Remove obsolete peer-to-peer GitHub token-sharing code (#5628)

Prevent tokens from being sent to the OVH servers. Instead, add them directly to the Redis DB. Ref #3393
2020-09-29 21:22:30 -04:00
parent bdc41670a9
commit eb9743c25c
6 changed files with 4 additions and 104 deletions
--- a/services/github/auth/acceptor.js
+++ b/services/github/auth/acceptor.js
@@ -6,46 +6,6 @@ const {
  userAgent,
 } = require('../../../core/base-service/legacy-request-handler')
 const log = require('../../../core/server/log')
-const secretIsValid = require('../../../core/server/secret-is-valid')
-const serverSecrets = require('../../../lib/server-secrets')
-
-function sendTokenToAllServers(token) {
-  const {
-    shields_ips: shieldsIps,
-    shields_secret: shieldsSecret,
-  } = serverSecrets
-  return Promise.all(
-    shieldsIps.map(
-      ip =>
-        new Promise((resolve, reject) => {
-          const options = {
-            url: `https://${ip}/github-auth/add-token`,
-            method: 'POST',
-            form: {
-              shieldsSecret,
-              token,
-            },
-            // We target servers by IP, and we use HTTPS. Assuming that
-            // 1. Internet routers aren't hacked, and
-            // 2. We don't unknowingly lose our IP to someone else,
-            // we're not leaking people's and our information.
-            // (If we did, it would have no impact, as we only ask for a token,
-            // no GitHub scope. The malicious entity would only be able to use
-            // our rate limit pool.)
-            // FIXME: use letsencrypt.
-            strictSSL: false,
-          }
-          request(options, (err, res, body) => {
-            if (err != null) {
-              reject(err)
-            } else {
-              resolve()
-            }
-          })
-        })
-    )
-  )
-}

 function setRoutes({ server, authHelper, onTokenAccepted }) {
  const baseUrl = process.env.GATSBY_BASE_URL || 'https://img.shields.io'
@@ -120,26 +80,9 @@ function setRoutes({ server, authHelper, onTokenAccepted }) {
          '<p><a href="/">Back to the website</a></p>'
      )

-      sendTokenToAllServers(token).catch(e => {
-        console.error('GitHub user token transmission failed:', e)
-      })
+      onTokenAccepted(token)
    })
  })
-
-  server.route(/^\/github-auth\/add-token$/, (data, match, end, ask) => {
-    if (!secretIsValid(data.shieldsSecret)) {
-      // An unknown entity tries to connect. Let the connection linger for 10s.
-      setTimeout(() => {
-        end('Invalid secret.')
-      }, 10000)
-      return
-    }
-
-    onTokenAccepted(data.token)
-    end('Thanks!')
-  })
 }

-module.exports = {
-  setRoutes,
-}
+module.exports = { setRoutes }
--- a/services/github/auth/acceptor.spec.js
+++ b/services/github/auth/acceptor.spec.js
@@ -8,28 +8,15 @@ const portfinder = require('portfinder')
 const queryString = require('query-string')
 const nock = require('nock')
 const got = require('../../../core/got-test-client')
-const serverSecrets = require('../../../lib/server-secrets')
 const GithubConstellation = require('../github-constellation')
 const acceptor = require('./acceptor')

 const fakeClientId = 'githubdabomb'
-const fakeShieldsSecret = 'letmeinplz'

 describe('Github token acceptor', function () {
  const oauthHelper = GithubConstellation._createOauthHelper({
    private: { gh_client_id: fakeClientId },
  })
-  before(function () {
-    // Make sure properties exist.
-    // https://github.com/sinonjs/sinon/pull/1557
-    serverSecrets.shields_ips = undefined
-    serverSecrets.shields_secret = undefined
-    sinon.stub(serverSecrets, 'shields_ips').value([])
-    sinon.stub(serverSecrets, 'shields_secret').value(fakeShieldsSecret)
-  })
-  after(function () {
-    sinon.restore()
-  })

  let port, baseUrl
  beforeEach(async function () {
@@ -128,21 +115,9 @@ describe('Github token acceptor', function () {
        expect(res.body).to.startWith(
          '<p>Shields.io has received your app-specific GitHub user token.'
        )
+
+        expect(onTokenAccepted).to.have.been.calledWith(fakeAccessToken)
      })
    })
  })
-
-  it('should add a received token', async function () {
-    const fakeAccessToken = 'its-my-token'
-    const form = new FormData()
-    form.append('shieldsSecret', fakeShieldsSecret)
-    form.append('token', fakeAccessToken)
-
-    const { body } = await got.post(`${baseUrl}/github-auth/add-token`, {
-      body: form,
-    })
-
-    expect(onTokenAccepted).to.have.been.calledWith(fakeAccessToken)
-    expect(body).to.equal('Thanks!')
-  })
 })
--- a/services/github/auth/is-valid-token.js
+++ b/services/github/auth/is-valid-token.js
@@ -1,8 +0,0 @@
-'use strict'
-
-// This is only used by the TokenProviders, though probably the acceptor
-// should use it too.
-
-const isValidToken = t => /^[0-9a-f]{40}$/.test(t)
-
-module.exports = isValidToken