/* global log, textsecure, libloki, Signal, Whisper, ConversationController, clearTimeout, MessageController, libsignal, StringView, window, _, dcodeIO, Buffer, lokiSnodeAPI, TextDecoder, process */ const nodeFetch = require('node-fetch'); const { URL, URLSearchParams } = require('url'); const FormData = require('form-data'); const https = require('https'); const path = require('path'); const lokiRpcUtils = require('./loki_rpc'); // Can't be less than 1200 if we have unauth'd requests const PUBLICCHAT_MSG_POLL_EVERY = 1.5 * 1000; // 1.5s const PUBLICCHAT_CHAN_POLL_EVERY = 20 * 1000; // 20s const PUBLICCHAT_DELETION_POLL_EVERY = 5 * 1000; // 5s const PUBLICCHAT_MOD_POLL_EVERY = 30 * 1000; // 30s const PUBLICCHAT_MIN_TIME_BETWEEN_DUPLICATE_MESSAGES = 10 * 1000; // 10s // FIXME: replace with something on urlPubkeyMap... const FILESERVER_HOSTS = [ 'file-dev.lokinet.org', 'file.lokinet.org', 'file-dev.getsession.org', 'file.getsession.org', ]; const LOKIFOUNDATION_DEVFILESERVER_PUBKEY = 'BSZiMVxOco/b3sYfaeyiMWv/JnqokxGXkHoclEx8TmZ6'; const LOKIFOUNDATION_FILESERVER_PUBKEY = 'BWJQnVm97sQE3Q1InB4Vuo+U/T1hmwHBv0ipkiv8tzEc'; const urlPubkeyMap = { 'https://file-dev.getsession.org': LOKIFOUNDATION_DEVFILESERVER_PUBKEY, 'https://file-dev.lokinet.org': LOKIFOUNDATION_DEVFILESERVER_PUBKEY, 'https://file.getsession.org': LOKIFOUNDATION_FILESERVER_PUBKEY, 'https://file.lokinet.org': LOKIFOUNDATION_FILESERVER_PUBKEY, }; const HOMESERVER_USER_ANNOTATION_TYPE = 'network.loki.messenger.homeserver'; const AVATAR_USER_ANNOTATION_TYPE = 'network.loki.messenger.avatar'; const SETTINGS_CHANNEL_ANNOTATION_TYPE = 'net.patter-app.settings'; const MESSAGE_ATTACHMENT_TYPE = 'net.app.core.oembed'; const LOKI_ATTACHMENT_TYPE = 'attachment'; const LOKI_PREVIEW_TYPE = 'preview'; const snodeHttpsAgent = new https.Agent({ rejectUnauthorized: false, }); const timeoutDelay = ms => new Promise(resolve => setTimeout(resolve, ms)); const sendViaOnion = async (srvPubKey, url, fetchOptions, options = {}) => { if (!srvPubKey) { log.error( 'loki_app_dot_net:::sendViaOnion - called without a server public key' ); return {}; } // set retry count if (options.retry === undefined) { // eslint-disable-next-line no-param-reassign options.retry = 0; // eslint-disable-next-line no-param-reassign options.requestNumber = window.lokiSnodeAPI.assignOnionRequestNumber(); } const payloadObj = { method: fetchOptions.method || 'GET', body: fetchOptions.body || '', // safety issue with file server, just safer to have this headers: fetchOptions.headers || {}, // no initial / endpoint: url.pathname.replace(/^\//, ''), }; if (url.search) { payloadObj.endpoint += url.search; } // from https://github.com/sindresorhus/is-stream/blob/master/index.js if ( payloadObj.body && typeof payloadObj.body === 'object' && typeof payloadObj.body.pipe === 'function' ) { const fData = payloadObj.body.getBuffer(); const fHeaders = payloadObj.body.getHeaders(); // update headers for boundary payloadObj.headers = { ...payloadObj.headers, ...fHeaders }; // update body with base64 chunk payloadObj.body = { fileUpload: fData.toString('base64'), }; } let pathNodes = []; try { pathNodes = await lokiSnodeAPI.getOnionPath(); } catch (e) { log.error( `loki_app_dot_net:::sendViaOnion #${options.requestNumber} - getOnionPath Error ${e.code} ${e.message}` ); } if (!pathNodes || !pathNodes.length) { log.warn( `loki_app_dot_net:::sendViaOnion #${options.requestNumber} - failing, no path available` ); // should we retry? return {}; } // do the request let result; try { result = await lokiRpcUtils.sendOnionRequestLsrpcDest( 0, pathNodes, srvPubKey, url.host, payloadObj, options.requestNumber ); } catch (e) { log.error( 'loki_app_dot_net:::sendViaOnion - lokiRpcUtils error', e.code, e.message ); return {}; } if (result === lokiRpcUtils.BAD_PATH) { return {}; } // handle error/retries if (!result.status) { log.error( `loki_app_dot_net:::sendViaOnion #${options.requestNumber} - Retry #${options.retry} Couldnt handle onion request, retrying`, payloadObj ); return sendViaOnion(srvPubKey, url, fetchOptions, { ...options, retry: options.retry + 1, counter: options.requestNumber, }); } if (options.noJson) { return { result, txtResponse: result.body, response: { data: result.body, headers: result.headers, }, }; } // get the return variables we need let response = {}; let txtResponse = ''; let { body } = result; if (typeof body === 'string') { // adn does uses this path // log.info(`loki_app_dot_net:::sendViaOnion - got text response ${url.toString()}`); txtResponse = result.body; try { body = JSON.parse(result.body); } catch (e) { log.error( `loki_app_dot_net:::sendViaOnion #${options.requestNumber} - Cant decode JSON body`, typeof result.body, result.body ); } } else { // why is // https://chat-dev.lokinet.org/loki/v1/channel/1/deletes?count=200&since_id= // difference in response than all the other calls.... log.info( `loki_app_dot_net:::sendViaOnion #${ options.requestNumber } - got object response ${url.toString()}` ); } // result.status has the http response code if (!txtResponse) { txtResponse = JSON.stringify(body); } response = body; response.headers = result.headers; return { result, txtResponse, response }; }; const sendToProxy = async (srvPubKey, endpoint, fetchOptions, options = {}) => { if (!srvPubKey) { log.error( 'loki_app_dot_net:::sendToProxy - called without a server public key' ); return {}; } const payloadObj = { body: fetchOptions.body, // might need to b64 if binary... endpoint, method: fetchOptions.method, // safety issue with file server, just safer to have this headers: fetchOptions.headers || {}, }; // from https://github.com/sindresorhus/is-stream/blob/master/index.js let fileUpload = false; if ( payloadObj.body && typeof payloadObj.body === 'object' && typeof payloadObj.body.pipe === 'function' ) { const fData = payloadObj.body.getBuffer(); const fHeaders = payloadObj.body.getHeaders(); // update headers for boundary payloadObj.headers = { ...payloadObj.headers, ...fHeaders }; // update body with base64 chunk payloadObj.body = { fileUpload: fData.toString('base64'), }; fileUpload = true; } // use nodes that support more than 1mb const randomFunc = fileUpload ? 