Synchronize saved GitHub user tokens
Issue #529. Having a server down breaks the process currently. That will be addressed in a later commit.
This commit is contained in:
parent
419483f24e
commit
c403e367f7
|
@ -4,13 +4,16 @@
|
|||
var querystring = require('querystring');
|
||||
var request = require('request');
|
||||
var autosave = require('json-autosave');
|
||||
var githubUserTokens = autosave('github-user-tokens.json', {data:[]});
|
||||
var serverSecrets;
|
||||
try {
|
||||
// Everything that cannot be checked in but is useful server-side
|
||||
// is stored in this JSON data.
|
||||
serverSecrets = require('../secret.json');
|
||||
} catch(e) {}
|
||||
var githubUserTokens;
|
||||
autosave('github-user-tokens.json', {data:[]}).then(function(f) {
|
||||
githubUserTokens = f;
|
||||
}).catch(function(e) { console.error('Could not create github-user-tokens.json'); });
|
||||
|
||||
function setRoutes(server) {
|
||||
server.route(/^\/github-auth$/, function(data, match, end, ask) {
|
||||
|
@ -46,8 +49,7 @@ function setRoutes(server) {
|
|||
}),
|
||||
method: 'POST',
|
||||
};
|
||||
console.log(JSON.stringify(options));
|
||||
request.post(options, function(err, res, body) {
|
||||
request(options, function(err, res, body) {
|
||||
if (err != null) { return end('The connection to GitHub failed'); }
|
||||
try {
|
||||
var content = querystring.parse(body);
|
||||
|
@ -58,35 +60,52 @@ function setRoutes(server) {
|
|||
}
|
||||
console.log('GitHub OAuth: ' + token);
|
||||
|
||||
// FIXME: synchronize things in the background.
|
||||
// Send the token to all of those IPs.
|
||||
var ips = serverSecrets.shieldsIps;
|
||||
Promise.all(ips.map(function(ip) {
|
||||
return new Promise(function(resolve, reject) {
|
||||
var options = {
|
||||
uri: 'https://' + ip + '/github-auth/add-token',
|
||||
url: 'https://' + ip + '/github-auth/add-token',
|
||||
method: 'POST',
|
||||
form: {
|
||||
shieldsSecret: serverSecrets.shieldsSecret,
|
||||
token: token,
|
||||
},
|
||||
// We target servers by IP, and we use HTTPS. Assuming that
|
||||
// 1. Internet routers aren't hacked, and
|
||||
// 2. We don't unknowingly lose our IP to someone else,
|
||||
// we're not leaking people's and our information.
|
||||
// (If we did, it would have no impact, as we only ask for a token,
|
||||
// no GitHub scope. The malicious entity would only be able to use
|
||||
// our rate limit pool.)
|
||||
// FIXME: use letsencrypt.
|
||||
strictSSL: false,
|
||||
};
|
||||
request.post(options, function(err, res, body) {
|
||||
if (err != null) { return reject('Posting the GitHub user token failed'); }
|
||||
request(options, function(err, res, body) {
|
||||
if (err != null) { return reject('Posting the GitHub user token failed: ' + err.stack); }
|
||||
resolve();
|
||||
});
|
||||
});
|
||||
})).then(function() {
|
||||
end('Done!');
|
||||
}).catch(function(e) {
|
||||
console.error('GitHub user token transmission failed:', e);
|
||||
end('Horror! Something went wrong. Please try again.');
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
server.route(/^\/github-auth\/add-token$/, function(data, match, end, ask) {
|
||||
console.log('GitHub add token called with', JSON.stringify(data));
|
||||
if (data.shieldsSecret !== serverSecrets.shieldsSecret) {
|
||||
// An unknown entity tries to connect. Let the connection linger for a minute.
|
||||
return setTimeout(function() { end('Invalid secret'); }, 60000);
|
||||
}
|
||||
githubUserTokens.data.push(data.token);
|
||||
// Insert it only if it is not registered yet.
|
||||
if (githubUserTokens.data.indexOf(data.token) === -1) {
|
||||
githubUserTokens.data.push(data.token);
|
||||
}
|
||||
end('Thanks!');
|
||||
});
|
||||
};
|
||||
|
|
|
@ -28,7 +28,7 @@
|
|||
"bower": "~1.4.1",
|
||||
"promise": "~7.0.0",
|
||||
"chrome-web-store-item-property": "^1.1.2",
|
||||
"json-autosave": "~1.1.0"
|
||||
"json-autosave": "~1.1.1"
|
||||
},
|
||||
"devDependencies": {
|
||||
"ass": "~0.0.6",
|
||||
|
|
Loading…
Reference in New Issue
Block a user