Skip to content

Commit

Permalink
fix(federation): give some time to prepare both servers
Browse files Browse the repository at this point in the history
- when this background job runs, while the current server was not being
  added as trusted_server in the other instance, yet, the secret sharing
  would not be attempted again, without visual feedback.
- the change allows 5 attempts, which gives more than 20minutes to
  complete. More do not really help as the endpoint is brute force
  protected.

Signed-off-by: Arthur Schiwon <blizzz@arthur-schiwon.de>
  • Loading branch information
blizzz committed Apr 11, 2024
1 parent e70cf9c commit 3c29f5e
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 5 deletions.
10 changes: 8 additions & 2 deletions apps/federation/lib/BackgroundJob/RequestSharedSecret.php
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,7 @@ protected function run($argument) {
// if we received a unexpected response we try again later
if (
$status !== Http::STATUS_OK
&& $status !== Http::STATUS_FORBIDDEN
&& ($status !== Http::STATUS_FORBIDDEN || $this->getAttempt() < 5)
) {
$this->retainJob = true;
}
Expand All @@ -173,14 +173,20 @@ protected function reAddJob(array $argument): void {
$url = $argument['url'];
$created = isset($argument['created']) ? (int)$argument['created'] : $this->time->getTime();
$token = $argument['token'];
$attempt = $this->getAttempt() + 1;

$this->jobList->add(
RequestSharedSecret::class,
[
'url' => $url,
'token' => $token,
'created' => $created
'created' => $created,
'attempt' => $attempt
]
);
}

protected function getAttempt(): int {
return $this->argument['attempt'] ?? 0;
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -142,6 +142,7 @@ public function testStart($isTrustedServer, $retainBackgroundJob) {
'url' => 'url',
'token' => 'token',
'created' => 42,
'attempt' => 1,
]
);
} else {
Expand All @@ -164,12 +165,12 @@ public function dataTestStart() {
*
* @param int $statusCode
*/
public function testRun($statusCode) {
public function testRun($statusCode, int $attempt = 0) {
$target = 'targetURL';
$source = 'sourceURL';
$token = 'token';

$argument = ['url' => $target, 'token' => $token];
$argument = ['url' => $target, 'token' => $token, 'attempt' => $attempt];

$this->timeFactory->method('getTime')->willReturn(42);

Expand All @@ -196,7 +197,7 @@ public function testRun($statusCode) {
$this->invokePrivate($this->requestSharedSecret, 'run', [$argument]);
if (
$statusCode !== Http::STATUS_OK
&& $statusCode !== Http::STATUS_FORBIDDEN
&& ($statusCode !== Http::STATUS_FORBIDDEN || $attempt < 5)
) {
$this->assertTrue($this->invokePrivate($this->requestSharedSecret, 'retainJob'));
} else {
Expand All @@ -207,6 +208,7 @@ public function testRun($statusCode) {
public function dataTestRun() {
return [
[Http::STATUS_OK],
[Http::STATUS_FORBIDDEN, 5],
[Http::STATUS_FORBIDDEN],
[Http::STATUS_CONFLICT],
];
Expand Down

0 comments on commit 3c29f5e

Please sign in to comment.