'getRandomProxySnodeAddress' : 'getRandomSnodeAddress'; const randSnode = await lokiSnodeAPI[randomFunc](); if (randSnode === false) { log.warn('proxy random snode pool is not ready, retrying 10s', endpoint); // no nodes in the pool yet, give it some time and retry await timeoutDelay(1000); return sendToProxy(srvPubKey, endpoint, fetchOptions, options); } const url = `https://${randSnode.ip}:${randSnode.port}/file_proxy`; // convert our payload to binary buffer const payloadData = Buffer.from( dcodeIO.ByteBuffer.wrap(JSON.stringify(payloadObj)).toArrayBuffer() ); payloadObj.body = false; // free memory // make temporary key for this request/response // async maybe preferable to avoid cpu spikes // but I think sync might be more apt in cases like sending... const ephemeralKey = await libloki.crypto.generateEphemeralKeyPair(); // mix server pub key with our priv key const symKey = await libsignal.Curve.async.calculateAgreement( srvPubKey, // server's pubkey ephemeralKey.privKey // our privkey ); const ivAndCiphertext = await libloki.crypto.DHEncrypt(symKey, payloadData); // convert final buffer to base64 const cipherText64 = dcodeIO.ByteBuffer.wrap(ivAndCiphertext).toString( 'base64' ); const ephemeralPubKey64 = dcodeIO.ByteBuffer.wrap( ephemeralKey.pubKey ).toString('base64'); const finalRequestHeader = { 'X-Loki-File-Server-Ephemeral-Key': ephemeralPubKey64, }; const firstHopOptions = { method: 'POST', // not sure why I can't use anything but json... // text/plain would be preferred... body: JSON.stringify({ cipherText64 }), headers: { 'Content-Type': 'application/json', 'X-Loki-File-Server-Target': '/loki/v1/secure_rpc', 'X-Loki-File-Server-Verb': 'POST', 'X-Loki-File-Server-Headers': JSON.stringify(finalRequestHeader), }, // we are talking to a snode... agent: snodeHttpsAgent, }; // weird this doesn't need NODE_TLS_REJECT_UNAUTHORIZED = '0' const result = await nodeFetch(url, firstHopOptions); const txtResponse = await result.text(); if (txtResponse.match(/^Service node is not ready: not in any swarm/i)) { // mark snode bad const randomPoolRemainingCount = lokiSnodeAPI.markRandomNodeUnreachable( randSnode ); log.warn( `loki_app_dot_net:::sendToProxy - Marking random snode bad, internet address ${randSnode.ip}:${randSnode.port}. ${randomPoolRemainingCount} snodes remaining in randomPool` ); // retry (hopefully with new snode) // FIXME: max number of retries... return sendToProxy(srvPubKey, endpoint, fetchOptions, options); } let response = {}; try { response = JSON.parse(txtResponse); } catch (e) { log.warn( `loki_app_dot_net:::sendToProxy - Could not parse outer JSON [${txtResponse}]`, endpoint, 'on', url ); } if (response.meta && response.meta.code === 200) { // convert base64 in response to binary const ivAndCiphertextResponse = dcodeIO.ByteBuffer.wrap( response.data, 'base64' ).toArrayBuffer(); const decrypted = await libloki.crypto.DHDecrypt( symKey, ivAndCiphertextResponse ); const textDecoder = new TextDecoder(); const respStr = textDecoder.decode(decrypted); // replace response try { response = options.textResponse ? respStr : JSON.parse(respStr); } catch (e) { log.warn( `loki_app_dot_net:::sendToProxy - Could not parse inner JSON [${respStr}]`, endpoint, 'on', url ); } } else { log.warn( 'loki_app_dot_net:::sendToProxy - file server secure_rpc gave an non-200 response: ', response, ` txtResponse[${txtResponse}]`, endpoint ); } return { result, txtResponse, response }; }; const serverRequest = async (endpoint, options = {}) => { const { params = {}, method, rawBody, objBody, token, srvPubKey, forceFreshToken = false, } = options; const url = new URL(endpoint); if (params) { url.search = new URLSearchParams(params); } const fetchOptions = {}; const headers = {}; try { if (token) { headers.Authorization = `Bearer ${token}`; } if (method) { fetchOptions.method = method; } if (objBody) { headers['Content-Type'] = 'application/json'; fetchOptions.body = JSON.stringify(objBody); } else if (rawBody) { fetchOptions.body = rawBody; } fetchOptions.headers = headers; // domain ends in .loki if (url.host.match(/\.loki$/i)) { fetchOptions.agent = snodeHttpsAgent; } } catch (e) { log.error( 'loki_app_dot_net:::serverRequest - set up error:', e.code, e.message ); return { err: e, }; } let response; let result; let txtResponse; let mode = 'nodeFetch'; try { const host = url.host.toLowerCase(); // log.info('host', host, FILESERVER_HOSTS); if ( window.lokiFeatureFlags.useFileOnionRequests && FILESERVER_HOSTS.includes(host) ) { mode = 'sendViaOnion'; ({ response, txtResponse, result } = await sendViaOnion( srvPubKey, url, fetchOptions, options )); } else if (window.lokiFeatureFlags.useFileOnionRequests && srvPubKey) { mode = 'sendViaOnionOG'; ({ response, txtResponse, result } = await sendViaOnion( srvPubKey, url, fetchOptions, options )); } else if ( window.lokiFeatureFlags.useSnodeProxy && FILESERVER_HOSTS.includes(host) ) { mode = 'sendToProxy'; // url.search automatically includes the ? part const search = url.search || ''; // strip first slash const endpointWithQS = `${url.pathname}${search}`.replace(/^\//, ''); ({ response, txtResponse, result } = await sendToProxy( srvPubKey, endpointWithQS, fetchOptions, options )); } else { // disable check for .loki process.env.NODE_TLS_REJECT_UNAUTHORIZED = host.match(/\.loki$/i) ? '0' : '1'; result = await nodeFetch(url, fetchOptions); // always make sure this check is enabled process.env.NODE_TLS_REJECT_UNAUTHORIZED = '1'; txtResponse = await result.text(); // cloudflare timeouts (504s) will be html... response = options.textResponse ? txtResponse : JSON.parse(txtResponse); // result.status will always be 200 // emulate the correct http code if available if (response && response.meta && response.meta.code) { result.status = response.meta.code; } } } catch (e) { if (txtResponse) { log.error( `loki_app_dot_net:::serverRequest - ${mode} error`, e.code, e.message, `json: ${txtResponse}`, 'attempting connection to', url ); } else { log.error( `loki_app_dot_net:::serverRequest - ${mode} error`, e.code, e.message, 'attempting connection to', url ); } if (mode === 'sendToProxy') { // if we can detect, certain types of failures, we can retry... if (e.code === 'ECONNRESET') { // retry with counter? } } return { err: e, }; } if (!result) { return { err: 'noResult', response, }; } // if it's a response style with a meta if (result.status !== 200) { if (!forceFreshToken && (!response.meta || response.meta.code === 401)) { // retry with forcing a fresh token return serverRequest(endpoint, { ...options, forceFreshToken: true, }); } return { err: 'statusCode', statusCode: result.status, response, }; } return { statusCode: result.status, response, }; }; // the core ADN class that handles all communication with a specific server class LokiAppDotNetServerAPI { constructor(ourKey, url) { this.ourKey = ourKey; this.channels = []; this.tokenPromise = null; this.baseServerUrl = url; log.info(`LokiAppDotNetAPI registered server ${url}`); } async open() { // check token, we're not sure how long we were asleep, token may have expired await this.getOrRefreshServerToken(); // now that we have a working token, start up pollers this.channels.forEach(channel => channel.open()); } async close() { this.channels.forEach(channel => channel.stop()); // match sure our pending requests are finished // in case it's still starting up if (this.tokenPromise) { await this.tokenPromise; } } // channel getter/factory async findOrCreateChannel(chatAPI, channelId, conversationId) { let thisChannel = this.channels.find( channel => channel.channelId === channelId ); if (!thisChannel) { // make sure we're subscribed // eventually we'll need to move to account registration/add server await