kanade-shared 0.41.0

Shared wire types, NATS subject helpers, KV constants, YAML manifest schema, and teravars-backed config loader for the kanade endpoint-management system
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153

//! `system.handshake` types (SPEC §2.12.6).
//!
//! Every KLP connection's first request. Negotiates the protocol
//! version and the agent's optional features, and returns the
//! OS-derived session info (user SID + console session id + pc_id)
//! the client uses to label its UI and audit-log entries.
//!
//! Until handshake completes, the agent rejects every other method
//! with [`super::error::ErrorKind::InvalidRequest`] (SPEC §2.12.6
//! "Handshake 未完了の状態で他 method を呼ぶと -32600 InvalidRequest").

use serde::{Deserialize, Serialize};

/// The single protocol version KLP v1 ships with. Listed in
/// [`HandshakeParams::protocol`] by the client; the agent picks the
/// highest mutually-supported version into
/// [`HandshakeResult::protocol`]. If no overlap, the agent returns
/// [`super::error::ErrorKind::StaleProtocol`].
pub const PROTOCOL_V1: u32 = 1;

/// `system.handshake` request params.
#[derive(Serialize, Deserialize, schemars::JsonSchema, Debug, Clone)]
pub struct HandshakeParams {
    /// Client identifier (e.g. `"kanade-client"`). Free-form, used
    /// for the audit log + tracing spans. Agent does not gate on
    /// this — alternate clients (test harnesses, ops CLI) are fine.
    pub client: String,
    /// Client binary version (semver). Surfaced into the audit log.
    pub client_version: String,
    /// All protocol versions the client can speak. The agent picks
    /// the highest mutually-supported version into
    /// [`HandshakeResult::protocol`]. Length must be ≥ 1 — an empty
    /// array returns `InvalidParams`.
    pub protocol: Vec<u32>,
    /// Optional features the client wants to use. Agent answers
    /// with its own [`HandshakeResult::features`] set; the
    /// intersection is what's actually live for this connection.
    /// Defaults to `[]` for clients that need only the core methods.
    #[serde(default)]
    pub features: Vec<String>,
}

/// `system.handshake` response result.
#[derive(Serialize, Deserialize, schemars::JsonSchema, Debug, Clone)]
pub struct HandshakeResult {
    /// Protocol version the agent picked from
    /// [`HandshakeParams::protocol`].
    pub protocol: u32,
    /// Agent binary version. Drives the client's "Agent version
    /// mismatch — restart?" toast.
    pub agent_version: String,
    /// Features the agent itself supports. Per SPEC §2.12.6 this
    /// MAY be a superset of what the client asked for — the client
    /// is expected to enable only the intersection.
    pub features: Vec<String>,
    /// Session identity (SPEC §2.12.4) — agent reads this from the
    /// OS at connect time, not from the client payload, so the
    /// values here are authoritative.
    pub session: HandshakeSession,
}

/// Session info derived from the OS at connect time, surfaced back
/// to the client so the UI can label "logged in as
/// `DOMAIN\\alice`" without a second round-trip.
#[derive(Serialize, Deserialize, schemars::JsonSchema, Debug, Clone)]
pub struct HandshakeSession {
    /// `DOMAIN\\username` (Windows) or `username` (Linux/macOS).
    /// Derived from the OS token, not the payload.
    pub user: String,
    /// Console / RDP session id (Windows). On Linux/macOS this is
    /// the UID (which serves the same "which interactive shell is
    /// the caller in" role).
    pub session_id: u32,
    /// The PC's `pc_id` (matches the agent's `pc_id` everywhere
    /// else — `Heartbeat`, `ExecResult`, audit log, …). Carried in
    /// the handshake so the client's UI doesn't need a separate
    /// "which PC am I?" call.
    pub pc_id: String,
}

/// Well-known feature flag names. New flags are added here so the
/// agent + client + dispatcher all share one source of truth. SPEC
/// §2.12.6 says optional methods MUST be gated via these flags so
/// older clients/agents degrade gracefully.
pub mod features {
    pub const PUSH_NOTIFICATIONS: &str = "push.notifications";
    pub const PUSH_JOBS: &str = "push.jobs";
    pub const PUSH_STATE: &str = "push.state";
    pub const SUPPORT_DIAGNOSTICS: &str = "support.diagnostics";
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn handshake_params_round_trips_through_json() {
        let p = HandshakeParams {
            client: "kanade-client".into(),
            client_version: "0.1.0".into(),
            protocol: vec![PROTOCOL_V1],
            features: vec![
                features::PUSH_NOTIFICATIONS.into(),
                features::PUSH_JOBS.into(),
                features::PUSH_STATE.into(),
            ],
        };
        let json = serde_json::to_string(&p).unwrap();
        let back: HandshakeParams = serde_json::from_str(&json).unwrap();
        assert_eq!(back.client, "kanade-client");
        assert_eq!(back.client_version, "0.1.0");
        assert_eq!(back.protocol, vec![PROTOCOL_V1]);
        assert!(back.features.contains(&"push.notifications".to_string()));
    }

    #[test]
    fn handshake_params_accepts_missing_features() {
        // Older / lighter clients may omit `features` entirely. The
        // serde default keeps the decode green.
        let wire = r#"{"client":"kanade-client","client_version":"0.0.1","protocol":[1]}"#;
        let p: HandshakeParams = serde_json::from_str(wire).unwrap();
        assert!(p.features.is_empty());
    }

    #[test]
    fn handshake_result_spec_example_decodes() {
        // Verbatim from SPEC §2.12.6 — pinned so a struct rename
        // can't silently break the documented contract.
        let wire = r#"{
            "protocol": 1,
            "agent_version": "0.4.0",
            "features": ["push.notifications","push.jobs","push.state","support.diagnostics"],
            "session": {"user":"DOMAIN\\alice","session_id":2,"pc_id":"PC1234"}
        }"#;
        let r: HandshakeResult = serde_json::from_str(wire).expect("decode");
        assert_eq!(r.protocol, 1);
        assert_eq!(r.agent_version, "0.4.0");
        assert_eq!(r.features.len(), 4);
        assert_eq!(r.session.user, "DOMAIN\\alice");
        assert_eq!(r.session.session_id, 2);
        assert_eq!(r.session.pc_id, "PC1234");
    }

    #[test]
    fn handshake_protocol_negotiation_supports_multiple_versions() {
        // When v2 lands, clients will advertise `protocol:[1,2]`.
        // The struct must accept multi-element arrays today so the
        // upgrade path doesn't need a wire change.
        let wire = r#"{"client":"c","client_version":"0.0.1","protocol":[1,2,3]}"#;
        let p: HandshakeParams = serde_json::from_str(wire).unwrap();
        assert_eq!(p.protocol, vec![1, 2, 3]);
    }
}