nik/signal-cli-rest-api
1
0
Fork 0
mirror of https://github.com/bbernhard/signal-cli-rest-api.git synced 2026-05-29 15:14:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

extended trust endpoint

Browse Source 
* added possibility to trust all known keys. This option doesn't require
  the user to provide a safety number, but insted all known keys are
  trusted. This option is obviously less secure and should only be used
  for testing.

see #237
This commit is contained in:
Bernhard B 2022-04-09 09:23:34 +02:00
parent ab4934832a
commit 00ea8809b2
5 changed files with 69 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
src/api/api.go
View File

@ -116,7 +116,8 @@ type UpdateProfileRequest struct {
} }
type TrustIdentityRequest struct { type TrustIdentityRequest struct {
VerifiedSafetyNumber string `json:"verified_safety_number"` VerifiedSafetyNumber *string `json:"verified_safety_number"`
TrustAllKnownKeys *bool `json:"trust_all_known_keys" example:"false"`
} }
type SendMessageResponse struct { type SendMessageResponse struct {
@ -967,7 +968,7 @@ func (a *Api) ListIdentities(c *gin.Context) {
// @Summary Trust Identity // @Summary Trust Identity
// @Tags Identities // @Tags Identities
// @Description Trust an identity. // @Description Trust an identity. When 'trust_all_known_keys' is set to' true', all known keys of this user are trusted. **This is only recommended for testing.**
// @Produce json // @Produce json
// @Success 204 {string} OK // @Success 204 {string} OK
// @Param data body TrustIdentityRequest true "Input Data" // @Param data body TrustIdentityRequest true "Input Data"
@ -996,12 +997,22 @@ func (a *Api) TrustIdentity(c *gin.Context) {
return return
} }
if req.VerifiedSafetyNumber == "" { if (req.VerifiedSafetyNumber == nil && req.TrustAllKnownKeys == nil) || (req.VerifiedSafetyNumber == nil && req.TrustAllKnownKeys != nil && !*req.TrustAllKnownKeys) {
c.JSON(400, Error{Msg: "Couldn't process request - verified safety number missing"}) c.JSON(400, Error{Msg: "Couldn't process request - please either provide a safety number (preferred & more secure) or set 'trust_all_known_keys' to true"})
return return
} }
err = a.signalClient.TrustIdentity(number, numberToTrust, req.VerifiedSafetyNumber) if req.VerifiedSafetyNumber != nil && req.TrustAllKnownKeys != nil && *req.TrustAllKnownKeys {
c.JSON(400, Error{Msg: "Couldn't process request - please either provide a safety number or set 'trust_all_known_keys' to true. But do not set both parameters at once!"})
return
}
if req.VerifiedSafetyNumber != nil && *req.VerifiedSafetyNumber == "" {
c.JSON(400, Error{Msg: "Couldn't process request - please provide a valid safety number"})
return
}
err = a.signalClient.TrustIdentity(number, numberToTrust, req.VerifiedSafetyNumber, req.TrustAllKnownKeys)
if err != nil { if err != nil {
c.JSON(400, Error{Msg: err.Error()}) c.JSON(400, Error{Msg: err.Error()})
return return

27
src/client/client.go
View File

@ -1100,21 +1100,40 @@ func (s *SignalClient) ListIdentities(number string) (*[]IdentityEntry, error) {
return &identityEntries, nil return &identityEntries, nil
} }
func (s *SignalClient) TrustIdentity(number string, numberToTrust string, verifiedSafetyNumber string) error { func (s *SignalClient) TrustIdentity(number string, numberToTrust string, verifiedSafetyNumber *string, trustAllKnownKeys *bool) error {
var err error var err error
if s.signalCliMode == JsonRpc { if s.signalCliMode == JsonRpc {
type Request struct { type Request struct {
VerifiedSafetyNumber string `json:"verified-safety-number"` VerifiedSafetyNumber string `json:"verified-safety-number,omitempty"`
TrustAllKnownKeys bool `json:"trust-all-known-keys,omitempty"`
Recipient string `json:"recipient"` Recipient string `json:"recipient"`
} }
request := Request{VerifiedSafetyNumber: verifiedSafetyNumber, Recipient: numberToTrust} request := Request{Recipient: numberToTrust}
if verifiedSafetyNumber != nil {
request.VerifiedSafetyNumber = *verifiedSafetyNumber
}
if trustAllKnownKeys != nil {
request.TrustAllKnownKeys = *trustAllKnownKeys
}
jsonRpc2Client, err := s.getJsonRpc2Client(number) jsonRpc2Client, err := s.getJsonRpc2Client(number)
if err != nil { if err != nil {
return err return err
} }
_, err = jsonRpc2Client.getRaw("trust", request) _, err = jsonRpc2Client.getRaw("trust", request)
} else { } else {
cmd := []string{"--config", s.signalCliConfig, "-a", number, "trust", numberToTrust, "--verified-safety-number", verifiedSafetyNumber} cmd := []string{"--config", s.signalCliConfig, "-a", number, "trust", numberToTrust}
if verifiedSafetyNumber != nil {
cmd = append(cmd, []string{"--verified-safety-number", *verifiedSafetyNumber}...)
}
if trustAllKnownKeys != nil && *trustAllKnownKeys {
cmd = append(cmd, "--trust-all-known-keys")
}
_, err = runSignalCli(true, cmd, "", s.signalCliMode) _, err = runSignalCli(true, cmd, "", s.signalCliMode)
} }
return err return err