this.serverRequest(`channels/${channelId}/subscribe`, { method: 'POST', }); thisChannel = new LokiPublicChannelAPI( chatAPI, this, channelId, conversationId ); log.info( 'LokiPublicChannelAPI started for', channelId, 'on', this.baseServerUrl ); this.channels.push(thisChannel); } return thisChannel; } async partChannel(channelId) { log.info('partChannel', channelId, 'from', this.baseServerUrl); await this.serverRequest(`channels/${channelId}/subscribe`, { method: 'DELETE', }); this.unregisterChannel(channelId); } // deallocate resources channel uses unregisterChannel(channelId) { log.info('unregisterChannel', channelId, 'from', this.baseServerUrl); let thisChannel; let i = 0; for (; i < this.channels.length; i += 1) { if (this.channels[i].channelId === channelId) { thisChannel = this.channels[i]; break; } } if (!thisChannel) { return; } thisChannel.stop(); this.channels.splice(i, 1); } // set up pubKey & pubKeyHex properties // optionally called for mainly file server comms getPubKeyForUrl() { if ( !window.lokiFeatureFlags.useSnodeProxy && !window.lokiFeatureFlags.useOnionRequests ) { // pubkeys don't matter return ''; } // Hard coded let pubKeyAB; if (urlPubkeyMap && urlPubkeyMap[this.baseServerUrl]) { pubKeyAB = window.Signal.Crypto.base64ToArrayBuffer( urlPubkeyMap[this.baseServerUrl] ); } // do we have their pubkey locally? // FIXME: this._server won't be set yet... // can't really do this for the file server because we'll need the key // before we can communicate with lsrpc if (window.lokiFeatureFlags.useFileOnionRequests) { if ( window.lokiPublicChatAPI && window.lokiPublicChatAPI.openGroupPubKeys && window.lokiPublicChatAPI.openGroupPubKeys[this.baseServerUrl] ) { pubKeyAB = window.lokiPublicChatAPI.openGroupPubKeys[this.baseServerUrl]; } } else if (window.lokiFeatureFlags.useSnodeProxy) { // if in proxy mode, replace with "file."... // it only supports this host... pubKeyAB = window.Signal.Crypto.base64ToArrayBuffer( LOKIFOUNDATION_FILESERVER_PUBKEY ); } // else will fail validation later // now that key is loaded, lets verify if (pubKeyAB && pubKeyAB.byteLength && pubKeyAB.byteLength !== 33) { log.error('FILESERVER PUBKEY is invalid, length:', pubKeyAB.byteLength); process.exit(1); } this.pubKey = pubKeyAB; this.pubKeyHex = StringView.arrayBufferToHex(pubKeyAB); return pubKeyAB; } async setProfileName(profileName) { // when we add an annotation, may need this /* const privKey = await this.getPrivateKey(); // we might need an annotation that sets the homeserver for media // better to include this with each attachment... const objToSign = { name: profileName, version: 1, annotations: [], }; const sig = await libsignal.Curve.async.calculateSignature( privKey, JSON.stringify(objToSign) ); */ // You cannot use null to clear the profile name // the name key has to be set to know what value we want changed const pName = profileName || ''; const res = await this.serverRequest('users/me', { method: 'PATCH', objBody: { name: pName, }, }); // no big deal if it fails... if (res.err || !res.response || !res.response.data) { if (res.err) { log.error( `setProfileName Error ${res.err} ${res.statusCode}`, this.baseServerUrl ); } return []; } // expecting a user object return res.response.data.annotations || []; // if no profileName should we update the local from the server? // no because there will be multiple public chat servers } async setHomeServer(homeServer) { const res = await this.serverRequest('users/me', { method: 'PATCH', objBody: { annotations: [ { type: HOMESERVER_USER_ANNOTATION_TYPE, value: homeServer, }, ], }, }); if (res.err || !res.response || !res.response.data) { if (res.err) { log.error(`setHomeServer Error ${res.err}`); } return []; } // expecting a user object return res.response.data.annotations || []; } async setAvatar(url, profileKey) { let value; // undefined will save bandwidth on the annotation if we don't need it (no avatar) if (url && profileKey) { value = { url, profileKey }; } return this.setSelfAnnotation(AVATAR_USER_ANNOTATION_TYPE, value); } // get active token for this server async getOrRefreshServerToken(forceRefresh = false) { let token; if (!forceRefresh) { if (this.token) { return this.token; } token = await Signal.Data.getPublicServerTokenByServerUrl( this.baseServerUrl ); } if (!token) { token = await this.refreshServerToken(); if (token) { await Signal.Data.savePublicServerToken({ serverUrl: this.baseServerUrl, token, }); } } this.token = token; // if no token to verify, just bail now if (!token) { // if we haven't forced it if (!forceRefresh) { // try one more time with requesting a fresh token token = await this.getOrRefreshServerToken(true); } return token; } // verify token info const tokenRes = await this.serverRequest('token'); // if no problems and we have data if ( !tokenRes.err && tokenRes.response && tokenRes.response.data && tokenRes.response.data.user ) { // get our profile name // this should be primaryDevicePubKey // because the rest of the profile system uses that... const ourNumber = window.storage.get('primaryDevicePubKey') || textsecure.storage.user.getNumber(); const profileConvo = ConversationController.get(ourNumber); const profile = profileConvo && profileConvo.getLokiProfile(); const profileName = profile && profile.displayName; // if doesn't match, write it to the network if (tokenRes.response.data.user.name !== profileName) { // update our profile name if it got out of sync this.setProfileName(profileName); } } if (tokenRes.err) { log.error(`token err`, tokenRes); // didn't already try && this specific error if ( !forceRefresh && tokenRes.response && tokenRes.response.meta && tokenRes.response.meta.code === 401 ) { // this token is not good this.token = ''; // remove from object await Signal.Data.savePublicServerToken({ serverUrl: this.baseServerUrl, token: '', }); token = await this.getOrRefreshServerToken(true); } } return token; } // get active token from server (but only allow one request at a time) async refreshServerToken() { // if currently not in progress if (this.tokenPromise === null) { // FIXME: add timeout // a broken/stuck token endpoint can prevent you from removing channels // set lock this.tokenPromise = new Promise(async res => { // request the token const token = await this.requestToken(); if (!token) { res(null); return; } // activate the token const registered = await this.submitToken(token); if (!registered) { res(null); return; } // resolve promise to release lock res(token); }); } // wait until we have it set const token = await this.tokenPromise; // clear lock this.tokenPromise = null; return token; } // request an token from the server async requestToken() { let res; try { const url = new URL(`${this.baseServerUrl}/loki/v1/get_challenge`); const params = { pubKey: this.ourKey, }; url.search = new URLSearchParams(params); res = await this.proxyFetch(url); } catch (e) { // should we retry here? // no, this is the low level function // not really an error, from a client's