fix: Resend the inventory when the device has reauthenticated

[jo-lund]

When using mutual TLS authentication the devices are authenticated by the gateway and will be automatically authorized in the server. This reauthentication happens without posting any error codes to the callback when polling for new deployments. Need to instead explcitly check if the device has reauthenticated and clear the inventory cache if that's the case.

Ticket: MEN-7820
Changelog: None

External Contributor Checklist

🚨 Please review the guidelines for contributing to this repository.

• Make sure that all commits follow the conventional commit specification for the Mender project.

The majority of our contributions are fixes, which means your commit should have
the form below:

fix: <SHORT DESCRIPTION OF FIX>

<OPTIONAL LONGER DESCRIPTION>

Changelog: <USER-FRIENDLY-CHANGE-DESCRIPTION> or <None>
Ticket: <TICKET NUMBER> or <None>

• Make sure that all commits are signed with git --signoff. Also note that the signoff author must match the author of the commit.

Description

Please describe your pull request.

Thank you!

[mender-test-bot]

@jo-lund, Let me know if you want to start the integration pipeline by mentioning me and the command "start pipeline".

---

my commands and options

You can trigger a pipeline on multiple prs with:

• mentioning me and start pipeline --pr mender/127 --pr mender-connect/255

You can start a fast pipeline, disabling full integration tests with:

• mentioning me and start pipeline --fast

You can trigger GitHub->GitLab branch sync with:

• mentioning me and sync

You can cherry pick to a given branch or branches with:

• mentioning me and:

 cherry-pick to:
 * 1.0.x
 * 2.0.x

[vpodzime]

Squash the two commits, please. Looks good to me otherwise although I have to admit I had to study the surrounding code for quite a while. Even though it was me who wrote it.

[lluiscampos]

Great to receive your first contribution @jo-lund 🙌

The code looks good, the bug was were I suspected 🐞 🔍

This change honors a changelog entry, though. The rule of thumb is to ask "is this change release-able? Does it bring a feature or fixes a bug? Then a changelog entry is due"

You can write some user friendly text or just use Changelog: Title to use the title of the commit during the release of the software.

Also, you should be able to run the pipeline yourself. I'll follow-up on this privately.

[jo-lund]

@mender-test-bot start pipeline

[mender-test-bot]

Hello 😺 I created a pipeline for you here: Pipeline-1585816169

Build Configuration Matrix

Key	Value
BUILD_BEAGLEBONEBLACK	true
BUILD_CLIENT	true
BUILD_QEMUX86_64_BIOS_GRUB	true
BUILD_QEMUX86_64_BIOS_GRUB_GPT	true
BUILD_QEMUX86_64_UEFI_GRUB	true
BUILD_VEXPRESS_QEMU	true
BUILD_VEXPRESS_QEMU_FLASH	true
BUILD_VEXPRESS_QEMU_UBOOT_UEFI_GRUB	true
INTEGRATION_REV	master
MENDER_ARTIFACT_REV	master
MENDER_BINARY_DELTA_REV	master
MENDER_CLI_REV	master
MENDER_CONFIGURE_MODULE_REV	master
MENDER_CONNECT_REV	master
MENDER_CONVERT_REV	master
MENDER_GATEWAY_REV	master
MENDER_REV	pull/1714/head
MENDER_SETUP_REV	master
MENDER_SNAPSHOT_REV	master
MONITOR_CLIENT_REV	master
RUN_INTEGRATION_TESTS	true
TEST_QEMUX86_64_BIOS_GRUB	true
TEST_QEMUX86_64_BIOS_GRUB_GPT	true
TEST_QEMUX86_64_UEFI_GRUB	true
TEST_VEXPRESS_QEMU	true
TEST_VEXPRESS_QEMU_FLASH	true
TEST_VEXPRESS_QEMU_UBOOT_UEFI_GRUB	true

[danielskinstad]

As Lluis said, you should probably set a changelog here, and you'll also need to rebase your PR on top of master :)

[lluiscampos]

@jo-lund After a very long conversation with @vpodzime, we caught two other places where a similar fix is needed.

1. Similar handling from SubmitInventoryState. Both on explicit UnauthorizedError and on success with http_client.HasReauthenticated

This was missing already from my original fix at #1678. If a device would have a longer poll interval than inventory submit interval (as possible use case, a device that only uses troubleshoot + inventory with a poll interval of once a year) then the clearing of Inventory data cached won't be handled.

2. A clear of the Inventory data cached from the D-Bus signal handler. Namely in HandleReceivedToken

There is a race condition when a 3rd party tool (a Mender add-on, or any other user software that uses our D-Bus API) does the re-authentication while mender-update is waiting for the next interval to expire. Then on next interval (poll interval, or inventory interval - it is irrelevant) the state machine only sees a successful reply and no http_client.HasReauthenticated to be detected.