Include instance id token in Cloud host heartbeats
Bug: 388885661
Change-Id: Id8067f6baa17694f1054cd1fd81eed96f4be343c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/6302194
Reviewed-by: Gary Kacmarcik <garykac@chromium.org>
Commit-Queue: Joe Downing <joedow@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1424639}
diff --git a/remoting/base/cloud_service_client.cc b/remoting/base/cloud_service_client.cc
index 0f8ebf93..5b9c3c3 100644
--- a/remoting/base/cloud_service_client.cc
+++ b/remoting/base/cloud_service_client.cc
@@ -335,11 +335,13 @@
}
void CloudServiceClient::SendHeartbeat(const std::string& directory_id,
+ std::string_view instance_identity_token,
SendHeartbeatCallback callback) {
constexpr char path[] = "/v1alpha/access:sendHeartbeat";
auto request = std::make_unique<SendHeartbeatRequest>();
request->set_directory_id(directory_id);
+ request->set_instance_identity_token(instance_identity_token);
ExecuteRequest(kSendHeartbeatTrafficAnnotation, path, /*api_key=*/"",
net::HttpRequestHeaders::kPostMethod, std::move(request),
@@ -353,6 +355,7 @@
std::optional<std::string> offline_reason,
std::optional<std::string> os_name,
std::optional<std::string> os_version,
+ std::string_view instance_identity_token,
UpdateRemoteAccessHostCallback callback) {
constexpr char path[] = "/v1alpha/access:updateRemoteAccessHost";
@@ -381,6 +384,7 @@
host->mutable_operating_system_info()->set_name(*os_name);
host->mutable_operating_system_info()->set_version(*os_version);
}
+ host->set_instance_identity_token(instance_identity_token);
ExecuteRequest(kUpdateRemoteAccessHostTrafficAnnotation, path, /*api_key=*/"",
net::HttpRequestHeaders::kPatchMethod, std::move(host),
diff --git a/remoting/base/cloud_service_client.h b/remoting/base/cloud_service_client.h
index fb5c543..cd06685 100644
--- a/remoting/base/cloud_service_client.h
+++ b/remoting/base/cloud_service_client.h
@@ -8,6 +8,7 @@
#include <memory>
#include <optional>
#include <string>
+#include <string_view>
#include "base/functional/callback_forward.h"
#include "remoting/base/protobuf_http_client.h"
@@ -99,6 +100,7 @@
ProvisionGceInstanceCallback callback);
void SendHeartbeat(const std::string& directory_id,
+ std::string_view instance_identity_token,
SendHeartbeatCallback callback);
void UpdateRemoteAccessHost(const std::string& directory_id,
@@ -107,6 +109,7 @@
std::optional<std::string> offline_reason,
std::optional<std::string> os_name,
std::optional<std::string> os_version,
+ std::string_view instance_identity_token,
UpdateRemoteAccessHostCallback callback);
void GenerateIceConfig(GenerateIceConfigCallback callback);
diff --git a/remoting/host/cloud_heartbeat_service_client.cc b/remoting/host/cloud_heartbeat_service_client.cc
index 438de22..79e96816 100644
--- a/remoting/host/cloud_heartbeat_service_client.cc
+++ b/remoting/host/cloud_heartbeat_service_client.cc
@@ -51,6 +51,18 @@
std::optional<std::string> signaling_id,
std::optional<std::string> offline_reason,
HeartbeatResponseCallback callback) {
+ instance_identity_token_getter_->RetrieveToken(base::BindOnce(
+ &CloudHeartbeatServiceClient::SendFullHeartbeatWithIdToken,
+ weak_factory_.GetWeakPtr(), is_initial_heartbeat, std::move(signaling_id),
+ std::move(offline_reason), std::move(callback)));
+}
+
+void CloudHeartbeatServiceClient::SendFullHeartbeatWithIdToken(
+ bool is_initial_heartbeat,
+ std::optional<std::string> signaling_id,
+ std::optional<std::string> offline_reason,
+ HeartbeatResponseCallback callback,
+ std::string_view instance_identity_token) {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
if (offline_reason.has_value() && !offline_reason->empty()) {
@@ -58,18 +70,18 @@
// just updating the Directory to indicate that, we don't need to send a
// heartbeat afterwards.
