diff --git a/web/shared-worker/worker/shared-worker.js b/web/shared-worker/worker/shared-worker.js index 1ae6c8ca7..74edbc90b 100644 --- a/web/shared-worker/worker/shared-worker.js +++ b/web/shared-worker/worker/shared-worker.js @@ -1,444 +1,453 @@ // @flow import localforage from 'localforage'; import { getMessageForException } from 'lib/utils/errors.js'; import { restoreBackup } from './backup.js'; import { processAppIdentityClientRequest } from './identity-client.js'; import { getClientStoreFromQueryExecutor, processDBStoreOperations, } from './process-operations.js'; import { clearCryptoStore, processAppOlmApiRequest } from './worker-crypto.js'; import { getDBModule, getSQLiteQueryExecutor, setDBModule, setSQLiteQueryExecutor, getPlatformDetails, setPlatformDetails, } from './worker-database.js'; import initBackupClientModule from '../../backup-client-wasm/wasm/backup-client-wasm.js'; import { decryptData, encryptData, generateCryptoKey, importJWKKey, type EncryptedData, } from '../../crypto/aes-gcm-crypto-utils.js'; import { type SharedWorkerMessageEvent, type WorkerRequestMessage, type WorkerResponseMessage, workerRequestMessageTypes, workerResponseMessageTypes, type WorkerRequestProxyMessage, workerWriteRequests, workerOlmAPIRequests, } from '../../types/worker-types.js'; import { workerIdentityClientRequests } from '../../types/worker-types.js'; import { getDatabaseModule } from '../db-module.js'; import { webMessageToClientDBMessageInfo } from '../types/entities.js'; import { COMM_SQLITE_DATABASE_PATH, SQLITE_STAMPED_USER_ID_KEY, localforageConfig, SQLITE_CONTENT, SQLITE_ENCRYPTION_KEY, DEFAULT_BACKUP_CLIENT_FILENAME, } from '../utils/constants.js'; import { clearSensitiveData, exportDatabaseContent, importDatabaseContent, } from '../utils/db-utils.js'; localforage.config(localforageConfig); let encryptionKey: ?CryptoKey = null; let persistNeeded: boolean = false; let persistInProgress: boolean = false; async function initDatabase( webworkerModulesFilePath: string, commQueryExecutorFilename: ?string, encryptionKeyJWK?: ?SubtleCrypto$JsonWebKey, ) { const dbModule = getDBModule(); const sqliteQueryExecutor = getSQLiteQueryExecutor(); if (!!dbModule && !!sqliteQueryExecutor) { console.log('Database already initialized'); return; } const newModule = dbModule ? dbModule : getDatabaseModule(commQueryExecutorFilename, webworkerModulesFilePath); if (!dbModule) { setDBModule(newModule); } if (encryptionKeyJWK) { encryptionKey = await importJWKKey(encryptionKeyJWK); } else { encryptionKey = await localforage.getItem(SQLITE_ENCRYPTION_KEY); if (!encryptionKey) { const cryptoKey = await generateCryptoKey({ extractable: false }); await localforage.setItem(SQLITE_ENCRYPTION_KEY, cryptoKey); } } const encryptedContent = await localforage.getItem(SQLITE_CONTENT); let dbContent = null; try { if (encryptionKey && encryptedContent) { dbContent = await decryptData(encryptedContent, encryptionKey); } } catch (e) { console.error('Error while decrypting content, clearing database content'); await localforage.removeItem(SQLITE_CONTENT); } if (dbContent) { importDatabaseContent(dbContent, newModule, COMM_SQLITE_DATABASE_PATH); console.info( 'Database exists and is properly encrypted, using persisted data', ); } else { console.info('Creating fresh database'); } setSQLiteQueryExecutor( new newModule.SQLiteQueryExecutor(COMM_SQLITE_DATABASE_PATH), ); } async function initBackupClient( webworkerModulesFilePath: string, backupClientFilename: ?string, ) { let modulePath; if (backupClientFilename) { modulePath = `${webworkerModulesFilePath}/${backupClientFilename}`; } else { modulePath = `${webworkerModulesFilePath}/${DEFAULT_BACKUP_CLIENT_FILENAME}`; } await initBackupClientModule(modulePath); } async function persist() { persistInProgress = true; const sqliteQueryExecutor = getSQLiteQueryExecutor(); const dbModule = getDBModule(); if (!sqliteQueryExecutor || !dbModule) { persistInProgress = false; throw new Error( 'Database not initialized while persisting database content', ); } if (!encryptionKey) { encryptionKey = await localforage.getItem(SQLITE_ENCRYPTION_KEY); } while (persistNeeded) { persistNeeded = false; const dbData = exportDatabaseContent(dbModule, COMM_SQLITE_DATABASE_PATH); if (!encryptionKey) { persistInProgress = false; throw new Error('Encryption key is missing'); } const encryptedData = await encryptData(dbData, encryptionKey); await localforage.setItem(SQLITE_CONTENT, encryptedData); } persistInProgress = false; } async function processAppRequest( message: WorkerRequestMessage, ): Promise { // non-database operations if (message.type === workerRequestMessageTypes.PING) { return { type: workerResponseMessageTypes.PONG, text: 'PONG', }; } else if ( message.type === workerRequestMessageTypes.GENERATE_DATABASE_ENCRYPTION_KEY ) { const cryptoKey = await generateCryptoKey({ extractable: false }); await localforage.setItem(SQLITE_ENCRYPTION_KEY, cryptoKey); return undefined; } const sqliteQueryExecutor = getSQLiteQueryExecutor(); const dbModule = getDBModule(); // database operations if (message.type === workerRequestMessageTypes.INIT) { setPlatformDetails(message.platformDetails); const promises = [ initDatabase( message.webworkerModulesFilePath, message.commQueryExecutorFilename, message.encryptionKey, ), ]; if (message.backupClientFilename !== undefined) { promises.push( initBackupClient( message.webworkerModulesFilePath, message.backupClientFilename, ), ); } await Promise.all(promises); return undefined; } else if (message.type === workerRequestMessageTypes.CLEAR_SENSITIVE_DATA) { clearCryptoStore(); encryptionKey = null; await localforage.clear(); if (dbModule && sqliteQueryExecutor) { clearSensitiveData( dbModule, COMM_SQLITE_DATABASE_PATH, sqliteQueryExecutor, ); } setSQLiteQueryExecutor(null); return undefined; } if (!sqliteQueryExecutor) { throw new Error( `Database not initialized, unable to process request type: ${message.type}`, ); } // read-only operations if (message.type === workerRequestMessageTypes.GET_CLIENT_STORE) { return { type: workerResponseMessageTypes.CLIENT_STORE, store: getClientStoreFromQueryExecutor(sqliteQueryExecutor), }; } else if ( message.type === workerRequestMessageTypes.GET_SQLITE_STAMPED_USER_ID ) { return { type: workerResponseMessageTypes.GET_SQLITE_STAMPED_USER_ID, userID: sqliteQueryExecutor.getMetadata(SQLITE_STAMPED_USER_ID_KEY), }; } else if ( message.type === workerRequestMessageTypes.GET_PERSIST_STORAGE_ITEM ) { return { type: workerResponseMessageTypes.GET_PERSIST_STORAGE_ITEM, item: sqliteQueryExecutor.getPersistStorageItem(message.key), }; } else if ( message.type === workerRequestMessageTypes.GET_INBOUND_P2P_MESSAGES ) { return { type: workerResponseMessageTypes.GET_INBOUND_P2P_MESSAGES, inboundP2PMessages: sqliteQueryExecutor.getAllInboundP2PMessage(), }; } else if ( message.type === workerRequestMessageTypes.GET_OUTBOUND_P2P_MESSAGES ) { return { type: workerResponseMessageTypes.GET_OUTBOUND_P2P_MESSAGES, outboundP2PMessages: sqliteQueryExecutor.getAllOutboundP2PMessages(), }; } else if (message.type === workerRequestMessageTypes.GET_RELATED_MESSAGES) { const webMessageEntities = sqliteQueryExecutor.getRelatedMessagesWeb( message.messageID, ); return { type: workerResponseMessageTypes.GET_MESSAGES, messages: webMessageEntities.map(webMessageToClientDBMessageInfo), }; } else if ( message.type === workerRequestMessageTypes.GET_OUTBOUND_P2P_MESSAGES_BY_ID ) { return { type: workerResponseMessageTypes.GET_OUTBOUND_P2P_MESSAGES, outboundP2PMessages: sqliteQueryExecutor.getOutboundP2PMessagesByID( message.messageIDs, ), }; } else if (message.type === workerRequestMessageTypes.SEARCH_MESSAGES) { const webMessageEntities = sqliteQueryExecutor.searchMessages( message.query, message.threadID, message.timestampCursor, message.messageIDCursor, ); return { type: workerResponseMessageTypes.GET_MESSAGES, messages: webMessageEntities.map(webMessageToClientDBMessageInfo), }; } else if (message.type === workerRequestMessageTypes.FETCH_MESSAGES) { const webMessageEntities = sqliteQueryExecutor.fetchMessagesWeb( message.threadID, message.limit, message.offset, ); return { type: workerResponseMessageTypes.GET_MESSAGES, messages: webMessageEntities.map(webMessageToClientDBMessageInfo), }; + } else if ( + message.type === workerRequestMessageTypes.GET_INBOUND_P2P_MESSAGES_BY_ID + ) { + return { + type: workerResponseMessageTypes.GET_INBOUND_P2P_MESSAGES, + inboundP2PMessages: sqliteQueryExecutor.getInboundP2PMessagesByID( + message.messageIDs, + ), + }; } // write operations const isOlmAPIRequest = workerOlmAPIRequests.includes(message.type); const isIdentityClientRequest = workerIdentityClientRequests.includes( message.type, ); if ( !workerWriteRequests.includes(message.type) && !isOlmAPIRequest && !isIdentityClientRequest ) { throw new Error(`Request type ${message.type} not supported`); } if (!sqliteQueryExecutor || !dbModule) { throw new Error( `Database not initialized, unable to process request type: ${message.type}`, ); } let result; if (isOlmAPIRequest) { result = await processAppOlmApiRequest(message); } else if (isIdentityClientRequest) { const platformDetails = getPlatformDetails(); if (!platformDetails) { throw new Error( 'Platform details not set, unable to process identity client request', ); } result = await processAppIdentityClientRequest( sqliteQueryExecutor, dbModule, platformDetails, message, ); } else if ( message.type === workerRequestMessageTypes.PROCESS_STORE_OPERATIONS ) { processDBStoreOperations( sqliteQueryExecutor, message.storeOperations, dbModule, ); } else if ( message.type === workerRequestMessageTypes.STAMP_SQLITE_DB_USER_ID ) { sqliteQueryExecutor.setMetadata(SQLITE_STAMPED_USER_ID_KEY, message.userID); } else if ( message.type === workerRequestMessageTypes.SET_PERSIST_STORAGE_ITEM ) { sqliteQueryExecutor.setPersistStorageItem(message.key, message.item); } else if ( message.type === workerRequestMessageTypes.REMOVE_PERSIST_STORAGE_ITEM ) { sqliteQueryExecutor.removePersistStorageItem(message.key); } else if (message.type === workerRequestMessageTypes.BACKUP_RESTORE) { await restoreBackup( sqliteQueryExecutor, dbModule, message.authMetadata, message.backupID, message.backupDataKey, message.backupLogDataKey, ); } else if ( message.type === workerRequestMessageTypes.REMOVE_INBOUND_P2P_MESSAGES ) { sqliteQueryExecutor.removeInboundP2PMessages(message.ids); } else if ( message.type === workerRequestMessageTypes.MARK_OUTBOUND_P2P_MESSAGE_AS_SENT ) { sqliteQueryExecutor.markOutboundP2PMessageAsSent( message.messageID, message.deviceID, ); } else if ( message.type === workerRequestMessageTypes.REMOVE_OUTBOUND_P2P_MESSAGE ) { sqliteQueryExecutor.removeOutboundP2PMessage( message.messageID, message.deviceID, ); } else if ( message.type === workerRequestMessageTypes.RESET_OUTBOUND_P2P_MESSAGES ) { let messageIDs: $ReadOnlyArray = []; try { sqliteQueryExecutor.beginTransaction(); messageIDs = sqliteQueryExecutor.resetOutboundP2PMessagesForDevice( message.deviceID, ); sqliteQueryExecutor.commitTransaction(); } catch (e) { sqliteQueryExecutor.rollbackTransaction(); console.log('Error while resetting outbound P2P messages: ', e); throw e; } return { type: workerResponseMessageTypes.RESET_OUTBOUND_P2P_MESSAGES, messageIDs, }; } persistNeeded = true; if (!persistInProgress) { void persist(); } return result; } let currentlyProcessedMessage: ?Promise = null; function connectHandler(event: SharedWorkerMessageEvent) { if (!event.ports.length) { return; } const port: MessagePort = event.ports[0]; console.log('Web database worker alive!'); port.onmessage = async function (messageEvent: MessageEvent) { const data: WorkerRequestProxyMessage = (messageEvent.data: any); const { id, message } = data; if (!id) { port.postMessage({ error: 'Request without identifier', }); } currentlyProcessedMessage = (async () => { await currentlyProcessedMessage; try { const result = await processAppRequest(message); port.postMessage({ id, message: result, }); } catch (e) { port.postMessage({ id, error: getMessageForException(e), }); } })(); }; } self.addEventListener('connect', connectHandler); diff --git a/web/types/worker-types.js b/web/types/worker-types.js index 64b3bcfe0..f960765d2 100644 --- a/web/types/worker-types.js +++ b/web/types/worker-types.js @@ -1,347 +1,354 @@ // @flow import type { AuthMetadata } from 'lib/shared/identity-client-context.js'; import type { PickledOLMAccount, OLMIdentityKeys, OlmAPI, } from 'lib/types/crypto-types.js'; import type { PlatformDetails } from 'lib/types/device-types.js'; import type { IdentityServiceClient, IdentityServiceAuthLayer, } from 'lib/types/identity-service-types.js'; import type { ClientDBMessageInfo } from 'lib/types/message-types.js'; import type { InboundP2PMessage, OutboundP2PMessage, } from 'lib/types/sqlite-types.js'; import type { ClientDBStore, ClientDBStoreOperations, } from 'lib/types/store-ops-types.js'; // The types of messages sent from app to worker export const workerRequestMessageTypes = Object.freeze({ PING: 0, INIT: 1, GENERATE_DATABASE_ENCRYPTION_KEY: 2, PROCESS_STORE_OPERATIONS: 3, GET_CLIENT_STORE: 4, STAMP_SQLITE_DB_USER_ID: 5, GET_SQLITE_STAMPED_USER_ID: 6, GET_PERSIST_STORAGE_ITEM: 7, SET_PERSIST_STORAGE_ITEM: 8, REMOVE_PERSIST_STORAGE_ITEM: 9, CLEAR_SENSITIVE_DATA: 10, BACKUP_RESTORE: 11, INITIALIZE_CRYPTO_ACCOUNT: 12, CREATE_IDENTITY_SERVICE_CLIENT: 13, CALL_IDENTITY_CLIENT_METHOD: 14, CALL_OLM_API_METHOD: 15, GET_INBOUND_P2P_MESSAGES: 16, REMOVE_INBOUND_P2P_MESSAGES: 17, GET_OUTBOUND_P2P_MESSAGES: 18, MARK_OUTBOUND_P2P_MESSAGE_AS_SENT: 19, REMOVE_OUTBOUND_P2P_MESSAGE: 20, GET_RELATED_MESSAGES: 21, GET_OUTBOUND_P2P_MESSAGES_BY_ID: 22, SEARCH_MESSAGES: 23, RESET_OUTBOUND_P2P_MESSAGES: 24, FETCH_MESSAGES: 25, + GET_INBOUND_P2P_MESSAGES_BY_ID: 26, }); export