From c88fc9bd9605ee79018a2dbaedf73e22d42f86b8 Mon Sep 17 00:00:00 2001 From: Michiel de Jong Date: Fri, 7 Oct 2022 16:09:53 +0200 Subject: [PATCH 1/3] Notifications over WebSockets, see #105 --- solid/appinfo/routes.php | 2 +- solid/composer.lock | 12 ++++----- .../lib/Controller/SolidWebhookController.php | 25 +++++++++++++++++++ 3 files changed, 32 insertions(+), 7 deletions(-) diff --git a/solid/appinfo/routes.php b/solid/appinfo/routes.php index c996d701..c49d7bcb 100644 --- a/solid/appinfo/routes.php +++ b/solid/appinfo/routes.php @@ -55,7 +55,7 @@ ['name' => 'solidWebhook#register', 'url' => '/webhook/register', 'verb' => 'POST'], ['name' => 'solidWebhook#unregister', 'url' => '/webhook/unregister', 'verb' => 'POST'], - ['name' => 'solidWebsocket#register', 'url' => '/websocket/register', 'verb' => 'POST'], + ['name' => 'solidWebhook#registerWs', 'url' => '/websocket/register', 'verb' => 'POST'], ['name' => 'app#appLauncher', 'url' => '/', 'verb' => 'GET'], ] diff --git a/solid/composer.lock b/solid/composer.lock index 1e02fb3d..efe72e29 100644 --- a/solid/composer.lock +++ b/solid/composer.lock @@ -719,16 +719,16 @@ }, { "name": "league/flysystem", - "version": "1.1.9", + "version": "1.1.10", "source": { "type": "git", "url": "https://github.com/thephpleague/flysystem.git", - "reference": "094defdb4a7001845300334e7c1ee2335925ef99" + "reference": "3239285c825c152bcc315fe0e87d6b55f5972ed1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/thephpleague/flysystem/zipball/094defdb4a7001845300334e7c1ee2335925ef99", - "reference": "094defdb4a7001845300334e7c1ee2335925ef99", + "url": "https://api.github.com/repos/thephpleague/flysystem/zipball/3239285c825c152bcc315fe0e87d6b55f5972ed1", + "reference": "3239285c825c152bcc315fe0e87d6b55f5972ed1", "shasum": "" }, "require": { @@ -801,7 +801,7 @@ ], "support": { "issues": "https://github.com/thephpleague/flysystem/issues", - "source": "https://github.com/thephpleague/flysystem/tree/1.1.9" + "source": "https://github.com/thephpleague/flysystem/tree/1.1.10" }, "funding": [ { @@ -809,7 +809,7 @@ "type": "other" } ], - "time": "2021-12-09T09:40:50+00:00" + "time": "2022-10-04T09:16:37+00:00" }, { "name": "league/flysystem-cached-adapter", diff --git a/solid/lib/Controller/SolidWebhookController.php b/solid/lib/Controller/SolidWebhookController.php index 6a88a81e..fd9b5470 100644 --- a/solid/lib/Controller/SolidWebhookController.php +++ b/solid/lib/Controller/SolidWebhookController.php @@ -83,6 +83,31 @@ public function listWebhooks(): DataResponse { return new DataResponse($this->webhookService->findAll($this->webId)); } + /** + * @PublicPage + * @NoAdminRequired + * @NoCSRFRequired + */ + public function registerWs(string $topic): DataResponse { + $toSub = "http://pubsub:8081"; + $toPub = "http://pubsub:8082"; + // FIXME: is this secure enough? + // https://www.php.net/manual/en/function.random-bytes.php says it + // generates "cryptographically secure pseudo-random bytes" + $token = bin2hex(random_bytes(20)); + $target = "$toPub/$token?" . urlencode($topic); + if ($this->checkReadAccess($topic)) { + $webhook = $this->webhookService->create($this->webId, $topic, $target); + return new DataResponse([ + "@context" => "https://www.w3.org/ns/solid/notification/v1", + "type" => "WebSocketSubscription2021", + "source" => "$toSub/$token" + ]); + } else { + return new DataResponse("Error: denied access", 401); + } + } + /** * @PublicPage * @NoAdminRequired From 8f30461a1b0d9870ccbd5ecaeeda6dcf852c55d6 Mon Sep 17 00:00:00 2001 From: Michiel de Jong Date: Fri, 7 Oct 2022 17:52:56 +0200 Subject: [PATCH 2/3] Use latest pubsub and latest test suite --- run-solid-test-suite.sh | 6 +++--- solid/lib/Controller/SolidWebhookController.php | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/run-solid-test-suite.sh b/run-solid-test-suite.sh index 25f4048e..7a81d077 100755 --- a/run-solid-test-suite.sh +++ b/run-solid-test-suite.sh @@ -4,12 +4,12 @@ set -e function setup { docker network create testnet docker build -t solid-nextcloud . - docker build -t pubsub-server https://github.com/pdsinterop/php-solid-pubsub-server.git#main + docker build -t pubsub-server https://github.com/pdsinterop/php-solid-pubsub-server.git#feature-secure-webhook-to-ws docker pull michielbdejong/nextcloud-cookie docker pull solidtestsuite/webid-provider-tests:v2.1.0 docker tag solidtestsuite/webid-provider-tests:v2.1.0 webid-provider-tests - docker pull solidtestsuite/solid-crud-tests:v7.0.5 - docker tag solidtestsuite/solid-crud-tests:v7.0.5 solid-crud-tests + docker pull solidtestsuite/solid-crud-tests:v7.0.6 + docker tag solidtestsuite/solid-crud-tests:v7.0.6 solid-crud-tests docker pull solidtestsuite/web-access-control-tests:v7.1.0 docker tag solidtestsuite/web-access-control-tests:v7.1.0 web-access-control-tests } diff --git a/solid/lib/Controller/SolidWebhookController.php b/solid/lib/Controller/SolidWebhookController.php index fd9b5470..5b37ca6c 100644 --- a/solid/lib/Controller/SolidWebhookController.php +++ b/solid/lib/Controller/SolidWebhookController.php @@ -95,7 +95,7 @@ public function registerWs(string $topic): DataResponse { // https://www.php.net/manual/en/function.random-bytes.php says it // generates "cryptographically secure pseudo-random bytes" $token = bin2hex(random_bytes(20)); - $target = "$toPub/$token?" . urlencode($topic); + $target = "$toPub/$token"; if ($this->checkReadAccess($topic)) { $webhook = $this->webhookService->create($this->webId, $topic, $target); return new DataResponse([ From 915febd994af6dd0ccac464dc36132abc52f7426 Mon Sep 17 00:00:00 2001 From: Michiel de Jong Date: Fri, 7 Oct 2022 17:54:21 +0200 Subject: [PATCH 3/3] run two types of pubsub server --- run-solid-test-suite.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/run-solid-test-suite.sh b/run-solid-test-suite.sh index 7a81d077..bf310c72 100755 --- a/run-solid-test-suite.sh +++ b/run-solid-test-suite.sh @@ -21,6 +21,7 @@ function teardown { function startPubSub { docker run -d --name pubsub --network=testnet pubsub-server + docker exec -it pubsub php server/serverWh2Ws.php & } function startSolidNextcloud {