fix: include auth sogs headers everywhere

Author: Bilb

ts/session/apis/open_group_api/sogsv3/sogsV3Capabilities.ts

@@ -5,15 +5,16 @@ import { OpenGroupData, OpenGroupV2Room } from '../../../../data/opengroups';
 import AbortController, { AbortSignal } from 'abort-controller';
 import { batchGlobalIsSuccess } from './sogsV3BatchPoll';
 
-export const capabilitiesFetchForServer = async (
+const capabilitiesFetchForServer = async (
   serverUrl: string,
   serverPubKey: string,
   abortSignal: AbortSignal
 ): Promise<Array<string> | null> => {
   const endpoint = '/capabilities';
   const method = 'GET';
   const serverPubkey = serverPubKey;
-  const blinded = false; // for capabilities, blinding is always false as the request will fail if the server requires blinding
+  // for the capabilities call, we require blinded to be ON now. A sogs with blinding disabled will still allow this call and verify the blinded signature
+  const blinded = true;
   const capabilityHeaders = await OpenGroupPollingUtils.getOurOpenGroupHeaders(
     serverPubkey,
     endpoint,
@@ -33,7 +34,6 @@ export const capabilitiesFetchForServer = async (
     serverPubkey,
     serverUrl,
     stringifiedBody: null,
-    doNotIncludeOurSogsHeaders: true, // the first capabilities needs to not have any authentification to pass on a blinding-required sogs,
     headers: null,
     throwErrors: false,
   });

ts/session/apis/open_group_api/sogsv3/sogsV3FetchFile.ts

@@ -1,6 +1,10 @@
 import AbortController, { AbortSignal } from 'abort-controller';
 import { isUndefined, toNumber } from 'lodash';
-import { OpenGroupV2Room, OpenGroupV2RoomWithImageID } from '../../../../data/opengroups';
+import {
+  OpenGroupData,
+  OpenGroupV2Room,
+  OpenGroupV2RoomWithImageID,
+} from '../../../../data/opengroups';
 import { MIME } from '../../../../types';
 import { processNewAttachment } from '../../../../types/MessageAttachment';
 import { callUtilsWorker } from '../../../../webworker/workers/util_worker_interface';
@@ -16,7 +20,6 @@ export async function fetchBinaryFromSogsWithOnionV4(sendOptions: {
   serverPubkey: string;
   blinded: boolean;
   abortSignal: AbortSignal;
-  doNotIncludeOurSogsHeaders?: boolean;
   headers: Record<string, any> | null;
   roomId: string;
   fileId: string;
@@ -28,7 +31,6 @@ export async function fetchBinaryFromSogsWithOnionV4(sendOptions: {
     blinded,
     abortSignal,
     headers: includedHeaders,
-    doNotIncludeOurSogsHeaders,
     roomId,
     fileId,
     throwError,
@@ -41,15 +43,13 @@ export async function fetchBinaryFromSogsWithOnionV4(sendOptions: {
     throw new Error('endpoint needs a leading /');
   }
   const builtUrl = new URL(`${serverUrl}${endpoint}`);
-  let headersWithSogsHeadersIfNeeded = doNotIncludeOurSogsHeaders
-    ? {}
-    : await OpenGroupPollingUtils.getOurOpenGroupHeaders(
-        serverPubkey,
-        endpoint,
-        method,
-        blinded,
-        stringifiedBody
-      );
+  let headersWithSogsHeadersIfNeeded = await OpenGroupPollingUtils.getOurOpenGroupHeaders(
+    serverPubkey,
+    endpoint,
+    method,
+    blinded,
+    stringifiedBody
+  );
 
   if (isUndefined(headersWithSogsHeadersIfNeeded)) {
     return null;
@@ -98,11 +98,14 @@ export async function sogsV3FetchPreviewAndSaveIt(roomInfos: OpenGroupV2RoomWith
     return;
   }
 
+  const room = OpenGroupData.getV2OpenGroupRoom(convoId);
+  const blinded = roomHasBlindEnabled(room);
+
   // make sure this runs only once for each rooms.
-  // we don't want to trigger one of those on each setPollInfo resultsas it happens on each batch poll.
+  // we don't want to trigger one of those on each setPollInfo results as it happens on each batch poll.
   const oneAtAtimeResult = (await allowOnlyOneAtATime(
     `sogsV3FetchPreview-${serverUrl}-${roomId}`,
-    () => sogsV3FetchPreview(roomInfos)
+    () => sogsV3FetchPreview(roomInfos, blinded)
   )) as Uint8Array | null; // force the return type as allowOnlyOneAtATime does not keep it
 
   if (!oneAtAtimeResult || !oneAtAtimeResult?.byteLength) {
@@ -139,7 +142,7 @@ export async function sogsV3FetchPreviewAndSaveIt(roomInfos: OpenGroupV2RoomWith
  * @returns the fetchedData in base64
  */
 export async function sogsV3FetchPreviewBase64(roomInfos: OpenGroupV2RoomWithImageID) {
-  const fetched = await sogsV3FetchPreview(roomInfos);
+  const fetched = await sogsV3FetchPreview(roomInfos, true); // left pane are session official default rooms, which do require blinded
   if (fetched && fetched.byteLength) {
     return callUtilsWorker('arrayBufferToStringBase64', fetched);
   }
@@ -155,7 +158,8 @@ export async function sogsV3FetchPreviewBase64(roomInfos: OpenGroupV2RoomWithIma
  * Those default rooms do not have a conversation associated with them, as they are not joined yet
  */
 const sogsV3FetchPreview = async (
-  roomInfos: OpenGroupV2RoomWithImageID
+  roomInfos: OpenGroupV2RoomWithImageID,
+  blinded: boolean
 ): Promise<Uint8Array | null> => {
   if (!roomInfos || !roomInfos.imageID) {
     return null;
@@ -164,11 +168,10 @@ const sogsV3FetchPreview = async (
   // not a batch call yet as we need to exclude headers for this call for now
   const fetched = await fetchBinaryFromSogsWithOnionV4({
     abortSignal: new AbortController().signal,
-    blinded: false,
+    blinded,
     headers: null,
     serverPubkey: roomInfos.serverPublicKey,
     serverUrl: roomInfos.serverUrl,
-    doNotIncludeOurSogsHeaders: true,
     roomId: roomInfos.roomId,
     fileId: roomInfos.imageID,
     throwError: false,
@@ -198,7 +201,6 @@ export const sogsV3FetchFileByFileID = async (
     headers: null,
     serverPubkey: roomInfos.serverPublicKey,
     serverUrl: roomInfos.serverUrl,
-    doNotIncludeOurSogsHeaders: true,
     roomId: roomInfos.roomId,
     fileId,
     throwError: true,

