calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-01-28 22:00:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Send error codes down to olm

Browse Source
This commit is contained in:
Owen
2026-01-16 14:19:36 -08:00
parent 05748bf8ff
commit e2cbe11a5f
3 changed files with 76 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
server/routers/olm/error.ts Normal file
View File

@@ -0,0 +1,28 @@
import { sendToClient } from "#dynamic/routers/ws";
// Error codes for registration failures
export const OlmErrorCodes = {
OLM_NOT_FOUND: "OLM_NOT_FOUND",
CLIENT_ID_NOT_FOUND: "CLIENT_ID_NOT_FOUND",
CLIENT_NOT_FOUND: "CLIENT_NOT_FOUND",
CLIENT_BLOCKED: "CLIENT_BLOCKED",
ORG_NOT_FOUND: "ORG_NOT_FOUND",
USER_ID_NOT_FOUND: "USER_ID_NOT_FOUND",
INVALID_USER_SESSION: "INVALID_USER_SESSION",
USER_ID_MISMATCH: "USER_ID_MISMATCH",
ACCESS_POLICY_DENIED: "ACCESS_POLICY_DENIED"
} as const;
// Helper function to send registration error
export async function sendOlmError(
code: string,
errorMessage: string,
olmId: string
) {
sendToClient(olmId, {
type: "olm/error",
data: {
code,
message: errorMessage
}
});
}

2
server/routers/olm/getUserOlm.ts
View File

@@ -8,8 +8,8 @@ import response from "@server/lib/response";
import { z } from "zod"; import { z } from "zod";
import { fromError } from "zod-validation-error"; import { fromError } from "zod-validation-error";
import logger from "@server/logger"; import logger from "@server/logger";
import { OpenAPITags, registry } from "@server/openApi";
import { getUserDeviceName } from "@server/db/names"; import { getUserDeviceName } from "@server/db/names";
// import { OpenAPITags, registry } from "@server/openApi";
const paramsSchema = z const paramsSchema = z
.object({ .object({

49
server/routers/olm/handleOlmRegisterMessage.ts
View File

@@ -27,6 +27,7 @@ import config from "@server/lib/config";
import { encodeHexLowerCase } from "@oslojs/encoding"; import { encodeHexLowerCase } from "@oslojs/encoding";
import { sha256 } from "@oslojs/crypto/sha2"; import { sha256 } from "@oslojs/crypto/sha2";
import { buildSiteConfigurationForOlmClient } from "./buildConfiguration"; import { buildSiteConfigurationForOlmClient } from "./buildConfiguration";
import { OlmErrorCodes, sendOlmError } from "./error";
export const handleOlmRegisterMessage: MessageHandler = async (context) => { export const handleOlmRegisterMessage: MessageHandler = async (context) => {
logger.info("Handling register olm message!"); logger.info("Handling register olm message!");
@@ -53,6 +54,11 @@ export const handleOlmRegisterMessage: MessageHandler = async (context) => {
if (!olm.clientId) { if (!olm.clientId) {
logger.warn("Olm client ID not found"); logger.warn("Olm client ID not found");
sendOlmError(
OlmErrorCodes.CLIENT_ID_NOT_FOUND,
"Olm client ID not found",
olm.olmId
);
return; return;
} }
@@ -64,11 +70,23 @@ export const handleOlmRegisterMessage: MessageHandler = async (context) => {
if (!client) { if (!client) {
logger.warn("Client ID not found"); logger.warn("Client ID not found");
sendOlmError(
OlmErrorCodes.CLIENT_NOT_FOUND,
"Client not found in organization",
olm.olmId
);
return; return;
} }
if (client.blocked) { if (client.blocked) {
logger.debug(`Client ${client.clientId} is blocked. Ignoring register.`); logger.debug(
`Client ${client.clientId} is blocked. Ignoring register.`
);
sendOlmError(
OlmErrorCodes.CLIENT_BLOCKED,
"Client is blocked",
olm.olmId
);
return; return;
} }
@@ -80,12 +98,22 @@ export const handleOlmRegisterMessage: MessageHandler = async (context) => {
if (!org) { if (!org) {
logger.warn("Org not found"); logger.warn("Org not found");
sendOlmError(
OlmErrorCodes.ORG_NOT_FOUND,
"Organization not found",
olm.olmId
);
return; return;
} }
if (orgId) { if (orgId) {
if (!olm.userId) { if (!olm.userId) {
logger.warn("Olm has no user ID"); logger.warn("Olm has no user ID");
sendOlmError(
OlmErrorCodes.USER_ID_NOT_FOUND,
"User ID not found for this client",
olm.olmId
);
return; return;
} }
@@ -93,10 +121,20 @@ export const handleOlmRegisterMessage: MessageHandler = async (context) => {
await validateSessionToken(userToken); await validateSessionToken(userToken);
if (!userSession || !user) { if (!userSession || !user) {
logger.warn("Invalid user session for olm register"); logger.warn("Invalid user session for olm register");
return; // by returning here we just ignore the ping and the setInterval will force it to disconnect sendOlmError(
OlmErrorCodes.INVALID_USER_SESSION,
"Invalid or expired user session token",
olm.olmId
);
return;
} }
if (user.userId !== olm.userId) { if (user.userId !== olm.userId) {
logger.warn("User ID mismatch for olm register"); logger.warn("User ID mismatch for olm register");
sendOlmError(
OlmErrorCodes.USER_ID_MISMATCH,
"User ID does not match the authenticated session",
olm.olmId
);
return; return;
} }
@@ -114,6 +152,11 @@ export const handleOlmRegisterMessage: MessageHandler = async (context) => {
logger.warn( logger.warn(
`Olm user ${olm.userId} does not pass access policies for org ${orgId}: ${policyCheck.error}` `Olm user ${olm.userId} does not pass access policies for org ${orgId}: ${policyCheck.error}`
); );
sendOlmError(
OlmErrorCodes.ACCESS_POLICY_DENIED,
`Access policy denied: ${policyCheck.error}`,
olm.olmId
);
return; return;
} }
} }
@@ -151,7 +194,7 @@ export const handleOlmRegisterMessage: MessageHandler = async (context) => {
.update(clients) .update(clients)
.set({ .set({
pubKey: publicKey, pubKey: publicKey,
archived: false, archived: false
}) })
.where(eq(clients.clientId, client.clientId)); .where(eq(clients.clientId, client.clientId));