ETM-Schurig/powersync-remoteproxy
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix tripple connect and add test for it

Browse Source
This commit is contained in:
Simon Stürz 2018-08-15 19:18:11 +02:00
parent 2331286650
commit efc58872e1
5 changed files with 95 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
libnymea-remoteproxy/authentication/authenticationprocess.cpp
View File

@ -40,22 +40,22 @@ void AuthenticationProcess::startVerificationProcess()
QVariantMap request;
request.insert("token", m_token);
// Set environment
QProcessEnvironment env = QProcessEnvironment::systemEnvironment();
env.insert("AWS_DEFAULT_REGION", "eu-west-1");
if (m_dynamicCredentials) {
qCDebug(dcAuthenticationProcess()) << "Using dynamic credentials" << m_awsAccessKeyId << m_awsSecretAccessKey << m_awsSessionToken;
env.insert("AWS_ACCESS_KEY_ID", m_awsAccessKeyId);
env.insert("AWS_SECRET_ACCESS_KEY", m_awsSecretAccessKey);
env.insert("AWS_SESSION_TOKEN", m_awsSessionToken);
}
m_process->setProcessEnvironment(env);
// FIXME: check how to clean this up properly
m_resultFileName = "/tmp/" + QUuid::createUuid().toString().remove("{").remove("}").remove("-") + ".json";
qCDebug(dcAuthentication()) << "Start authenticator process and store result in" << m_resultFileName;
m_processTimer.start();
m_process->setProcessEnvironment(env);
m_process->start("aws", { "lambda", "invoke",
"--function-name", "system-services-authorizer-dev-checkToken",
"--invocation-type", "RequestResponse",

5
libnymea-remoteproxy/proxyserver.cpp
View File

@ -145,7 +145,7 @@ void ProxyServer::onClientDisconnected(const QUuid &clientId)
if (m_tunnels.contains(proxyClient->token())) {
// There is a tunnel connection for this client, remove the tunnel and disconnect also the other client
ProxyClient *remoteClient = getRemoteClient(proxyClient);
m_tunnels.remove(remoteClient->token());
m_tunnels.remove(proxyClient->token());
if (remoteClient) {
remoteClient->interface()->killClientConnection(remoteClient->clientId(), "Tunnel client disconnected");
}
@ -212,6 +212,9 @@ void ProxyServer::onProxyClientAuthenticated()
if (m_tunnels.contains(proxyClient->token())) {
qCWarning(dcProxyServer()) << "There is already a tunnel connection for this token. A third client is not allowed.";
// Note: remove the authenticated token, so the current tunnel will not interrupted.
proxyClient->setToken(QString());
proxyClient->setAuthenticated(false);
proxyClient->interface()->killClientConnection(proxyClient->clientId(), "There is already an established tunnel with this token.");
return;
}

13
server/main.cpp
View File

@ -95,13 +95,15 @@ int main(int argc, char *argv[])
s_loggingFilters.insert("Application", true);
s_loggingFilters.insert("Engine", true);
s_loggingFilters.insert("JsonRpc", true);
s_loggingFilters.insert("JsonRpcTraffic", false);
s_loggingFilters.insert("WebSocketServer", true);
s_loggingFilters.insert("WebSocketServerTraffic", false);
s_loggingFilters.insert("Authentication", true);
s_loggingFilters.insert("AuthenticationProcess", true);
s_loggingFilters.insert("ProxyServer", true);
// Only with verbose enabled
s_loggingFilters.insert("JsonRpcTraffic", false);
s_loggingFilters.insert("ProxyServerTraffic", false);
s_loggingFilters.insert("AuthenticationProcess", false);
s_loggingFilters.insert("WebSocketServerTraffic", false);
QString configFile = QStandardPaths::standardLocations(QStandardPaths::ConfigLocation).first() + "/nymea/nymea-remoteproxy.conf";
@ -140,9 +142,9 @@ int main(int argc, char *argv[])
// Create a default configuration
ProxyConfiguration *configuration = new ProxyConfiguration(nullptr);
if (parser.isSet(configOption)) {
if (parser.isSet(configOption))
configFile = parser.value(configOption);
}
qCDebug(dcApplication()) << "Loading configuration file from" << configFile;
if (!configuration->loadConfiguration(parser.value(configOption))) {
qCCritical(dcApplication()) << "Invalid configuration file passed" << parser.value(configOption);
@ -152,6 +154,7 @@ int main(int argc, char *argv[])
if (parser.isSet(verboseOption)) {
s_loggingFilters["JsonRpcTraffic"] = true;
s_loggingFilters["ProxyServerTraffic"] = true;
s_loggingFilters["AuthenticationProcess"] = true;
s_loggingFilters["WebSocketServerTraffic"] = true;
}

