hailey.at / cocoon
An atproto PDS written in Go
fork atom

Compare changes

Choose any two refs to compare.

options
unified split
Changed files
+158 -108
internal
db
db.go
oauth
dpop
manager.go
provider
client_auth.go
models.go
server
handle_import_repo.go
handle_oauth_authorize.go
handle_oauth_par.go
handle_server_delete_account.go
server.go
sqlite_blockstore
sqlite_blockstore.go
+3 -21
internal/db/db.go
··· 2 3 import ( 4 "context" 5 - "sync" 6 7 "gorm.io/gorm" 8 "gorm.io/gorm/clause" ··· 10 11 type DB struct { 12 cli *gorm.DB 13 - mu sync.Mutex 14 } 15 16 func NewDB(cli *gorm.DB) *DB { 17 return &DB{ 18 cli: cli, 19 - mu: sync.Mutex{}, 20 } 21 } 22 23 func (db *DB) Create(ctx context.Context, value any, clauses []clause.Expression) *gorm.DB { 24 - db.mu.Lock() 25 - defer db.mu.Unlock() 26 return db.cli.WithContext(ctx).Clauses(clauses...).Create(value) 27 } 28 29 func (db *DB) Save(ctx context.Context, value any, clauses []clause.Expression) *gorm.DB { 30 - db.mu.Lock() 31 - defer db.mu.Unlock() 32 return db.cli.WithContext(ctx).Clauses(clauses...).Save(value) 33 } 34 35 func (db *DB) Exec(ctx context.Context, sql string, clauses []clause.Expression, values ...any) *gorm.DB { 36 - db.mu.Lock() 37 - defer db.mu.Unlock() 38 return db.cli.WithContext(ctx).Clauses(clauses...).Exec(sql, values...) 39 } 40 ··· 47 } 48 49 func (db *DB) Delete(ctx context.Context, value any, clauses []clause.Expression) *gorm.DB { 50 - db.mu.Lock() 51 - defer db.mu.Unlock() 52 return db.cli.WithContext(ctx).Clauses(clauses...).Delete(value) 53 } 54 ··· 56 return db.cli.WithContext(ctx).First(dest, conds...) 57 } 58 59 - // TODO: this isn't actually good. we can commit even if the db is locked here. this is probably okay for the time being, but need to figure 60 - // out a better solution. right now we only do this whenever we're importing a repo though so i'm mostly not worried, but it's still bad. 61 - // e.g. when we do apply writes we should also be using a transcation but we don't right now 62 - func (db *DB) BeginDangerously(ctx context.Context) *gorm.DB { 63 return db.cli.WithContext(ctx).Begin() 64 } 65 66 - func (db *DB) Lock() { 67 - db.mu.Lock() 68 - } 69 - 70 - func (db *DB) Unlock() { 71 - db.mu.Unlock() 72 }
··· 2 3 import ( 4 "context" 5 6 "gorm.io/gorm" 7 "gorm.io/gorm/clause" ··· 9 10 type DB struct { 11 cli *gorm.DB 12 } 13 14 func NewDB(cli *gorm.DB) *DB { 15 return &DB{ 16 cli: cli, 17 } 18 } 19 20 func (db *DB) Create(ctx context.Context, value any, clauses []clause.Expression) *gorm.DB { 21 return db.cli.WithContext(ctx).Clauses(clauses...).Create(value) 22 } 23 24 func (db *DB) Save(ctx context.Context, value any, clauses []clause.Expression) *gorm.DB { 25 return db.cli.WithContext(ctx).Clauses(clauses...).Save(value) 26 } 27 28 func (db *DB) Exec(ctx context.Context, sql string, clauses []clause.Expression, values ...any) *gorm.DB { 29 return db.cli.WithContext(ctx).Clauses(clauses...).Exec(sql, values...) 30 } 31 ··· 38 } 39 40 func (db *DB) Delete(ctx context.Context, value any, clauses []clause.Expression) *gorm.DB { 41 return db.cli.WithContext(ctx).Clauses(clauses...).Delete(value) 42 } 43 ··· 45 return db.cli.WithContext(ctx).First(dest, conds...) 46 } 47 48 + func (db *DB) Begin(ctx context.Context) *gorm.DB { 49 return db.cli.WithContext(ctx).Begin() 50 } 51 52 + func (db *DB) Client() *gorm.DB { 53 + return db.cli 54 }
