bitinflow/expose
1
0
Fork 0
mirror of https://github.com/bitinflow/expose.git synced 2026-03-13 13:35:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Associate shared sites with auth tokens

Browse Source
This commit is contained in:
Marcel Pociot
2020-09-07 13:33:40 +02:00
parent 13f184a955
commit 47b2350631
9 changed files with 297 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/Contracts/ConnectionManager.php
View File

@@ -23,4 +23,6 @@ interface ConnectionManager
public function findControlConnectionForClientId(string $clientId): ?ControlConnection; public function findControlConnectionForClientId(string $clientId): ?ControlConnection;
public function getConnections(): array; public function getConnections(): array;
public function getConnectionsForAuthToken(string $authToken): array;
} }

26
app/Server/Connections/ConnectionManager.php
View File

@@ -4,6 +4,7 @@ namespace App\Server\Connections;
use App\Contracts\ConnectionManager as ConnectionManagerContract; use App\Contracts\ConnectionManager as ConnectionManagerContract;
use App\Contracts\SubdomainGenerator; use App\Contracts\SubdomainGenerator;
use App\Http\QueryParameters;
use Ratchet\ConnectionInterface; use Ratchet\ConnectionInterface;
use React\EventLoop\LoopInterface; use React\EventLoop\LoopInterface;
@@ -46,7 +47,13 @@ class ConnectionManager implements ConnectionManagerContract
$connection->client_id = $clientId; $connection->client_id = $clientId;
$storedConnection = new ControlConnection($connection, $host, $subdomain ?? $this->subdomainGenerator->generateSubdomain(), $clientId); $storedConnection = new ControlConnection(
$connection,
$host,
$subdomain ?? $this->subdomainGenerator->generateSubdomain(),
$clientId,
$this->getAuthTokenFromConnection($connection)
);
$this->connections[] = $storedConnection; $this->connections[] = $storedConnection;
@@ -99,4 +106,21 @@ class ConnectionManager implements ConnectionManagerContract
{ {
return $this->connections; return $this->connections;
} }
protected function getAuthTokenFromConnection(ConnectionInterface $connection): string
{
return QueryParameters::create($connection->httpRequest)->get('authToken');
}
public function getConnectionsForAuthToken(string $authToken): array
{
return collect($this->connections)
->filter(function ($connection) use ($authToken) {
return $connection->authToken === $authToken;
})
->map(function ($connection) {
return $connection->toArray();
})
->toArray();
}
} }

5
app/Server/Connections/ControlConnection.php
View File

@@ -12,17 +12,19 @@ class ControlConnection
/** @var ConnectionInterface */ /** @var ConnectionInterface */
public $socket; public $socket;
public $host; public $host;
public $authToken;
public $subdomain; public $subdomain;
public $client_id; public $client_id;
public $proxies = []; public $proxies = [];
protected $shared_at; protected $shared_at;
public function __construct(ConnectionInterface $socket, string $host, string $subdomain, string $clientId) public function __construct(ConnectionInterface $socket, string $host, string $subdomain, string $clientId, string $authToken = '')
{ {
$this->socket = $socket; $this->socket = $socket;
$this->host = $host; $this->host = $host;
$this->subdomain = $subdomain; $this->subdomain = $subdomain;
$this->client_id = $clientId; $this->client_id = $clientId;
$this->authToken = $authToken;
$this->shared_at = now()->toDateTimeString(); $this->shared_at = now()->toDateTimeString();
} }
@@ -57,6 +59,7 @@ class ControlConnection
return [ return [
'host' => $this->host, 'host' => $this->host,
'client_id' => $this->client_id, 'client_id' => $this->client_id,
'auth_token' => $this->authToken,
'subdomain' => $this->subdomain, 'subdomain' => $this->subdomain,
'shared_at' => $this->shared_at, 'shared_at' => $this->shared_at,
]; ];

