Add Ping method to auth server (#3298)

gravitational · Feb 6, 2020 · ef2d20b · ef2d20b
1 parent 8f74893
commit ef2d20b
Show file tree

Hide file tree

Showing 6 changed files with 556 additions and 110 deletions.
diff --git a/lib/auth/auth_with_roles.go b/lib/auth/auth_with_roles.go
@@ -846,6 +846,21 @@ func (a *AuthWithRoles) UpdatePluginData(ctx context.Context, params services.Pl
 	}
 }
 
+// Ping gets basic info about the auth server.
+func (a *AuthWithRoles) Ping(ctx context.Context) (proto.PingResponse, error) {
+	// The Ping method does not require special permissions since it only returns
+	// basic status information.  This is an intentional design choice.  Alternative
+	// methods should be used for relaying any sensitive information.
+	cn, err := a.authServer.GetClusterName()
+	if err != nil {
+		return proto.PingResponse{}, trace.Wrap(err)
+	}
+	return proto.PingResponse{
+		ClusterName:   cn.GetClusterName(),
+		ServerVersion: teleport.Version,
+	}, nil
+}
+
 // withUpdateBy creates a child context with the AccessRequestUpdateBy
 // value set.  Expected by AuthServer.SetAccessRequestState.
 func withUpdateBy(ctx context.Context, user string) context.Context {

diff --git a/lib/auth/clt.go b/lib/auth/clt.go
@@ -2630,6 +2630,19 @@ func (c *Client) UpdatePluginData(ctx context.Context, params services.PluginDat
 	return nil
 }
 
+// Ping gets basic info about the auth server.
+func (c *Client) Ping(ctx context.Context) (proto.PingResponse, error) {
+	clt, err := c.grpc()
+	if err != nil {
+		return proto.PingResponse{}, trace.Wrap(err)
+	}
+	rsp, err := clt.Ping(ctx, &proto.PingRequest{})
+	if err != nil {
+		return proto.PingResponse{}, trail.FromGRPC(err)
+	}
+	return *rsp, nil
+}
+
 // WebService implements features used by Web UI clients
 type WebService interface {
 	// GetWebSessionInfo checks if a web sesion is valid, returns session id in case if
@@ -2851,4 +2864,7 @@ type ClientI interface {
 	// ProcessKubeCSR processes CSR request against Kubernetes CA, returns
 	// signed certificate if sucessful.
 	ProcessKubeCSR(req KubeCSR) (*KubeCSRResponse, error)
+
+	// Ping gets basic info about the auth server.
+	Ping(ctx context.Context) (proto.PingResponse, error)
 }
diff --git a/lib/auth/grpcserver.go b/lib/auth/grpcserver.go
@@ -286,6 +286,18 @@ func (g *GRPCServer) UpdatePluginData(ctx context.Context, params *services.Plug
 	return &empty.Empty{}, nil
 }
 
+func (g *GRPCServer) Ping(ctx context.Context, req *proto.PingRequest) (*proto.PingResponse, error) {
+	auth, err := g.authenticate(ctx)
+	if err != nil {
+		return nil, trail.ToGRPC(err)
+	}
+	rsp, err := auth.Ping(ctx)
+	if err != nil {
+		return nil, trail.ToGRPC(err)
+	}
+	return &rsp, nil
+}
+
 type grpcContext struct {
 	*AuthContext
 	*AuthWithRoles