Mercurial > libervia-web
view libervia/web/server/server.py @ 1543:f00497c00e38
pages (chat): fix `own_jid` exposure:
`own_jid` is a `JID` instance, and must be casted to str to be exposed.
author | Goffi <goffi@goffi.org> |
---|---|
date | Thu, 06 Jul 2023 12:05:48 +0200 |
parents | a44f77559279 |
children | e47c24204449 |
line wrap: on
line source
#!/usr/bin/env python3 # Libervia Web # Copyright (C) 2011-2021 Jérôme Poisson <goffi@goffi.org> # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU Affero General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU Affero General Public License for more details. # You should have received a copy of the GNU Affero General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. from functools import partial import os.path from pathlib import Path import re import sys import time from typing import Callable, Dict, Optional import urllib.error import urllib.parse import urllib.request from twisted.application import service from twisted.internet import defer, inotify, reactor from twisted.python import failure from twisted.python import filepath from twisted.python.components import registerAdapter from twisted.web import server from twisted.web import static from twisted.web import resource as web_resource from twisted.web import util as web_util from twisted.web import vhost from twisted.words.protocols.jabber import jid import libervia.web from libervia.web.server import websockets from libervia.web.server import session_iface from libervia.web.server.constants import Const as C from libervia.web.server.pages import LiberviaPage from libervia.web.server.tasks.manager import TasksManager from libervia.web.server.utils import ProgressHandler from libervia.backend.core import exceptions from libervia.backend.core.i18n import _ from libervia.backend.core.log import getLogger from libervia.backend.tools import utils from libervia.backend.tools import config from libervia.backend.tools.common import regex from libervia.backend.tools.common import template from libervia.backend.tools.common import data_format from libervia.backend.tools.common import tls from libervia.frontends.bridge.bridge_frontend import BridgeException from libervia.frontends.bridge.dbus_bridge import BridgeExceptionNoService, bridge from libervia.frontends.bridge.dbus_bridge import const_TIMEOUT as BRIDGE_TIMEOUT from .resources import LiberviaRootResource, ProtectedFile from .restricted_bridge import RestrictedBridge log = getLogger(__name__) DEFAULT_MASK = (inotify.IN_CREATE | inotify.IN_MODIFY | inotify.IN_MOVE_SELF | inotify.IN_MOVED_TO) class SysExit(Exception): def __init__(self, exit_code, message=""): self.exit_code = exit_code self.message = message def __str__(self): return f"System Exit({self.exit_code}): {self.message}" class FilesWatcher(object): """Class to check files modifications using iNotify""" _notifier = None def __init__(self, host): self.host = host @property def notifier(self): if self._notifier == None: notifier = self.__class__._notifier = inotify.INotify() notifier.startReading() return self._notifier def _check_callback(self, dir_path, callback, recursive): # Twisted doesn't add callback if a watcher was already set on a path # but in dev mode Libervia watches whole sites + internal path can be watched # by tasks, so several callbacks must be called on some paths. # This method check that the new callback is indeed present in the desired path # and add it otherwise. # FIXME: this should probably be fixed upstream if recursive: for child in dir_path.walk(): if child.isdir(): self._check_callback(child, callback, recursive=False) else: watch_id = self.notifier._isWatched(dir_path) if watch_id is None: log.warning( f"There is no watch ID for path {dir_path}, this should not happen" ) else: watch_point = self.notifier._watchpoints[watch_id] if callback not in watch_point.callbacks: watch_point.callbacks.append(callback) def watch_dir(self, dir_path, callback, mask=DEFAULT_MASK, auto_add=False, recursive=False, **kwargs): dir_path = str(dir_path) log.info(_("Watching directory {dir_path}").format(dir_path=dir_path)) wrapped_callback = lambda __, filepath, mask: callback( self.host, filepath, inotify.humanReadableMask(mask), **kwargs) callbacks = [wrapped_callback] dir_path = filepath.FilePath(dir_path) self.notifier.watch( dir_path, mask=mask, autoAdd=auto_add, recursive=recursive, callbacks=callbacks) self._check_callback(dir_path, wrapped_callback, recursive) class WebSession(server.Session): sessionTimeout = C.SESSION_TIMEOUT def __init__(self, *args, **kwargs): self.__lock = False server.Session.__init__(self, *args, **kwargs) def lock(self): """Prevent session from expiring""" self.__lock = True self._expireCall.reset(sys.maxsize) def unlock(self): """Allow session to expire again, and touch it""" self.__lock = False self.touch() def touch(self): if not self.