Skip to content

Commit

Permalink
Fixes debug app auth checking by adding requestHash
Browse files Browse the repository at this point in the history
  • Loading branch information
asyed94 committed Sep 5, 2024
1 parent d108e9d commit e34f7fb
Show file tree
Hide file tree
Showing 6 changed files with 56 additions and 15 deletions.
29 changes: 29 additions & 0 deletions .vscode/launch.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
{
// Use IntelliSense to learn about possible attributes.
// Hover to view descriptions of existing attributes.
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
"version": "0.2.0",
"configurations": [
{
"name": "Attach by Process ID",
"processId": "${command:PickProcess}",
"request": "attach",
"skipFiles": [
"<node_internals>/**"
],
"type": "node"
},
{
"type": "node",
"request": "launch",
"name": "Launch Program",
"skipFiles": [
"<node_internals>/**"
],
"program": "${workspaceFolder}/src/middlewares/debugMiddleware.ts",
"outFiles": [
"${workspaceFolder}/**/*.js"
]
}
]
}
8 changes: 7 additions & 1 deletion package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions package.json
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
"@hapi/sntp": "^4.0.0",
"@shardus/archiver-discovery": "1.1.0",
"@shardus/crypto-utils": "4.1.3",
"@shardus/types": "1.2.18",
"axios": "1.6.1",
"better-sqlite3": "7.6.2",
"body-parser": "1.19.0",
Expand Down
11 changes: 10 additions & 1 deletion src/middlewares/debugMiddleware.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import { nestedCountersInstance } from '../utils/nestedCounters'
import { rateLimit } from 'express-rate-limit'
import { DevSecurityLevel } from '../types'
import { RequestHandler } from 'express'
import { Utils } from '@shardus/types'

const MAX_COUNTER_BUFFER_MILLISECONDS = 10000
let lastCounter = 0
Expand Down Expand Up @@ -48,9 +49,14 @@ export function handleDebugAuth(_req: any, res: any, next: any, authLevel: any)
const requestSig = _req.query.sig
// Check if signature is valid for any of the public keys
for (const ownerPk in devPublicKeys) {
let sigObj = {
const message = {
route: _req.route.path,
count: String(_req.query.sig_counter),
}
const sigObj = {
route: _req.route.path,
count: String(_req.query.sig_counter),
requestHash: crypto.hash(Utils.safeStringify(message)),
sign: { owner: ownerPk, sig: requestSig },
}
//reguire a larger counter than before. This prevents replay attacks
Expand Down Expand Up @@ -88,16 +94,19 @@ export function handleDebugAuth(_req: any, res: any, next: any, authLevel: any)
// Middleware for low security level
export const isDebugModeMiddlewareLow = (_req: any, res: any, next: any) => {
handleDebugAuth(_req, res, next, DevSecurityLevel.Low)
return
}

// Middleware for medium security level
export const isDebugModeMiddlewareMedium = (_req: any, res: any, next: any) => {
handleDebugAuth(_req, res, next, DevSecurityLevel.Medium)
return
}

// Middleware for high security level
export const isDebugModeMiddlewareHigh = (_req: any, res: any, next: any) => {
handleDebugAuth(_req, res, next, DevSecurityLevel.High)
return
}

export function rateLimitedDebugAuth(middleware: RequestHandler) {
Expand Down
19 changes: 7 additions & 12 deletions src/server.ts
Original file line number Diff line number Diff line change
Expand Up @@ -116,40 +116,35 @@ app.get('/api/subscribe', rateLimitedDebugAuth(isDebugModeMiddlewareLow), (req:
const query = req.query
if (!query || !query.ip || !query.port) {
console.log('Invalid ip or port')
return res.end('Invalid ip or port')
return res.send('Invalid ip or port')
}
const ip = query.ip.toString() || '127.0.0.1'
const port = parseInt(query.port.toString()) || 9001
if (changeNode(ip, port)) {
return res.end(`Successfully changed to ${ip}:${port}`)
return res.send(`Successfully changed to ${ip}:${port}`)

Check failure

Code scanning / CodeQL

Reflected cross-site scripting High

Cross-site scripting vulnerability due to a
user-provided value
.
} else {
return res.end('Invalid ip or port')
return res.send('Invalid ip or port')
}
})

app.get('/counts', rateLimitedDebugAuth(isDebugModeMiddlewareLow), (req: Request, res: Response) => {
console.log("HIT COUNTS")
app.get('/counts', isDebugModeMiddlewareLow, (req: Request, res: Response) => {

Check failure

Code scanning / CodeQL

Missing rate limiting High

This route handler performs
authorization
, but is not rate-limited.
This route handler performs
authorization
, but is not rate-limited.
nestedCountersInstance.countEvent('api', 'counts')
const arrayReport = nestedCountersInstance.arrayitizeAndSort(nestedCountersInstance.eventCounters)
if (req.headers.accept === 'application/json') {
res.setHeader('Content-Type', 'application/json')
res.json({
return res.json({
timestamp: Date.now(),
report: arrayReport,
})
res.end()
} else {
// This returns the counts to the caller
nestedCountersInstance.printArrayReport(arrayReport, res, 0)
res.write(`Counts at time: ${Date.now()}\n`)
res.end()
return res.send(`Counts at time: ${Date.now()}\n`)
}
})

app.get('/counts-reset', rateLimitedDebugAuth(isDebugModeMiddlewareLow), (req: Request, res: Response) => {
nestedCountersInstance.eventCounters = new Map()
res.write(`counts reset ${Date.now()}`)
res.end()
res.send(`counts reset ${Date.now()}`)
})

const requestersList = new RequestersList(blackList, spammerList)
Expand Down
3 changes: 2 additions & 1 deletion tsconfig.json
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@
"esModuleInterop": true /* Emit additional JavaScript to ease support for importing CommonJS modules. This enables `allowSyntheticDefaultImports` for type compatibility. */,
"forceConsistentCasingInFileNames": true /* Ensure that casing is correct in imports. */,
"strict": true /* Enable all strict type-checking options. */,
"skipLibCheck": true /* Skip type checking all .d.ts files. */
"skipLibCheck": true /* Skip type checking all .d.ts files. */,
"sourceMap": true
}
}

0 comments on commit e34f7fb

Please sign in to comment.