bigbluebutton-Github/bbb-graphql-middleware/internal/bbb_web/client.go

package bbb_web

import (
	"bbb-graphql-middleware/config"
	"encoding/json"
	"fmt"
	log "github.com/sirupsen/logrus"
	"io/ioutil"
	"net/http"
	"net/http/cookiejar"
	"strings"
)

// authHookUrl is the authentication hook URL obtained from an environment variable.
var authHookUrl = config.GetConfig().AuthHook.Url

func BBBWebCheckAuthorization(browserConnectionId string, sessionToken string, cookies []*http.Cookie) (string, string, error) {
	logger := log.WithField("_routine", "BBBWebClient").WithField("browserConnectionId", browserConnectionId)
	logger.Debug("Starting BBBWebClient")
	defer logger.Debug("Finished BBBWebClient")

	// Create a new HTTP client with a cookie jar.
	jar, err := cookiejar.New(nil)
	if err != nil {
		return "", "", fmt.Errorf("failed to create cookie jar: %v", err)
	}
	client := &http.Client{Jar: jar}

	// Check if the authentication hook URL is set.
	if authHookUrl == "" {
		return "", "", fmt.Errorf("BBB_GRAPHQL_MIDDLEWARE_AUTH_HOOK_URL not set")
	}

	// Create a new HTTP request to the authentication hook URL.
	req, err := http.NewRequest("GET", authHookUrl, nil)
	if err != nil {
		return "", "", err
	}

	// Add cookies to the request.
	for _, cookie := range cookies {
		req.AddCookie(cookie)
	}

	// Execute the HTTP request to obtain user session variables (like X-Hasura-Role)
	//req.Header.Set("x-original-uri", authHookUrl+"?sessionToken="+sessionToken)
	req.Header.Set("x-session-token", sessionToken)
	//req.Header.Set("User-Agent", "hasura-graphql-engine")
	resp, err := client.Do(req)
	if err != nil {
		return "", "", err
	}
	defer resp.Body.Close()

	respBody, err := ioutil.ReadAll(resp.Body)
	if err != nil {
		return "", "", err
	}

	log.Trace(string(respBody))

	var respBodyAsMap map[string]string
	if err := json.Unmarshal(respBody, &respBodyAsMap); err != nil {
		return "", "", err
	}

	// Check the response status.
	response, ok := respBodyAsMap["response"]
	if !ok {
		return "", "", fmt.Errorf("response key not found in the parsed object")
	}
	if response != "authorized" {
		logger.Error(response)
		return "", "", fmt.Errorf("user not authorized")
	}

	// Normalize the response header keys.
	normalizedResponse := make(map[string]string)
	for key, value := range respBodyAsMap {
		if strings.HasPrefix(strings.ToLower(key), "x-") {
			normalizedResponse[strings.ToLower(key)] = value
		}
	}

	var userId string
	var meetingId string

	//Get userId and meetingId from response Header
	for key, value := range normalizedResponse {
		log.Debug("%s: %s\n", key, value)

		if key == "x-userid" {
			userId = value
		}

		if key == "x-meetingid" {
			meetingId = value
		}
	}

	return meetingId, userId, nil
}
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`package bbb_web`

			`import (`
refactor (build/gql-middleware): Introduce config as a yml file (#20992) * Introduce Gql-Middleware config as a yml file * use path /usr/share/bbb-graphql-middleware/ instead of /usr/local/bigbluebutton/bbb-graphql-middleware * remove /etc/default/bbb-graphql-middleware file 2024-08-30 05:40:52 +08:00			`"bbb-graphql-middleware/config"`
Big refactor on Graphql authentication 2024-07-11 05:30:01 +08:00			`"encoding/json"`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`"fmt"`
Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00			`log "github.com/sirupsen/logrus"`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`"io/ioutil"`
			`"net/http"`
			`"net/http/cookiejar"`
Big refactor on Graphql authentication 2024-07-11 05:30:01 +08:00			`"strings"`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`)`

