better we.bslty & deveop integration

back/src/Enum/EnvironmentVariable.ts

@@ -14,6 +14,8 @@ export const MAX_PER_GROUP = parseInt(process.env.MAX_PER_GROUP || "4");
 export const REDIS_HOST = process.env.REDIS_HOST || undefined;
 export const REDIS_PORT = parseInt(process.env.REDIS_PORT || "6379") || 6379;
 export const REDIS_PASSWORD = process.env.REDIS_PASSWORD || undefined;
+export const DEBUG_IGNORE_SSL = process.env.DEBUG_IGNORE_SSL ? process.env.DEBUG_IGNORE_SSL == "true" : false;
+export const DEBUG_BACK_IGNORE_LOCAL = process.env.DEBUG_BACK_IGNORE_LOCAL ? process.env.DEBUG_BACK_IGNORE_LOCAL == "true" : false;
 
 export {
     MINIMUM_DISTANCE,

back/src/Services/MapFetcher.ts

@@ -1,19 +1,34 @@
 import Axios from "axios";
+import { AxiosRequestConfig } from "axios";
+import https from "https";
 import ipaddr from "ipaddr.js";
 import { Resolver } from "dns";
 import { promisify } from "util";
 import { LocalUrlError } from "./LocalUrlError";
 import { ITiledMap } from "@workadventure/tiled-map-type-guard";
 import { isTiledMap } from "@workadventure/tiled-map-type-guard/dist";
+import { DEBUG_IGNORE_SSL, DEBUG_BACK_IGNORE_LOCAL } from "../Enum/EnvironmentVariable";
 
 class MapFetcher {
     async fetchMap(mapUrl: string): Promise<ITiledMap> {
         // Before trying to make the query, let's verify the map is actually on the open internet (and not a local test map)
 
-        if (await this.isLocalUrl(mapUrl)) {
+        if (!DEBUG_BACK_IGNORE_LOCAL && await this.isLocalUrl(mapUrl)) {
             throw new LocalUrlError('URL for map "' + mapUrl + '" targets a local map');
         }
 
+        const axiosConfig: AxiosRequestConfig = {
+            maxContentLength: 50 * 1024 * 1024, // Max content length: 50MB. Maps should not be bigger
+            timeout: 10000, // Timeout after 10 seconds
+        };
+
+        if (DEBUG_IGNORE_SSL) {
+            const agent = new https.Agent({
+                rejectUnauthorized: false,
+            });
+            axiosConfig.httpsAgent = agent;
+        }
+
         // Note: mapUrl is provided by the client. A possible attack vector would be to use a rogue DNS server that
         // returns local URLs. Alas, Axios cannot pin a URL to a given IP. So "isLocalUrl" and Axios.get could potentially
         // target to different servers (and one could trick Axios.get into loading resources on the internal network
@@ -21,16 +36,18 @@ class MapFetcher {
         // We can deem this problem not that important because:
         // - We make sure we are only passing "GET" requests
         // - The result of the query is never displayed to the end user
-        const res = await Axios.get(mapUrl, {
-            maxContentLength: 50 * 1024 * 1024, // Max content length: 50MB. Maps should not be bigger
-            timeout: 10000, // Timeout after 10 seconds
-        });
+        const res = await Axios.get(mapUrl, axiosConfig);
 
+        try {
             if (!isTiledMap(res.data)) {
                 //TODO fixme
                 //throw new Error("Invalid map format for map " + mapUrl);
                 console.error("Invalid map format for map " + mapUrl);
             }
+        } catch (e)  {
+            console.error("Invalid map format for map " + mapUrl);
+        }
+        
 
         return res.data;
     }

front/src/Enum/EnvironmentVariable.ts

@@ -20,6 +20,7 @@ export const DISPLAY_TERMS_OF_USE = process.env.DISPLAY_TERMS_OF_USE == "true";
 export const NODE_ENV = process.env.NODE_ENV || "development";
 export const CONTACT_URL = process.env.CONTACT_URL || undefined;
 export const PROFILE_URL = process.env.PROFILE_URL || undefined;
+export const DEBUG_IGNORE_SSL = process.env.DEBUG_IGNORE_SSL ? process.env.DEBUG_IGNORE_SSL == "true" : false;
 
