Enhance Client Initialization and Authentication Configuration (#137)

This commit enhances the initialization process for clients, introducing a configuration options for client-application via API. The addition of a Reset function allows the application to transition to an uninitialized state, providing users the flexibility to choose between X509 and PreSharedKey device authentication methods. This update empowers remote clients connected to plgd-hub, allowing seamless configuration of device authentication to meet specific requirements.

Changes Introduced:
Client Initialization:

Enables configuration of client application during the initialization process via UI
Introduces a Reset function to transition the application to an uninitialized state.
Authentication Methods:

Provides support for both X509 and PreSharedKey device authentication methods from UI
Code Reusability and Maintainability:

Implements changes to the Devices pages by leveraging code from the shared UI repository (shared-ui).
Enhances code reusability and maintainability across projects.

---------

Co-authored-by: Patrik Matiaško <patrik.matiasko@gmail.com>

Author: jkralik

pb/get_configuration.pb.go

@@ -78,6 +78,7 @@ message GetConfigurationResponse {
     enum DeviceAuthenticationMode {
         PRE_SHARED_KEY = 0;
         X509 = 1;
+        UNINITIALIZED = 2;
     };
     string version = 1; // deprecated, use build_info.version
     string build_date = 2; // deprecated, use build_info.build_date

pb/get_configuration.proto

@@ -27,6 +27,8 @@ message InitializePreSharedKey {
     string subject_id = 1;
     // Associated secret to the client application ID. Only first 16bytes is used.
     string key = 2;
+    // If true, the client application will be save subject_id and key to the persistent storage.
+    bool save = 3;
 }
 
 message InitializeX509 {

pb/initialize.pb.go

@@ -939,7 +939,8 @@
       "type": "string",
       "enum": [
         "PRE_SHARED_KEY",
-        "X509"
+        "X509",
+        "UNINITIALIZED"
       ],
       "default": "PRE_SHARED_KEY"
     },
@@ -1324,6 +1325,10 @@
         "key": {
           "type": "string",
           "description": "Associated secret to the client application ID. Only first 16bytes is used."
+        },
+        "save": {
+          "type": "boolean",
+          "description": "If true, the client application will be save subject_id and key to the persistent storage."
         }
       }
     },

pb/initialize.proto

@@ -195,8 +195,9 @@ func (c *PreSharedKeyConfig) Validate() error {
 type Authentication string
 
 const (
-	AuthenticationPreSharedKey Authentication = "preSharedKey"
-	AuthenticationX509         Authentication = "x509"
+	AuthenticationPreSharedKey  Authentication = "preSharedKey"
+	AuthenticationX509          Authentication = "x509"
+	AuthenticationUninitialized Authentication = "uninitialized"
 )
 
 type TLSConfig struct {
@@ -207,6 +208,7 @@ type TLSConfig struct {
 func (c *TLSConfig) Validate() error {
 	switch c.Authentication {
 	case AuthenticationX509:
+	case AuthenticationUninitialized:
 	case AuthenticationPreSharedKey:
 		if err := c.PreSharedKey.Validate(); err != nil {
 			return fmt.Errorf("preSharedKey.%w", err)
@@ -276,7 +278,7 @@ var defaultConfig = Config{
 			SZXStr:  "1024",
 		},
 		TLS: TLSConfig{
-			Authentication: AuthenticationPreSharedKey,
+			Authentication: AuthenticationUninitialized,
 			PreSharedKey: PreSharedKeyConfig{
 				SubjectIDStr: "",
 				Key:          "",

pb/service.swagger.json

@@ -42,7 +42,6 @@ import (
 	udpClient "github.com/plgd-dev/go-coap/v3/udp/client"
 	udpServer "github.com/plgd-dev/go-coap/v3/udp/server"
 	"github.com/plgd-dev/hub/v2/pkg/log"
-	"go.opentelemetry.io/otel/trace"
 )
 
 type AuthenticationClient interface {
@@ -63,7 +62,6 @@ type AuthenticationClient interface {
 type Service struct {
 	getConfig            func() configDevice.Config
 	logger               log.Logger
-	tracerProvider       trace.TracerProvider
 	udp4server           *udpServer.Server
 	udp6server           *udpServer.Server
 	udp4Listener         *coapNet.UDPConn
@@ -79,14 +77,16 @@ func errClosingConnection(debugf func(fmt string, a ...any), scheme schema.Schem
 }
 