improve code 2024-05-02 22:06:37 +08:00			`// authHookUrl is the authentication hook URL obtained from an environment variable.`
refactor (build/gql-middleware): Introduce config as a yml file (#20992) * Introduce Gql-Middleware config as a yml file * use path /usr/share/bbb-graphql-middleware/ instead of /usr/local/bigbluebutton/bbb-graphql-middleware * remove /etc/default/bbb-graphql-middleware file 2024-08-30 05:40:52 +08:00			`var authHookUrl = config.GetConfig().AuthHook.Url`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00
middleware: Better validation on check authorization (#20597) 2024-06-29 03:53:11 +08:00			`func BBBWebCheckAuthorization(browserConnectionId string, sessionToken string, cookies []*http.Cookie) (string, string, error) {`
Refactor (gql-middleware): Introduces `clientSessionUUID` and validations (error handling) (#20353) 2024-05-30 04:43:17 +08:00			`logger := log.WithField("_routine", "BBBWebClient").WithField("browserConnectionId", browserConnectionId)`
improve code 2024-05-02 22:06:37 +08:00			`logger.Debug("Starting BBBWebClient")`
			`defer logger.Debug("Finished BBBWebClient")`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00
improve code 2024-05-02 22:06:37 +08:00			`// Create a new HTTP client with a cookie jar.`
			`jar, err := cookiejar.New(nil)`
			`if err != nil {`
Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00			`return "", "", fmt.Errorf("failed to create cookie jar: %v", err)`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`}`
improve code 2024-05-02 22:06:37 +08:00			`client := &http.Client{Jar: jar}`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00
improve code 2024-05-02 22:06:37 +08:00			`// Check if the authentication hook URL is set.`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`if authHookUrl == "" {`
Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00			`return "", "", fmt.Errorf("BBB_GRAPHQL_MIDDLEWARE_AUTH_HOOK_URL not set")`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`}`

improve code 2024-05-02 22:06:37 +08:00			`// Create a new HTTP request to the authentication hook URL.`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`req, err := http.NewRequest("GET", authHookUrl, nil)`
			`if err != nil {`
Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00			`return "", "", err`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`}`

improve code 2024-05-02 22:06:37 +08:00			`// Add cookies to the request.`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`for _, cookie := range cookies {`
			`req.AddCookie(cookie)`
			`}`

improve code 2024-05-02 22:06:37 +08:00			`// Execute the HTTP request to obtain user session variables (like X-Hasura-Role)`
Big refactor on Graphql authentication 2024-07-11 05:30:01 +08:00			`//req.Header.Set("x-original-uri", authHookUrl+"?sessionToken="+sessionToken)`
			`req.Header.Set("x-session-token", sessionToken)`
Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00			`//req.Header.Set("User-Agent", "hasura-graphql-engine")`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`resp, err := client.Do(req)`
			`if err != nil {`
Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00			`return "", "", err`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`}`
			`defer resp.Body.Close()`

improve code 2024-05-02 22:06:37 +08:00			`respBody, err := ioutil.ReadAll(resp.Body)`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`if err != nil {`
Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00			`return "", "", err`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`}`

Big refactor on Graphql authentication 2024-07-11 05:30:01 +08:00			`log.Trace(string(respBody))`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00
Big refactor on Graphql authentication 2024-07-11 05:30:01 +08:00			`var respBodyAsMap map[string]string`
			`if err := json.Unmarshal(respBody, &respBodyAsMap); err != nil {`
			`return "", "", err`
			`}`

			`// Check the response status.`
			`response, ok := respBodyAsMap["response"]`
			`if !ok {`
			`return "", "", fmt.Errorf("response key not found in the parsed object")`
			`}`
			`if response != "authorized" {`
			`logger.Error(response)`
			`return "", "", fmt.Errorf("user not authorized")`
			`}`

			`// Normalize the response header keys.`
			`normalizedResponse := make(map[string]string)`
			`for key, value := range respBodyAsMap {`
			`if strings.HasPrefix(strings.ToLower(key), "x-") {`
			`normalizedResponse[strings.ToLower(key)] = value`
			`}`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`}`

Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00			`var userId string`
			`var meetingId string`

			`//Get userId and meetingId from response Header`
Big refactor on Graphql authentication 2024-07-11 05:30:01 +08:00			`for key, value := range normalizedResponse {`
			`log.Debug("%s: %s\n", key, value)`
Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00
Big refactor on Graphql authentication 2024-07-11 05:30:01 +08:00			`if key == "x-userid" {`
			`userId = value`
			`}`
Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00
Big refactor on Graphql authentication 2024-07-11 05:30:01 +08:00			`if key == "x-meetingid" {`
			`meetingId = value`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`}`
			`}`

Refactor middleware to get user info from akka-apps api (#20491) 2024-06-15 00:43:05 +08:00			`return meetingId, userId, nil`
Graphql-middleware itself will handle mutations and forward to Graphql-actions 2024-05-02 21:45:32 +08:00			`}`