1
0
Fork 1
mirror of https://gitlab.com/mangadex-pub/mangadex_at_home.git synced 2024-01-19 02:48:37 +00:00

Merge branch 'disable-token-validation' into 'master'

Add support for skipping token validation

See merge request mangadex-pub/mangadex_at_home!92
This commit is contained in:
carbotaniuman 2021-10-01 02:21:31 +00:00
commit 7498ed0a4d
4 changed files with 13 additions and 2 deletions

View file

@ -108,8 +108,13 @@ fun getServer(
val verifier = TokenVerifier(
tokenKey = remoteSettings.tokenKey,
isDisabled = devSettings.disableTokenValidation,
)
if (devSettings.disableTokenValidation) {
LOGGER.warn { "Token validation has been explicitly disabled. This should only be used for testing!" }
}
return timeRequest()
.then(addCommonHeaders(devSettings.sendServerHeader))
.then(catchAllHideDetails())

View file

@ -37,11 +37,16 @@ import org.slf4j.LoggerFactory
import java.time.OffsetDateTime
import java.util.Base64
class TokenVerifier(tokenKey: ByteArray) : Filter {
class TokenVerifier(tokenKey: ByteArray, isDisabled: Boolean) : Filter {
private val box = TweetNaclFast.SecretBox(tokenKey)
private val isDisabled = isDisabled
override fun invoke(next: HttpHandler): HttpHandler {
return then@{
if (isDisabled) {
return@then next(it)
}
val chapterHash = Path.of("chapterHash")(it)
val cleanedUri = it.uri.path.replaceBefore("/data", "/{token}")

View file

@ -51,6 +51,7 @@ data class DevSettings(
val devUrl: String? = null,
val disableSniCheck: Boolean = false,
val sendServerHeader: Boolean = false,
val disableTokenValidation: Boolean = false,
)
@JsonNaming(PropertyNamingStrategies.SnakeCaseStrategy::class)

View file

@ -31,7 +31,7 @@ class TokenVerifierTest : FreeSpec() {
val clientKeys = TweetNaclFast.Box.keyPair()
val box = TweetNaclFast.Box(clientKeys.publicKey, remoteKeys.secretKey)
val backend = TokenVerifier(box.before()).then {
val backend = TokenVerifier(box.before(), false).then {
Response(Status.OK)
}