diff --git a/keyserver/src/fetchers/upload-fetchers.js b/keyserver/src/fetchers/upload-fetchers.js index 178817117..a779a4f56 100644 --- a/keyserver/src/fetchers/upload-fetchers.js +++ b/keyserver/src/fetchers/upload-fetchers.js @@ -1,407 +1,407 @@ // @flow import ip from 'internal-ip'; import _keyBy from 'lodash/fp/keyBy.js'; import type { Media, Image, EncryptedImage } from 'lib/types/media-types.js'; import { messageTypes } from 'lib/types/message-types-enum.js'; import type { MediaMessageServerDBContent } from 'lib/types/messages/media.js'; import { getUploadIDsFromMediaMessageServerDBContents } from 'lib/types/messages/media.js'; import { threadPermissions } from 'lib/types/thread-permission-types.js'; import type { ThreadFetchMediaResult, ThreadFetchMediaRequest, } from 'lib/types/thread-types.js'; import { makeBlobServiceURI } from 'lib/utils/blob-service.js'; import { isDev } from 'lib/utils/dev-utils.js'; import { ServerError } from 'lib/utils/errors.js'; import { dbQuery, SQL } from '../database/database.js'; import type { Viewer } from '../session/viewer.js'; import { getAndAssertCommAppURLFacts } from '../utils/urls.js'; type UploadInfo = { content: Buffer, mime: string, }; async function fetchUpload( viewer: Viewer, id: string, secret: string, ): Promise { const query = SQL` SELECT content, mime, extra FROM uploads WHERE id = ${id} AND secret = ${secret} `; const [result] = await dbQuery(query); if (result.length === 0) { throw new ServerError('invalid_parameters'); } const [row] = result; const { content, mime, extra } = row; const { blobHash } = JSON.parse(extra); if (blobHash) { throw new ServerError('resource_unavailable'); } return { content, mime }; } async function fetchUploadChunk( id: string, secret: string, pos: number, len: number, ): Promise { // We use pos + 1 because SQL is 1-indexed whereas js is 0-indexed const query = SQL` SELECT SUBSTRING(content, ${pos + 1}, ${len}) AS content, mime, extra FROM uploads WHERE id = ${id} AND secret = ${secret} `; const [result] = await dbQuery(query); if (result.length === 0) { throw new ServerError('invalid_parameters'); } const [row] = result; const { content, mime, extra } = row; if (extra) { const { blobHash } = JSON.parse(extra); if (blobHash) { throw new ServerError('resource_unavailable'); } } return { content, mime, }; } // Returns total size in bytes. async function getUploadSize(id: string, secret: string): Promise { const query = SQL` SELECT LENGTH(content) AS length, extra FROM uploads WHERE id = ${id} AND secret = ${secret} `; const [result] = await dbQuery(query); if (result.length === 0) { throw new ServerError('invalid_parameters'); } const [row] = result; const { length, extra } = row; if (extra) { const { blobHash } = JSON.parse(extra); if (blobHash) { throw new ServerError('resource_unavailable'); } } return length; } function getUploadURL(id: string, secret: string): string { const { baseDomain, basePath } = getAndAssertCommAppURLFacts(); const uploadPath = `${basePath}upload/${id}/${secret}`; if (isDev) { const ipV4 = ip.v4.sync() || 'localhost'; const port = parseInt(process.env.PORT, 10) || 3000; return `http://${ipV4}:${port}${uploadPath}`; } return `${baseDomain}${uploadPath}`; } -function makeUploadURI(holder: ?string, id: string, secret: string): string { - if (holder) { - return makeBlobServiceURI(holder); +function makeUploadURI(blobHash: ?string, id: string, secret: string): string { + if (blobHash) { + return makeBlobServiceURI(blobHash); } return getUploadURL(id, secret); } function imagesFromRow(row: Object): Image | EncryptedImage { const uploadExtra = JSON.parse(row.uploadExtra); const { width, height, blobHash, thumbHash } = uploadExtra; const { uploadType: type, uploadSecret: secret } = row; const id = row.uploadID.toString(); const dimensions = { width, height }; const uri = makeUploadURI(blobHash, id, secret); const isEncrypted = !!uploadExtra.encryptionKey; if (type !