2
app/Server/Factory.php
View File

@@ -12,6 +12,7 @@ use App\Server\Http\Controllers\Admin\DeleteUsersController;
use App\Server\Http\Controllers\Admin\DisconnectSiteController; use App\Server\Http\Controllers\Admin\DisconnectSiteController;
use App\Server\Http\Controllers\Admin\GetSettingsController; use App\Server\Http\Controllers\Admin\GetSettingsController;
use App\Server\Http\Controllers\Admin\GetSitesController; use App\Server\Http\Controllers\Admin\GetSitesController;
use App\Server\Http\Controllers\Admin\GetUserDetailsController;
use App\Server\Http\Controllers\Admin\GetUsersController; use App\Server\Http\Controllers\Admin\GetUsersController;
use App\Server\Http\Controllers\Admin\ListSitesController; use App\Server\Http\Controllers\Admin\ListSitesController;
use App\Server\Http\Controllers\Admin\ListUsersController; use App\Server\Http\Controllers\Admin\ListUsersController;
@@ -124,6 +125,7 @@ class Factory
$this->router->post('/api/settings', StoreSettingsController::class, $adminCondition); $this->router->post('/api/settings', StoreSettingsController::class, $adminCondition);
$this->router->get('/api/users', GetUsersController::class, $adminCondition); $this->router->get('/api/users', GetUsersController::class, $adminCondition);
$this->router->post('/api/users', StoreUsersController::class, $adminCondition); $this->router->post('/api/users', StoreUsersController::class, $adminCondition);
$this->router->get('/api/users/{id}', GetUserDetailsController::class, $adminCondition);
$this->router->delete('/api/users/{id}', DeleteUsersController::class, $adminCondition); $this->router->delete('/api/users/{id}', DeleteUsersController::class, $adminCondition);
$this->router->get('/api/sites', GetSitesController::class, $adminCondition); $this->router->get('/api/sites', GetSitesController::class, $adminCondition);
$this->router->delete('/api/sites/{id}', DisconnectSiteController::class, $adminCondition); $this->router->delete('/api/sites/{id}', DisconnectSiteController::class, $adminCondition);

33
app/Server/Http/Controllers/Admin/GetUserDetailsController.php Normal file
View File

@@ -0,0 +1,33 @@
<?php
namespace App\Server\Http\Controllers\Admin;
use App\Contracts\UserRepository;
use Illuminate\Http\Request;
use Ratchet\ConnectionInterface;
class GetUserDetailsController extends AdminController
{
protected $keepConnectionOpen = true;
/** @var UserRepository */
protected $userRepository;
public function __construct(UserRepository $userRepository)
{
$this->userRepository = $userRepository;
}
public function handle(Request $request, ConnectionInterface $httpConnection)
{
$this->userRepository
->getUserById($request->get('id'))
->then(function ($user) use ($httpConnection) {
$httpConnection->send(
respond_json(['user' => $user])
);
$httpConnection->close();
});
}
}

2
app/Server/Http/Controllers/ControlMessageController.php
View File

@@ -127,7 +127,7 @@ class ControlMessageController implements MessageComponentInterface
protected function verifyAuthToken(ConnectionInterface $connection): PromiseInterface protected function verifyAuthToken(ConnectionInterface $connection): PromiseInterface
{ {
if (config('expose.admin.validate_auth_tokens') !== true) { if (config('expose.admin.validate_auth_tokens') !== true) {
return new FulfilledPromise(); return \React\Promise\resolve(null);
} }
$deferred = new Deferred(); $deferred = new Deferred();

