search

relaycorp / awala-endpoint-internet

Middleware for server-side apps to communicate over Awala without implementing any of the networking or cryptography from the protocol suite.
https://docs.relaycorp.tech/awala-endpoint-internet/
GNU Affero General Public License v3.0
0 stars 0 forks source link

Implement parsing and validation of incoming parcels #9

Closed gnarea closed 1 year ago

gnarea commented 1 year ago

This Part 1 of the POST / endpoint in the PoHTTP server.

Here's an excerpt from the handler, based on the current implementation in Pong and the utility introduced in #21:

      let parcel;
      try {
        parcel = await Parcel.deserialize(bufferToArray(request.body));
      } catch (err) {
        // Don't log the full error because 99.99% of the time the reason will suffice.
        request.log.info({ reason: (err as Error).message }, 'Refusing malformed parcel');
        return reply.code(403).send({ message: 'Payload is not a valid RAMF-serialized parcel' });
      }

      const parcelAwareLogger = request.log.child({
        parcelId: parcel.id,
        recipient: parcel.recipient,
        senderId: await parcel.senderCertificate.calculateSubjectId(),
      });

      try {
        await fastify.activeEndpoint.validateMessage(parcel);
      } catch (err) {
        parcelAwareLogger.info({ err }, 'Refusing invalid parcel');
        return reply.code(403).send({ message: 'Parcel is well-formed but invalid' });
      }

      // DECRYPT AND THEN EMIT EVENT (BUT THAT'S PART OF A DIFFERENT ISSUE)

      parcelAwareLogger.info('Parcel is valid and has been queued');
      return reply.code(202).send({});

See also:

github-actions[bot] commented 1 year ago

:tada: This issue has been resolved in version 1.0.0 :tada:

The release is available on:

Your semantic-release bot :package::rocket: