Merge pull request oxen-io#2571 from Bilb/fix-private-sogs-authentication

fix: include auth sogs headers for join room and file download

Author: Bilb

ts/components/dialog/SessionPasswordDialog.tsx

@@ -42,12 +42,18 @@ export class SessionPasswordDialog extends React.Component<Props, State> {
   }
 
   public componentDidMount() {
+    document.addEventListener('keyup', this.onEnterPressed);
+
     setTimeout(() => {
       // tslint:disable-next-line: no-unused-expression
       this.passportInput && this.passportInput.focus();
     }, 1);
   }
 
+  public componentWillUnmount() {
+    document.removeEventListener('keyup', this.onEnterPressed);
+  }
+
   public render() {
     const { passwordAction } = this.props;
     let placeholders: Array<string> = [];
@@ -93,15 +99,17 @@ export class SessionPasswordDialog extends React.Component<Props, State> {
               this.passportInput = input;
             }}
             placeholder={placeholders[0]}
-            onKeyUp={this.onPasswordInput}
+            onChange={this.onPasswordInput}
+            onPaste={this.onPasswordInput}
             data-testid="password-input"
           />
           {passwordAction !== 'enter' && passwordAction !== 'remove' && (
             <input
               type="password"
               id="password-modal-input-confirm"
               placeholder={placeholders[1]}
-              onKeyUp={this.onPasswordConfirmInput}
+              onChange={this.onPasswordConfirmInput}
+              onPaste={this.onPasswordConfirmInput}
               data-testid="password-input-confirm"
             />
           )}
@@ -110,7 +118,8 @@ export class SessionPasswordDialog extends React.Component<Props, State> {
               type="password"
               id="password-modal-input-reconfirm"
               placeholder={placeholders[2]}
-              onKeyUp={this.onPasswordRetypeInput}
+              onPaste={this.onPasswordRetypeInput}
+              onChange={this.onPasswordRetypeInput}
               data-testid="password-input-reconfirm"
             />
           )}
@@ -258,6 +267,13 @@ export class SessionPasswordDialog extends React.Component<Props, State> {
     this.closeDialog();
   }
 
+  private async onEnterPressed(event: any) {
+    if (event.key === 'Enter') {
+      event.stopPropagation();
+      return this.setPassword();
+    }
+  }
+
   private async handleActionEnter(enteredPassword: string) {
     // be sure the password is valid
     if (!this.validatePassword(enteredPassword)) {
@@ -321,30 +337,18 @@ export class SessionPasswordDialog extends React.Component<Props, State> {
     window.inboxStore?.dispatch(sessionPassword(null));
   }
 
-  private async onPasswordInput(event: any) {
-    if (event.key === 'Enter') {
-      return this.setPassword();
-    }
+  private onPasswordInput(event: any) {
     const currentPasswordEntered = event.target.value;
-
     this.setState({ currentPasswordEntered });
   }
 
-  private async onPasswordConfirmInput(event: any) {
-    if (event.key === 'Enter') {
-      return this.setPassword();
-    }
+  private onPasswordConfirmInput(event: any) {
     const currentPasswordConfirmEntered = event.target.value;
-
     this.setState({ currentPasswordConfirmEntered });
   }
 
-  private async onPasswordRetypeInput(event: any) {
-    if (event.key === 'Enter') {
-      return this.setPassword();
-    }
+  private onPasswordRetypeInput(event: any) {
     const currentPasswordRetypeEntered = event.target.value;
-
     this.setState({ currentPasswordRetypeEntered });
   }
 }

ts/components/settings/section/CategoryPrivacy.tsx

@@ -97,6 +97,7 @@ export const SettingsCategoryPrivacy = (props: {
               displayPasswordModal('change', props.onPasswordUpdated);
             }}
             buttonText={window.i18n('changePassword')}
+            dataTestId="change-password-settings-button"
           />
         )}
         {props.hasPassword && (
@@ -108,6 +109,7 @@ export const SettingsCategoryPrivacy = (props: {
             }}
             buttonColor={SessionButtonColor.Danger}
             buttonText={window.i18n('removePassword')}
+            dataTestId="remove-password-settings-button"
           />
         )}
       </>

