keejef
/
session-desktop
mirror of https://github.com/oxen-io/session-desktop
2
0
Fork 0
Code Issues 8 Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
unstable
feature/update-crowdin-translations
master
audit2
show
audit
v1.9.1
v1.9.0
v1.8.6
v1.8.5
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.9
v1.7.8
v1.7.7
v1.7.6
v1.7.5
v1.7.4
v1.7.3
v1.7.2
v1.7.1
v1.7.0
v1.6.9
v1.6.8
v1.6.7
v1.6.6
v1.6.5
v1.6.4
v1.6.3
v1.6.2
v1.6.11
v1.6.10
v1.6.1
v1.6.0
v1.5.5
v1.5.4
v1.5.3
v1.5.2
v1.5.1
v1.5.0
v1.4.9
v1.4.8
v1.4.7
v1.4.6
v1.4.5
v1.4.4
v1.4.3
v1.4.2
v1.4.11
v1.4.10
v1.4.1
v1.4.0
v1.3.1
v1.3.0
v1.2.1
v1.2.0
v1.14.3
v1.14.2
v1.14.1
v1.14.0
v1.13.2
v1.13.1
v1.13.0
v1.12.5
v1.12.4
v1.12.3
v1.12.2
v1.12.1
v1.12.0
v1.11.5
v1.11.4
v1.11.3
v1.11.2
v1.11.1
v1.11.0
v1.10.8
v1.10.7
v1.10.6
v1.10.5
v1.10.4
v1.10.3
v1.10.2
v1.10.1
v1.10.0
v1.1.2
v1.1.1
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9f8920ef2c'
${ noResults }
session-desktop/ts/session/apis/open_group_api/opengroupV2/ApiAuth.ts

153 lines
4.8 KiB
TypeScript
Raw Blame History

import { getV2OpenGroupRoomByRoomId, saveV2OpenGroupRoom } from '../../../../data/opengroups';
import { callUtilsWorker } from '../../../../webworker/workers/util_worker_interface';
import { allowOnlyOneAtATime } from '../../../utils/Promise';
import { toHex } from '../../../utils/String';
import { getIdentityKeyPair, getOurPubKeyStrFromCache } from '../../../utils/User';
import { OpenGroupRequestCommonType, OpenGroupV2Request } from './ApiUtil';
import { sendApiV2Request } from './OpenGroupAPIV2';
import { parseStatusCodeFromOnionRequest } from './OpenGroupAPIV2Parser';
async function claimAuthToken(
authToken: string,
serverUrl: string,
roomId: string
): Promise<string | null> {
// Set explicitly here because is isn't in the database yet at this point
const headers = { Authorization: authToken };
const request: OpenGroupV2Request = {
method: 'POST',
headers,
room: roomId,
server: serverUrl,
queryParams: { public_key: getOurPubKeyStrFromCache() },
isAuthRequired: false,
endpoint: 'claim_auth_token',
};
const result = await sendApiV2Request(request);
const statusCode = parseStatusCodeFromOnionRequest(result);
if (statusCode !== 200) {
window?.log?.warn(`Could not claim token, status code: ${statusCode}`);
return null;
}
return authToken;
}
async function oneAtATimeGetAuth({ serverUrl, roomId }: OpenGroupRequestCommonType) {
return allowOnlyOneAtATime(`getAuthToken${serverUrl}:${roomId}`, async () => {
try {
// first try to fetch from db a saved token.
const roomDetails = await getV2OpenGroupRoomByRoomId({ serverUrl, roomId });
if (!roomDetails) {
window?.log?.warn('getAuthToken Room does not exist.');
return null;
}
if (roomDetails?.token) {
return roomDetails.token;
}
window?.log?.info(
`Triggering getAuthToken with serverUrl:'${serverUrl}'; roomId: '${roomId}'`
);
const token = await requestNewAuthToken({ serverUrl, roomId });
if (!token) {
window?.log?.warn('invalid new auth token', token);
return;
}
window?.log?.info(`Got AuthToken for serverUrl:'${serverUrl}'; roomId: '${roomId}'`);
const claimedToken = await claimAuthToken(token, serverUrl, roomId);
if (!claimedToken) {
window?.log?.warn('Failed to claim token', claimedToken);
} else {
window?.log?.info(`Claimed AuthToken for serverUrl:'${serverUrl}'; roomId: '${roomId}'`);
}
// still save it to the db. just to mark it as to be refreshed later
roomDetails.token = claimedToken || '';
await saveV2OpenGroupRoom(roomDetails);
window?.log?.info(`AuthToken saved to DB for serverUrl:'${serverUrl}'; roomId: '${roomId}'`);
return claimedToken;
} catch (e) {
window?.log?.error('Failed to getAuthToken', e);
throw e;
}
});
}
export async function getAuthToken({
serverUrl,
roomId,
}: OpenGroupRequestCommonType): Promise<string | null> {
return oneAtATimeGetAuth({ roomId, serverUrl });
}
// tslint:disable: member-ordering
export async function requestNewAuthToken({
serverUrl,
roomId,
}: OpenGroupRequestCommonType): Promise<string | null> {
const userKeyPair = await getIdentityKeyPair();
if (!userKeyPair) {
throw new Error('Failed to fetch user keypair');
}
const ourPubkey = getOurPubKeyStrFromCache();
const parameters = {} as Record<string, string>;
parameters.public_key = ourPubkey;
const request: OpenGroupV2Request = {
method: 'GET',
room: roomId,
server: serverUrl,
queryParams: parameters,
isAuthRequired: false,
endpoint: 'auth_token_challenge',
};
const json = (await sendApiV2Request(request)) as any;
// parse the json
if (!json || !json?.result?.challenge) {
window?.log?.warn('Parsing failed');
return null;
}
const {
ciphertext: base64EncodedCiphertext,
ephemeral_public_key: base64EncodedEphemeralPublicKey,
} = json?.result?.challenge;
if (!base64EncodedCiphertext || !base64EncodedEphemeralPublicKey) {
window?.log?.warn('Parsing failed');
return null;
}
const ciphertext = (await callUtilsWorker(
'fromBase64ToArrayBuffer',
base64EncodedCiphertext
)) as ArrayBuffer;
const ephemeralPublicKey = (await callUtilsWorker(
'fromBase64ToArrayBuffer',
base64EncodedEphemeralPublicKey
)) as ArrayBuffer;
try {
const symmetricKey = (await callUtilsWorker(
'deriveSymmetricKey',
new Uint8Array(ephemeralPublicKey),
new Uint8Array(userKeyPair.privKey)
)) as ArrayBuffer;
const plaintextBuffer = await callUtilsWorker(
'DecryptAESGCM',
new Uint8Array(symmetricKey),
new Uint8Array(ciphertext)
);
const token = toHex(plaintextBuffer);
return token;
} catch (e) {
window?.log?.error('Failed to decrypt token open group v2');
return null;
}
}
Reference in New Issue View Git Blame Copy Permalink