From 8775ce6406bb6a5c9c03dffccbd37453f864c848 Mon Sep 17 00:00:00 2001 From: Juliusz Chroboczek Date: Sat, 8 Apr 2023 21:13:35 +0200 Subject: [PATCH] Keep track of issuer and creation date in tokens. --- rtpconn/webclient.go | 12 +++++++++++- static/galene.js | 26 ++++++++++++++++++++------ token/stateful.go | 2 ++ token/stateful_test.go | 28 +++++++++++++++++----------- 4 files changed, 50 insertions(+), 18 deletions(-) diff --git a/rtpconn/webclient.go b/rtpconn/webclient.go index c85791a..d05f43a 100644 --- a/rtpconn/webclient.go +++ b/rtpconn/webclient.go @@ -1748,6 +1748,14 @@ func handleClientMessage(c *webClient, m clientMessage) error { } } + user := c.username + if user != "" { + tok.IssuedBy = &user + } + + now := time.Now() + tok.IssuedAt = &now + new, err := token.Add(tok) if err != nil { return terror("error", err.Error()) @@ -1778,7 +1786,9 @@ func handleClientMessage(c *webClient, m clientMessage) error { } if tok.Group != "" || tok.Username != nil || tok.Permissions != nil || - tok.NotBefore != nil { + tok.NotBefore != nil || + tok.IssuedBy != nil || + tok.IssuedAt != nil { return terror( "error", "this field cannot be edited", ) diff --git a/static/galene.js b/static/galene.js index 4e9197b..0227319 100644 --- a/static/galene.js +++ b/static/galene.js @@ -2651,7 +2651,7 @@ function gotUserMessage(id, dest, username, time, privileged, kind, error, messa displayError('Unexpected type for token'); return; } - let f = formatToken(message); + let f = formatToken(message, false); localMessage(f[0] + ': ' + f[1]); if('share' in navigator) { try { @@ -2676,7 +2676,7 @@ function gotUserMessage(id, dest, username, time, privileged, kind, error, messa } let s = ''; for(let i = 0; i < message.length; i++) { - let f = formatToken(message[i]); + let f = formatToken(message[i], true); s = s + f[0] + ': ' + f[1] + "\n"; } localMessage(s); @@ -2689,23 +2689,37 @@ function gotUserMessage(id, dest, username, time, privileged, kind, error, messa /** * @param {Object} token + * @param {boolean} [details] */ -function formatToken(token) { +function formatToken(token, details) { let url = new URL(window.location.href); let params = new URLSearchParams(); params.append('token', token.token); url.search = params.toString(); - let foruser = '' + let foruser = '', by = '', togroup = ''; if(token.username) foruser = ` for user ${token.username}`; + if(details) { + if(token.issuedBy) + by = ' issued by ' + token.issuedBy; + if(token.issuedAt) { + if(by === '') + by = ' issued at ' + token.issuedAt; + else + by = by + ' at ' + (new Date(token.issuedAt)).toLocaleString(); + } + } else { + if(token.group) + togroup = ' to group ' + token.group; + } /** @type{Date} */ let expires = null; if(token.expires) expires = new Date(token.expires); return [ (expires && (expires >= new Date())) ? - `Invitation${foruser} valid until ${expires.toLocaleString()}` : - `Expired invitation${foruser}`, + `Invitation${foruser}${togroup}${by} valid until ${expires.toLocaleString()}` : + `Expired invitation${foruser}${togroup}${by}`, url.toString(), ]; } diff --git a/token/stateful.go b/token/stateful.go index 75ae327..95e1eae 100644 --- a/token/stateful.go +++ b/token/stateful.go @@ -19,6 +19,8 @@ type Stateful struct { Permissions []string `json:"permissions"` Expires *time.Time `json:"expires"` NotBefore *time.Time `json:"not-before,omitempty"` + IssuedAt *time.Time `json:"issuedAt,omitempty"` + IssuedBy *string `json:"issuedBy,omitempty"` } func (token *Stateful) Clone() *Stateful { diff --git a/token/stateful_test.go b/token/stateful_test.go index 962e22d..a5e9264 100644 --- a/token/stateful_test.go +++ b/token/stateful_test.go @@ -11,23 +11,29 @@ import ( "time" ) +func timeEqual(a, b *time.Time) bool { + if a == nil && b == nil { + return true + } + + if a!= nil && b != nil { + return (*a).Equal(*b) + } + + return false +} + func equal(a, b *Stateful) bool { if a.Token != b.Token || a.Group != b.Group || !reflect.DeepEqual(a.Username, b.Username) || - !reflect.DeepEqual(a.Permissions, b.Permissions) { - return false - } - if a.Expires != nil && b.Expires != nil { - return (*a.Expires).Equal(*b.Expires) - } - if (a.Expires != nil) != (b.Expires != nil) { + !reflect.DeepEqual(a.Permissions, b.Permissions) || + !timeEqual(a.Expires, b.Expires) || + !reflect.DeepEqual(a.IssuedBy, b.IssuedBy) || + !timeEqual(a.IssuedAt, b.IssuedAt) { return false } - if a.NotBefore != nil && b.NotBefore != nil { - return (*a.NotBefore).Equal(*b.NotBefore) - } - return (a.NotBefore != nil) == (b.NotBefore != nil) + return true } func TestStatefulCheck(t *testing.T) {