libreoffice-online/loolwsd/test/UnitAdmin.cpp
Pranav Kant b8ef017610 Move JWT auth to inside websocket to prevent CSRF
... instead of setting a httpOnly cookie for admin websocket
endpoint which can be CSRFed.

With this, we remove the httpOnly tag on jwt cookie so that
scripts in admin html pages can access the jwt cookie and
authenticates after opening websocket endpoint. Until
authenticated using 'auth authToken' command, admin will not
respond to any admin command.

Also, adapt admin test these changes
2016-07-29 12:03:14 +05:30

473 lines
18 KiB
C++

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
/*
* This file is part of the LibreOffice project.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
#include "config.h"
#include <cassert>
#include <condition_variable>
#include <mutex>
#include <Poco/Net/HTTPBasicCredentials.h>
#include <Poco/Net/HTTPClientSession.h>
#include <Poco/Net/HTTPCookie.h>
#include <Poco/Net/HTTPResponse.h>
#include <Poco/Net/HTTPSClientSession.h>
#include <Poco/Net/HTTPServerRequest.h>
#include <Poco/Net/NameValueCollection.h>
#include <Poco/Net/NetException.h>
#include <Poco/Net/WebSocket.h>
#include <Poco/StringTokenizer.h>
#include <Poco/StringTokenizer.h>
#include <Poco/URI.h>
#include "Common.hpp"
#include "Log.hpp"
#include "Unit.hpp"
#include "Util.hpp"
#include "helpers.hpp"
#define UNIT_URI "/loolwsd/unit-admin"
using Poco::Net::HTTPBasicCredentials;
using Poco::Net::HTTPCookie;
using Poco::Net::HTTPRequest;
using Poco::Net::HTTPResponse;
using Poco::Net::HTTPClientSession;
using Poco::StringTokenizer;
// Inside the WSD process
class UnitAdmin : public UnitWSD
{
private:
unsigned _testCounter = 0;
std::string _jwtCookie;
bool _isTestRunning = false;
const Poco::URI _uri;
std::shared_ptr<Poco::Net::WebSocket> _adminWs;
typedef TestResult (UnitAdmin::*AdminTest)(void);
std::vector<AdminTest> _tests;
std::shared_ptr<Poco::Net::WebSocket> _docWs1;
std::shared_ptr<Poco::Net::WebSocket> _docWs2;
std::shared_ptr<Poco::Net::WebSocket> _docWs3;
int _docPid1;
int _docPid2;
int _docPid3;
int _usersCount = 0;
int _docsCount = 0;
int _messageTimeoutMilliSeconds = 5000;
std::condition_variable _messageReceivedCV;
std::mutex _messageReceivedMutex;
std::string _messageReceived;
// Tests
private:
TestResult testIncorrectPassword()
{
HTTPResponse response;
std::string path(_uri.getPathAndQuery());
HTTPRequest request(HTTPRequest::HTTP_GET, path);
std::unique_ptr<HTTPClientSession> session(helpers::createSession(_uri));
session->sendRequest(request);
session->receiveResponse(response);
TestResult res = TestResult::TEST_FAILED;
if (response.getStatus() == HTTPResponse::HTTP_UNAUTHORIZED)
res = TestResult::TEST_OK;
Log::info(std::string("testIncorrectPassword: ") + (res == TestResult::TEST_OK ? "OK" : "FAIL"));
return res;
}
TestResult testCorrectPassword()
{
HTTPResponse response;
std::string path(_uri.getPathAndQuery());
HTTPRequest request(HTTPRequest::HTTP_GET, path);
std::unique_ptr<HTTPClientSession> session(helpers::createSession(_uri));
HTTPBasicCredentials credentials("admin", "admin");
credentials.authenticate(request);
session->sendRequest(request);
session->receiveResponse(response);
std::vector<HTTPCookie> cookies;
response.getCookies(cookies);
// For now we only set one cookie
assert(cookies.size() == 1);
// and it is jwt=
assert(cookies[0].getName() == "jwt");
// Check cookie properties
std::string cookiePath = cookies[0].getPath();
bool secure = cookies[0].getSecure();
std::string value = cookies[0].getValue();
TestResult res = TestResult::TEST_FAILED;
if (cookiePath.find_first_of("/loleaflet/dist/admin/") == 0 &&
value != "" &&
secure)
{
// Set JWT cookie to be used for subsequent tests
_jwtCookie = value;
res = TestResult::TEST_OK;
}
else
{
Log::info("testCorrectPassword: Invalid cookie properties");
}
Log::info(std::string("testCorrectPassword: ") + (res == TestResult::TEST_OK ? "OK" : "FAIL"));
