Summary:
Session Id should be shared between client and server, but it was defined deep in the client (redux store).
The proposed solution presented below is to move the session id to the server configuration. By doing this, it becomes available to both server and client VERY early in the application life-cycle for both Electron and non-Electron builds.
Reviewed By: LukeDefeo
Differential Revision: D48520367
fbshipit-source-id: ca959b27ab18b1a2e4cd2fac1d28545664f1b514
Summary:
For dev, let's not kill the server.
Also, reintroduce a timeout of 60 seconds before disconnecting.
Reviewed By: antonk52
Differential Revision: D48432317
fbshipit-source-id: bac6f67101e5be481af06a5ea6ccb3b3134c4075
Summary: This change removes the UDS support and thus the need for having a proxy server.
Reviewed By: antonk52
Differential Revision: D48265244
fbshipit-source-id: c76bb4afba63959ddd17901b3887aa278b000beb
Summary: As TCP is the only option, remove all branches.
Reviewed By: passy
Differential Revision: D48265093
fbshipit-source-id: 174527f05d8a841797fd95256e77fdeb9b2e6ad5
Summary: Instead of delaying the shutdown by a set timer, immediately shutdown.
Reviewed By: antonk52
Differential Revision: D48264571
fbshipit-source-id: 5e6556f2ecafb7cf9a19b3075e72f2be1abf9f95
Summary: This is quite annoying and causes may un needed reboots of flipper server while developing
Reviewed By: antonk52
Differential Revision: D47949842
fbshipit-source-id: c2f18e16a4933e4209e74f51978cb7d05b80ee11
Summary:
If the proxy fails, exit.
The proxy server is the one listening on the supplied TCP port, used by PWA.
If it has failed, then quit the process.
Reviewed By: aigoncharov
Differential Revision: D47433631
fbshipit-source-id: 55750db5bf3e00876074a6b403747ec07718878c
Summary:
Centralise connectivity logging into a single place. By having all logs go through a single interface, then it becomes trivial to manipulate them as needed.
In this change, this is not done.
In subsequent diffs, logs will be dispatched via an event and will be visualised in the Connectivity Hub.
Reviewed By: passy
Differential Revision: D47185054
fbshipit-source-id: fb5eab98895be0c8f61fb9a77d3e66d6a8dbcb27
Summary: Bit of reorganising as utils is a bit too generic and crowded.
Reviewed By: passy
Differential Revision: D47186536
fbshipit-source-id: 7b1dd26db95aef00778ff4f23d91f7371c4d07ad
Summary: It doesn't get more generic than 'comms'. So, narrow it down: app-connectivity.
Reviewed By: passy
Differential Revision: D47185255
fbshipit-source-id: 87e9c2487c9b07603d14e856de670757078c0da1
Summary: This is a better place as it takes place once the server starts listening.
Reviewed By: passy
Differential Revision: D46558350
fbshipit-source-id: f586defecc8e16d8f0b285615803662d8b6b75fb
Summary: If after 15min there are no connected clients, close flipper server.
Reviewed By: antonk52
Differential Revision: D46519563
fbshipit-source-id: c3396ed8987be8ca7075c644734793e4ebceba18
Summary:
Need to answer:
- How many starts a day over time
Reviewed By: antonk52
Differential Revision: D46219995
fbshipit-source-id: bffaeadf684a2d34c6e145784c5a86dbaf5f532a
Summary:
Need to answer:
- Proxy errors rate over time
Reviewed By: antonk52
Differential Revision: D46219927
fbshipit-source-id: 1ad8cc60303ed3aa34828b9ff87009ff7754a146
Summary:
Some times the socket can already be in use by an existing process. Track it as to quantify how likely this is found in production. May remove later.
Need to answer:
- Socket already in use rate over time
Reviewed By: antonk52
Differential Revision: D46219768
fbshipit-source-id: 27da82cddb707f729a1d43079e84c221bb544a82
Summary:
Define the tracker interface and replace the existing authentication token verification tracking.
Subsequent diffs will add analytics for remaining connectivity areas.
Need to answer:
- No tokens rate over time
- Unable to verify tokens rate over time
Reviewed By: antonk52
Differential Revision: D46219661
fbshipit-source-id: dfc41cae664bc1ef211d312990120111fca3808b
Summary:
Right now, this simply avoids trying to create a server instance if one appears to be already running.
In a future change, we may decide to kill the existing instance and replace it with a new one.
But, in this case, running this as is will be useful as it will provide the connection URL with the auth token.
Also remove flipper server dependency from finding installation. In this case, we don't need it and can use `os.getPlatform()` instead.
Reviewed By: antonk52
Differential Revision: D46144843
fbshipit-source-id: 2922843b916d37e0126e43ae65a622f87a6920ec
Summary: Recently , we started verifying a special token for every websocket connection. It made e2e tests fail. We are going to use this bypass flag in jest e2e envs.
Reviewed By: lblasa
Differential Revision: D46025343
fbshipit-source-id: c2e6e0b561286fb8b571565243a45cdfb56a54a9
Summary:
Clean initialisation by passing down the environment info to start server.