__lock: server.Session.touch(self) class WaitingRequests(dict): def set_request(self, request, profile, register_with_ext_jid=False): """Add the given profile to the waiting list. @param request (server.Request): the connection request @param profile (str): %(doc_profile)s @param register_with_ext_jid (bool): True if we will try to register the profile with an external XMPP account credentials """ dc = reactor.callLater(BRIDGE_TIMEOUT, self.purge_request, profile) self[profile] = (request, dc, register_with_ext_jid) def purge_request(self, profile): """Remove the given profile from the waiting list. @param profile (str): %(doc_profile)s """ try: dc = self[profile][1] except KeyError: return if dc.active(): dc.cancel() del self[profile] def get_request(self, profile): """Get the waiting request for the given profile. @param profile (str): %(doc_profile)s @return: the waiting request or None """ return self[profile][0] if profile in self else None def get_register_with_ext_jid(self, profile): """Get the value of the register_with_ext_jid parameter. @param profile (str): %(doc_profile)s @return: bool or None """ return self[profile][2] if profile in self else None class LiberviaWeb(service.Service): debug = defer.Deferred.debug # True if twistd/Libervia is launched in debug mode def __init__(self, options): self.options = options websockets.host = self def _init(self): # we do init here and not in __init__ to avoid doule initialisation with twistd # this _init is called in startService self.initialised = defer.Deferred() self.waiting_profiles = WaitingRequests() # FIXME: should be removed self._main_conf = None self.files_watcher = FilesWatcher(self) if self.options["base_url_ext"]: self.base_url_ext = self.options.pop("base_url_ext") if self.base_url_ext[-1] != "/": self.base_url_ext += "/" self.base_url_ext_data = urllib.parse.urlsplit(self.base_url_ext) else: self.base_url_ext = None # we split empty string anyway so we can do things like # scheme = self.base_url_ext_data.scheme or 'https' self.base_url_ext_data = urllib.parse.urlsplit("") if not self.options["port_https_ext"]: self.options["port_https_ext"] = self.options["port_https"] self._cleanup = [] self.sessions = {} # key = session value = user self.prof_connected = set() # Profiles connected self.ns_map = {} # map of short name to namespaces ## bridge ## self._bridge_retry = self.options['bridge-retries'] self.bridge = bridge() self.bridge.bridge_connect(callback=self._bridge_cb, errback=self._bridge_eb) ## libervia app callbacks ## # mapping instance id to the callback to call on "started" signal self.apps_cb: Dict[str, Callable] = {} @property def roots(self): """Return available virtual host roots Root resources are only returned once, even if they are present for multiple named vhosts. Order is not relevant, except for default vhost which is always returned first. @return (list[web_resource.Resource]): all vhost root resources """ roots = list(set(self.vhost_root.hosts.values())) default = self.vhost_root.default if default is not None and default not in roots: roots.insert(0, default) return roots @property def main_conf(self): """SafeConfigParser instance opened on configuration file (libervia.conf)""" if self._main_conf is None: self._main_conf = config.parse_main_conf(log_filenames=True) return self._main_conf def config_get(self, site_root_res, key, default=None, value_type=None): """Retrieve configuration associated to a site Section is automatically set to site name @param site_root_res(LiberviaRootResource): resource of the site in use @param key(unicode): key to use @param default: value to use if not found (see [config.config_get]) @param value_type(unicode, None): filter to use on value Note that filters are already automatically used when the key finish by a well known suffix ("_path", "_list", "_dict", or "_json") None to use no filter, else can be: - "path": a path is expected, will be normalized and expanded """ section = site_root_res.site_name.lower().strip() or C.CONFIG_SECTION value = config.config_get(self.main_conf, section, key, default=default) if value_type is not None: if value_type == 'path': v_filter = lambda v: os.path.abspath(os.path.expanduser(v)) else: raise ValueError("unknown value type {value_type}".format( value_type = value_type)) if isinstance(value, list): value = [v_filter(v) for v in value] elif isinstance(value, dict): value = {k:v_filter(v) for k,v in list(value.items())} elif value is not None: value = v_filter(value) return value def _namespaces_get_cb(self, ns_map): self.ns_map = {str(k): str(v) for k,v in ns_map.items()} def _namespaces_get_eb(self, failure_): log.error(_("Can't get namespaces map: {msg}").format(msg=failure_)) @template.pass_context def _front_url_filter(self, ctx, relative_url): template_data = ctx['template_data'] return os.path.join( '/', C.TPL_RESOURCE, template_data.site or C.SITE_NAME_DEFAULT, C.TEMPLATE_TPL_DIR, template_data.theme, relative_url) def _move_first_level_to_dict(self, options, key, keys_to_keep): """Read a config option and put value at first level into u'' dict This is useful to put values for Libervia official site directly in dictionary, and to use site_name as keys when external sites are used. options will be modified in place @param options(dict): options to modify @param key(unicode): setting key to modify @param keys_to_keep(list(unicode)): keys allowed in first level """ try: conf = options[key] except KeyError: return if not isinstance(conf, dict): options[key] = {'': conf} return default_dict = conf.get('', {}) to_delete = [] for key, value in conf.items(): if key not in keys_to_keep: default_dict[key] = value to_delete.append(key) for key in to_delete: del conf[key] if default_dict: conf[''] = default_dict async def check_and_connect_service_profile(self): passphrase = self.options["passphrase"] if not passphrase: raise SysExit( C.EXIT_BAD_ARG, _("No passphrase set for service