From 50b37b8efa3ca18d9db66172923ed577e7dab1a4 Mon Sep 17 00:00:00 2001 From: NyxiumYuuki Date: Sat, 29 May 2021 14:40:08 +0200 Subject: [PATCH 1/7] Move again keys --- backend/{ => service-authentication}/keys/jwtRS256.key | 0 backend/{ => service-authentication}/keys/jwtRS256.key.pub | 0 backend/{ => service-authentication}/keys/jwtRS256.sh | 0 3 files changed, 0 insertions(+), 0 deletions(-) rename backend/{ => service-authentication}/keys/jwtRS256.key (100%) rename backend/{ => service-authentication}/keys/jwtRS256.key.pub (100%) rename backend/{ => service-authentication}/keys/jwtRS256.sh (100%) diff --git a/backend/keys/jwtRS256.key b/backend/service-authentication/keys/jwtRS256.key similarity index 100% rename from backend/keys/jwtRS256.key rename to backend/service-authentication/keys/jwtRS256.key diff --git a/backend/keys/jwtRS256.key.pub b/backend/service-authentication/keys/jwtRS256.key.pub similarity index 100% rename from backend/keys/jwtRS256.key.pub rename to backend/service-authentication/keys/jwtRS256.key.pub diff --git a/backend/keys/jwtRS256.sh b/backend/service-authentication/keys/jwtRS256.sh similarity index 100% rename from backend/keys/jwtRS256.sh rename to backend/service-authentication/keys/jwtRS256.sh From 6f9b78a5e383c9316a9a9430d6ee5ee0fd2c8029 Mon Sep 17 00:00:00 2001 From: NyxiumYuuki Date: Sat, 29 May 2021 14:40:34 +0200 Subject: [PATCH 2/7] Now, service-message request post on service-authentication --- backend/service-message/sessionJWT.js | 89 --------------------------- 1 file changed, 89 deletions(-) delete mode 100644 backend/service-message/sessionJWT.js diff --git a/backend/service-message/sessionJWT.js b/backend/service-message/sessionJWT.js deleted file mode 100644 index ebec454..0000000 --- a/backend/service-message/sessionJWT.js +++ /dev/null @@ -1,89 +0,0 @@ -const sessionJWT = require ('jsonwebtoken'); -const fs = require ('fs'); - - -// renvoie un nouveau token JWT -function createSessionJWT (username) { - // ci-dessous, on met en place le cookie de session JWT : - // 1/ on recupere notre clef privee - const RSA_PRIVATE_KEY = fs.readFileSync('../keys/jwtRS256.key'); - - // 2/ on signe un token JWT. Le payload est l'identifiant de - // l'utilisateur ainsi qu'une date d'expiration à mi-parcours : - // on récupérra ultérieurement ces informations, qui permettront - // de savoir si le token est valide ou non et de connaître l'ID - // de l'utilisateur. Dans le token, le champ exp indique la date - // de validité du token (pas besoin de se relogguer tant que la - // date actuelle est inférieure à exp) et le champ midExp indique - // à partir de quel moment on doit recréer un nouveau cookie de - // session. - const jwtToken = sessionJWT.sign( - { - username: username, - midExp: Math.floor(Date.now() / 1000) + 1800 // validité: 30mn - }, - RSA_PRIVATE_KEY, - { - algorithm: 'RS256', - expiresIn: '1h' // champ exp: validité 1h - }); - - return jwtToken; -} - - -// crée un cookie de session JWT (Si le JWT de la requête est encore valide, -// on l'utilise, sinon on en recrée un nouveau) -function createSessionCookie(req, res, payload) { - // on regarde si le payload contient les champs userId et midExp. Si c'est le - // cas, c'est qu'on a reçu dans la request un cookie. On va donc vérifier si - // ce cookie est encore valide ou non : si la date actuelle est inférieure à - // midExp, alors le cookie est encore valide et on peut le renvoyer. Sinon, - // on doit recalculer un nouveau cookie. - let jwtToken = ''; - if ((typeof payload.username !== 'undefined') && - (typeof payload.midExp !== 'undefined') && - (Math.floor(Date.now() / 1000) <= payload.midExp)) { - jwtToken = req.headers.cookie; - } - else { - // on crée - // un nouveau cookie - jwtToken = createSessionJWT(payload.username); - } - - // on renvoie le cookie au client - // on met le secure à false afin de pouvoir utiliser http plutôt que https - res.cookie('SESSIONID', jwtToken, {httpOnly:true, secure:false}); -} -module.exports.createSessionCookie = createSessionCookie; - - -// décode un cookie de session et renvoie les informations contenues dans ce -// cookie, notamment le userId. Si le cookie n'existe pas, la fonction renvoie -// juste un objet avec un userId égal à -1. -function decodeSessionCookie(req) { - // si l'on n'a pas de cookie de session, on renvoie une session