Commite18f466

authored

chore: enforce minimum coder server version of v2.20.0 (#90)

This will cause Coder Desktop networking to fail to start unless the validated dylib is version `v2.20.0` or later. Obviously, using this build early would mean Coder Desktop would not work against our dogfood deployment.

1 parent75f015c commite18f466Copy full SHA for e18f466

File tree

4 files changed

+92

-3

lines changed

Coder Desktop
- Coder Desktop/Views
  - LoginForm.swift
- Coder DesktopTests
  - LoginFormTests.swift
- VPN
  - Manager.swift
- VPNLib
  - Download.swift

4 files changed

+92

-3

lines changed

`‎Coder Desktop/Coder Desktop/Views/LoginForm.swift`

Lines changed: 26 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,6 @@`
`1`	`1`	`import CoderSDK`
`2`	`2`	`import SwiftUI`
	`3`	`+import VPNLib`
`3`	`4`
`4`	`5`	`structLoginForm:View{`
`5`	`6`	`@EnvironmentObjectvarstate:AppState`
`@@ -78,6 +79,22 @@ struct LoginForm: View {`
`78`	`79`	`loginError=.failedAuth(error)`
`79`	`80`	`return`
`80`	`81`	`}`
	`82`	`+letbuildInfo:BuildInfoResponse`
	`83`	`+do{`
	`84`	`+ buildInfo=tryawait client.buildInfo()`
	`85`	`+}catch{`
	`86`	`+ loginError=.failedAuth(error)`
	`87`	`+return`
	`88`	`+}`
	`89`	`+guardlet semver= buildInfo.semverelse{`
	`90`	`+ loginError=.missingServerVersion`
	`91`	`+return`
	`92`	`+}`
	`93`	`+ // x.compare(y) is .orderedDescending if x > y`
	`94`	`+guardSignatureValidator.minimumCoderVersion.compare(semver, options:.numeric)!=.orderedDescendingelse{`
	`95`	`+ loginError=.outdatedCoderVersion`
	`96`	`+return`
	`97`	`+}`
`81`	`98`	`state.login(baseAccessURL: url, sessionToken: sessionToken)`
`82`	`99`	`dismiss()`
`83`	`100`	`}`
`@@ -190,6 +207,8 @@ enum LoginError: Error {`
`190`	`207`	`case httpsRequired`
`191`	`208`	`case noHost`
`192`	`209`	`case invalidURL`
	`210`	`+case outdatedCoderVersion`
	`211`	`+case missingServerVersion`
`193`	`212`	`case failedAuth(ClientError)`
`194`	`213`
`195`	`214`	`vardescription:String{`
`@@ -200,8 +219,15 @@ enum LoginError: Error {`
`200`	`219`	`"URL must have a host"`
`201`	`220`	`case.invalidURL:`
`202`	`221`	`"Invalid URL"`
	`222`	`+case.outdatedCoderVersion:`
	`223`	`+"""`
	`224`	`+ The Coder deployment must be version\(SignatureValidator.minimumCoderVersion)`
	`225`	`+ or higher to use Coder Desktop.`
	`226`	`+"""`
`203`	`227`	`caselet.failedAuth(err):`
`204`	`228`	`"Could not authenticate with Coder deployment:\n\(err.localizedDescription)"`
	`229`	`+case.missingServerVersion:`
	`230`	`+"Coder deployment did not provide a server version"`
`205`	`231`	`}`
`206`	`232`	`}`
`207`	`233`