profile, please check installation " "documentation.") ) try: s_prof_connected = await self.bridge_call("is_connected", C.SERVICE_PROFILE) except BridgeException as e: if e.classname == "ProfileUnknownError": log.info("Service profile doesn't exist, creating it.") try: xmpp_domain = await self.bridge_call("config_get", "", "xmpp_domain") xmpp_domain = xmpp_domain.strip() if not xmpp_domain: raise SysExit( C.EXIT_BAD_ARG, _('"xmpp_domain" must be set to create new accounts, please ' 'check documentation') ) service_profile_jid_s = f"{C.SERVICE_PROFILE}@{xmpp_domain}" await self.bridge_call( "in_band_account_new", service_profile_jid_s, passphrase, "", xmpp_domain, 0, ) except BridgeException as e: if e.condition == "conflict": log.info( _("Service's profile JID {profile_jid} already exists") .format(profile_jid=service_profile_jid_s) ) elif e.classname == "UnknownMethod": raise SysExit( C.EXIT_BRIDGE_ERROR, _("Can't create service profile XMPP account, In-Band " "Registration plugin is not activated, you'll have to " "create the {profile!r} profile with {profile_jid!r} JID " "manually.").format( profile=C.SERVICE_PROFILE, profile_jid=service_profile_jid_s) ) elif e.condition == "service-unavailable": raise SysExit( C.EXIT_BRIDGE_ERROR, _("Can't create service profile XMPP account, In-Band " "Registration is not activated on your server, you'll have " "to create the {profile!r} profile with {profile_jid!r} JID " "manually.\nNote that you'll need to activate In-Band " "Registation on your server if you want users to be able " "to create new account from {app_name}, please check " "documentation.").format( profile=C.SERVICE_PROFILE, profile_jid=service_profile_jid_s, app_name=C.APP_NAME) ) elif e.condition == "not-acceptable": raise SysExit( C.EXIT_BRIDGE_ERROR, _("Can't create service profile XMPP account, your XMPP " "server doesn't allow us to create new accounts with " "In-Band Registration please check XMPP server " "configuration: {reason}" ).format( profile=C.SERVICE_PROFILE, profile_jid=service_profile_jid_s, reason=e.message) ) else: raise SysExit( C.EXIT_BRIDGE_ERROR, _("Can't create service profile XMPP account, you'll have " "do to it manually: {reason}").format(reason=e.message) ) try: await self.bridge_call("profile_create", C.SERVICE_PROFILE, passphrase) await self.bridge_call( "profile_start_session", passphrase, C.SERVICE_PROFILE) await self.bridge_call( "param_set", "JabberID", service_profile_jid_s, "Connection", -1, C.SERVICE_PROFILE) await self.bridge_call( "param_set", "Password", passphrase, "Connection", -1, C.SERVICE_PROFILE) except BridgeException as e: raise SysExit( C.EXIT_BRIDGE_ERROR, _("Can't create service profile XMPP account, you'll have " "do to it manually: {reason}").format(reason=e.message) ) log.info(_("Service profile has been successfully created")) s_prof_connected = False else: raise SysExit(C.EXIT_BRIDGE_ERROR, e.message) if not s_prof_connected: try: await self.bridge_call( "connect", C.SERVICE_PROFILE, passphrase, {}, ) except BridgeException as e: raise SysExit( C.EXIT_BRIDGE_ERROR, _("Connection of service profile failed: {reason}").format(reason=e) ) async def backend_ready(self): log.info(f"Libervia Web v{self.full_version}") # settings if self.options['dev-mode']: log.info(_("Developer mode activated")) self.media_dir = await self.bridge_call("config_get", "", "media_dir") self.local_dir = await self.bridge_call("config_get", "", "local_dir") self.cache_root_dir = os.path.join(self.local_dir, C.CACHE_DIR) self.renderer = template.Renderer(self, self._front_url_filter) sites_names = list(self.renderer.sites_paths.keys()) self._move_first_level_to_dict(self.options, "url_redirections_dict", sites_names) self._move_first_level_to_dict(self.options, "menu_json", sites_names) self._move_first_level_to_dict(self.options, "menu_extra_json", sites_names) menu = self.options["menu_json"] if not '' in menu: menu[''] = C.DEFAULT_MENU for site, value in self.options["menu_extra_json"].items(): menu[site].extend(value) # service profile if not self.options['build-only']: await self.check_and_connect_service_profile() # restricted bridge, the one used by browser code self.restricted_bridge = RestrictedBridge(self) # we create virtual hosts and import Libervia pages into them self.vhost_root = vhost.NameVirtualHost() default_site_path = Path(libervia.web.__file__).parent.resolve() # self.sat_root is official Libervia site root_path = default_site_path / C.TEMPLATE_STATIC_DIR self.sat_root = default_root = LiberviaRootResource( host=self, host_name='', site_name='', site_path=default_site_path, path=root_path) if self.options['dev-mode']: self.files_watcher.watch_dir( default_site_path, auto_add=True, recursive=True, callback=LiberviaPage.on_file_change, site_root=self.sat_root, site_path=default_site_path) LiberviaPage.import_pages(self, self.sat_root) tasks_manager = TasksManager(self, self.sat_root) await tasks_manager.parse_tasks() await tasks_manager.run_tasks() # FIXME: handle _set_menu in a more generic way, taking care of external sites await self.sat_root._set_menu(self.options["menu_json"]) self.vhost_root.default = default_root existing_vhosts = {b'': default_root} for host_name, site_name in self.options["vhosts_dict"].items(): if site_name == C.SITE_NAME_DEFAULT: raise ValueError( f"{C.DEFAULT_SITE_NAME} is reserved and can't be used in vhosts_dict") encoded_site_name = site_name.encode('utf-8') try: site_path = self.renderer.sites_paths[site_name] except KeyError: log.warning(_( "host {host_name} link to non existing site {site_name}, ignoring " "it").format(host_name=host_name, site_name=site_name)) continue if encoded_site_name in existing_vhosts: # we have an alias host, we re-use existing resource res = existing_vhosts[encoded_site_name] else: # for root path we first check if there is a global static dir # if not, we use default template's static dir root_path = os.path.join(site_path, C.TEMPLATE_STATIC_DIR) if not os.path.isdir(root_path): root_path = os.path.join( site_path, C.TEMPLATE_TPL_DIR, C.TEMPLATE_THEME_DEFAULT, C.TEMPLATE_STATIC_DIR) res = LiberviaRootResource( host=self, host_name=host_name, site_name=site_name, site_path=site_path, path=root_path) existing_vhosts[encoded_site_name] = res if self.options['dev-mode']: self.files_watcher.watch_dir( site_path, auto_add=True, recursive=True, callback=LiberviaPage.on_file_change, site_root=res, # FIXME: site_path should always be a Path, check code above and # in template module site_path=Path(site_path)) LiberviaPage.import_pages(self, res) # FIXME: default pages are accessible if not overriden by external website # while necessary for login or re-using existing pages # we may want to disable access to the page by direct URL # (e.g. /blog disabled except if called by external site) LiberviaPage.import_pages(self, res, root_path=default_site_path) tasks_manager = TasksManager(self, res) await tasks_manager.parse_tasks() await tasks_manager.run_tasks() await res._set_menu(self.options["menu_json"]) self.vhost_root.addHost(host_name.encode('utf-8'), res) templates_res = web_resource.Resource() self.put_child_all(C.TPL_RESOURCE.encode('utf-8'), templates_res) for site_name, site_path in self.renderer.sites_paths.items(): templates_res.putChild(site_name.encode() or C.SITE_NAME_DEFAULT.encode(), static.File(site_path)) d = self.bridge_call("namespaces_get") d.addCallback(self._namespaces_get_cb) d.addErrback(self._namespaces_get_eb) # websocket if self.options["connection_type"] in ("https", "both"): wss = websockets.LiberviaPageWSProtocol.get_resource(secure=True) self.put_child_all(b'wss', wss) if self.options["connection_type"] in ("http", "both"): ws = websockets.LiberviaPageWSProtocol.get_resource(secure=False) self.put_child_all(b'ws', ws) # following signal is needed for cache handling in Libervia pages self.bridge.register_signal( "ps_event_raw", partial(LiberviaPage.on_node_event, self), "plugin" ) self.bridge.register_signal( "message_new", partial(self.on_signal, "message_new") ) self.bridge.register_signal( "call_accepted", partial(self.on_signal, "call_accepted"), "plugin" ) self.bridge.register_signal( "call_ended", partial(self.on_signal, "call_ended"), "plugin" ) self.bridge.register_signal( "ice_candidates_new", partial(self.on_signal, "ice_candidates_new"), "plugin" ) self.bridge.register_signal( "action_new", self.action_new_handler, ) # libervia applications handling self.bridge.register_signal( "application_started", self.application_started_handler, "plugin" ) self.bridge.register_signal( "application_error", self.application_error_handler, "plugin" ) # Progress handling self.bridge.register_signal( "progress_started", partial(ProgressHandler._signal, "started") ) self.bridge.register_signal( "progress_finished", partial(ProgressHandler._signal, "finished") ) self.bridge.register_signal( "progress_error", partial(ProgressHandler._signal, "error") ) # media dirs # FIXME: get rid of dirname and "/" in C.XXX_DIR self.put_child_all(os.path.dirname(C.MEDIA_DIR).encode('utf-8'), ProtectedFile(self.media_dir)) self.cache_resource = web_resource.NoResource() self.put_child_all(C.CACHE_DIR.encode('utf-8'), self.cache_resource) self.cache_resource.putChild( b"common", ProtectedFile(str(self.cache_root_dir / Path("common")))) # redirections for root in self.roots: await root._init_redirections(self.options) # no need to keep url_redirections_dict, it will not be used anymore del self.options["url_redirections_dict"] server.Request.defaultContentType = "text/html; charset=utf-8" wrapped = web_resource.EncodingResourceWrapper( self.vhost_root, [server.GzipEncoderFactory()] ) self.site = server.Site(wrapped) self.site.sessionFactory = WebSession def _bridge_cb(self): del self._bridge_retry self.bridge.ready_get( lambda: self.initialised.callback(None), lambda failure: self.initialised.errback(Exception(failure)), ) self.initialised.addCallback(lambda __: defer.ensureDeferred(self.backend_ready())) def _bridge_eb(self, failure_): if isinstance(failure_, BridgeExceptionNoService): if self._bridge_retry: if self._bridge_retry < 0: print(_("Can't connect to bridge, will retry indefinitely. " "Next try in 1s.")) else: self._bridge_retry -= 1 print( _( "Can't connect to bridge, will retry in 1 s ({retries_left} " "trie(s) left)." ).format(retries_left=self._bridge_retry) ) time.sleep(1) self.bridge.bridge_connect(callback=self._bridge_cb, errback=self._bridge_eb) return print("Can't connect to SàT backend, are you sure it's launched ?") else: log.error("Can't connect to bridge: {}".format(failure)) sys.exit(1) @property def version(self): """Return the short version of Libervia""" return C.APP_VERSION @property def full_version(self): """Return the full version of Libervia (with extra data when in dev mode)""" version = self.version if version.split(".")