From 95a6bfa0275ae79d30f80837345254dd60164e47 Mon Sep 17 00:00:00 2001
From: Mykola Kobets <mykola_kobets@epam.com>
Date: Wed, 7 Aug 2024 13:10:23 +0300
Subject: [PATCH] [iamclient] RenewCertNotification adaptation

Signed-off-by: Mykola Kobets <mykola_kobets@epam.com>
---
 amqphandler/amqphandler_test.go                          | 6 ++----
 communicationmanager.go                                  | 4 ++--
 iamclient/iamclient.go                                   | 9 ++++++++-
 iamclient/iamclient_test.go                              | 7 ++++---
 .../aosedge/aos_common/api/cloudprotocol/certificates.go | 2 +-
 5 files changed, 17 insertions(+), 11 deletions(-)

diff --git a/amqphandler/amqphandler_test.go b/amqphandler/amqphandler_test.go
index 7ae00e9c..ff0a42cc 100644
--- a/amqphandler/amqphandler_test.go
+++ b/amqphandler/amqphandler_test.go
@@ -299,11 +299,9 @@ func TestReceiveMessages(t *testing.T) {
 			expectedData: &cloudprotocol.RenewCertsNotification{
 				MessageType: cloudprotocol.RenewCertsNotificationMessageType,
 				Certificates: []cloudprotocol.RenewCertData{
-					{Type: "online", Serial: "1234", ValidTill: testTime},
+					{NodeID: "node0", Type: "online", Serial: "1234", ValidTill: testTime},
 				},
-				UnitSecret: cloudprotocol.UnitSecret{Version: 1, Data: struct {
-					OwnerPassword string `json:"ownerPassword"`
-				}{OwnerPassword: "pwd"}},
+				UnitSecrets: cloudprotocol.UnitSecrets{Version: "1.0.0", Nodes: map[string]string{"node0": "pwd"}},
 			},
 		},
 		{
diff --git a/communicationmanager.go b/communicationmanager.go
index a05aa48d..b0503844 100644
--- a/communicationmanager.go
+++ b/communicationmanager.go
@@ -394,12 +394,12 @@ func (cm *communicationManager) processMessage(message amqp.Message) (err error)
 	case *cloudprotocol.RenewCertsNotification:
 		log.Info("Receive renew certificates notification message")
 
-		if data.UnitSecret.Version != cloudprotocol.UnitSecretVersion {
+		if data.UnitSecrets.Version != cloudprotocol.UnitSecretVersion {
 			return aoserrors.New("unit secure version mismatch")
 		}
 
 		if err = cm.iam.RenewCertificatesNotification(
-			data.UnitSecret.Data.OwnerPassword, data.Certificates); err != nil {
+			data.UnitSecrets, data.Certificates); err != nil {
 			return aoserrors.Wrap(err)
 		}
 
diff --git a/iamclient/iamclient.go b/iamclient/iamclient.go
index 0aabc2b0..b2f7758d 100644
--- a/iamclient/iamclient.go
+++ b/iamclient/iamclient.go
@@ -211,7 +211,9 @@ func (client *Client) SubscribeNodeInfoChange() <-chan cloudprotocol.NodeInfo {
 }
 
 // RenewCertificatesNotification renew certificates notification.
-func (client *Client) RenewCertificatesNotification(pwd string, certInfo []cloudprotocol.RenewCertData) (err error) {
+func (client *Client) RenewCertificatesNotification(secrets cloudprotocol.UnitSecrets,
+	certInfo []cloudprotocol.RenewCertData,
+) (err error) {
 	newCerts := make([]cloudprotocol.IssueCertData, 0, len(certInfo))
 
 	for _, cert := range certInfo {
@@ -222,6 +224,11 @@ func (client *Client) RenewCertificatesNotification(pwd string, certInfo []cloud
 		ctx, cancel := context.WithTimeout(context.Background(), iamRequestTimeout)
 		defer cancel()
 
+		pwd, ok := secrets.Nodes[cert.NodeID]
+		if !ok {
+			return aoserrors.New("not found password for node: " + cert.NodeID)
+		}
+
 		request := &pb.CreateKeyRequest{Type: cert.Type, Password: pwd, NodeId: cert.NodeID}
 
 		response, err := client.certificateService.CreateKey(ctx, request)
diff --git a/iamclient/iamclient_test.go b/iamclient/iamclient_test.go
index ab84f081..15b9e6d0 100644
--- a/iamclient/iamclient_test.go
+++ b/iamclient/iamclient_test.go
@@ -188,11 +188,12 @@ func TestRenewCertificatesNotification(t *testing.T) {
 	defer client.Close()
 
 	certInfo := []cloudprotocol.RenewCertData{
-		{Type: "online", Serial: "serail1", ValidTill: time.Now()},
-		{Type: "offline", Serial: "serail2", ValidTill: time.Now()},
+		{NodeID: "node0", Type: "online", Serial: "serial1", ValidTill: time.Now()},
+		{NodeID: "node0", Type: "offline", Serial: "serial2", ValidTill: time.Now()},
 	}
+	secrets := cloudprotocol.UnitSecrets{Nodes: map[string]string{"node0": "pwd"}}
 
-	if err = client.RenewCertificatesNotification("pwd", certInfo); err != nil {
+	if err = client.RenewCertificatesNotification(secrets, certInfo); err != nil {
 		t.Fatalf("Can't process renew certificate notification: %s", err)
 	}
 
diff --git a/vendor/github.com/aosedge/aos_common/api/cloudprotocol/certificates.go b/vendor/github.com/aosedge/aos_common/api/cloudprotocol/certificates.go
index 58dc257d..526d8d54 100644
--- a/vendor/github.com/aosedge/aos_common/api/cloudprotocol/certificates.go
+++ b/vendor/github.com/aosedge/aos_common/api/cloudprotocol/certificates.go
@@ -32,7 +32,7 @@ const (
 )
 
 // UnitSecretVersion specifies supported version of UnitSecret message.
-const UnitSecretVersion = 2
+const UnitSecretVersion = "2.0.0"
 
 /***********************************************************************************************************************
  * Types