2023-05-30 20:56:10 +03:00
package server
import (
"encoding/json"
"fmt"
2023-06-02 14:22:54 +03:00
"net/http"
2023-06-02 17:52:35 +03:00
"regexp"
2023-06-13 04:01:43 +03:00
"strings"
2023-06-02 14:22:54 +03:00
2023-05-30 20:56:10 +03:00
"github.com/SherClockHolmes/webpush-go"
"heckel.io/ntfy/log"
2023-06-02 14:22:54 +03:00
"heckel.io/ntfy/user"
2023-05-30 20:56:10 +03:00
)
2023-06-02 17:52:35 +03:00
const (
2023-06-13 04:01:43 +03:00
webPushTopicSubscribeLimit = 50
2023-06-02 17:52:35 +03:00
)
2023-06-13 04:01:43 +03:00
var (
webPushAllowedEndpointsPatterns = [ ] string {
"https://*.google.com/" ,
"https://*.googleapis.com/" ,
"https://*.mozilla.com/" ,
"https://*.mozaws.net/" ,
"https://*.windows.com/" ,
"https://*.microsoft.com/" ,
"https://*.apple.com/" ,
}
webPushAllowedEndpointsRegex * regexp . Regexp
)
func init ( ) {
for i , pattern := range webPushAllowedEndpointsPatterns {
webPushAllowedEndpointsPatterns [ i ] = strings . ReplaceAll ( strings . ReplaceAll ( pattern , "." , "\\." ) , "*" , ".+" )
}
allPatterns := fmt . Sprintf ( "^(%s)" , strings . Join ( webPushAllowedEndpointsPatterns , "|" ) )
webPushAllowedEndpointsRegex = regexp . MustCompile ( allPatterns )
}
2023-06-02 17:52:35 +03:00
2023-06-02 14:22:54 +03:00
func ( s * Server ) handleWebPushUpdate ( w http . ResponseWriter , r * http . Request , v * visitor ) error {
2023-06-09 06:09:38 +03:00
req , err := readJSONWithLimit [ apiWebPushUpdateSubscriptionRequest ] ( r . Body , jsonBodyBytesLimit , false )
if err != nil || req . Endpoint == "" || req . P256dh == "" || req . Auth == "" {
2023-05-30 20:56:10 +03:00
return errHTTPBadRequestWebPushSubscriptionInvalid
2023-06-13 04:01:43 +03:00
} else if ! webPushAllowedEndpointsRegex . MatchString ( req . Endpoint ) {
2023-06-02 17:52:35 +03:00
return errHTTPBadRequestWebPushEndpointUnknown
2023-06-09 06:09:38 +03:00
} else if len ( req . Topics ) > webPushTopicSubscribeLimit {
2023-06-02 17:52:35 +03:00
return errHTTPBadRequestWebPushTopicCountTooHigh
}
2023-06-09 06:09:38 +03:00
topics , err := s . topicsFromIDs ( req . Topics ... )
2023-05-30 20:56:10 +03:00
if err != nil {
2023-06-02 14:22:54 +03:00
return err
2023-05-30 20:56:10 +03:00
}
2023-06-02 14:22:54 +03:00
if s . userManager != nil {
2023-06-08 19:20:12 +03:00
u := v . User ( )
2023-06-02 14:22:54 +03:00
for _ , t := range topics {
if err := s . userManager . Authorize ( u , t . ID , user . PermissionRead ) ; err != nil {
logvr ( v , r ) . With ( t ) . Err ( err ) . Debug ( "Access to topic %s not authorized" , t . ID )
return errHTTPForbidden . With ( t )
}
}
2023-05-30 20:56:10 +03:00
}
2023-06-17 04:59:07 +03:00
if err := s . webPush . UpsertSubscription ( req . Endpoint , req . Auth , req . P256dh , v . MaybeUserID ( ) , v . IP ( ) , req . Topics ) ; err != nil {
2023-05-30 20:56:10 +03:00
return err
}
return s . writeJSON ( w , newSuccessResponse ( ) )
}
2023-06-11 04:09:01 +03:00
