adam.robins.wtf / sower
Deployment and lifecycle management for Nix
0
fork

Configure Feed

Select the types of activity you want to include in your feed.

feat: provision OAuth client for existing gardens on reconnect

When an existing garden reconnects with a public_key but has no
oauth_client_id, create a Boruta client and return the client_id.
This allows existing gardens to adopt private_key_jwt auth without
losing their identity.

sow-105

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Adam C. Stephens da2a7e44 aa6682ce

+25 -5
+25 -5
apps/sower/lib/sower/orchestration/garden.ex
··· 154 154 ) 155 155 156 156 if socket.assigns.access_token |> can() |> create?(__MODULE__) do 157 - garden = update_garden(garden, %{local_sid: local_sid}) 158 - 159 - {:ok, garden} 157 + {:ok, garden} = update_garden(garden, %{local_sid: local_sid}) 158 + maybe_provision_oauth_client(garden, public_key) 160 159 else 161 160 {:error, :unauthorized_garden_hello} 162 161 end ··· 172 171 garden_sid: garden.sid 173 172 ) 174 173 175 - {:ok, garden} 174 + maybe_provision_oauth_client(garden, public_key) 176 175 177 176 %__MODULE__{} = garden 178 177 when garden.sid == garden_sid and ··· 188 187 189 188 {:ok, garden} = update_garden(garden, %{name: name}) 190 189 191 - {:ok, garden} 190 + maybe_provision_oauth_client(garden, public_key) 192 191 193 192 %__MODULE__{} = garden -> 194 193 Logger.error( ··· 224 223 Logger.error(msg: "Failed to register new garden with OAuth", error: inspect(reason)) 225 224 {:error, reason} 226 225 end 226 + end 227 + 228 + defp maybe_provision_oauth_client(%__MODULE__{oauth_client_id: nil} = garden, public_key) 229 + when is_binary(public_key) do 230 + with {:ok, client} <- Sower.GardenAuth.create_client(garden.sid, public_key), 231 + {:ok, garden} <- update_garden(garden, %{oauth_client_id: client.id}) do 232 + {:ok, garden, %{client_id: client.id}} 233 + else 234 + {:error, reason} -> 235 + Logger.error( 236 + msg: "Failed to provision OAuth client for existing garden", 237 + garden_sid: garden.sid, 238 + error: inspect(reason) 239 + ) 240 + 241 + {:ok, garden} 242 + end 243 + end 244 + 245 + defp maybe_provision_oauth_client(%__MODULE__{} = garden, _public_key) do 246 + {:ok, garden} 227 247 end 228 248 229 249 def create_garden(attrs \\ %{}) do