From fd8c8a37007c47fbeed45ab24dfdba8fc8dfef3b Mon Sep 17 00:00:00 2001 From: Aaron Klotz Date: Thu, 6 Jul 2023 09:38:17 -0600 Subject: [PATCH] client/tailscale: add API for verifying network lock signing deeplink Fixes #8539 Signed-off-by: Aaron Klotz --- client/tailscale/localclient.go | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/client/tailscale/localclient.go b/client/tailscale/localclient.go index 611a49b29..c4fff4b7d 100644 --- a/client/tailscale/localclient.go +++ b/client/tailscale/localclient.go @@ -946,6 +946,21 @@ func (lc *LocalClient) NetworkLockForceLocalDisable(ctx context.Context) error { return nil } +// NetworkLockVerifySigningDeeplink verifies the network lock deeplink contained +// in url and returns information extracted from it. +func (lc *LocalClient) NetworkLockVerifySigningDeeplink(ctx context.Context, url string) (*tka.DeeplinkValidationResult, error) { + vr := struct { + URL string + }{url} + + body, err := lc.send(ctx, "POST", "/localapi/v0/tka/verify-deeplink", 200, jsonBody(vr)) + if err != nil { + return nil, fmt.Errorf("sending verify-deeplink: %w", err) + } + + return decodeJSON[*tka.DeeplinkValidationResult](body) +} + // SetServeConfig sets or replaces the serving settings. // If config is nil, settings are cleared and serving is disabled. func (lc *LocalClient) SetServeConfig(ctx context.Context, config *ipn.ServeConfig) error {