From c2eb1f25162b2138d445733e22d7ca8d31278ed4 Mon Sep 17 00:00:00 2001 From: Ylian Saint-Hilaire Date: Sat, 14 Dec 2024 21:56:36 -0800 Subject: [PATCH] Updated to MeshCentral Firebase support, updated to using firebase-admin module. --- firebase.js | 250 ++++++++++++++++----------------------- meshcentral.js | 38 +++--- views/default.handlebars | 2 +- 3 files changed, 119 insertions(+), 171 deletions(-) diff --git a/firebase.js b/firebase.js index 6e238ab1..124acfa0 100644 --- a/firebase.js +++ b/firebase.js @@ -1,7 +1,6 @@ /** * @description MeshCentral Firebase communication module * @author Ylian Saint-Hilaire -* @copyright Intel Corporation 2018-2022 * @license Apache-2.0 * @version v0.0.1 */ @@ -14,31 +13,31 @@ /*jshint esversion: 6 */ "use strict"; -// Construct the Firebase object -module.exports.CreateFirebase = function (parent, senderid, serverkey) { - var obj = {}; +// Initialize the Firebase Admin SDK +module.exports.CreateFirebase = function (parent, serviceAccount) { + + // Import the Firebase Admin SDK + const admin = require('firebase-admin'); + + const obj = {}; obj.messageId = 0; obj.relays = {}; obj.stats = { - mode: "Real", + mode: 'Real', sent: 0, sendError: 0, received: 0, receivedNoRoute: 0, receivedBadArgs: 0 - } - - // In NodeJS v23, add util.isNullOrUndefined() to make node-xcs work correctly. - // Remove this when node-xcs moves to support NodeJS v23 - if (require('util').isNullOrUndefined == null) { require('util').isNullOrUndefined = function (v) { return v == null; } } + }; + + const tokenToNodeMap = {}; // Token --> { nid: nodeid, mid: meshid } + + // Initialize Firebase Admin with server key and project ID + if (!admin.apps.length) { + admin.initializeApp({ credential: admin.credential.cert(serviceAccount) }); + } - const Sender = require('node-xcs').Sender; - const Message = require('node-xcs').Message; - const Notification = require('node-xcs').Notification; - const xcs = new Sender(senderid, serverkey); - - var tokenToNodeMap = {} // Token --> { nid: nodeid, mid: meshid } - // Setup logging if (parent.config.firebase && (parent.config.firebase.log === true)) { obj.logpath = parent.path.join(parent.datapath, 'firebase.txt'); @@ -46,155 +45,108 @@ module.exports.CreateFirebase = function (parent, senderid, serverkey) { } else { obj.log = function () { } } - - // Messages received from client (excluding receipts) - xcs.on('message', function (messageId, from, data, category) { - const jsonData = JSON.stringify(data); - obj.log('Firebase-Message: ' + jsonData); - parent.debug('email', 'Firebase-Message: ' + jsonData); - - if (typeof data.r == 'string') { - // Lookup push relay server - parent.debug('email', 'Firebase-RelayRoute: ' + data.r); - const wsrelay = obj.relays[data.r]; - if (wsrelay != null) { - delete data.r; - try { wsrelay.send(JSON.stringify({ from: from, data: data, category: category })); } catch (ex) { } - } - } else { - // Lookup node information from the cache - var ninfo = tokenToNodeMap[from]; - if (ninfo == null) { obj.stats.receivedNoRoute++; return; } - - if ((data != null) && (data.con != null) && (data.s != null)) { // Console command - obj.stats.received++; - parent.webserver.routeAgentCommand({ action: 'msg', type: 'console', value: data.con, sessionid: data.s }, ninfo.did, ninfo.nid, ninfo.mid); - } else { - obj.stats.receivedBadArgs++; - } - } - }); - - // Only fired for messages where options.delivery_receipt_requested = true - /* - xcs.on('receipt', function (messageId, from, data, category) { console.log('Firebase-Receipt', messageId, from, data, category); }); - xcs.on('connected', function () { console.log('Connected'); }); - xcs.on('disconnected', function () { console.log('disconnected'); }); - xcs.on('online', function () { console.log('online'); }); - xcs.on('error', function (e) { console.log('error', e); }); - xcs.on('message-error', function (e) { console.log('message-error', e); }); - */ - - xcs.start(); - - obj.log('CreateFirebase-Setup'); - parent.debug('email', 'CreateFirebase-Setup'); - - // EXAMPLE - //var payload = { notification: { title: command.title, body: command.msg }, data: { url: obj.msgurl } }; - //var options = { priority: 'High', timeToLive: 5 * 60 }; // TTL: 5 minutes, priority 'Normal' or 'High' - + + // Function to send notifications obj.sendToDevice = function (node, payload, options, func) { - if (typeof node == 'string') { - parent.db.Get(node, function (err, docs) { if ((err == null) && (docs != null) && (docs.length == 1)) { obj.sendToDeviceEx(docs[0], payload, options, func); } else { func(0, 'error'); } }) + if (typeof node === 'string') { + parent.db.Get(node, function (err, docs) { + if (!err && docs && docs.length === 1) { + obj.sendToDeviceEx(docs[0], payload, options, func); + } else { + func(0, 'error'); + } + }); } else { obj.sendToDeviceEx(node, payload, options, func); } - } - + }; + // Send an outbound push notification obj.sendToDeviceEx = function (node, payload, options, func) { - parent.debug('email', 'Firebase-sendToDevice'); - if ((node == null) || (typeof node.pmt != 'string')) return; + if (!node || typeof node.pmt !== 'string') { + func(0, 'error'); + return; + } + obj.log('sendToDevice, node:' + node._id + ', payload: ' + JSON.stringify(payload) + ', options: ' + JSON.stringify(options)); - + // Fill in our lookup table - if (node._id != null) { tokenToNodeMap[node.pmt] = { nid: node._id, mid: node.meshid, did: node.domain } } - - // Built the on-screen notification - var notification = null; - if (payload.notification) { - var notification = new Notification('ic_message') - .title(payload.notification.title) - .body(payload.notification.body) - .build(); + if (node._id) { + tokenToNodeMap[node.pmt] = { + nid: node._id, + mid: node.meshid, + did: node.domain + }; } - - // Build the message - var message = new Message('msg_' + (++obj.messageId)); - if (options.priority) { message.priority(options.priority); } - if (payload.data) { for (var i in payload.data) { message.addData(i, payload.data[i]); } } - if ((payload.data == null) || (payload.data.shash == null)) { message.addData('shash', parent.webserver.agentCertificateHashBase64); } // Add the server agent hash, new Android agents will reject notifications that don't have this. - if (notification) { message.notification(notification) } - message.build(); - - // Send the message - function callback(result) { - if (result.getError() == null) { obj.stats.sent++; obj.log('Success'); } else { obj.stats.sendError++; obj.log('Fail'); } - callback.func(result.getMessageId(), result.getError(), result.getErrorDescription()) - } - callback.func = func; - parent.debug('email', 'Firebase-sending'); - xcs.sendNoRetry(message, node.pmt, callback); - } - + + const message = { + token: node.pmt, + notification: payload.notification, + data: payload.data, + android: { + priority: options.priority || 'high', + ttl: options.timeToLive ? options.timeToLive * 1000 : undefined + } + }; + + admin.messaging().send(message).then(function (response) { + obj.stats.sent++; + obj.log('Success'); + func(response); + }).catch(function (error) { + obj.stats.sendError++; + obj.log('Fail: ' + error); + func(0, error); + }); + }; + // Setup a two way relay obj.setupRelay = function (ws) { - // Select and set a relay identifier ws.relayId = getRandomPassword(); - while (obj.relays[ws.relayId] != null) { ws.relayId = getRandomPassword(); } + while (obj.relays[ws.relayId]) { ws.relayId = getRandomPassword(); } obj.relays[ws.relayId] = ws; - // On message, parse it ws.on('message', function (msg) { parent.debug('email', 'FBWS-Data(' + this.relayId + '): ' + msg); - if (typeof msg == 'string') { + if (typeof msg === 'string') { obj.log('Relay: ' + msg); - - // Parse the incoming push request - var data = null; - try { data = JSON.parse(msg) } catch (ex) { return; } - if (typeof data != 'object') return; - if (parent.common.validateObjectForMongo(data, 4096) == false) return; // Perform sanity checking on this object. - if (typeof data.pmt != 'string') return; - if (typeof data.payload != 'object') return; - if (typeof data.payload.notification == 'object') { - if (typeof data.payload.notification.title != 'string') return; - if (typeof