avec vide, - // avec juste un userId à -1 - - if (typeof req.headers.cookie === 'undefined') { - return { username: -1 }; - } - const sessionid = req.headers.cookie.replace('SESSIONID=',''); - // on lit la clef publique - const RSA_PUBLIC_KEY = fs.readFileSync('../keys/jwtRS256.key.pub'); - - // on récupère les données du cookie - try { - const token = sessionJWT.verify( - sessionid, - RSA_PUBLIC_KEY, - {algorithms: ['RS256']}); - return token; - } - catch (err) { - return {username: err}; - } -} -module.exports.decodeSessionCookie = decodeSessionCookie; - From a7e17137f4bc13e9540b566acff6c00cdb5e5e1f Mon Sep 17 00:00:00 2001 From: NyxiumYuuki Date: Sat, 29 May 2021 14:40:50 +0200 Subject: [PATCH 3/7] Add request --- backend/service-message/package-lock.json | 347 ++++++++++++++++++++++ backend/service-message/package.json | 3 + 2 files changed, 350 insertions(+) diff --git a/backend/service-message/package-lock.json b/backend/service-message/package-lock.json index bf9c4b6..3068f80 100644 --- a/backend/service-message/package-lock.json +++ b/backend/service-message/package-lock.json @@ -50,11 +50,56 @@ "negotiator": "0.6.2" } }, + "ajv": { + "version": "6.12.6", + "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", + "integrity": "sha512-j3fVLgvTo527anyYyJOGTYJbG+vnnQYvE0m5mmkc1TK+nxAppkCLMIL0aZ4dblVCNoGShhm+kzE4ZUykBoMg4g==", + "dev": true, + "requires": { + "fast-deep-equal": "^3.1.1", + "fast-json-stable-stringify": "^2.0.0", + "json-schema-traverse": "^0.4.1", + "uri-js": "^4.2.2" + } + }, "array-flatten": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/array-flatten/-/array-flatten-1.1.1.tgz", "integrity": "sha1-ml9pkFGx5wczKPKgCJaLZOopVdI=" }, + "asn1": { + "version": "0.2.4", + "resolved": "https://registry.npmjs.org/asn1/-/asn1-0.2.4.tgz", + "integrity": "sha512-jxwzQpLQjSmWXgwaCZE9Nz+glAG01yF1QnWgbhGwHI5A6FRIEY6IVqtHhIepHqI7/kyEyQEagBC5mBEFlIYvdg==", + "dev": true, + "requires": { + "safer-buffer": "~2.1.0" + } + }, + "assert-plus": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/assert-plus/-/assert-plus-1.0.0.tgz", + "integrity": "sha1-8S4PPF13sLHN2RRpQuTpbB5N1SU=", + "dev": true + }, + "asynckit": { + "version": "0.4.0", + "resolved": "https://registry.npmjs.org/asynckit/-/asynckit-0.4.0.tgz", + "integrity": "sha1-x57Zf380y48robyXkLzDZkdLS3k=", + "dev": true + }, + "aws-sign2": { + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/aws-sign2/-/aws-sign2-0.7.0.tgz", + "integrity": "sha1-tG6JCTSpWR8tL2+G1+ap8bP+dqg=", + "dev": true + }, + "aws4": { + "version": "1.11.0", + "resolved": "https://registry.npmjs.org/aws4/-/aws4-1.11.0.tgz", + "integrity": "sha512-xh1Rl34h6Fi1DC2WWKfxUTVqRsNnr6LsKz2+hfwDxQJWmrx8+c7ylaqBMcHfl1U1r2dsifOvKX3LQuLNZ+XSvA==", + "dev": true + }, "base64-arraybuffer": { "version": "0.1.4", "resolved": "https://registry.npmjs.org/base64-arraybuffer/-/base64-arraybuffer-0.1.4.tgz", @@ -65,6 +110,15 @@ "resolved": "https://registry.npmjs.org/base64id/-/base64id-2.0.0.tgz", "integrity": "sha512-lGe34o6EHj9y3Kts9R4ZYs/Gr+6N7MCaMlIFA3F1R2O5/m7K06AxfSeO5530PEERE6/WyEg3lsuyw4GHlPZHog==" }, + "bcrypt-pbkdf": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/bcrypt-pbkdf/-/bcrypt-pbkdf-1.0.2.tgz", + "integrity": "sha1-pDAdOJtqQ/m2f/PKEaP2Y342Dp4=", + "dev": true, + "requires": { + "tweetnacl": "^0.14.3" + } + }, "bl": { "version": "2.2.1", "resolved": "https://registry.npmjs.org/bl/-/bl-2.2.1.tgz", @@ -111,6 +165,21 @@ "resolved": "https://registry.npmjs.org/bytes/-/bytes-3.1.0.tgz", "integrity": "sha512-zauLjrfCG+xvoyaqLoV8bLVXXNGC4JqlxFCutSDWA6fJrTo2ZuvLYTqZ7aHBLZSMOopbzwv8f+wZcVzfVTI2Dg==" }, + "caseless": { + "version": "0.12.0", + "resolved": "https://registry.npmjs.org/caseless/-/caseless-0.12.0.tgz", + "integrity": "sha1-G2gcIf+EAzyCZUMJBolCDRhxUdw=", + "dev": true + }, + "combined-stream": { + "version": "1.0.8", + "resolved": "https://registry.npmjs.org/combined-stream/-/combined-stream-1.0.8.tgz", + "integrity": "sha512-FQN4MRfuJeHf7cBbBMJFXhKSDq+2kAArBlmRBvcvFE5BB1HZKXtSFASDhdlz9zOYwxh8lDdnvmMOe/+5cdoEdg==", + "dev": true, + "requires": { + "delayed-stream": "~1.0.0" + } + }, "component-emitter": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/component-emitter/-/component-emitter-1.3.0.tgz", @@ -162,6 +231,15 @@ "vary": "^1" } }, + "dashdash": { + "version": "1.14.1", + "resolved": "https://registry.npmjs.org/dashdash/-/dashdash-1.14.1.tgz", + "integrity": "sha1-hTz6D3y+L+1d4gMmuN1YEDX24vA=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0" + } + }, "debug": { "version": "2.6.9", "resolved": "https://registry.npmjs.org/debug/-/debug-2.6.9.tgz", @@ -170,6 +248,12 @@ "ms": "2.0.0" } }, + "delayed-stream": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/delayed-stream/-/delayed-stream-1.0.0.tgz", + "integrity": "sha1-3zrhmayt+31ECqrgsp4icrJOxhk=", + "dev": true + }, "denque": { "version": "1.5.0", "resolved": "https://registry.npmjs.org/denque/-/denque-1.5.0.tgz", @@ -185,6 +269,16 @@ "resolved": "https://registry.npmjs.org/destroy/-/destroy-1.0.4.tgz", "integrity": "sha1-l4hXRCxEdJ5CBmE+N5RiBYJqvYA=" }, + "ecc-jsbn": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/ecc-jsbn/-/ecc-jsbn-0.1.2.tgz", + "integrity": "sha1-OoOpBOVDUyh4dMVkt1SThoSamMk=", + "dev": true, + "requires": { + "jsbn": "~0.1.0", + "safer-buffer": "^2.1.0" + } + }, "ecdsa-sig-formatter": { "version": "1.0.11", "resolved": "https://registry.npmjs.org/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz", @@ -292,6 +386,30 @@ "vary": "~1.1.2" } }, + "extend": { + "version": "3.0.2", + "resolved": "https://registry.npmjs.org/extend/-/extend-3.0.2.tgz", + "integrity": "sha512-fjquC59cD7CyW6urNXK0FBufkZcoiGG80wTuPujX590cB5Ttln20E2UB4S/WARVqhXffZl2LNgS+gQdPIIim/g==", + "dev": true + }, + "extsprintf": { + "version": "1.3.0", + "resolved": "https://registry.npmjs.org/extsprintf/-/extsprintf-1.3.0.tgz", + "integrity": "sha1-lpGEQOMEGnpBT4xS48V06zw+HgU=", + "dev": true + }, + "fast-deep-equal": { + "version": "3.1.3", + "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", + "integrity": "sha512-f3qQ9oQy9j2AhBe/H9VC91wLmKBCCU/gDOnKNAYG5hswO7BLKj09Hc5HYNz9cGI++xlpDCIgDaitVs03ATR84Q==", + "dev": true + }, + "fast-json-stable-stringify": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/fast-json-stable-stringify/-/fast-json-stable-stringify-2.1.0.tgz", + "integrity": "sha512-lhd/wF+Lk98HZoTCtlVraHtfh5XYijIjalXck7saUtuanSDyLMxnHhSXEDJqHxD7msR8D0uCmqlkwjCV8xvwHw==", + "dev": true + }, "finalhandler": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/finalhandler/-/finalhandler-1.1.2.tgz", @@ -306,6 +424,23 @@ "unpipe": "~1.0.0" } }, + "forever-agent": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/forever-agent/-/forever-agent-0.6.1.tgz", + "integrity": "sha1-+8cfDEGt6zf5bFd60e1C2P2sypE=", + "dev": true + }, + "form-data": { + "version": "2.3.3", + "resolved": "https://registry.npmjs.org/form-data/-/form-data-2.3.3.tgz", + "integrity": "sha512-1lLKB2Mu3aGP1Q/2eCOx0fNbRMe7XdwktwOruhfqqd0rIJWwN4Dh+E3hrPSlDCXnSR7UtZ1N38rVXm+6+MEhJQ==", + "dev": true, + "requires": { + "asynckit": "^0.4.0", + "combined-stream": "^1.0.6", + "mime-types": "^2.1.12" + } + }, "forwarded": { "version": "0.1.2", "resolved": "https://registry.npmjs.org/forwarded/-/forwarded-0.1.2.tgz", @@ -321,6 +456,31 @@ "resolved": "https://registry.npmjs.org/fs/-/fs-0.0.1-security.tgz", "integrity": "sha1-invTcYa23d84E/I4WLV+yq9eQdQ=" }, + "getpass": { + "version": "0.1.7", + "resolved": "https://registry.npmjs.org/getpass/-/getpass-0.1.7.tgz", + "integrity": "sha1-Xv+OPmhNVprkyysSgmBOi6YhSfo=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0" + } + }, + "har-schema": { + "version": "2.0.0", + "resolved": "https://registry.npmjs.org/har-schema/-/har-schema-2.0.0.tgz", + "integrity": "sha1-qUwiJOvKwEeCoNkDVSHyRzW37JI=", + "dev": true + }, + "har-validator": { + "version": "5.1.5", + "resolved": "https://registry.npmjs.org/har-validator/-/har-validator-5.1.5.tgz", + "integrity": "sha512-nmT2T0lljbxdQZfspsno9hgrG3Uir6Ks5afism62poxqBM6sDnMEuPmzTq8XN0OEwqKLLdh1jQI3qyE66Nzb3w==", + "dev": true, + "requires": { + "ajv": "^6.12.3", + "har-schema": "^2.0.0" + } + }, "http-errors": { "version": "1.7.2", "resolved": "https://registry.npmjs.org/http-errors/-/http-errors-1.7.2.tgz", @@ -333,6 +493,17 @@ "toidentifier": "1.0.0" } }, + "http-signature": { + "version": "1.2.0", + "resolved": "https://registry.npmjs.org/http-signature/-/http-signature-1.2.0.tgz", + "integrity": "sha1-muzZJRFHcvPZW2WmCruPfBj7rOE=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0", + "jsprim": "^1.2.2", + "sshpk": "^1.7.0" + } + }, "iconv-lite": { "version": "0.4.24", "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.4.24.tgz", @@ -351,11 +522,47 @@ "resolved": "https://registry.npmjs.org/ipaddr.js/-/ipaddr.js-1.9.1.tgz", "integrity": "sha512-0KI/607xoxSToH7GjN1FfSbLoU0+btTicjsQSWQlh/hZykN8KpmMf7uYwPW3R+akZ6R/w18ZlXSHBYXiYUPO3g==" }, + "is-typedarray": { + "version": "1.0.0", + "resolved": "https://registry.npmjs.org/is-typedarray/-/is-typedarray-1.0.0.tgz", + "integrity": "sha1-5HnICFjfDBsR3dppQPlgEfzaSpo=", + "dev": true + }, "isarray": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/isarray/-/isarray-1.0.0.tgz", "integrity": "sha1-u5NdSFgsuhaMBoNJV6VKPgcSTxE=" }, + "isstream": { + "version": "0.1.2", + "resolved": "https://registry.npmjs.org/isstream/-/isstream-0.1.2.tgz", + "integrity": "sha1-R+Y/evVa+m+S4VAOaQ64uFKcCZo=", + "dev": true + }, + "jsbn": { + "version": "0.1.1", + "resolved": "https://registry.npmjs.org/jsbn/-/jsbn-0.1.1.tgz", + "integrity": "sha1-peZUwuWi3rXyAdls77yoDA7y9RM=", + "dev": true + }, + "json-schema": { + "version": "0.2.3", + "resolved": "https://registry.npmjs.org/json-schema/-/json-schema-0.2.3.tgz", + "integrity": "sha1-tIDIkuWaLwWVTOcnvT8qTogvnhM=", + "dev": true + }, + "json-schema-traverse": { + "version": "0.4.1", + "resolved": "https://registry.npmjs.org/json-schema-traverse/-/json-schema-traverse-0.4.1.tgz", + "integrity": "sha512-xbbCH5dCYU5T8LcEhhuh7HJ88HXuW3qsI3Y0zOZFKfZEHcpWiHU/Jxzk629Brsab/mMiHQti9wMP+845RPe3Vg==", + "dev": true + }, + "json-stringify-safe": { + "version": "5.0.1", + "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", + "integrity": "sha1-Epai1Y/UXxmg9s4B1lcB4sc1tus=", + "dev": true + }, "jsonwebtoken": { "version": "8.5.1", "resolved": "https://registry.npmjs.org/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz", @@ -380,6 +587,18 @@ } } }, + "jsprim": { + "version": "1.4.1", + "resolved": "https://registry.npmjs.org/jsprim/-/jsprim-1.4.1.tgz", + "integrity": "sha1-MT5mvB5cwG5Di8G3SZwuXFastqI=", + "dev": true, + "requires": { + "assert-plus": "1.0.0", + "extsprintf": "1.3.0", + "json-schema": "0.2.3", + "verror": "1.10.0" + } + }, "jwa": { "version": "1.4.1", "resolved": "https://registry.npmjs.org/jwa/-/jwa-1.4.1.tgz", @@ -564,6 +783,12 @@ "resolved": "https://registry.npmjs.org/negotiator/-/negotiator-0.6.2.tgz", "integrity": "sha512-hZXc7K2e+PgeI1eDBe/10Ard4ekbfrrqG8Ep+8Jmf4JID2bNg7NvCPOZN+kfF574pFQI7mum2AUqDidoKqcTOw==" }, + "oauth-sign": { + "version": "0.9.0", + "resolved": "https://registry.npmjs.org/oauth-sign/-/oauth-sign-0.9.0.tgz", + "integrity": "sha512-fexhUFFPTGV8ybAtSIGbV6gOkSv8UtRbDBnAyLQw4QPKkgNlsH2ByPGtMUqdWkos6YCRmAqViwgZrJc/mRDzZQ==", + "dev": true + }, "object-assign": { "version": "4.1.1", "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz", @@ -592,6 +817,12 @@ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-0.1.7.tgz", "integrity": "sha1-32BBeABfUi8V60SQ5yR6G/qmf4w=" }, + "performance-now": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/performance-now/-/performance-now-2.1.0.tgz", + "integrity": "sha1-Ywn04OX6kT7BxpMHrjZLSzd8nns=", + "dev": true + }, "process-nextick-args": { "version": "2.0.1", "resolved": "https://registry.npmjs.org/process-nextick-args/-/process-nextick-args-2.0.1.tgz", @@ -606,6 +837,18 @@ "ipaddr.js": "1.9.1" } }, + "psl": { + "version": "1.8.0", + "resolved": "https://registry.npmjs.org/psl/-/psl-1.8.0.tgz", + "integrity": "sha512-RIdOzyoavK+hA18OGGWDqUTsCLhtA7IcZ/6NCs4fFJaHBDab+pDDmDIByWFRQJq2Cd7r1OoQxBGKOaztq+hjIQ==", + "dev": true + }, + "punycode": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/punycode/-/punycode-2.1.1.tgz", + "integrity": "sha512-XRsRjdf+j5ml+y/6GKHPZbrF/8p2Yga0JPtdqTIY2Xe5ohJPD9saDJJLPvp9+NSBprVvevdXZybnj2cv8OEd0A==", + "dev": true + }, "qs": { "version": "6.7.0", "resolved": "https://registry.npmjs.org/qs/-/qs-6.7.0.tgz", @@ -646,6 +889,42 @@ "resolved": "https://registry.npmjs.org/regexp-clone/-/regexp-clone-1.0.0.tgz", "integrity": "sha512-TuAasHQNamyyJ2hb97IuBEif4qBHGjPHBS64sZwytpLEqtBQ1gPJTnOaQ6qmpET16cK14kkjbazl6+p0RRv0yw==" }, + "request": { + "version": "2.88.2", + "resolved": "https://registry.npmjs.org/request/-/request-2.88.2.tgz", + "integrity": "sha512-MsvtOrfG9ZcrOwAW+Qi+F6HbD0CWXEh9ou77uOb7FM2WPhwT7smM833PzanhJLsgXjN89Ir6V2PczXNnMpwKhw==", + "dev": true, + "requires": { + "aws-sign2": "~0.7.0", + "aws4": "^1.8.0", + "caseless": "~0.12.0", + "combined-stream": "~1.0.6", + "extend": "~3.0.2", + "forever-agent": "~0.6.1", + "form-data": "~2.3.2", + "har-validator": "~5.1.3", + "http-signature": "~1.2.0", + "is-typedarray": "~1.0.0", + "isstream": "~0.1.2", + "json-stringify-safe": "~5.0.1", + "mime-types": "~2.1.19", + "oauth-sign": "~0.9.0", + "performance-now": "^2.1.0", + "qs": "~6.5.2", + "safe-buffer": "^5.1.2", + "tough-cookie": "~2.5.0", + "tunnel-agent": "^0.6.0", + "uuid": "^3.3.2" + }, + "dependencies": { + "qs": { + "version": "6.5.2", + "resolved": "https://registry.npmjs.org/qs/-/qs-6.5.2.tgz", + "integrity": "sha512-N5ZAX4/LxJmF+7wN74pUD6qAh9/wnvdQcjq9TZjevvXzSUo7bfmw91saqMjzGS2xq91/odN2dW/WOl7qQHNDGA==", + "dev": true + } + } + }, "safe-buffer": { "version": "5.1.2", "resolved": "https://registry.npmjs.org/safe-buffer/-/safe-buffer-5.1.2.tgz", @@ -793,6 +1072,23 @@ "memory-pager": "^1.0.2" } }, + "sshpk": { + "version": "1.16.1", + "resolved": "https://registry.npmjs.org/sshpk/-/sshpk-1.16.1.tgz", + "integrity": "sha512-HXXqVUq7+pcKeLqqZj6mHFUMvXtOJt1uoUx09pFW6011inTMxqI8BA8PM95myrIyyKwdnzjdFjLiE6KBPVtJIg==", + "dev": true, + "requires": { + "asn1": "~0.2.3", + "assert-plus": "^1.0.0", + "bcrypt-pbkdf": "^1.0.0", + "dashdash": "^1.12.0", + "ecc-jsbn": "~0.1.1", + "getpass": "^0.1.1", + "jsbn": "~0.1.0", + "safer-buffer": "^2.0.2", + "tweetnacl": "~0.14.0" + } + }, "statuses": { "version": "1.5.0", "resolved": "https://registry.npmjs.org/statuses/-/statuses-1.5.0.tgz", @@ -811,6 +1107,31 @@ "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.0.tgz", "integrity": "sha512-yaOH/Pk/VEhBWWTlhI+qXxDFXlejDGcQipMlyxda9nthulaxLZUNcUqFxokp0vcYnvteJln5FNQDRrxj3YcbVw==" }, + "tough-cookie": { + "version": "2.5.0", + "resolved": "https://registry.npmjs.org/tough-cookie/-/tough-cookie-2.5.0.tgz", + "integrity": "sha512-nlLsUzgm1kfLXSXfRZMc1KLAugd4hqJHDTvc2hDIwS3mZAfMEuMbc03SujMF+GEcpaX/qboeycw6iO8JwVv2+g==", + "dev": true, + "requires": { + "psl": "^1.1.28", + "punycode": "^2.1.1" + } + }, + "tunnel-agent": { + "version": "0.6.0", + "resolved": "https://registry.npmjs.org/tunnel-agent/-/tunnel-agent-0.6.0.tgz", + "integrity": "sha1-J6XeoGs2sEoKmWZ3SykIaPD8QP0=", + "dev": true, + "requires": { + "safe-buffer": "^5.0.1" + } + }, + "tweetnacl": { + "version": "0.14.5", + "resolved": "https://registry.npmjs.org/tweetnacl/-/tweetnacl-0.14.5.tgz", + "integrity": "sha1-WuaBd/GS1EViadEIr6k/+HQ/T2Q=", + "dev": true + }, "type-is": { "version": "1.6.18", "resolved": "https://registry.npmjs.org/type-is/-/type-is-1.6.18.tgz", @@ -825,6 +1146,15 @@ "resolved": "https://registry.npmjs.org/unpipe/-/unpipe-1.0.0.tgz", "integrity": "sha1-sr9O6FFKrmFltIF4KdIbLvSZBOw=" }, + "uri-js": { + "version": "4.4.1", + "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", + "integrity": "sha512-7rKUyy33Q1yc98pQ1DAmLtwX109F7TIfWlW1Ydo8Wl1ii1SeHieeh0HHfPeL2fMXK6z0s8ecKs9frCuLJvndBg==", + "dev": true, + "requires": { + "punycode": "^2.1.0" + } + }, "util-deprecate": { "version": "1.0.2", "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz", @@ -835,11 +1165,28 @@ "resolved": "https://registry.npmjs.org/utils-merge/-/utils-merge-1.0.1.tgz", "integrity": "sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=" }, + "uuid": { + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.4.0.tgz", + "integrity": "sha512-HjSDRw6gZE5JMggctHBcjVak08+KEVhSIiDzFnT9S9aegmp85S/bReBVTb4QTFaRNptJ9kuYaNhnbNEOkbKb/A==", + "dev": true + }, "vary": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/vary/-/vary-1.1.2.tgz", "integrity": "sha1-IpnwLG3tMNSllhsLn3RSShj2NPw=" }, + "verror": { + "version": "1.10.0", + "resolved": "https://registry.npmjs.org/verror/-/verror-1.10.0.tgz", + "integrity": "sha1-OhBcoXBTr1XW4nDB+CiGguGNpAA=", + "dev": true, + "requires": { + "assert-plus": "^1.0.0", + "core-util-is": "1.0.2", + "extsprintf": "^1.2.0" + } + }, "ws": { "version": "7.4.6", "resolved": "https://registry.npmjs.org/ws/-/ws-7.4.6.tgz", diff --git a/backend/service-message/package.json b/backend/service-message/package.json index 051c9ee..62cd78f 100644 --- a/backend/service-message/package.json +++ b/backend/service-message/package.json @@ -18,5 +18,8 @@ "jsonwebtoken": "^8.5.1", "mongoose": "^5.12.11", "socket.io": "^4.1.2" + }, + "devDependencies": { + "request": "^2.88.2" } } From 258474edb70e4099417eec136302dce4be52f39e Mon Sep 17 00:00:00 2001 From: NyxiumYuuki Date: Sat, 29 May 2021 14:41:07 +0200 Subject: [PATCH 