+4 -4
oauth/dpop/manager.go
··· 75 } 76 77 proof := extractProof(headers) 78 - 79 if proof == "" { 80 return nil, nil 81 } ··· 197 198 nonce, _ := claims["nonce"].(string) 199 if nonce == "" { 200 - // WARN: this _must_ be `use_dpop_nonce` for clients know they should make another request 201 return nil, ErrUseDpopNonce 202 } 203 204 if nonce != "" && !dm.nonce.Check(nonce) { 205 - // WARN: this _must_ be `use_dpop_nonce` so that clients will fetch a new nonce 206 return nil, ErrUseDpopNonce 207 } 208 ··· 237 } 238 239 func extractProof(headers http.Header) string { 240 - dpopHeaders := headers["Dpop"] 241 switch len(dpopHeaders) { 242 case 0: 243 return ""
··· 75 } 76 77 proof := extractProof(headers) 78 if proof == "" { 79 return nil, nil 80 } ··· 196 197 nonce, _ := claims["nonce"].(string) 198 if nonce == "" { 199 + // reference impl checks if self.nonce is not null before returning an error, but we always have a 200 + // nonce so we do not bother checking 201 return nil, ErrUseDpopNonce 202 } 203 204 if nonce != "" && !dm.nonce.Check(nonce) { 205 + // dpop nonce mismatch 206 return nil, ErrUseDpopNonce 207 } 208 ··· 237 } 238 239 func extractProof(headers http.Header) string { 240 + dpopHeaders := headers.Values("dpop") 241 switch len(dpopHeaders) { 242 case 0: 243 return ""
+3 -3
oauth/provider/client_auth.go
··· 19 } 20 21 type AuthenticateClientRequestBase struct { 22 - ClientID string `form:"client_id" json:"client_id" validate:"required"` 23 - ClientAssertionType *string `form:"client_assertion_type" json:"client_assertion_type,omitempty"` 24 - ClientAssertion *string `form:"client_assertion" json:"client_assertion,omitempty"` 25 } 26 27 func (p *Provider) AuthenticateClient(ctx context.Context, req AuthenticateClientRequestBase, proof *dpop.Proof, opts *AuthenticateClientOptions) (*client.Client, *ClientAuth, error) {
··· 19 } 20 21 type AuthenticateClientRequestBase struct { 22 + ClientID string `form:"client_id" json:"client_id" query:"client_id" validate:"required"` 23 + ClientAssertionType *string `form:"client_assertion_type" json:"client_assertion_type,omitempty" query:"client_assertion_type"` 24 + ClientAssertion *string `form:"client_assertion" json:"client_assertion,omitempty" query:"client_assertion"` 25 } 26 27 func (p *Provider) AuthenticateClient(ctx context.Context, req AuthenticateClientRequestBase, proof *dpop.Proof, opts *AuthenticateClientOptions) (*client.Client, *ClientAuth, error) {
+9 -8
oauth/provider/models.go
··· 32 33 type ParRequest struct { 34 AuthenticateClientRequestBase 35 - ResponseType string `form:"response_type" json:"response_type" validate:"required"` 36 - CodeChallenge *string `form:"code_challenge" json:"code_challenge" validate:"required"` 37 - CodeChallengeMethod string `form:"code_challenge_method" json:"code_challenge_method" validate:"required"` 38 - State string `form:"state" json:"state" validate:"required"` 39 - RedirectURI string `form:"redirect_uri" json:"redirect_uri" validate:"required"` 40 - Scope string `form:"scope" json:"scope" validate:"required"` 41 - LoginHint *string `form:"login_hint" json:"login_hint,omitempty"` 42 - DpopJkt *string `form:"dpop_jkt" json:"dpop_jkt,omitempty"` 43 } 44 45 func (opr *ParRequest) Scan(value any) error {