return res;
}
TestResult testWebSocketWithoutAuthToken()
{
// try connecting without authentication; should result in NotAuthenticated
HTTPResponse response;
HTTPRequest request(HTTPRequest::HTTP_GET, "/lool/adminws/");
std::unique_ptr<HTTPClientSession> session(helpers::createSession(_uri));
_adminWs = std::make_shared<Poco::Net::WebSocket>(*session, request, response);
const std::string testMessage = "documents";
std::unique_lock<std::mutex> lock(_messageReceivedMutex);
_messageReceived.clear();
_adminWs->sendFrame(testMessage.data(), testMessage.size());
if (_messageReceivedCV.wait_for(lock, std::chrono::milliseconds(_messageTimeoutMilliSeconds)) == std::cv_status::timeout)
{
Log::info("testWebSocketWithoutAuth: Timed out waiting for admin console message");
return TestResult::TEST_TIMED_OUT;
}
lock.unlock();
StringTokenizer tokens(_messageReceived, " ", StringTokenizer::TOK_IGNORE_EMPTY | StringTokenizer::TOK_TRIM);
if (tokens.count() != 1 ||
tokens[0] != "NotAuthenticated")
{
Log::info("testWebSocketWithoutAuth: Unrecognized message format");
return TestResult::TEST_FAILED;
}
Log::info(std::string("testWebSocketWithoutAuth: OK"));
return TestResult::TEST_OK;
}
TestResult testWebSocketWithIncorrectAuthToken()
{
// try connecting with incorrect auth token; should result in InvalidToken
HTTPResponse response;
HTTPRequest request(HTTPRequest::HTTP_GET, "/lool/adminws/");
std::unique_ptr<HTTPClientSession> session(helpers::createSession(_uri));
_adminWs = std::make_shared<Poco::Net::WebSocket>(*session, request, response);
const std::string testMessage = "auth jwt=incorrectJWT";
std::unique_lock<std::mutex> lock(_messageReceivedMutex);
_messageReceived.clear();
_adminWs->sendFrame(testMessage.data(), testMessage.size());
if (_messageReceivedCV.wait_for(lock, std::chrono::milliseconds(_messageTimeoutMilliSeconds)) == std::cv_status::timeout)
{
Log::info("testWebSocketWithIncorrectAuthToken: Timed out waiting for admin console message");
return TestResult::TEST_TIMED_OUT;
}
lock.unlock();
StringTokenizer tokens(_messageReceived, " ", StringTokenizer::TOK_IGNORE_EMPTY | StringTokenizer::TOK_TRIM);
if (tokens.count() != 1 ||
tokens[0] != "InvalidAuthToken")
{
Log::info("testWebSocketWithIncorrectAuthToken: Unrecognized message format");
return TestResult::TEST_FAILED;
}
Log::info(std::string("testWebSocketWithIncorrectAuthToken: OK"));
return TestResult::TEST_OK;
}
TestResult testAddDocNotify()
{
// Authenticate first
HTTPResponse response;
HTTPRequest request(HTTPRequest::HTTP_GET, "/lool/adminws/");
std::unique_ptr<HTTPClientSession> session(helpers::createSession(_uri));
_adminWs = std::make_shared<Poco::Net::WebSocket>(*session, request, response);
const std::string authMessage = "auth jwt=" + _jwtCookie;
_adminWs->sendFrame(authMessage.data(), authMessage.size());
// subscribe notification on admin websocket
const std::string subscribeMessage = "subscribe adddoc";
_adminWs->sendFrame(subscribeMessage.data(), subscribeMessage.size());
const std::string documentPath1 = Util::getTempFilePath(TDOC, "hello.odt");
const std::string documentURL1 = std::string("lool/ws/") + "file://" + Poco::Path(documentPath1).makeAbsolute().toString();
HTTPRequest request1(HTTPRequest::HTTP_GET, documentURL1);
HTTPResponse response1;
const Poco::URI docUri1(helpers::getTestServerURI());
const std::string loadMessage1 = "load url=" + documentURL1;
std::unique_ptr<HTTPClientSession> session1(helpers::createSession(docUri1));
std::unique_ptr<HTTPClientSession> session2(helpers::createSession(docUri1));
std::unique_lock<std::mutex> lock(_messageReceivedMutex);
_messageReceived.clear();
_docWs1 = std::make_shared<Poco::Net::WebSocket>(*session1, request1, response1);
_docWs1->sendFrame(loadMessage1.data(), loadMessage1.size());
if (_messageReceivedCV.wait_for(lock, std::chrono::milliseconds(_messageTimeoutMilliSeconds)) == std::cv_status::timeout)
