Merge pull request #38 from jagerman/new-authentication

 New authentication

Author: jagerman

api.yaml

@@ -1089,8 +1089,8 @@ paths:
                   body:
                     description: >
                       Request body of the onion request.  This is typically used for text-based
-                      values (such as JSON requests).  Exclusive of `body_b64` and `body_json`.  Not
-                      accepted for `GET` requests.
+                      values (such as JSON requests).  Exclusive of `body_binary`.  Not accepted for
+                      `GET` requests.
                     type: string
                   body_binary:
                     description: >
@@ -1101,7 +1101,7 @@ paths:
                       allowing you to POST to endpoints that require binary data (such as file
                       uploads).  Note that when using the Content-Type header defaults to
                       `application/octet-stream`.
-
+                      
                       Note that when including a signature in the `X-SOGS-Signature` header, the
                       signature must use the decoded byte value of the body, *not* the encoded
                       base64 value.

contrib/auth-example.py

@@ -0,0 +1,70 @@
+# Example script for demonstrating X-SOGS-* authentication calculation.
+
+from nacl.bindings import crypto_scalarmult
+from nacl.public import PrivateKey, PublicKey
+from hashlib import blake2b
+from base64 import b64encode
+
+# import time
+# import nacl.utils
+
+# We're going to make a request for:
+method = 'GET'
+path = '/room/the-best-room/messages/recent?limit=25'
+# Should use current integer unix time:
+# ts = int(time.time())
+# But for this example I'll use this fixed value:
+ts = 1642472103
+
+# Server pubkey:
+B = PublicKey(bytes.fromhex('c3b3c6f32f0ab5a57f853cc4f30f5da7fda5624b0c77b3fb0829de562ada081d'))
+
+# Don't worry, this isn't an actually used session private key.  Also
+# note that this is the x25519 priv key, *not* the ed25519 priv key.
+a = PrivateKey(bytes.fromhex('881132ee03dbd2da065aa4c94f96081f62142dc8011d1b7a00de83e4aab38ce4'))
+A = a.public_key
+
+# 057aecdcade88d881d2327ab011afd2e04c2ec6acffc9e9df45aaf78a151bd2f7d:
+session_id = '05' + A.encode().hex()
+
+# We should do something like this here:
+# nonce = nacl.utils.random(16)
+# but for this example I'll use this random nonce:
+nonce = b'\t\xd0y\x9f"\x95\x99\x01\x82\xc3\xab4\x06\xfb\xfc['
+
+# Shared key calculation:
+q = crypto_scalarmult(a.encode(), B.encode()) + A.encode() + B.encode()
+r = blake2b(q, digest_size=42, salt=nonce, person=b'sogs.shared_keys').digest()
+
+# Final hash calculation; start without the body:
+hasher = blake2b(
+    method.encode() + path.encode() + str(ts).encode(),
+    digest_size=42,
+    key=r,
+    salt=nonce,
+    person=b'sogs.auth_header',
+)
+
+# Now add the body to the hash, if applicable.  For this GET request
+# there is no body, so this update does nothing.  For a POST request this
+# this would be the body bytes.  (By using a separate update call I avoid
+# having to copy the body again, which is good if the body is large).
+hasher.update(b'')
+
+h = hasher.digest()
+
+headers = {
+    'X-SOGS-Pubkey': session_id,
+    'X-SOGS-Timestamp': str(ts),
+    'X-SOGS-Nonce': b64encode(nonce).decode(),
+    'X-SOGS-Hash': b64encode(h).decode(),
+}
+
+for h, v in headers.items():
+    print(f"{h}: {v}")
+
+# Prints:
+# X-SOGS-Pubkey: 057aecdcade88d881d2327ab011afd2e04c2ec6acffc9e9df45aaf78a151bd2f7d
+# X-SOGS-Timestamp: 1642472103
+# X-SOGS-Nonce: CdB5nyKVmQGCw6s0Bvv8Ww==
+# X-SOGS-Hash: 0wToLPfUpUSGHGT8n9VIJev5SJ97hUvQTRqBowpnWTqfGb+ldTRa9mU1

sogs/cleanup.py

@@ -17,12 +17,12 @@ def cleanup():
             msg_hist = prune_message_history()
             room_act = prune_room_activity()
             perm_upd = apply_permission_updates()
+            exp_nonces = expire_nonce_history()
             app.logger.debug(
-                "Pruned {} files, {} msg hist, {} room activity, {} perm updates".format(
-                    files, msg_hist, room_act, perm_upd
-                )
+                f"Pruned {files} files, {msg_hist} msg hist, {room_act} room activity, "
+                f"{exp_nonces} nonces; applied {perm_upd} perm updates."
             )
-            return (files, msg_hist, room_act, perm_upd)
+            return (files, msg_hist, room_act, perm_upd, exp_nonces)
         except Exception as e:
             app.logger.warning(f"Periodic database cleanup failed: {e}")
             return None
@@ -87,6 +87,10 @@ def prune_room_activity():
     return count
 