[-1] == "dev0": # we are in debug version, we add extra data try: return self._version_cache except AttributeError: self._version_cache = "{} ({})".format( version, utils.get_repository_data(libervia.web) ) return self._version_cache else: return version def bridge_call(self, method_name, *args, **kwargs): """Call an asynchronous bridge method and return a deferred @param method_name: name of the method as a unicode @return: a deferred which trigger the result """ d = defer.Deferred() def _callback(*args): if not args: d.callback(None) else: if len(args) != 1: Exception("Multiple return arguments not supported") d.callback(args[0]) def _errback(failure_): d.errback(failure.Failure(failure_)) kwargs["callback"] = _callback kwargs["errback"] = _errback getattr(self.bridge, method_name)(*args, **kwargs) return d def action_new_handler( self, action_data_s: str, action_id: str, security_limit: int, profile: str ) -> None: if security_limit > C.SECURITY_LIMIT: log.debug( f"ignoring action {action_id} due to security limit" ) else: self.on_signal( "action_new", action_data_s, action_id, security_limit, profile ) def on_signal(self, signal_name, *args): profile = args[-1] if not profile: log.error(f"got signal without profile: {signal_name}, {args}") return session_iface.WebSession.send( profile, "bridge", {"signal": signal_name, "args": args} ) def application_started_handler( self, name: str, instance_id: str, extra_s: str ) -> None: callback = self.apps_cb.pop(instance_id, None) if callback is not None: defer.ensureDeferred(callback(str(name), str(instance_id))) def application_error_handler( self, name: str, instance_id: str, extra_s: str ) -> None: callback = self.apps_cb.pop(instance_id, None) if callback is not None: extra = data_format.deserialise(extra_s) log.error( f"Can't start application {name}: {extra['class']}\n{extra['msg']}" ) async def _logged(self, profile, request): """Set everything when a user just logged in @param profile @param request @return: a constant indicating the state: - C.PROFILE_LOGGED - C.PROFILE_LOGGED_EXT_JID @raise exceptions.ConflictError: session is already active """ register_with_ext_jid = self.waiting_profiles.get_register_with_ext_jid(profile) self.waiting_profiles.purge_request(profile) session = request.getSession() web_session = session_iface.IWebSession(session) if web_session.profile: log.error(_("/!\\ Session has already a profile, this should NEVER happen!")) raise failure.Failure(exceptions.ConflictError("Already active")) # XXX: we force string because python D-Bus has its own string type (dbus.String) # which may cause trouble when exposing it to scripts web_session.profile = str(profile) self.prof_connected.add(profile) cache_dir = os.path.join( self.cache_root_dir, "profiles", regex.path_escape(profile) ) # FIXME: would be better to have a global /cache URL which redirect to # profile's cache directory, without uuid self.cache_resource.putChild(web_session.uuid.encode('utf-8'), ProtectedFile(cache_dir)) log.debug( _("profile cache resource added from {uuid} to {path}").format( uuid=web_session.uuid, path=cache_dir ) ) def on_expire(): log.info("Session expired (profile={profile})".format(profile=profile)) self.cache_resource.delEntity(web_session.uuid.encode('utf-8')) log.debug( _("profile cache resource {uuid} deleted").format(uuid=web_session.uuid) ) web_session.on_expire() if web_session.ws_socket is not None: web_session.ws_socket.close() # and now we disconnect the profile self.bridge_call("disconnect", profile) session.notifyOnExpire(on_expire) # FIXME: those session infos should be returned by connect or is_connected infos = await self.bridge_call("session_infos_get", profile) web_session.jid = jid.JID(infos["jid"]) own_bare_jid_s = web_session.jid.userhost() own_id_raw = await self.bridge_call( "identity_get", own_bare_jid_s, [], True, profile) web_session.identities[own_bare_jid_s] = data_format.deserialise(own_id_raw) web_session.backend_started = int(infos["started"]) state = C.PROFILE_LOGGED_EXT_JID if register_with_ext_jid else C.PROFILE_LOGGED return state @defer.inlineCallbacks def connect(self, request, login, password): """log user in If an other user was already logged, it will be unlogged first @param request(server.Request): request linked to the session @param login(unicode): user login can be profile name can be profile@[libervia_domain.ext] can be a jid (a new profile will be created with this jid if needed) @param password(unicode): user password @return (unicode, None): C.SESSION_ACTIVE: if session was aleady active else self._logged value @raise exceptions.DataError: invalid login @raise exceptions.ProfileUnknownError: this login doesn't exist @raise exceptions.PermissionError: a login is not accepted (e.g. empty password not allowed) @raise exceptions.NotReady: a profile connection is already waiting @raise exceptions.TimeoutError: didn't received and answer from bridge @raise exceptions.InternalError: unknown error @raise ValueError(C.PROFILE_AUTH_ERROR): invalid login and/or password @raise ValueError(C.XMPP_AUTH_ERROR): invalid XMPP account password """ # XXX: all security checks must be done here, even if present in javascript if login.startswith("@"): raise failure.Failure(exceptions.DataError("No profile_key allowed")) if login.startswith("guest@@") and login.count("@") == 2: log.debug("logging a guest account") elif "@" in