ts/session/apis/open_group_api/opengroupV2/ApiUtil.ts

@@ -142,36 +142,33 @@ const defaultServerPublicKey = 'a03c383cf63c3c4efe67acc52112a6dd734b3a946b9545f4
 const defaultRoom = `${defaultServer}/main?public_key=${defaultServerPublicKey}`;
 
 const loadDefaultRoomsSingle = () =>
-  allowOnlyOneAtATime(
-    'loadDefaultRoomsSingle',
-    async (): Promise<Array<OpenGroupV2InfoJoinable>> => {
-      const roomInfos = parseOpenGroupV2(defaultRoom);
-      if (roomInfos) {
-        try {
-          const roomsGot = await getAllRoomInfos(roomInfos);
-
-          if (!roomsGot) {
-            return [];
-          }
-
-          return roomsGot.map(room => {
-            return {
-              ...room,
-              completeUrl: getCompleteUrlFromRoom({
-                serverUrl: roomInfos.serverUrl,
-                serverPublicKey: roomInfos.serverPublicKey,
-                roomId: room.id,
-              }),
-            };
-          });
-        } catch (e) {
-          window?.log?.warn('loadDefaultRoomloadDefaultRoomssIfNeeded failed', e);
+  allowOnlyOneAtATime('loadDefaultRoomsSingle', async () => {
+    const roomInfos = parseOpenGroupV2(defaultRoom);
+    if (roomInfos) {
+      try {
+        const roomsGot = await getAllRoomInfos(roomInfos);
+
+        if (!roomsGot) {
+          return [];
         }
-        return [];
+
+        return roomsGot.map(room => {
+          return {
+            ...room,
+            completeUrl: getCompleteUrlFromRoom({
+              serverUrl: roomInfos.serverUrl,
+              serverPublicKey: roomInfos.serverPublicKey,
+              roomId: room.id,
+            }),
+          };
+        });
+      } catch (e) {
+        window?.log?.warn('loadDefaultRoomloadDefaultRoomssIfNeeded failed', e);
       }
       return [];
     }
-  );
+    return [];
+  });
 
 /**
  * Load to the cache all the details of the room of the default opengroupv2 server

ts/session/apis/open_group_api/opengroupV2/OpenGroupManagerV2.ts

@@ -45,7 +45,7 @@ export class OpenGroupManagerV2 {
     serverUrl: string,
     roomId: string,
     publicKey: string
-  ): Promise<ConversationModel> {
+  ): Promise<ConversationModel | undefined> {
     const oneAtaTimeStr = `oneAtaTimeOpenGroupV2Join:${serverUrl}${roomId}`;
     return allowOnlyOneAtATime(oneAtaTimeStr, async () => {
       return this.attemptConnectionV2(serverUrl, roomId, publicKey);

ts/session/apis/open_group_api/sogsv3/sogsV3Capabilities.ts

@@ -5,15 +5,16 @@ import { OpenGroupData, OpenGroupV2Room } from '../../../../data/opengroups';
 import AbortController, { AbortSignal } from 'abort-controller';
 import { batchGlobalIsSuccess } from './sogsV3BatchPoll';
 
-export const capabilitiesFetchForServer = async (
+const capabilitiesFetchForServer = async (
   serverUrl: string,
   serverPubKey: string,
   abortSignal: AbortSignal
 ): Promise<Array<string> | null> => {
   const endpoint = '/capabilities';
   const method = 'GET';
   const serverPubkey = serverPubKey;
-  const blinded = false; // for capabilities, blinding is always false as the request will fail if the server requires blinding
+  // for the capabilities call, we require blinded to be ON now. A sogs with blinding disabled will still allow this call and verify the blinded signature
+  const blinded = true;
   const capabilityHeaders = await OpenGroupPollingUtils.getOurOpenGroupHeaders(
     serverPubkey,
     endpoint,
@@ -33,7 +34,6 @@ export const capabilitiesFetchForServer = async (
     serverPubkey,
     serverUrl,
     stringifiedBody: null,
-    doNotIncludeOurSogsHeaders: true, // the first capabilities needs to not have any authentification to pass on a blinding-required sogs,
     headers: null,
     throwErrors: false,
   });

