switch to @root/request and some account updates

2019-05-11 01:50:18 -06:00 · 2019-05-11 01:50:18 -06:00 · 0080cec081
parent 38123793c4
commit 0080cec081
10 changed files with 2899 additions and 28 deletions
--- a/bin/telebit-remote.js
+++ b/bin/telebit-remote.js
@ -24,7 +24,7 @@ var recase = require('recase').create({});
 var camelCopy = recase.camelCopy.bind(recase);
 //var snakeCopy = recase.snakeCopy.bind(recase);

-var urequest = require('@coolaj86/urequest');
+var urequest = require('@root/request');
 var urequestAsync = require('util').promisify(urequest);
 var common = require('../lib/cli-common.js');

@ -673,7 +673,11 @@ function parseConfig(err, text) {
    // Create / retrieve account (sign-in, more or less)
    // TODO hit directory resource /.well-known/openid-configuration -> acme_uri (?)
    // Occassionally rotate the key just for the sake of testing the key rotation
-    return urequestAsync({ method: 'HEAD', url: RC.resolve('/acme/new-nonce') }).then(function (resp) {
+    return urequestAsync({
+      method: 'HEAD'
+    , url: RC.resolve('/acme/new-nonce')
+    , headers: { "User-Agent": 'Telebit/' + pkg.version }
+    }).then(function (resp) {
      var nonce = resp.headers['replay-nonce'];
      var newAccountUrl = RC.resolve('/acme/new-acct');
      return keypairs.signJws({
@ -695,7 +699,10 @@ function parseConfig(err, text) {
          url: newAccountUrl
        , method: 'POST'
        , json: jws // TODO default to post when body is present
-        , headers: { "Content-Type": 'application/jose+json' }
+        , headers: {
+            "Content-Type": 'application/jose+json'
+          , "User-Agent": 'Telebit/' + pkg.version
+          }
        }).then(function (resp) {
          //nonce = resp.headers['replay-nonce'];
          if (!resp.body || 'valid' !== resp.body.status) {
--- a/bin/telebitd.js
+++ b/bin/telebitd.js
@ -17,7 +17,7 @@ var path = require('path');
 var os = require('os');
 var fs = require('fs');
 var fsp = fs.promises;
-var urequest = require('@coolaj86/urequest');
+var urequest = require('@root/request');
 var urequestAsync = require('util').promisify(urequest);
 var common = require('../lib/cli-common.js');
 var http = require('http');
@ -489,6 +489,7 @@ controllers.newAccount = function (req, res) {
          account.thumb = thumb;
          account.pub = jwk;
          account.contact = req.body.contact;
+          account.useragent = req.headers["user-agent"];
          DB.accounts.push(account);
          state.config.accounts = DB.accounts;
          saveConfig(function () {});
@ -618,18 +619,36 @@ function jwsEggspress(req, res, next) {
    req.body = JSON.parse(req.body);
  }

-  // Check if this is a key we already trust
+  var ua = req.headers['user-agent'];
  var vjwk;
+  var pubs;
+  // Check if this is a key we already trust
  DB.pubs.some(function (jwk) {
    if (jwk.kid === req.jws.header.kid) {
      vjwk = jwk;
    }
  });

+  // Check for CLI or Browser User-Agent
+  // (both should connect as part of setup)
+  if (/Telebit/i.test(ua) && !/Mozilla/i.test(ua)) {
+    pubs = DB.pubs.filter(function (jwk) {
+      if (/Telebit/i.test(jwk.useragent) && !/Mozilla/i.test(jwk.useragent)) {
+        return true;
+      }
+    });
+  } else {
+    pubs = DB.pubs.filter(function (jwk) {
+      if (!/Telebit/i.test(jwk.useragent) || /Mozilla/i.test(jwk.useragent)) {
+        return true;
+      }
+    });
+  }
+
  // Check if there aren't any keys that we trust
  // and this has signed itself, then make it a key we trust
  // (TODO: move this all to the new account function)
-  if ((0 === DB.pubs.length && req.jws.header.jwk)) {
+  if ((0 === pubs.length && req.jws.header.jwk)) {
    vjwk = req.jws.header.jwk;
    if (!vjwk.kid) { throw Error("Impossible: no key id"); }
  }
@ -642,15 +661,16 @@ function jwsEggspress(req, res, next) {

  // Run the  verification
  return verifyJws(vjwk, req.jws).then(function (verified) {
-    if (true !== verified) {
-      return;
-    }
+    if (true !== verified) { return; }
+
    // Mark as verified
    req.jws.verified = verified;
+    vjwk.useragent = ua;

