1
0
mirror of https://gitlab.com/mangadex-pub/mangadex_at_home.git synced 2024-11-16 16:12:32 +01:00

Add support for skipping token validation

This commit is contained in:
Edward Shen 2021-07-19 00:10:13 -04:00
parent dd8e434024
commit 7f8b406164
No known key found for this signature in database
GPG Key ID: 19182661E818369F
5 changed files with 14 additions and 3 deletions

View File

@ -174,7 +174,7 @@ class ImageServer(
companion object {
private val LOGGER = LoggerFactory.getLogger(ImageServer::class.java)
private fun String.isImageMimetype() = this.toLowerCase().startsWith("image/")
private fun String.isImageMimetype() = this.lowercase().startsWith("image/")
private fun baseHandler(): Filter =
CachingFilters.Response.MaxAge(Clock.systemUTC(), Constants.MAX_AGE_CACHE)

View File

@ -108,8 +108,13 @@ fun getServer(
val verifier = TokenVerifier(
tokenKey = remoteSettings.tokenKey,
isDisabled = devSettings.disableTokenValidation,
)
if (devSettings.disableTokenValidation) {
LOGGER.warn { "Token validation has been explicitly disabled. This should only be used for testing!" }
}
return timeRequest()
.then(addCommonHeaders(devSettings.sendServerHeader))
.then(catchAllHideDetails())

View File

@ -37,11 +37,16 @@ import org.slf4j.LoggerFactory
import java.time.OffsetDateTime
import java.util.Base64
class TokenVerifier(tokenKey: ByteArray) : Filter {
class TokenVerifier(tokenKey: ByteArray, isDisabled: Boolean) : Filter {
private val box = TweetNaclFast.SecretBox(tokenKey)
private val isDisabled = isDisabled
override fun invoke(next: HttpHandler): HttpHandler {
return then@{
if (isDisabled) {
return@then next(it)
}
val chapterHash = Path.of("chapterHash")(it)
val cleanedUri = it.uri.path.replaceBefore("/data", "/{token}")

View File

@ -50,6 +50,7 @@ data class DevSettings(
val devUrl: String? = null,
val disableSniCheck: Boolean = false,
val sendServerHeader: Boolean = false,
val disableTokenValidation: Boolean = false,
)
@JsonNaming(PropertyNamingStrategies.SnakeCaseStrategy::class)

View File

@ -31,7 +31,7 @@ class TokenVerifierTest : FreeSpec() {
val clientKeys = TweetNaclFast.Box.keyPair()
val box = TweetNaclFast.Box(clientKeys.publicKey, remoteKeys.secretKey)
val backend = TokenVerifier(box.before()).then {
val backend = TokenVerifier(box.before(), false).then {
Response(Status.OK)
}