Merge branch 'refactor' of https://github.com/loki-project/loki-messenger-public-server into refactor
This commit is contained in:
commit
9cd82b4b74
|
@ -132,6 +132,16 @@ module.exports = (app, prefix) => {
|
||||||
ok = true;
|
ok = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// need this for transpot unit tests
|
||||||
|
if (req.method.toLowerCase() === 'get' && req.path === '/users') {
|
||||||
|
ok = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
// need this for create_message unit tests
|
||||||
|
if (req.method.toLowerCase() === 'get' && req.path.match(/^\/channels\//i) && req.path.match(/\/messages\//i)) {
|
||||||
|
ok = true;
|
||||||
|
}
|
||||||
|
|
||||||
// GET /token is valid, if you're passing a token...
|
// GET /token is valid, if you're passing a token...
|
||||||
if (req.method.toLowerCase() === 'get' && req.path.match(/^\/token/i)) {
|
if (req.method.toLowerCase() === 'get' && req.path.match(/^\/token/i)) {
|
||||||
ok = true;
|
ok = true;
|
||||||
|
@ -166,7 +176,7 @@ module.exports = (app, prefix) => {
|
||||||
// if valid URL
|
// if valid URL
|
||||||
if (req.token) {
|
if (req.token) {
|
||||||
// get pubKey from token...
|
// get pubKey from token...
|
||||||
cache.getAPIUserToken(req.token, async function(usertoken, err) {
|
cache.getAPIUserToken(req.token, async function(err, usertoken) {
|
||||||
if (err) {
|
if (err) {
|
||||||
console.error('control middleware getAPIUserToken err', err);
|
console.error('control middleware getAPIUserToken err', err);
|
||||||
}
|
}
|
||||||
|
|
|
@ -354,7 +354,7 @@ function fixUpMiddleware(app) {
|
||||||
|
|
||||||
// fix up runMiddleware
|
// fix up runMiddleware
|
||||||
app.runMiddleware = function(path, options, callback) {
|
app.runMiddleware = function(path, options, callback) {
|
||||||
// console.log('app.runMiddleware', path)
|
//console.log('app.runMiddleware', path)
|
||||||
if (callback) callback = _.once(callback);
|
if (callback) callback = _.once(callback);
|
||||||
if (typeof options == "function") {
|
if (typeof options == "function") {
|
||||||
callback = options;
|
callback = options;
|
||||||
|
@ -373,7 +373,7 @@ function fixUpMiddleware(app) {
|
||||||
new_req = createReq(path, options);
|
new_req = createReq(path, options);
|
||||||
}
|
}
|
||||||
new_res = createRes(callback);
|
new_res = createRes(callback);
|
||||||
// console.log('running', new_req.path, 'against app')
|
//console.log('running', new_req.path, 'against app')
|
||||||
this(new_req, new_res);
|
this(new_req, new_res);
|
||||||
};
|
};
|
||||||
|
|
||||||
|
@ -624,6 +624,7 @@ module.exports = (app, prefix) => {
|
||||||
}, res);
|
}, res);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
// proxy version
|
||||||
app.post(prefix + '/loki/v1/secure_rpc', async (req, res) => {
|
app.post(prefix + '/loki/v1/secure_rpc', async (req, res) => {
|
||||||
res.start = Date.now()
|
res.start = Date.now()
|
||||||
//console.log('got secure_rpc', req.path);
|
//console.log('got secure_rpc', req.path);
|
||||||
|
@ -632,6 +633,7 @@ module.exports = (app, prefix) => {
|
||||||
//console.log('secure_rpc body', req.body, typeof req.body);
|
//console.log('secure_rpc body', req.body, typeof req.body);
|
||||||
|
|
||||||
if (!req.body.cipherText64) {
|
if (!req.body.cipherText64) {
|
||||||
|
console.warn('no cipherText64')
|
||||||
return sendresponse({
|
return sendresponse({
|
||||||
meta: {
|
meta: {
|
||||||
code: 400,
|
code: 400,
|
||||||
|
@ -656,6 +658,7 @@ module.exports = (app, prefix) => {
|
||||||
const ephemeralPubKey64 = req.headers['x-loki-file-server-ephemeral-key'];
|
const ephemeralPubKey64 = req.headers['x-loki-file-server-ephemeral-key'];
|
||||||
//console.log('ephemeralPubKey', ephemeralPubKey64);
|
//console.log('ephemeralPubKey', ephemeralPubKey64);
|
||||||
if (!ephemeralPubKey64 || ephemeralPubKey64.length < 32) {
|
if (!ephemeralPubKey64 || ephemeralPubKey64.length < 32) {
|
||||||
|
console.warn('proxy ephemeralPubKey64 error', ephemeralPubKey64)
|
||||||
return sendresponse({
|
return sendresponse({
|
||||||
meta: {
|
meta: {
|
||||||
code: 400,
|
code: 400,
|
||||||
|
@ -700,6 +703,7 @@ module.exports = (app, prefix) => {
|
||||||
try {
|
try {
|
||||||
decrypted = await libsignal.crypto.decrypt(symKey, ciphertext, iv);
|
decrypted = await libsignal.crypto.decrypt(symKey, ciphertext, iv);
|
||||||
} catch(e) {
|
} catch(e) {
|
||||||
|
console.warn('proxy decrypt error')
|
||||||
return sendresponse({
|
return sendresponse({
|
||||||
meta: {
|
meta: {
|
||||||
code: 400,
|
code: 400,
|
||||||
|
@ -712,6 +716,7 @@ module.exports = (app, prefix) => {
|
||||||
try {
|
try {
|
||||||
requestObj = JSON.parse(decrypted.toString());
|
requestObj = JSON.parse(decrypted.toString());
|
||||||
} catch(e) {
|
} catch(e) {
|
||||||
|
console.warn('proxy parse unencrypted error')
|
||||||
sendresponse({
|
sendresponse({
|
||||||
meta: {
|
meta: {
|
||||||
code: 400,
|
code: 400,
|
||||||
|
@ -721,6 +726,7 @@ module.exports = (app, prefix) => {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//console.log('JSON decoded', requestObj);
|
||||||
const fakeReq = await createFakeReq(req, requestObj)
|
const fakeReq = await createFakeReq(req, requestObj)
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -92,6 +92,7 @@ const updateUserAccess = () => {
|
||||||
for(const pubKey in disk_config.whitelist) {
|
for(const pubKey in disk_config.whitelist) {
|
||||||
// translate pubKey to id of user
|
// translate pubKey to id of user
|
||||||
cache.getUserID(pubKey, (err, user) => {
|
cache.getUserID(pubKey, (err, user) => {
|
||||||
|
if (err) console.error('lib.config::updateUserAccess - getUserID err', err)
|
||||||
if (user) {
|
if (user) {
|
||||||
whitelist_access[user.id] = true;
|
whitelist_access[user.id] = true;
|
||||||
} else {
|
} else {
|
||||||
|
|
2
server
2
server
|
@ -1 +1 @@
|
||||||
Subproject commit 92d3b604aeabbb6bda36b4e21cbcfe2d3cd5aa04
|
Subproject commit 055724ad798a9059fea94f03778de143f8c3d087
|
|
@ -396,6 +396,10 @@ const runIntegrationTests = async (ourKey, ourPubKeyHex) => {
|
||||||
//userid = await getUserID(ourPubKeyHex);
|
//userid = await getUserID(ourPubKeyHex);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
describe('transport tests', function() {
|
||||||
|
require('./tests/transport/transport.js')(testInfo);
|
||||||
|
});
|
||||||
|
|
||||||
// test moderator security...
|
// test moderator security...
|
||||||
describe('moderator security tests', function() {
|
describe('moderator security tests', function() {
|
||||||
it('cant promote to moderator', async function() {
|
it('cant promote to moderator', async function() {
|
||||||
|
@ -726,9 +730,7 @@ const runIntegrationTests = async (ourKey, ourPubKeyHex) => {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
describe('transport tests', function() {
|
// overlayApi.token is banned at this point...
|
||||||
require('./tests/transport/transport.js')(testInfo);
|
|
||||||
});
|
|
||||||
// I don't think there's any need to test our nodepomf glue...
|
// I don't think there's any need to test our nodepomf glue...
|
||||||
// I don't think I have enough time to write test for control
|
// I don't think I have enough time to write test for control
|
||||||
}
|
}
|
||||||
|
|
|
@ -289,6 +289,18 @@ module.exports = (testInfo) => {
|
||||||
});
|
});
|
||||||
it('lsrpc get/submit challenge', async function() {
|
it('lsrpc get/submit challenge', async function() {
|
||||||
const ephemeralKey = libsignal.curve.generateKeyPair();
|
const ephemeralKey = libsignal.curve.generateKeyPair();
|
||||||
|
// whitelist support for this test
|
||||||
|
if (testInfo.config.inWhiteListMode()) {
|
||||||
|
// need to allow this
|
||||||
|
var oldToken = testInfo.platformApi.token // backup
|
||||||
|
const modToken = await testInfo.selectModToken(testInfo.channelId);
|
||||||
|
testInfo.platformApi.token = modToken // switch to mod
|
||||||
|
const result = await testInfo.platformApi.serverRequest('loki/v1/moderation/whitelist/@' + ephemeralKey.pubKey.toString('hex'), {
|
||||||
|
method: 'POST',
|
||||||
|
});
|
||||||
|
assert.equal(200, result.statusCode);
|
||||||
|
testInfo.platformApi.token = oldToken // restore
|
||||||
|
}
|
||||||
const getChalPayloadObj = {
|
const getChalPayloadObj = {
|
||||||
// I think this is a stream, we may need to collect it all?
|
// I think this is a stream, we may need to collect it all?
|
||||||
body: null,
|
body: null,
|
||||||
|
|
Loading…
Reference in New Issue