Acasă Explorează Ajutor
Autentificare
mirrors
/
ntfy
oglindă de https://github.com/binwiederhier/ntfy
1
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Arbore: 37d71051de
Ramuri Etichete
ntfy
/
server
/
server_webpush.go

server_webpush.go 6.0 KB
Istoric Crud

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177 
  1. //go:build !nowebpush
    2. 

  2. 

  3. package server
    4. 

  4. 

  5. import (
    6. 

  6. 	"encoding/json"
    7. 

  7. 	"fmt"
    8. 

  8. 	"net/http"
    9. 

  9. 	"regexp"
    10. 

  10. 	"strings"
    11. 

  11. 

  12. 	"github.com/SherClockHolmes/webpush-go"
    13. 

  13. 	"heckel.io/ntfy/v2/log"
    14. 

  14. 	"heckel.io/ntfy/v2/user"
    15. 

  15. )
    16. 

  16. 

  17. const (
    18. 

  18. 	// WebPushAvailable is a constant used to indicate that WebPush support is available.
    19. 

  19. 	// It can be disabled with the 'nowebpush' build tag.
    20. 

  20. 	WebPushAvailable = true
    21. 

  21. 

  22. 	webPushTopicSubscribeLimit = 50
    23. 

  23. )
    24. 

  24. 

  25. var (
    26. 

  26. 	webPushAllowedEndpointsPatterns = []string{
    27. 

  27. 		"https://*.google.com/",
    28. 

  28. 		"https://*.googleapis.com/",
    29. 

  29. 		"https://*.mozilla.com/",
    30. 

  30. 		"https://*.mozaws.net/",
    31. 

  31. 		"https://*.windows.com/",
    32. 

  32. 		"https://*.microsoft.com/",
    33. 

  33. 		"https://*.apple.com/",
    34. 

  34. 	}
    35. 

  35. 	webPushAllowedEndpointsRegex *regexp.Regexp
    36. 

  36. )
    37. 

  37. 

  38. func init() {
    39. 

  39. 	for i, pattern := range webPushAllowedEndpointsPatterns {
    40. 

  40. 		webPushAllowedEndpointsPatterns[i] = strings.ReplaceAll(strings.ReplaceAll(pattern, ".", "\\."), "*", ".+")
    41. 

  41. 	}
    42. 

  42. 	allPatterns := fmt.Sprintf("^(%s)", strings.Join(webPushAllowedEndpointsPatterns, "|"))
    43. 

  43. 	webPushAllowedEndpointsRegex = regexp.MustCompile(allPatterns)
    44. 

  44. }
    45. 

  45. 

  46. func (s *Server) handleWebPushUpdate(w http.ResponseWriter, r *http.Request, v *visitor) error {
    47. 

  47. 	req, err := readJSONWithLimit[apiWebPushUpdateSubscriptionRequest](r.Body, jsonBodyBytesLimit, false)
    48. 

  48. 	if err != nil || req.Endpoint == "" || req.P256dh == "" || req.Auth == "" {
    49. 

  49. 		return errHTTPBadRequestWebPushSubscriptionInvalid
    50. 

  50. 	} else if !webPushAllowedEndpointsRegex.MatchString(req.Endpoint) {
    51. 

  51. 		return errHTTPBadRequestWebPushEndpointUnknown
    52. 

  52. 	} else if len(req.Topics) > webPushTopicSubscribeLimit {
    53. 

  53. 		return errHTTPBadRequestWebPushTopicCountTooHigh
    54. 

  54. 	}
    55. 

  55. 	topics, err := s.topicsFromIDs(req.Topics...)
    56. 

  56. 	if err != nil {
    57. 

  57. 		return err
    58. 

  58. 	}
    59. 

  59. 	if s.userManager != nil {
    60. 

  60. 		u := v.User()
    61. 

  61. 		for _, t := range topics {
    62. 