··· 32 33 type ParRequest struct { 34 AuthenticateClientRequestBase 35 + ResponseType string `form:"response_type" json:"response_type" query:"response_type" validate:"required"` 36 + CodeChallenge *string `form:"code_challenge" json:"code_challenge" query:"code_challenge" validate:"required"` 37 + CodeChallengeMethod string `form:"code_challenge_method" json:"code_challenge_method" query:"code_challenge_method" validate:"required"` 38 + State string `form:"state" json:"state" query:"state" validate:"required"` 39 + RedirectURI string `form:"redirect_uri" json:"redirect_uri" query:"redirect_uri" validate:"required"` 40 + Scope string `form:"scope" json:"scope" query:"scope" validate:"required"` 41 + LoginHint *string `form:"login_hint" query:"login_hint" json:"login_hint,omitempty"` 42 + DpopJkt *string `form:"dpop_jkt" query:"dpop_jkt" json:"dpop_jkt,omitempty"` 43 + ResponseMode *string `form:"response_mode" json:"response_mode,omitempty" query:"response_mode"` 44 } 45 46 func (opr *ParRequest) Scan(value any) error {
+1 -1
server/handle_import_repo.go
··· 66 return helpers.ServerError(e, nil) 67 } 68 69 - tx := s.db.BeginDangerously(ctx) 70 71 clock := syntax.NewTIDClock(0) 72
··· 66 return helpers.ServerError(e, nil) 67 } 68 69 + tx := s.db.Begin(ctx) 70 71 clock := syntax.NewTIDClock(0) 72
+95 -19
server/handle_oauth_authorize.go
··· 1 package server 2 3 import ( 4 "net/url" 5 "strings" 6 "time" ··· 8 "github.com/Azure/go-autorest/autorest/to" 9 "github.com/haileyok/cocoon/internal/helpers" 10 "github.com/haileyok/cocoon/oauth" 11 "github.com/haileyok/cocoon/oauth/provider" 12 "github.com/labstack/echo/v4" 13 ) 14 15 func (s *Server) handleOauthAuthorizeGet(e echo.Context) error { 16 ctx := e.Request().Context() 17 18 - reqUri := e.QueryParam("request_uri") 19 - if reqUri == "" { 20 - // render page for logged out dev 21 - if s.config.Version == "dev" { 22 - return e.Render(200, "authorize.html", map[string]any{ 23 - "Scopes": []string{"atproto", "transition:generic"}, 24 - "AppName": "DEV MODE AUTHORIZATION PAGE", 25 - "Handle": "paula.cocoon.social", 26 - "RequestUri": "", 27 - }) 28 } 29 - return helpers.InputError(e, to.StringPtr("no request uri")) 30 } 31 32 repo, _, err := s.getSessionRepoOrErr(e) 33 if err != nil { 34 return e.Redirect(303, "/account/signin?"+e.QueryParams().Encode()) 35 - } 36 - 37 - reqId, err := oauth.DecodeRequestUri(reqUri) 38 - if err != nil { 39 - return helpers.InputError(e, to.StringPtr(err.Error())) 40 } 41 42 var req provider.OauthAuthorizationRequest ··· 60 data := map[string]any{ 61 "Scopes": scopes, 62 "AppName": appName, 63 - "RequestUri": reqUri, 64 "QueryParams": e.QueryParams().Encode(), 65 "Handle": repo.Actor.Handle, 66 } ··· 129 q.Set("code", code) 130 131 hashOrQuestion := "?" 132 - if authReq.ClientAuth.Method != "private_key_jwt" { 133 - hashOrQuestion = "#" 134 } 135 136 return e.Redirect(303, authReq.Parameters.RedirectURI+hashOrQuestion+q.Encode())