pov, network servers can fail... if (e.code === 'ECONNREFUSED') { // down log.warn( 'requestToken request can not connect', this.baseServerUrl, e.message ); } else if (e.code === 'ECONNRESET') { // got disconnected log.warn( 'requestToken request lost connection', this.baseServerUrl, e.message ); } else { log.error( 'requestToken request failed', this.baseServerUrl, e.code, e.message ); } return null; } if (!res.ok) { log.error('requestToken request failed'); return null; } const body = await res.json(); const token = await libloki.crypto.decryptToken(body); return token; } // activate token async submitToken(token) { const fetchOptions = { method: 'POST', headers: { 'Content-Type': 'application/json', }, body: JSON.stringify({ pubKey: this.ourKey, token, }), }; try { const res = await this.proxyFetch( new URL(`${this.baseServerUrl}/loki/v1/submit_challenge`), fetchOptions, { textResponse: true } ); return res.ok; } catch (e) { log.error('submitToken proxyFetch failure', e.code, e.message); return false; } } async proxyFetch(urlObj, fetchOptions = { method: 'GET' }, options = {}) { if ( window.lokiFeatureFlags.useSnodeProxy && (this.baseServerUrl === 'https://file-dev.lokinet.org' || this.baseServerUrl === 'https://file.lokinet.org' || this.baseServerUrl === 'https://file-dev.getsession.org' || this.baseServerUrl === 'https://file.getsession.org') ) { const finalOptions = { ...fetchOptions }; if (!fetchOptions.method) { finalOptions.method = 'GET'; } const urlStr = urlObj.toString(); const endpoint = urlStr.replace(`${this.baseServerUrl}/`, ''); const { response, result } = await sendToProxy( this.pubKey, endpoint, finalOptions, options ); // emulate nodeFetch response... return { ok: result.status === 200, json: () => response, }; } const host = urlObj.host.toLowerCase(); if (host.match(/\.loki$/)) { process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0'; } const result = nodeFetch(urlObj, fetchOptions, options); process.env.NODE_TLS_REJECT_UNAUTHORIZED = '1'; return result; } // make a request to the server async serverRequest(endpoint, options = {}) { if (options.forceFreshToken) { await this.getOrRefreshServerToken(true); } return serverRequest(`${this.baseServerUrl}/${endpoint}`, { ...options, token: this.token, srvPubKey: this.pubKey, }); } async getUserAnnotations(pubKey) { if (!pubKey) { log.warn('No pubkey provided to getUserAnnotations!'); return []; } const res = await this.serverRequest(`users/@${pubKey}`, { method: 'GET', params: { include_user_annotations: 1, }, }); if (res.err || !res.response || !res.response.data) { if (res.err) { log.error(`getUserAnnotations Error ${res.err}`); } return []; } return res.response.data.annotations || []; } async getModerators(channelId) { if (!channelId) { log.warn('No channelId provided to getModerators!'); return []; } const res = await this.serverRequest( `loki/v1/channels/${channelId}/moderators` ); return (!res.err && res.response && res.response.moderators) || []; } async addModerators(pubKeysParam) { let pubKeys = pubKeysParam; if (!Array.isArray(pubKeys)) { pubKeys = [pubKeys]; } pubKeys = pubKeys.map(key => `@${key}`); const users = await this.getUsers(pubKeys); const validUsers = users.filter(user => !!user.id); const results = await Promise.all( validUsers.map(async user => { log.info(`POSTing loki/v1/moderators/${user.id}`); const res = await this.serverRequest(`loki/v1/moderators/${user.id}`, { method: 'POST', }); return !!(!res.err && res.response && res.response.data); }) ); const anyFailures = results.some(test => !test); return anyFailures ? results : true; // return failures or total success } async removeModerators(pubKeysParam) { let pubKeys = pubKeysParam; if (!Array.isArray(pubKeys)) { pubKeys = [pubKeys]; } pubKeys = pubKeys.map(key => `@${key}`); const users = await this.getUsers(pubKeys); const validUsers = users.filter(user => !!user.id); const results = await Promise.all( validUsers.map(async user => { const res = await this.serverRequest(`loki/v1/moderators/${user.id}`, { method: 'DELETE', }); return !!(!res.err && res.response && res.response.data); }) ); const anyFailures = results.some(test => !test); return anyFailures ? results : true; // return failures or total success } async getSubscribers(channelId, wantObjects) { if (!channelId) { log.warn('No channelId provided to getSubscribers!'); return []; } let res = {}; if (!Array.isArray(channelId) && wantObjects) { res = await this.serverRequest(`channels/${channelId}/subscribers`, { method: 'GET', params: { include_user_annotations: 1, }, }); } else { // not deployed on all backends yet res.err = 'array subscribers endpoint not yet implemented'; /* var list = channelId; if (!Array.isArray(list)) { list = [channelId]; } const idres = await this.serverRequest(`channels/subscribers/ids`, { method: 'GET', params: { ids: list.join(','), include_user_annotations: 1, }, }); if (wantObjects) { if (idres.err || !idres.response || !idres.response.data) { if (idres.err) { log.error(`Error ${idres.err}`); } return []; } const userList = []; await Promise.all(idres.response.data.map(async channelId => { const channelUserObjs = await this.getUsers(idres.response.data[channelId]); userList.push(...channelUserObjs); })); res = { response: { meta: { code: 200, }, data: userList } } } else { res = idres; } */ } if (res.err || !res.response || !res.response.data) { if (res.err) { log.error(`getSubscribers Error ${res.err}`); } return []; } return res.response.data || []; } async getUsers(pubKeys) { if (!pubKeys) { log.warn('No pubKeys provided to getUsers!'); return []; } // ok to call without if (!pubKeys.length) { return []; } if (pubKeys.length > 200) { log.warn('Too many pubKeys given to getUsers!'); } const res = await this.serverRequest('users', { method: 'GET', params: { ids: pubKeys.join(','), include_user_annotations: 1, }, }); if (res.err || !res.response || !res.response.data) { if (res.err) { log.error( `loki_app_dot_net:::getUsers - Error: ${res.err} for ${pubKeys.join( ',' )}` ); } return []; } return res.response.data || []; } // Only one annotation at a time async setSelfAnnotation(type, value) { const annotation = { type }; // to delete annotation, omit the "value" field if (value) { annotation.value = value; } const res = await this.serverRequest('users/me', { method: 'PATCH', objBody: { annotations: [annotation], }, }); if (!res.err && res.response) { return res.response; } return false; } async uploadAvatar(data) { const endpoint = 'users/me/avatar'; const options = { method: 'POST', rawBody: data, }; const { statusCode, response } = await this.serverRequest( endpoint, options ); if (statusCode !== 200) { log.warn('Failed to upload avatar to fileserver'); return null; } const url = response.data && response.data.avatar_image && response.data.avatar_image.url; // We don't use the server id for avatars return { url, id: null, }; } // for avatar async uploadData(data) { const endpoint = 'files'; const options = { method: 'POST', rawBody: data, }; const { statusCode, response } = await this.serverRequest( endpoint, options ); if (statusCode !