_Bastler/partey_workadventure
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Improving code security by adding stricter typings

Browse Source
This commit is contained in:
David Négrier 2021-12-14 18:55:41 +01:00
parent bbef3b3eaf
commit 2fff6ae41e
12 changed files with 45 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
front/src/Connexion/ConnectionManager.ts
View File

@ -11,6 +11,7 @@ import { loginSceneVisibleIframeStore } from "../Stores/LoginSceneStore";
import { userIsConnected } from "../Stores/MenuStore";
import { analyticsClient } from "../Administration/AnalyticsClient";
import { axiosWithRetry } from "./AxiosUtils";
import axios from "axios";
class ConnectionManager {
private localUser!: LocalUser;
@ -192,11 +193,11 @@ class ConnectionManager {
analyticsClient.loggedWithSso();
} catch (err) {
console.error(err);
//if user must to be connect in current room or pusher error is not openid provier access error
//try to connected with function loadOpenIDScreen
// if the user must be connected in the current room or if the pusher error is not openid provider access error
// try to connect with function loadOpenIDScreen
if (
this._currentRoom.authenticationMandatory ||
(err.response?.data && err.response.data !== "User cannot to be connected on openid provier")
(axios.isAxiosError(err) && err.response?.data && err.response.data !== "User cannot to be connected on openid provider")
) {
this.loadOpenIDScreen();
return Promise.reject(new Error("You will be redirect on login page"));

31
front/src/Connexion/Room.ts
View File

@ -5,6 +5,8 @@ import type { CharacterTexture } from "./LocalUser";
import { localUserStore } from "./LocalUserStore";
import axios from "axios";
import { axiosWithRetry } from "./AxiosUtils";
import {isMapDetailsData} from "../../../pusher/src/Messages/JsonMessages/MapDetailsData";
import {isRoomRedirect} from "../Messages/JsonMessages/RoomRedirect";
export class MapDetail {
constructor(public readonly mapUrl: string, public readonly textures: CharacterTexture[] | undefined) {}
@ -101,27 +103,34 @@ export class Room {
});
const data = result.data;
if (data.redirectUrl) {
if (isRoomRedirect(data.redirectUrl)) {
return {
redirectUrl: data.redirectUrl as string,
};
} else if (isMapDetailsData(data)) {
console.log("Map ", this.id, " resolves to URL ", data.mapUrl);
this._mapUrl = data.mapUrl;
this._textures = data.textures;
this._group = data.group;
this._authenticationMandatory =
data.authenticationMandatory != null ? data.authenticationMandatory : DISABLE_ANONYMOUS;
this._iframeAuthentication = data.iframeAuthentication || OPID_LOGIN_SCREEN_PROVIDER;
this._contactPage = data.contactPage || CONTACT_URL;
return new MapDetail(data.mapUrl, data.textures);
} else {
throw new Error('Data received by the /map endpoint of the Pusher is not in a valid format.');
}
console.log("Map ", this.id, " resolves to URL ", data.mapUrl);
this._mapUrl = data.mapUrl;
this._textures = data.textures;
this._group = data.group;
this._authenticationMandatory =
data.authenticationMandatory != null ? data.authenticationMandatory : DISABLE_ANONYMOUS;
this._iframeAuthentication = data.iframeAuthentication || OPID_LOGIN_SCREEN_PROVIDER;
this._contactPage = data.contactPage || CONTACT_URL;
return new MapDetail(data.mapUrl, data.textures);
} catch (e) {
if (axios.isAxiosError(e) && e.response?.status == 401 && e.response?.data === "Token decrypted error") {
console.warn("JWT token sent could not be decrypted. Maybe it expired?");
localUserStore.setAuthToken(null);
window.location.assign("/login");
} else {
} else if (axios.isAxiosError(e)) {
console.error("Error => getMapDetail", e, e.response);
} else {
console.error("Error => getMapDetail", e);
}
throw e;
}

2
front/src/Messages/JsonMessages/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore

0
pusher/src/Services/AdminApi/CharacterTexture.ts → messages/JsonMessages/CharacterTexture.ts
View File

4
pusher/src/Services/AdminApi/MapDetailsData.ts → messages/JsonMessages/MapDetailsData.ts
View File

@ -1,7 +1,6 @@
import * as tg from "generic-type-guard";
import { GameRoomPolicyTypes } from "_Model/PusherRoom";
import { isCharacterTexture } from "./CharacterTexture";
import { isAny, isNumber } from "generic-type-guard";
import { isNumber } from "generic-type-guard";
/*const isNumericEnum =
<T extends { [n: number]: string }>(vs: T) =>
@ -17,6 +16,7 @@ export const isMapDetailsData = new tg.IsInterface()
textures: tg.isArray(isCharacterTexture),
contactPage: tg.isUnion(tg.isString, tg.isUndefined),
authenticationMandatory: tg.isUnion(tg.isBoolean, tg.isUndefined),
group: tg.isString,
})
.get();