    // (double check) DO NOT save if there are existing pubs
-    if (0 !== DB.pubs.length) { return; }
+    if (0 !== pubs.length) { return; }

+    DB.pubs.push(vjwk);
    return keystore.set(vjwk.kid + PUBEXT, vjwk);
  }).then(function () {
    next();
--- a/lib/admin/index.html
+++ b/lib/admin/index.html
@ -227,6 +227,7 @@ ssh -o ProxyCommand="$proxy_cmd" hot-skunk-45.telebit.io</code></pre>
  </div>

  <script src="/js/vue.js"></script>
+  <script src="/js/bluecrypt-acme.js"></script>
  <script src="/js/telebit.js"></script>
  <script src="/js/telebit-token.js"></script>
  <script src="/js/app.js"></script>
--- a/lib/admin/js/bluecrypt-acme.js
+++ b/lib/admin/js/bluecrypt-acme.js
--- a/lib/admin/js/telebit.js
+++ b/lib/admin/js/telebit.js
@ -78,8 +78,8 @@ if ('undefined' !== typeof fetch) {
    });
  };
 } else {
-  common.requestAsync = require('util').promisify(require('@coolaj86/urequest'));
-  common.reqLocalAsync = require('util').promisify(require('@coolaj86/urequest'));
+  common.requestAsync = require('util').promisify(require('@root/request'));
+  common.reqLocalAsync = require('util').promisify(require('@root/request'));
 }

 common.parseUrl = function (hostname) {
--- a/lib/cli-common.js
+++ b/lib/cli-common.js
@ -9,7 +9,7 @@ var fs = require('fs');
 var mkdirp = require('mkdirp');
 var os = require('os');
 var homedir = os.homedir();
-var urequest = require('@coolaj86/urequest');
+var urequest = require('@root/request');

