andreacavalli/tdlib-fork
Archived
1
0
Fork 0
Code Pull Requests Releases Activity

Fix caching of passport secret.

Browse Source 
GitOrigin-RevId: 72abee3b842afc5ef8f5e5c63322d89090b98909
This commit is contained in:
levlam 2018-09-27 01:48:12 +03:00
parent 875541b673
commit 83be04a5f4
2 changed files with 73 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

118
td/telegram/PasswordManager.cpp
View File

@ -183,39 +183,42 @@ void PasswordManager::do_get_secure_secret(bool recursive, string password, Prom
if (secret_) { if (secret_) {
return promise.set_value(secret_.value().clone()); return promise.set_value(secret_.value().clone());
} }
get_full_state(password, if (password.empty()) {
PromiseCreator::lambda([password, recursive, promise = std::move(promise), return promise.set_error(Status::Error(400, "PASSWORD_HASH_INVALID"));
actor_id = actor_id(this)](Result<PasswordFullState> r_state) mutable { }
if (r_state.is_error()) { get_full_state(
return promise.set_error(r_state.move_as_error()); password, PromiseCreator::lambda([password, recursive, promise = std::move(promise),
} actor_id = actor_id(this)](Result<PasswordFullState> r_state) mutable {
auto state = r_state.move_as_ok(); if (r_state.is_error()) {
if (!state.state.has_password) { return promise.set_error(r_state.move_as_error());
return promise.set_error(Status::Error(400, "2-step verification is disabled")); }
} auto state = r_state.move_as_ok();
if (state.private_state.secret) { if (!state.state.has_password) {
send_closure(actor_id, &PasswordManager::cache_secret, state.private_state.secret.value().clone()); return promise.set_error(Status::Error(400, "2-step verification is disabled"));
return promise.set_value(std::move(state.private_state.secret.value())); }
} if (state.private_state.secret) {
if (!recursive) { send_closure(actor_id, &PasswordManager::cache_secret, state.private_state.secret.value().clone());
return promise.set_error(Status::Error(400, "Failed to get Telegram Passport secret")); return promise.set_value(std::move(state.private_state.secret.value()));
} }
if (!recursive) {
return promise.set_error(Status::Error(400, "Failed to get Telegram Passport secret"));
}
auto new_promise = PromiseCreator::lambda( auto new_promise =
[password, promise = std::move(promise), actor_id = actor_id](Result<bool> r_ok) mutable { PromiseCreator::lambda([password, promise = std::move(promise), actor_id](Result<bool> r_ok) mutable {
if (r_ok.is_error()) { if (r_ok.is_error()) {
return promise.set_error(r_ok.move_as_error()); return promise.set_error(r_ok.move_as_error());
} }
send_closure(actor_id, &PasswordManager::do_get_secure_secret, false, std::move(password), send_closure(actor_id, &PasswordManager::do_get_secure_secret, false, std::move(password),
std::move(promise)); std::move(promise));
}); });
UpdateSettings update_settings; UpdateSettings update_settings;
update_settings.current_password = password; update_settings.current_password = password;
update_settings.update_secure_secret = true; update_settings.update_secure_secret = true;
send_closure(actor_id, &PasswordManager::do_update_password_settings, std::move(update_settings), send_closure(actor_id, &PasswordManager::do_update_password_settings, std::move(update_settings),
std::move(state), std::move(new_promise)); std::move(state), std::move(new_promise));
})); }));
} }
void PasswordManager::get_temp_password_state(Promise<TempState> promise) /*const*/ { void PasswordManager::get_temp_password_state(Promise<TempState> promise) /*const*/ {
@ -379,20 +382,20 @@ void PasswordManager::send_email_address_verification_code(
last_verified_email_address_ = email; last_verified_email_address_ = email;
auto query = auto query =
G()->net_query_creator().create(create_storer(telegram_api::account_sendVerifyEmailCode(std::move(email)))); G()->net_query_creator().create(create_storer(telegram_api::account_sendVerifyEmailCode(std::move(email))));
send_with_promise(std::move(query), PromiseCreator::lambda([actor_id = actor_id(this), promise = std::move(promise)]( send_with_promise(
Result<NetQueryPtr> r_query) mutable { std::move(query), PromiseCreator::lambda([promise = std::move(promise)](Result<NetQueryPtr> r_query) mutable {
auto r_result = fetch_result<telegram_api::account_sendVerifyEmailCode>(std::move(r_query)); auto r_result = fetch_result<telegram_api::account_sendVerifyEmailCode>(std::move(r_query));
if (r_result.is_error()) { if (r_result.is_error()) {
return promise.set_error(r_result.move_as_error()); return promise.set_error(r_result.move_as_error());
} }
auto result = r_result.move_as_ok(); auto result = r_result.move_as_ok();
if (result->length_ < 0 || result->length_ >= 100) { if (result->length_ < 0 || result->length_ >= 100) {
LOG(ERROR) << "Receive wrong code length " << result->length_; LOG(ERROR) << "Receive wrong code length " << result->length_;
result->length_ = 0; result->length_ = 0;
} }
return promise.set_value(make_tl_object<td_api::emailAddressAuthenticationCodeInfo>( return promise.set_value(
result->email_pattern_, result->length_)); make_tl_object<td_api::emailAddressAuthenticationCodeInfo>(result->email_pattern_, result->length_));
})); }));
} }
void PasswordManager::resend_email_address_verification_code( void PasswordManager::resend_email_address_verification_code(
@ -410,8 +413,8 @@ void PasswordManager::check_email_address_verification_code(string code,
} }
auto query = G()->net_query_creator().create( auto query = G()->net_query_creator().create(
create_storer(telegram_api::account_verifyEmail(last_verified_email_address_, std::move(code)))); create_storer(telegram_api::account_verifyEmail(last_verified_email_address_, std::move(code))));
send_with_promise(std::move(query), PromiseCreator::lambda([actor_id = actor_id(this), promise = std::move(promise)]( send_with_promise(std::move(query),
Result<NetQueryPtr> r_query) mutable { PromiseCreator::lambda([promise = std::move(promise)](Result<NetQueryPtr> r_query) mutable {
auto r_result = fetch_result<telegram_api::account_updatePasswordSettings>(std::move(r_query)); auto r_result = fetch_result<telegram_api::account_updatePasswordSettings>(std::move(r_query));
if (r_result.is_error()) { if (r_result.is_error()) {
return promise.set_error(r_result.move_as_error()); return promise.set_error(r_result.move_as_error());
@ -553,8 +556,8 @@ void PasswordManager::do_update_password_settings_impl(UpdateSettings update_set
auto query = G()->net_query_creator().create( auto query = G()->net_query_creator().create(
create_storer(telegram_api::account_updatePasswordSettings(std::move(current_hash), std::move(new_settings)))); create_storer(telegram_api::account_updatePasswordSettings(std::move(current_hash), std::move(new_settings))));
send_with_promise(std::move(query), PromiseCreator::lambda([actor_id = actor_id(this), promise = std::move(promise)]( send_with_promise(std::move(query),
Result<NetQueryPtr> r_query) mutable { PromiseCreator::lambda([promise = std::move(promise)](Result<NetQueryPtr> r_query) mutable {
auto r_result = fetch_result<telegram_api::account_updatePasswordSettings>(std::move(r_query)); auto r_result = fetch_result<telegram_api::account_updatePasswordSettings>(std::move(r_query));
if (r_result.is_error()) { if (r_result.is_error()) {
if (r_result.error().code() == 400 && r_result.error().message() == "EMAIL_UNCONFIRMED") { if (r_result.error().code() == 400 && r_result.error().message() == "EMAIL_UNCONFIRMED") {
@ -616,6 +619,7 @@ void PasswordManager::do_get_state(Promise<PasswordState> promise) {
state.has_secure_values = (password->flags_ & telegram_api::account_password::HAS_SECURE_VALUES_MASK) != 0; state.has_secure_values = (password->flags_ & telegram_api::account_password::HAS_SECURE_VALUES_MASK) != 0;
} else { } else {
state.has_password = false; state.has_password = false;
send_closure(actor_id, &PasswordManager::drop_cached_secret);
} }
state.unconfirmed_recovery_email_address_pattern = std::move(password->email_unconfirmed_pattern_); state.unconfirmed_recovery_email_address_pattern = std::move(password->email_unconfirmed_pattern_);
@ -664,7 +668,23 @@ void PasswordManager::do_get_state(Promise<PasswordState> promise) {
} }
void PasswordManager::cache_secret(secure_storage::Secret secret) { void PasswordManager::cache_secret(secure_storage::Secret secret) {
LOG(INFO) << "Cache passport secret";
secret_ = std::move(secret); secret_ = std::move(secret);
const int32 max_cache_time = 3600;
secret_expire_date_ = Time::now() + max_cache_time;
set_timeout_at(secret_expire_date_);
}
void PasswordManager::drop_cached_secret() {
LOG(INFO) << "Drop passport secret";
secret_ = optional<secure_storage::Secret>();
}
void PasswordManager::timeout_expired() {
if (Time::now() >= secret_expire_date_) {
drop_cached_secret();
}
} }
void PasswordManager::on_result(NetQueryPtr query) { void PasswordManager::on_result(NetQueryPtr query) {

