092
logWatcher.start();
9193
((Logger) LoggerFactory.getLogger(OperatorShutdownHandler.class)).addAppender(logWatcher);
9294

93-
this.operatorShutdownHandler.handleAttestResponse(Pair.of(500, ""));
95+
this.operatorShutdownHandler.handleAttestResponse(Pair.of(AttestationResponseCode.RetryableFailure, ""));
9496
when(clock.instant()).thenAnswer(i -> Instant.now().plus(6, ChronoUnit.HOURS));
95-
this.operatorShutdownHandler.handleAttestResponse(Pair.of(200, ""));
97+
this.operatorShutdownHandler.handleAttestResponse(Pair.of(AttestationResponseCode.Success, ""));
9698

9799
when(clock.instant()).thenAnswer(i -> Instant.now().plus(12, ChronoUnit.HOURS));
98100
assertDoesNotThrow(() -> {
99-
this.operatorShutdownHandler.handleAttestResponse(Pair.of(500, ""));
101+
this.operatorShutdownHandler.handleAttestResponse(Pair.of(AttestationResponseCode.RetryableFailure, ""));
100102
});
101103
verify(shutdownService, never()).Shutdown(anyInt());
102104
testContext.completeNow();

0 commit comments

Comments
 (0)