status-im
/
status-go
mirror of https://github.com/status-im/status-go.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
status-go/server/handlers.go

444 lines
12 KiB
Go
Raw Normal View History

Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
package server
import (
Added challenge middleware
2022-08-19 12:45:50 +00:00
"bytes"
"crypto/rand"
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
"database/sql"
Implement identity ring
2022-06-25 07:20:02 +00:00
"image"
Added PayloadManager and outbound pairing tests
2022-06-10 15:32:15 +00:00
"io/ioutil"
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
"net/http"
Implement identity ring
2022-06-25 07:20:02 +00:00
"net/url"
"strconv"
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
"time"
Added challenge middleware
2022-08-19 12:45:50 +00:00
"github.com/btcsuite/btcutil/base58"
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
"go.uber.org/zap"
"github.com/status-im/status-go/ipfs"
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
"github.com/status-im/status-go/multiaccounts"
Added challenge middleware
2022-08-19 12:45:50 +00:00
"github.com/status-im/status-go/protocol/common"
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
"github.com/status-im/status-go/protocol/identity/colorhash"
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
"github.com/status-im/status-go/protocol/identity/identicon"
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
"github.com/status-im/status-go/protocol/identity/ring"
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
"github.com/status-im/status-go/protocol/images"
Refactor and tie in of signal events
2022-08-31 14:31:28 +00:00
"github.com/status-im/status-go/signal"
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
)
const (
basePath = "/messages"
identiconsPath = basePath + "/identicons"
imagesPath = basePath + "/images"
audioPath = basePath + "/audio"
ipfsPath = "/ipfs"
Added PayloadManager and outbound pairing tests
2022-06-10 15:32:15 +00:00
// Handler routes for pairing
Added challenge middleware
2022-08-19 12:45:50 +00:00
pairingBase = "/pairing"
pairingSend = pairingBase + "/send"
pairingReceive = pairingBase + "/receive"
pairingChallenge = pairingBase + "/challenge"
// Session names
sessionChallenge = "challenge"
sessionBlocked = "blocked"
Implement identity ring
2022-06-25 07:20:02 +00:00
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
accountImagesPath = "/accountImages"
contactImagesPath = "/contactImages"
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
)
type HandlerPatternMap map[string]http.HandlerFunc
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
func handleAccountImages(multiaccountsDB *multiaccounts.Database, logger *zap.Logger) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
params := r.URL.Query()
Implement identity ring
2022-06-25 07:20:02 +00:00
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
keyUids, ok := params["keyUid"]
if !ok || len(keyUids) == 0 {
logger.Error("no keyUid")
return
}
imageNames, ok := params["imageName"]
if !ok || len(imageNames) == 0 {
logger.Error("no imageName")
return
}
identityImage, err := multiaccountsDB.GetIdentityImage(keyUids[0], imageNames[0])
if err != nil {
logger.Error("handleAccountImages: failed to load image.", zap.String("keyUid", keyUids[0]), zap.String("imageName", imageNames[0]), zap.Error(err))
return
}
var payload = identityImage.Payload
if ringEnabled(params) {
pks, ok := params["publicKey"]
if !ok || len(pks) == 0 {
logger.Error("no publicKey")
return
}
colorHash, err := colorhash.GenerateFor(pks[0])
if err != nil {
logger.Error("could not generate color hash")
return
}
var theme = getTheme(params, logger)
payload, err = ring.DrawRing(&ring.DrawRingParam{
Theme: theme, ColorHash: colorHash, ImageBytes: identityImage.Payload, Height: identityImage.Height, Width: identityImage.Width,
})
if err != nil {
logger.Error("failed to draw ring for account identity", zap.Error(err))
return
}
}
if len(payload) == 0 {
logger.Error("empty image")
return
}
mime, err := images.ImageMime(payload)
if err != nil {
logger.Error("failed to get mime", zap.Error(err))
}
w.Header().Set("Content-Type", mime)
w.Header().Set("Cache-Control", "no-store")
_, err = w.Write(payload)
if err != nil {
logger.Error("failed to write image", zap.Error(err))
}
Implement identity ring
2022-06-25 07:20:02 +00:00
}
}
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
func handleContactImages(db *sql.DB, logger *zap.Logger) http.HandlerFunc {
Implement identity ring
