2022-08-14 16:19:44 +02:00
|
|
|
import logging
|
2022-08-01 22:55:13 +02:00
|
|
|
from functools import wraps
|
|
|
|
from typing import Any, Callable
|
|
|
|
|
2023-12-14 17:27:01 +01:00
|
|
|
import sentry_sdk
|
2023-10-02 01:52:22 +02:00
|
|
|
from django.conf import settings
|
2022-08-01 22:55:13 +02:00
|
|
|
from django.http import HttpRequest, HttpResponse
|
|
|
|
from django.urls import path
|
|
|
|
from django.urls.resolvers import URLPattern
|
2022-08-01 22:54:47 +02:00
|
|
|
from django.utils.crypto import constant_time_compare
|
|
|
|
from django.utils.translation import gettext as _
|
2022-09-12 07:12:34 +02:00
|
|
|
from django.views.decorators.csrf import csrf_exempt
|
2023-10-12 19:43:45 +02:00
|
|
|
from typing_extensions import Concatenate, ParamSpec, override
|
2022-08-01 22:54:47 +02:00
|
|
|
|
2022-08-01 22:55:13 +02:00
|
|
|
from zerver.decorator import get_basic_credentials, process_client
|
|
|
|
from zerver.lib.exceptions import (
|
|
|
|
ErrorCode,
|
|
|
|
JsonableError,
|
2022-11-17 09:30:48 +01:00
|
|
|
RateLimitedError,
|
2022-08-01 22:55:13 +02:00
|
|
|
RemoteServerDeactivatedError,
|
|
|
|
UnauthorizedError,
|
|
|
|
)
|
2022-08-14 16:19:44 +02:00
|
|
|
from zerver.lib.rate_limiter import should_rate_limit
|
2022-08-01 22:54:47 +02:00
|
|
|
from zerver.lib.request import RequestNotes
|
2022-09-12 07:12:34 +02:00
|
|
|
from zerver.lib.rest import default_never_cache_responses, get_target_view_function_or_response
|
2022-08-01 22:54:47 +02:00
|
|
|
from zerver.lib.subdomains import get_subdomain
|
|
|
|
from zerver.models import Realm
|
2022-08-14 16:19:44 +02:00
|
|
|
from zilencer.models import (
|
|
|
|
RateLimitedRemoteZulipServer,
|
|
|
|
RemoteZulipServer,
|
|
|
|
get_remote_server_by_uuid,
|
|
|
|
)
|
|
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
2022-08-01 22:54:47 +02:00
|
|
|
|
2022-08-01 22:55:13 +02:00
|
|
|
ParamT = ParamSpec("ParamT")
|
|
|
|
|
2022-08-01 22:54:47 +02:00
|
|
|
|
|
|
|
class InvalidZulipServerError(JsonableError):
|
|
|
|
code = ErrorCode.INVALID_ZULIP_SERVER
|
|
|
|
data_fields = ["role"]
|
|
|
|
|
|
|
|
def __init__(self, role: str) -> None:
|
|
|
|
self.role: str = role
|
|
|
|
|
|
|
|
@staticmethod
|
2023-10-12 19:43:45 +02:00
|
|
|
@override
|
2022-08-01 22:54:47 +02:00
|
|
|
def msg_format() -> str:
|
|
|
|
return "Zulip server auth failure: {role} is not registered -- did you run `manage.py register_server`?"
|
|
|
|
|
|
|
|
|
|
|
|
class InvalidZulipServerKeyError(InvalidZulipServerError):
|
|
|
|
@staticmethod
|
2023-10-12 19:43:45 +02:00
|
|
|
@override
|
2022-08-01 22:54:47 +02:00
|
|
|
def msg_format() -> str:
|
|
|
|
return "Zulip server auth failure: key does not match role {role}"
|
|
|
|
|
|
|
|
|
2022-08-14 16:19:44 +02:00
|
|
|
def rate_limit_remote_server(
|
|
|
|
request: HttpRequest, remote_server: RemoteZulipServer, domain: str
|
|
|
|
) -> None:
|
2022-08-14 21:14:52 +02:00
|
|
|
if not should_rate_limit(request):
|
|
|
|
return
|
|
|
|
|
2022-08-14 16:19:44 +02:00
|
|
|
try:
|
|
|
|
RateLimitedRemoteZulipServer(remote_server, domain=domain).rate_limit_request(request)
|
2022-11-17 09:30:48 +01:00
|
|
|
except RateLimitedError as e:
|
2023-03-09 07:26:45 +01:00
|
|
|
logger.warning("Remote server %s exceeded rate limits on domain %s", remote_server, domain)
|
2022-08-14 16:19:44 +02:00
|
|
|
raise e
|
|
|
|
|
|
|
|
|
2022-08-01 22:54:47 +02:00
|
|
|
def validate_remote_server(
|
|
|
|
request: HttpRequest,
|
|
|
|
role: str,
|
|
|
|
api_key: str,
|
|