  62. 			if err := s.userManager.Authorize(u, t.ID, user.PermissionRead); err != nil {
    63. 

  63. 				logvr(v, r).With(t).Err(err).Debug("Access to topic %s not authorized", t.ID)
    64. 

  64. 				return errHTTPForbidden.With(t)
    65. 

  65. 			}
    66. 

  66. 		}
    67. 

  67. 	}
    68. 

  68. 	if err := s.webPush.UpsertSubscription(req.Endpoint, req.Auth, req.P256dh, v.MaybeUserID(), v.IP(), req.Topics); err != nil {
    69. 

  69. 		return err
    70. 

  70. 	}
    71. 

  71. 	return s.writeJSON(w, newSuccessResponse())
    72. 

  72. }
    73. 

  73. 

  74. func (s *Server) handleWebPushDelete(w http.ResponseWriter, r *http.Request, _ *visitor) error {
    75. 

  75. 	req, err := readJSONWithLimit[apiWebPushUpdateSubscriptionRequest](r.Body, jsonBodyBytesLimit, false)
    76. 

  76. 	if err != nil || req.Endpoint == "" {
    77. 

  77. 		return errHTTPBadRequestWebPushSubscriptionInvalid
    78. 

  78. 	}
    79. 

  79. 	if err := s.webPush.RemoveSubscriptionsByEndpoint(req.Endpoint); err != nil {
    80. 

  80. 		return err
    81. 

  81. 	}
    82. 

  82. 	return s.writeJSON(w, newSuccessResponse())
    83. 

  83. }
    84. 

  84. 

  85. func (s *Server) publishToWebPushEndpoints(v *visitor, m *message) {
    86. 

  86. 	subscriptions, err := s.webPush.SubscriptionsForTopic(m.Topic)
    87. 

  87. 	if err != nil {
    88. 

  88. 		logvm(v, m).Err(err).With(v, m).Warn("Unable to publish web push messages")
    89. 

  89. 		return
    90. 

  90. 	}
    91. 

  91. 	log.Tag(tagWebPush).With(v, m).Debug("Publishing web push message to %d subscribers", len(subscriptions))
    92. 

  92. 	payload, err := json.Marshal(newWebPushPayload(fmt.Sprintf("%s/%s", s.config.BaseURL, m.Topic), m.forJSON()))
    93. 

  93. 	if err != nil {
    94. 

  94. 		log.Tag(tagWebPush).Err(err).With(v, m).Warn("Unable to marshal expiring payload")
    95. 

  95. 		return
    96. 

  96. 	}
    97. 

  97. 	for _, subscription := range subscriptions {
    98. 

  98. 		if err := s.sendWebPushNotification(subscription, payload, v, m); err != nil {
    99. 

  99. 			log.Tag(tagWebPush).Err(err).With(v, m, subscription).Warn("Unable to publish web push message")
    100. 

  100. 		}
    101. 

  101. 	}
    102. 

  102. }
    103. 

  103. 

  104. func (s *Server) pruneAndNotifyWebPushSubscriptions() {
    105. 

  105. 	if s.config.WebPushPublicKey == "" {
    106. 

  106. 		return
    107. 

  107. 	}
    108. 

  108. 	go func() {
    109. 

  109. 		if err := s.pruneAndNotifyWebPushSubscriptionsInternal(); err != nil {
    110. 

  110. 			log.Tag(tagWebPush).Err(err).Warn("Unable to prune or notify web push subscriptions")
    111. 

  111. 		}
    112. 

  112. 	}()
    113. 

  113. }
    114. 

  114. 

  115. func (s *Server) pruneAndNotifyWebPushSubscriptionsInternal() error {
    116. 

  116. 	// Expire old subscriptions
    117. 

  117. 	if err := s.webPush.RemoveExpiredSubscriptions(s.config.WebPushExpiryDuration); err != nil {
    118. 

  118. 		return err
    119. 

  119. 	}
    120. 

  120. 	// Notify subscriptions that will expire soon
    121. 