4
td/telegram/PasswordManager.h
View File

@ -140,6 +140,8 @@ class PasswordManager : public NetQueryCallback {
}; };
optional<secure_storage::Secret> secret_; optional<secure_storage::Secret> secret_;
double secret_expire_date_ = 0;
TempPasswordState temp_password_state_; TempPasswordState temp_password_state_;
Promise<TempState> create_temp_password_promise_; Promise<TempState> create_temp_password_promise_;
@ -165,6 +167,7 @@ class PasswordManager : public NetQueryCallback {
void do_get_secure_secret(bool recursive, string passwod, Promise<secure_storage::Secret> promise); void do_get_secure_secret(bool recursive, string passwod, Promise<secure_storage::Secret> promise);
void do_get_full_state(string password, PasswordState state, Promise<PasswordFullState> promise); void do_get_full_state(string password, PasswordState state, Promise<PasswordFullState> promise);
void cache_secret(secure_storage::Secret secret); void cache_secret(secure_storage::Secret secret);
void drop_cached_secret();
void do_create_temp_password(string password, int32 timeout, PasswordState &&password_state, void do_create_temp_password(string password, int32 timeout, PasswordState &&password_state,
Promise<TempPasswordState> promise); Promise<TempPasswordState> promise);
@ -173,6 +176,7 @@ class PasswordManager : public NetQueryCallback {
void on_result(NetQueryPtr query) override; void on_result(NetQueryPtr query) override;
void start_up() override; void start_up() override;
void timeout_expired() override;
void hangup() override; void hangup() override;
Container<Promise<NetQueryPtr>> container_; Container<Promise<NetQueryPtr>> container_;