`‎Coder Desktop/Coder DesktopTests/LoginFormTests.swift`

Lines changed: 41 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -73,6 +73,14 @@ struct LoginTests {`
`73`	`73`	`@Test`
`74`	`74`	`func testFailedAuthentication()asyncthrows{`
`75`	`75`	`leturl=URL(string:"https://testFailedAuthentication.com")!`
	`76`	`+letbuildInfo=BuildInfoResponse(`
	`77`	`+ version:"v2.20.0"`
	`78`	`+)`
	`79`	`+tryMock(`
	`80`	`+ url: url.appendingPathComponent("/api/v2/buildinfo"),`
	`81`	`+ statusCode:200,`
	`82`	`+ data:[.get:Client.encoder.encode(buildInfo)]`
	`83`	`+).register()`
`76`	`84`	`Mock(url: url.appendingPathComponent("/api/v2/users/me"), statusCode:401, data:[.get:Data()]).register()`
`77`	`85`
`78`	`86`	`tryawaitViewHosting.host(view){`
`@@ -87,6 +95,30 @@ struct LoginTests {`
`87`	`95`	`}`
`88`	`96`	`}`
`89`	`97`
	`98`	`+@Test`
	`99`	`+func testOutdatedServer()asyncthrows{`
	`100`	`+leturl=URL(string:"https://testOutdatedServer.com")!`
	`101`	`+letbuildInfo=BuildInfoResponse(`
	`102`	`+ version:"v2.19.0"`
	`103`	`+)`
	`104`	`+tryMock(`
	`105`	`+ url: url.appendingPathComponent("/api/v2/buildinfo"),`
	`106`	`+ statusCode:200,`
	`107`	`+ data:[.get:Client.encoder.encode(buildInfo)]`
	`108`	`+).register()`
	`109`	`+`
	`110`	`+tryawaitViewHosting.host(view){`
	`111`	`+tryawait sut.inspection.inspect{ viewin`
	`112`	`+try view.find(ViewType.TextField.self).setInput(url.absoluteString)`
	`113`	`+try view.find(button:"Next").tap()`
	`114`	`+ #expect(throws:Never.self){try view.find(text:"Session Token")}`
	`115`	`+try view.find(ViewType.SecureField.self).setInput("valid-token")`
	`116`	`+tryawait view.actualView().submit()`
	`117`	`+ #expect(throws:Never.self){try view.find(ViewType.Alert.self)}`
	`118`	`+}`
	`119`	`+}`
	`120`	`+}`
	`121`	`+`
`90`	`122`	`@Test`
`91`	`123`	`func testSuccessfulLogin()asyncthrows{`
`92`	`124`	`leturl=URL(string:"https://testSuccessfulLogin.com")!`
`@@ -95,13 +127,22 @@ struct LoginTests {`
`95`	`127`	`id:UUID(),`
`96`	`128`	`username:"admin"`
`97`	`129`	`)`
	`130`	`+letbuildInfo=BuildInfoResponse(`
	`131`	`+ version:"v2.20.0"`
	`132`	`+)`
`98`	`133`
`99`	`134`	`tryMock(`
`100`	`135`	`url: url.appendingPathComponent("/api/v2/users/me"),`
`101`	`136`	`statusCode:200,`
`102`	`137`	`data:[.get:Client.encoder.encode(user)]`
`103`	`138`	`).register()`
`104`	`139`
	`140`	`+tryMock(`
	`141`	`+ url: url.appendingPathComponent("/api/v2/buildinfo"),`
	`142`	`+ statusCode:200,`
	`143`	`+ data:[.get:Client.encoder.encode(buildInfo)]`
	`144`	`+).register()`
	`145`	`+`
`105`	`146`	`tryawaitViewHosting.host(view){`
`106`	`147`	`tryawait sut.inspection.inspect{ viewin`
`107`	`148`	`try view.find(ViewType.TextField.self).setInput(url.absoluteString)`

`‎Coder Desktop/VPN/Manager.swift`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -31,9 +31,9 @@ actor Manager {`
`31`	`31`	`// The tunnel might be asked to start before the network interfaces have woken up from sleep`
`32`	`32`	`sessionConfig.waitsForConnectivity=true`
`33`	`33`	`// URLSession's waiting for connectivity sometimes hangs even when`
`34`		`- // the network is up so this is deliberately short (15s) to avoid a`
	`34`	`+ // the network is up so this is deliberately short (30s) to avoid a`
`35`	`35`	`// poor UX where it appears stuck.`
`36`		`- sessionConfig.timeoutIntervalForResource=15`
	`36`	`+ sessionConfig.timeoutIntervalForResource=30`
`37`	`37`	`tryawaitdownload(src: dylibPath, dest: dest, urlSession:URLSession(configuration: sessionConfig))`
`38`	`38`	`}catch{`
`39`	`39`	`throw.download(error)`

