From 7f0af198e1009d946b0e9c0ece568a093c2f0c7d Mon Sep 17 00:00:00 2001 From: Vin Kabuki Date: Thu, 12 Oct 2023 12:13:55 +0200 Subject: [PATCH] WIP: secure sockets mobile --- .../backend/src/nest/socket/socket.service.ts | 2 +- .../src/renderer/sagas/socket/socket.saga.ts | 2 +- .../com/quietmobile/Backend/BackendWorker.kt | 9 +++++---- .../Scheme/WebsocketConnectionPayload.kt | 3 ++- packages/mobile/src/store/init/init.slice.ts | 1 + .../startConnection/startConnection.saga.ts | 18 ++++++++++++++---- 6 files changed, 24 insertions(+), 11 deletions(-) diff --git a/packages/backend/src/nest/socket/socket.service.ts b/packages/backend/src/nest/socket/socket.service.ts index 77d129c2e8..7fdbce379b 100644 --- a/packages/backend/src/nest/socket/socket.service.ts +++ b/packages/backend/src/nest/socket/socket.service.ts @@ -16,7 +16,6 @@ import { Community, DeleteFilesFromChannelSocketPayload, } from '@quiet/types' -import cors, { CorsOptions } from 'cors' import EventEmitter from 'events' import { CONFIG_OPTIONS, SERVER_IO_PROVIDER } from '../const' import { ConfigOptions, ServerIoProviderTypes } from '../types' @@ -132,6 +131,7 @@ export class SocketService extends EventEmitter implements OnModuleInit { this.logger(`Creating network for community ${community.id}`) this.emit(SocketActionTypes.CREATE_NETWORK, community) }) + socket.on(SocketActionTypes.LEAVE_COMMUNITY, async () => { this.logger('leaving community') this.emit(SocketActionTypes.LEAVE_COMMUNITY) diff --git a/packages/desktop/src/renderer/sagas/socket/socket.saga.ts b/packages/desktop/src/renderer/sagas/socket/socket.saga.ts index 63964f1721..b0d55b1a3b 100644 --- a/packages/desktop/src/renderer/sagas/socket/socket.saga.ts +++ b/packages/desktop/src/renderer/sagas/socket/socket.saga.ts @@ -60,7 +60,7 @@ function subscribeSocketLifecycle(socket?: Socket) { console.log('closing socket connection') emit(socketActions.suspendConnection()) }) - return () => {} + return () => { } }) } diff --git a/packages/mobile/android/app/src/main/java/com/quietmobile/Backend/BackendWorker.kt b/packages/mobile/android/app/src/main/java/com/quietmobile/Backend/BackendWorker.kt index 111310380a..6768c741a8 100644 --- a/packages/mobile/android/app/src/main/java/com/quietmobile/Backend/BackendWorker.kt +++ b/packages/mobile/android/app/src/main/java/com/quietmobile/Backend/BackendWorker.kt @@ -90,6 +90,7 @@ class BackendWorker(private val context: Context, workerParams: WorkerParameters withContext(Dispatchers.IO) { // Get and store data port for usage in methods across the app val dataPort = Utils.getOpenPort(11000) + val socketIOSecret = "secret" // Init nodejs project launch { @@ -112,7 +113,7 @@ class BackendWorker(private val context: Context, workerParams: WorkerParameters * In any case, websocket won't connect until data server starts listening */ delay(WEBSOCKET_CONNECTION_DELAY) - startWebsocketConnection(dataPort) + startWebsocketConnection(dataPort, socketIOSecret) } val dataPath = Utils.createDirectory(context) @@ -122,7 +123,7 @@ class BackendWorker(private val context: Context, workerParams: WorkerParameters val platform = "mobile" - startNodeProjectWithArguments("bundle.cjs --torBinary $torBinary --dataPath $dataPath --dataPort $dataPort --platform $platform") + startNodeProjectWithArguments("bundle.cjs --torBinary $torBinary --dataPath $dataPath --dataPort $dataPort --platform $platform --socketIOSecret $socketIOSecret") } println("FINISHING