(Also rename dir to path as that's the name used in other places)
Reviewed By: passy
Differential Revision: D45731751
fbshipit-source-id: a60fdd49c567fc312d1f8da72db3a46a0828c140
Summary: The isHeadlessBuild flag was not properly set.
Reviewed By: antonk52
Differential Revision: D45728435
fbshipit-source-id: 3616c4358114d4f3d96372766dabf48b27b44333
Summary:
Until now, launching flipper-server with TCP would accept any incoming connection as long as it comes from the same origin (localhost) using web socket host origin verification.
This is not entirely secure as origin can be spoofed with tools like curl.
Our team created a security review and a proposal was written:
https://docs.google.com/document/d/16iXypCQibPiner061SoaQUFUY9tLVAEpkKfV_hUXI7c/
Effectively, Flipper can generate a token which is then used by the client to authenticate.
This diff contains the changes required to generate, obtain, and validate authentication tokens from clients connecting to flipper over TCP connections.
The token itself is a JWT token. JWT was chosen because it is a simple industry standard which offers three features which can immediately benefit us:
- Expiration handling. No need for Flipper to store this information anywhere.
- Payload. Payload can be used to push any data we deem relevant i.e. unix username.
- Signing. Signed and verified using the same server key pair which is already in place for certificate exchange.
Additionally, the token is stored in the Flipper static folder. This ensures that the browser and PWA clients have access to it.
Reviewed By: mweststrate
Differential Revision: D45179654
fbshipit-source-id: 6761bcb24f4ba30b67d1511cde8fe875158d78af
Summary: When Flipper starts with Flipper Server enabled, on Windows we forgot to attach the WebSocket handler. It led to a white screen on Electron or to connection timeout messages on Flipper Server.
Reviewed By: passy, lblasa
Differential Revision: D40679781
fbshipit-source-id: 1c8df8012efc54077409eb8891b1d82ddaf16689
Summary: For the Flipper Server Companion, if a plugin is being requested which is not yet installed, try to install it first from the marketplace.
Reviewed By: passy
Differential Revision: D37716962
fbshipit-source-id: d618fbc597f82b540dbb02e8ffc296dcee9e1eb9
Summary:
Provide an option to enable/disable TCP connections on flipper-server.
The only change at this stage is that Flipper Desktop will use UDS to connect to flipper-server.
Reviewed By: passy
Differential Revision: D37519656
fbshipit-source-id: 3d02084666fde532ec76134edf8cf6a231060a48
Summary:
There's one setting: to enable or disable flipper-server.
However, I've added some current running state to it. If there's a better way of doing this, please do let me know.
Reviewed By: aigoncharov
Differential Revision: D37276670
fbshipit-source-id: f6c941cf0cfe55c267b9bcb9f799934fba1e28ef
Summary:
This change attaches our event handlers as soon as the ws is created.
As a consequence, we need to wait until the server has created any necessary instances required to process incoming requests.
To achieve this, I created a type called `Lazy`.
This type wraps around a value and a promise to that value. Callers can check if the value is set. If not, callers can wait for it.
Ultimately, the value can be set outside of the promise itself.
Reviewed By: passy
Differential Revision: D37284939
fbshipit-source-id: 17dec548d7155a3d65440c9584cec07cbb826c37
Summary: On exit, close the servers explicitly.
Reviewed By: lawrencelomax
Differential Revision: D37206986
fbshipit-source-id: 7f4313cce1db18e1fb1320993a58c440af2cc7e0
Summary:
For Flipper Desktop, Electron based, the origin maybe file:// as shown in tests:
```
Refused socket connection from cross domain request, origin: file://, host: localhost:52342.
Expected origins: http://localhost:52342 or http://[::1]:52342 or http://::1:52342 or http://localhost:3000.
Expected hosts: localhost:52342 or [::1]:52342 or ::1:52342 or localhost:3000
```
This change effectively adds `file://` as a valid origin.
Reviewed By: passy
Differential Revision: D37212809
fbshipit-source-id: 311a93bb8872587d15c6be4329238af6b0f6988d
Summary:
After doing some tests, any error thrown during ws events can result in flipper-server shutting down.
To avoid this, effectively, errors throughout should be properly handled.
The problem is that there's no guarantees this is or will be the case.
Instead, wrap the event handlers in a safe function execution wrapper. Any errors will be caught and logged.
Reviewed By: aigoncharov
Differential Revision: D37206923
fbshipit-source-id: 6f7cadc297ac39768030962c6eaadde55048fd21
Summary:
This changes moves most of the functionality found in flipper-server to flipper-server-core.
flipper-server will mostly be a package that wraps around flipper-server-core. Staying in flipper-server:
- Command line args
- Orchestration to start the necessary servers
Reviewed By: aigoncharov
Differential Revision: D36807087
fbshipit-source-id: f29002c7cc5d08b8c5184fdaaa02ba22562a9f45
