Merge pull request rdkcentral#5874 from npoltorapavlo/DELIA-66306_main

Merge pull request rdkcentral#5801 from npoltorapavlo/DELIA-66306

CloudStore/CHANGELOG.md

@@ -16,6 +16,12 @@ All notable changes to this RDK Service will be documented in this file.
 
 * For more details, refer to [versioning](https://github.com/rdkcentral/rdkservices#versioning) section under Main README.
 
+## [1.0.2] - 2024-11-19
+### Fixed
+- Set up idle timer
+- Log grpc endpoint on startup
+- Get security token on startup only
+
 ## [1.0.1] - 2024-09-17
 ### Fixed
 - Decouple notification, add timeouts

CloudStore/CloudStore.cpp

@@ -24,7 +24,7 @@
 
 #define API_VERSION_NUMBER_MAJOR 1
 #define API_VERSION_NUMBER_MINOR 0
-#define API_VERSION_NUMBER_PATCH 1
+#define API_VERSION_NUMBER_PATCH 2
 
 namespace WPEFramework {
 
@@ -78,6 +78,26 @@ namespace Plugin {
 
         Core::SystemInfo::SetEnvironment(URI_ENV, uri);
 
+        SYSLOG(Logging::Startup, (_T("grpc endpoint is %s"), uri.c_str()));
+
+        string token;
+        auto security = _service->QueryInterfaceByCallsign<
+            PluginHost::IAuthenticate>("SecurityAgent");
+        if (security != nullptr) {
+            string payload = "http://localhost";
+            auto ret = security->CreateToken(
+                static_cast<uint16_t>(payload.length()),
+                reinterpret_cast<const uint8_t*>(payload.c_str()),
+                token);
+            if (ret != Core::ERROR_NONE) {
+                SYSLOG(Logging::Startup,
+                    (_T("Couldn't create token: %d"), ret));
+            }
+            security->Release();
+        }
+
+        Core::SystemInfo::SetEnvironment(TOKEN_ENV, token);
+
         _service->Register(&_notification);
 
         _store2 = _service->Root<Exchange::IStore2>(_connectionId, RPC::CommunicationTimeOut, _T("CloudStoreImplementation"));

CloudStore/Module.h

@@ -30,16 +30,16 @@
 #endif
 
 #define URI_ENV "CLOUDSTORE_URI"
+#define TOKEN_ENV "CLOUDSTORE_TOKEN"
 #define IARM_INIT_NAME "Thunder_Plugins"
 #define URI_RFC "Device.DeviceInfo.X_RDKCENTRAL-COM_RFC.CloudStore.Uri"
 #define PARTNER_ID_FILENAME "/opt/www/authService/partnerId3.dat"
 #define ACCOUNT_ID_FILENAME "/opt/www/authService/said.dat"
 #define DEVICE_ID_FILENAME "/opt/www/authService/xdeviceid.dat"
-#define SECURITY_AGENT_FILENAME "/tmp/SecurityAgent/token"
 #define IARM_TIMEOUT 1000
-#define COM_RPC_TIMEOUT 1000
 #define JSON_RPC_TIMEOUT 2000
 #define GRPC_TIMEOUT 3000
+#define IDLE_TIMEOUT 30000
 
 #undef EXTERNAL
 #define EXTERNAL

CloudStore/grpc/Store2.h

@@ -69,12 +69,13 @@ namespace Plugin {
 
         public:
             Store2()
-                : Store2(getenv(URI_ENV))
+                : Store2(getenv(URI_ENV), getenv(TOKEN_ENV))
             {
             }
-            Store2(const string& uri)
+            Store2(const string& uri, const string& token)
                 : IStore2()
                 , _uri(uri)
+                , _token(token)
                 , _authorization((_uri.find("localhost") == string::npos) && (_uri.find("0.0.0.0") == string::npos))
             {
                 Open();
@@ -84,14 +85,16 @@ namespace Plugin {
         private:
             void Open()
             {
+                grpc::ChannelArguments args;
+                args.SetInt(GRPC_ARG_CLIENT_IDLE_TIMEOUT_MS, IDLE_TIMEOUT);
                 std::shared_ptr<grpc::ChannelCredentials> creds;
                 if (_authorization) {
                     creds = grpc::SslCredentials(grpc::SslCredentialsOptions());
                 } else {
                     creds = grpc::InsecureChannelCredentials();
                 }
                 _stub = ::distp::gateway::secure_storage::v1::SecureStorageService::NewStub(
-                    grpc::CreateChannel(_uri, creds));
+                    grpc::CreateCustomChannel(_uri, creds, args));
             }
 
