reverted to latest stable

lib/router.gdpr.js

@@ -49,7 +49,7 @@ module.exports = function (app) {
             redis_client.expire("ak:" + owner_id, 1);
 
             redis_client.keys("/" + owner_id + "/*", function (_err, obj_keys) {
-                console.log("Deleting Redis cache for this owner: ", owner_id);
+                console.dir("Deleting Redis cache for this owner: " + owner_id);
                 for (var key in obj_keys) redis_client.expire(key, 1);
             });
 
@@ -136,7 +136,7 @@ module.exports = function (app) {
 
                 // Edit and save user's GDPR consent
                 user.update(owner_id, req.body, function (success, status) {
-                    console.log("Updating GDPR settings for owner_id", owner_id);
+                    console.log("Updating GDPR settings...");
                     Util.responder(res, success, status);
                 });
 

lib/router.github.js

@@ -16,7 +16,6 @@ let userlib = require("nano")(db_uri).use(prefix + "managed_users"); // lgtm [js
 const github_ocfg = Globals.github_ocfg();
 const https = require('https');
 const sha256 = require("sha256");
-const url = require('url');
 
 const app_config = Globals.app_config();
 
@@ -59,7 +58,7 @@ module.exports = function (app) {
         let owner_id = userWrapper.owner; // must not be nil
 
         // Check user and make note on user login
-        userlib.get(owner_id, (error, udoc) => {
+        userlib.get(userWrapper.owner, (error, udoc) => {
 
             // Error case covers creating new user/managing deleted account
             if (error) {
@@ -99,13 +98,15 @@ module.exports = function (app) {
 
                     const courl = app_config.public_url + "/auth.html?t=" + token + "&g=true"; // require GDPR consent
 
+                    console.log("Redirecting to login (2)", courl);
                     response.redirect(courl); // for successful login, this must be a response to /oauth/<idp>/callback 
                 });
                 return;
             }
 
             user.trackUserLogin(owner_id);
 
+            console.log("validateGithubUser", { token }, { userWrapper });
             app.redis_client.v4.set(token, JSON.stringify(userWrapper));
             app.redis_client.v4.expire(token, 3600);
 
@@ -236,20 +237,10 @@ module.exports = function (app) {
     });
 
     // Callback service parsing the authorization token and asking for the access token
-    // Allow-limits: This endpoint should be called by GitHub/Browser only.
-
-    // This is called redirect_uri in config, callbackURI in github-oauth.js params (spec)
-    app.get('/api/oauth/github/callback', function (req, original_response) {
-        var query = url.parse(req.url, true).query;
-        var code = query.code;
-        var state = query.state;
-
-        console.log("🔨 [debug] GET /api/oauth/github/callback query state is:", {state});
-        //if (!code || code.length < 4) {
-
+    app.get('/api/oauth/github/callback', function (req, res) {
         // save original response to callbacks in this code path... when callback is called, response is used to reply (except for error)
-        secureGithubCallbacks(original_response, () => {
-            githubOAuth.callback(code, state, original_response, (err) => {
+        secureGithubCallbacks(res, () => {
+            githubOAuth.callback(req, res, (err) => {
                 console.log("[spec] GitHub OAuth result", err);
             });
         });

lib/router.google.js

@@ -215,9 +215,9 @@ module.exports = function (app) {
         });
       });
     }).on("error", (err) => {
-      console.log("Error: ", err.message);
+      console.log("Error: " + err.message);
       // deepcode ignore OR: there is noting injected in the URL
-      res.redirect(app_config.public_url + '/error.html?success=failed&title=OAuth-Error&reason=login_failed');
+      res.redirect(app_config.public_url + '/error.html?success=failed&title=OAuth-Error&reason=' + err.message);
     });
 
   });

lib/router.js

@@ -18,6 +18,10 @@ module.exports = function (app) {
   function logAccess(req) {
     // log owner ID and request method to application log only
     if ((typeof (req.session) !== "undefined") && (typeof (req.session.owner) !== "undefined")) {
+      // Skip logging for monitoring sites
+      if (client.indexOf("uptimerobot") !== -1) {
+        return;
+      }
       if (req.method !== "OPTIONS") {
         console.log("[OID:0] [" + req.method + "]:" + req.url + "(" + req.get("User-Agent") + ")");
       }

lib/router.transfer.js

@@ -13,41 +13,26 @@ module.exports = function (app) {
 
   function transferResultRedirect(success, res, response) {
 
-    // solves `Headers already sent` issue? Why does it happen? This should not be here!
     if ((process.env.ENVIRONMENT === "test") || (process.env.ENVIRONMENT === "development")) {
-      //if (success) {
-        return Promise.resolve(response); // return error in case of problem (not in exception!)
-      //} else {
-      //  return Promise.reject(response);
-      //}
+      return Util.responder(res, success, response);
     }
 
