Skip to content

Commit

Permalink
fixes
Browse files Browse the repository at this point in the history
  • Loading branch information
or-else committed Dec 7, 2015
1 parent e010878 commit cab9c5e
Show file tree
Hide file tree
Showing 15 changed files with 243 additions and 258 deletions.
14 changes: 10 additions & 4 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -462,17 +462,23 @@ ctrl: {
// requester's own subscriptions
mode: "RWPSDO", // string, user's access permission, equal to bitwise
// AND (info.given & info.want)
public: { ... }, // application-defined user's 'public' object
read: 112, // integer, ID of the message user claims through {note} message
// to have read, optional
recv: 315, // integer, like 'read', but received, optional
private: { ... } // application-defined user's 'private' object, present only
// for the requester's own subscriptions

// The following fields are present only when querying 'me' topic

topic: "grp1XUtEhjv6HND", // string, topic this subscription describes
seq: 321, // integer, server-issued id of the last {data} message
read: 112, // integer, ID of the message user claims through {note} message
// to have read, optional
recv: 315, // integer, like 'read', but received, optional

// The following fields are present only when querying 'me' topic and the
// topic described is a P2P topic

with: "usr2il9suCbuko", // string, if this is a P2P topic, peer's ID, optional
public: { ... }, // application-defined user's 'public' object, present for
// P2P topics only
seen: { // object, if this is a P2P topic, info on when the peer was last
//online
when: "2015-10-24T10:26:09.716Z", // timestamp
Expand Down
42 changes: 18 additions & 24 deletions keygen/keygen.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,42 +18,41 @@ var hmac_salt = []byte{

// Generate API key
// Composition:
// [1:algorithm version][4:appid][2:key sequence][1:isRoot][16:signature] = 24 bytes
// [1:algorithm version][4:deprecated][2:key sequence][1:isRoot][16:signature] = 24 bytes
// convertible to base64 without padding
// All integers are little-endian
func main() {
var appId = flag.Int("appid", 0, "App ID to sign")
var version = flag.Int("sequence", 1, "Sequential number of the API key")
var isRoot = flag.Int("isroot", 0, "Is this a root API key?")
var apikey = flag.String("validate", "", "API key to validate")

flag.Parse()

if *appId != 0 {
generate(*appId, *version, *isRoot)
} else if *apikey != "" {
if *apikey != "" {
validate(*apikey)
} else {
flag.Usage()
generate(*version, *isRoot)
}
}

const (
APIKEY_VERSION = 1
APIKEY_VERSION = 1
// Deprecated
APIKEY_APPID = 4
APIKEY_SEQUENCE = 2
APIKEY_WHO = 1
APIKEY_SIGNATURE = 16
APIKEY_LENGTH = APIKEY_VERSION + APIKEY_APPID + APIKEY_SEQUENCE + APIKEY_WHO + APIKEY_SIGNATURE
)

func generate(appId, sequence, isRoot int) {
func generate(sequence, isRoot int) {

var data [APIKEY_LENGTH]byte

// [1:algorithm version][4:appid][2:key sequence][1:isRoot]
data[0] = 1 // default algorithm
binary.LittleEndian.PutUint32(data[APIKEY_VERSION:], uint32(appId))
// deprecated
binary.LittleEndian.PutUint32(data[APIKEY_VERSION:], uint32(0))
binary.LittleEndian.PutUint16(data[APIKEY_VERSION+APIKEY_APPID:], uint16(sequence))
data[APIKEY_VERSION+APIKEY_APPID+APIKEY_SEQUENCE] = uint8(isRoot)

Expand All @@ -70,41 +69,34 @@ func generate(appId, sequence, isRoot int) {
strIsRoot = "ordinary"
}

fmt.Printf("API key v%d for (%d:%d), %s: %s\n", 1, appId, sequence, strIsRoot,
fmt.Printf("API key v%d seq%d [%s]: %s\n", 1, sequence, strIsRoot,
base64.URLEncoding.EncodeToString(data[:]))
}

func validate(apikey string) {
var version uint8
var appid uint32
var deprecated uint32
var sequence uint16
var isRoot uint8

var strIsRoot string

defer func() {
if appid == 0 {
fmt.Println("INVALID: ", apikey)
} else {
fmt.Printf("Valid (%d:%d), %s\n", appid, sequence, strIsRoot)
}
}()

if declen := base64.URLEncoding.DecodedLen(len(apikey)); declen != APIKEY_LENGTH {
fmt.Println("invalid key length %d, expecting %d", declen, APIKEY_LENGTH)
return
}

data, err := base64.URLEncoding.DecodeString(apikey)
if err != nil {
fmt.Println("failed to decode.base64 appid ", err)
fmt.Println("failed to decode key as base64", err)
return
}

buf := bytes.NewReader(data)
binary.Read(buf, binary.LittleEndian, &version)

if version != 1 {
fmt.Println("unknown appid signature algorithm ", data[0])
fmt.Println("unknown signature algorithm ", data[0])
return
}

Expand All @@ -113,11 +105,11 @@ func validate(apikey string) {
signature := hasher.Sum(nil)

if !bytes.Equal(data[APIKEY_VERSION+APIKEY_APPID+APIKEY_SEQUENCE+APIKEY_WHO:], signature) {
fmt.Println("invalid appid signature ", data, signature)
fmt.Println("invalid signature ", data, signature)
return
}
// [1:algorithm version][4:appid][2:key sequence][1:isRoot]
binary.Read(buf, binary.LittleEndian, &appid)
// [1:algorithm version][4:deprecated][2:key sequence][1:isRoot]
binary.Read(buf, binary.LittleEndian, &deprecated)
binary.Read(buf, binary.LittleEndian, &sequence)
binary.Read(buf, binary.LittleEndian, &isRoot)

Expand All @@ -126,4 +118,6 @@ func validate(apikey string) {
} else {
strIsRoot = "ordinary"
}

fmt.Printf("Valid v%d seq%d, [%s]\n", version, sequence, strIsRoot)
}
10 changes: 6 additions & 4 deletions server/auth.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,6 @@ import (
"crypto/md5"
"crypto/rand"
"encoding/base64"
"encoding/binary"
"log"
)

Expand Down Expand Up @@ -82,7 +81,8 @@ func isValidPass(password string, validMac []byte) bool {
// All integers are little-endian

const (
APIKEY_VERSION = 1
APIKEY_VERSION = 1
// APPKEY is deprecated and will be removed in the future
APIKEY_APPID = 4
APIKEY_SEQUENCE = 2
APIKEY_WHO = 1
Expand All @@ -93,7 +93,7 @@ const (
// Client signature validation
// key: client's secret key
// Returns application id, key type
func checkApiKey(apikey string) (appid uint32, isRoot bool) {
func checkApiKey(apikey string) (isValid, isRoot bool) {

if declen := base64.URLEncoding.DecodedLen(len(apikey)); declen != APIKEY_LENGTH {
return
Expand All @@ -117,7 +117,9 @@ func checkApiKey(apikey string) (appid uint32, isRoot bool) {
return
}

appid = binary.LittleEndian.Uint32(data[APIKEY_VERSION : APIKEY_VERSION+APIKEY_APPID])
isRoot = (data[APIKEY_VERSION+APIKEY_APPID+APIKEY_SEQUENCE] == 1)

isValid = true

return
}
12 changes: 6 additions & 6 deletions server/datamodel.go
Original file line number Diff line number Diff line change
Expand Up @@ -260,17 +260,19 @@ type MsgTopicSub struct {
Online string `json:"online,omitempty"`

// cumulative access mode (mode.Want & mode.Given)
AcsMode string `json:"mode"`
AcsMode string `json:"mode"`
// ID of the message reported by the client as read
ReadSeqId int `json:"read,omitempty"`
// ID of the message reported by the client as received
RecvSeqId int `json:"recv,omitempty"`
// Topic's public data
Public interface{} `json:"public,omitempty"`
Private interface{} `json:"private,omitempty"`

// All following makes sence only in context of getting user's subscriptions

// ID of the last {data} message in a topic
SeqId int `json:"seq,omitempty"`
// ID of the message reported by the client as read
ReadSeqId int `json:"read,omitempty"`
RecvSeqId int `json:"recv,omitempty"`
// P2P topics only
// ID of the other user
With string `json:"with,omitempty"`
Expand Down Expand Up @@ -351,8 +353,6 @@ type ServerComMessage struct {

// to: topic
rcptto string
// appid, also for routing
appid uint32
// originating session, copy of Session.send
akn chan<- []byte
// origin-specific id to use in {ctrl} aknowledgements
Expand Down
Loading

0 comments on commit cab9c5e

Please sign in to comment.