BACKEND WORKER") @@ -190,10 +191,10 @@ class BackendWorker(private val context: Context, workerParams: WorkerParameters notificationHandler.notify(message, username) } - private fun startWebsocketConnection(port: Int) { + private fun startWebsocketConnection(port: Int, socketIOSecret: Any) { Log.d("WEBSOCKET CONNECTION", "Starting on $port") // Proceed only if data port is defined - val websocketConnectionPayload = WebsocketConnectionPayload(port) + val websocketConnectionPayload = WebsocketConnectionPayload(port, socketIOSecret) CommunicationModule.handleIncomingEvents( CommunicationModule.WEBSOCKET_CONNECTION_CHANNEL, Gson().toJson(websocketConnectionPayload), diff --git a/packages/mobile/android/app/src/main/java/com/quietmobile/Scheme/WebsocketConnectionPayload.kt b/packages/mobile/android/app/src/main/java/com/quietmobile/Scheme/WebsocketConnectionPayload.kt index a5a490284a..3098c08ca9 100644 --- a/packages/mobile/android/app/src/main/java/com/quietmobile/Scheme/WebsocketConnectionPayload.kt +++ b/packages/mobile/android/app/src/main/java/com/quietmobile/Scheme/WebsocketConnectionPayload.kt @@ -1,5 +1,6 @@ package com.quietmobile.Scheme data class WebsocketConnectionPayload ( - val dataPort: Int + val dataPort: Int, + val socketIOSecret: Any ) diff --git a/packages/mobile/src/store/init/init.slice.ts b/packages/mobile/src/store/init/init.slice.ts index c920f91fa9..de00bafcdb 100644 --- a/packages/mobile/src/store/init/init.slice.ts +++ b/packages/mobile/src/store/init/init.slice.ts @@ -23,6 +23,7 @@ export interface InitCheckPayload { export interface WebsocketConnectionPayload { dataPort: number + socketIOSecret?: string } export interface CloseConnectionPayload { diff --git a/packages/mobile/src/store/init/startConnection/startConnection.saga.ts b/packages/mobile/src/store/init/startConnection/startConnection.saga.ts index a40b4671e1..8d49a2c216 100644 --- a/packages/mobile/src/store/init/startConnection/startConnection.saga.ts +++ b/packages/mobile/src/store/init/startConnection/startConnection.saga.ts @@ -2,17 +2,27 @@ import { io, Socket } from 'socket.io-client' import { put, call, cancel, fork, takeEvery, FixedTask } from 'typed-redux-saga' import { PayloadAction } from '@reduxjs/toolkit' import { socket as stateManager } from '@quiet/state-manager' +import { encodeSecret } from '@quiet/common' import { initActions } from '../init.slice' import { eventChannel } from 'redux-saga' export function* startConnectionSaga( action: PayloadAction['payload']> ): Generator { - const { dataPort } = action.payload + const { dataPort, socketIOSecret } = action.payload - const socket = yield* call(io, `http://127.0.0.1:${dataPort}`) - yield* fork(handleSocketLifecycleActions, socket, dataPort) + console.log('socketIOSecret', socketIOSecret) + + if (!socketIOSecret) return + const token = encodeSecret(socketIOSecret) + const socket = yield* call(io, `http://127.0.0.1:${dataPort}`, { + withCredentials: true, + extraHeaders: { + authorization: `Basic ${token}`, + }, + }) + yield* fork(handleSocketLifecycleActions, socket, dataPort) // Handle opening/restoring connection yield* takeEvery(initActions.setWebsocketConnected, setConnectedSaga, socket) } @@ -46,7 +56,7 @@ function subscribeSocketLifecycle(socket: Socket, dataPort: number) { console.log('closing socket connection') emit(initActions.suspendWebsocketConnection()) }) - return () => {} + return () => { } }) }