2022-06-25 07:20:02 +00:00
return func(w http.ResponseWriter, r *http.Request) {
params := r.URL.Query()
pks, ok := params["publicKey"]
if !ok || len(pks) == 0 {
logger.Error("no publicKey")
return
}
imageNames, ok := params["imageName"]
if !ok || len(imageNames) == 0 {
logger.Error("no imageName")
return
}
colorHash, err := colorhash.GenerateFor(pks[0])
if err != nil {
logger.Error("could not generate color hash")
return
}
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
var payload []byte
err = db.QueryRow(`SELECT payload FROM chat_identity_contacts WHERE contact_id = ? and image_type = ?`, pks[0], imageNames[0]).Scan(&payload)
if err != nil {
logger.Error("failed to load image.", zap.String("contact id", pks[0]), zap.String("image type", imageNames[0]), zap.Error(err))
return
}
if ringEnabled(params) {
var theme = getTheme(params, logger)
config, _, err := image.DecodeConfig(bytes.NewReader(payload))
Implement identity ring
2022-06-25 07:20:02 +00:00
if err != nil {
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
logger.Error("failed to decode config.", zap.String("contact id", pks[0]), zap.String("image type", imageNames[0]), zap.Error(err))
Implement identity ring
2022-06-25 07:20:02 +00:00
return
}
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
payload, err = ring.DrawRing(&ring.DrawRingParam{
Theme: theme, ColorHash: colorHash, ImageBytes: payload, Height: config.Height, Width: config.Width,
})
Implement identity ring
2022-06-25 07:20:02 +00:00
if err != nil {
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
logger.Error("failed to draw ring for contact image.", zap.Error(err))
Implement identity ring
2022-06-25 07:20:02 +00:00
return
}
}
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
if len(payload) == 0 {
Implement identity ring
2022-06-25 07:20:02 +00:00
logger.Error("empty image")
return
}
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
mime, err := images.ImageMime(payload)
Implement identity ring
2022-06-25 07:20:02 +00:00
if err != nil {
logger.Error("failed to get mime", zap.Error(err))
}
w.Header().Set("Content-Type", mime)
w.Header().Set("Cache-Control", "no-store")
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
_, err = w.Write(payload)
Implement identity ring
2022-06-25 07:20:02 +00:00
if err != nil {
logger.Error("failed to write image", zap.Error(err))
}
}
}
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
func ringEnabled(params url.Values) bool {
addRings, ok := params["addRing"]
return ok && len(addRings) == 1 && addRings[0] == "1"
}
Implement identity ring
2022-06-25 07:20:02 +00:00
func getTheme(params url.Values, logger *zap.Logger) ring.Theme {
theme := ring.LightTheme // default
themes, ok := params["theme"]
if ok && len(themes) > 0 {
t, err := strconv.Atoi(themes[0])
if err != nil {
logger.Error("invalid param[theme], value: " + themes[0])
} else {
theme = ring.Theme(t)
}
}
return theme
}
Added challenge middleware
2022-08-19 12:45:50 +00:00
func handleIdenticon(logger *zap.Logger) http.HandlerFunc {
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
return func(w http.ResponseWriter, r *http.Request) {
Implement identity ring
2022-06-25 07:20:02 +00:00
params := r.URL.Query()
pks, ok := params["publicKey"]
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
if !ok || len(pks) == 0 {
logger.Error("no publicKey")
return
}
pk := pks[0]
image, err := identicon.Generate(pk)
if err != nil {
logger.Error("could not generate identicon")
}
Use image server for all kind of images and integrate identity rings
2022-08-07 07:35:54 +00:00
if image != nil && ringEnabled(params) {
Implement identity ring
2022-06-25 07:20:02 +00:00
colorHash, err := colorhash.GenerateFor(pk)
if err != nil {
logger.Error("could not generate color hash")
return
}
theme := getTheme(params, logger)
image, err = ring.DrawRing(&ring.DrawRingParam{
Theme: theme, ColorHash: colorHash, ImageBytes: image, Height: identicon.Height, Width: identicon.Width,
})
if err != nil {
logger.Error("failed to draw ring", zap.Error(err))
}
}
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
w.Header().Set("Content-Type", "image/png")
w.Header().Set("Cache-Control", "max-age:290304000, public")
w.Header().Set("Expires", time.Now().AddDate(60, 0, 0).Format(http.TimeFormat))
_, err = w.Write(image)
if err != nil {
logger.Error("failed to write image", zap.Error(err))
}
}
}
Added challenge middleware
2022-08-19 12:45:50 +00:00
func handleImage(db *sql.DB, logger *zap.Logger) http.HandlerFunc {
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