4/7] Remove console log --- frontend/src/app/services/chat/chat.service.ts | 2 +- frontend/src/app/services/message/message.service.ts | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/frontend/src/app/services/chat/chat.service.ts b/frontend/src/app/services/chat/chat.service.ts index 19bffd5..aee3fcb 100644 --- a/frontend/src/app/services/chat/chat.service.ts +++ b/frontend/src/app/services/chat/chat.service.ts @@ -53,7 +53,7 @@ export class ChatService { return new Observable(observer => { // @ts-ignore this.socket.on(room, (data: ChatInfo[]) => { - console.log(data); + //console.log(data); observer.next(data); }); }); diff --git a/frontend/src/app/services/message/message.service.ts b/frontend/src/app/services/message/message.service.ts index 0375a6d..746899a 100644 --- a/frontend/src/app/services/message/message.service.ts +++ b/frontend/src/app/services/message/message.service.ts @@ -18,7 +18,7 @@ export class MessageService { constructor(private http: HttpClient) { } sendMessage(url: string, data: any): Observable { const CreatURL = environment.urlCL.concat('/').concat(url); - console.log(CreatURL, data); + //console.log(CreatURL, data); return this.http.post( CreatURL, data, From 34070afc0edef5827d66e3e9812546490a8f7c5f Mon Sep 17 00:00:00 2001 From: NyxiumYuuki Date: Sat, 29 May 2021 14:41:35 +0200 Subject: [PATCH 5/7] Auth is now working with keys --- backend/service-authentication/auth.js | 17 +++--------- backend/service-message/auth.js | 38 ++++++++++++++------------ 2 files changed, 24 insertions(+), 31 deletions(-) diff --git a/backend/service-authentication/auth.js b/backend/service-authentication/auth.js index c47a3ef..04e0f6d 100644 --- a/backend/service-authentication/auth.js +++ b/backend/service-authentication/auth.js @@ -1,30 +1,21 @@ const sessionJwt = require ('./sessionJWT'); const queries = require('./mongodbQueries'); -// ici, on récupère le contenu du cookie de session JWT. -// celui-ci contient le userId mais également des informations -// concernant sa date d'expiration. -function getSession (req) { - return sessionJwt.decodeSessionCookie(req); +function getSession (sessionid,res) { + return sessionJwt.decodeSessionCookie(sessionid,res); } module.exports.getSession = getSession; -// cette fonction ajoute le cookie de session au headers du -// message qui sera renvoyé à Angular. Si le cookie actuel -// est "vieux", on en recrée ici un nouveau. function setSessionCookie (req, res, session) { sessionJwt.createSessionCookie(req, res, session); } module.exports.setSessionCookie = setSessionCookie; -// fonction pour récupérer le userId provenant du cookie -// de session. Si ce dernier n'existe pas, on renvoie -// l'ID -1. -function getUserId(session) { +function getUsername(session) { if (typeof session.username === 'undefined') return -1; return session.username; } -module.exports.getUserId = getUserId; +module.exports.getUserId = getUsername; async function authenticate(req, res) { const login = req.body.login; diff --git a/backend/service-message/auth.js b/backend/service-message/auth.js index d198a41..2cd2d5a 100644 --- a/backend/service-message/auth.js +++ b/backend/service-message/auth.js @@ -1,26 +1,28 @@ -const sessionJwt = require ('./sessionJWT'); +const request = require('request'); -// ici, on récupère le contenu du cookie de session JWT. -// celui-ci contient le userId mais également des informations -// concernant sa date d'expiration. -function getSession (req) { - return sessionJwt.decodeSessionCookie(req); +function getSession (req, callback) { + if(typeof req.headers.cookie !== 'undefined'){ + request.post({ + headers: {'content-type' : 'application/x-www-form-urlencoded'}, + url: 'http://127.0.0.1:3000/verify:token', + body: 'sessionid='+req.headers.cookie.replace('SESSIONID=','') + },function (error, response, body) { + const bodyJson = JSON.parse(body); + if (bodyJson && bodyJson.status && bodyJson.data) { + if (bodyJson.status === 'ok') { + return callback(bodyJson.data.token); + } else { + return callback(bodyJson.data.reason); + } + } + }); + } + return callback(undefined); } module.exports.getSession = getSession; -// cette fonction ajoute le cookie de session au headers du -// message qui sera renvoyé à Angular. Si le cookie actuel -// est "vieux", on en recrée ici un nouveau. -function setSessionCookie (req, res, session) { - sessionJwt.createSessionCookie(req, res, session); -} -module.exports.setSessionCookie = setSessionCookie; - -// fonction pour récupérer le userId provenant du cookie -// de session. Si ce dernier n'existe pas, on renvoie -// l'ID -1. function getUsername(session) { - if (typeof session.username === 'undefined') return -1; + if (typeof session === 'undefined' || typeof session.username === 'undefined') return -1; return session.username; } module.exports.getUsername = getUsername; From 660d12e8415fc436e669ccb4ccf9a9416b5dd0ae Mon Sep 17 00:00:00 2001 From: NyxiumYuuki Date: Sat, 29 May 2021 14:42:08 +0200 Subject: [PATCH 6/7] Auth is now working with keys --- backend/service-authentication/server.js | 9 +- backend/service-message/server.js | 104 ++++++++++++----------- 2 files changed, 61 insertions(+), 52 deletions(-) diff --git a/backend/service-authentication/server.js b/backend/service-authentication/server.js index 7f226dc..0acca8f 100644 --- a/backend/service-authentication/server.js +++ b/backend/service-authentication/server.js @@ -19,17 +19,24 @@ mongoConnect.connectToServer(function( err, client ) { const checkLogin = require('./checkLogin'); const register = require('./register'); const queries = require('./mongodbQueries'); + const auth = require('./auth'); queries.register('Server','admin'); queries.register('khai','test'); queries.register('wilfried','test'); queries.register('yuki','test'); + app.post('/verify:token', (req, res) => { + if(typeof req.body !== 'undefined'){ + auth.getSession(req.body.sessionid,res); + } + return null; + }); + app.post('/checkLogin', (req, res) => { checkLogin(req,res); }); - app.post('/register', (req, res) => { register(req,res); }); diff --git a/backend/service-message/server.js b/backend/service-message/server.js index bb685f7..f57e942 100644 --- a/backend/service-message/server.js +++ b/backend/service-message/server.js @@ -30,59 +30,61 @@ io.on('connection',socket => { let users = {}; - const session = auth.getSession(socket.request); - const getUsername = auth.getUsername(session); - if (getUsername === -1) { - socket.emit('error','not authenticated'); - } - console.log(`${getUsername} joined the chat.`); - socket.broadcast.emit('general',[{ - username: 'Server', - date: new Date(), - channel: 'general', - message: `${getUsername} joined the chat.` - }]); - users[socket.id] = getUsername; - messages.find({}, {'_id':0},{sort: {'date':1}},(err, res) => { - if(err) throw err; - if(res.length > 0){ - //console.log(res, res.length); - socket.emit('general',res); + auth.getSession(socket.request, function(res){ + const getUsername = auth.getUsername(res); + if (getUsername === -1) { + socket.send('error','not authenticated'); + } + else{ + console.log(`${getUsername} joined the chat.`); + socket.broadcast.emit('general',[{ + username: 'Server', + date: new Date(), + channel: 'general', + message: `${getUsername} joined the chat.` + }]); + users[socket.id] = getUsername; + messages.find({}, {'_id':0},{sort: {'date':1}},(err, res) => { + if(err) throw err; + if(res.length > 0){ + //console.log(res, res.length); + socket.emit('general',res); + } + socket.emit('general',[{ + username: 'Server', + date: new Date(), + channel: 'general', + message: `${getUsername} joined the chat.` + }]); + }); + + socket.on('general',function(data){ + const username = data.username; + const date = Date.now(); + const channel = 'general'; + const message = data.message; + + messages.insertMany([{ + username: username, + date: date, + channel: channel, + message: message + } + ]).then(function(){ + console.log(data, "inserted"); + socket.broadcast.emit('general',[data]); + socket.emit('general',[data]); + }).catch(function(error){ + console.log("error",error); + }); + + }); + + socket.on("disconnect", function() { + console.log(`${getUsername} left the chat.`); + }); } - socket.emit('general',[{ - username: 'Server', - date: new Date(), - channel: 'general', - message: `${getUsername} joined the chat.` - }]); }); - - socket.on('general',function(data){ - const username = data.username; - const date = Date.now(); - const channel = 'general'; - const message = data.message; - - messages.insertMany([{ - username: username, - date: date, - channel: channel, - message: message - } - ]).then(function(){ - console.log(data, "inserted"); - socket.broadcast.emit('general',[data]); - socket.emit('general',[data]); - }).catch(function(error){ - console.log("error",error); - }); - - }); - - socket.on("disconnect", function() { - console.log(`${getUsername} left the chat.