··· 1 package server 2 3 import ( 4 + "fmt" 5 "net/url" 6 "strings" 7 "time" ··· 9 "github.com/Azure/go-autorest/autorest/to" 10 "github.com/haileyok/cocoon/internal/helpers" 11 "github.com/haileyok/cocoon/oauth" 12 + "github.com/haileyok/cocoon/oauth/constants" 13 "github.com/haileyok/cocoon/oauth/provider" 14 "github.com/labstack/echo/v4" 15 ) 16 17 + type HandleOauthAuthorizeGetInput struct { 18 + RequestUri string `query:"request_uri"` 19 + } 20 + 21 func (s *Server) handleOauthAuthorizeGet(e echo.Context) error { 22 ctx := e.Request().Context() 23 24 + logger := s.logger.With("name", "handleOauthAuthorizeGet") 25 + 26 + var input HandleOauthAuthorizeGetInput 27 + if err := e.Bind(&input); err != nil { 28 + logger.Error("error binding request", "err", err) 29 + return fmt.Errorf("error binding request") 30 + } 31 + 32 + var reqId string 33 + if input.RequestUri != "" { 34 + id, err := oauth.DecodeRequestUri(input.RequestUri) 35 + if err != nil { 36 + logger.Error("no request uri found in input", "url", e.Request().URL.String()) 37 + return helpers.InputError(e, to.StringPtr("no request uri")) 38 + } 39 + reqId = id 40 + } else { 41 + var parRequest provider.ParRequest 42 + if err := e.Bind(&parRequest); err != nil { 43 + s.logger.Error("error binding for standard auth request", "error", err) 44 + return helpers.InputError(e, to.StringPtr("InvalidRequest")) 45 + } 46 + 47 + if err := e.Validate(parRequest); err != nil { 48 + // render page for logged out dev 49 + if s.config.Version == "dev" && parRequest.ClientID == "" { 50 + return e.Render(200, "authorize.html", map[string]any{ 51 + "Scopes": []string{"atproto", "transition:generic"}, 52 + "AppName": "DEV MODE AUTHORIZATION PAGE", 53 + "Handle": "paula.cocoon.social", 54 + "RequestUri": "", 55 + }) 56 + } 57 + return helpers.InputError(e, to.StringPtr("no request uri and invalid parameters")) 58 } 59 + 60 + client, clientAuth, err := s.oauthProvider.AuthenticateClient(ctx, parRequest.AuthenticateClientRequestBase, nil, &provider.AuthenticateClientOptions{ 61 + AllowMissingDpopProof: true, 62 + }) 63 + if err != nil { 64 + s.logger.Error("error authenticating client in standard request", "client_id", parRequest.ClientID, "error", err) 65 + return helpers.ServerError(e, to.StringPtr(err.Error())) 66 + } 67 + 68 + if parRequest.DpopJkt == nil { 69 + if client.Metadata.DpopBoundAccessTokens { 70 + } 71 + } else { 72 + if !client.Metadata.DpopBoundAccessTokens { 73 + msg := "dpop bound access tokens are not enabled for this client" 74 + return helpers.InputError(e, &msg) 75 + } 76 + } 77 + 78 + eat := time.Now().Add(constants.ParExpiresIn) 79 + id := oauth.GenerateRequestId() 80 + 81 + authRequest := &provider.OauthAuthorizationRequest{ 82 + RequestId: id, 83 + ClientId: client.Metadata.ClientID, 84 + ClientAuth: *clientAuth, 85 + Parameters: parRequest, 86 + ExpiresAt: eat, 87 + } 88 + 89 + if err := s.db.Create(ctx, authRequest, nil).Error; err != nil { 90 + s.logger.Error("error creating auth request in db", "error", err) 91 + return helpers.ServerError(e, nil) 92 + } 93 + 94 + input.RequestUri = oauth.EncodeRequestUri(id) 95 + reqId = id 96 + 97 } 98 99 repo, _, err := s.getSessionRepoOrErr(e) 100 if err != nil { 101 return e.Redirect(303, "/account/signin?"+e.QueryParams().Encode()) 102 } 103 104 var req provider.OauthAuthorizationRequest ··· 122 data := map[string]any{ 123 "Scopes": scopes, 124 "AppName": appName, 125 + "RequestUri": input.RequestUri, 126 "QueryParams": e.QueryParams().Encode(), 127 "Handle": repo.Actor.Handle, 128 } ··· 191 q.Set("code", code) 192 193 hashOrQuestion := "?" 194 + if authReq.Parameters.ResponseMode != nil { 195 + switch *authReq.Parameters.ResponseMode { 196 + case "fragment": 197 + hashOrQuestion = "#" 198 + case "query": 199 + // do nothing 200 + break 201 + default: 202 + if authReq.Parameters.ResponseType != "code" { 203 + hashOrQuestion = "#" 204 + } 205 + } 206 + } else { 207 + if authReq.Parameters.ResponseType != "code" { 208 + hashOrQuestion = "#" 209 + } 210 } 211 212 return e.Redirect(303, authReq.Parameters.RedirectURI+hashOrQuestion+q.Encode())