func ( s * Server ) handleWebPushDelete ( w http . ResponseWriter , r * http . Request , _ * visitor ) error {
req , err := readJSONWithLimit [ apiWebPushUpdateSubscriptionRequest ] ( r . Body , jsonBodyBytesLimit , false )
if err != nil || req . Endpoint == "" {
return errHTTPBadRequestWebPushSubscriptionInvalid
}
if err := s . webPush . RemoveSubscriptionsByEndpoint ( req . Endpoint ) ; err != nil {
return err
}
return s . writeJSON ( w , newSuccessResponse ( ) )
}
2023-05-30 20:56:10 +03:00
func ( s * Server ) publishToWebPushEndpoints ( v * visitor , m * message ) {
2023-05-30 21:23:03 +03:00
subscriptions , err := s . webPush . SubscriptionsForTopic ( m . Topic )
2023-05-30 20:56:10 +03:00
if err != nil {
2023-06-16 23:55:42 +03:00
logvm ( v , m ) . Err ( err ) . With ( v , m ) . Warn ( "Unable to publish web push messages" )
2023-05-30 20:56:10 +03:00
return
}
2023-06-16 23:55:42 +03:00
log . Tag ( tagWebPush ) . With ( v , m ) . Debug ( "Publishing web push message to %d subscribers" , len ( subscriptions ) )
2023-06-08 19:20:12 +03:00
payload , err := json . Marshal ( newWebPushPayload ( fmt . Sprintf ( "%s/%s" , s . config . BaseURL , m . Topic ) , m ) )
if err != nil {
2023-06-16 23:55:42 +03:00
log . Tag ( tagWebPush ) . Err ( err ) . With ( v , m ) . Warn ( "Unable to marshal expiring payload" )
2023-06-08 19:20:12 +03:00
return
}
for _ , subscription := range subscriptions {
2023-06-16 23:55:42 +03:00
if err := s . sendWebPushNotification ( subscription , payload , v , m ) ; err != nil {
log . Tag ( tagWebPush ) . Err ( err ) . With ( v , m , subscription ) . Warn ( "Unable to publish web push message" )
2023-06-08 19:20:12 +03:00
}
2023-06-02 15:45:05 +03:00
}
}
2023-05-30 20:56:10 +03:00
2023-06-10 06:17:48 +03:00
func ( s * Server ) pruneAndNotifyWebPushSubscriptions ( ) {
2023-06-09 04:45:52 +03:00
if s . config . WebPushPublicKey == "" {
return
}
go func ( ) {
2023-06-10 06:17:48 +03:00
if err := s . pruneAndNotifyWebPushSubscriptionsInternal ( ) ; err != nil {
2023-06-09 04:45:52 +03:00
log . Tag ( tagWebPush ) . Err ( err ) . Warn ( "Unable to prune or notify web push subscriptions" )
}
} ( )
}
2023-06-10 06:17:48 +03:00
func ( s * Server ) pruneAndNotifyWebPushSubscriptionsInternal ( ) error {
// Expire old subscriptions
if err := s . webPush . RemoveExpiredSubscriptions ( s . config . WebPushExpiryDuration ) ; err != nil {
return err
}
// Notify subscriptions that will expire soon
subscriptions , err := s . webPush . SubscriptionsExpiring ( s . config . WebPushExpiryWarningDuration )
2023-06-02 15:45:05 +03:00
if err != nil {
2023-06-09 04:45:52 +03:00
return err
2023-06-08 19:20:12 +03:00
} else if len ( subscriptions ) == 0 {
2023-06-09 04:45:52 +03:00
return nil
2023-06-02 15:45:05 +03:00
}
2023-06-08 19:20:12 +03:00
payload , err := json . Marshal ( newWebPushSubscriptionExpiringPayload ( ) )
2023-06-02 15:45:05 +03:00
if err != nil {
2023-06-09 04:45:52 +03:00
return err
2023-06-02 15:45:05 +03:00
}