return func(w http.ResponseWriter, r *http.Request) {
messageIDs, ok := r.URL.Query()["messageId"]
if !ok || len(messageIDs) == 0 {
logger.Error("no messageID")
return
}
messageID := messageIDs[0]
var image []byte
err := db.QueryRow(`SELECT image_payload FROM user_messages WHERE id = ?`, messageID).Scan(&image)
if err != nil {
logger.Error("failed to find image", zap.Error(err))
return
}
if len(image) == 0 {
logger.Error("empty image")
return
}
mime, err := images.ImageMime(image)
if err != nil {
logger.Error("failed to get mime", zap.Error(err))
}
w.Header().Set("Content-Type", mime)
w.Header().Set("Cache-Control", "no-store")
_, err = w.Write(image)
if err != nil {
logger.Error("failed to write image", zap.Error(err))
}
}
}
Added challenge middleware
2022-08-19 12:45:50 +00:00
func handleAudio(db *sql.DB, logger *zap.Logger) http.HandlerFunc {
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
return func(w http.ResponseWriter, r *http.Request) {
messageIDs, ok := r.URL.Query()["messageId"]
if !ok || len(messageIDs) == 0 {
logger.Error("no messageID")
return
}
messageID := messageIDs[0]
var audio []byte
err := db.QueryRow(`SELECT audio_payload FROM user_messages WHERE id = ?`, messageID).Scan(&audio)
if err != nil {
logger.Error("failed to find image", zap.Error(err))
return
}
if len(audio) == 0 {
logger.Error("empty audio")
return
}
w.Header().Set("Content-Type", "audio/aac")
w.Header().Set("Cache-Control", "no-store")
_, err = w.Write(audio)
if err != nil {
logger.Error("failed to write audio", zap.Error(err))
}
}
}
Added challenge middleware
2022-08-19 12:45:50 +00:00
func handleIPFS(downloader *ipfs.Downloader, logger *zap.Logger) http.HandlerFunc {
Get preferred network IP and refactor server package to increase reusability (#2626) * Added function to get preffered network IP Also done some refactor work oon server package to make a lot more reusable * Added server.Option and simplified handler funcs * Added serial number deterministically generated from pk * Debugging TLS server connection * Implemented configurable server ip When accessing over the network the server needs to listen on the network port and not localhost or 127.0.0.1 . Also the cert can now have a dedicated IP * Refactor of URL funcs to use the url package * Removed redundant Options pattern in favour of config param * Added full server test using GetOutboundIP * Remove references and usage of Server.port The application does not need to set the port, we rely on the net.Listener to pick a port. * Version bump * Added ToECDSA func and improved cert testing * Added error check in test * Split Server types, embedding raw Server funcs into specialised server types * localhost * Implemented DNS and IP based cert gen ios doesn't allow for restricted ip addresses to be used in a valid tls cert * Replace listener handling with original port store Also added handlers as a parameter of the Server
2022-06-15 14:49:31 +00:00
return func(w http.ResponseWriter, r *http.Request) {
hashes, ok := r.URL.Query()["hash"]
if !ok || len(hashes) == 0 {
logger.Error("no hash")
return
}
_, download := r.URL.Query()["download"]
content, err := downloader.Get(hashes[0], download)
if err != nil {
logger.Error("could not download hash", zap.Error(err))
return
}
w.Header().Set("Cache-Control", "max-age:290304000, public")
w.Header().Set("Expires", time.Now().AddDate(60, 0, 0).Format(http.TimeFormat))
_, err = w.Write(content)
if err != nil {
logger.Error("failed to write ipfs resource", zap.Error(err))
}
}
}
Added PayloadManager and outbound pairing tests
2022-06-10 15:32:15 +00:00
Added challenge middleware
2022-08-19 12:45:50 +00:00
func handlePairingReceive(ps *PairingServer) http.HandlerFunc {
Refactor and tie in of signal events
2022-08-31 14:31:28 +00:00
signal.SendLocalPairingEvent(Event{Type: EventConnectionSuccess})
Added PayloadManager and outbound pairing tests
2022-06-10 15:32:15 +00:00
return func(w http.ResponseWriter, r *http.Request) {
Added encrytion and dectription via PayloadManager
2022-06-10 23:03:16 +00:00
payload, err := ioutil.ReadAll(r.Body)
if err != nil {
Refactor and tie in of signal events
2022-08-31 14:31:28 +00:00
signal.SendLocalPairingEvent(Event{Type: EventTransferError, Error: err})
Added encrytion and dectription via PayloadManager
2022-06-10 23:03:16 +00:00
ps.logger.Error("ioutil.ReadAll(r.Body)", zap.Error(err))
}
Refactor and tie in of signal events
2022-08-31 14:31:28 +00:00
signal.SendLocalPairingEvent(Event{Type: EventTransferSuccess})
Added encrytion and dectription via PayloadManager