80
tests/test-offline/nymea-remoteproxy-tests-offline.cpp
View File

@ -334,6 +334,86 @@ void RemoteProxyOfflineTests::remoteConnection()
stopServer();
}
void RemoteProxyOfflineTests::trippleConnection()
{
// Start the server
startServer();
// Configure moch authenticator
m_mockAuthenticator->setTimeoutDuration(100);
m_mockAuthenticator->setExpectedAuthenticationError();
// Create two connection
RemoteProxyConnection *connectionOne = new RemoteProxyConnection(QUuid::createUuid(), "Test client one", this);
connectionOne->setInsecureConnection(true);
RemoteProxyConnection *connectionTwo = new RemoteProxyConnection(QUuid::createUuid(), "Test client two", this);
connectionTwo->setInsecureConnection(true);
RemoteProxyConnection *connectionThree = new RemoteProxyConnection(QUuid::createUuid(), "Token thief ^w^", this);
connectionThree->setInsecureConnection(true);
// Connect one
QSignalSpy connectionOneReadySpy(connectionOne, &RemoteProxyConnection::ready);
QVERIFY(connectionOne->connectServer(QHostAddress::LocalHost, m_port));
connectionOneReadySpy.wait();
QVERIFY(connectionOneReadySpy.count() == 1);
QVERIFY(connectionOne->isConnected());
// Connect two
QSignalSpy connectionTwoReadySpy(connectionTwo, &RemoteProxyConnection::ready);
QVERIFY(connectionTwo->connectServer(QHostAddress::LocalHost, m_port));
connectionTwoReadySpy.wait();
QVERIFY(connectionTwoReadySpy.count() == 1);
QVERIFY(connectionTwo->isConnected());
// Connect two
QSignalSpy connectionThreeReadySpy(connectionThree, &RemoteProxyConnection::ready);
QVERIFY(connectionThree->connectServer(QHostAddress::LocalHost, m_port));
connectionThreeReadySpy.wait();
QVERIFY(connectionThreeReadySpy.count() == 1);
QVERIFY(connectionThree->isConnected());
// Authenticate one
QSignalSpy connectionOneAuthenticatedSpy(connectionOne, &RemoteProxyConnection::authenticated);
QVERIFY(connectionOne->authenticate(m_testToken));
connectionOneAuthenticatedSpy.wait();
QVERIFY(connectionOneAuthenticatedSpy.count() == 1);
QVERIFY(connectionOne->isConnected());
QVERIFY(connectionOne->isAuthenticated());
QVERIFY(connectionOne->state() == RemoteProxyConnection::StateWaitTunnel);
QSignalSpy remoteConnectionEstablishedOne(connectionOne, &RemoteProxyConnection::remoteConnectionEstablished);
// Authenticate two
QSignalSpy remoteConnectionEstablishedTwo(connectionTwo, &RemoteProxyConnection::remoteConnectionEstablished);
QSignalSpy connectionTwoAuthenticatedSpy(connectionTwo, &RemoteProxyConnection::authenticated);
QVERIFY(connectionTwo->authenticate(m_testToken));
connectionTwoAuthenticatedSpy.wait();
QVERIFY(connectionTwoAuthenticatedSpy.count() == 1);
QVERIFY(connectionTwo->isConnected());
QVERIFY(connectionTwo->isAuthenticated());
// Wait for both to be connected
remoteConnectionEstablishedOne.wait(500);
// Now connect a third connection and make sure it gets disconnected
// Authenticate three
QSignalSpy connectionThreeDisconnectSpy(connectionThree, &RemoteProxyConnection::disconnected);
QVERIFY(connectionThree->authenticate(m_testToken));
connectionThreeDisconnectSpy.wait();
QVERIFY(connectionOneAuthenticatedSpy.count() == 1);
QVERIFY(!connectionThree->isConnected());
QVERIFY(!connectionThree->isAuthenticated());
QVERIFY(connectionThree->state() == RemoteProxyConnection::StateDisconnected);
// Clean up
stopServer();
}
void RemoteProxyOfflineTests::sslConfigurations()
{
// Start the server

1
tests/test-offline/nymea-remoteproxy-tests-offline.h
View File

@ -42,6 +42,7 @@ private slots:
// Client lib
void clientConnection();
void remoteConnection();
void trippleConnection();
void sslConfigurations();
void timeout();