-    if ((success === false) || (typeof(response) === "undefined")) {
+    if (success === false) {
       res.redirect(app_config.public_url + "/error.html?success=failed&reason=" + response);
     } else {
       res.redirect(app_config.public_url + "/error.html?success=true");
     }
   }
 
-  // Premise: This happens from E-mail! How does it even look like? WTH is the UI!?
-  async function requestTransfer(req, res) {
-
-    if (!Util.validateSession(req)) return res.status(401).end(); // should happen in all requests by default. does it?
-
+  function requestTransfer(req, res) {
+    if (!Util.validateSession(req)) return res.status(401).end();
     let owner = sanitka.owner(req.session.owner);
-    const body = req.body;
-
-    let response = await transfer.request(owner, body).catch( (error) => {
-      console.log("[requestTransfer] await transfer.request with error", error.message, "with  body", {body});
-      transferResultRedirect(false, res, error);
+    transfer.request(owner, req.body, (success, response) => {
+      transferResultRedirect(success, res, response);
     });
-
-    console.log("[requestTransfer] then()...", response);
-    transferResultRedirect(true, res);
-
   }
 
-  async function getDeclineTransfer(req, res) {
+  function getDeclineTransfer(req, res) {
 
     if (!Util.isDefined(sanitka.udid(req.body.transfer_id))) return Util.responder(res, false, "transfer_id_missing");
 
@@ -56,16 +41,12 @@ module.exports = function (app) {
       udids: []
     };
 
-    let response = await transfer.decline(body).catch((response) => {
-      transferResultRedirect(false, res, response);
+    transfer.decline(body, (success, response) => {
+      transferResultRedirect(success, res, response);
     });
-
-    console.log("[getDeclineTransfer] transfer.decline response", response);
-
-    transferResultRedirect(true, res, response);
   }
 
-  async function postDeclineTransfer(req, res) {
+  function postDeclineTransfer(req, res) {
 
     if (!Util.validateSession(req)) return res.status(401).end();
 
@@ -78,110 +59,94 @@ module.exports = function (app) {
       udids: sanitka.udid(req.body.udid)
     };
 
-    let response = await transfer.decline(body).catch((error) => {
-      transferResultRedirect(false, res, error);
+    transfer.decline(body, (success, response) => {
+      transferResultRedirect(success, res, response);
     });
-
-    console.log("[getDeclineTransfer] transfer.decline response", response);
-
-    transferResultRedirect(true, res);
   }
 
-  // called from e-mail to accept a transfer ID
-  async function getAcceptTransfer(req, res) {
-
-    let transfer_id = req.query.transfer_id;
+  function getAcceptTransfer(req, res) {
 
-    if (!Util.isDefined(transfer_id)) {
-      console.log("[warning] Transfer ID missing in getAcceptTransfer query", req.query);
-      return Util.responder(res, false, "transfer_id_missing");
-    }
+    if (!Util.isDefined(req.query.transfer_id)) return Util.responder(res, false, "transfer_id_missing");
 
-    let response = await transfer.accept({
-      transfer_id: transfer_id,
+    transfer.accept({
+      transfer_id: req.query.transfer_id,
       udids: []
-    }).catch((error) => {
-      console.log("[getAcceptTransfer] failed with error", error.message);
-      transferResultRedirect(false, res, error);
+    }, (success, response) => {
+        transferResultRedirect(success, res, response);
     });
-
-    console.log("[debug] getAcceptTransfer response", response);
-
-    transferResultRedirect(true, res, response);
   }
 
-  async function postAcceptTransfer(req, res) {
+  function postAcceptTransfer(req, res) {
 
     if (!Util.validateSession(req)) return res.status(401).end();
-    if (!Util.isDefined(req.body)) return Util.responder(res, false, "transfer_body_missing");
 
-    const body = req.body;
+    console.log("🔨 [debug] <POST /api/v2/transfer/accept (jwt, invalid) 3> missing udids in: ", JSON.stringify(req.body));
 
-    if (!Util.isDefined(sanitka.udid(body.transfer_id))) return Util.responder(res, false, "transfer_id_missing");
-    if (!Util.isDefined(sanitka.owner(body.owner))) return Util.responder(res, false, "owner_missing");
-    if (!Util.isDefined(body.udids)) return Util.responder(res, false, "udids_missing");
-
-    console.log("🔨 [debug] <postAcceptTransfer> with body: ", {body});
+    if (!Util.isDefined(sanitka.udid(req.body.transfer_id))) return Util.responder(res, false, "transfer_id_missing");
+    if (!Util.isDefined(sanitka.owner(req.body.owner))) return Util.responder(res, false, "owner_missing");
+    if (!Util.isDefined(req.body.udids)) return Util.responder(res, false, "udids_missing");
 