12
src/docs/docs.go
View File

@ -840,7 +840,7 @@ var doc = `{
}, },
"/v1/identities/{number}/trust/{numberToTrust}": { "/v1/identities/{number}/trust/{numberToTrust}": {
"put": { "put": {
"description": "Trust an identity.", "description": "Trust an identity. When 'trust_all_known_keys' is set to' true', all known keys of this user are trusted. **This is only recommended for testing.**",
"produces": [ "produces": [
"application/json" "application/json"
], ],
@ -1649,6 +1649,10 @@ var doc = `{
"api.TrustIdentityRequest": { "api.TrustIdentityRequest": {
"type": "object", "type": "object",
"properties": { "properties": {
"trust_all_known_keys": {
"type": "boolean",
"example": false
},
"verified_safety_number": { "verified_safety_number": {
"type": "string" "type": "string"
} }
@ -1727,6 +1731,12 @@ var doc = `{
"client.GroupEntry": { "client.GroupEntry": {
"type": "object", "type": "object",
"properties": { "properties": {
"admins": {
"type": "array",
"items": {
"type": "string"
}
},
"blocked": { "blocked": {
"type": "boolean" "type": "boolean"
}, },

12
src/docs/swagger.json
View File

@ -824,7 +824,7 @@
}, },
"/v1/identities/{number}/trust/{numberToTrust}": { "/v1/identities/{number}/trust/{numberToTrust}": {
"put": { "put": {
"description": "Trust an identity.", "description": "Trust an identity. When 'trust_all_known_keys' is set to' true', all known keys of this user are trusted. **This is only recommended for testing.**",
"produces": [ "produces": [
"application/json" "application/json"
], ],
@ -1633,6 +1633,10 @@
"api.TrustIdentityRequest": { "api.TrustIdentityRequest": {
"type": "object", "type": "object",
"properties": { "properties": {
"trust_all_known_keys": {
"type": "boolean",
"example": false
},
"verified_safety_number": { "verified_safety_number": {
"type": "string" "type": "string"
} }
@ -1711,6 +1715,12 @@
"client.GroupEntry": { "client.GroupEntry": {
"type": "object", "type": "object",
"properties": { "properties": {
"admins": {
"type": "array",
"items": {
"type": "string"
}
},
"blocked": { "blocked": {
"type": "boolean" "type": "boolean"
}, },

9
src/docs/swagger.yaml
View File

@ -135,6 +135,9 @@ definitions:
type: object type: object
api.TrustIdentityRequest: api.TrustIdentityRequest:
properties: properties:
trust_all_known_keys:
example: false
type: boolean
verified_safety_number: verified_safety_number:
type: string type: string
type: object type: object
@ -185,6 +188,10 @@ definitions:
type: object type: object
client.GroupEntry: client.GroupEntry:
properties: properties:
admins:
items:
type: string
type: array
blocked: blocked:
type: boolean type: boolean
id: id:
@ -769,7 +776,7 @@ paths:
- Identities - Identities
/v1/identities/{number}/trust/{numberToTrust}: /v1/identities/{number}/trust/{numberToTrust}:
put: put:
description: Trust an identity. description: Trust an identity. When 'trust_all_known_keys' is set to' true', all known keys of this user are trusted. **This is only recommended for testing.**
parameters: parameters:
- description: Input Data - description: Input Data
in: body in: body