diff --git a/setup/start.sh b/setup/start.sh index 130970d5f..5d1317a9d 100755 --- a/setup/start.sh +++ b/setup/start.sh @@ -18,10 +18,6 @@ readonly script_dir="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" source "${script_dir}/argparser.sh" "$@" # this injects the arg_* variables used below -# keep this is sync with config.js appFqdn() -readonly admin_fqdn=$([[ "${arg_is_custom_domain}" == "true" ]] && echo "${ADMIN_LOCATION}.${arg_fqdn}" || echo "${ADMIN_LOCATION}-${arg_fqdn}") -readonly admin_origin="https://${admin_fqdn}" - readonly is_update=$([[ -f "${CONFIG_DIR}/cloudron.conf" ]] && echo "true" || echo "false") set_progress() { @@ -290,19 +286,6 @@ if [[ ! -z "${arg_tls_config}" ]]; then -e "REPLACE INTO settings (name, value) VALUES (\"tls_config\", '$arg_tls_config')" box fi -echo "==> Adding default clients" -# The domain might have changed, therefor we have to update the record -# !!! This needs to be in sync with the webadmin, specifically login_callback.js -readonly ADMIN_SCOPES="cloudron,developer,profile,users,apps,settings" -mysql -u root -p${mysql_root_password} \ - -e "REPLACE INTO clients (id, appId, type, clientSecret, redirectURI, scope) VALUES (\"cid-webadmin\", \"Settings\", \"built-in\", \"secret-webadmin\", \"${admin_origin}\", \"${ADMIN_SCOPES}\")" box - -mysql -u root -p${mysql_root_password} \ - -e "REPLACE INTO clients (id, appId, type, clientSecret, redirectURI, scope) VALUES (\"cid-sdk\", \"SDK\", \"built-in\", \"secret-sdk\", \"${admin_origin}\", \"*,roleSdk\")" box - -mysql -u root -p${mysql_root_password} \ - -e "REPLACE INTO clients (id, appId, type, clientSecret, redirectURI, scope) VALUES (\"cid-cli\", \"Cloudron Tool\", \"built-in\", \"secret-cli\", \"${admin_origin}\", \"*,roleSdk\")" box - set_progress "60" "Starting Cloudron" systemctl start cloudron.target diff --git a/src/clientdb.js b/src/clientdb.js index 61ce1a153..5ae93d803 100644 --- a/src/clientdb.js +++ b/src/clientdb.js @@ -10,6 +10,8 @@ exports = module.exports = { getByAppId: getByAppId, getByAppIdAndType: getByAppIdAndType, + upsert: upsert, + delByAppId: delByAppId, delByAppIdAndType: delByAppIdAndType, @@ -112,6 +114,25 @@ function add(id, appId, type, clientSecret, redirectURI, scope, callback) { }); } +function upsert(id, appId, type, clientSecret, redirectURI, scope, callback) { + assert.strictEqual(typeof id, 'string'); + assert.strictEqual(typeof appId, 'string'); + assert.strictEqual(typeof type, 'string'); + assert.strictEqual(typeof clientSecret, 'string'); + assert.strictEqual(typeof redirectURI, 'string'); + assert.strictEqual(typeof scope, 'string'); + assert.strictEqual(typeof callback, 'function'); + + var data = [ id, appId, type, clientSecret, redirectURI, scope ]; + + database.query('REPLACE INTO clients (id, appId, type, clientSecret, redirectURI, scope) VALUES (?, ?, ?, ?, ?, ?)', data, function (error, result) { + if (error && error.code === 'ER_DUP_ENTRY') return callback(new DatabaseError(DatabaseError.ALREADY_EXISTS)); + if (error || result.affectedRows === 0) return callback(new DatabaseError(DatabaseError.INTERNAL_ERROR, error)); + + callback(null); + }); +} + function del(id, callback) { assert.strictEqual(typeof id, 'string'); assert.strictEqual(typeof callback, 'function'); diff --git a/src/clients.js b/src/clients.js index 648a407bf..da064c1bc 100644 --- a/src/clients.js +++ b/src/clients.js @@ -14,6 +14,8 @@ exports = module.exports = { addClientTokenByUserId: addClientTokenByUserId, delToken: delToken, + addDefaultClients: addDefaultClients, + // keep this in sync with start.sh ADMIN_SCOPES that generates the cid-webadmin SCOPE_APPS: 'apps', SCOPE_DEVELOPER: 'developer', @@ -34,14 +36,16 @@ exports = module.exports = { TYPE_PROXY: 'addon-proxy' }; -var assert = require('assert'), - util = require('util'), - hat = require('hat'), - appdb = require('./appdb.js'), - tokendb = require('./tokendb.js'), +var appdb = require('./appdb.js'), + assert = require('assert'), async = require('async'), clientdb = require('./clientdb.js'), + config = require('./config.js'), DatabaseError = require('./databaseerror.js'), + debug = require('debug')('box:clients'), + hat = require('hat'), + tokendb = require('./tokendb.js'), + util = require('util'), uuid = require('node-uuid'); function ClientsError(reason, errorOrMessage) { @@ -304,7 +308,7 @@ function delToken(clientId, tokenId, callback) { assert.strictEqual(typeof tokenId, 'string'); assert.strictEqual(typeof callback, 'function'); - get(clientId, function (error, result) { + get(clientId, function (error) { if (error) return callback(error); tokendb.del(tokenId, function (error) { @@ -315,3 +319,20 @@ function delToken(clientId, tokenId, callback) { }); }); } + +function addDefaultClients(callback) { + assert.strictEqual(typeof callback, 'function'); + + debug('Adding default clients'); + + // The domain might have changed, therefor we have to update the record + // !!! This needs to be in sync with the webadmin, specifically login_callback.js + const ADMIN_SCOPES="cloudron,developer,profile,users,apps,settings"; + + // id, appId, type, clientSecret, redirectURI, scope + async.series([ + clientdb.upsert.bind(null, 'cid-webadmin', 'Settings', 'built-in', 'secret-webadmin', config.adminOrigin(), ADMIN_SCOPES), + clientdb.upsert.bind(null, 'cid-sdk', 'SDK', 'built-in', 'secret-sdk', config.adminOrigin(), '*,roleSdk'), + clientdb.upsert.bind(null, 'cid-cli', 'Cloudron Tool', 'built-in', 'secret-cli', config.adminOrigin(), '*, roleSdk') + ], callback); +} diff --git a/src/cloudron.js b/src/cloudron.js index a95f0a8b1..814620436 100644 --- a/src/cloudron.js +++ b/src/cloudron.js @@ -151,6 +151,7 @@ function onConfigured(callback) { platform.events.on(platform.EVENT_READY, onPlatformReady); async.series([ + clients.addDefaultClients, cron.initialize, certificates.ensureFallbackCertificate, platform.initialize, // requires fallback certs in mail container