2023-06-10 06:17:48 +03:00
warningSent := make ( [ ] * webPushSubscription , 0 )
2023-06-09 04:45:52 +03:00
for _ , subscription := range subscriptions {
2023-06-16 23:55:42 +03:00
if err := s . sendWebPushNotification ( subscription , payload ) ; err != nil {
log . Tag ( tagWebPush ) . Err ( err ) . With ( subscription ) . Warn ( "Unable to publish expiry imminent warning" )
2023-06-10 06:17:48 +03:00
continue
2023-06-08 19:20:12 +03:00
}
2023-06-10 06:17:48 +03:00
warningSent = append ( warningSent , subscription )
}
if err := s . webPush . MarkExpiryWarningSent ( warningSent ) ; err != nil {
return err
2023-06-09 04:45:52 +03:00
}
2023-06-10 06:17:48 +03:00
log . Tag ( tagWebPush ) . Debug ( "Expired old subscriptions and published %d expiry imminent warnings" , len ( subscriptions ) )
2023-06-09 04:45:52 +03:00
return nil
2023-06-08 19:20:12 +03:00
}
2023-06-02 15:45:05 +03:00
2023-06-16 23:55:42 +03:00
func ( s * Server ) sendWebPushNotification ( sub * webPushSubscription , message [ ] byte , contexters ... log . Contexter ) error {
log . Tag ( tagWebPush ) . With ( sub ) . With ( contexters ... ) . Debug ( "Sending web push message" )
2023-06-18 04:51:04 +03:00
payload := & webpush . Subscription {
Endpoint : sub . Endpoint ,
Keys : webpush . Keys {
Auth : sub . Auth ,
P256dh : sub . P256dh ,
} ,
}
resp , err := webpush . SendNotification ( message , payload , & webpush . Options {
2023-06-02 15:45:05 +03:00
Subscriber : s . config . WebPushEmailAddress ,
VAPIDPublicKey : s . config . WebPushPublicKey ,
VAPIDPrivateKey : s . config . WebPushPrivateKey ,
2023-06-08 19:20:12 +03:00
Urgency : webpush . UrgencyHigh , // iOS requires this to ensure delivery
2023-06-09 12:32:44 +03:00
TTL : int ( s . config . CacheDuration . Seconds ( ) ) ,
2023-06-02 15:45:05 +03:00
} )
if err != nil {
2023-06-16 23:55:42 +03:00
log . Tag ( tagWebPush ) . With ( sub ) . With ( contexters ... ) . Err ( err ) . Debug ( "Unable to publish web push message, removing endpoint" )
2023-06-09 06:09:38 +03:00
if err := s . webPush . RemoveSubscriptionsByEndpoint ( sub . Endpoint ) ; err != nil {
2023-06-08 19:20:12 +03:00
return err
2023-06-02 15:45:05 +03:00
}
2023-06-08 19:20:12 +03:00
return err
2023-06-02 15:45:05 +03:00
}
2023-06-08 19:20:12 +03:00
if ( resp . StatusCode < 200 || resp . StatusCode > 299 ) && resp . StatusCode != 429 {
2023-06-16 23:55:42 +03:00
log . Tag ( tagWebPush ) . With ( sub ) . With ( contexters ... ) . Field ( "response_code" , resp . StatusCode ) . Debug ( "Unable to publish web push message, unexpected response" )
2023-06-09 06:09:38 +03:00
if err := s . webPush . RemoveSubscriptionsByEndpoint ( sub . Endpoint ) ; err != nil {
2023-06-08 19:20:12 +03:00
return err
2023-06-02 15:45:05 +03:00
}
2023-06-16 23:55:42 +03:00
return errHTTPInternalErrorWebPushUnableToPublish . With ( sub ) . With ( contexters ... )
2023-06-02 15:45:05 +03:00
}
2023-06-08 19:20:12 +03:00
return nil
2023-05-30 20:56:10 +03:00
}