2022-06-10 23:03:16 +00:00
More refactor to increase testability
2022-07-01 15:37:53 +00:00
err = ps.PayloadManager.Receive(payload)
Added encrytion and dectription via PayloadManager
2022-06-10 23:03:16 +00:00
if err != nil {
Refactor and tie in of signal events
2022-08-31 14:31:28 +00:00
signal.SendLocalPairingEvent(Event{Type: EventProcessError, Error: err})
More refactor to increase testability
2022-07-01 15:37:53 +00:00
ps.logger.Error("ps.PayloadManager.Receive(payload)", zap.Error(err))
Added encrytion and dectription via PayloadManager
2022-06-10 23:03:16 +00:00
}
Refactor and tie in of signal events
2022-08-31 14:31:28 +00:00
signal.SendLocalPairingEvent(Event{Type: EventProcessSuccess})
Added PayloadManager and outbound pairing tests
2022-06-10 15:32:15 +00:00
}
}
Added challenge middleware
2022-08-19 12:45:50 +00:00
func handlePairingSend(ps *PairingServer) http.HandlerFunc {
Refactor and tie in of signal events
2022-08-31 14:31:28 +00:00
signal.SendLocalPairingEvent(Event{Type: EventConnectionSuccess})
// TODO lock sending after one successful transfer, perhaps perform the lock on the PayloadManager level
Added PayloadManager and outbound pairing tests
2022-06-10 15:32:15 +00:00
return func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("Content-Type", "application/octet-stream")
More refactor to increase testability
2022-07-01 15:37:53 +00:00
_, err := w.Write(ps.PayloadManager.ToSend())
Added PayloadManager and outbound pairing tests
2022-06-10 15:32:15 +00:00
if err != nil {
Refactor and tie in of signal events
2022-08-31 14:31:28 +00:00
signal.SendLocalPairingEvent(Event{Type: EventTransferError, Error: err})
More refactor to increase testability
2022-07-01 15:37:53 +00:00
ps.logger.Error("w.Write(ps.PayloadManager.ToSend())", zap.Error(err))
Added PayloadManager and outbound pairing tests
2022-06-10 15:32:15 +00:00
}
Refactor and tie in of signal events
2022-08-31 14:31:28 +00:00
signal.SendLocalPairingEvent(Event{Type: EventTransferSuccess})
Added PayloadManager and outbound pairing tests
2022-06-10 15:32:15 +00:00
}
}
Added challenge middleware
2022-08-19 12:45:50 +00:00
func challengeMiddleware(ps *PairingServer, next http.Handler) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
s, err := ps.cookieStore.Get(r, sessionChallenge)
if err != nil {
ps.logger.Error("ps.cookieStore.Get(r, pairingStoreChallenge)", zap.Error(err))
http.Error(w, "error", http.StatusInternalServerError)
}
blocked, ok := s.Values[sessionBlocked].(bool)
if ok && blocked {
http.Error(w, "forbidden", http.StatusForbidden)
return
}
// If the request header doesn't include a challenge don't punish the client, just throw a 403
pc := r.Header.Get(sessionChallenge)
if pc == "" {
http.Error(w, "forbidden", http.StatusForbidden)
return
}
c, err := common.Decrypt(base58.Decode(pc), ps.ek)
if err != nil {
ps.logger.Error("c, err := common.Decrypt(rc, ps.ek)", zap.Error(err))
http.Error(w, "error", http.StatusInternalServerError)
return
}
// If the challenge is not in the session store don't punish the client, just throw a 403
challenge, ok := s.Values[sessionChallenge].([]byte)
if !ok {
http.Error(w, "forbidden", http.StatusForbidden)
return
}
// Only if we have both a challenge in the session store and in the request header
// do we entertain blocking the client. Because then we know someone is trying to be sneaky.
fix: lint (#2845) Co-authored-by: Samuel Hawksby-Robinson <samuel@samyoul.com>
2022-09-27 22:59:02 +00:00
if !bytes.Equal(c, challenge) {
Added challenge middleware
2022-08-19 12:45:50 +00:00
s.Values[sessionBlocked] = true
err = s.Save(r, w)
if err != nil {
ps.logger.Error("err = s.Save(r, w)", zap.Error(err))
}
http.Error(w, "forbidden", http.StatusForbidden)
return
}
next.ServeHTTP(w, r)
}
}
func handlePairingChallenge(ps *PairingServer) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
s, err := ps.cookieStore.Get(r, sessionChallenge)
if err != nil {
ps.logger.Error("ps.cookieStore.Get(r, pairingStoreChallenge)", zap.Error(err))
}
var challenge []byte
challenge, ok := s.Values[sessionChallenge].([]byte)
if !ok {
challenge = make([]byte, 64)
_, err = rand.Read(challenge)
if err != nil {
ps.logger.Error("_, err = rand.Read(auth)", zap.Error(err))
}
s.Values[sessionChallenge] = challenge
err = s.Save(r, w)
if err != nil {
ps.logger.Error("err = s.Save(r, w)", zap.Error(err))
}
}
w.Header().Set("Content-Type", "application/octet-stream")
_, err = w.Write(challenge)
if err != nil {
ps.logger.Error("_, err = w.Write(challenge)", zap.Error(err))
}
}
}