diff --git a/libnymea-core/jsonrpc/jsonrpcserverimplementation.cpp b/libnymea-core/jsonrpc/jsonrpcserverimplementation.cpp index 6eb8baeb..c1536444 100644 --- a/libnymea-core/jsonrpc/jsonrpcserverimplementation.cpp +++ b/libnymea-core/jsonrpc/jsonrpcserverimplementation.cpp @@ -521,16 +521,11 @@ QHash JsonRPCServerImplementation::handlers() const } /*! Register a new \l{TransportInterface} to the JSON server. If the given interface is already registered, just the authenticationRequired flag will be updated. */ -void JsonRPCServerImplementation::registerTransportInterface(TransportInterface *interface, bool authenticationRequired) +void JsonRPCServerImplementation::registerTransportInterface(TransportInterface *interface) { - if (!m_interfaces.contains(interface)) { - connect(interface, &TransportInterface::clientConnected, this, &JsonRPCServerImplementation::clientConnected); - connect(interface, &TransportInterface::clientDisconnected, this, &JsonRPCServerImplementation::clientDisconnected); - connect(interface, &TransportInterface::dataAvailable, this, &JsonRPCServerImplementation::processData); - m_interfaces.insert(interface, authenticationRequired); - } else { - m_interfaces[interface] = authenticationRequired; - } + connect(interface, &TransportInterface::clientConnected, this, &JsonRPCServerImplementation::clientConnected); + connect(interface, &TransportInterface::clientDisconnected, this, &JsonRPCServerImplementation::clientDisconnected); + connect(interface, &TransportInterface::dataAvailable, this, &JsonRPCServerImplementation::processData); } void JsonRPCServerImplementation::unregisterTransportInterface(TransportInterface *interface) @@ -542,7 +537,6 @@ void JsonRPCServerImplementation::unregisterTransportInterface(TransportInterfac interface->terminateClientConnection(clientId); clientDisconnected(clientId); } - m_interfaces.take(interface); } bool JsonRPCServerImplementation::registerExperienceHandler(JsonHandler *handler, int majorVersion, int minorVersion) @@ -678,7 +672,7 @@ void JsonRPCServerImplementation::processJsonPacket(TransportInterface *interfac QString method = commandList.last(); // check if authentication is required for this transport - if (m_interfaces.value(interface)) { + if (interface->configuration().authenticationEnabled) { QByteArray token = message.value("token").toByteArray(); QStringList authExemptMethodsNoUser = {"JSONRPC.Introspect", "JSONRPC.Hello", "JSONRPC.RequestPushButtonAuth", "JSONRPC.CreateUser"}; QStringList authExemptMethodsWithUser = {"JSONRPC.Introspect", "JSONRPC.Hello", "JSONRPC.Authenticate", "JSONRPC.RequestPushButtonAuth"}; diff --git a/libnymea-core/jsonrpc/jsonrpcserverimplementation.h b/libnymea-core/jsonrpc/jsonrpcserverimplementation.h index b699d4e0..f024c4bc 100644 --- a/libnymea-core/jsonrpc/jsonrpcserverimplementation.h +++ b/libnymea-core/jsonrpc/jsonrpcserverimplementation.h @@ -76,7 +76,7 @@ signals: // Server API public: - void registerTransportInterface(TransportInterface *interface, bool authenticationRequired); + void registerTransportInterface(TransportInterface *interface); void unregisterTransportInterface(TransportInterface *interface); bool registerHandler(JsonHandler *handler) override; @@ -111,7 +111,6 @@ private slots: private: QVariantMap m_api; QHash m_experiences; - QMap m_interfaces; // Interface, authenticationRequired QHash m_handlers; QHash m_asyncReplies; diff --git a/libnymea-core/nymeacore.cpp b/libnymea-core/nymeacore.cpp index 6d34657f..73916035 100644 --- a/libnymea-core/nymeacore.cpp +++ b/libnymea-core/nymeacore.cpp @@ -158,7 +158,7 @@ void NymeaCore::init(const QStringList &additionalInterfaces) { m_thingManager->registerStaticPlugin(cloudNotifications); CloudTransport *cloudTransport = m_cloudManager->createTransportInterface(); - m_serverManager->jsonServer()->registerTransportInterface(cloudTransport, false); + m_serverManager->jsonServer()->registerTransportInterface(cloudTransport); connect(m_configuration, &NymeaConfiguration::serverNameChanged, m_serverManager, &ServerManager::setServerName); diff --git a/libnymea-core/servermanager.cpp b/libnymea-core/servermanager.cpp index d171a87a..eed2e0ba 100644 --- a/libnymea-core/servermanager.cpp +++ b/libnymea-core/servermanager.cpp @@ -114,7 +114,7 @@ ServerManager::ServerManager(Platform *platform, NymeaConfiguration *configurati // Transports MockTcpServer *tcpServer = new MockTcpServer(this); - m_jsonServer->registerTransportInterface(tcpServer, true); + m_jsonServer->registerTransportInterface(tcpServer); tcpServer->startServer(); foreach (const QString &interfaceString, additionalInterfaces) { @@ -125,15 +125,20 @@ ServerManager::ServerManager(Platform *platform, NymeaConfiguration *configurati config.port = additionalInterface.port(); TransportInterface *server = nullptr; QString serverType, serviceType; + qCInfo(dcServerManager) << "Enabling additional interface" << additionalInterface; if (additionalInterface.scheme().startsWith("nymea")) { config.sslEnabled = additionalInterface.scheme().startsWith("nymeas"); + config.authenticationEnabled = false; server = new TcpServer(config, m_sslConfiguration, this); + m_jsonServer->registerTransportInterface(server); m_tcpServers.insert(config.id, qobject_cast(server)); serverType = "tcp"; serviceType = "_jsonrpc._tcp"; } else if (additionalInterface.scheme().startsWith("ws")) { config.sslEnabled = additionalInterface.scheme().startsWith("wss"); + config.authenticationEnabled = false; server = new WebSocketServer(config, m_sslConfiguration, this); + m_jsonServer->registerTransportInterface(server); m_webSocketServers.insert(config.id, qobject_cast(server)); serverType = "ws"; serviceType = "_ws._tcp"; @@ -145,7 +150,7 @@ ServerManager::ServerManager(Platform *platform, NymeaConfiguration *configurati foreach (const ServerConfiguration &config, configuration->tcpServerConfigurations()) { TcpServer *tcpServer = new TcpServer(config, m_sslConfiguration, this); - m_jsonServer->registerTransportInterface(tcpServer, config.authenticationEnabled); + m_jsonServer->registerTransportInterface(tcpServer); m_tcpServers.insert(config.id, tcpServer); if (tcpServer->startServer()) { registerZeroConfService(config, "tcp", "_jsonrpc._tcp"); @@ -154,7 +159,7 @@ ServerManager::ServerManager(Platform *platform, NymeaConfiguration *configurati foreach (const ServerConfiguration &config, configuration->webSocketServerConfigurations()) { WebSocketServer *webSocketServer = new WebSocketServer(config, m_sslConfiguration, this); - m_jsonServer->registerTransportInterface(webSocketServer, config.authenticationEnabled); + m_jsonServer->registerTransportInterface(webSocketServer); m_webSocketServers.insert(config.id, webSocketServer); if (webSocketServer->startServer()) { registerZeroConfService(config, "ws", "_ws._tcp"); @@ -162,7 +167,7 @@ ServerManager::ServerManager(Platform *platform, NymeaConfiguration *configurati } m_bluetoothServer = new BluetoothServer(this); - m_jsonServer->registerTransportInterface(m_bluetoothServer, true); + m_jsonServer->registerTransportInterface(m_bluetoothServer); if (configuration->bluetoothServerEnabled()) { m_bluetoothServer->startServer(); } @@ -173,8 +178,7 @@ ServerManager::ServerManager(Platform *platform, NymeaConfiguration *configurati m_tunnelProxyServers.insert(config.id, tunnelProxyServer); connect(tunnelProxyServer, &TunnelProxyServer::runningChanged, this, [this, tunnelProxyServer](bool running){ if (running) { - // Note: enable authentication in any case, we don't want to expose unprotected access trough the internet - m_jsonServer->registerTransportInterface(tunnelProxyServer, true); + m_jsonServer->registerTransportInterface(tunnelProxyServer); } else { m_jsonServer->unregisterTransportInterface(tunnelProxyServer); } @@ -254,7 +258,7 @@ void ServerManager::tcpServerConfigurationChanged(const QString &id) server = new TcpServer(config, m_sslConfiguration, this); m_tcpServers.insert(config.id, server); } - m_jsonServer->registerTransportInterface(server, config.authenticationEnabled); + m_jsonServer->registerTransportInterface(server); if (server->startServer()) { registerZeroConfService(config, "tcp", "_jsonrpc._tcp"); } @@ -287,7 +291,7 @@ void ServerManager::webSocketServerConfigurationChanged(const QString &id) server = new WebSocketServer(config, m_sslConfiguration, this); m_webSocketServers.insert(server->configuration().id, server); } - m_jsonServer->registerTransportInterface(server, config.authenticationEnabled); + m_jsonServer->registerTransportInterface(server); if (server->startServer()) { registerZeroConfService(config, "ws", "_ws._tcp"); } @@ -380,8 +384,7 @@ void ServerManager::tunnelProxyServerConfigurationChanged(const QString &id) m_tunnelProxyServers.insert(server->configuration().id, server); connect(server, &TunnelProxyServer::runningChanged, this, [this, server](bool running){ if (running) { - // Note: enable authentication in any case, we don't want to expose unprotected access trough the internet - m_jsonServer->registerTransportInterface(server, true); + m_jsonServer->registerTransportInterface(server); } else { m_jsonServer->unregisterTransportInterface(server); } diff --git a/server/main.cpp b/server/main.cpp index f3b13eb3..99f0917d 100644 --- a/server/main.cpp +++ b/server/main.cpp @@ -126,7 +126,7 @@ int main(int argc, char *argv[]) QCommandLineOption debugOption(QStringList() << "d" << "debug-category", debugDescription, "[No]DebugCategory[Warnings]"); parser.addOption(debugOption); - QCommandLineOption interfacesOption({"i", "interface"}, QCoreApplication::translate("nymea", "Additional interfaces to listen on. In nymea URI format (e.g. nymeas://127.0.0.2:7777).")); + QCommandLineOption interfacesOption({"i", "interface"}, QCoreApplication::translate("nymea", "Additional interfaces to listen on. In nymea URI format (e.g. nymeas://127.0.0.2:7777). Note that such interfaces will not require any authentication as they are intended to be used for automated testing only."), "interfaceString"); parser.addOption(interfacesOption); parser.process(application);