  121. 	subscriptions, err := s.webPush.SubscriptionsExpiring(s.config.WebPushExpiryWarningDuration)
    122. 

  122. 	if err != nil {
    123. 

  123. 		return err
    124. 

  124. 	} else if len(subscriptions) == 0 {
    125. 

  125. 		return nil
    126. 

  126. 	}
    127. 

  127. 	payload, err := json.Marshal(newWebPushSubscriptionExpiringPayload())
    128. 

  128. 	if err != nil {
    129. 

  129. 		return err
    130. 

  130. 	}
    131. 

  131. 	warningSent := make([]*webPushSubscription, 0)
    132. 

  132. 	for _, subscription := range subscriptions {
    133. 

  133. 		if err := s.sendWebPushNotification(subscription, payload); err != nil {
    134. 

  134. 			log.Tag(tagWebPush).Err(err).With(subscription).Warn("Unable to publish expiry imminent warning")
    135. 

  135. 			continue
    136. 

  136. 		}
    137. 

  137. 		warningSent = append(warningSent, subscription)
    138. 

  138. 	}
    139. 

  139. 	if err := s.webPush.MarkExpiryWarningSent(warningSent); err != nil {
    140. 

  140. 		return err
    141. 

  141. 	}
    142. 

  142. 	log.Tag(tagWebPush).Debug("Expired old subscriptions and published %d expiry imminent warnings", len(subscriptions))
    143. 

  143. 	return nil
    144. 

  144. }
    145. 

  145. 

  146. func (s *Server) sendWebPushNotification(sub *webPushSubscription, message []byte, contexters ...log.Contexter) error {
    147. 

  147. 	log.Tag(tagWebPush).With(sub).With(contexters...).Debug("Sending web push message")
    148. 

  148. 	payload := &webpush.Subscription{
    149. 

  149. 		Endpoint: sub.Endpoint,
    150. 

  150. 		Keys: webpush.Keys{
    151. 

  151. 			Auth:   sub.Auth,
    152. 

  152. 			P256dh: sub.P256dh,
    153. 

  153. 		},
    154. 

  154. 	}
    155. 

  155. 	resp, err := webpush.SendNotification(message, payload, &webpush.Options{
    156. 

  156. 		Subscriber:      s.config.WebPushEmailAddress,
    157. 

  157. 		VAPIDPublicKey:  s.config.WebPushPublicKey,
    158. 

  158. 		VAPIDPrivateKey: s.config.WebPushPrivateKey,
    159. 

  159. 		Urgency:         webpush.UrgencyHigh, // iOS requires this to ensure delivery
    160. 

  160. 		TTL:             int(s.config.CacheDuration.Seconds()),
    161. 

  161. 	})
    162. 

  162. 	if err != nil {
    163. 

  163. 		log.Tag(tagWebPush).With(sub).With(contexters...).Err(err).Debug("Unable to publish web push message, removing endpoint")
    164. 

  164. 		if err := s.webPush.RemoveSubscriptionsByEndpoint(sub.Endpoint); err != nil {
    165. 

  165. 			return err
    166. 

  166. 		}
    167. 

  167. 		return err
    168. 

  168. 	}
    169. 

  169. 	if (resp.StatusCode < 200 || resp.StatusCode > 299) && resp.StatusCode != 429 {
    170. 

  170. 		log.Tag(tagWebPush).With(sub).With(contexters...).Field("response_code", resp.StatusCode).Debug("Unable to publish web push message, unexpected response")
    171. 

  171. 		if err := s.webPush.RemoveSubscriptionsByEndpoint(sub.Endpoint); err != nil {
    172. 

  172. 			return err
    173. 

  173. 		}
    174. 

  174. 		return errHTTPInternalErrorWebPushUnableToPublish.With(sub).With(contexters...)
    175. 

  175. 	}
    176. 

  176. 	return nil
    177. 

  177. }
    178.