== 200) { log.warn('Failed to upload data to server', this.baseServerUrl); return null; } const url = response.data && response.data.url; const id = response.data && response.data.id; return { url, id, }; } // for files putAttachment(attachmentBin) { const formData = new FormData(); const buffer = Buffer.from(attachmentBin); formData.append('type', 'network.loki'); formData.append('content', buffer, { contentType: 'application/octet-stream', name: 'content', filename: 'attachment', knownLength: buffer.byteLength, }); return this.uploadData(formData); } } // functions to a specific ADN channel on an ADN server class LokiPublicChannelAPI { constructor(chatAPI, serverAPI, channelId, conversationId) { // properties this.chatAPI = chatAPI; this.serverAPI = serverAPI; this.channelId = channelId; this.baseChannelUrl = `channels/${this.channelId}`; this.conversationId = conversationId; this.conversation = ConversationController.get(conversationId); this.lastGot = null; this.modStatus = false; this.deleteLastId = 1; this.timers = {}; this.myPrivateKey = false; this.messagesPollLock = false; // can escalated to SQL if it start uses too much memory this.logMop = {}; // Cache for duplicate checking this.lastMessagesCache = []; // end properties log.info( `registered LokiPublicChannel ${channelId} on ${this.serverAPI.baseServerUrl}` ); // start polling this.open(); } async getPrivateKey() { if (!this.myPrivateKey) { const myKeyPair = await textsecure.storage.protocol.getIdentityKeyPair(); this.myPrivateKey = myKeyPair.privKey; } return this.myPrivateKey; } async banUser(pubkey) { const res = await this.serverRequest( `loki/v1/moderation/blacklist/@${pubkey}`, { method: 'POST', } ); if (res.err || !res.response || !res.response.data) { if (res.err) { log.error(`banUser Error ${res.err}`); } return false; } return true; } open() { log.info( `LokiPublicChannel open ${this.channelId} on ${this.serverAPI.baseServerUrl}` ); if (this.running) { log.warn( `LokiPublicChannel already open ${this.channelId} on ${this.serverAPI.baseServerUrl}` ); } this.running = true; if (!this.timers.channel) { this.pollForChannel(); } if (!this.timers.moderator) { this.pollForModerators(); } if (!this.timers.delete) { this.pollForDeletions(); } if (!this.timers.message) { this.pollForMessages(); } // TODO: poll for group members here? } stop() { log.info( `LokiPublicChannel close ${this.channelId} on ${this.serverAPI.baseServerUrl}` ); if (!this.running) { log.warn( `LokiPublicChannel already open ${this.channelId} on ${this.serverAPI.baseServerUrl}` ); } this.running = false; if (this.timers.channel) { clearTimeout(this.timers.channel); this.timers.channel = false; } if (this.timers.moderator) { clearTimeout(this.timers.moderator); this.timers.moderator = false; } if (this.timers.delete) { clearTimeout(this.timers.delete); this.timers.delete = false; } if (this.timers.message) { clearTimeout(this.timers.message); this.timers.message = false; } } serverRequest(endpoint, options = {}) { return this.serverAPI.serverRequest(endpoint, options); } getSubscribers() { return this.serverAPI.getSubscribers(this.channelId, true); } getModerators() { return this.serverAPI.getModerators(this.channelId); } // get moderation actions async pollForModerators() { try { await this.pollOnceForModerators(); } catch (e) { log.warn( 'Error while polling for public chat moderators:', e.code, e.message ); } if (this.running) { this.timers.moderator = setTimeout(() => { this.pollForModerators(); }, PUBLICCHAT_MOD_POLL_EVERY); } } // get moderator status async pollOnceForModerators() { // get moderator status const res = await this.serverRequest( `loki/v1/channels/${this.channelId}/moderators` ); const ourNumberDevice = textsecure.storage.user.getNumber(); const ourNumberProfile = window.storage.get('primaryDevicePubKey'); // Get the list of moderators if no errors occurred const moderators = !res.err && res.response && res.response.moderators; // if we encountered problems then we'll keep the old mod status if (moderators) { this.modStatus = (ourNumberProfile && moderators.includes(ourNumberProfile)) || moderators.includes(ourNumberDevice); } await this.conversation.setModerators(moderators || []); } async setChannelSettings(settings) { if (!this.modStatus) { // need moderator access to set this log.warn('Need moderator access to setChannelName'); return false; } // racy! const res = await this.serverRequest(this.baseChannelUrl, { params: { include_annotations: 1 }, }); if (res.err) { // state unknown log.warn(`public chat channel state unknown, skipping set: ${res.err}`); return false; } let notes = res.response && res.response.data && res.response.data.annotations; if (!notes) { // ok if nothing is set yet notes = []; } let settingNotes = notes.filter( note => note.type === SETTINGS_CHANNEL_ANNOTATION_TYPE ); if (!settingNotes) { // default name, description, avatar settingNotes = [ { type: SETTINGS_CHANNEL_ANNOTATION_TYPE, value: { name: 'Your Public Chat', description: 'Your public chat room', avatar: 'images/group_default.png', }, }, ]; } // update settings settingNotes[0].value = Object.assign(settingNotes[0].value, settings); // commit settings const updateRes = await this.serverRequest( `loki/v1/${this.baseChannelUrl}`, { method: 'PUT', objBody: { annotations: settingNotes } } ); if (updateRes.err || !updateRes.response || !updateRes.response.data) { if (updateRes.err) { log.error(`setChannelSettings Error ${updateRes.err}`); } return false; } return true; } // Do we need this? They definitely make it more clear... setChannelName(name) { return this.setChannelSettings({ name }); } setChannelDescription(description) { return this.setChannelSettings({ description }); } setChannelAvatar(avatar) { return this.setChannelSettings({ avatar }); } // delete messages on the server async deleteMessages(serverIds, canThrow = false) { const res = await this.serverRequest( this.modStatus ? `loki/v1/moderation/messages` : `loki/v1/messages`, { method: 'DELETE', params: { ids: serverIds } } ); if (!res.err) { const deletedIds = res.response.data .filter(d => d.is_deleted) .map(d => d.id); if (deletedIds.length > 0) { log.info(`deleted ${serverIds} on ${this.baseChannelUrl}`); } const failedIds = res.response.data .filter(d => !d.is_deleted) .map(d => d.id); if (failedIds.length > 0) { log.warn(`failed to delete ${failedIds} on ${this.baseChannelUrl}`); } // Note: if there is no entry for message, we assume it wasn't found // on the server, so it is not treated as explicitly failed const ignoredIds = _.difference( serverIds, _.union(failedIds, deletedIds) ); if (ignoredIds.length > 0) { log.warn(`No response for ${ignoredIds} on ${this.baseChannelUrl}`); } return { deletedIds, ignoredIds }; } if (canThrow) { throw new textsecure.PublicChatError( 'Failed to delete public chat message' ); } return { deletedIds: [], ignoredIds: [] }; } // used for sending messages getEndpoint() { const endpoint = `${this.serverAPI.baseServerUrl}/${this.baseChannelUrl}/messages`; return endpoint; } // get moderation actions async pollForChannel() { try { await this.pollForChannelOnce(); } catch (e) { log.warn( 'Error while polling for public chat room details', e.code, e.message ); } if (this.running) { this.timers.channel = setTimeout(() => { this.pollForChannel(); }, PUBLICCHAT_CHAN_POLL_EVERY); } } // update room details async pollForChannelOnce() { const res = await this.serverRequest(`${this.baseChannelUrl}`, { params: { include_annotations: 1, }, }); if (res.err || !res.response || !res.response.data) { return; } const { data } = res.response; if (data.annotations && data.annotations.length) { // get our setting note const settingNotes = data.annotations.filter( note => note.type === SETTINGS_CHANNEL_ANNOTATION_TYPE ); const note = settingNotes && settingNotes.length ? settingNotes[0] : {}; // setting_note.value.description only needed for directory if (note.value && note.value.name) { this.conversation.setGroupName(note.value.name); } if (note.value && note.value.avatar) { if (note.value.avatar.match(/^images\//)) { // local file avatar const resolvedAvatar = path.normalize(note.value.avatar); const base = path.normalize('images/'); const re = new RegExp(`^${base}`); // do we at least ends up inside images/ somewhere? if (re.test(resolvedAvatar)) { this.conversation.set('avatar', resolvedAvatar); } } else { // relative URL avatar const avatarAbsUrl = this.serverAPI.baseServerUrl + note.value.avatar; const { writeNewAttachmentData, deleteAttachmentData, } = window.Signal.Migrations; // do we already have this image? no, then // download a copy and save it const imageData = await nodeFetch(avatarAbsUrl); // eslint-disable-next-line no-inner-declarations function toArrayBuffer(buf) { const ab = new ArrayBuffer(buf.length); const view = new Uint8Array(ab); // eslint-disable-next-line no-plusplus for (let i = 0; i < buf.length; i++) { view[i] = buf[i]; } return ab; } // eslint-enable-next-line no-inner-declarations const buffer = await imageData.buffer(); const newAttributes = await window.Signal.Types.Conversation.maybeUpdateAvatar( this.conversation.attributes, toArrayBuffer(buffer), { writeNewAttachmentData, deleteAttachmentData, } ); // update group this.conversation.set('avatar', newAttributes.avatar); } } // is it mutable? // who are the moderators? // else could set a default in case of server problems... } if (data.counts && Number.isInteger(data.counts.subscribers)) { this.conversation.setSubscriberCount(data.counts.subscribers); } await window.Signal.Data.updateConversation( this.conversation.id, this.conversation.attributes, { Conversation: Whisper.Conversation, } ); } // get moderation actions async pollForDeletions() { try { await this.pollOnceForDeletions(); } catch (e) { log.warn( 'Error while polling for public chat deletions:', e.code, e.message ); } if (this.running) { this.timers.delete = setTimeout(() => { this.pollForDeletions(); }, PUBLICCHAT_DELETION_POLL_EVERY); } } async pollOnceForDeletions() { // grab the last 200 deletions const params = { count: 200, }; // start loop let more = true; while (more) { // set params to from where we last checked params.since_id = this.deleteLastId; // grab the next 200 deletions from where we last checked // eslint-disable-next-line no-await-in-loop const res = await this.serverRequest( `loki/v1/channel/${this.channelId}/deletes`, { params } ); // if any problems, abort out if ( res.err || !res.response || !res.response.data || !res.response.meta ) { if (res.err) { log.error(`pollOnceForDeletions Error ${res.err}`); } else { log.error( `pollOnceForDeletions Error: Received incorrect response ${res.response}` ); } break; } // Process results const entries = res.response.data || []; if (entries.length > 0) { Whisper.events.trigger('deleteLocalPublicMessages', { messageServerIds: entries.reverse().map(e => e.message_id), conversationId: this.conversationId, }); } // update where we last checked this.deleteLastId = res.response.meta.max_id; more = res.response.meta.more && res.response.data.length >= params.count; } } static getSigData( sigVer, noteValue, attachmentAnnotations, previewAnnotations, adnMessage ) { let sigString = ''; sigString += adnMessage.text.trim(); sigString += noteValue.timestamp; if (noteValue.quote) { sigString += noteValue.quote.id; sigString += noteValue.quote.author; sigString += noteValue.quote.text.trim(); if (adnMessage.reply_to) { sigString += adnMessage.reply_to; } } sigString += [...attachmentAnnotations, ...previewAnnotations] .map(data => data.id || data.image.id) .sort() .join(); sigString += sigVer; return dcodeIO.ByteBuffer.wrap(sigString, 'utf8').toArrayBuffer(); } async getMessengerData(adnMessage) { if ( !Array.isArray(adnMessage.annotations) || adnMessage.annotations.length === 0 ) { return false; } const noteValue = adnMessage.annotations[0].value; // signatures now required if (!noteValue.sig || typeof noteValue.sig !== 'string') { return false; } // timestamp is the only required field we've had since the first deployed version const { timestamp, quote } = noteValue; let profileKey = null; let avatar = null; const avatarNote = adnMessage.user.annotations.find( note => note.type === AVATAR_USER_ANNOTATION_TYPE ); if (avatarNote) { ({ profileKey, url: avatar } = avatarNote.value); } if (quote) { // Disable quote attachments quote.attachments = []; } // try to verify signature const { sig, sigver } = noteValue; const annoCopy = [...adnMessage.annotations]; const attachments = annoCopy .filter(anno => anno.value.lokiType === LOKI_ATTACHMENT_TYPE) .map(attachment => ({ isRaw: true, ...attachment.value })); const preview = annoCopy .filter(anno => anno.value.lokiType === LOKI_PREVIEW_TYPE) .map(LokiPublicChannelAPI.getPreviewFromAnnotation); // strip out sig and sigver annoCopy[0] = _.omit(annoCopy[0], ['value.sig', 'value.sigver']); const sigData = LokiPublicChannelAPI.getSigData( sigver, noteValue, attachments, preview, adnMessage ); const pubKeyBin = StringView.hexToArrayBuffer(adnMessage.user.username); const sigBin = StringView.hexToArrayBuffer(sig); try { await libsignal.Curve.async.verifySignature(pubKeyBin, sigData, sigBin); } catch (e) { if (e.message === 'Invalid signature') { // keep noise out of the logs, once per start up is enough if (this.logMop[adnMessage.id] === undefined) { log.warn( 'Invalid or missing signature on ', this.serverAPI.baseServerUrl, this.channelId, adnMessage.id, 'says', adnMessage.text, 'from', adnMessage.user.username, 'signature', sig, 'signature version', sigver ); this.logMop[adnMessage.id] = true; } // we now only accept valid messages into the public chat return false; } // any error should cause problem log.error(`Unhandled message signature validation error ${e.message}`); return false; } return { timestamp, attachments, preview, quote, avatar, profileKey, }; } // get channel messages async pollForMessages() { try { await this.pollOnceForMessages(); } catch (e) { log.warn( 'Error while polling for public chat messages:', e.code, e.message ); } if (this.running) { this.timers.message = setTimeout(() => { this.pollForMessages(); }, PUBLICCHAT_MSG_POLL_EVERY); } } async pollOnceForMessages() { if (this.messagesPollLock) { // TODO: check if lock is stale log.warn( 'pollOnceForModerators locked', 'on', this.channelId, 'at', this.serverAPI.baseServerUrl ); return; } // disable locking system for now as it's not quite perfect yet // this.messagesPollLock = Date.now(); const params = { include_annotations: 1, include_user_annotations: 1, // to get the home server include_deleted: false, }; if (!this.conversation) { log.warn('Trying to poll for non-existing public conversation'); this.lastGot = 0; } else if (!this.lastGot) { this.lastGot = this.conversation.getLastRetrievedMessage(); } params.since_id = this.lastGot; // Just grab the most recent 100 messages if you don't have a valid lastGot params.count = this.lastGot === 0 ? -100 : 20; // log.info(`Getting ${params.count} from ${this.lastGot} on ${this.baseChannelUrl}`); const res = await this.serverRequest(`${this.baseChannelUrl}/messages`, { params, }); if (res.err || !res.response) { log.error( `app_dot_net:::pollOnceForMessages - Could not get messages from`, this.serverAPI.baseServerUrl, this.baseChannelUrl ); if (res.err) { log.error(`app_dot_net:::pollOnceForMessages - receive error`, res.err); } this.messagesPollLock = false; return; } let receivedAt = new Date().getTime(); const homeServerPubKeys = {}; let pendingMessages = []; // get our profile name const ourNumberDevice = textsecure.storage.user.getNumber(); // if no primaryDevicePubKey fall back to ourNumberDevice const ourNumberProfile = window.storage.get('primaryDevicePubKey') || ourNumberDevice; let lastProfileName = false; // the signature forces this to be async pendingMessages = await Promise.all( // process these in chronological order res.response.data.reverse().map(async adnMessage => { // still update our last received if deleted, not signed or not valid this.lastGot = !this.lastGot ? adnMessage.id : Math.max(this.lastGot, adnMessage.id); if ( !adnMessage.id || !adnMessage.user || !adnMessage.user.username || // pubKey lives in the username field !adnMessage.text || adnMessage.is_deleted ) { return false; // Invalid or delete message } const pubKey = adnMessage.user.username; const messengerData = await this.getMessengerData(adnMessage); if (messengerData === false) { return false; } const { timestamp, quote, attachments, preview, avatar, profileKey, } = messengerData; if (!timestamp) { return false; // Invalid message } // Duplicate check const isDuplicate = message => { // The username in this case is the users pubKey const sameUsername = message.username === pubKey; const sameText = message.text === adnMessage.text; // Don't filter out messages that are too far apart from each other const timestampsSimilar = Math.abs(message.timestamp - timestamp) <= PUBLICCHAT_MIN_TIME_BETWEEN_DUPLICATE_MESSAGES; return sameUsername && sameText && timestampsSimilar; }; // Filter out any messages that we got previously if (this.lastMessagesCache.some(isDuplicate)) { return false; // Duplicate message } // FIXME: maybe move after the de-multidev-decode // Add the message to the lastMessage cache and keep the last 5 recent messages this.lastMessagesCache = [ ...this.lastMessagesCache, { username: pubKey, text: adnMessage.text, timestamp, }, ].splice(-5); const from = adnMessage.user.name || 'Anonymous'; // profileName // if us if (pubKey === ourNumberProfile || pubKey === ourNumberDevice) { // update the last name we saw from ourself lastProfileName = from; } // track sources for multidevice support // sort it by home server let homeServer = window.getDefaultFileServer(); if (adnMessage.user && adnMessage.user.annotations.length) { const homeNotes = adnMessage.user.annotations.filter( note => note.type === HOMESERVER_USER_ANNOTATION_TYPE ); // FIXME: this annotation should probably be signed and verified... homeServer = homeNotes.reduce( (curVal, note) => (note.value ? note.value : curVal), homeServer ); } if (homeServerPubKeys[homeServer] === undefined) { homeServerPubKeys[homeServer] = []; } if (homeServerPubKeys[homeServer].indexOf(`@${pubKey}`) === -1) { homeServerPubKeys[homeServer].push(`@${pubKey}`); } // generate signal message object const messageData = { serverId: adnMessage.id, clientVerified: true, friendRequest: false, source: pubKey, sourceDevice: 1, timestamp, serverTimestamp: timestamp, receivedAt, isPublic: true, message: { body: adnMessage.text === timestamp.toString() ? '' : adnMessage.text, attachments, group: { id: this.conversationId, type: textsecure.protobuf.GroupContext.Type.DELIVER, }, flags: 0, expireTimer: 0, profileKey, timestamp, received_at: receivedAt, sent_at: timestamp, quote, contact: [], preview, profile: { displayName: from, avatar, }, }, }; receivedAt += 1; // Ensure different arrival times // now process any user meta data updates // - update their conversation with a potentially new avatar return messageData; }) ); // do we really need this? if (!pendingMessages.length) { this.conversation.setLastRetrievedMessage(this.lastGot); this.messagesPollLock = false; return; } // slave to primary map for this group of messages let slavePrimaryMap = {}; // reduce list of servers into verified maps and keys const verifiedPrimaryPKs = await Object.keys(homeServerPubKeys).reduce( async (curVal, serverUrl) => { // get an API to this server const serverAPI = await window.lokiFileServerAPIFactory.establishConnection( serverUrl ); // get list of verified primary PKs const result = await serverAPI.verifyPrimaryPubKeys( homeServerPubKeys[serverUrl] ); // merged these device mappings into our slavePrimaryMap // should not be any collisions, since each pubKey can only have one home server slavePrimaryMap = { ...slavePrimaryMap, ...result.slaveMap }; // copy verified pub keys into result return curVal.concat(result.verifiedPrimaryPKs); }, [] ); // filter out invalid messages pendingMessages = pendingMessages.filter(messageData => !!messageData); // separate messages coming from primary and secondary devices let [primaryMessages, slaveMessages] = _.partition( pendingMessages, message => !(message.source in slavePrimaryMap) ); // get minimum ID for primaryMessages and slaveMessages const firstPrimaryId = _.min(primaryMessages.map(msg => msg.serverId)); const firstSlaveId = _.min(slaveMessages.map(msg => msg.serverId)); if (firstPrimaryId < firstSlaveId) { // early send // split off count from pendingMessages let sendNow = []; [sendNow, pendingMessages] = _.partition( pendingMessages, message => message.serverId < firstSlaveId ); sendNow.forEach(message => { // send them out now log.info( 'emitting primary message', message.serverId, 'on', this.channelId, 'at', this.serverAPI.baseServerUrl ); this.chatAPI.emit('publicMessage', { message, }); }); sendNow = false; } primaryMessages = false; // free memory // get actual chat server data (mainly the name rn) of primary device const verifiedDeviceResults = await this.serverAPI.getUsers( verifiedPrimaryPKs ); // build map of userProfileName to primaryKeys /* eslint-disable no-param-reassign */ this.primaryUserProfileName = verifiedDeviceResults.reduce( (mapOut, user) => { let avatar = null; let profileKey = null; const avatarNote = user.annotations.find( note => note.type === AVATAR_USER_ANNOTATION_TYPE ); if (avatarNote) { ({ profileKey, url: avatar } = avatarNote.value); } mapOut[user.username] = { name: user.name, avatar, profileKey, }; return mapOut; }, {} ); /* eslint-enable no-param-reassign */ // process remaining messages /* eslint-disable no-param-reassign */ slaveMessages.forEach(messageData => { const slaveKey = messageData.source; // prevent our own device sent messages from coming back in if (slaveKey === ourNumberDevice) { // we originally sent these return; } // look up primary device once const primaryPubKey = slavePrimaryMap[slaveKey]; // send out remaining messages for this merged identity /* eslint-disable no-param-reassign */ if (slavePrimaryMap[slaveKey]) { // rewrite source, profile messageData.source = primaryPubKey; const primaryProfile = this.primaryUserProfileName[primaryPubKey]; if (primaryProfile) { const { name, avatar, profileKey } = primaryProfile; messageData.message.profile.displayName = name; messageData.message.profile.avatar = avatar; messageData.message.profileKey = profileKey; } } }); slaveMessages = false; // free memory // process all messages in the order received pendingMessages.forEach(message => { // if slave device if (message.source in slavePrimaryMap) { // prevent our own device sent messages from coming back in if (message.source === ourNumberDevice) { // we originally sent these return; } } log.info( 'emitting pending message', message.serverId, 'on', this.channelId, 'at', this.serverAPI.baseServerUrl ); this.chatAPI.emit('publicMessage', { message, }); }); /* eslint-enable no-param-reassign */ // if we received one of our own messages if (lastProfileName !== false) { // get current profileName const profileConvo = ConversationController.get(ourNumberProfile); const profileName = profileConvo.getProfileName(); // check to see if it out of sync if (profileName !== lastProfileName) { // out of sync, update this server this.serverAPI.setProfileName(profileName); } } // finally update our position this.conversation.setLastRetrievedMessage(this.lastGot); this.messagesPollLock = false; } static getPreviewFromAnnotation(annotation) { const preview = { title: annotation.value.linkPreviewTitle, url: annotation.value.linkPreviewUrl, image: { isRaw: true, caption: annotation.value.caption, contentType: annotation.value.contentType, digest: annotation.value.digest, fileName: annotation.value.fileName, flags: annotation.value.flags, height: annotation.value.height, id: annotation.value.id, key: annotation.value.key, size: annotation.value.size, thumbnail: annotation.value.thumbnail, url: annotation.value.url, width: annotation.value.width, }, }; return preview; } static getAnnotationFromPreview(preview) { const annotation = { type: MESSAGE_ATTACHMENT_TYPE, value: { // Mandatory ADN fields version: '1.0', lokiType: LOKI_PREVIEW_TYPE, // Signal stuff we actually care about linkPreviewTitle: preview.title, linkPreviewUrl: preview.url, caption: preview.image.caption, contentType: preview.image.contentType, digest: preview.image.digest, fileName: preview.image.fileName, flags: preview.image.flags, height: preview.image.height, id: preview.image.id, key: preview.image.key, size: preview.image.size, thumbnail: preview.image.thumbnail, url: preview.image.url, width: preview.image.width, }, }; return annotation; } static getAnnotationFromAttachment(attachment) { let type; if (attachment.contentType.match(/^image/)) { type = 'photo'; } else if (attachment.contentType.match(/^video/)) { type = 'video'; } else if (attachment.contentType.match(/^audio/)) { type = 'audio'; } else { type = 'other'; } const annotation = { type: MESSAGE_ATTACHMENT_TYPE, value: { // Mandatory ADN fields version: '1.0', type, lokiType: LOKI_ATTACHMENT_TYPE, // Signal stuff we actually care about ...attachment, }, }; return annotation; } // create a message in the channel async sendMessage(data, messageTimeStamp) { const { quote, attachments, preview } = data; const text = data.body || messageTimeStamp.toString(); const attachmentAnnotations = attachments.map( LokiPublicChannelAPI.getAnnotationFromAttachment ); const previewAnnotations = preview.map( LokiPublicChannelAPI.getAnnotationFromPreview ); const payload = { text, annotations: [ { type: 'network.loki.messenger.publicChat', value: { timestamp: messageTimeStamp, }, }, ...attachmentAnnotations, ...previewAnnotations, ], }; if (quote && quote.id) { payload.annotations[0].value.quote = quote; // copied from model/message.js copyFromQuotedMessage const collection = await Signal.Data.getMessagesBySentAt(quote.id, { MessageCollection: Whisper.MessageCollection, }); const found = collection.find(item => { const messageAuthor = item.getContact(); return messageAuthor && quote.author === messageAuthor.id; }); if (found) { const queryMessage = MessageController.register(found.id, found); const replyTo = queryMessage.get('serverId'); if (replyTo) { payload.reply_to = replyTo; } } } const privKey = await this.getPrivateKey(); const sigVer = 1; const mockAdnMessage = { text }; if (payload.reply_to) { mockAdnMessage.reply_to = payload.reply_to; } const sigData = LokiPublicChannelAPI.getSigData( sigVer, payload.annotations[0].value, attachmentAnnotations.map(anno => anno.value), previewAnnotations.map(anno => anno.value), mockAdnMessage ); const sig = await libsignal.Curve.async.calculateSignature( privKey, sigData ); payload.annotations[0].value.sig = StringView.arrayBufferToHex(sig); payload.annotations[0].value.sigver = sigVer; const res = await this.serverRequest(`${this.baseChannelUrl}/messages`, { method: 'POST', objBody: payload, }); if (!res.err && res.response) { return res.response.data.id; } if (res.err) { log.error(`POST ${this.baseChannelUrl}/messages failed`); if (res.response && res.response.meta && res.response.meta.code === 401) { log.error(`Got invalid token for ${this.serverAPI.token}`); } log.error(res.err); log.error(res.response); } else { log.warn(res.response); } // there's no retry on desktop // this is supposed to be after retries return false; } } LokiAppDotNetServerAPI.serverRequest = serverRequest; LokiAppDotNetServerAPI.sendViaOnion = sendViaOnion; // These files are expected to be in commonjs so we can't use es6 syntax :( // If we move these to TS then we should be able to use es6 module.exports = LokiAppDotNetServerAPI;