ts/session/apis/open_group_api/sogsv3/sogsV3FetchFile.ts

@@ -1,6 +1,10 @@
 import AbortController, { AbortSignal } from 'abort-controller';
 import { isUndefined, toNumber } from 'lodash';
-import { OpenGroupV2Room, OpenGroupV2RoomWithImageID } from '../../../../data/opengroups';
+import {
+  OpenGroupData,
+  OpenGroupV2Room,
+  OpenGroupV2RoomWithImageID,
+} from '../../../../data/opengroups';
 import { MIME } from '../../../../types';
 import { processNewAttachment } from '../../../../types/MessageAttachment';
 import { callUtilsWorker } from '../../../../webworker/workers/util_worker_interface';
@@ -16,7 +20,6 @@ export async function fetchBinaryFromSogsWithOnionV4(sendOptions: {
   serverPubkey: string;
   blinded: boolean;
   abortSignal: AbortSignal;
-  doNotIncludeOurSogsHeaders?: boolean;
   headers: Record<string, any> | null;
   roomId: string;
   fileId: string;
@@ -28,7 +31,6 @@ export async function fetchBinaryFromSogsWithOnionV4(sendOptions: {
     blinded,
     abortSignal,
     headers: includedHeaders,
-    doNotIncludeOurSogsHeaders,
     roomId,
     fileId,
     throwError,
@@ -41,15 +43,13 @@ export async function fetchBinaryFromSogsWithOnionV4(sendOptions: {
     throw new Error('endpoint needs a leading /');
   }
   const builtUrl = new URL(`${serverUrl}${endpoint}`);
-  let headersWithSogsHeadersIfNeeded = doNotIncludeOurSogsHeaders
-    ? {}
-    : await OpenGroupPollingUtils.getOurOpenGroupHeaders(
-        serverPubkey,
-        endpoint,
-        method,
-        blinded,
-        stringifiedBody
-      );
+  let headersWithSogsHeadersIfNeeded = await OpenGroupPollingUtils.getOurOpenGroupHeaders(
+    serverPubkey,
+    endpoint,
+    method,
+    blinded,
+    stringifiedBody
+  );
 
   if (isUndefined(headersWithSogsHeadersIfNeeded)) {
     return null;
@@ -98,12 +98,15 @@ export async function sogsV3FetchPreviewAndSaveIt(roomInfos: OpenGroupV2RoomWith
     return;
   }
 
+  const room = OpenGroupData.getV2OpenGroupRoom(convoId);
+  const blinded = roomHasBlindEnabled(room);
+
   // make sure this runs only once for each rooms.
-  // we don't want to trigger one of those on each setPollInfo resultsas it happens on each batch poll.
-  const oneAtAtimeResult = (await allowOnlyOneAtATime(
+  // we don't want to trigger one of those on each setPollInfo results as it happens on each batch poll.
+  const oneAtAtimeResult = await allowOnlyOneAtATime(
     `sogsV3FetchPreview-${serverUrl}-${roomId}`,
-    () => sogsV3FetchPreview(roomInfos)
-  )) as Uint8Array | null; // force the return type as allowOnlyOneAtATime does not keep it
+    () => sogsV3FetchPreview(roomInfos, blinded)
+  );
 