         private:
@@ -115,47 +118,14 @@ namespace Plugin {
 #endif
                 return true;
             }
-            string GetSecurityToken() const
-            {
-                // Get actual token, as it may change at any time...
-                string result;
-
-                const char* endpoint = ::getenv(_T("SECURITYAGENT_PATH"));
-                if (endpoint == nullptr) {
-                    endpoint = SECURITY_AGENT_FILENAME;
-                }
-                auto engine = Core::ProxyType<RPC::InvokeServerType<1, 0, 4>>::Create();
-                auto client = Core::ProxyType<RPC::CommunicatorClient>::Create(
-                    Core::NodeId(endpoint),
-                    Core::ProxyType<Core::IIPCServer>(engine));
-
-                auto interface = client->Open<PluginHost::IAuthenticate>(
-                    _T("SecurityAgent"),
-                    static_cast<uint32_t>(~0),
-                    COM_RPC_TIMEOUT); // Timeout
-                if (interface != nullptr) {
-                    string payload = _T("http://localhost");
-                    // If main process is out of threads, this can time out, and IPC will mess up...
-                    auto error = interface->CreateToken(
-                        static_cast<uint16_t>(payload.length()),
-                        reinterpret_cast<const uint8_t*>(payload.c_str()),
-                        result);
-                    if (error != Core::ERROR_NONE) {
-                        TRACE(Trace::Error, (_T("security token error %d"), error));
-                    }
-                    interface->Release();
-                }
-
-                return result;
-            }
             string GetToken() const
             {
                 // Get actual token, as it may change at any time...
                 string result;
 
                 Core::SystemInfo::SetEnvironment(_T("THUNDER_ACCESS"), (_T("127.0.0.1:9998")));
                 auto link = Core::ProxyType<JSONRPC::LinkType<Core::JSON::IElement>>::Create(
-                    _T("org.rdk.AuthService"), _T(""), false, "token=" + GetSecurityToken());
+                    _T("org.rdk.AuthService"), _T(""), false, "token=" + _token);
 
                 JsonObject json;
                 auto status = link->Invoke<JsonObject, JsonObject>(
@@ -430,6 +400,7 @@ namespace Plugin {
 
         private:
             const string _uri;
+            const string _token;
             const bool _authorization;
             std::unique_ptr<::distp::gateway::secure_storage::v1::SecureStorageService::Stub> _stub;
             std::list<INotification*> _clients;

CloudStore/grpc/l0test/Store2Test.cpp

@@ -48,7 +48,7 @@ class AStore2 : public Test {
         : workerPool(WPEFramework::Core::ProxyType<WorkerPoolImplementation>::Create(
               WPEFramework::Core::Thread::DefaultStackSize()))
         , server(kUri, &service)
-        , store2(WPEFramework::Core::ProxyType<Store2>::Create(kUri))
+        , store2(WPEFramework::Core::ProxyType<Store2>::Create(kUri, ""))
     {
         WPEFramework::Core::IWorkerPool::Assign(&(*workerPool));
     }

CloudStore/l0test/ServiceMock.h

@@ -52,7 +52,7 @@ class ServiceMock : public WPEFramework::PluginHost::IShell,
     MOCK_METHOD(void, Register, (IShell::ICOMLink::INotification*), (override));
     MOCK_METHOD(void, Unregister, (const IShell::ICOMLink::INotification*), (override));
     MOCK_METHOD(WPEFramework::RPC::IRemoteConnection*, RemoteConnection, (const uint32_t), (override));
-    MOCK_METHOD(void*, Instantiate, (const WPEFramework::RPC::Object&, const uint32_t, uint32_t&), (override));
+    MOCK_METHOD(void*, Instantiate, (WPEFramework::RPC::Object&, const uint32_t, uint32_t&), (override));
     MOCK_METHOD(WPEFramework::RPC::IStringIterator*, GetLibrarySearchPaths, (const string&), (const, override));
     BEGIN_INTERFACE_MAP(ServiceMock)
     INTERFACE_ENTRY(IShell)