Improving code security by adding stricter typings

2021-12-14 18:55:41 +01:00 · 2021-12-14 18:55:41 +01:00 · 2fff6ae41e
commit 2fff6ae41e
parent bbef3b3eaf
12 changed files with 45 additions and 23 deletions
--- a/front/src/Connexion/ConnectionManager.ts
+++ b/front/src/Connexion/ConnectionManager.ts
@ -11,6 +11,7 @@ import { loginSceneVisibleIframeStore } from "../Stores/LoginSceneStore";
 import { userIsConnected } from "../Stores/MenuStore";
 import { analyticsClient } from "../Administration/AnalyticsClient";
 import { axiosWithRetry } from "./AxiosUtils";
 import axios from "axios";
 class ConnectionManager {
    private localUser!: LocalUser;
@ -192,11 +193,11 @@ class ConnectionManager {
                    analyticsClient.loggedWithSso();
                } catch (err) {
                    console.error(err);
-                    //if user must to be connect in current room or pusher error is not openid provier access error
+                    // if the user must be connected in the current room or if the pusher error is not openid provider access error
-                    //try to connected with function loadOpenIDScreen
+                    // try to connect with function loadOpenIDScreen
                    if (
                        this._currentRoom.authenticationMandatory ||
-                        (err.response?.data && err.response.data !== "User cannot to be connected on openid provier")
+                        (axios.isAxiosError(err) && err.response?.data && err.response.data !== "User cannot to be connected on openid provider")
                    ) {
                        this.loadOpenIDScreen();
                        return Promise.reject(new Error("You will be redirect on login page"));
--- a/front/src/Connexion/Room.ts
+++ b/front/src/Connexion/Room.ts
@ -5,6 +5,8 @@ import type { CharacterTexture } from "./LocalUser";
 import { localUserStore } from "./LocalUserStore";
 import axios from "axios";
 import { axiosWithRetry } from "./AxiosUtils";
 import {isMapDetailsData} from "../../../pusher/src/Messages/JsonMessages/MapDetailsData";
 import {isRoomRedirect} from "../Messages/JsonMessages/RoomRedirect";
 export class MapDetail {
    constructor(public readonly mapUrl: string, public readonly textures: CharacterTexture[] | undefined) {}
@ -101,11 +103,12 @@ export class Room {
            });
            const data = result.data;
-            if (data.redirectUrl) {
+
            if (isRoomRedirect(data.redirectUrl)) {
                return {
                    redirectUrl: data.redirectUrl as string,
                };
-            }
+            } else if (isMapDetailsData(data)) {
                console.log("Map ", this.id, " resolves to URL ", data.mapUrl);
                this._mapUrl = data.mapUrl;
                this._textures = data.textures;
@ -115,13 +118,19 @@ export class Room {
                this._iframeAuthentication = data.iframeAuthentication || OPID_LOGIN_SCREEN_PROVIDER;
                this._contactPage = data.contactPage || CONTACT_URL;
                return new MapDetail(data.mapUrl, data.textures);
            } else {
                throw new Error('Data received by the /map endpoint of the Pusher is not in a valid format.');
            }
        } catch (e) {
            if (axios.isAxiosError(e) && e.response?.status == 401 && e.response?.data === "Token decrypted error") {
                console.warn("JWT token sent could not be decrypted. Maybe it expired?");
                localUserStore.setAuthToken(null);
                window.location.assign("/login");
-            } else {
+            } else if (axios.isAxiosError(e)) {
                console.error("Error => getMapDetail", e, e.response);
            } else {
                console.error("Error => getMapDetail", e);
            }
            throw e;
        }
--- a/front/src/Messages/JsonMessages/.gitignore
+++ b/front/src/Messages/JsonMessages/.gitignore
@ -0,0 +1,2 @@
 *
 !.gitignore
--- a/pusher/src/Services/AdminApi/CharacterTexture.ts
+++ b/pusher/src/Services/AdminApi/CharacterTexture.ts
--- a/pusher/src/Services/AdminApi/MapDetailsData.ts
+++ b/pusher/src/Services/AdminApi/MapDetailsData.ts
@ -1,7 +1,6 @@
 import * as tg from "generic-type-guard";
 import { GameRoomPolicyTypes } from "_Model/PusherRoom";
 import { isCharacterTexture } from "./CharacterTexture";
-import { isAny, isNumber } from "generic-type-guard";
+import { isNumber } from "generic-type-guard";
 /*const isNumericEnum =
    <T extends { [n: number]: string }>(vs: T) =>
@ -17,6 +16,7 @@ export const isMapDetailsData = new tg.IsInterface()
        textures: tg.isArray(isCharacterTexture),
        contactPage: tg.isUnion(tg.isString, tg.isUndefined),
        authenticationMandatory: tg.isUnion(tg.isBoolean, tg.isUndefined),
        group: tg.isString,