 common._NOTIFICATIONS = {
  'newsletter': [ 'newsletter', 'communityMember' ]
--- a/package-lock.json
+++ b/package-lock.json
@ -9,6 +9,11 @@
      "resolved": "https://registry.npmjs.org/@coolaj86/urequest/-/urequest-1.3.6.tgz",
      "integrity": "sha512-9rBXLFSb5D19opGeXdD/WuiFJsA4Pk2r8VUGEAeUZUxB1a2zB47K85BKAx3Gy9i4nZwg22ejlJA+q9DVrpQlbA=="
    },
+    "@root/request": {
+      "version": "1.3.10",
+      "resolved": "https://registry.npmjs.org/@root/request/-/request-1.3.10.tgz",
+      "integrity": "sha512-GSn8dfsGp0juJyXS9k7B/DjYm7Axe85wiCHfPs30eQ+/V6p2aqey45e1czb3ZwP+iPmzWCKXahhWnZhSDIil6w=="
+    },
    "accepts": {
      "version": "1.3.5",
      "resolved": "https://registry.npmjs.org/accepts/-/accepts-1.3.5.tgz",
@ -38,7 +43,8 @@
    "ansi-regex": {
      "version": "2.1.1",
      "resolved": "https://registry.npmjs.org/ansi-regex/-/ansi-regex-2.1.1.tgz",
-      "integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8="
+      "integrity": "sha1-w7M6te42DYbg5ijwRorn7yfWVN8=",
+      "optional": true
    },
    "aproba": {
      "version": "1.2.0",
@ -136,12 +142,14 @@
    "code-point-at": {
      "version": "1.1.0",
      "resolved": "https://registry.npmjs.org/code-point-at/-/code-point-at-1.1.0.tgz",
-      "integrity": "sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c="
+      "integrity": "sha1-DQcLTQQ6W+ozovGkDi7bPZpMz3c=",
+      "optional": true
    },
    "console-control-strings": {
      "version": "1.1.0",
      "resolved": "https://registry.npmjs.org/console-control-strings/-/console-control-strings-1.1.0.tgz",
-      "integrity": "sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4="
+      "integrity": "sha1-PXz0Rk22RG6mRL9LOVB/mFEAjo4=",
+      "optional": true
    },
    "core-util-is": {
      "version": "1.0.2",
@ -233,6 +241,7 @@
      "version": "1.4.1",
      "resolved": "https://registry.npmjs.org/end-of-stream/-/end-of-stream-1.4.1.tgz",
      "integrity": "sha512-1MkrZNvWTKCaigbn+W15elq2BB/L22nqrSY5DKlo3X6+vclJm8Bb5djXJBmEX6fS3+zCh/F4VBK5Z2KxJt4s2Q==",
+      "optional": true,
      "requires": {
        "once": "^1.4.0"
      }
@ -243,9 +252,9 @@
      "integrity": "sha1-Aljq5NPQwJdN4cFpGI7wBR0dGYg="
    },
    "esprima": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.0.tgz",
-      "integrity": "sha512-oftTcaMu/EGrEIu904mWteKIv8vMuOgGYo7EhVJJN00R/EED9DCua/xxHRdYnKtcECzVg7xOWhflvJMnqcFZjw=="
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/esprima/-/esprima-4.0.1.tgz",
+      "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A=="
    },
    "etag": {
      "version": "1.8.1",
@ -396,6 +405,7 @@
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/is-fullwidth-code-point/-/is-fullwidth-code-point-1.0.0.tgz",
      "integrity": "sha1-754xOG8DGn8NZDr4L95QxFfvAMs=",
+      "optional": true,
      "requires": {
        "number-is-nan": "^1.0.0"
      }
@ -411,9 +421,9 @@
      "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE="
    },
    "js-yaml": {
-      "version": "3.12.0",
-      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.12.0.tgz",
-      "integrity": "sha512-PIt2cnwmPfL4hKNwqeiuz4bKfnzHTBv6HyVgjahA6mPLwPDzjDWrplJBMjHUFxku/N3FlmrbyPclad+I+4mJ3A==",
+      "version": "3.13.1",
+      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.1.tgz",
+      "integrity": "sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==",
      "requires": {
        "argparse": "^1.0.7",
        "esprima": "^4.0.0"
@ -602,7 +612,8 @@
    "number-is-nan": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/number-is-nan/-/number-is-nan-1.0.1.tgz",
-      "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0="
+      "integrity": "sha1-CXtgK1NCKlIsGvuHkDGDNpQaAR0=",
+      "optional": true
    },
    "object-assign": {
      "version": "4.1.1",
@ -621,6 +632,7 @@
      "version": "1.4.0",
      "resolved": "https://registry.npmjs.org/once/-/once-1.4.0.tgz",
      "integrity": "sha1-WDsap3WWHUsROsF9nFC6753Xa9E=",
+      "optional": true,
      "requires": {
        "wrappy": "1"
      }
@ -954,6 +966,7 @@
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/string-width/-/string-width-1.0.2.tgz",
      "integrity": "sha1-EYvfW4zcUaKn5w0hHgfisLmxB9M=",
+      "optional": true,
      "requires": {
        "code-point-at": "^1.0.0",
        "is-fullwidth-code-point": "^1.0.0",
@ -972,6 +985,7 @@
      "version": "3.0.1",
      "resolved": "https://registry.npmjs.org/strip-ansi/-/strip-ansi-3.0.1.tgz",
      "integrity": "sha1-ajhfuIU9lS1f8F0Oiq+UJ43GPc8=",
+      "optional": true,
      "requires": {
        "ansi-regex": "^2.0.0"
      }
@ -1105,7 +1119,8 @@
    "wrappy": {
      "version": "1.0.2",
      "resolved": "https://registry.npmjs.org/wrappy/-/wrappy-1.0.2.tgz",
-      "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
+      "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8=",
+      "optional": true
    },
    "ws": {
      "version": "6.0.0",
--- a/package.json
+++ b/package.json
@ -53,10 +53,10 @@
  },
  "homepage": "https://git.coolaj86.com/coolaj86/telebit.js#readme",
  "dependencies": {
-    "@coolaj86/urequest": "^1.3.5",
+    "@root/request": "^1.3.10",
    "finalhandler": "^1.1.1",
    "greenlock": "^2.6.7",
-    "js-yaml": "^3.11.0",
+    "js-yaml": "^3.13.1",
    "keyfetch": "^1.1.8",
    "keypairs": "^1.2.14",
    "mkdirp": "^0.5.1",
--- a/tests/pair-request.js
+++ b/tests/pair-request.js
@ -5,7 +5,7 @@ var pin = Math.round(Math.random() * 999999).toString().padStart(6, '0'); // '32

 console.log('Pair Code:', pin);

-var urequest = require('@coolaj86/urequest');
+var urequest = require('@root/request');
 var req =  {
  url: 'https://api.telebit.ppl.family/api/telebit.cloud/pair_request'
 , method: 'POST'
--- a/tests/pair-state.js
+++ b/tests/pair-state.js
@ -2,7 +2,7 @@

 var stateUrl = 'https://api.telebit.ppl.family/api/telebit.cloud/pair_state/bca27428719e9c67805359f1';

-var urequest = require('@coolaj86/urequest');
+var urequest = require('@root/request');
 var req =  {
  url: stateUrl
 , method: 'GET'