Add toggle in the settings for cert exchange medium

Summary: This diff adds a toggle setting in wilde which will enable certificate exchange through www. Right now it just sends the information about which medium to be used for cert exchange to Flipper JS and its client side. But its implementation is not done yet. ### Flow for Wilde Whenever user changes the setting(or when user logs out) we set the state of exchange medium and accordingly set/reset authtoken. Note at no given point we remove already existing certificates. ### Context for OSS With this diff we introduce another way to do certificate exchange. Before this diff, we did certificate exchange by accessing the file system of app. But it turns out it's not possible to do that in applications signed by enterprise certs. Thus with this diff one can write their FlipperKitCertificateProvider and fetch the certificate from WWW. Reviewed By: jknoxville Differential Revision: D22896320 fbshipit-source-id: 55aef7028a62e71ba9c02f9f79acaab41d09c0c6
2020-08-12 04:42:26 -07:00
parent 4bb110f319
commit 293de19c2b
16 changed files with 215 additions and 16 deletions
--- a/desktop/app/src/server.tsx
+++ b/desktop/app/src/server.tsx
@@ -7,7 +7,10 @@
 * @format
 */

-import {SecureServerConfig} from './utils/CertificateProvider';
+import {
+  SecureServerConfig,
+  CertificateExchangeMedium,
+} from './utils/CertificateProvider';
 import {Logger} from './fb-interfaces/Logger';
 import {ClientQuery} from './Client';
 import {Store} from './reducers/index';
@@ -45,6 +48,18 @@ type ClientCsrQuery = {
  csr_path?: string | undefined;
 };

+function transformCertificateExchangeMediumToType(
+  medium: number | undefined,
+): CertificateExchangeMedium {
+  if (medium === 1) {
+    return 'FS_ACCESS';
+  } else if (medium === 2) {
+    return 'WWW';
+  } else {
+    return 'FS_ACCESS';
+  }
+}
+
 declare interface Server {
  on(event: 'new-client', callback: (client: Client) => void): this;
  on(event: 'error', callback: (err: Error) => void): this;
@@ -347,11 +362,12 @@ class Server extends EventEmitter {
          method: 'signCertificate';
          csr: string;
          destination: string;
+          medium: number | undefined; // OSS's older Client SDK might not send medium information. This is not an issue for internal FB users, as Flipper release is insync with client SDK through launcher.
        } = rawData;
        if (json.method === 'signCertificate') {
          console.debug('CSR received from device', 'server');

-          const {csr, destination} = json;
+          const {csr, destination, medium} = json;
          return new Single((subscriber) => {
            subscriber.onSubscribe(undefined);
            reportPlatformFailures(
@@ -359,6 +375,7 @@ class Server extends EventEmitter {
                csr,
                clientData.os,
                destination,
+                transformCertificateExchangeMediumToType(medium),
              ),
              'processCertificateSigningRequest',
            )
@@ -396,6 +413,7 @@ class Server extends EventEmitter {
              method: 'signCertificate';
              csr: string;
              destination: string;
+              medium: number | undefined;
            }
          | undefined;
        try {
@@ -407,9 +425,14 @@ class Server extends EventEmitter {

        if (json && json.method === 'signCertificate') {
          console.debug('CSR received from device', 'server');
-          const {csr, destination} = json;
+          const {csr, destination, medium} = json;
          this.certificateProvider
-            .processCertificateSigningRequest(csr, clientData.os, destination)
+            .processCertificateSigningRequest(
+              csr,
+              clientData.os,
+              destination,
+              transformCertificateExchangeMediumToType(medium),
+            )
            .catch((e) => {
              console.error(e);
            });