ts/session/apis/open_group_api/sogsv3/sogsV3RoomInfos.ts

@@ -11,15 +11,14 @@ import {
 
 export const getAllRoomInfos = async (roomInfos: OpenGroupV2Room) => {
   const result = await OnionSending.sendJsonViaOnionV4ToSogs({
-    blinded: false,
+    blinded: true,
     endpoint: '/rooms',
     method: 'GET',
     serverPubkey: roomInfos.serverPublicKey,
     stringifiedBody: null,
     abortSignal: new AbortController().signal,
     serverUrl: roomInfos.serverUrl,
     headers: null,
-    doNotIncludeOurSogsHeaders: true,
     throwErrors: false,
   });
 
@@ -91,7 +90,6 @@ export async function openGroupV2GetRoomInfoViaOnionV4({
     stringifiedBody: null,
     serverPubkey,
     headers: null,
-    doNotIncludeOurSogsHeaders: true,
     throwErrors: false,
   });
   const room = result?.body as Record<string, any> | undefined;

ts/session/apis/snode_api/onions.ts

@@ -338,6 +338,13 @@ async function processAnyOtherErrorOnPath(
   if (status !== 200) {
     window?.log?.warn(`[path] Got status: ${status}`);
 
+    if (status === 404 || status === 400) {
+      window?.log?.warn(
+        'processAnyOtherErrorOnPathgot 404 or 400, probably a dead sogs. Skipping bad path update'
+      );
+      return;
+    }
+
     // If we have a specific node in fault we can exclude just this node.
     if (ciphertext?.startsWith(NEXT_NODE_NOT_FOUND_PREFIX)) {
       const nodeNotFound = ciphertext.substr(NEXT_NODE_NOT_FOUND_PREFIX.length);

ts/session/onions/onionSend.ts

@@ -277,7 +277,6 @@ async function sendJsonViaOnionV4ToSogs(sendOptions: {
   method: string;
   stringifiedBody: string | null;
   abortSignal: AbortSignal;
-  doNotIncludeOurSogsHeaders?: boolean;
   headers: Record<string, any> | null;
   throwErrors: boolean;
 }): Promise<OnionV4JSONSnodeResponse | null> {
@@ -290,22 +289,19 @@ async function sendJsonViaOnionV4ToSogs(sendOptions: {
     stringifiedBody,
     abortSignal,
     headers: includedHeaders,
-    doNotIncludeOurSogsHeaders,
     throwErrors,
   } = sendOptions;
   if (!endpoint.startsWith('/')) {
     throw new Error('endpoint needs a leading /');
   }
   const builtUrl = new URL(`${serverUrl}${endpoint}`);
-  let headersWithSogsHeadersIfNeeded = doNotIncludeOurSogsHeaders
-    ? {}
-    : await OpenGroupPollingUtils.getOurOpenGroupHeaders(
-        serverPubkey,
-        endpoint,
-        method,
-        blinded,
-        stringifiedBody
-      );
+  let headersWithSogsHeadersIfNeeded = await OpenGroupPollingUtils.getOurOpenGroupHeaders(
+    serverPubkey,
+    endpoint,
+    method,
+    blinded,
+    stringifiedBody
+  );
 
   if (!headersWithSogsHeadersIfNeeded) {
     return null;

ts/session/onions/onionv4.ts

@@ -92,6 +92,18 @@ const decodeV4Response = (snodeResponse: SnodeResponseV4): DecodedResponseV4 | u
         break;
       case 'application/octet-stream':
         break;
+      case 'text/html; charset=utf-8':
+        try {
+          window?.log?.warn(
+            'decodeV4Response - received raw body of type "text/html; charset=utf-8": ',
+            to_string(bodyBinary)
+          );
+        } catch (e) {
+          window?.log?.warn(
+            'decodeV4Response - received raw body of type "text/html; charset=utf-8" but not a string'
+          );
+        }
+        break;
       default:
         window?.log?.warn(
           'decodeV4Response - No or unknown content-type information for response: ',

ts/updater/updater.ts

@@ -46,7 +46,13 @@ export async function start(
   }, 1000 * 60 * 10); // trigger and try to update every 10 minutes to let the file gets downloaded if we are updating
   stopped = false;
 
-  await checkForUpdates(getMainWindow, messages, logger);
+  global.setTimeout(async () => {
+    try {
+      await checkForUpdates(getMainWindow, messages, logger);
+    } catch (error) {
+      logger.error('auto-update: error:', getPrintableError(error));
+    }
+  }, 2 * 60 * 1000); // we do checks from the fileserver every 1 minute.
 }
 
 export function stop() {