|
|
) -> RemoteZulipServer:
|
2023-12-14 17:18:12 +01:00
|
|
|
log_data = RequestNotes.get_notes(request).log_data
|
|
|
|
assert log_data is not None
|
2022-08-01 22:54:47 +02:00
|
|
|
try:
|
|
|
|
remote_server = get_remote_server_by_uuid(role)
|
|
|
|
except RemoteZulipServer.DoesNotExist:
|
2023-12-14 17:18:12 +01:00
|
|
|
log_data["extra"] = "[invalid-server]"
|
2022-08-01 22:54:47 +02:00
|
|
|
raise InvalidZulipServerError(role)
|
|
|
|
if not constant_time_compare(api_key, remote_server.api_key):
|
2023-12-14 17:18:12 +01:00
|
|
|
log_data["extra"] = "[invalid-server-key]"
|
2022-08-01 22:54:47 +02:00
|
|
|
raise InvalidZulipServerKeyError(role)
|
|
|
|
|
|
|
|
if remote_server.deactivated:
|
2023-12-14 17:18:12 +01:00
|
|
|
log_data["extra"] = "[deactivated-server]"
|
2023-02-04 02:07:20 +01:00
|
|
|
raise RemoteServerDeactivatedError
|
2023-10-02 01:52:22 +02:00
|
|
|
if (
|
|
|
|
get_subdomain(request) != Realm.SUBDOMAIN_FOR_ROOT_DOMAIN
|
|
|
|
and not settings.DEVELOPMENT_DISABLE_PUSH_BOUNCER_DOMAIN_CHECK
|
|
|
|
):
|
|
|
|
# Sometimes we may want to test push bouncer logic in development.
|
2023-12-14 17:18:12 +01:00
|
|
|
log_data["extra"] = "[invalid-domain]"
|
2022-08-01 22:54:47 +02:00
|
|
|
raise JsonableError(_("Invalid subdomain for push notifications bouncer"))
|
|
|
|
RequestNotes.get_notes(request).remote_server = remote_server
|
|
|
|
process_client(request)
|
2023-12-14 17:27:01 +01:00
|
|
|
sentry_sdk.set_user({"server": remote_server.uuid})
|
2022-08-01 22:54:47 +02:00
|
|
|
return remote_server
|
2022-08-01 22:55:13 +02:00
|
|
|
|
|
|
|
|
|
|
|
def authenticated_remote_server_view(
|
|
|
|
view_func: Callable[Concatenate[HttpRequest, RemoteZulipServer, ParamT], HttpResponse]
|
|
|
|
) -> Callable[Concatenate[HttpRequest, ParamT], HttpResponse]:
|
|
|
|
@wraps(view_func)
|
|
|
|
def _wrapped_view_func(
|
|
|
|
request: HttpRequest, /, *args: ParamT.args, **kwargs: ParamT.kwargs
|
|
|
|
) -> HttpResponse:
|
|
|
|
role, api_key = get_basic_credentials(request)
|
|
|
|
if "@" in role:
|
2023-12-14 17:18:12 +01:00
|
|
|
log_data = RequestNotes.get_notes(request).log_data
|
|
|
|
assert log_data is not None
|
|
|
|
log_data["extra"] = "[non-server-key]"
|
2022-08-01 22:55:13 +02:00
|
|
|
raise JsonableError(_("Must validate with valid Zulip server API key"))
|
|
|
|
try:
|
|
|
|
remote_server = validate_remote_server(request, role, api_key)
|
|
|
|
except JsonableError as e:
|
|
|
|
raise UnauthorizedError(e.msg)
|
|
|
|
|
2022-08-14 21:14:52 +02:00
|
|
|
rate_limit_remote_server(request, remote_server, domain="api_by_remote_server")
|
2022-08-01 22:55:13 +02:00
|
|
|
return view_func(request, remote_server, *args, **kwargs)
|
|
|
|
|
|
|
|
return _wrapped_view_func
|
|
|
|
|
|
|
|
|
2022-09-12 07:12:34 +02:00
|
|
|
@default_never_cache_responses
|
|
|
|
@csrf_exempt
|
2022-09-19 22:21:56 +02:00
|
|
|
def remote_server_dispatch(request: HttpRequest, /, **kwargs: Any) -> HttpResponse:
|
2022-08-01 22:55:13 +02:00
|
|
|
result = get_target_view_function_or_response(request, kwargs)
|
|
|
|
if isinstance(result, HttpResponse):
|
|
|
|
return result
|
|
|
|
target_function, view_flags = result
|
|
|
|
return authenticated_remote_server_view(target_function)(request, **kwargs)
|
|
|
|
|
|
|
|
|
|
|
|
def remote_server_path(
|
|
|
|
route: str,
|
|
|
|
**handlers: Callable[Concatenate[HttpRequest, RemoteZulipServer, ParamT], HttpResponse],
|
|
|
|
) -> URLPattern:
|
|
|
|
return path(route, remote_server_dispatch, handlers)
|