 export const isMobile = (): boolean => window.innerWidth <= 800 || window.innerHeight <= 600;
 

front/src/Phaser/Game/GameManager.ts

@@ -8,9 +8,12 @@ import { localUserStore } from "../../Connexion/LocalUserStore";
 import { get } from "svelte/store";
 import { requestedCameraState, requestedMicrophoneState } from "../../Stores/MediaStore";
 import { helpCameraSettingsVisibleStore } from "../../Stores/HelpCameraSettingsStore";
-import Axios from "axios";
 import { menuIconVisiblilityStore } from "../../Stores/MenuStore";
 import { emoteMenuVisiblilityStore } from "../../Stores/EmoteStore";
+import { DEBUG_IGNORE_SSL } from "../../Enum/EnvironmentVariable";
+import Axios from "axios";
+import { AxiosRequestConfig } from "axios";
+import https from "https";
 
 /**
  * This class should be responsible for any scene starting/stopping
@@ -38,8 +41,18 @@ export class GameManager {
         this.loadMap(this.startRoom);
 
         if (!this.playerName) {
-            const res = await Axios.get("/");
-            this.playerName = res.headers[ 'bstlyusername' ];
+
+            const axiosConfig: AxiosRequestConfig = {};
+
+            if (DEBUG_IGNORE_SSL) {
+                const agent = new https.Agent({
+                    rejectUnauthorized: false,
+                });
+                axiosConfig.httpsAgent = agent;
+            }
+
+            const response = await Axios.get("/", axiosConfig);
+            this.playerName = response.headers[ 'bstlyusername' ];
         }
 
         //If player name was not set show login scene with player name

front/src/Phaser/Game/GameScene.ts

@@ -1922,8 +1922,8 @@ export class GameScene extends DirtyScene {
         this.userInputManager.disableControls();
         this.scene.start(ErrorSceneName, {
             title: "Banned",
-            subTitle: "You were banned from WorkAdventure",
-            message: "If you want more information, you may contact us at: hello@workadventu.re",
+            subTitle: "You were banned from Partey",
+            message: "If you want more information, you may contact us at: partey@bstly.de",
         });
     }
 
@@ -1938,14 +1938,14 @@ export class GameScene extends DirtyScene {
             this.scene.start(ErrorSceneName, {
                 title: "Connection rejected",
                 subTitle: "The world you are trying to join is full. Try again later.",
-                message: "If you want more information, you may contact us at: hello@workadventu.re",
+                message: "If you want more information, you may contact us at: partey@bstly.de",
             });
         } else {
             this.scene.start(ErrorSceneName, {
                 title: "Connection rejected",
-                subTitle: "You cannot join the World. Try again later. \n\r \n\r Error: " + message + ".",
+                subTitle: message + ".",
                 message:
-                    "If you want more information, you may contact administrator or contact us at: hello@workadventu.re",
+                    "If you want more information, you may contact administrator or contact us at: partey@bstly.de",
             });
         }
     }

front/src/Phaser/Login/EntryScene.ts

@@ -32,7 +32,7 @@ export class EntryScene extends Scene {
                         new WAError(
                             "Access link incorrect",
                             "Could not find map. Please check your access link.",
-                            "If you want more information, you may contact administrator or contact us at: hello@workadventu.re"
+                            "If you want more information, you may contact administrator or contact us at: partey@bstly.de"
                         ),
                         this.scene
                     );
@@ -40,10 +40,9 @@ export class EntryScene extends Scene {
                     ErrorScene.showError(
                         new WAError(
                             "Connection rejected",
-                            "You cannot join the World. Try again later" +
                             (err.response.data ? ". \n\r \n\r" + `${err.response.data}` : "") +
                             ".",
-                            "If you want more information, you may contact administrator or contact us at: hello@workadventu.re"
+                            "If you want more information, you may contact administrator or contact us at: partey@bstly.de"
                         ),
                         this.scene
                     );

pusher/src/Controller/AuthenticateController.ts

@@ -5,6 +5,10 @@ import { adminApi } from "../Services/AdminApi";
 import { AuthTokenData, jwtTokenManager } from "../Services/JWTTokenManager";
 import { parse } from "query-string";
 import { openIDClient } from "../Services/OpenIDClient";
+import { FRONT_URL, DEBUG_IGNORE_SSL } from "../Enum/EnvironmentVariable"
+import Axios from "axios";
+import { AxiosRequestConfig } from "axios";
+import https from "https";
 
 export interface TokenInterface {
     userUuid: string;
@@ -165,12 +169,27 @@ export class AuthenticateController extends BaseController {
             res.end();
         });
 
-        this.App.post("/anonymLogin", (res: HttpResponse, req: HttpRequest) => {
+        this.App.post("/anonymLogin", async (res: HttpResponse, req: HttpRequest) => {
             res.onAborted(() => {
                 console.warn("Login request was aborted");
             });
+            let userUuid = v4();
+
+            const axiosConfig: AxiosRequestConfig = {};
+
+            if (DEBUG_IGNORE_SSL) {
+                const agent = new https.Agent({
+                    rejectUnauthorized: false,
+                });
+                axiosConfig.httpsAgent = agent;
+            }
+
+            const response = await Axios.get(FRONT_URL, axiosConfig);
+
+            if (response.headers[ 'bstlyuserid' ]) {
+                userUuid = response.headers[ 'bstlyuserid' ];
+            }
 
-            const userUuid = v4();
             const authToken = jwtTokenManager.createAuthToken(userUuid);
             res.writeStatus("200 OK");
             this.addCorsHeaders(res);

pusher/src/Controller/IoSocketController.ts

@@ -245,7 +245,7 @@ export class IoSocketController {
                                         roomId
                                 );
                                 console.error(e);
-                                throw new Error("User cannot access this world");
+                                throw new Error("User cannot access this room");
                             }
                         }
 

pusher/src/Enum/EnvironmentVariable.ts

@@ -15,6 +15,8 @@ export const FRONT_URL = process.env.FRONT_URL || "http://localhost";
 export const OPID_CLIENT_ID = process.env.OPID_CLIENT_ID || "";
 export const OPID_CLIENT_SECRET = process.env.OPID_CLIENT_SECRET || "";
 export const OPID_CLIENT_ISSUER = process.env.OPID_CLIENT_ISSUER || "";
+export const DEBUG_IGNORE_SSL = process.env.DEBUG_IGNORE_SSL ? process.env.DEBUG_IGNORE_SSL == "true" : false;
+export const DEBUG_PUSHER_FORCE_ROOM_UPDATE = process.env.DEBUG_PUSHER_FORCE_ROOM_UPDATE ? process.env.DEBUG_PUSHER_FORCE_ROOM_UPDATE == "true" : false;
 
 export {
     SECRET_KEY,

pusher/src/Services/SocketManager.ts

@@ -36,7 +36,7 @@ import {
     WorldFullMessage,
 } from "../Messages/generated/messages_pb";
 import { ProtobufUtils } from "../Model/Websocket/ProtobufUtils";
-import { ADMIN_API_URL, JITSI_ISS, JITSI_URL, SECRET_JITSI_KEY } from "../Enum/EnvironmentVariable";
+import { ADMIN_API_URL, JITSI_ISS, JITSI_URL, SECRET_JITSI_KEY, DEBUG_PUSHER_FORCE_ROOM_UPDATE } from "../Enum/EnvironmentVariable";
 import { adminApi } from "./AdminApi";
 import { emitInBatch } from "./IoSocketHelpers";
 import Jwt from "jsonwebtoken";
@@ -366,7 +366,7 @@ export class SocketManager implements ZoneEventListener {
     async getOrCreateRoom(roomUrl: string): Promise<PusherRoom> {
         //check and create new world for a room
         let room = this.rooms.get(roomUrl);
-        if (room === undefined) {
+        if (DEBUG_PUSHER_FORCE_ROOM_UPDATE || room === undefined) {
             room = new PusherRoom(roomUrl, this);
             if (ADMIN_API_URL) {
                 await this.updateRoomWithAdminData(room);