0
pusher/src/Services/AdminApi/RoomRedirect.ts → messages/JsonMessages/RoomRedirect.ts
View File

7
messages/package.json
View File

@ -7,10 +7,13 @@
"copy-to-back": "rm -rf ../back/src/Messages/generated && cp -rf generated/ ../back/src/Messages/generated",
"copy-to-front": "rm -rf ../front/src/Messages/generated && cp -rf generated/ ../front/src/Messages/generated",
"copy-to-pusher": "rm -rf ../pusher/src/Messages/generated && cp -rf generated/ ../pusher/src/Messages/generated",
"proto-all": "yarn run proto && yarn run copy-to-back && yarn run copy-to-front && yarn run copy-to-pusher",
"proto:watch": "yarn run proto-all; inotifywait -q -m -e close_write protos/messages.proto | while read -r filename event; do yarn run proto-all; done"
"json-copy-to-pusher": "rm -rf ../pusher/src/Messages/JsonMessages/* && cp -rf JsonMessages/* ../pusher/src/Messages/JsonMessages/",
"json-copy-to-front": "rm -rf ../front/src/Messages/JsonMessages/* && cp -rf JsonMessages/* ../front/src/Messages/JsonMessages/",
"proto-all": "yarn run proto && yarn run copy-to-back && yarn run copy-to-front && yarn run copy-to-pusher && yarn run json-copy-to-pusher && yarn run json-copy-to-front",
"proto:watch": "yarn run proto-all; inotifywait -q -m -e close_write protos/messages.proto JsonMessages/ | while read -r filename event; do yarn run proto-all; done"
},
"dependencies": {
"generic-type-guard": "^3.5.0",
"google-protobuf": "^3.13.0",
"grpc": "^1.24.4"
},

5
messages/yarn.lock
View File

@ -1788,6 +1788,11 @@ gauge@~2.7.3:
strip-ansi "^3.0.1"
wide-align "^1.1.0"
generic-type-guard@^3.5.0:
version "3.5.0"
resolved "https://registry.yarnpkg.com/generic-type-guard/-/generic-type-guard-3.5.0.tgz#39de9f8fceee65d79e7540959f0e7b23210c07b6"
integrity sha512-OpgXv/sbRobhFboaSyN/Tsh97Sxt5pcfLLxCiYZgYIIWFFp+kn2EzAXiaQZKEVRlq1rOE/zh8cYhJXEwplbJiQ==
get-caller-file@^2.0.1:
version "2.0.5"
resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e"

4
pusher/src/Controller/AuthenticateController.ts
View File

@ -83,7 +83,7 @@ export class AuthenticateController extends BaseController {
console.error("Token cannot to be check on OpenId provider");
res.writeStatus("500");
res.writeHeader("Access-Control-Allow-Origin", FRONT_URL);
res.end("User cannot to be connected on openid provier");
res.end("User cannot to be connected on openid provider");
return;
}
@ -105,7 +105,7 @@ export class AuthenticateController extends BaseController {
console.error("User cannot to be connected on OpenId provider => ", err);
res.writeStatus("500");
res.writeHeader("Access-Control-Allow-Origin", FRONT_URL);
res.end("User cannot to be connected on openid provier");
res.end("User cannot to be connected on openid provider");
return;
}
const email = userInfo.email || userInfo.sub;

2
pusher/src/Controller/MapController.ts
View File

@ -4,7 +4,7 @@ import { parse } from "query-string";
import { adminApi } from "../Services/AdminApi";
import { ADMIN_API_URL, DISABLE_ANONYMOUS, FRONT_URL } from "../Enum/EnvironmentVariable";
import { GameRoomPolicyTypes } from "../Model/PusherRoom";
import { isMapDetailsData, MapDetailsData } from "../Services/AdminApi/MapDetailsData";
import { isMapDetailsData, MapDetailsData } from "../Messages/JsonMessages/MapDetailsData";
import { socketManager } from "../Services/SocketManager";
import { AuthTokenData, jwtTokenManager } from "../Services/JWTTokenManager";
import { v4 } from "uuid";

2
pusher/src/Messages/JsonMessages/.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*
!.gitignore

4
pusher/src/Services/SocketManager.ts
View File

@ -47,8 +47,8 @@ import { GroupDescriptor, UserDescriptor, ZoneEventListener } from "_Model/Zone"
import Debug from "debug";
import { ExAdminSocketInterface } from "_Model/Websocket/ExAdminSocketInterface";
import { WebSocket } from "uWebSockets.js";
import { isRoomRedirect } from "./AdminApi/RoomRedirect";
import { CharacterTexture } from "./AdminApi/CharacterTexture";
import { isRoomRedirect } from "../Messages/JsonMessages/RoomRedirect";
import { CharacterTexture } from "../Messages/JsonMessages/CharacterTexture";
const debug = Debug("socket");