user-owned DAVs

scripts/integration/verify-stack

@@ -10,9 +10,29 @@ source "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/../lib/runtime-env.sh"
 control_health="$(curl -fsS "http://localhost:${BETTERNAS_CONTROL_PLANE_PORT}/health")"
 echo "$control_health" | jq -e '.service == "control-plane" and .status == "ok"' >/dev/null
 
+auth_payload="$(jq -nc --arg username "$BETTERNAS_USERNAME" --arg password "$BETTERNAS_PASSWORD" '{username: $username, password: $password}')"
+session_token="$({
+  curl -fsS \
+    -X POST \
+    -H 'Content-Type: application/json' \
+    -d "$auth_payload" \
+    "http://localhost:${BETTERNAS_CONTROL_PLANE_PORT}/api/v1/auth/login" \
+    | jq -er '.token'
+} 2>/dev/null || true)"
+if [[ -z "$session_token" ]]; then
+  session_token="$({
+    curl -fsS \
+      -X POST \
+      -H 'Content-Type: application/json' \
+      -d "$auth_payload" \
+      "http://localhost:${BETTERNAS_CONTROL_PLANE_PORT}/api/v1/auth/register" \
+      | jq -er '.token'
+  })"
+fi
+
 export_id=""
 for _ in {1..30}; do
-  exports_response="$(curl -fsS -H "Authorization: Bearer ${BETTERNAS_CONTROL_PLANE_CLIENT_TOKEN}" "http://localhost:${BETTERNAS_CONTROL_PLANE_PORT}/api/v1/exports")"
+  exports_response="$(curl -fsS -H "Authorization: Bearer ${session_token}" "http://localhost:${BETTERNAS_CONTROL_PLANE_PORT}/api/v1/exports")"
   export_id="$({
     echo "$exports_response" | jq -er \
       'map(select(.mountPath == "/dav/")) | .[0].id? // empty'
@@ -32,14 +52,14 @@ mount_profile="$({
   curl -fsS \
     -X POST \
     -H 'Content-Type: application/json' \
-    -H "Authorization: Bearer ${BETTERNAS_CONTROL_PLANE_CLIENT_TOKEN}" \
+    -H "Authorization: Bearer ${session_token}" \
     -d "{\"exportId\":\"${export_id}\"}" \
     "http://localhost:${BETTERNAS_CONTROL_PLANE_PORT}/api/v1/mount-profiles/issue"
 })"
 echo "$mount_profile" | jq -e --arg expected "$BETTERNAS_EXAMPLE_MOUNT_URL" '.protocol == "webdav" and .mountUrl == $expected and .credential.mode == "basic-auth"' >/dev/null
 
-BETTERNAS_EXAMPLE_MOUNT_USERNAME="$(echo "$mount_profile" | jq -er '.credential.username')"
-BETTERNAS_EXAMPLE_MOUNT_PASSWORD="$(echo "$mount_profile" | jq -er '.credential.password')"
+BETTERNAS_EXAMPLE_MOUNT_USERNAME="${BETTERNAS_USERNAME}"
+BETTERNAS_EXAMPLE_MOUNT_PASSWORD="${BETTERNAS_PASSWORD}"
 export BETTERNAS_EXAMPLE_MOUNT_USERNAME
 export BETTERNAS_EXAMPLE_MOUNT_PASSWORD
 "$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)/verify-webdav"
@@ -48,7 +68,7 @@ cloud_profile="$({
   curl -fsS \
     -X POST \
     -H 'Content-Type: application/json' \
-    -H "Authorization: Bearer ${BETTERNAS_CONTROL_PLANE_CLIENT_TOKEN}" \
+    -H "Authorization: Bearer ${session_token}" \
     -d "{\"userId\":\"integration-user\",\"exportId\":\"${export_id}\",\"provider\":\"nextcloud\"}" \
     "http://localhost:${BETTERNAS_CONTROL_PLANE_PORT}/api/v1/cloud-profiles/issue"
 })"

