fix: include auth sogs headers everywhere

3 years ago · ae51b0cd96
parent 2fdb612a77
commit ae51b0cd96
7 changed files with 58 additions and 37 deletions
--- a/ts/session/apis/open_group_api/sogsv3/sogsV3Capabilities.ts
+++ b/ts/session/apis/open_group_api/sogsv3/sogsV3Capabilities.ts
@ -5,7 +5,7 @@ import { OpenGroupData, OpenGroupV2Room } from '../../../../data/opengroups';
 import AbortController, { AbortSignal } from 'abort-controller';
 import { batchGlobalIsSuccess } from './sogsV3BatchPoll';
-export const capabilitiesFetchForServer = async (
+const capabilitiesFetchForServer = async (
  serverUrl: string,
  serverPubKey: string,
  abortSignal: AbortSignal
@ -13,7 +13,8 @@ export const capabilitiesFetchForServer = async (
  const endpoint = '/capabilities';
  const method = 'GET';
  const serverPubkey = serverPubKey;
-  const blinded = false; // for capabilities, blinding is always false as the request will fail if the server requires blinding
+  // for the capabilities call, we require blinded to be ON now. A sogs with blinding disabled will still allow this call and verify the blinded signature
  const blinded = true;
  const capabilityHeaders = await OpenGroupPollingUtils.getOurOpenGroupHeaders(
    serverPubkey,
    endpoint,
@ -33,7 +34,6 @@ export const capabilitiesFetchForServer = async (
    serverPubkey,
    serverUrl,
    stringifiedBody: null,
    doNotIncludeOurSogsHeaders: true, // the first capabilities needs to not have any authentification to pass on a blinding-required sogs,
    headers: null,
    throwErrors: false,
  });
--- a/ts/session/apis/open_group_api/sogsv3/sogsV3FetchFile.ts
+++ b/ts/session/apis/open_group_api/sogsv3/sogsV3FetchFile.ts
@ -1,6 +1,10 @@
 import AbortController, { AbortSignal } from 'abort-controller';
 import { isUndefined, toNumber } from 'lodash';
-import { OpenGroupV2Room, OpenGroupV2RoomWithImageID } from '../../../../data/opengroups';
+import {
  OpenGroupData,
  OpenGroupV2Room,
  OpenGroupV2RoomWithImageID,
 } from '../../../../data/opengroups';
 import { MIME } from '../../../../types';
 import { processNewAttachment } from '../../../../types/MessageAttachment';
 import { callUtilsWorker } from '../../../../webworker/workers/util_worker_interface';
@ -16,7 +20,6 @@ export async function fetchBinaryFromSogsWithOnionV4(sendOptions: {
  serverPubkey: string;
  blinded: boolean;
  abortSignal: AbortSignal;
  doNotIncludeOurSogsHeaders?: boolean;
  headers: Record<string, any> | null;
  roomId: string;
  fileId: string;
@ -28,7 +31,6 @@ export async function fetchBinaryFromSogsWithOnionV4(sendOptions: {
    blinded,
    abortSignal,
    headers: includedHeaders,
    doNotIncludeOurSogsHeaders,
    roomId,
    fileId,
    throwError,
@ -41,9 +43,7 @@ export async function fetchBinaryFromSogsWithOnionV4(sendOptions: {
    throw new Error('endpoint needs a leading /');
  }
  const builtUrl = new URL(`${serverUrl}${endpoint}`);
-  let headersWithSogsHeadersIfNeeded = doNotIncludeOurSogsHeaders
+  let headersWithSogsHeadersIfNeeded = await OpenGroupPollingUtils.getOurOpenGroupHeaders(
    ? {}
    : await OpenGroupPollingUtils.getOurOpenGroupHeaders(
    serverPubkey,
    endpoint,
    method,
@ -98,11 +98,14 @@ export async function sogsV3FetchPreviewAndSaveIt(roomInfos: OpenGroupV2RoomWith
    return;
  }
  const room = OpenGroupData.getV2OpenGroupRoom(convoId);
  const blinded = roomHasBlindEnabled(room);
  // make sure this runs only once for each rooms.
-  // we don't want to trigger one of those on each setPollInfo resultsas it happens on each batch poll.
+  // we don't want to trigger one of those on each setPollInfo results as it happens on each batch poll.