 
+def expire_nonce_history():
+    return query("DELETE FROM user_request_nonces WHERE expiry < :exp", exp=time.time()).rowcount
+
+
 def apply_permission_updates():
     with db.transaction():
         now = time.time()

sogs/crypto.py

@@ -24,6 +24,7 @@
 
 server_pubkey = _privkey.public_key
 
+server_pubkey_bytes = server_pubkey.encode()
 server_pubkey_hex = server_pubkey.encode(HexEncoder).decode('ascii')
 server_pubkey_base64 = server_pubkey.encode(Base64Encoder).decode('ascii')
 

sogs/db.py

@@ -113,6 +113,7 @@ def database_init():
     # Database migrations/updates/etc.
     for migrate in (
         migrate_v01x,
+        add_new_tables,
         add_new_columns,
         update_message_views,
         create_message_details_deleter,
@@ -173,6 +174,41 @@ def add_new_columns(conn):
     return added
 
 
+def add_new_tables(conn):
+    added = False
+    if 'user_request_nonces' not in metadata.tables:
+        if engine.name == 'sqlite':
+            conn.execute(
+                """
+CREATE TABLE user_request_nonces (
+    user INTEGER NOT NULL REFERENCES users(id) ON DELETE CASCADE,
+    nonce BLOB NOT NULL UNIQUE,
+    expiry FLOAT NOT NULL DEFAULT ((julianday('now') - 2440587.5 + 1.0)*86400.0) /* now + 24h */
+)
+"""
+            )
+            conn.execute("CREATE INDEX user_request_nonces_expiry ON user_request_nonces(expiry)")
+        else:
+            conn.execute(
+                """
+CREATE TABLE user_request_nonces (
+    "user" BIGINT NOT NULL REFERENCES users ON DELETE CASCADE,
+    nonce BLOB NOT NULL,
+    expiry FLOAT NOT NULL DEFAULT (extract(epoch from now() + '24 hours'))
+)
+"""
+            )
+            conn.execute(
+                "CREATE UNIQUE INDEX user_request_nonces_nonce"
+                " ON user_request_nonces USING HASH (nonce)"
+            )
+            conn.execute("CREATE INDEX user_request_nonces_expiry ON user_request_nonces(expiry)")
+
+        added = True
+
+    return added
+
+
 def update_message_views(conn):
     if engine.name != "sqlite":
         if any(x not in metadata.tables['message_metadata'].c for x in ('whisper_to', 'filtered')):

sogs/hashing.py

@@ -0,0 +1,37 @@
+import nacl.hashlib
+
+
+def blake2b(
+    data, *, digest_size: int = 32, key: bytes = b'', salt: bytes = b'', person: bytes = b''
+):
+    """
+    Calculates a Blake2B hash.
+
+    Parameters:
+
+    data -- can be bytes, or an iterable containing bytes or byte-like values.  (The latter case is
+    particularly recommended to avoid needing to concatenate existing, potentially large, byte
+    values).
+
+    digest_size -- the digest size, in bytes, which affects both the resulting length but also the
+    hash itself (i.e.  shorter digest sizes are not substrings of longer hash sizes).
+
+    key -- a key, for a keyed hash, which can be up to 64 bytes.
+
+    salt -- a salt for generating distinct hashes for the same data.  Can be up to 16 bytes; if
+    shorter than 16 it will be padded with null bytes.
+
+    person -- a personalization value, which works essentially like a second salt but is typically a
+    unique fixed string for a particular hash purpose.
+
+    Returns a bytes of length `digest_size`.
+    """
+
+    hasher = nacl.hashlib.blake2b(digest_size=digest_size, key=key, salt=salt, person=person)
+    if isinstance(data, bytes):
+        hasher.update(data)
+    else:
+        for part in data:
+            hasher.update(part)
+
+    return hasher.digest()

sogs/http.py

@@ -6,8 +6,10 @@
 UNAUTHORIZED = 401
 FORBIDDEN = 403
 NOT_FOUND = 404
+NOT_ACCEPTABLE = 406
 PRECONDITION_FAILED = 412
 PAYLOAD_TOO_LARGE = 413
+TOO_EARLY = 425
 TOO_MANY_REQUESTS = 429
 INTERNAL_SERVER_ERROR = 500
 BAD_GATEWAY = 502

sogs/model/room.py

@@ -938,12 +938,12 @@ def get_bans(self):
         it should only be accessed by moderators/admins.
         """
 