`); - }); - }); server.listen(port, () => { From 3583acfcc515560fa314c086e0f831ac088f9867 Mon Sep 17 00:00:00 2001 From: NyxiumYuuki Date: Sat, 29 May 2021 14:43:54 +0200 Subject: [PATCH 7/7] session for keys adapted for others services --- backend/service-authentication/sessionJWT.js | 64 ++++---------------- 1 file changed, 13 insertions(+), 51 deletions(-) diff --git a/backend/service-authentication/sessionJWT.js b/backend/service-authentication/sessionJWT.js index ebec454..09e7086 100644 --- a/backend/service-authentication/sessionJWT.js +++ b/backend/service-authentication/sessionJWT.js @@ -1,88 +1,50 @@ const sessionJWT = require ('jsonwebtoken'); const fs = require ('fs'); +const {sendError, sendMessage} = require ("./message"); - -// renvoie un nouveau token JWT function createSessionJWT (username) { - // ci-dessous, on met en place le cookie de session JWT : - // 1/ on recupere notre clef privee - const RSA_PRIVATE_KEY = fs.readFileSync('../keys/jwtRS256.key'); - - // 2/ on signe un token JWT. Le payload est l'identifiant de - // l'utilisateur ainsi qu'une date d'expiration à mi-parcours : - // on récupérra ultérieurement ces informations, qui permettront - // de savoir si le token est valide ou non et de connaître l'ID - // de l'utilisateur. Dans le token, le champ exp indique la date - // de validité du token (pas besoin de se relogguer tant que la - // date actuelle est inférieure à exp) et le champ midExp indique - // à partir de quel moment on doit recréer un nouveau cookie de - // session. - const jwtToken = sessionJWT.sign( + const RSA_PRIVATE_KEY = fs.readFileSync('./keys/jwtRS256.key'); + return sessionJWT.sign( { username: username, - midExp: Math.floor(Date.now() / 1000) + 1800 // validité: 30mn + midExp: Math.floor(Date.now() / 1000) + 1800 }, RSA_PRIVATE_KEY, { algorithm: 'RS256', - expiresIn: '1h' // champ exp: validité 1h - }); - - return jwtToken; + expiresIn: '1h' + } + ); } - -// crée un cookie de session JWT (Si le JWT de la requête est encore valide, -// on l'utilise, sinon on en recrée un nouveau) function createSessionCookie(req, res, payload) { - // on regarde si le payload contient les champs userId et midExp. Si c'est le - // cas, c'est qu'on a reçu dans la request un cookie. On va donc vérifier si - // ce cookie est encore valide ou non : si la date actuelle est inférieure à - // midExp, alors le cookie est encore valide et on peut le renvoyer. Sinon, - // on doit recalculer un nouveau cookie. - let jwtToken = ''; + let jwtToken; if ((typeof payload.username !== 'undefined') && (typeof payload.midExp !== 'undefined') && (Math.floor(Date.now() / 1000) <= payload.midExp)) { jwtToken = req.headers.cookie; } else { - // on crée - // un nouveau cookie jwtToken = createSessionJWT(payload.username); } - - // on renvoie le cookie au client - // on met le secure à false afin de pouvoir utiliser http plutôt que https res.cookie('SESSIONID', jwtToken, {httpOnly:true, secure:false}); } module.exports.createSessionCookie = createSessionCookie; - -// décode un cookie de session et renvoie les informations contenues dans ce -// cookie, notamment le userId. Si le cookie n'existe pas, la fonction renvoie -// juste un objet avec un userId égal à -1. -function decodeSessionCookie(req) { - // si l'on n'a pas de cookie de session, on renvoie une session avec vide, - // avec juste un userId à -1 - - if (typeof req.headers.cookie === 'undefined') { +function decodeSessionCookie(sessionid, res) { + if (typeof sessionid === 'undefined') { return { username: -1 }; } - const sessionid = req.headers.cookie.replace('SESSIONID=',''); - // on lit la clef publique - const RSA_PUBLIC_KEY = fs.readFileSync('../keys/jwtRS256.key.pub'); - - // on récupère les données du cookie + const RSA_PUBLIC_KEY = fs.readFileSync('./keys/jwtRS256.key.pub'); try { const token = sessionJWT.verify( sessionid, RSA_PUBLIC_KEY, {algorithms: ['RS256']}); - return token; + return sendMessage(res,{token: token}); } catch (err) { - return {username: err}; + return sendError(res,{username: -1}); } } module.exports.decodeSessionCookie = decodeSessionCookie;