 // New creates new GRPC service
-func New(ctx context.Context, serviceName string, getConfig func() configDevice.Config, logger log.Logger, tracerProvider trace.TracerProvider) (*Service, error) {
+func New(ctx context.Context, getConfig func() configDevice.Config, logger log.Logger) (*Service, error) {
 	config := getConfig()
 	var authenticationClient AuthenticationClient
 	switch config.COAP.TLS.Authentication {
 	case configDevice.AuthenticationPreSharedKey:
 		authenticationClient = newAuthenticationPreSharedKey(getConfig)
 	case configDevice.AuthenticationX509:
 		authenticationClient = newAuthenticationX509(config)
+	case configDevice.AuthenticationUninitialized:
+		return nil, fmt.Errorf("device is not initialized")
 	}
 
 	opts := []udpServer.Option{
@@ -124,7 +124,6 @@ func New(ctx context.Context, serviceName string, getConfig func() configDevice.
 	return &Service{
 		getConfig:            getConfig,
 		logger:               logger,
-		tracerProvider:       tracerProvider,
 		udp4server:           udp4server,
 		udp6server:           udp6server,
 		udp4Listener:         udp4Listener,
@@ -368,8 +367,10 @@ func (s *Service) GetDeviceAuthenticationMode() pb.GetConfigurationResponse_Devi
 		return pb.GetConfigurationResponse_X509
 	case configDevice.AuthenticationPreSharedKey:
 		return pb.GetConfigurationResponse_PRE_SHARED_KEY
+	case configDevice.AuthenticationUninitialized:
+		return pb.GetConfigurationResponse_UNINITIALIZED
 	}
-	return pb.GetConfigurationResponse_PRE_SHARED_KEY
+	return pb.GetConfigurationResponse_UNINITIALIZED
 }
 
 func (s *Service) IsInitialized() bool {

service/config/device/config.go

@@ -19,32 +19,47 @@ package grpc
 import (
 	"context"
 	"fmt"
+	"time"
 
 	"github.com/google/uuid"
+	"github.com/hashicorp/go-multierror"
 	"github.com/plgd-dev/client-application/pb"
 )
 
-func (s *ClientApplicationServer) ClearCache(ctx context.Context, _ *pb.ClearCacheRequest) (*pb.ClearCacheResponse, error) {
-	var errors []error
-	s.devices.Range(func(key uuid.UUID, dev *device) bool {
-		s.devices.Delete(key)
-		err := dev.Close(ctx)
+func closeDevice(dev *device) error {
+	ctx, cancel := context.WithDeadline(context.Background(), time.Now().Add(time.Second))
+	defer cancel()
+	return dev.Close(ctx)
+}
+
+func closeDevices(devices map[uuid.UUID]*device) error {
+	var errors *multierror.Error
+	for key, dev := range devices {
+		err := closeDevice(dev)
 		if err != nil {
-			errors = append(errors, fmt.Errorf("cannot close device %v connections: %w", key, err))
+			errors = multierror.Append(errors, fmt.Errorf("cannot close device %v connections: %w", key, err))
 		}
-		return true
-	})
-	var err error
-	switch len(errors) {
+	}
+	if errors == nil {
+		return nil
+	}
+	switch errors.Len() {
 	case 0:
+		return nil
 	case 1:
-		err = errors[0]
+		return errors.Errors[0]
 	default:
-		err = fmt.Errorf("%v", errors)
-	}
-	if err != nil {
-		s.logger.Warnf("cannot properly clear cache: %w", err)
+		return errors
 	}
+}
 
+func (s *ClientApplicationServer) ClearCache(ctx context.Context, _ *pb.ClearCacheRequest) (*pb.ClearCacheResponse, error) {
+	devices := s.devices.LoadAndDeleteAll()
+	go func(devices map[uuid.UUID]*device) {
+		err := closeDevices(devices)
+		if err != nil {
+			s.logger.Warnf("cannot properly clear cache: %w", err)
+		}
+	}(devices)
 	return &pb.ClearCacheResponse{}, nil
 }

service/device/service.go

@@ -54,7 +54,7 @@ func (s *ClientApplicationServer) CreateResource(ctx context.Context, req *pb.Cr
 	if err != nil {
 		return nil, err
 	}
-	link, err := dev.getResourceLinkAndCheckAccess(ctx, req.GetResourceId())
+	link, err := dev.getResourceLinkAndCheckAccess(ctx, req.GetResourceId(), "")
 	if err != nil {
 		return nil, err
 	}

service/grpc/clearCache.go

@@ -39,7 +39,7 @@ func (s *ClientApplicationServer) DeleteResource(ctx context.Context, req *pb.De
 	if err != nil {
 		return nil, err
 	}
-	link, err := dev.getResourceLinkAndCheckAccess(ctx, req.GetResourceId())
+	link, err := dev.getResourceLinkAndCheckAccess(ctx, req.GetResourceId(), "")
 	if err != nil {
 		return nil, err
 	}