-        return [
+        return sorted(
             r[0]
             for r in query(
                 "SELECT session_id FROM user_permissions WHERE room = :r AND banned", r=self.id
             )
-        ]
+        )
 
     def set_permissions(self, user: User, *, mod: User, **perms):
         """

sogs/model/user.py

@@ -18,8 +18,8 @@ class User:
         created - unix timestamp when the user was created
         last_active - unix timestamp when the user was last active
         banned - True if the user is (globally) banned
-        admin - True if the user is a global admin
-        moderator - True if the user is a global moderator
+        global_admin - True if the user is a global admin
+        global_moderator - True if the user is a global moderator
         visible_mod - True if the user's admin/moderator status should be visible in rooms
     """
 
@@ -63,8 +63,7 @@ def __init__(self, row=None, *, id=None, session_id=None, autovivify=True, touch
         )
 
         if touch:
-            with db.transaction():
-                self._touch()
+            self._touch()
 
     def __str__(self):
         """Returns string representation of a user: U[050123…cdef], the id prefixed with @ or % if
@@ -96,8 +95,7 @@ def touch(self, force=False):
         to True.
         """
         if not self._touched or force:
-            with db.transaction():
-                self._touch()
+            self._touch()
 
     def update_room_activity(self, room):
         query(
@@ -124,17 +122,16 @@ def set_moderator(self, *, added_by: User, admin=False, visible=False):
             )
             raise BadPermission()
 
-        with db.transaction():
-            query(
-                """
-                UPDATE users
-                SET moderator = TRUE, admin = :admin, visible_mod = :visible
-                WHERE id = :u
-                """,
-                admin=admin,
-                visible=visible,
-                u=self.id,
-            )
+        query(
+            """
+            UPDATE users
+            SET moderator = TRUE, admin = :admin, visible_mod = :visible
+            WHERE id = :u
+            """,
+            admin=admin,
+            visible=visible,
+            u=self.id,
+        )
         self.global_admin = admin
         self.global_moderator = True
         self.visible_mod = visible
@@ -148,11 +145,38 @@ def remove_moderator(self, *, removed_by: User):
             )
             raise BadPermission()
 
-        with db.transaction():
-            query("UPDATE users SET moderator = FALSE, admin = FALSE WHERE id = :u", u=self.id)
+        query("UPDATE users SET moderator = FALSE, admin = FALSE WHERE id = :u", u=self.id)
         self.global_admin = False
         self.global_moderator = False
 
+    def ban(self, *, banned_by: User):
+        """Globally bans this user from the server; can only be applied by a global moderator or
+        global admin, and cannot be applied to another global moderator or admin (to prevent
+        accidental mod/admin banning; to ban them, first explicitly remove them as moderator/admin
+        and then ban)."""
+
+        if not banned_by.global_moderator:
+            app.logger.warning(f"Cannot ban {self}: {banned_by} is not a global mod/admin")
+            raise BadPermission()
+
+        if self.global_moderator:
+            app.logger.warning(f"Cannot ban {self}: user is a global moderator/admin")
+            raise BadPermission()
+
+        query("UPDATE users SET banned = TRUE WHERE id = :u", u=self.id)
+        app.logger.debug(f"{banned_by} globally banned {self}")
+        self.banned = True
+
+    def unban(self, *, unbanned_by: User):
+        """Undoes a global ban.  `unbanned_by` must be a global mod/admin."""
+        if not unbanned_by.global_moderator:
+            app.logger.warning(f"Cannot unban {self}: {unbanned_by} is not a global mod/admin")
+            raise BadPermission()
+
+        query("UPDATE users SET banned = FALSE WHERE id = :u", u=self.id)
+        app.logger.debug(f"{unbanned_by} removed global ban on {self}")
+        self.banned = False
+
     @property
     def system_user(self):
         """True iff this is the special SOGS system user created for internal database tasks"""

sogs/routes/__init__.py

@@ -3,7 +3,7 @@
 from .. import config, crypto, http, utils
 from ..model.room import get_readable_rooms
 
-from . import converters, general, legacy, onion_request  # noqa: F401
+from . import auth, converters, general, legacy, onion_request  # noqa: F401
 
 from io import BytesIO