login: if login.count("@") != 1: raise failure.Failure( exceptions.DataError("Invalid login: {login}".format(login=login)) ) try: login_jid = jid.JID(login) except (RuntimeError, jid.InvalidFormat, AttributeError): raise failure.Failure(exceptions.DataError("No profile_key allowed")) # FIXME: should it be cached? new_account_domain = yield self.bridge_call("account_domain_new_get") if login_jid.host == new_account_domain: # redirect "user@libervia.org" to the "user" profile login = login_jid.user login_jid = None else: login_jid = None try: profile = yield self.bridge_call("profile_name_get", login) except Exception: # XXX: ProfileUnknownError wouldn't work, it's encapsulated # FIXME: find a better way to handle bridge errors if ( login_jid is not None and login_jid.user ): # try to create a new libervia.backend profile using the XMPP credentials if not self.options["allow_registration"]: log.warning( "Trying to register JID account while registration is not " "allowed") raise failure.Failure( exceptions.DataError( "JID login while registration is not allowed" ) ) profile = login # FIXME: what if there is a resource? connect_method = "credentials_xmpp_connect" register_with_ext_jid = True else: # non existing username raise failure.Failure(exceptions.ProfileUnknownError()) else: if profile != login or ( not password and profile not in self.options["empty_password_allowed_warning_dangerous_list"] ): # profiles with empty passwords are restricted to local frontends raise exceptions.PermissionError register_with_ext_jid = False connect_method = "connect" # we check if there is not already an active session web_session = session_iface.IWebSession(request.getSession()) if web_session.profile: # yes, there is if web_session.profile != profile: # it's a different profile, we need to disconnect it log.warning(_( "{new_profile} requested login, but {old_profile} was already " "connected, disconnecting {old_profile}").format( old_profile=web_session.profile, new_profile=profile)) self.purge_session(request) if self.waiting_profiles.get_request(profile): # FIXME: check if and when this can happen raise failure.Failure(exceptions.NotReady("Already waiting")) self.waiting_profiles.set_request(request, profile, register_with_ext_jid) try: connected = yield self.bridge_call(connect_method, profile, password) except Exception as failure_: fault = getattr(failure_, 'classname', None) self.waiting_profiles.purge_request(profile) if fault in ("PasswordError", "ProfileUnknownError"): log.info("Profile {profile} doesn't exist or the submitted password is " "wrong".format( profile=profile)) raise failure.Failure(ValueError(C.PROFILE_AUTH_ERROR)) elif fault == "SASLAuthError": log.info("The XMPP password of profile {profile} is wrong" .format(profile=profile)) raise failure.Failure(ValueError(C.XMPP_AUTH_ERROR)) elif fault == "NoReply": log.info(_("Did not receive a reply (the timeout expired or the " "connection is broken)")) raise exceptions.TimeOutError elif fault is None: log.info(_("Unexepected failure: {failure_}").format(failure_=failure)) raise failure_ else: log.error('Unmanaged fault class "{fault}" in errback for the ' 'connection of profile {profile}'.format( fault=fault, profile=profile)) raise failure.Failure(exceptions.InternalError(fault)) if connected: # profile is already connected in backend # do we have a corresponding session in Libervia? web_session = session_iface.IWebSession(request.getSession()) if web_session.profile: # yes, session is active if web_session.profile != profile: # existing session should have been ended above # so this line should never be reached log.error(_( "session profile [{session_profile}] differs from login " "profile [{profile}], this should not happen!") .format(session_profile=web_session.profile, profile=profile)) raise exceptions.InternalError("profile mismatch") defer.returnValue(C.SESSION_ACTIVE) log.info( _( "profile {profile} was already connected in backend".format( profile=profile ) ) ) # no, we have to create it state = yield defer.ensureDeferred(self._logged(profile, request)) defer.returnValue(state) def register_new_account(self, request, login, password, email): """Create a new account, or return error @param request(server.Request): request linked to the session @param login(unicode): new account requested login @param email(unicode): new account email @param password(unicode): new account password @return(unicode): a constant indicating the state: - C.BAD_REQUEST: something is wrong in the request (bad arguments) - C.INVALID_INPUT: one of the data is not valid - C.REGISTRATION_SUCCEED: new account has been successfully registered - C.ALREADY_EXISTS: the given profile already exists - C.INTERNAL_ERROR or any unmanaged fault string @raise PermissionError: registration is now allowed in server configuration """ if not self.options["allow_registration"]: log.warning( _("Registration received while it is not allowed, hack attempt?") ) raise failure.Failure( exceptions.PermissionError("Registration is not allowed on this server") ) if ( not re.match(C.REG_LOGIN_RE, login) or not re.match(C.REG_EMAIL_RE, email, re.IGNORECASE) or len(password) < C.PASSWORD_MIN_LENGTH ): return C.INVALID_INPUT def registered(result): return C.REGISTRATION_SUCCEED def registering_error(failure_): # FIXME: better error handling for bridge error is needed status = failure_.value.fullname.split('.')