+1
server/handle_oauth_par.go
··· 42 e.Response().Header().Set("DPoP-Nonce", nonce) 43 e.Response().Header().Add("access-control-expose-headers", "DPoP-Nonce") 44 } 45 return e.JSON(400, map[string]string{ 46 "error": "use_dpop_nonce", 47 })
··· 42 e.Response().Header().Set("DPoP-Nonce", nonce) 43 e.Response().Header().Add("access-control-expose-headers", "DPoP-Nonce") 44 } 45 + logger.Error("nonce error: use_dpop_nonce", "headers", e.Request().Header) 46 return e.JSON(400, map[string]string{ 47 "error": "use_dpop_nonce", 48 })
+1 -1
server/handle_server_delete_account.go
··· 69 }) 70 } 71 72 - tx := s.db.BeginDangerously(ctx) 73 if tx.Error != nil { 74 logger.Error("error starting transaction", "error", tx.Error) 75 return helpers.ServerError(e, nil)
··· 69 }) 70 } 71 72 + tx := s.db.Begin(ctx) 73 if tx.Error != nil { 74 logger.Error("error starting transaction", "error", tx.Error) 75 return helpers.ServerError(e, nil)
+40 -50
server/server.go
··· 322 if err != nil { 323 return nil, fmt.Errorf("failed to open sqlite database: %w", err) 324 } 325 logger.Info("connected to SQLite database", "path", args.DbName) 326 } 327 dbw := db.NewDB(gdb) ··· 625 626 logger.Info("beginning backup to s3...") 627 628 - var buf bytes.Buffer 629 - if err := func() error { 630 - logger.Info("reading database bytes...") 631 - s.db.Lock() 632 - defer s.db.Unlock() 633 - 634 - sf, err := os.Open(s.dbName) 635 - if err != nil { 636 - return fmt.Errorf("error opening database for backup: %w", err) 637 - } 638 - defer sf.Close() 639 640 - if _, err := io.Copy(&buf, sf); err != nil { 641 - return fmt.Errorf("error reading bytes of backup db: %w", err) 642 - } 643 644 - return nil 645 - }(); err != nil { 646 - logger.Error("error backing up database", "error", err) 647 return 648 } 649 650 - if err := func() error { 651 - logger.Info("sending to s3...") 652 653 - currTime := time.Now().Format("2006-01-02_15-04-05") 654 - key := "cocoon-backup-" + currTime + ".db" 655 656 - config := &aws.Config{ 657 - Region: aws.String(s.s3Config.Region), 658 - Credentials: credentials.NewStaticCredentials(s.s3Config.AccessKey, s.s3Config.SecretKey, ""), 659 - } 660 661 - if s.s3Config.Endpoint != "" { 662 - config.Endpoint = aws.String(s.s3Config.Endpoint) 663 - config.S3ForcePathStyle = aws.Bool(true) 664 - } 665 666 - sess, err := session.NewSession(config) 667 - if err != nil { 668 - return err 669 - } 670 671 - svc := s3.New(sess) 672 673 - if _, err := svc.PutObject(&s3.PutObjectInput{ 674 - Bucket: aws.String(s.s3Config.Bucket), 675 - Key: aws.String(key), 676 - Body: bytes.NewReader(buf.Bytes()), 677 - }); err != nil { 678 - return fmt.Errorf("error uploading file to s3: %w", err) 679 - } 680 - 681 - logger.Info("finished uploading backup to s3", "key", key, "duration", time.Now().Sub(start).Seconds()) 682 - 683 - return nil 684 - }(); err != nil { 685 - logger.Error("error uploading database backup", "error", err) 686 return 687 } 688 689 - os.WriteFile("last-backup.txt", []byte(time.Now().String()), 0644) 690 } 691 692 func (s *Server) backupRoutine() { ··· 721 if err != nil { 722 shouldBackupNow = true 723 } else { 724 - lastBackup, err := time.Parse("2006-01-02 15:04:05.999999999 -0700 MST", string(lastBackupStr)) 725 if err != nil { 726 shouldBackupNow = true 727 - } else if time.Now().Sub(lastBackup).Seconds() > 3600 { 728 shouldBackupNow = true 729 } 730 }
··· 322 if err != nil { 323 return nil, fmt.Errorf("failed to open sqlite database: %w", err) 324 } 325 + gdb.Exec("PRAGMA journal_mode=WAL") 326 + gdb.Exec("PRAGMA synchronous=NORMAL") 327 + 328 logger.Info("connected to SQLite database", "path", args.DbName) 329 } 330 dbw := db.NewDB(gdb) ··· 628 629 logger.Info("beginning backup to s3...") 630 631 + tmpFile := fmt.Sprintf("/tmp/cocoon-backup-%s.db", time.Now().Format(time.RFC3339Nano)) 632 + defer os.Remove(tmpFile) 633 634 + if err := s.db.Client().Exec(fmt.Sprintf("VACUUM INTO '%s'", tmpFile)).Error; err != nil { 635 + logger.Error("error creating tmp backup file", "err", err) 636 + return 637 + } 638 639 + backupData, err := os.ReadFile(tmpFile) 640 + if err != nil { 641 + logger.Error("error reading tmp backup file", "err", err) 642 return 643 } 644 645 + logger.Info("sending to s3...") 646 647 + currTime := time.Now().Format("2006-01-02_15-04-05") 648 + key := "cocoon-backup-" + currTime + ".db" 649 650 + config := &aws.Config{ 651 + Region: aws.String(s.s3Config.Region), 652 + Credentials: credentials.NewStaticCredentials(s.s3Config.AccessKey, s.s3Config.SecretKey, ""), 653 + } 654 655 + if s.s3Config.Endpoint != "" { 656 + config.Endpoint = aws.String(s.s3Config.Endpoint) 657 + config.S3ForcePathStyle = aws.Bool(true) 658 + } 659 660 + sess, err := session.NewSession(config) 661 + if err != nil { 662 + logger.Error("error creating s3 session", "err", err) 663 + return 664 + } 665 666 + svc := s3.New(sess) 667 668 + if _, err := svc.PutObject(&s3.PutObjectInput{ 669 + Bucket: aws.String(s.s3Config.Bucket), 670 + Key: aws.String(key), 671 + Body: bytes.NewReader(backupData), 672 + }); err != nil { 673 + logger.Error("error uploading file to s3", "err", err) 674 return 675 } 676 677 + logger.Info("finished uploading backup to s3", "key", key, "duration", time.Since(start).Seconds()) 678 + 679 + os.WriteFile("last-backup.txt", []byte(time.Now().Format(time.RFC3339Nano)), 0644) 680 } 681 682 func (s *Server) backupRoutine() { ··· 711 if err != nil { 712 shouldBackupNow = true 713 } else { 714 + lastBackup, err := time.Parse(time.RFC3339Nano, string(lastBackupStr)) 715 if err != nil { 716 shouldBackupNow = true 717 + } else if time.Since(lastBackup).Seconds() > 3600 { 718 shouldBackupNow = true 719 } 720 }
+1 -1
sqlite_blockstore/sqlite_blockstore.go
··· 94 } 95 96 func (bs *SqliteBlockstore) PutMany(ctx context.Context, blocks []blocks.Block) error { 97 - tx := bs.db.BeginDangerously(ctx) 98 99 for _, block := range blocks { 100 bs.inserts[block.Cid()] = block
··· 94 } 95 96 func (bs *SqliteBlockstore) PutMany(ctx context.Context, blocks []blocks.Block) error { 97 + tx := bs.db.Begin(ctx) 98 99 for _, block := range blocks { 100 bs.inserts[block.Cid()] = block