{
Log::info("testAddDocNotify: Timed out waiting for admin console message");
return TestResult::TEST_TIMED_OUT;
}
lock.unlock();
{
StringTokenizer tokens(_messageReceived, " ", StringTokenizer::TOK_IGNORE_EMPTY | StringTokenizer::TOK_TRIM);
if (tokens.count() != 5 ||
tokens[0] != "adddoc" ||
tokens[2] != documentPath1.substr(documentPath1.find_last_of("/") + 1) )
{
Log::info("testAddDocNotify: Unrecognized message format");
return TestResult::TEST_FAILED;
}
// store document pid
_docPid1 = std::stoi(tokens[1]);
_usersCount++;
}
_docsCount++;
// Open another view of same document
lock.lock(); // lock _messageReceivedMutex
_messageReceived.clear();
_docWs2 = std::make_shared<Poco::Net::WebSocket>(*session2, request1, response1);
_docWs2->sendFrame(loadMessage1.data(), loadMessage1.size());
if (_messageReceivedCV.wait_for(lock, std::chrono::milliseconds(_messageTimeoutMilliSeconds)) == std::cv_status::timeout)
{
Log::info("testAddDocNotify: Timed out waiting for admin console message");
return TestResult::TEST_TIMED_OUT;
}
lock.unlock();
{
StringTokenizer tokens(_messageReceived, " ", StringTokenizer::TOK_IGNORE_EMPTY | StringTokenizer::TOK_TRIM);
if (tokens.count() != 5 ||
tokens[0] != "adddoc" ||
tokens[2] != documentPath1.substr(documentPath1.find_last_of("/") + 1) )
{
Log::info("testAddDocNotify: Unrecognized message format");
return TestResult::TEST_FAILED;
}
// store document pid
_docPid2 = std::stoi(tokens[1]);
_usersCount++;
}
// Open another document (different)
const std::string documentPath2 = Util::getTempFilePath(TDOC, "insert-delete.odp");
const std::string documentURL2 = std::string("lool/ws/") + "file://" + Poco::Path(documentPath2).makeAbsolute().toString();
HTTPRequest request2(HTTPRequest::HTTP_GET, documentURL2);
HTTPResponse response2;
const Poco::URI docUri2(helpers::getTestServerURI());
const std::string loadMessage2 = "load url=" + documentURL2;
std::unique_ptr<HTTPClientSession> session3(helpers::createSession(docUri1));
lock.lock(); // lock _messageReceivedMutex
_messageReceived.clear();
_docWs3 = std::make_shared<Poco::Net::WebSocket>(*session3, request2, response2);
_docWs3->sendFrame(loadMessage2.data(), loadMessage2.size());
if (_messageReceivedCV.wait_for(lock, std::chrono::milliseconds(_messageTimeoutMilliSeconds)) == std::cv_status::timeout)
{
Log::info("testAddDocNotify: Timed out waiting for admin console message");
return TestResult::TEST_TIMED_OUT;
}
lock.unlock();
{
StringTokenizer tokens(_messageReceived, " ", StringTokenizer::TOK_IGNORE_EMPTY | StringTokenizer::TOK_TRIM);
if (tokens.count() != 5 ||
tokens[0] != "adddoc" ||
tokens[2] != documentPath2.substr(documentPath2.find_last_of("/") + 1) )
{
Log::info("testAddDocNotify: Unrecognized message format");
return TestResult::TEST_FAILED;
}
// store document pid
_docPid3 = std::stoi(tokens[1]);
_usersCount++;
}
_docsCount++;
Log::info(std::string("testAddDocNotify: OK"));
return TestResult::TEST_OK;
}
TestResult testUsersCount()
{
const std::string queryMessage = "active_users_count";
_messageReceived.clear();
std::unique_lock<std::mutex> lock(_messageReceivedMutex);
_adminWs->sendFrame(queryMessage.data(), queryMessage.size());
if (_messageReceivedCV.wait_for(lock, std::chrono::milliseconds(_messageTimeoutMilliSeconds)) == std::cv_status::timeout)
{
Log::info("testUsersCount: Timed out waiting for admin console message");
return TestResult::TEST_TIMED_OUT;
}
lock.unlock();
StringTokenizer tokens(_messageReceived, " ", StringTokenizer::TOK_IGNORE_EMPTY | StringTokenizer::TOK_TRIM);
if (tokens.count() != 2 ||
tokens[0] != "active_users_count")
{
Log::info("testUsersCount: Unrecognized message format");
return TestResult::TEST_FAILED;
}
else if (std::stoi(tokens[1]) != _usersCount)
{
Log::info("testUsersCount: Incorrect users count "
", expected: " + std::to_string(_usersCount) +
", actual: " + tokens[1]);
return TestResult::TEST_FAILED;
}
