chore: Refactor server token validation to use server_type parameter

2025-01-08 21:18:00 +03:00 · 2024-08-07 19:53:25 +02:00 · 2024-08-07 19:53:25 +02:00 · b41a0a9331
commit b41a0a9331
parent bd467a0bfb
5 changed files with 11 additions and 10 deletions
--- a/server/src/uds/REST/methods/actor_v3.py
+++ b/server/src/uds/REST/methods/actor_v3.py
@ -430,7 +430,7 @@ class Initialize(ActorV3Action):
                dbFilter = UserService.objects.filter(deployed_service__service=service)
            else:
                # If not service provided token, use actor tokens
-                if not Server.validate_token(token, types.servers.ServerType.ACTOR):
+                if not Server.validate_token(token, server_type=types.servers.ServerType.ACTOR):
                    raise exceptions.rest.BlockAccess()
                # Build the possible ids and make initial filter to match ANY userservice with provided MAC
                idsList = [i['mac'] for i in self._params['id'][:5]]
--- a/server/src/uds/REST/methods/tunnels.py
+++ b/server/src/uds/REST/methods/tunnels.py
@ -75,7 +75,7 @@ class TunnelTicket(Handler):

        # Take token from url
        token = self._args[2][:48]
-        if not models.Server.validate_token(token, serverType=types.servers.ServerType.TUNNEL):
+        if not models.Server.validate_token(token, server_type=types.servers.ServerType.TUNNEL):
            if self._args[1][:4] == 'stop':
                # "Discard" invalid stop requests, because Applications does not like them.
                # RDS connections keep alive for a while after the application is finished,
@ -129,7 +129,7 @@ class TunnelTicket(Handler):
                log.log(user.manager, types.log.LogLevel.INFO, msg)
                log.log(user_service, types.log.LogLevel.INFO, msg)
                # Generate new, notify only, ticket
-                notifyTicket = models.TicketStore.create_for_tunnel(
+                notify_ticket = models.TicketStore.create_for_tunnel(
                    userService=user_service,
                    port=port,
                    host=host,
@ -139,7 +139,7 @@ class TunnelTicket(Handler):
                    },
                    validity=MAX_SESSION_LENGTH,
                )
-                data = {'host': host, 'port': port, 'notify': notifyTicket, 'key': key}
+                data = {'host': host, 'port': port, 'notify': notify_ticket, 'tunnel_key': key}

            return data
        except Exception as e:
--- a/server/src/uds/dispatchers/guacamole/views.py
+++ b/server/src/uds/dispatchers/guacamole/views.py
@ -61,7 +61,7 @@ def dict2resp(dct: collections.abc.Mapping[typing.Any, typing.Any]) -> str:

@auth.needs_trusted_source
 def guacamole(request: ExtendedHttpRequestWithUser, token: str, tunnelId: str) -> HttpResponse:
-    if not Server.validate_token(token, serverType=types.servers.ServerType.TUNNEL):
+    if not Server.validate_token(token, server_type=types.servers.ServerType.TUNNEL):
        logger.error('Invalid token %s from %s', token, request.ip)
        return HttpResponse(ERROR, content_type=CONTENT_TYPE)
    logger.debug('Received credentials request for tunnel id %s', tunnelId)
--- a/server/src/uds/models/servers.py
+++ b/server/src/uds/models/servers.py
@ -348,7 +348,8 @@ class Server(UUIDModel, TaggingMixin, properties.PropertiesMixin):
    @staticmethod
    def validate_token(
        token: str,
-        serverType: typing.Union[collections.abc.Iterable[types.servers.ServerType], types.servers.ServerType],
+        *,
+        server_type: typing.Union[collections.abc.Iterable[types.servers.ServerType], types.servers.ServerType],
        request: typing.Optional[ExtendedHttpRequest] = None,
    ) -> bool:
        """Ensures that a token is valid for a server type
@ -366,10 +367,10 @@ class Server(UUIDModel, TaggingMixin, properties.PropertiesMixin):
        """
        # Ensure token is valid for a kind
        try:
-            if isinstance(serverType, types.servers.ServerType):
-                tt = Server.objects.get(token=token, type=serverType.value)
+            if isinstance(server_type, types.servers.ServerType):
+                tt = Server.objects.get(token=token, type=server_type.value)
            else:
-                tt = Server.objects.get(token=token, type__in=[st.value for st in serverType])
+                tt = Server.objects.get(token=token, type__in=[st.value for st in server_type])
            # We could check the request ip here
            if request and request.ip != tt.ip:
                raise Exception('Invalid ip')
--- a/server/src/uds/static/modern/translations-fakejs.js
+++ b/server/src/uds/static/modern/translations-fakejs.js
@ -11,7 +11,7 @@ gettext("Launcher");
 gettext("Service is in maintenance and cannot be launched");
 gettext("This service is currently not accesible due to schedule restrictions.");
 gettext("Service message");
-gettext("Press "Yes" to continue, or "No" to cancel");
+gettext("Press \"Yes\" to continue, or \"No\" to cancel");
 gettext("Release service: ");
 gettext("Reset service: ");
 gettext("Service released");