== 'photo') { throw new ServerError('invalid_parameters'); } if (!isEncrypted) { return { id, type: 'photo', uri, dimensions, thumbHash }; } return { id, type: 'encrypted_photo', holder: uri, dimensions, thumbHash, encryptionKey: uploadExtra.encryptionKey, }; } async function fetchImages( viewer: Viewer, mediaIDs: $ReadOnlyArray, ): Promise<$ReadOnlyArray> { const query = SQL` SELECT id AS uploadID, secret AS uploadSecret, type AS uploadType, extra AS uploadExtra FROM uploads WHERE id IN (${mediaIDs}) AND uploader = ${viewer.id} AND container IS NULL `; const [result] = await dbQuery(query); return result.map(imagesFromRow); } async function fetchMediaForThread( viewer: Viewer, request: ThreadFetchMediaRequest, ): Promise { const visibleExtractString = `$.${threadPermissions.VISIBLE}.value`; const query = SQL` SELECT content.photo AS uploadID, u.secret AS uploadSecret, u.type AS uploadType, u.extra AS uploadExtra, u.container, u.creation_time, NULL AS thumbnailID, NULL AS thumbnailUploadSecret, NULL AS thumbnailUploadExtra FROM messages m LEFT JOIN JSON_TABLE( m.content, "$[*]" COLUMNS(photo INT PATH "$") ) content ON 1 LEFT JOIN uploads u ON u.id = content.photo LEFT JOIN memberships mm ON mm.thread = ${request.threadID} AND mm.user = ${viewer.id} WHERE m.thread = ${request.threadID} AND m.type = ${messageTypes.IMAGES} AND JSON_EXTRACT(mm.permissions, ${visibleExtractString}) IS TRUE UNION SELECT content.media AS uploadID, uv.secret AS uploadSecret, uv.type AS uploadType, uv.extra AS uploadExtra, uv.container, uv.creation_time, content.thumbnail AS thumbnailID, ut.secret AS thumbnailUploadSecret, ut.extra AS thumbnailUploadExtra FROM messages m LEFT JOIN JSON_TABLE( m.content, "$[*]" COLUMNS( media INT PATH "$.uploadID", thumbnail INT PATH "$.thumbnailUploadID" ) ) content ON 1 LEFT JOIN uploads uv ON uv.id = content.media LEFT JOIN uploads ut ON ut.id = content.thumbnail LEFT JOIN memberships mm ON mm.thread = ${request.threadID} AND mm.user = ${viewer.id} WHERE m.thread = ${request.threadID} AND m.type = ${messageTypes.MULTIMEDIA} AND JSON_EXTRACT(mm.permissions, ${visibleExtractString}) IS TRUE ORDER BY creation_time DESC LIMIT ${request.limit} OFFSET ${request.offset} `; const [uploads] = await dbQuery(query); const media = uploads.map(upload => { const { uploadID, uploadType, uploadSecret, uploadExtra } = upload; const { width, height, encryptionKey, blobHash, thumbHash } = JSON.parse(uploadExtra); const dimensions = { width, height }; const uri = makeUploadURI(blobHash, uploadID, uploadSecret); if (uploadType === 'photo') { if (encryptionKey) { return { type: 'encrypted_photo', id: uploadID.toString(), holder: uri, encryptionKey, dimensions, thumbHash, }; } return { type: 'photo', id: uploadID.toString(), uri, dimensions, thumbHash, }; } const { thumbnailID, thumbnailUploadSecret, thumbnailUploadExtra } = upload; const { encryptionKey: thumbnailEncryptionKey, blobHash: thumbnailBlobHash, thumbHash: thumbnailThumbHash, } = JSON.parse(thumbnailUploadExtra); const thumbnailURI = makeUploadURI( thumbnailBlobHash, thumbnailID, thumbnailUploadSecret, ); if (encryptionKey) { return { type: 'encrypted_video', id: uploadID.toString(), holder: uri, encryptionKey, dimensions, thumbnailID, thumbnailHolder: thumbnailURI, thumbnailEncryptionKey, thumbnailThumbHash, }; } return { type: 'video', id: uploadID.toString(), uri, dimensions, thumbnailID, thumbnailURI, thumbnailThumbHash, }; }); return { media }; } async function fetchUploadsForMessage( viewer: Viewer, mediaMessageContents: $ReadOnlyArray, ): Promise<$ReadOnlyArray> { const uploadIDs = getUploadIDsFromMediaMessageServerDBContents(mediaMessageContents); const query = SQL` SELECT id AS uploadID, secret AS uploadSecret, type AS uploadType, extra AS uploadExtra FROM uploads WHERE id IN (${uploadIDs}) AND uploader = ${viewer.id} AND container IS NULL `; const [uploads] = await dbQuery(query); return uploads; } async function fetchMediaFromMediaMessageContent( viewer: Viewer, mediaMessageContents: $ReadOnlyArray, ): Promise<$ReadOnlyArray> { const uploads = await fetchUploadsForMessage(viewer, mediaMessageContents); return constructMediaFromMediaMessageContentsAndUploadRows( mediaMessageContents, uploads, ); } function constructMediaFromMediaMessageContentsAndUploadRows( mediaMessageContents: $ReadOnlyArray, uploadRows: $ReadOnlyArray, ): $ReadOnlyArray { const uploadMap = _keyBy('uploadID')(uploadRows); const media: Media[] = []; for (const mediaMessageContent of mediaMessageContents) { const primaryUploadID = mediaMessageContent.uploadID; const primaryUpload = uploadMap[primaryUploadID]; const uploadExtra = JSON.parse(primaryUpload.uploadExtra); const { width, height, loop, blobHash, encryptionKey, thumbHash } = uploadExtra; const dimensions = { width, height }; const primaryUploadURI = makeUploadURI( blobHash, primaryUploadID, primaryUpload.uploadSecret, ); if (mediaMessageContent.type === 'photo') { if (encryptionKey) { media.push({ type: 'encrypted_photo', id: primaryUploadID, holder: primaryUploadURI, encryptionKey, dimensions, thumbHash, }); } else { media.push({ type: 'photo', id: primaryUploadID, uri: primaryUploadURI, dimensions, thumbHash, }); } continue; } const thumbnailUploadID = mediaMessageContent.thumbnailUploadID; const thumbnailUpload = uploadMap[thumbnailUploadID]; const thumbnailUploadExtra = JSON.parse(thumbnailUpload.uploadExtra); const { blobHash: thumbnailBlobHash, thumbHash: thumbnailThumbHash } = thumbnailUploadExtra; const thumbnailUploadURI = makeUploadURI( thumbnailBlobHash, thumbnailUploadID, thumbnailUpload.uploadSecret, ); if (encryptionKey) { const video = { type: 'encrypted_video', id: primaryUploadID, holder: primaryUploadURI, encryptionKey, dimensions, thumbnailID: thumbnailUploadID, thumbnailHolder: thumbnailUploadURI, thumbnailEncryptionKey: thumbnailUploadExtra.encryptionKey, thumbnailThumbHash, }; media.push(loop ? { ...video, loop } : video); } else { const video = { type: 'video', id: primaryUploadID, uri: primaryUploadURI, dimensions, thumbnailID: thumbnailUploadID, thumbnailURI: thumbnailUploadURI, thumbnailThumbHash, }; media.push(loop ? { ...video, loop } : video); } } return media; } export { fetchUpload, fetchUploadChunk, getUploadSize, getUploadURL, makeUploadURI, imagesFromRow, fetchImages, fetchMediaForThread, fetchMediaFromMediaMessageContent, constructMediaFromMediaMessageContentsAndUploadRows, }; diff --git a/lib/facts/blob-service.js b/lib/facts/blob-service.js index 284897485..2ff5e13ca 100644 --- a/lib/facts/blob-service.js +++ b/lib/facts/blob-service.js @@ -1,32 +1,32 @@ // @flow export type BlobServiceHTTPEndpoint = { +path: string, +method: 'GET' | 'POST' | 'PUT' | 'DELETE', }; const httpEndpoints = Object.freeze({ GET_BLOB: { - path: '/blob/:holder', + path: '/blob/:blobHash', method: 'GET', }, ASSIGN_HOLDER: { path: '/blob', method: 'POST', }, UPLOAD_BLOB: { path: '/blob', method: 'PUT', }, DELETE_BLOB: { path: '/blob/:holder', method: 'DELETE', }, }); const config = { url: 'https://blob.commtechnologies.org', httpEndpoints, }; export default config; diff --git a/lib/media/media-utils.js b/lib/media/media-utils.js index 70fb894a7..ac39281fe 100644 --- a/lib/media/media-utils.js +++ b/lib/media/media-utils.js @@ -1,88 +1,88 @@ // @flow import invariant from 'invariant'; import type { Media } from '../types/media-types.js'; import type { MultimediaMessageInfo, RawMultimediaMessageInfo, } from '../types/message-types.js'; import { isBlobServiceURI, getBlobFetchableURL, - holderFromBlobServiceURI, + blobHashFromBlobServiceURI, } from '../utils/blob-service.js'; const maxDimensions = Object.freeze({ width: 1920, height: 1920 }); function contentStringForMediaArray(media: $ReadOnlyArray): string { if (media.length === 0) { return 'corrupted media'; } else if (media.length === 1) { const type = media[0].type.replace('encrypted_', ''); return `a ${type}`; } let firstType; for (const single of media) { if (!firstType) { firstType = single.type; } if (firstType === single.type) { continue; } else { return 'some media'; } } invariant(firstType, 'there should be some media'); firstType = firstType.replace('encrypted_', ''); if (firstType === 'photo') { firstType = 'image'; } return `some ${firstType}s`; } function isMediaBlobServiceHosted(media: Media): boolean { return ( (!!media.uri && isBlobServiceURI(media.uri)) || (!!media.holder && isBlobServiceURI(media.holder)) || (!!media.thumbnailURI && isBlobServiceURI(media.thumbnailURI)) || (!!media.thumbnailHolder && isBlobServiceURI(media.thumbnailHolder)) ); } function fetchableMediaURI(uri: string): string { if (isBlobServiceURI(uri)) { - const holder = holderFromBlobServiceURI(uri); - return getBlobFetchableURL(holder); + const blobHash = blobHashFromBlobServiceURI(uri); + return getBlobFetchableURL(blobHash); } return uri; } function multimediaMessagePreview( messageInfo: MultimediaMessageInfo | RawMultimediaMessageInfo, ): string { const mediaContentString = contentStringForMediaArray(messageInfo.media); return `sent ${mediaContentString}`; } const localUploadPrefix = 'localUpload'; function isLocalUploadID(id: string): boolean { return id.startsWith(localUploadPrefix); } let nextLocalUploadID = 0; function getNextLocalUploadID(): string { return `${localUploadPrefix}${nextLocalUploadID++}`; } export { maxDimensions, contentStringForMediaArray, multimediaMessagePreview, isLocalUploadID, isMediaBlobServiceHosted, getNextLocalUploadID, fetchableMediaURI, }; diff --git a/lib/utils/blob-service.js b/lib/utils/blob-service.js index 6a5f5ea08..6abd8e098 100644 --- a/lib/utils/blob-service.js +++ b/lib/utils/blob-service.js @@ -1,54 +1,62 @@ // @flow import invariant from 'invariant'; import type { BlobServiceHTTPEndpoint } from '../facts/blob-service.js'; import blobServiceConfig from '../facts/blob-service.js'; const BLOB_SERVICE_URI_PREFIX = 'comm-blob-service://'; -function makeBlobServiceURI(holder: string): string { - return `${BLOB_SERVICE_URI_PREFIX}${holder}`; +function makeBlobServiceURI(blobHash: string): string { + return `${BLOB_SERVICE_URI_PREFIX}${blobHash}`; } function isBlobServiceURI(uri: string): boolean { return uri.startsWith(BLOB_SERVICE_URI_PREFIX); } -function holderFromBlobServiceURI(uri: string): string { +/** + * Returns the base64url-encoded blob hash from a blob service URI. + * Throws an error if the URI is not a blob service URI. + */ +function blobHashFromBlobServiceURI(uri: string): string { invariant(isBlobServiceURI(uri), 'Not a blob service URI'); return uri.slice(BLOB_SERVICE_URI_PREFIX.length); } -function holderFromURI(uri: string): ?string { +/** + * Returns the base64url-encoded blob hash from a blob service URI. + * Returns null if the URI is not a blob service URI. + */ +function blobHashFromURI(uri: string): ?string { if (!isBlobServiceURI(uri)) { return null; } - return holderFromBlobServiceURI(uri); + return blobHashFromBlobServiceURI(uri); } function makeBlobServiceEndpointURL( endpoint: BlobServiceHTTPEndpoint, params: { +[name: string]: string } = {}, ): string { let path = endpoint.path; for (const name in params) { path = path.replace(`:${name}`, params[name]); } return `${blobServiceConfig.url}${path}`; } -function getBlobFetchableURL(holder: string): string { +function getBlobFetchableURL(blobHash: string): string { return makeBlobServiceEndpointURL(blobServiceConfig.httpEndpoints.GET_BLOB, { - holder, + blobHash, }); } export { makeBlobServiceURI, isBlobServiceURI, - holderFromURI, - holderFromBlobServiceURI, + blobHashFromURI, + blobHashFromBlobServiceURI, getBlobFetchableURL, makeBlobServiceEndpointURL, };