jwt is burned if context already loaded

[qrkourier]

The app doesn't allow loading an identity with the same name, but it will start enrollment and consume the JWT before it errors. It would be better if it checked for the colliding name first or just allowed two identities with the same name.

[dovholuknf]

Please provide steps to reproduce

[qrkourier]

1. In console, create identity "testid" and download "testid.jwt"
2. In app, add identity "testid.jwt"
3. In console, delete identity "testid"
4. In console, create identity "testid" and download "testid.jwt"
5. In app, add identity "testid.jwt"
6. In app, observe error "context already loaded"
7. In app, forget identity "testid"
8. In app, add identity "testid.jwt"
9. In app, observe error "enrollment failed" (because JWT was already burned)
10. In console, re-create identity "testid" and download "testid.jwt"
11. In app, add identitity "testid" SUCCESS

[JeremyTellier]

This is a service thing, should be in the tunnel repo.

[qrkourier]

@scareything I reproduced this with 0.22.19. ZET enrolls the new identity successfully before refusing to load the identity with a colliding context name. I think it should check for a collision before enrolling to avoid burning the token.

❯ ziti-edge-tunnel add --jwt "$(< /tmp/jwt)" --identity miniziti-client
received response <{"Success":false,"Error":"context already loaded","Code":500}
>

zet.log