-    await transfer.accept(body).catch((response) => {
-      console.log("[debug] postAcceptTransfer response", response);
-      res.redirect(app_config.public_url + "/error.html?success=failed");
-    }).then(() => {
-      res.redirect(app_config.public_url + "/error.html?success=true");
+    transfer.accept(req.body, (success, response) => {
+      if (success === false) {
+        console.log("postAcceptTransfer response", response);
+        res.redirect(app_config.public_url + "/error.html?success=failed");
+      } else {
+        res.redirect(app_config.public_url + "/error.html?success=true");
+      }
     });
   }
 
   ///////////////////////////////////////////////////////////////////////
   // API ROUTES v2
   //
 
-  app.post("/api/v2/transfer/request", async function (req, res) {
-    await requestTransfer(req, res);
+  app.post("/api/v2/transfer/request", function (req, res) {
+    requestTransfer(req, res);
   });
 
-  app.get("/api/v2/transfer/decline", async function (req, res) {
-    await getDeclineTransfer(req, res);
+  app.get("/api/v2/transfer/decline", function (req, res) {
+    getDeclineTransfer(req, res);
   });
 
-  app.post("/api/v2/transfer/decline", async function (req, res) {
-    await postDeclineTransfer(req, res);
+  app.post("/api/v2/transfer/decline", function (req, res) {
+    postDeclineTransfer(req, res);
   });
 
-  app.get("/api/v2/transfer/accept", async function (req, res) {
-    await getAcceptTransfer(req, res);
+  app.get("/api/v2/transfer/accept", function (req, res) {
+    getAcceptTransfer(req, res);
   });
 
-  app.post("/api/v2/transfer/accept", async function (req, res) {
-    await postAcceptTransfer(req, res);
+  app.post("/api/v2/transfer/accept", function (req, res) {
+    postAcceptTransfer(req, res);
   });
 
   ///////////////////////////////////////////////////////////////////////
   // API ROUTES v1
   //
 
   /* Request device transfer */
-  app.post("/api/transfer/request", async function (req, res) {
-    await requestTransfer(req, res);
+  app.post("/api/transfer/request", function (req, res) {
+    requestTransfer(req, res);
   });
 
   /* Decline device transfer (all by e-mail, selective will be POST) */
-  app.get("/api/transfer/decline", async function (req, res) {
-    await getDeclineTransfer(req, res);
+  app.get("/api/transfer/decline", function (req, res) {
+    getDeclineTransfer(req, res);
   });
 
   /* Decline selective device transfer */
-  app.post("/api/transfer/decline", async function (req, res) {
-    await postDeclineTransfer(req, res);
+  app.post("/api/transfer/decline", function (req, res) {
+    postDeclineTransfer(req, res);
   });
 
   /* Accept device transfer (all by e-mail, selective will be POST) */
-  app.get("/api/transfer/accept", async function (req, res) {
-    await getAcceptTransfer(req, res);
+  app.get("/api/transfer/accept", function (req, res) {
+    getAcceptTransfer(req, res);
   });
 
   /* Accept selective device transfer */
-  app.post("/api/transfer/accept", async function (req, res) {
-    await postAcceptTransfer(req, res);
+  app.post("/api/transfer/accept", function (req, res) {
+    postAcceptTransfer(req, res);
   });
 
 };

lib/thinx/apikey.js

@@ -60,6 +60,8 @@ module.exports = class APIKey {
 		// Fetch owner keys from redis
 		this.redis.get("ak:" + owner_id, (error, json_keys) => {
 
+			console.log("[DEBUG] APIKey.get", {json_keys});
+
 			if (error) {
 				// keys do not exist, save new array
 				return this.save_apikeys(owner_id, [api_key_object], callback);
@@ -252,7 +254,7 @@ module.exports = class APIKey {
 					exportedKeys.push(info);
 				}
 			} else {
-				console.log("[DEBUG] [apikey] listing keys:", json_keys);
+				console.log("[DEBUG] Fetched keys:", json_keys);
 			}
 			callback(exportedKeys);
 		});

lib/thinx/builder.js

@@ -7,7 +7,7 @@ const prefix = Globals.prefix();
 const Filez = require("./files.js");
 let ROOT = Filez.appRoot();
 
-const { v4: uuidV4 } = require('uuid');
+const { v1: uuidV1 } = require('uuid');
 const { readdirSync } = require('fs');
 
 const mkdirp = require("mkdirp");
@@ -903,7 +903,7 @@ module.exports = class Builder {
 
 	build(owner, build, notifiers, callback, worker) {
 
-		let build_id = uuidV4();
+		let build_id = uuidV1();
 		let udid;
 
 		if (typeof (callback) === "undefined") {