mirror of
https://gitlab.com/mangadex-pub/mangadex_at_home.git
synced 2024-01-19 02:48:37 +00:00
Merge branch 'disable-token-validation' into 'master'
Add support for skipping token validation See merge request mangadex-pub/mangadex_at_home!92
This commit is contained in:
commit
7498ed0a4d
|
@ -108,8 +108,13 @@ fun getServer(
|
|||
|
||||
val verifier = TokenVerifier(
|
||||
tokenKey = remoteSettings.tokenKey,
|
||||
isDisabled = devSettings.disableTokenValidation,
|
||||
)
|
||||
|
||||
if (devSettings.disableTokenValidation) {
|
||||
LOGGER.warn { "Token validation has been explicitly disabled. This should only be used for testing!" }
|
||||
}
|
||||
|
||||
return timeRequest()
|
||||
.then(addCommonHeaders(devSettings.sendServerHeader))
|
||||
.then(catchAllHideDetails())
|
||||
|
|
|
@ -37,11 +37,16 @@ import org.slf4j.LoggerFactory
|
|||
import java.time.OffsetDateTime
|
||||
import java.util.Base64
|
||||
|
||||
class TokenVerifier(tokenKey: ByteArray) : Filter {
|
||||
class TokenVerifier(tokenKey: ByteArray, isDisabled: Boolean) : Filter {
|
||||
private val box = TweetNaclFast.SecretBox(tokenKey)
|
||||
private val isDisabled = isDisabled
|
||||
|
||||
override fun invoke(next: HttpHandler): HttpHandler {
|
||||
return then@{
|
||||
if (isDisabled) {
|
||||
return@then next(it)
|
||||
}
|
||||
|
||||
val chapterHash = Path.of("chapterHash")(it)
|
||||
|
||||
val cleanedUri = it.uri.path.replaceBefore("/data", "/{token}")
|
||||
|
|
|
@ -51,6 +51,7 @@ data class DevSettings(
|
|||
val devUrl: String? = null,
|
||||
val disableSniCheck: Boolean = false,
|
||||
val sendServerHeader: Boolean = false,
|
||||
val disableTokenValidation: Boolean = false,
|
||||
)
|
||||
|
||||
@JsonNaming(PropertyNamingStrategies.SnakeCaseStrategy::class)
|
||||
|
|
|
@ -31,7 +31,7 @@ class TokenVerifierTest : FreeSpec() {
|
|||
val clientKeys = TweetNaclFast.Box.keyPair()
|
||||
val box = TweetNaclFast.Box(clientKeys.publicKey, remoteKeys.secretKey)
|
||||
|
||||
val backend = TokenVerifier(box.before()).then {
|
||||
val backend = TokenVerifier(box.before(), false).then {
|
||||
Response(Status.OK)
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue