From be8489a2fd953db4d9ead52aaa08734ad729cad8 Mon Sep 17 00:00:00 2001 From: Jahziel Villasana-Espinoza Date: Thu, 23 May 2024 18:27:18 -0400 Subject: [PATCH] chore: cleanup --- server/datastore/mysql/apple_mdm.go | 4 ++-- server/fleet/service.go | 3 +++ server/mdm/apple/cert.go | 7 +------ server/service/integration_mdm_test.go | 2 +- 4 files changed, 7 insertions(+), 9 deletions(-) diff --git a/server/datastore/mysql/apple_mdm.go b/server/datastore/mysql/apple_mdm.go index 8e5d486fc1..a9b49c5ea6 100644 --- a/server/datastore/mysql/apple_mdm.go +++ b/server/datastore/mysql/apple_mdm.go @@ -4156,8 +4156,8 @@ WHERE name IN (%s) ` - var p strings.Builder var b []any + var p strings.Builder for _, an := range assetNames { b = append(b, an) p.WriteString("?,") @@ -4166,7 +4166,7 @@ WHERE stmt = fmt.Sprintf(stmt, strings.TrimSuffix(p.String(), ",")) var res []fleet.MDMConfigAsset if err := sqlx.SelectContext(ctx, ds.reader(ctx), &res, stmt, b...); err != nil { - return nil, ctxerr.Wrap(ctx, err, "checking asset existence") + return nil, ctxerr.Wrap(ctx, err, "get mdm config assets by name") } return res, nil diff --git a/server/fleet/service.go b/server/fleet/service.go index 74c767f0c1..7972462997 100644 --- a/server/fleet/service.go +++ b/server/fleet/service.go @@ -689,6 +689,9 @@ type Service interface { GetAppleBM(ctx context.Context) (*AppleBM, error) RequestMDMAppleCSR(ctx context.Context, email, org string) (*AppleCSR, error) + // GetMDMAppleCSR returns a signed CSR as a base64 encoded string for Apple MDM. The first time + // this method is called, it will create a SCEP certificate, a SCEP key, and an APNS key and + // write these to the DB. On subsequent calls, it will use the saved APNS key for generating the CSR. GetMDMAppleCSR(ctx context.Context) (string, error) // GetHostDEPAssignment retrieves the host DEP assignment for the specified host. diff --git a/server/mdm/apple/cert.go b/server/mdm/apple/cert.go index 0de6863c09..2178e5dfaf 100644 --- a/server/mdm/apple/cert.go +++ b/server/mdm/apple/cert.go @@ -143,7 +143,7 @@ func GetSignedAPNSCSR(client *http.Client, csr *x509.CertificateRequest) error { } // GetSignedAPNSCSRNoEmail makes a request to the fleetdm.com API to get a signed APNs -// CSR and returns the signed CSR +// CSR and returns the signed CSR. func GetSignedAPNSCSRNoEmail(client *http.Client, csr *x509.CertificateRequest) ([]byte, error) { csrPEM := EncodeCertRequestPEM(csr) @@ -179,11 +179,6 @@ func GetSignedAPNSCSRNoEmail(client *http.Client, csr *x509.CertificateRequest) return nil, FleetWebsiteError{Status: resp.StatusCode, message: string(respBytes)} } - // signedCSR, err := x509.ParseCertificateRequest(respBytes) - // if err != nil { - // return nil, err - // } - return respBytes, nil } diff --git a/server/service/integration_mdm_test.go b/server/service/integration_mdm_test.go index c5edc741c1..28e69a1ce0 100644 --- a/server/service/integration_mdm_test.go +++ b/server/service/integration_mdm_test.go @@ -900,7 +900,7 @@ func (s *integrationMDMTestSuite) TestGetMDMCSR() { // Check that we return bad gateway if the website API errors s.FailNextCSRRequestWith(http.StatusInternalServerError) errResp := validationErrResp{} - s.DoJSON("GET", "/api/latest/fleet/mdm/apple/request_csr", requestMDMAppleCSRRequest{EmailAddress: "a@b.c", Organization: "test"}, http.StatusBadGateway, &errResp) + s.DoJSON("GET", "/api/latest/fleet/mdm/apple/request_csr", getMDMAppleCSRRequest{}, http.StatusBadGateway, &errResp) require.Len(t, errResp.Errors, 1) require.Contains(t, errResp.Errors[0].Reason, "FleetDM CSR request failed")