    })
    .get();
--- a/pusher/src/Services/AdminApi/RoomRedirect.ts
+++ b/pusher/src/Services/AdminApi/RoomRedirect.ts
--- a/messages/package.json
+++ b/messages/package.json
@ -7,10 +7,13 @@
    "copy-to-back": "rm -rf ../back/src/Messages/generated && cp -rf generated/ ../back/src/Messages/generated",
    "copy-to-front": "rm -rf ../front/src/Messages/generated && cp -rf generated/ ../front/src/Messages/generated",
    "copy-to-pusher": "rm -rf ../pusher/src/Messages/generated && cp -rf generated/ ../pusher/src/Messages/generated",
-    "proto-all": "yarn run proto && yarn run copy-to-back && yarn run copy-to-front && yarn run copy-to-pusher",
+    "json-copy-to-pusher": "rm -rf ../pusher/src/Messages/JsonMessages/* && cp -rf JsonMessages/* ../pusher/src/Messages/JsonMessages/",
-    "proto:watch": "yarn run proto-all; inotifywait -q -m -e close_write protos/messages.proto | while read -r filename event; do yarn run proto-all; done"
+    "json-copy-to-front": "rm -rf ../front/src/Messages/JsonMessages/* && cp -rf JsonMessages/* ../front/src/Messages/JsonMessages/",
    "proto-all": "yarn run proto && yarn run copy-to-back && yarn run copy-to-front && yarn run copy-to-pusher && yarn run json-copy-to-pusher && yarn run json-copy-to-front",
    "proto:watch": "yarn run proto-all; inotifywait -q -m -e close_write protos/messages.proto JsonMessages/ | while read -r filename event; do yarn run proto-all; done"
  },
  "dependencies": {
    "generic-type-guard": "^3.5.0",
    "google-protobuf": "^3.13.0",
    "grpc": "^1.24.4"
  },
--- a/messages/yarn.lock
+++ b/messages/yarn.lock
@ -1788,6 +1788,11 @@ gauge@~2.7.3:
    strip-ansi "^3.0.1"
    wide-align "^1.1.0"
 generic-type-guard@^3.5.0:
  version "3.5.0"
  resolved "https://registry.yarnpkg.com/generic-type-guard/-/generic-type-guard-3.5.0.tgz#39de9f8fceee65d79e7540959f0e7b23210c07b6"
  integrity sha512-OpgXv/sbRobhFboaSyN/Tsh97Sxt5pcfLLxCiYZgYIIWFFp+kn2EzAXiaQZKEVRlq1rOE/zh8cYhJXEwplbJiQ==
 get-caller-file@^2.0.1:
  version "2.0.5"
  resolved "https://registry.yarnpkg.com/get-caller-file/-/get-caller-file-2.0.5.tgz#4f94412a82db32f36e3b0b9741f8a97feb031f7e"
--- a/pusher/src/Controller/AuthenticateController.ts
+++ b/pusher/src/Controller/AuthenticateController.ts
@ -83,7 +83,7 @@ export class AuthenticateController extends BaseController {
                            console.error("Token cannot to be check on OpenId provider");
                            res.writeStatus("500");
                            res.writeHeader("Access-Control-Allow-Origin", FRONT_URL);
-                            res.end("User cannot to be connected on openid provier");
+                            res.end("User cannot to be connected on openid provider");
                            return;
                        }
@ -105,7 +105,7 @@ export class AuthenticateController extends BaseController {
                    console.error("User cannot to be connected on OpenId provider => ", err);
                    res.writeStatus("500");
                    res.writeHeader("Access-Control-Allow-Origin", FRONT_URL);
-                    res.end("User cannot to be connected on openid provier");
+                    res.end("User cannot to be connected on openid provider");
                    return;
                }
                const email = userInfo.email || userInfo.sub;
--- a/pusher/src/Controller/MapController.ts
+++ b/pusher/src/Controller/MapController.ts
@ -4,7 +4,7 @@ import { parse } from "query-string";
 import { adminApi } from "../Services/AdminApi";
 import { ADMIN_API_URL, DISABLE_ANONYMOUS, FRONT_URL } from "../Enum/EnvironmentVariable";
 import { GameRoomPolicyTypes } from "../Model/PusherRoom";
-import { isMapDetailsData, MapDetailsData } from "../Services/AdminApi/MapDetailsData";
+import { isMapDetailsData, MapDetailsData } from "../Messages/JsonMessages/MapDetailsData";
 import { socketManager } from "../Services/SocketManager";
 import { AuthTokenData, jwtTokenManager } from "../Services/JWTTokenManager";
 import { v4 } from "uuid";
--- a/pusher/src/Messages/JsonMessages/.gitignore
+++ b/pusher/src/Messages/JsonMessages/.gitignore
@ -0,0 +1,2 @@
 *
 !.gitignore
--- a/pusher/src/Services/SocketManager.ts
+++ b/pusher/src/Services/SocketManager.ts
@ -47,8 +47,8 @@ import { GroupDescriptor, UserDescriptor, ZoneEventListener } from "_Model/Zone"
 import Debug from "debug";
 import { ExAdminSocketInterface } from "_Model/Websocket/ExAdminSocketInterface";
 import { WebSocket } from "uWebSockets.js";
-import { isRoomRedirect } from "./AdminApi/RoomRedirect";
+import { isRoomRedirect } from "../Messages/JsonMessages/RoomRedirect";
-import { CharacterTexture } from "./AdminApi/CharacterTexture";
+import { CharacterTexture } from "../Messages/JsonMessages/CharacterTexture";
 const debug = Debug("socket");