MakeUpdateRemoteAccessHostCall(
- signaling_id, offline_reason,
+ signaling_id, offline_reason, instance_identity_token,
base::BindOnce(&CloudHeartbeatServiceClient::OnReportHostOffline,
weak_factory_.GetWeakPtr(), std::move(callback)));
} else if (is_initial_heartbeat) {
MakeUpdateRemoteAccessHostCall(
- signaling_id, offline_reason,
+ signaling_id, offline_reason, instance_identity_token,
base::BindOnce(
&CloudHeartbeatServiceClient::OnUpdateRemoteAccessHostResponse,
weak_factory_.GetWeakPtr(), std::move(callback)));
} else {
client_->SendHeartbeat(
- directory_id_,
+ directory_id_, instance_identity_token,
base::BindOnce(&CloudHeartbeatServiceClient::OnSendHeartbeatResponse,
weak_factory_.GetWeakPtr(), std::move(callback)));
}
@@ -77,10 +89,18 @@
void CloudHeartbeatServiceClient::SendLiteHeartbeat(
HeartbeatResponseCallback callback) {
+ instance_identity_token_getter_->RetrieveToken(
+ base::BindOnce(&CloudHeartbeatServiceClient::SendLiteHeartbeatWithIdToken,
+ weak_factory_.GetWeakPtr(), std::move(callback)));
+}
+
+void CloudHeartbeatServiceClient::SendLiteHeartbeatWithIdToken(
+ HeartbeatResponseCallback callback,
+ std::string_view instance_identity_token) {
DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_);
client_->SendHeartbeat(
- directory_id_,
+ directory_id_, instance_identity_token,
base::BindOnce(&CloudHeartbeatServiceClient::OnSendHeartbeatResponse,
weak_factory_.GetWeakPtr(), std::move(callback)));
}
@@ -124,12 +144,13 @@
void CloudHeartbeatServiceClient::MakeUpdateRemoteAccessHostCall(
std::optional<std::string> signaling_id,
std::optional<std::string> offline_reason,
+ std::string_view instance_identity_token,
CloudServiceClient::UpdateRemoteAccessHostCallback callback) {
constexpr auto* host_version = STRINGIZE(VERSION);
client_->UpdateRemoteAccessHost(directory_id_, host_version, signaling_id,
offline_reason, GetHostOperatingSystemName(),
GetHostOperatingSystemVersion(),
- std::move(callback));
+ instance_identity_token, std::move(callback));
}
void CloudHeartbeatServiceClient::RunHeartbeatResponseCallback(
diff --git a/remoting/host/cloud_heartbeat_service_client.h b/remoting/host/cloud_heartbeat_service_client.h
index 9dafcf84..5ff221e 100644
--- a/remoting/host/cloud_heartbeat_service_client.h
+++ b/remoting/host/cloud_heartbeat_service_client.h
@@ -55,6 +55,15 @@
void CancelPendingRequests() override;
private:
+ // Overloads used to create callbacks for |instance_identity_token_getter_|.
+ void SendFullHeartbeatWithIdToken(bool is_initial_heartbeat,
+ std::optional<std::string> signaling_id,
+ std::optional<std::string> offline_reason,
+ HeartbeatResponseCallback callback,
+ std::string_view instance_identity_token);
+ void SendLiteHeartbeatWithIdToken(HeartbeatResponseCallback callback,
+ std::string_view instance_identity_token);
+
void OnSendHeartbeatResponse(
HeartbeatResponseCallback callback,
const HttpStatus& status,
@@ -75,6 +84,7 @@
void MakeUpdateRemoteAccessHostCall(
std::optional<std::string> signaling_id,
std::optional<std::string> offline_reason,
+ std::string_view instance_identity_token,
CloudServiceClient::UpdateRemoteAccessHostCallback callback);
void RunHeartbeatResponseCallback(HeartbeatResponseCallback callback,
