Added challenge middleware to handleSendInstallation
This commit is contained in:
Samuel Hawksby-Robinson
parent
79d8094dc2
commit
231ded6a7b
|
|
@ -20,11 +20,11 @@ const (
|
|||
|
||||
type ChallengeError struct {
|
||||
Text string
|
||||
HttpCode int
|
||||
HTTPCode int
|
||||
}
|
||||
|
||||
func (ce *ChallengeError) Error() string {
|
||||
return fmt.Sprintf("%s : %d", ce.Text, ce.HttpCode)
|
||||
return fmt.Sprintf("%s : %d", ce.Text, ce.HTTPCode)
|
||||
}
|
||||
|
||||
func makeCookieStore() (*sessions.CookieStore, error) {
|
||||
|
|
@ -142,14 +142,17 @@ func (cg *ChallengeGiver) checkChallengeResponse(w http.ResponseWriter, r *http.
|
|||
}
|
||||
|
||||
func (cg *ChallengeGiver) getChallenge(w http.ResponseWriter, r *http.Request) ([]byte, *ChallengeError) {
|
||||
s, ce := cg.getSession(r)
|
||||
if ce != nil {
|
||||
return nil, ce
|
||||
s, err := cg.getSession(r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
challenge, ok := s.Values[sessionChallenge].([]byte)
|
||||
if !ok {
|
||||
challenge, ce = cg.generateNewChallenge(s, w, r)
|
||||
challenge, err = cg.generateNewChallenge(s, w, r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
}
|
||||
return challenge, nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -253,6 +253,10 @@ func StartUpSendingClient(backend *api.GethStatusBackend, cs, configJSON string)
|
|||
if err != nil {
|
||||
return err
|
||||
}
|
||||
err = c.getChallenge()
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
return c.receiveInstallationData()
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -185,7 +185,7 @@ func middlewareChallenge(cg *ChallengeGiver, next http.Handler) http.HandlerFunc
|
|||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
ce := cg.checkChallengeResponse(w, r)
|
||||
if ce != nil {
|
||||
http.Error(w, ce.Text, ce.HttpCode)
|
||||
http.Error(w, ce.Text, ce.HTTPCode)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
@ -197,7 +197,7 @@ func handlePairingChallenge(cg *ChallengeGiver) http.HandlerFunc {
|
|||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
challenge, ce := cg.getChallenge(w, r)
|
||||
if ce != nil {
|
||||
http.Error(w, ce.Text, ce.HttpCode)
|
||||
http.Error(w, ce.Text, ce.HTTPCode)
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -9,7 +9,6 @@ import (
|
|||
"net"
|
||||
"time"
|
||||
|
||||
"github.com/gorilla/sessions"
|
||||
"go.uber.org/zap"
|
||||
|
||||
"github.com/status-im/status-go/api"
|
||||
|
|
@ -28,9 +27,7 @@ import (
|
|||
|
||||
type BaseServer struct {
|
||||
server.Server
|
||||
|
||||
cookieStore *sessions.CookieStore
|
||||
encryptor *PayloadEncryptor
|
||||
challengeGiver *ChallengeGiver
|
||||
|
||||
pk *ecdsa.PublicKey
|
||||
ek []byte
|
||||
|
|
@ -41,7 +38,7 @@ type BaseServer struct {
|
|||
|
||||
// NewBaseServer returns a *BaseServer init from the given *SenderServerConfig
|
||||
func NewBaseServer(logger *zap.Logger, e *PayloadEncryptor, config *ServerConfig) (*BaseServer, error) {
|
||||
cs, err := makeCookieStore()
|
||||
cg, err := NewChallengeGiver(e, logger)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
|
@ -53,11 +50,10 @@ func NewBaseServer(logger *zap.Logger, e *PayloadEncryptor, config *ServerConfig
|
|||
nil,
|
||||
logger,
|
||||
),
|
||||
encryptor: e,
|
||||
cookieStore: cs,
|
||||
pk: config.PK,
|
||||
ek: config.EK,
|
||||
mode: config.Mode,
|
||||
challengeGiver: cg,
|
||||
pk: config.PK,
|
||||
ek: config.EK,
|
||||
mode: config.Mode,
|
||||
}
|
||||
bs.SetTimeout(config.Timeout)
|
||||
return bs, nil
|
||||
|
|
@ -122,8 +118,6 @@ type SenderServer struct {
|
|||
accountMounter PayloadMounter
|
||||
rawMessageMounter *RawMessagePayloadMounter
|
||||
installationMounter *InstallationPayloadMounterReceiver
|
||||
|
||||
challengeGiver *ChallengeGiver
|
||||
}
|
||||
|
||||
// NewSenderServer returns a *SenderServer init from the given *SenderServerConfig
|
||||
|
|
@ -141,17 +135,11 @@ func NewSenderServer(backend *api.GethStatusBackend, config *SenderServerConfig)
|
|||
return nil, err
|
||||
}
|
||||
|
||||
cg, err := NewChallengeGiver(e, logger)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
return &SenderServer{
|
||||
BaseServer: bs,
|
||||
accountMounter: am,
|
||||
rawMessageMounter: rmm,
|
||||
installationMounter: imr,
|
||||
challengeGiver: cg,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
|
@ -248,13 +236,14 @@ func NewReceiverServer(backend *api.GethStatusBackend, config *ReceiverServerCon
|
|||
|
||||
func (s *ReceiverServer) startReceivingData() error {
|
||||
s.SetHandlers(server.HandlerPatternMap{
|
||||
pairingChallenge: handlePairingChallenge(s.challengeGiver),
|
||||
pairingReceiveAccount: handleReceiveAccount(s, s.accountReceiver),
|
||||
pairingReceiveSyncDevice: handleParingSyncDeviceReceive(s, s.rawMessageReceiver),
|
||||
// TODO implement refactor of installation data exchange to follow the send/receive pattern of
|
||||
// the other handlers.
|
||||
// https://github.com/status-im/status-go/issues/3304
|
||||
// send installation data back to sender
|
||||
pairingSendInstallation: handleSendInstallation(s, s.installationReceiver),
|
||||
pairingSendInstallation: middlewareChallenge(s.challengeGiver, handleSendInstallation(s, s.installationReceiver)),
|
||||
})
|
||||
return s.Start()
|
||||
}
|
||||
|
|
|
|||
|
|
@ -223,6 +223,13 @@ func (s *PairingServerSuite) TestPairingServer_handlePairingChallengeMiddleware(
|
|||
err = c.getChallenge()
|
||||
s.Require().NoError(err)
|
||||
s.Require().NotEqual(challenge, c.challengeTaker.serverChallenge)
|
||||
|
||||
// Unlock the MockPayloadMounter to allow the test. Don't do this ordinarily
|
||||
s.SS.accountMounter.(*MockPayloadMounter).encryptor.payload.locked = false
|
||||
|
||||
// receiving account data again using the new challenge
|
||||
err = c.receiveAccountData()
|
||||
s.Require().NoError(err)
|
||||
}
|
||||
|
||||
func (s *PairingServerSuite) TestPairingServer_handlePairingChallengeMiddleware_block() {
|
||||
|
|
|
|||
Loading…
Reference in New Issue