Log::info(std::string("testUsersCount: OK"));
return TestResult::TEST_OK;
}
TestResult testDocCount()
{
const std::string queryMessage = "active_docs_count";
_messageReceived.clear();
std::unique_lock<std::mutex> lock(_messageReceivedMutex);
_adminWs->sendFrame(queryMessage.data(), queryMessage.size());
if (_messageReceivedCV.wait_for(lock, std::chrono::milliseconds(_messageTimeoutMilliSeconds)) == std::cv_status::timeout)
{
Log::info("testDocCount: Timed out waiting for admin console message");
return TestResult::TEST_TIMED_OUT;
}
lock.unlock();
StringTokenizer tokens(_messageReceived, " ", StringTokenizer::TOK_IGNORE_EMPTY | StringTokenizer::TOK_TRIM);
if (tokens.count() != 2 ||
tokens[0] != "active_docs_count" ||
std::stoi(tokens[1]) != _docsCount)
{
Log::info("testDocCount: Unrecognized message format");
return TestResult::TEST_FAILED;
}
else if (std::stoi(tokens[1]) != _docsCount)
{
Log::info("testDocCount: Incorrect doc count "
", expected: " + std::to_string(_docsCount) +
", actual: " + tokens[1]);
return TestResult::TEST_FAILED;
}
Log::info(std::string("testDocCount: OK"));
return TestResult::TEST_OK;
}
TestResult testRmDocNotify()
{
// subscribe to rmdoc notification on admin websocket
const std::string subscribeMessage = "subscribe rmdoc";
_adminWs->sendFrame(subscribeMessage.data(), subscribeMessage.size());
_messageReceived.clear();
std::unique_lock<std::mutex> lock(_messageReceivedMutex);
_docWs1->close();
if (_messageReceivedCV.wait_for(lock, std::chrono::milliseconds(_messageTimeoutMilliSeconds)) == std::cv_status::timeout)
{
Log::info("testRmDocNotify: Timed out waiting for admin console message");
return TestResult::TEST_TIMED_OUT;
}
lock.unlock();
StringTokenizer tokens(_messageReceived, " ", StringTokenizer::TOK_IGNORE_EMPTY | StringTokenizer::TOK_TRIM);
if (tokens.count() != 3 ||
tokens[0] != "rmdoc" ||
stoi(tokens[1]) != _docPid1)
{
Log::info("testRmDocNotify: Invalid message format");
return TestResult::TEST_FAILED;
}
_usersCount--;
Log::info(std::string("testRmDocNotify: OK"));
return TestResult::TEST_OK;
}
public:
UnitAdmin()
: _uri(helpers::getTestServerURI() + "/loleaflet/dist/admin/admin.html")
{
setTimeout(60 * 1000);
// Register tests here.
_tests.push_back(&UnitAdmin::testIncorrectPassword);
_tests.push_back(&UnitAdmin::testCorrectPassword);
_tests.push_back(&UnitAdmin::testWebSocketWithoutAuthToken);
_tests.push_back(&UnitAdmin::testWebSocketWithIncorrectAuthToken);
_tests.push_back(&UnitAdmin::testAddDocNotify);
_tests.push_back(&UnitAdmin::testUsersCount);
_tests.push_back(&UnitAdmin::testDocCount);
// FIXME make this one reliable, and enable again _tests.push_back(&UnitAdmin::testRmDocNotify);
_tests.push_back(&UnitAdmin::testUsersCount);
_tests.push_back(&UnitAdmin::testDocCount);
}
// Runs tests sequentially in _tests
virtual void invokeTest()
{
if (!_isTestRunning)
{
_isTestRunning = true;
AdminTest test = _tests[_testCounter++];
Log::info("UnitAdmin:: Starting test #" + std::to_string(_testCounter));
TestResult res = ((*this).*(test))();
Log::info("UnitAdmin:: Finished test #" + std::to_string(_testCounter));
if (res != TestResult::TEST_OK)
{
exitTest(res);
return;
}
// End this when all tests are finished
if (_tests.size() == _testCounter)
exitTest(TestResult::TEST_OK);
_isTestRunning = false;
}
}
virtual void onAdminNotifyMessage(const std::string& message)
{
std::unique_lock<std::mutex> lock(_messageReceivedMutex);
_messageReceivedCV.notify_all();
_messageReceived = message;
Log::info("UnitAdmin:: onAdminNotifyMessage: " + message);
}
virtual void onAdminQueryMessage(const std::string& message)
{
std::unique_lock<std::mutex> lock(_messageReceivedMutex);
_messageReceivedCV.notify_all();
_messageReceived = message;
Log::info("UnitAdmin:: onAdminQueryMessage: " + message);
}
};
UnitBase *unit_create_wsd(void)
{
return new UnitAdmin();
}
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */