Details

Reviewers

bartek
tomek
kamil

Commits

rCOMM0b753d34ce06: Implement utility function on the keyserver to upload notification payload to…

Summary

This differential introduces utility function on the keyserver that AES-encrypts notification payload and uploads it to the keyserver. Changes in eslint configuration that are necessary for native node fetch API usage are introduced as
well.

Test Plan

Launch blob service locally.
Modify blob-service.js file in facts directory to point to local IP address
Modify send.js file to execute this method on the stringified Android notification payload and log output to the console.
Send notification to Android device. Examine logs from keyserver and blob service terminals.

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

marcin created this revision.Jul 18 2023, 6:49 AM

Herald added a subscriber: ashoat. · View Herald TranscriptJul 18 2023, 6:49 AM

marcin added a parent revision: D8521: Enable webcrypto usage in keyserver codebase and unify aes crypto stack across web and the keyserver.Jul 18 2023, 6:49 AM

marcin added inline comments.Jul 18 2023, 7:01 AM

keyserver/.eslintrc.json
6 ↗	(On Diff #28774)	Even the latest version of globals (see the last comment) does not define `Blob` as globally available in node, so we have to add it manually to use it on the keyserver without ESLint complaining.
keyserver/src/push/utils.js
393 ↗	(On Diff #28774)	`new TextEncoder().encode()` transforms string into `Uint8Array` of correct `UTF8` byte stream.
465 ↗	(On Diff #28774)	`encryptionKey` obtained from `generateKey` is not necessarily correct `UTF8` byte stream so we have to choose different encoding. I experimented with using `TextDecoder.decode()` and I was unable to decrypt data on the native due to invalid encryption key. Only the approach above allowed me to use `AESCryptoModule` with the encryption key sent from the keyserver.
package.json
56 ↗	(On Diff #28774)	ESLint uses the following repository to get methods and variables globally available in node environment: https://github.com/sindresorhus/globals. Unfortunately it is only the latest version of this package (13.20.0) that defines `fetch` and `FormData` as node globals. Updating ESLint itself wouldn't help since the latest version of ESLint (8.45.0) expects ^13.19.0 version of globals (https://github.com/eslint/eslint/blob/v8.45.0/package.json#L85) that leaves possibility that we will end up with version 13.19.0 that is still lacks `fetch` and `FormData` definitions.

Harbormaster completed remote builds in B20989: Diff 28774.Jul 18 2023, 7:06 AM

marcin requested review of this revision.Jul 18 2023, 7:06 AM

bartek added inline comments.Jul 19 2023, 4:10 AM

keyserver/src/push/utils.js
393 ↗	(On Diff #28774)	Lucky you, having `TextEncoder` available ;) I had to write ArrayBuffer <-> any-string-repr conversions myself in native
397–402 ↗	(On Diff #28774)	IIRC we have a convention not to `await` inside other calls
443 ↗	(On Diff #28774)	For multimedia uploads, I rely on results of `data_exists` before starting the `UPLOAD_BLOB` call. In your case, you could potentially call both in parallel using `Promise.all`. What do you think? Calling the upload endpoint while given blob hash already exists, results in HTTP 409 Conflict. However, you had to ignore the `data_exists`result from the `ASSIGN_HOLDER` call because its value would rely on request processing order.
465 ↗	(On Diff #28774)	Generally, bytes stored as strings should be either base64 or hex-encoded to avoid UTF-8 issues you mentioned. What about storing it as HEX string? See `uintArrayToHexString()` in `lib/media/data-utils.js`. I used this to store multimedia encryption keys

marcin added a child revision: D8566: Upload/download large notification payload from the keyserver/Android NSE if its size exceeds FCM limits.Jul 19 2023, 8:30 AM

marcin added a child revision: D8589: Upload Android notification payload to blob service if its size exceeds limits.Jul 21 2023, 3:04 AM

marcin removed a child revision: D8566: Upload/download large notification payload from the keyserver/Android NSE if its size exceeds FCM limits.

Run promises in paralell

marcin added a parent revision: D8602: Remove aes-crypto-utils.js from media and use common API to avoid redundent layer of abstraction.Jul 24 2023, 4:46 AM

marcin removed a parent revision: D8521: Enable webcrypto usage in keyserver codebase and unify aes crypto stack across web and the keyserver.

Harbormaster failed remote builds in B21137: Diff 28959!Jul 24 2023, 5:10 AM

Harbormaster completed remote builds in B21137: Diff 28959.Jul 24 2023, 5:22 AM

Blob upload looks good

This revision is now accepted and ready to land.Jul 25 2023, 3:01 AM

ashoat added inline comments.Jul 27 2023, 1:35 PM

keyserver/src/push/utils.js
364 ↗	(On Diff #28959)	Should we use the built-in fetch for this instead of `node-fetch`, and deprecate `node-fetch`? I know this feels like a follow-up task, but I think too often we leave "cruft" like this in the codebase and create follow-up tasks that never get addressed. This seems like a great opportunity for a quick "red diff" that should only take an hour, and will let us delete an outdated package

ashoat added a subscriber: michal.Jul 27 2023, 1:37 PM

ashoat added inline comments.

keyserver/src/push/utils.js
364 ↗	(On Diff #28959)	It might be helpful to get @michal's help for testing here, since it appears the only uses of `node-fetch` are for Windows notifs

marcin mentioned this in D8650: Remove 3rd node-fetch package and use native API instead.Jul 28 2023, 6:28 AM

marcin added a child revision: D8665: Implement native iOS code to fetch data from blob service and keyserver code to upload notification payload if it exceeds APNs limits.Jul 29 2023, 4:31 AM

marcin edited child revisions, added: D8698: Upload iOS notification payload to blob service if its size exceeds limits; removed: D8665: Implement native iOS code to fetch data from blob service and keyserver code to upload notification payload if it exceeds APNs limits.Aug 1 2023, 7:06 AM

bartek mentioned this in D8665: Implement native iOS code to fetch data from blob service and keyserver code to upload notification payload if it exceeds APNs limits.Aug 3 2023, 12:52 AM

After a short discussion with @tomek we decided to land this differential since it keeps working correctly even if isolated from the rest of the stack and @tomek needs it for the development of his work on invite links.

keyserver/src/push/utils.js
465 ↗	(On Diff #28774)	We could do this but I chose `Base64` since native platforms have API for straightforward `Base64` encoding and decoding. Using `HEX` would require us to write some custom encoding/decoding.