`‎Coder Desktop/VPNLib/Download.swift`

Lines changed: 23 additions & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -10,6 +10,7 @@ public enum ValidationError: Error {`
`10`	`10`	`case invalidTeamIdentifier(identifier:String?)`
`11`	`11`	`case missingInfoPList`
`12`	`12`	`case invalidVersion(version:String?)`
	`13`	`+case belowMinimumCoderVersion`
`13`	`14`
`14`	`15`	`publicvardescription:String{`
`15`	`16`	`switchself{`
`@@ -29,13 +30,21 @@ public enum ValidationError: Error {`
`29`	`30`	`"Invalid team identifier:\(identifier??"unknown")."`
`30`	`31`	`case.missingInfoPList:`
`31`	`32`	`"Info.plist is not embedded within the dylib."`
	`33`	`+case.belowMinimumCoderVersion:`
	`34`	`+"""`
	`35`	`+ The Coder deployment must be version\(SignatureValidator.minimumCoderVersion)`
	`36`	`+ or higher to use Coder Desktop.`
	`37`	`+"""`
`32`	`38`	`}`
`33`	`39`	`}`
`34`	`40`
`35`	`41`	`publicvarlocalizedDescription:String{ description}`
`36`	`42`	`}`
`37`	`43`
`38`	`44`	`publicclassSignatureValidator{`
	`45`	`+ // Whilst older dylibs exist, this app assumes v2.20 or later.`
	`46`	`+publicstaticletminimumCoderVersion="2.20.0"`
	`47`	`+`
`39`	`48`	`privatestaticletexpectedName="CoderVPN"`
`40`	`49`	`privatestaticletexpectedIdentifier="com.coder.Coder-Desktop.VPN.dylib"`
`41`	`50`	`privatestaticletexpectedTeamIdentifier="4399GN35BJ"`
`@@ -87,6 +96,10 @@ public class SignatureValidator {`
`87`	`96`	`throw.missingInfoPList`
`88`	`97`	`}`
`89`	`98`
	`99`	`+tryvalidateInfo(infoPlist: infoPlist, expectedVersion: expectedVersion)`
	`100`	`+}`
	`101`	`+`
	`102`	`+privatestaticfunc validateInfo(infoPlist:[String:AnyObject], expectedVersion:String)throws(ValidationError){`
`90`	`103`	`guardlet plistIdent=infoPlist[infoIdentifierKey]as?String, plistIdent== expectedIdentifierelse{`
`91`	`104`	`throw.invalidIdentifier(identifier:infoPlist[infoIdentifierKey]as?String)`
`92`	`105`	`}`
`@@ -95,11 +108,20 @@ public class SignatureValidator {`
`95`	`108`	`throw.invalidIdentifier(identifier:infoPlist[infoNameKey]as?String)`
`96`	`109`	`}`
`97`	`110`
	`111`	`+ // Downloaded dylib must match the version of the server`
`98`	`112`	`guardlet dylibVersion=infoPlist[infoShortVersionKey]as?String,`
`99`		`- expectedVersion.compare(dylibVersion, options:.numeric)!=.orderedDescending`
	`113`	`+ expectedVersion== dylibVersion`
`100`	`114`	`else{`
`101`	`115`	`throw.invalidVersion(version:infoPlist[infoShortVersionKey]as?String)`
`102`	`116`	`}`
	`117`	`+`
	`118`	`+ // Downloaded dylib must be at least the minimum Coder server version`
	`119`	`+guardlet dylibVersion=infoPlist[infoShortVersionKey]as?String,`
	`120`	`+ // x.compare(y) is .orderedDescending if x > y`
	`121`	`+ minimumCoderVersion.compare(dylibVersion, options:.numeric)!=.orderedDescending`
	`122`	`+else{`
	`123`	`+throw.belowMinimumCoderVersion`
	`124`	`+}`
`103`	`125`	`}`
`104`	`126`	`}`
`105`	`127`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commite18f466

File tree

4 files changed

4 files changed

`‎Coder Desktop/Coder Desktop/Views/LoginForm.swift`

`‎Coder Desktop/Coder DesktopTests/LoginFormTests.swift`

`‎Coder Desktop/VPN/Manager.swift`

`‎Coder Desktop/VPNLib/Download.swift`

0 commit comments