Mirrors/overte-lubosz
3
0
Fork 0
mirror of https://github.com/lubosz/overte.git synced 2025-08-08 03:48:38 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

preload the public keys for allowed users to allow immediate connection

Browse source
This commit is contained in:
Stephen Birarda 2014-10-15 10:21:11 -07:00
parent 1613b16a93
commit 9a3ba972e1
2 changed files with 37 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
domain-server/src/DomainServer.cpp
View file

@ -81,6 +81,9 @@ DomainServer::DomainServer(int argc, char* argv[]) :
// setup automatic networking settings with data server // setup automatic networking settings with data server
setupAutomaticNetworking(); setupAutomaticNetworking();
// preload some user public keys so they can connect on first request
preloadAllowedUserPublicKeys();
} }
} }
@ -508,8 +511,6 @@ void DomainServer::populateDefaultStaticAssignmentsExcludingTypes(const QSet<Ass
} }
} }
const QString ALLOWED_USERS_SETTINGS_KEYPATH = "security.allowed_users";
const NodeSet STATICALLY_ASSIGNED_NODES = NodeSet() << NodeType::AudioMixer const NodeSet STATICALLY_ASSIGNED_NODES = NodeSet() << NodeType::AudioMixer
<< NodeType::AvatarMixer << NodeType::VoxelServer << NodeType::ParticleServer << NodeType::EntityServer << NodeType::AvatarMixer << NodeType::VoxelServer << NodeType::ParticleServer << NodeType::EntityServer
<< NodeType::MetavoxelServer; << NodeType::MetavoxelServer;
@ -609,6 +610,8 @@ void DomainServer::handleConnectRequest(const QByteArray& packet, const HifiSock
} }
} }
const QString ALLOWED_USERS_SETTINGS_KEYPATH = "security.allowed_users";
bool DomainServer::shouldAllowConnectionFromNode(const QString& username, bool DomainServer::shouldAllowConnectionFromNode(const QString& username,
const QByteArray& usernameSignature, const QByteArray& usernameSignature,
const HifiSockAddr& senderSockAddr) { const HifiSockAddr& senderSockAddr) {
@ -664,17 +667,7 @@ bool DomainServer::shouldAllowConnectionFromNode(const QString& username,
} }
} }
// even if we have a public key for them right now, request a new one in case it has just changed requestUserPublicKey(username);
JSONCallbackParameters callbackParams;
callbackParams.jsonCallbackReceiver = this;
callbackParams.jsonCallbackMethod = "publicKeyJSONCallback";
const QString USER_PUBLIC_KEY_PATH = "api/v1/users/%1/public_key";
qDebug() << "Requesting public key for user" << username;
AccountManager::getInstance().unauthenticatedRequest(USER_PUBLIC_KEY_PATH.arg(username),
QNetworkAccessManager::GetOperation, callbackParams);
} }
} }
} else { } else {
@ -685,6 +678,33 @@ bool DomainServer::shouldAllowConnectionFromNode(const QString& username,
return false; return false;
} }
void DomainServer::preloadAllowedUserPublicKeys() {
const QVariant* allowedUsersVariant = valueForKeyPath(_settingsManager.getSettingsMap(), ALLOWED_USERS_SETTINGS_KEYPATH);
QStringList allowedUsers = allowedUsersVariant ? allowedUsersVariant->toStringList() : QStringList();
if (allowedUsers.size() > 0) {
// in the future we may need to limit how many requests here - for now assume that lists of allowed users are not
// going to create > 100 requests
foreach(const QString& username, allowedUsers) {
requestUserPublicKey(username);
}
}
}
void DomainServer::requestUserPublicKey(const QString& username) {
// even if we have a public key for them right now, request a new one in case it has just changed
JSONCallbackParameters callbackParams;
callbackParams.jsonCallbackReceiver = this;
callbackParams.jsonCallbackMethod = "publicKeyJSONCallback";
const QString USER_PUBLIC_KEY_PATH = "api/v1/users/%1/public_key";
qDebug() << "Requesting public key for user" << username;
AccountManager::getInstance().unauthenticatedRequest(USER_PUBLIC_KEY_PATH.arg(username),
QNetworkAccessManager::GetOperation, callbackParams);
}
QUrl DomainServer::oauthRedirectURL() { QUrl DomainServer::oauthRedirectURL() {
return QString("https://%1:%2/oauth").arg(_hostname).arg(_httpsManager->serverPort()); return QString("https://%1:%2/oauth").arg(_hostname).arg(_httpsManager->serverPort());
} }

4
domain-server/src/DomainServer.h
View file

@ -85,6 +85,10 @@ private:
void handleConnectRequest(const QByteArray& packet, const HifiSockAddr& senderSockAddr); void handleConnectRequest(const QByteArray& packet, const HifiSockAddr& senderSockAddr);
bool shouldAllowConnectionFromNode(const QString& username, const QByteArray& usernameSignature, bool shouldAllowConnectionFromNode(const QString& username, const QByteArray& usernameSignature,
const HifiSockAddr& senderSockAddr); const HifiSockAddr& senderSockAddr);
void preloadAllowedUserPublicKeys();
void requestUserPublicKey(const QString& username);
int parseNodeDataFromByteArray(QDataStream& packetStream, int parseNodeDataFromByteArray(QDataStream& packetStream,
NodeType_t& nodeType, NodeType_t& nodeType,
HifiSockAddr& publicSockAddr, HifiSockAddr& publicSockAddr,