28
app/Server/UserRepository/DatabaseUserRepository.php
View File

@@ -2,6 +2,7 @@
namespace App\Server\UserRepository; namespace App\Server\UserRepository;
use App\Contracts\ConnectionManager;
use App\Contracts\UserRepository; use App\Contracts\UserRepository;
use Clue\React\SQLite\DatabaseInterface; use Clue\React\SQLite\DatabaseInterface;
use Clue\React\SQLite\Result; use Clue\React\SQLite\Result;
@@ -13,9 +14,13 @@ class DatabaseUserRepository implements UserRepository
/** @var DatabaseInterface */ /** @var DatabaseInterface */
protected $database; protected $database;
public function __construct(DatabaseInterface $database) /** @var ConnectionManager */
protected $connectionManager;
public function __construct(DatabaseInterface $database, ConnectionManager $connectionManager)
{ {
$this->database = $database; $this->database = $database;
$this->connectionManager = $connectionManager;
} }
public function getUsers(): PromiseInterface public function getUsers(): PromiseInterface
@@ -46,8 +51,12 @@ class DatabaseUserRepository implements UserRepository
$nextPage = $currentPage + 1; $nextPage = $currentPage + 1;
} }
$users = collect($result->rows)->map(function ($user) {
return $this->getUserDetails($user);
})->toArray();
$paginated = [ $paginated = [
'users' => $result->rows, 'users' => $users,
'current_page' => $currentPage, 'current_page' => $currentPage,
'per_page' => $perPage, 'per_page' => $perPage,
'next_page' => $nextPage ?? null, 'next_page' => $nextPage ?? null,
@@ -60,6 +69,13 @@ class DatabaseUserRepository implements UserRepository
return $deferred->promise(); return $deferred->promise();
} }
protected function getUserDetails(array $user)
{
$user['sites'] = $user['auth_token'] !== '' ? $this->connectionManager->getConnectionsForAuthToken($user['auth_token']) : [];
return $user;
}
public function getUserById($id): PromiseInterface public function getUserById($id): PromiseInterface
{ {
$deferred = new Deferred(); $deferred = new Deferred();
@@ -67,7 +83,13 @@ class DatabaseUserRepository implements UserRepository
$this->database $this->database
->query('SELECT * FROM users WHERE id = :id', ['id' => $id]) ->query('SELECT * FROM users WHERE id = :id', ['id' => $id])
->then(function (Result $result) use ($deferred) { ->then(function (Result $result) use ($deferred) {
$deferred->resolve($result->rows[0] ?? null); $user = $result->rows[0] ?? null;
if (! is_null($user)) {
$user = $this->getUserDetails($user);
}
$deferred->resolve($user);
}); });
return $deferred->promise(); return $deferred->promise();

3
tests/Feature/Server/AdminTest.php
View File

@@ -8,6 +8,7 @@ use Clue\React\Buzz\Browser;
use Clue\React\Buzz\Message\ResponseException; use Clue\React\Buzz\Message\ResponseException;
use GuzzleHttp\Psr7\Response; use GuzzleHttp\Psr7\Response;
use Illuminate\Support\Str; use Illuminate\Support\Str;
use Nyholm\Psr7\Request;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
use Ratchet\Server\IoConnection; use Ratchet\Server\IoConnection;
use Tests\Feature\TestCase; use Tests\Feature\TestCase;
@@ -149,6 +150,8 @@ class AdminTest extends TestCase
$connectionManager = app(ConnectionManager::class); $connectionManager = app(ConnectionManager::class);
$connection = \Mockery::mock(IoConnection::class); $connection = \Mockery::mock(IoConnection::class);
$connection->httpRequest = new Request('GET', '/?authToken=some-token');
$connectionManager->storeConnection('some-host.text', 'fixed-subdomain', $connection); $connectionManager->storeConnection('some-host.text', 'fixed-subdomain', $connection);
/** @var Response $response */ /** @var Response $response */

