mirror of
https://github.com/ProtonMail/proton-bridge.git
synced 2025-12-19 08:37:06 +00:00
GODT-35: New pmapi client and manager using resty
This commit is contained in:
James Houlahan
@ -18,76 +18,23 @@
|
||||
package fakeapi
|
||||
|
||||
import (
|
||||
"strings"
|
||||
"context"
|
||||
|
||||
"github.com/ProtonMail/proton-bridge/pkg/pmapi"
|
||||
)
|
||||
|
||||
func (api *FakePMAPI) SetAuths(auths chan<- *pmapi.Auth) {
|
||||
api.auths = auths
|
||||
}
|
||||
|
||||
func (api *FakePMAPI) AuthInfo(username string) (*pmapi.AuthInfo, error) {
|
||||
if err := api.checkInternetAndRecordCall(POST, "/auth/info", &pmapi.AuthInfoReq{
|
||||
Username: username,
|
||||
}); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
authInfo := &pmapi.AuthInfo{}
|
||||
user, ok := api.controller.usersByUsername[username]
|
||||
if !ok {
|
||||
// If username is wrong, API server will return empty but
|
||||
// positive response
|
||||
return authInfo, nil
|
||||
}
|
||||
authInfo.TwoFA = user.get2FAInfo()
|
||||
return authInfo, nil
|
||||
}
|
||||
|
||||
func (api *FakePMAPI) Auth(username, password string, authInfo *pmapi.AuthInfo) (*pmapi.Auth, error) {
|
||||
if err := api.checkInternetAndRecordCall(POST, "/auth", &pmapi.AuthReq{
|
||||
Username: username,
|
||||
}); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
session, err := api.controller.createSessionIfAuthorized(username, password)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
api.setUID(session.uid)
|
||||
|
||||
if err := api.setUser(username); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
user := api.controller.usersByUsername[username]
|
||||
auth := &pmapi.Auth{
|
||||
TwoFA: user.get2FAInfo(),
|
||||
RefreshToken: session.refreshToken,
|
||||
ExpiresIn: 86400, // seconds
|
||||
}
|
||||
auth.DANGEROUSLYSetUID(session.uid)
|
||||
|
||||
api.sendAuth(auth)
|
||||
|
||||
return auth, nil
|
||||
}
|
||||
|
||||
func (api *FakePMAPI) Auth2FA(twoFactorCode string, auth *pmapi.Auth) error {
|
||||
if err := api.checkInternetAndRecordCall(POST, "/auth/2fa", &pmapi.Auth2FAReq{
|
||||
TwoFactorCode: twoFactorCode,
|
||||
}); err != nil {
|
||||
func (api *FakePMAPI) Auth2FA(_ context.Context, req pmapi.Auth2FAReq) error {
|
||||
if err := api.checkAndRecordCall(POST, "/auth/2fa", req); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if api.uid == "" {
|
||||
return pmapi.ErrInvalidToken
|
||||
return pmapi.ErrUnauthorized
|
||||
}
|
||||
|
||||
session, ok := api.controller.sessionsByUID[api.uid]
|
||||
if !ok {
|
||||
return pmapi.ErrInvalidToken
|
||||
return pmapi.ErrUnauthorized
|
||||
}
|
||||
|
||||
session.hasFullScope = true
|
||||
@ -95,92 +42,24 @@ func (api *FakePMAPI) Auth2FA(twoFactorCode string, auth *pmapi.Auth) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (api *FakePMAPI) AuthRefresh(token string) (*pmapi.Auth, error) {
|
||||
if api.lastToken == "" {
|
||||
api.lastToken = token
|
||||
}
|
||||
|
||||
split := strings.Split(token, ":")
|
||||
if len(split) != 2 {
|
||||
return nil, pmapi.ErrInvalidToken
|
||||
}
|
||||
|
||||
if err := api.checkInternetAndRecordCall(POST, "/auth/refresh", &pmapi.AuthRefreshReq{
|
||||
ResponseType: "token",
|
||||
GrantType: "refresh_token",
|
||||
UID: split[0],
|
||||
RefreshToken: split[1],
|
||||
RedirectURI: "https://protonmail.ch",
|
||||
State: "random_string",
|
||||
}); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
session, ok := api.controller.sessionsByUID[split[0]]
|
||||
if !ok || session.refreshToken != split[1] {
|
||||
api.log.WithField("token", token).
|
||||
WithField("session", session).
|
||||
Warn("Refresh token failed")
|
||||
// The API server will respond normal error not 401 (check api)
|
||||
// i.e. should not use `sendAuth(nil)`
|
||||
api.setUID("")
|
||||
return nil, pmapi.ErrInvalidToken
|
||||
}
|
||||
api.setUID(split[0])
|
||||
|
||||
if err := api.setUser(session.username); err != nil {
|
||||
return nil, err
|
||||
}
|
||||
api.controller.refreshTheTokensForSession(session)
|
||||
api.lastToken = split[0] + ":" + session.refreshToken
|
||||
|
||||
auth := &pmapi.Auth{
|
||||
RefreshToken: session.refreshToken,
|
||||
ExpiresIn: 86400,
|
||||
}
|
||||
auth.DANGEROUSLYSetUID(session.uid)
|
||||
|
||||
api.sendAuth(auth)
|
||||
|
||||
return auth, nil
|
||||
}
|
||||
|
||||
func (api *FakePMAPI) AuthSalt() (string, error) {
|
||||
if err := api.checkInternetAndRecordCall(GET, "/keys/salts", nil); err != nil {
|
||||
func (api *FakePMAPI) AuthSalt(_ context.Context) (string, error) {
|
||||
if err := api.checkAndRecordCall(GET, "/keys/salts", nil); err != nil {
|
||||
return "", err
|
||||
}
|
||||
|
||||
return "", nil
|
||||
}
|
||||
|
||||
func (api *FakePMAPI) Logout() {
|
||||
api.controller.clientManager.LogoutClient(api.userID)
|
||||
func (api *FakePMAPI) AddAuthHandler(handler pmapi.AuthHandler) {
|
||||
api.authHandlers = append(api.authHandlers, handler)
|
||||
}
|
||||
|
||||
func (api *FakePMAPI) IsConnected() bool {
|
||||
return api.uid != "" && api.lastToken != ""
|
||||
}
|
||||
|
||||
func (api *FakePMAPI) DeleteAuth() error {
|
||||
func (api *FakePMAPI) AuthDelete(_ context.Context) error {
|
||||
if err := api.checkAndRecordCall(DELETE, "/auth", nil); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
api.controller.deleteSession(api.uid)
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func (api *FakePMAPI) ClearData() {
|
||||
if api.userKeyRing != nil {
|
||||
api.userKeyRing.ClearPrivateParams()
|
||||
api.userKeyRing = nil
|
||||
}
|
||||
|
||||
for addrID, addr := range api.addrKeyRing {
|
||||
if addr != nil {
|
||||
addr.ClearPrivateParams()
|
||||
delete(api.addrKeyRing, addrID)
|
||||
}
|
||||
}
|
||||
|
||||
api.unsetUser()
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user