[-1] if status == "ConflictError": return C.ALREADY_EXISTS elif status == "InvalidCertificate": return C.INVALID_CERTIFICATE elif status == "InternalError": return C.INTERNAL_ERROR else: log.error( _("Unknown registering error status: {status}\n{traceback}").format( status=status, traceback=failure_.value.message ) ) return status d = self.bridge_call("libervia_account_register", email, password, login) d.addCallback(registered) d.addErrback(registering_error) return d def addCleanup(self, callback, *args, **kwargs): """Add cleaning method to call when service is stopped cleaning method will be called in reverse order of they insertion @param callback: callable to call on service stop @param *args: list of arguments of the callback @param **kwargs: list of keyword arguments of the callback""" self._cleanup.insert(0, (callback, args, kwargs)) def init_eb(self, failure): from twisted.application import app if failure.check(SysExit): if failure.value.message: log.error(failure.value.message) app._exitCode = failure.value.exit_code reactor.stop() else: log.error(_("Init error: {msg}").format(msg=failure)) app._exitCode = C.EXIT_INTERNAL_ERROR reactor.stop() return failure def _build_only_cb(self, __): log.info(_("Stopping here due to --build-only flag")) self.stop() def startService(self): """Connect the profile for Libervia and start the HTTP(S) server(s)""" self._init() if self.options['build-only']: self.initialised.addCallback(self._build_only_cb) else: self.initialised.addCallback(self._start_service) self.initialised.addErrback(self.init_eb) ## URLs ## def put_child_sat(self, path, resource): """Add a child to the libervia.backend resource""" if not isinstance(path, bytes): raise ValueError("path must be specified in bytes") self.sat_root.putChild(path, resource) def put_child_all(self, path, resource): """Add a child to all vhost root resources""" if not isinstance(path, bytes): raise ValueError("path must be specified in bytes") # we wrap before calling putChild, to avoid having useless multiple instances # of the resource # FIXME: check that no information is leaked (c.f. https://twistedmatrix.com/documents/current/web/howto/using-twistedweb.html#request-encoders) wrapped_res = web_resource.EncodingResourceWrapper( resource, [server.GzipEncoderFactory()]) for root in self.roots: root.putChild(path, wrapped_res) def get_build_path(self, site_name: str, dev: bool=False) -> Path: """Generate build path for a given site name @param site_name: name of the site @param dev: return dev build dir if True, production one otherwise dev build dir is used for installing dependencies needed temporarily (e.g. to compile files), while production build path is the one served by the HTTP server, where final files are downloaded. @return: path to the build directory """ sub_dir = C.DEV_BUILD_DIR if dev else C.PRODUCTION_BUILD_DIR build_path_elts = [ config.config_get(self.main_conf, "", "local_dir"), C.CACHE_DIR, C.LIBERVIA_CACHE, sub_dir, regex.path_escape(site_name or C.SITE_NAME_DEFAULT)] build_path = Path("/".join(build_path_elts)) return build_path.expanduser().resolve() def get_ext_base_url_data(self, request): """Retrieve external base URL Data this method try to retrieve the base URL found by external user It does by checking in this order: - base_url_ext option from configuration - proxy x-forwarder-host headers - URL of the request @return (urlparse.SplitResult): SplitResult instance with only scheme and netloc filled """ ext_data = self.base_url_ext_data url_path = request.URLPath() try: forwarded = request.requestHeaders.getRawHeaders( "forwarded" )[0] except TypeError: # we try deprecated headers try: proxy_netloc = request.requestHeaders.getRawHeaders( "x-forwarded-host" )[0] except TypeError: proxy_netloc = None try: proxy_scheme = request.requestHeaders.getRawHeaders( "x-forwarded-proto" )[0] except TypeError: proxy_scheme = None else: fwd_data = { k.strip(): v.strip() for k,v in (d.split("=") for d in forwarded.split(";")) } proxy_netloc = fwd_data.get("host") proxy_scheme = fwd_data.get("proto") return urllib.parse.SplitResult( ext_data.scheme or proxy_scheme or url_path.scheme.decode(), ext_data.netloc or proxy_netloc or url_path.netloc.decode(), ext_data.path or "/", "", "", ) def get_ext_base_url( self, request: server.Request, path: str = "", query: str = "", fragment: str = "", scheme: Optional[str] = None, ) -> str: """Get external URL according to given elements external URL is the URL seen by external user @param path: same as for urlsplit.urlsplit path will be prefixed to follow found external URL if suitable @param params: same as for urlsplit.urlsplit @param query: same as for urlsplit.urlsplit @param fragment: same as for urlsplit.urlsplit @param scheme: if not None, will override scheme from base URL @return: external URL """ split_result = self.get_ext_base_url_data(request) return urllib.parse.urlunsplit( ( split_result.scheme if scheme is None else scheme, split_result.netloc, os.path.join(split_result.path, path), query, fragment, ) ) def check_redirection(self, vhost_root: LiberviaRootResource, url_path: str) -> str: """check is a part of the URL prefix is redirected then replace it @param vhost_root: root of this virtual host @param url_path: path of the url to check @return: possibly redirected URL which should link to the same location """ inv_redirections = vhost_root.inv_redirections url_parts = url_path.strip("/").split("/") for idx in range(len(url_parts), -1, -1): test_url = "/" + "/".join(url_parts[:idx]) if test_url in inv_redirections: rem_url = url_parts[idx:] return os.path.join( "/", "/".join([inv_redirections[test_url]] + rem_url) ) return url_path ## Sessions ## def purge_session(self, request): """helper method to purge a session during request handling""" session = request.session if session is not None: log.debug(_("session purge")) web_session = self.get_session_data(request, session_iface.IWebSession) socket = web_session.ws_socket if socket is not None: socket.close() session.ws_socket = None session.expire() # FIXME: not clean but it seems that it's the best way to reset # session during request handling request._secureSession = request._insecureSession = None def get_session_data(self, request, *args): """helper method to retrieve session data @param request(server.Request): request linked to the session @param *args(zope.interface.Interface): interface of the session to get @return (iterator(data)): requested session data """ session = request.getSession() if len(args) == 1: return args[0](session) else: return (iface(session) for iface in args) @defer.inlineCallbacks def get_affiliation(self, request, service, node): """retrieve pubsub node affiliation for current user use cache first, and request pubsub service if not cache is found @param request(server.Request): request linked to the session @param service(jid.JID): pubsub service @param node(unicode): pubsub node @return (unicode): affiliation """ web_session = self.get_session_data(request, session_iface.IWebSession) if web_session.profile is None: raise exceptions.InternalError("profile must be set to use this method") affiliation = web_session.get_affiliation(service, node) if affiliation is not None: defer.returnValue(affiliation) else: try: affiliations = yield self.bridge_call( "ps_affiliations_get", service.full(), node, web_session.profile ) except Exception as e: log.warning( "Can't retrieve affiliation for {service}/{node}: {reason}".format( service=service, node=node, reason=e ) ) affiliation = "" else: try: affiliation = affiliations[node] except KeyError: affiliation = "" web_session.set_affiliation(service, node, affiliation) defer.returnValue(affiliation) ## Websocket (dynamic pages) ## def get_websocket_url(self, request): base_url_split = self.get_ext_base_url_data(request) if base_url_split.scheme.endswith("s"): scheme = "wss" else: scheme = "ws" return self.get_ext_base_url(request, path=scheme, scheme=scheme) ## Various utils ## def get_http_date(self, timestamp=None): now = time.gmtime(timestamp) fmt_date = "{day_name}, %d {month_name} %Y %H:%M:%S GMT".format( day_name=C.HTTP_DAYS[now.tm_wday], month_name=C.HTTP_MONTH[now.tm_mon - 1] ) return time.strftime(fmt_date, now) ## service management ## def _start_service(self, __=None): """Actually start the HTTP(S) server(s) after the profile for Libervia is connected. @raise ImportError: OpenSSL is not available @raise IOError: the certificate file doesn't exist @raise OpenSSL.crypto.Error: the certificate file is invalid """ # now that we have service profile connected, we add resource for its cache service_path = regex.path_escape(C.SERVICE_PROFILE) cache_dir = os.path.join(self.cache_root_dir, "profiles", service_path) self.cache_resource.putChild(service_path.encode('utf-8'), ProtectedFile(cache_dir)) self.service_cache_url = "/" + os.path.join(C.CACHE_DIR, service_path) session_iface.WebSession.service_cache_url = self.service_cache_url if self.options["connection_type"] in ("https", "both"): try: tls.tls_options_check(self.options) context_factory = tls.get_tls_context_factory(self.options) except exceptions.ConfigError as e: log.warning( f"There is a problem in TLS settings in your configuration file: {e}") self.quit(2) except exceptions.DataError as e: log.warning( f"Can't set TLS: {e}") self.quit(1) reactor.listenSSL(self.options["port_https"], self.site, context_factory) if self.options["connection_type"] in ("http", "both"): if ( self.options["connection_type"] == "both" and self.options["redirect_to_https"] ): reactor.listenTCP( self.options["port"], server.Site( RedirectToHTTPS( self.options["port"], self.options["port_https_ext"] ) ), ) else: reactor.listenTCP(self.options["port"], self.site) @defer.inlineCallbacks def stopService(self): log.info(_("launching cleaning methods")) for callback, args, kwargs in self._cleanup: callback(*args, **kwargs) try: yield self.bridge_call("disconnect", C.SERVICE_PROFILE) except Exception: log.warning("Can't disconnect service profile") def run(self): reactor.run() def stop(self): reactor.stop() def quit(self, exit_code=None): """Exit app when reactor is running @param exit_code(None, int): exit code """ self.stop() sys.exit(exit_code or 0) class RedirectToHTTPS(web_resource.Resource): def __init__(self, old_port, new_port): web_resource.Resource.__init__(self) self.isLeaf = True self.old_port = old_port self.new_port = new_port def render(self, request): netloc = request.URLPath().netloc.decode().replace( f":{self.old_port}", f":{self.new_port}" ) url = f"https://{netloc}{request.uri.decode()}" return web_util.redirectTo(url.encode(), request) registerAdapter(session_iface.WebSession, server.Session, session_iface.IWebSession) registerAdapter( session_iface.WebGuestSession, server.Session, session_iface.IWebGuestSession )