scripts/lib/agent-env.sh

@@ -130,10 +130,8 @@ betternas_write_agent_env_file() {
     betternas_write_env_assignment "BETTERNAS_NEXTCLOUD_PORT" "$nextcloud_port"
     betternas_write_env_assignment "BETTERNAS_EXPORT_PATH" ".state/${clone_name}/export"
     betternas_write_env_assignment "BETTERNAS_VERSION" "local-dev"
-    betternas_write_env_assignment "BETTERNAS_CONTROL_PLANE_CLIENT_TOKEN" "${clone_name}-local-client-token"
-    betternas_write_env_assignment "BETTERNAS_CONTROL_PLANE_NODE_BOOTSTRAP_TOKEN" "${clone_name}-local-node-bootstrap-token"
-    betternas_write_env_assignment "BETTERNAS_DAV_AUTH_SECRET" "${clone_name}-local-dav-auth-secret"
-    betternas_write_env_assignment "BETTERNAS_DAV_CREDENTIAL_TTL" "1h"
+    betternas_write_env_assignment "BETTERNAS_USERNAME" "${clone_name}-user"
+    betternas_write_env_assignment "BETTERNAS_PASSWORD" "${clone_name}-password123"
     betternas_write_env_assignment "BETTERNAS_NODE_MACHINE_ID" "${clone_name}-node"
     betternas_write_env_assignment "BETTERNAS_NODE_DISPLAY_NAME" "${clone_name} node"
     betternas_write_env_assignment "BETTERNAS_NODE_DIRECT_ADDRESS" "http://localhost:${node_agent_port}"

scripts/lib/runtime-env.sh

@@ -31,10 +31,8 @@ read -r default_nextcloud_port default_node_agent_port default_control_plane_por
 : "${BETTERNAS_NODE_AGENT_PORT:=$default_node_agent_port}"
 : "${BETTERNAS_NEXTCLOUD_PORT:=$default_nextcloud_port}"
 : "${BETTERNAS_VERSION:=local-dev}"
-: "${BETTERNAS_CONTROL_PLANE_CLIENT_TOKEN:=${BETTERNAS_CLONE_NAME}-local-client-token}"
-: "${BETTERNAS_CONTROL_PLANE_NODE_BOOTSTRAP_TOKEN:=${BETTERNAS_CLONE_NAME}-local-node-bootstrap-token}"
-: "${BETTERNAS_DAV_AUTH_SECRET:=${BETTERNAS_CLONE_NAME}-local-dav-auth-secret}"
-: "${BETTERNAS_DAV_CREDENTIAL_TTL:=1h}"
+: "${BETTERNAS_USERNAME:=${BETTERNAS_CLONE_NAME}-user}"
+: "${BETTERNAS_PASSWORD:=${BETTERNAS_CLONE_NAME}-password123}"
 : "${BETTERNAS_NODE_MACHINE_ID:=${BETTERNAS_CLONE_NAME}-node}"
 : "${BETTERNAS_NODE_DISPLAY_NAME:=${BETTERNAS_CLONE_NAME} node}"
 : "${NEXTCLOUD_ADMIN_USER:=admin}"
@@ -62,10 +60,8 @@ export BETTERNAS_NODE_AGENT_PORT
 export BETTERNAS_NEXTCLOUD_PORT
 export BETTERNAS_EXPORT_PATH
 export BETTERNAS_VERSION
-export BETTERNAS_CONTROL_PLANE_CLIENT_TOKEN
-export BETTERNAS_CONTROL_PLANE_NODE_BOOTSTRAP_TOKEN
-export BETTERNAS_DAV_AUTH_SECRET
-export BETTERNAS_DAV_CREDENTIAL_TTL
+export BETTERNAS_USERNAME
+export BETTERNAS_PASSWORD
 export BETTERNAS_NODE_MACHINE_ID
 export BETTERNAS_NODE_DISPLAY_NAME
 export NEXTCLOUD_ADMIN_USER