   if (!oneAtAtimeResult || !oneAtAtimeResult?.byteLength) {
     window?.log?.warn('sogsV3FetchPreviewAndSaveIt failed for room: ', roomId);
@@ -139,7 +142,7 @@ export async function sogsV3FetchPreviewAndSaveIt(roomInfos: OpenGroupV2RoomWith
  * @returns the fetchedData in base64
  */
 export async function sogsV3FetchPreviewBase64(roomInfos: OpenGroupV2RoomWithImageID) {
-  const fetched = await sogsV3FetchPreview(roomInfos);
+  const fetched = await sogsV3FetchPreview(roomInfos, true); // left pane are session official default rooms, which do require blinded
   if (fetched && fetched.byteLength) {
     return callUtilsWorker('arrayBufferToStringBase64', fetched);
   }
@@ -155,7 +158,8 @@ export async function sogsV3FetchPreviewBase64(roomInfos: OpenGroupV2RoomWithIma
  * Those default rooms do not have a conversation associated with them, as they are not joined yet
  */
 const sogsV3FetchPreview = async (
-  roomInfos: OpenGroupV2RoomWithImageID
+  roomInfos: OpenGroupV2RoomWithImageID,
+  blinded: boolean
 ): Promise<Uint8Array | null> => {
   if (!roomInfos || !roomInfos.imageID) {
     return null;
@@ -164,11 +168,10 @@ const sogsV3FetchPreview = async (
   // not a batch call yet as we need to exclude headers for this call for now
   const fetched = await fetchBinaryFromSogsWithOnionV4({
     abortSignal: new AbortController().signal,
-    blinded: false,
+    blinded,
     headers: null,
     serverPubkey: roomInfos.serverPublicKey,
     serverUrl: roomInfos.serverUrl,
-    doNotIncludeOurSogsHeaders: true,
     roomId: roomInfos.roomId,
     fileId: roomInfos.imageID,
     throwError: false,
@@ -198,7 +201,6 @@ export const sogsV3FetchFileByFileID = async (
     headers: null,
     serverPubkey: roomInfos.serverPublicKey,
     serverUrl: roomInfos.serverUrl,
-    doNotIncludeOurSogsHeaders: true,
     roomId: roomInfos.roomId,
     fileId,
     throwError: true,

ts/session/apis/open_group_api/sogsv3/sogsV3RoomInfos.ts

@@ -11,15 +11,14 @@ import {
 
 export const getAllRoomInfos = async (roomInfos: OpenGroupV2Room) => {
   const result = await OnionSending.sendJsonViaOnionV4ToSogs({
-    blinded: false,
+    blinded: true,
     endpoint: '/rooms',
     method: 'GET',
     serverPubkey: roomInfos.serverPublicKey,
     stringifiedBody: null,
     abortSignal: new AbortController().signal,
     serverUrl: roomInfos.serverUrl,
     headers: null,
-    doNotIncludeOurSogsHeaders: true,
     throwErrors: false,
   });
 
@@ -91,7 +90,6 @@ export async function openGroupV2GetRoomInfoViaOnionV4({
     stringifiedBody: null,
     serverPubkey,
     headers: null,
-    doNotIncludeOurSogsHeaders: true,
     throwErrors: false,
   });
   const room = result?.body as Record<string, any> | undefined;

ts/session/apis/seed_node_api/SeedNodeAPI.ts

@@ -146,9 +146,7 @@ export interface SnodeFromSeed {
 }
 
 const getSnodeListFromSeednodeOneAtAtime = async (seedNodes: Array<string>) =>
-  allowOnlyOneAtATime('getSnodeListFromSeednode', () =>
-    getSnodeListFromSeednode(seedNodes)
-  ) as Promise<Array<SnodeFromSeed>>;
+  allowOnlyOneAtATime('getSnodeListFromSeednode', () => getSnodeListFromSeednode(seedNodes));
 
 /**
  * This call will try 4 times to contact a seed nodes (random) and get the snode list from it.

ts/session/apis/snode_api/onions.ts

@@ -338,6 +338,13 @@ async function processAnyOtherErrorOnPath(
   if (status !== 200) {
     window?.log?.warn(`[path] Got status: ${status}`);
 
+    if (status === 404 || status === 400) {
+      window?.log?.warn(
+        'processAnyOtherErrorOnPathgot 404 or 400, probably a dead sogs. Skipping bad path update'
+      );
+      return;
+    }
+
     // If we have a specific node in fault we can exclude just this node.
     if (ciphertext?.startsWith(NEXT_NODE_NOT_FOUND_PREFIX)) {
       const nodeNotFound = ciphertext.substr(NEXT_NODE_NOT_FOUND_PREFIX.length);