202
tests/Feature/Server/ApiTest.php Normal file
View File

@@ -0,0 +1,202 @@
<?php
namespace Tests\Feature\Server;
use App\Contracts\ConnectionManager;
use App\Server\Factory;
use Clue\React\Buzz\Browser;
use GuzzleHttp\Psr7\Response;
use Illuminate\Support\Str;
use Nyholm\Psr7\Request;
use Ratchet\Server\IoConnection;
use Tests\Feature\TestCase;
class ApiTest extends TestCase
{
/** @var Browser */
protected $browser;
/** @var Factory */
protected $serverFactory;
public function setUp(): void
{
parent::setUp();
$this->browser = new Browser($this->loop);
$this->browser = $this->browser->withOptions([
'followRedirects' => false,
]);
$this->startServer();
}
public function tearDown(): void
{
$this->serverFactory->getSocket()->close();
parent::tearDown();
}
/** @test */
public function it_can_list_all_registered_users()
{
/** @var Response $response */
$this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
])));
/** @var Response $response */
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
]));
$body = json_decode($response->getBody()->getContents());
$users = $body->paginated->users;
$this->assertCount(1, $users);
$this->assertSame('Marcel', $users[0]->name);
$this->assertSame([], $users[0]->sites);
}
/** @test */
public function it_can_get_user_details()
{
/** @var Response $response */
$this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
])));
/** @var Response $response */
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users/1', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
]));
$body = json_decode($response->getBody()->getContents());
$user = $body->user;
$this->assertSame('Marcel', $user->name);
$this->assertSame([], $user->sites);
}
/** @test */
public function it_can_list_all_currently_connected_sites_from_all_users()
{
/** @var Response $response */
$response = $this->await($this->browser->post('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
], json_encode([
'name' => 'Marcel',
])));
$createdUser = json_decode($response->getBody()->getContents())->user;
/** @var ConnectionManager $connectionManager */
$connectionManager = app(ConnectionManager::class);
$connection = \Mockery::mock(IoConnection::class);
$connection->httpRequest = new Request('GET', '/?authToken='.$createdUser->auth_token);
$connectionManager->storeConnection('some-host.test', 'fixed-subdomain', $connection);
$connection = \Mockery::mock(IoConnection::class);
$connection->httpRequest = new Request('GET', '/?authToken=some-other-token');
$connectionManager->storeConnection('some-different-host.test', 'different-subdomain', $connection);
/** @var Response $response */
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/users', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
]));
$body = json_decode($response->getBody()->getContents());
$users = $body->paginated->users;
$this->assertCount(1, $users[0]->sites);
$this->assertSame('some-host.test', $users[0]->sites[0]->host);
$this->assertSame('fixed-subdomain', $users[0]->sites[0]->subdomain);
}
/** @test */
public function it_can_list_all_currently_connected_sites()
{
/** @var ConnectionManager $connectionManager */
$connectionManager = app(ConnectionManager::class);
$connection = \Mockery::mock(IoConnection::class);
$connection->httpRequest = new Request('GET', '/?authToken=some-token');
$connectionManager->storeConnection('some-host.test', 'fixed-subdomain', $connection);
/** @var Response $response */
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/sites', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
]));
$body = json_decode($response->getBody()->getContents());
$sites = $body->sites;
$this->assertCount(1, $sites);
$this->assertSame('some-host.test', $sites[0]->host);
$this->assertSame('some-token', $sites[0]->auth_token);
$this->assertSame('fixed-subdomain', $sites[0]->subdomain);
}
/** @test */
public function it_can_list_all_currently_connected_sites_without_auth_tokens()
{
/** @var ConnectionManager $connectionManager */
$connectionManager = app(ConnectionManager::class);
$connection = \Mockery::mock(IoConnection::class);
$connection->httpRequest = new Request('GET', '/');
$connectionManager->storeConnection('some-host.test', 'fixed-subdomain', $connection);
/** @var Response $response */
$response = $this->await($this->browser->get('http://127.0.0.1:8080/api/sites', [
'Host' => 'expose.localhost',
'Authorization' => base64_encode('username:secret'),
'Content-Type' => 'application/json',
]));
$body = json_decode($response->getBody()->getContents());
$sites = $body->sites;
$this->assertCount(1, $sites);
$this->assertSame('some-host.test', $sites[0]->host);
$this->assertSame('', $sites[0]->auth_token);
$this->assertSame('fixed-subdomain', $sites[0]->subdomain);
}
protected function startServer()
{
$this->app['config']['expose.admin.subdomain'] = 'expose';
$this->app['config']['expose.admin.database'] = ':memory:';
$this->app['config']['expose.admin.users'] = [
'username' => 'secret',
];
$this->serverFactory = new Factory();
$this->serverFactory->setLoop($this->loop)
->createServer();
}
}