gitlab-com-mangadex-pub/mangadex_at_home
1
0
Fork 1
mirror of https://gitlab.com/mangadex-pub/mangadex_at_home.git synced 2024-01-19 02:48:37 +00:00
Code Releases Activity

Merge branch 'disable-token-validation' into 'master'

Browse source 
Add support for skipping token validation

See merge request mangadex-pub/mangadex_at_home!92
This commit is contained in:
carbotaniuman 2021-10-01 02:21:31 +00:00
parent ad392b30d8 7f8b406164
commit 7498ed0a4d
4 changed files with 13 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
src/main/kotlin/mdnet/server/ImageServer.kt
View file

@ -108,8 +108,13 @@ fun getServer(
val verifier = TokenVerifier( val verifier = TokenVerifier(
tokenKey = remoteSettings.tokenKey, tokenKey = remoteSettings.tokenKey,
isDisabled = devSettings.disableTokenValidation,
) )
if (devSettings.disableTokenValidation) {
LOGGER.warn { "Token validation has been explicitly disabled. This should only be used for testing!" }
}
return timeRequest() return timeRequest()
.then(addCommonHeaders(devSettings.sendServerHeader)) .then(addCommonHeaders(devSettings.sendServerHeader))
.then(catchAllHideDetails()) .then(catchAllHideDetails())

7
src/main/kotlin/mdnet/server/TokenVerifier.kt
View file

@ -37,11 +37,16 @@ import org.slf4j.LoggerFactory
import java.time.OffsetDateTime import java.time.OffsetDateTime
import java.util.Base64 import java.util.Base64
class TokenVerifier(tokenKey: ByteArray) : Filter { class TokenVerifier(tokenKey: ByteArray, isDisabled: Boolean) : Filter {
private val box = TweetNaclFast.SecretBox(tokenKey) private val box = TweetNaclFast.SecretBox(tokenKey)
private val isDisabled = isDisabled
override fun invoke(next: HttpHandler): HttpHandler { override fun invoke(next: HttpHandler): HttpHandler {
return then@{ return then@{
if (isDisabled) {
return@then next(it)
}
val chapterHash = Path.of("chapterHash")(it) val chapterHash = Path.of("chapterHash")(it)
val cleanedUri = it.uri.path.replaceBefore("/data", "/{token}") val cleanedUri = it.uri.path.replaceBefore("/data", "/{token}")

1
src/main/kotlin/mdnet/settings/ClientSettings.kt
View file

@ -51,6 +51,7 @@ data class DevSettings(
val devUrl: String? = null, val devUrl: String? = null,
val disableSniCheck: Boolean = false, val disableSniCheck: Boolean = false,
val sendServerHeader: Boolean = false, val sendServerHeader: Boolean = false,
val disableTokenValidation: Boolean = false,
) )
@JsonNaming(PropertyNamingStrategies.SnakeCaseStrategy::class) @JsonNaming(PropertyNamingStrategies.SnakeCaseStrategy::class)

2
src/test/kotlin/mdnet/server/TokenVerifierTest.kt
View file

@ -31,7 +31,7 @@ class TokenVerifierTest : FreeSpec() {
val clientKeys = TweetNaclFast.Box.keyPair() val clientKeys = TweetNaclFast.Box.keyPair()
val box = TweetNaclFast.Box(clientKeys.publicKey, remoteKeys.secretKey) val box = TweetNaclFast.Box(clientKeys.publicKey, remoteKeys.secretKey)
val backend = TokenVerifier(box.before()).then { val backend = TokenVerifier(box.before(), false).then {
Response(Status.OK) Response(Status.OK)
} }