diff --git a/services/identity/Dockerfile b/services/identity/Dockerfile index 0c1a4f758..10c0e55b9 100644 --- a/services/identity/Dockerfile +++ b/services/identity/Dockerfile @@ -1,35 +1,41 @@ FROM rust:1.67 RUN apt-get update && DEBIAN_FRONTEND=noninteractive apt-get install -y \ - protobuf-compiler && rm -rf /var/lib/apt/lists/* + build-essential cmake git libgtest-dev libssl-dev zlib1g-dev \ + && rm -rf /var/lib/apt/lists/* + +# Install more recent version of protobuf, must be ran as root +COPY scripts/install_protobuf.sh ../../scripts/install_protobuf.sh +RUN ../../scripts/install_protobuf.sh # Create a new user comm and use it to run subsequent commands RUN useradd -m comm USER comm # The build.rs script depends on rustfmt RUN rustup component add rustfmt RUN mkdir -p /home/comm/app/identity WORKDIR /home/comm/app/identity RUN cargo init --bin COPY services/identity/Cargo.toml services/identity/Cargo.lock ./ COPY shared/comm-opaque ../../shared/comm-opaque COPY shared/comm-opaque2 ../../shared/comm-opaque2 # Cache build dependencies in a new layer RUN cargo build --release RUN rm src/*.rs COPY services/identity . COPY shared/protos/identity.proto ../../shared/protos/ +COPY shared/protos/identity_client.proto ../../shared/protos/ # Remove the previously-built binary so that only the application itself is # rebuilt RUN rm ./target/release/deps/identity* RUN cargo build --release RUN target/release/identity keygen CMD ["./target/release/identity", "server"] diff --git a/services/identity/build.rs b/services/identity/build.rs index 7a5c3d9ff..130ea9a81 100644 --- a/services/identity/build.rs +++ b/services/identity/build.rs @@ -1,4 +1,13 @@ fn main() -> Result<(), Box> { - tonic_build::compile_protos("../../shared/protos/identity.proto")?; + tonic_build::configure() + .build_server(true) + .build_client(false) + .compile( + &[ + "../../shared/protos/identity.proto", + "../../shared/protos/identity_client.proto", + ], + &["../../shared/protos/"], + )?; Ok(()) } diff --git a/services/identity/src/client_service.rs b/services/identity/src/client_service.rs new file mode 100644 index 000000000..608602b41 --- /dev/null +++ b/services/identity/src/client_service.rs @@ -0,0 +1,117 @@ +pub mod client_proto { + tonic::include_proto!("identity.client"); +} + +use crate::client_service::client_proto::{ + DeleteUserRequest, DeviceKeysForUserRequest, DeviceKeysForUserResponse, + Empty, GenerateNonceResponse, KeyserverKeysRequest, KeyserverKeysResponse, + OpaqueLoginFinishRequest, OpaqueLoginFinishResponse, OpaqueLoginStartRequest, + OpaqueLoginStartResponse, RefreshUserPreKeysRequest, + RegistrationFinishRequest, RegistrationFinishResponse, + RegistrationStartRequest, RegistrationStartResponse, + UpdateUserPasswordFinishRequest, UpdateUserPasswordFinishResponse, + UpdateUserPasswordStartRequest, UpdateUserPasswordStartResponse, + UploadOneTimeKeysRequest, WalletLoginRequest, WalletLoginResponse, +}; +pub use client_proto::identity_client_service_server::{ + IdentityClientService, IdentityClientServiceServer, +}; + +#[derive(derive_more::Constructor)] +pub struct ClientService {} + +#[tonic::async_trait] +impl IdentityClientService for ClientService { + async fn register_password_user_start( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } + + async fn register_password_user_finish( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } + + async fn update_user_password_start( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> + { + unimplemented!(); + } + + async fn update_user_password_finish( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> + { + unimplemented!(); + } + + async fn login_password_user_start( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } + + async fn login_password_user_finish( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } + + async fn login_wallet_user( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } + + async fn delete_user( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } + + async fn generate_nonce( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } + + async fn get_device_keys_for_user( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } + + async fn get_keyserver_keys( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } + + async fn upload_one_time_keys( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } + + async fn refresh_user_pre_keys( + &self, + _request: tonic::Request, + ) -> Result, tonic::Status> { + unimplemented!(); + } +} diff --git a/services/identity/src/main.rs b/services/identity/src/main.rs index 60cbd7533..1d13d8749 100644 --- a/services/identity/src/main.rs +++ b/services/identity/src/main.rs @@ -1,69 +1,78 @@ use clap::{Parser, Subcommand}; use database::DatabaseClient; use interceptor::check_auth; use tonic::transport::Server; use tracing_subscriber::FmtSubscriber; +mod client_service; mod config; mod constants; mod database; mod interceptor; mod keygen; mod nonce; mod pake_grpc; mod service; mod token; use config::load_config; use constants::{IDENTITY_SERVICE_SOCKET_ADDR, SECRETS_DIRECTORY}; use keygen::generate_and_persist_keypair; use service::{IdentityKeyserverServiceServer, MyIdentityService}; use tracing::info; +use client_service::{ClientService, IdentityClientServiceServer}; + #[derive(Parser)] #[clap(author, version, about, long_about = None)] #[clap(propagate_version = true)] struct Cli { #[clap(subcommand)] command: Commands, } #[derive(Subcommand)] enum Commands { /// Runs the server Server, /// Generates and persists a keypair to use for PAKE registration and login Keygen { #[clap(short, long)] #[clap(default_value_t = String::from(SECRETS_DIRECTORY))] dir: String, }, /// Populates the `identity-users` table in DynamoDB from MySQL PopulateDB, } #[tokio::main] async fn main() -> Result<(), Box> { let subscriber = FmtSubscriber::new(); tracing::subscriber::set_global_default(subscriber)?; let cli = Cli::parse(); match &cli.command { Commands::Keygen { dir } => { generate_and_persist_keypair(dir)?; } Commands::Server => { load_config(); let addr = IDENTITY_SERVICE_SOCKET_ADDR.parse()?; let aws_config = aws_config::from_env().region("us-east-2").load().await; let database_client = DatabaseClient::new(&aws_config); let server = MyIdentityService::new(database_client); - let svc = + let keyserver_service = IdentityKeyserverServiceServer::with_interceptor(server, check_auth); + let client_server = + IdentityClientServiceServer::new(ClientService::new()); info!("Listening to gRPC traffic on {}", addr); - Server::builder().add_service(svc).serve(addr).await?; + Server::builder() + .add_service(keyserver_service) + .add_service(client_server) + .serve(addr) + .await?; } Commands::PopulateDB => unimplemented!(), } Ok(()) }