[keyserver][lib][web] set up anonymous connection with tunnelbroker on keyserver and handle DEVICE_LIST_UPDATE_SUCCESS
ClosedPublic
Actions

Authored by varun on May 21 2024, 7:24 AM.

Details

Reviewers

bartek
kamil

Commits

rCOMM9f890eef35d0: [keyserver][lib][web] set up anonymous connection with tunnelbroker on…

Summary

the keyserver needs to be able to establish an anonymous connection with tunnelbroker in order to receive the message indicating that it has been added to the user's device list.
once it has been added, it needs to auth with the identity service (next diff).

this diff just establishes the anonymous connection and parses the DEVICE_LIST_UPDATE_SUCCESS message from tunnelbroker.

Test Plan

const { primaryDeviceID: receivedPrimaryDeviceID, userID } =
  qrCodeAuthMessage;
console.log(receivedPrimaryDeviceID, userID);

added the above lines to tunnelbroker-socket.js and confirmed that the user ID and primaryDeviceID were received

Diff Detail

Repository

rCOMM Comm

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

varun created this revision.May 21 2024, 7:24 AM

Herald added subscribers: tomek, ashoat. · View Herald TranscriptMay 21 2024, 7:24 AM

varun added inline comments.May 21 2024, 7:28 AM

keyserver/src/keyserver.js
123 ↗	(On Diff #40470)	eventually, the QR code auth workflow will replace the password login logic in this else-case. we will still want to check if the user already has a valid token in the metadata table, first, though. i'll factor that check out of `verifyUserLoggedIn` and add it to the above condition (i.e. `if (userDoesntHaveToken && shouldDisplayQRCodeInTerminal)`)

Harbormaster completed remote builds in B29104: Diff 40470.May 21 2024, 7:51 AM

varun requested review of this revision.May 21 2024, 7:51 AM

varun added a child revision: D12151: [rust-node-addon] generate_nonce client method.May 21 2024, 8:05 AM

bartek added inline comments.May 21 2024, 8:15 AM

keyserver/src/socket/tunnelbroker-socket.js
53 ↗	(On Diff #40470)	Generally this AES encryption key is QR-auth-specific. So this is not the best place for this Other TB message types are going to be encrypted via Olm, cc @kamil
lib/utils/conversion-utils.js
158 ↗	(On Diff #40470)	This initially wasn't in `lib/` because on native `TextEncoder` isn't supported. It can stay here, but we should add a comment that on native we should use functions from `native/backup/conversion-utils.js` instead

varun added inline comments.May 21 2024, 8:19 AM

lib/utils/conversion-utils.js
158 ↗	(On Diff #40470)	ah got it. will add a comment

ashoat added inline comments.May 22 2024, 2:20 AM

keyserver/src/socket/tunnelbroker.js
54 ↗	(On Diff #40470)	How will we close this connection later, once the login has completed?

General logic looks okay.
I initially had mixed feelings about code structure of TunnelbrokerSocket but I have no better ideas. This is something we can always refactor later.

keyserver/src/socket/tunnelbroker-socket.js
53 ↗	(On Diff #40470)	If it's going to stay here, we can give it more specific name
keyserver/src/socket/tunnelbroker.js
54 ↗	(On Diff #40470)	I think there'll be a `close()` function returned from this function at a later stage

This revision is now accepted and ready to land.May 22 2024, 7:43 AM

Closed by commit rCOMM9f890eef35d0: [keyserver][lib][web] set up anonymous connection with tunnelbroker on… (authored by varun). · Explain WhyMay 24 2024, 9:31 AM

This revision was automatically updated to reflect the committed changes.

varun added a commit: rCOMM9f890eef35d0: [keyserver][lib][web] set up anonymous connection with tunnelbroker on….

varun added inline comments.May 24 2024, 9:37 AM

keyserver/src/socket/tunnelbroker.js
54 ↗	(On Diff #40470)	yeah later in the stack i close the connection after getting an access token from identity so that it can be reopened as an authenticated connection