  const oneAtAtimeResult = (await allowOnlyOneAtATime(
    `sogsV3FetchPreview-${serverUrl}-${roomId}`,
-    () => sogsV3FetchPreview(roomInfos)
+    () => sogsV3FetchPreview(roomInfos, blinded)
  )) as Uint8Array | null; // force the return type as allowOnlyOneAtATime does not keep it
  if (!oneAtAtimeResult || !oneAtAtimeResult?.byteLength) {
@ -139,7 +142,7 @@ export async function sogsV3FetchPreviewAndSaveIt(roomInfos: OpenGroupV2RoomWith
 * @returns the fetchedData in base64
 */
 export async function sogsV3FetchPreviewBase64(roomInfos: OpenGroupV2RoomWithImageID) {
-  const fetched = await sogsV3FetchPreview(roomInfos);
+  const fetched = await sogsV3FetchPreview(roomInfos, true); // left pane are session official default rooms, which do require blinded
  if (fetched && fetched.byteLength) {
    return callUtilsWorker('arrayBufferToStringBase64', fetched);
  }
@ -155,7 +158,8 @@ export async function sogsV3FetchPreviewBase64(roomInfos: OpenGroupV2RoomWithIma
 * Those default rooms do not have a conversation associated with them, as they are not joined yet
 */
 const sogsV3FetchPreview = async (
-  roomInfos: OpenGroupV2RoomWithImageID
+  roomInfos: OpenGroupV2RoomWithImageID,
  blinded: boolean
 ): Promise<Uint8Array | null> => {
  if (!roomInfos || !roomInfos.imageID) {
    return null;
@ -164,11 +168,10 @@ const sogsV3FetchPreview = async (
  // not a batch call yet as we need to exclude headers for this call for now
  const fetched = await fetchBinaryFromSogsWithOnionV4({
    abortSignal: new AbortController().signal,
-    blinded: false,
+    blinded,
    headers: null,
    serverPubkey: roomInfos.serverPublicKey,
    serverUrl: roomInfos.serverUrl,
    doNotIncludeOurSogsHeaders: true,
    roomId: roomInfos.roomId,
    fileId: roomInfos.imageID,
    throwError: false,
@ -198,7 +201,6 @@ export const sogsV3FetchFileByFileID = async (
    headers: null,
    serverPubkey: roomInfos.serverPublicKey,
    serverUrl: roomInfos.serverUrl,
    doNotIncludeOurSogsHeaders: true,
    roomId: roomInfos.roomId,
    fileId,
    throwError: true,
--- a/ts/session/apis/open_group_api/sogsv3/sogsV3RoomInfos.ts
+++ b/ts/session/apis/open_group_api/sogsv3/sogsV3RoomInfos.ts
@ -11,7 +11,7 @@ import {
 export const getAllRoomInfos = async (roomInfos: OpenGroupV2Room) => {
  const result = await OnionSending.sendJsonViaOnionV4ToSogs({
-    blinded: false,
+    blinded: true,
    endpoint: '/rooms',
    method: 'GET',
    serverPubkey: roomInfos.serverPublicKey,
@ -19,7 +19,6 @@ export const getAllRoomInfos = async (roomInfos: OpenGroupV2Room) => {
    abortSignal: new AbortController().signal,
    serverUrl: roomInfos.serverUrl,
    headers: null,
    doNotIncludeOurSogsHeaders: true,
    throwErrors: false,
  });
@ -91,7 +90,6 @@ export async function openGroupV2GetRoomInfoViaOnionV4({
    stringifiedBody: null,
    serverPubkey,
    headers: null,
    doNotIncludeOurSogsHeaders: true,
    throwErrors: false,
  });
  const room = result?.body as Record<string, any> | undefined;
--- a/ts/session/apis/snode_api/onions.ts
+++ b/ts/session/apis/snode_api/onions.ts
@ -338,6 +338,13 @@ async function processAnyOtherErrorOnPath(
  if (status !== 200) {
    window?.log?.warn(`[path] Got status: ${status}`);
    if (status === 404 || status === 400) {
      window?.log?.warn(
        'processAnyOtherErrorOnPathgot 404 or 400, probably a dead sogs. Skipping bad path update'
      );
      return;
    }
    // If we have a specific node in fault we can exclude just this node.
    if (ciphertext?.startsWith(NEXT_NODE_NOT_FOUND_PREFIX)) {
      const nodeNotFound = ciphertext.substr(NEXT_NODE_NOT_FOUND_PREFIX.length);
--- a/ts/session/onions/onionSend.ts
+++ b/ts/session/onions/onionSend.ts
@ -277,7 +277,6 @@ async function sendJsonViaOnionV4ToSogs(sendOptions: {
  method: string;
  stringifiedBody: string | null;
  abortSignal: AbortSignal;
  doNotIncludeOurSogsHeaders?: boolean;
  headers: Record<string, any> | null;
  throwErrors: boolean;
 }): Promise<OnionV4JSONSnodeResponse | null> {
@ -290,16 +289,13 @@ async function sendJsonViaOnionV4ToSogs(sendOptions: {
    stringifiedBody,
    abortSignal,
    headers: includedHeaders,
    doNotIncludeOurSogsHeaders,
    throwErrors,
  } = sendOptions;
  if (!endpoint.startsWith('/')) {
    throw new Error('endpoint needs a leading /');
  }
  const builtUrl = new URL(`${serverUrl}${endpoint}`);
-  let headersWithSogsHeadersIfNeeded = doNotIncludeOurSogsHeaders
+  let headersWithSogsHeadersIfNeeded = await OpenGroupPollingUtils.getOurOpenGroupHeaders(
    ? {}
    : await OpenGroupPollingUtils.getOurOpenGroupHeaders(
    serverPubkey,
    endpoint,
    method,
--- a/ts/session/onions/onionv4.ts
+++ b/ts/session/onions/onionv4.ts
@ -92,6 +92,18 @@ const decodeV4Response = (snodeResponse: SnodeResponseV4): DecodedResponseV4 | u
        break;
      case 'application/octet-stream':
        break;
      case 'text/html; charset=utf-8':
        try {
          window?.log?.warn(
            'decodeV4Response - received raw body of type "text/html; charset=utf-8": ',
            to_string(bodyBinary)
          );
        } catch (e) {
          window?.log?.warn(
            'decodeV4Response - received raw body of type "text/html; charset=utf-8" but not a string'
          );
        }
        break;
      default:
        window?.log?.warn(
          'decodeV4Response - No or unknown content-type information for response: ',
--- a/ts/updater/updater.ts
+++ b/ts/updater/updater.ts
@ -46,7 +46,13 @@ export async function start(
  }, 1000 * 60 * 10); // trigger and try to update every 10 minutes to let the file gets downloaded if we are updating
  stopped = false;
  global.setTimeout(async () => {
    try {
      await checkForUpdates(getMainWindow, messages, logger);
    } catch (error) {
      logger.error('auto-update: error:', getPrintableError(error));
    }
  }, 2 * 60 * 1000); // we do checks from the fileserver every 1 minute.
 }
 export function stop() {