From 35b9635840f683cf2e1c3f24100b973fbfcb2fdd Mon Sep 17 00:00:00 2001
From: Jarrod Johnson <jjohnson2@lenovo.com>
Date: Mon, 28 Jun 2021 13:30:09 -0400
Subject: [PATCH] Clear armed API if current node token is used

If a node is armed, but instead unseals the prior key from TPM,
implicitly clear the armed state to avoid leaving it armed.
---
 confluent_server/confluent/selfservice.py | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/confluent_server/confluent/selfservice.py b/confluent_server/confluent/selfservice.py
index 8a87b682..19342db8 100644
--- a/confluent_server/confluent/selfservice.py
+++ b/confluent_server/confluent/selfservice.py
@@ -56,7 +56,8 @@ def handle_request(env, start_response):
         yield 'Unauthorized'
         return
     cfg = configmanager.ConfigManager(None)
-    eak = cfg.get_node_attributes(nodename, 'crypted.selfapikey').get(
+    ea = cfg.get_node_attributes(nodename, ['crypted.selfapikey', 'deployment.apiarmed'])
+    eak = ea.get(
         nodename, {}).get('crypted.selfapikey', {}).get('hashvalue', None)
     if not eak:
         start_response('401 Unauthorized', [])
@@ -67,6 +68,8 @@ def handle_request(env, start_response):
         start_response('401 Unauthorized', [])
         yield 'Unauthorized'
         return
+    if ea.get(nodename, {}).get('deployment.apiarmed', {}).get('value', None) == 'once':
+        cfg.set_node_attributes({nodename: {'deployment.apiarmed': ''}})
     retype = env.get('HTTP_ACCEPT', 'application/yaml')
     isgeneric = False
     if retype == '*/*':