Summary: It doesn't get more generic than 'comms'. So, narrow it down: app-connectivity.
Reviewed By: passy
Differential Revision: D47185255
fbshipit-source-id: 87e9c2487c9b07603d14e856de670757078c0da1
Summary: This is a better place as it takes place once the server starts listening.
Reviewed By: passy
Differential Revision: D46558350
fbshipit-source-id: f586defecc8e16d8f0b285615803662d8b6b75fb
Summary:
Need to answer:
- How many starts a day over time
Reviewed By: antonk52
Differential Revision: D46219995
fbshipit-source-id: bffaeadf684a2d34c6e145784c5a86dbaf5f532a
Summary:
Need to answer:
- Proxy errors rate over time
Reviewed By: antonk52
Differential Revision: D46219927
fbshipit-source-id: 1ad8cc60303ed3aa34828b9ff87009ff7754a146
Summary:
Some times the socket can already be in use by an existing process. Track it as to quantify how likely this is found in production. May remove later.
Need to answer:
- Socket already in use rate over time
Reviewed By: antonk52
Differential Revision: D46219768
fbshipit-source-id: 27da82cddb707f729a1d43079e84c221bb544a82
Summary:
Define the tracker interface and replace the existing authentication token verification tracking.
Subsequent diffs will add analytics for remaining connectivity areas.
Need to answer:
- No tokens rate over time
- Unable to verify tokens rate over time
Reviewed By: antonk52
Differential Revision: D46219661
fbshipit-source-id: dfc41cae664bc1ef211d312990120111fca3808b
Summary: Recently , we started verifying a special token for every websocket connection. It made e2e tests fail. We are going to use this bypass flag in jest e2e envs.
Reviewed By: lblasa
Differential Revision: D46025343
fbshipit-source-id: c2e6e0b561286fb8b571565243a45cdfb56a54a9
Summary:
Clean initialisation by passing down the environment info to start server.
(Also rename dir to path as that's the name used in other places)
Reviewed By: passy
Differential Revision: D45731751
fbshipit-source-id: a60fdd49c567fc312d1f8da72db3a46a0828c140
Summary:
Until now, launching flipper-server with TCP would accept any incoming connection as long as it comes from the same origin (localhost) using web socket host origin verification.
This is not entirely secure as origin can be spoofed with tools like curl.
Our team created a security review and a proposal was written:
https://docs.google.com/document/d/16iXypCQibPiner061SoaQUFUY9tLVAEpkKfV_hUXI7c/
Effectively, Flipper can generate a token which is then used by the client to authenticate.
This diff contains the changes required to generate, obtain, and validate authentication tokens from clients connecting to flipper over TCP connections.
The token itself is a JWT token. JWT was chosen because it is a simple industry standard which offers three features which can immediately benefit us:
- Expiration handling. No need for Flipper to store this information anywhere.
- Payload. Payload can be used to push any data we deem relevant i.e. unix username.
- Signing. Signed and verified using the same server key pair which is already in place for certificate exchange.
Additionally, the token is stored in the Flipper static folder. This ensures that the browser and PWA clients have access to it.
Reviewed By: mweststrate
Differential Revision: D45179654
fbshipit-source-id: 6761bcb24f4ba30b67d1511cde8fe875158d78af
Summary: When Flipper starts with Flipper Server enabled, on Windows we forgot to attach the WebSocket handler. It led to a white screen on Electron or to connection timeout messages on Flipper Server.
Reviewed By: passy, lblasa
Differential Revision: D40679781
fbshipit-source-id: 1c8df8012efc54077409eb8891b1d82ddaf16689
Summary:
Provide an option to enable/disable TCP connections on flipper-server.
The only change at this stage is that Flipper Desktop will use UDS to connect to flipper-server.
Reviewed By: passy
Differential Revision: D37519656
fbshipit-source-id: 3d02084666fde532ec76134edf8cf6a231060a48
Summary:
This change attaches our event handlers as soon as the ws is created.
As a consequence, we need to wait until the server has created any necessary instances required to process incoming requests.
To achieve this, I created a type called `Lazy`.
This type wraps around a value and a promise to that value. Callers can check if the value is set. If not, callers can wait for it.
Ultimately, the value can be set outside of the promise itself.
Reviewed By: passy
Differential Revision: D37284939
fbshipit-source-id: 17dec548d7155a3d65440c9584cec07cbb826c37
Summary: On exit, close the servers explicitly.
Reviewed By: lawrencelomax
Differential Revision: D37206986
fbshipit-source-id: 7f4313cce1db18e1fb1320993a58c440af2cc7e0
Summary:
For Flipper Desktop, Electron based, the origin maybe file:// as shown in tests:
```
Refused socket connection from cross domain request, origin: file://, host: localhost:52342.
Expected origins: http://localhost:52342 or http://[::1]:52342 or http://::1:52342 or http://localhost:3000.
Expected hosts: localhost:52342 or [::1]:52342 or ::1:52342 or localhost:3000
```
This change effectively adds `file://` as a valid origin.
Reviewed By: passy
Differential Revision: D37212809
fbshipit-source-id: 311a93bb8872587d15c6be4329238af6b0f6988d
Summary:
This changes moves most of the functionality found in flipper-server to flipper-server-core.
flipper-server will mostly be a package that wraps around flipper-server-core. Staying in flipper-server:
- Command line args
- Orchestration to start the necessary servers
Reviewed By: aigoncharov
Differential Revision: D36807087
fbshipit-source-id: f29002c7cc5d08b8c5184fdaaa02ba22562a9f45