const workerWriteRequests: $ReadOnlyArray = [ workerRequestMessageTypes.PROCESS_STORE_OPERATIONS, workerRequestMessageTypes.STAMP_SQLITE_DB_USER_ID, workerRequestMessageTypes.SET_PERSIST_STORAGE_ITEM, workerRequestMessageTypes.REMOVE_PERSIST_STORAGE_ITEM, workerRequestMessageTypes.BACKUP_RESTORE, workerRequestMessageTypes.INITIALIZE_CRYPTO_ACCOUNT, workerRequestMessageTypes.REMOVE_INBOUND_P2P_MESSAGES, workerRequestMessageTypes.MARK_OUTBOUND_P2P_MESSAGE_AS_SENT, workerRequestMessageTypes.REMOVE_OUTBOUND_P2P_MESSAGE, workerRequestMessageTypes.RESET_OUTBOUND_P2P_MESSAGES, ]; export const workerOlmAPIRequests: $ReadOnlyArray = [ workerRequestMessageTypes.INITIALIZE_CRYPTO_ACCOUNT, workerRequestMessageTypes.CALL_OLM_API_METHOD, ]; export const workerIdentityClientRequests: $ReadOnlyArray = [ workerRequestMessageTypes.CREATE_IDENTITY_SERVICE_CLIENT, workerRequestMessageTypes.CALL_IDENTITY_CLIENT_METHOD, ]; export type PingWorkerRequestMessage = { +type: 0, +text: string, }; export type InitWorkerRequestMessage = { +type: 1, +platformDetails: PlatformDetails, +webworkerModulesFilePath: string, +commQueryExecutorFilename: ?string, +encryptionKey?: ?SubtleCrypto$JsonWebKey, +backupClientFilename?: ?string, }; export type GenerateDatabaseEncryptionKeyRequestMessage = { +type: 2, }; export type ProcessStoreOperationsRequestMessage = { +type: 3, +storeOperations: ClientDBStoreOperations, }; export type GetClientStoreRequestMessage = { +type: 4, }; export type SetCurrentUserIDRequestMessage = { +type: 5, +userID: string, }; export type GetCurrentUserIDRequestMessage = { +type: 6, }; export type GetPersistStorageItemRequestMessage = { +type: 7, +key: string, }; export type SetPersistStorageItemRequestMessage = { +type: 8, +key: string, +item: string, }; export type RemovePersistStorageItemRequestMessage = { +type: 9, +key: string, }; export type ClearSensitiveDataRequestMessage = { +type: 10, }; export type BackupRestoreRequestMessage = { +type: 11, +authMetadata: AuthMetadata, +backupID: string, +backupDataKey: string, +backupLogDataKey: string, }; // Previously used on web in redux. Now only used // in a migration to the shared worker. export type LegacyCryptoStore = { +primaryAccount: PickledOLMAccount, +primaryIdentityKeys: OLMIdentityKeys, +notificationAccount: PickledOLMAccount, +notificationIdentityKeys: OLMIdentityKeys, }; export type InitializeCryptoAccountRequestMessage = { +type: 12, +olmWasmPath: string, +initialCryptoStore?: LegacyCryptoStore, }; export type CreateIdentityServiceClientRequestMessage = { +type: 13, +opaqueWasmPath: string, +authLayer: ?IdentityServiceAuthLayer, }; export type CallIdentityClientMethodRequestMessage = { +type: 14, +method: $Keys, +args: $ReadOnlyArray, }; export type CallOLMApiMethodRequestMessage = { +type: 15, +method: $Keys, +args: $ReadOnlyArray, }; export type GetInboundP2PMessagesRequestMessage = { +type: 16, }; export type RemoveInboundP2PMessagesRequestMessage = { +type: 17, +ids: $ReadOnlyArray, }; export type GetOutboundP2PMessagesRequestMessage = { +type: 18, }; export type MarkOutboundP2PMessageAsSentRequestMessage = { +type: 19, +messageID: string, +deviceID: string, }; export type RemoveOutboundP2PMessageRequestMessage = { +type: 20, +messageID: string, +deviceID: string, }; export type GetRelatedMessagesRequestMessage = { +type: 21, +messageID: string, }; export type GetOutboundP2PMessagesByIDRequestMessage = { +type: 22, +messageIDs: $ReadOnlyArray, }; export type SearchMessagesRequestMessage = { +type: 23, +query: string, +threadID: string, +timestampCursor: ?string, +messageIDCursor: ?string, }; export type ResetOutboundP2PMessagesRequestMessage = { +type: 24, +deviceID: string, }; export type FetchMessagesRequestMessage = { +type: 25, +threadID: string, +limit: number, +offset: number, }; +export type GetInboundP2PMessagesByIDRequestMessage = { + +type: 26, + +messageIDs: $ReadOnlyArray, +}; + export type WorkerRequestMessage = | PingWorkerRequestMessage | InitWorkerRequestMessage | GenerateDatabaseEncryptionKeyRequestMessage | ProcessStoreOperationsRequestMessage | GetClientStoreRequestMessage | SetCurrentUserIDRequestMessage | GetCurrentUserIDRequestMessage | GetPersistStorageItemRequestMessage | SetPersistStorageItemRequestMessage | RemovePersistStorageItemRequestMessage | ClearSensitiveDataRequestMessage | BackupRestoreRequestMessage | InitializeCryptoAccountRequestMessage | CreateIdentityServiceClientRequestMessage | CallIdentityClientMethodRequestMessage | CallOLMApiMethodRequestMessage | GetInboundP2PMessagesRequestMessage | RemoveInboundP2PMessagesRequestMessage | GetOutboundP2PMessagesRequestMessage | MarkOutboundP2PMessageAsSentRequestMessage | RemoveOutboundP2PMessageRequestMessage | GetRelatedMessagesRequestMessage | GetOutboundP2PMessagesByIDRequestMessage | SearchMessagesRequestMessage | ResetOutboundP2PMessagesRequestMessage - | FetchMessagesRequestMessage; + | FetchMessagesRequestMessage + | GetInboundP2PMessagesByIDRequestMessage; export type WorkerRequestProxyMessage = { +id: number, +message: WorkerRequestMessage, }; // The types of messages sent from worker to app export const workerResponseMessageTypes = Object.freeze({ PONG: 0, CLIENT_STORE: 1, GET_SQLITE_STAMPED_USER_ID: 2, GET_PERSIST_STORAGE_ITEM: 3, CALL_IDENTITY_CLIENT_METHOD: 4, CALL_OLM_API_METHOD: 5, GET_INBOUND_P2P_MESSAGES: 6, GET_OUTBOUND_P2P_MESSAGES: 7, GET_MESSAGES: 8, RESET_OUTBOUND_P2P_MESSAGES: 9, }); export type PongWorkerResponseMessage = { +type: 0, +text: string, }; export type ClientStoreResponseMessage = { +type: 1, +store: ClientDBStore, }; export type GetCurrentUserIDResponseMessage = { +type: 2, +userID: ?string, }; export type GetPersistStorageItemResponseMessage = { +type: 3, +item: string, }; export type CallIdentityClientMethodResponseMessage = { +type: 4, +result: mixed, }; export type CallOLMApiMethodResponseMessage = { +type: 5, +result: mixed, }; export type GetInboundP2PMessagesResponseMessage = { +type: 6, +inboundP2PMessages: $ReadOnlyArray, }; export type GetOutboundP2PMessagesResponseMessage = { +type: 7, +outboundP2PMessages: $ReadOnlyArray, }; export type GetMessagesResponse = { +type: 8, +messages: $ReadOnlyArray, }; export type ResetOutboundP2PMessagesResponseMessage = { +type: 9, +messageIDs: $ReadOnlyArray, }; export type WorkerResponseMessage = | PongWorkerResponseMessage | ClientStoreResponseMessage | GetCurrentUserIDResponseMessage | GetPersistStorageItemResponseMessage | CallIdentityClientMethodResponseMessage | CallOLMApiMethodResponseMessage | GetInboundP2PMessagesResponseMessage | GetOutboundP2PMessagesResponseMessage | GetMessagesResponse | ResetOutboundP2PMessagesResponseMessage; export type WorkerResponseProxyMessage = { +id?: number, +message?: WorkerResponseMessage, +error?: string, }; // SharedWorker types export type SharedWorkerMessageEvent = MessageEvent & { +ports: $ReadOnlyArray, ... };