data.payload.notification.body != 'string') return; - } - if (typeof data.options != 'object') return; - if ((data.options.priority != 'Normal') && (data.options.priority != 'High')) return; - if ((typeof data.options.timeToLive != 'number') || (data.options.timeToLive < 1)) return; - if (typeof data.payload.data != 'object') { data.payload.data = {}; } - data.payload.data.r = ws.relayId; // Set the relay id. - - // Send the push notification - obj.sendToDevice({ pmt: data.pmt }, data.payload, data.options, function (id, err, errdesc) { - if (err == null) { - try { wsrelay.send(JSON.stringify({ sent: true })); } catch (ex) { } + + let data; + try { data = JSON.parse(msg); } catch (ex) { return; } + if (typeof data !== 'object') return; + if (!parent.common.validateObjectForMongo(data, 4096)) return; + if (typeof data.pmt !== 'string' || typeof data.payload !== 'object') return; + + data.payload.data = data.payload.data || {}; + data.payload.data.r = ws.relayId; + + obj.sendToDevice({ pmt: data.pmt }, data.payload, data.options, function (id, err) { + if (!err) { + try { ws.send(JSON.stringify({ sent: true })); } catch (ex) { } } else { - try { wsrelay.send(JSON.stringify({ sent: false })); } catch (ex) { } + try { ws.send(JSON.stringify({ sent: false })); } catch (ex) { } } }); } }); - + // If error, close the relay ws.on('error', function (err) { parent.debug('email', 'FBWS-Error(' + this.relayId + '): ' + err); delete obj.relays[this.relayId]; }); - + // Close the relay ws.on('close', function () { parent.debug('email', 'FBWS-Close(' + this.relayId + ')'); delete obj.relays[this.relayId]; }); - + }; + + function getRandomPassword() { + return Buffer.from(parent.crypto.randomBytes(9), 'binary').toString('base64').replace(/\//g, '@'); } - - function getRandomPassword() { return Buffer.from(parent.crypto.randomBytes(9), 'binary').toString('base64').split('/').join('@'); } - + return obj; }; @@ -216,7 +168,7 @@ module.exports.CreateFirebaseRelay = function (parent, url, key) { const querystring = require('querystring'); const relayUrl = require('url').parse(url); parent.debug('email', 'CreateFirebaseRelay-Setup'); - + // Setup logging if (parent.config.firebaserelay && (parent.config.firebaserelay.log === true)) { obj.logpath = parent.path.join(parent.datapath, 'firebaserelay.txt'); @@ -224,7 +176,7 @@ module.exports.CreateFirebaseRelay = function (parent, url, key) { } else { obj.log = function () { } } - + obj.log('Starting relay to: ' + relayUrl.href); if (relayUrl.protocol == 'wss:') { // Setup two-way push notification channel @@ -256,7 +208,7 @@ module.exports.CreateFirebaseRelay = function (parent, url, key) { parent.debug('email', 'FBWS-Disconnected'); obj.wsclient = null; obj.wsopen = false; - + // Compute the backoff timer if (obj.reconnectTimer == null) { if ((obj.lastConnect != null) && ((Date.now() - obj.lastConnect) > 10000)) { obj.backoffTimer = 0; } @@ -267,12 +219,12 @@ module.exports.CreateFirebaseRelay = function (parent, url, key) { } }); } - + function processMessage(messageId, from, data, category) { // Lookup node information from the cache var ninfo = obj.tokenToNodeMap[from]; if (ninfo == null) { obj.stats.receivedNoRoute++; return; } - + if ((data != null) && (data.con != null) && (data.s != null)) { // Console command obj.stats.received++; parent.webserver.routeAgentCommand({ action: 'msg', type: 'console', value: data.con, sessionid: data.s }, ninfo.did, ninfo.nid, ninfo.mid); @@ -280,7 +232,7 @@ module.exports.CreateFirebaseRelay = function (parent, url, key) { obj.stats.receivedBadArgs++; } } - + obj.sendToDevice = function (node, payload, options, func) { if (typeof node == 'string') { parent.db.Get(node, function (err, docs) { if ((err == null) && (docs != null) && (docs.length == 1)) { obj.sendToDeviceEx(docs[0], payload, options, func); } else { func(0, 'error'); } }) @@ -288,19 +240,19 @@ module.exports.CreateFirebaseRelay = function (parent, url, key) { obj.sendToDeviceEx(node, payload, options, func); } } - + obj.sendToDeviceEx = function (node, payload, options, func) { parent.debug('email', 'Firebase-sendToDevice-webSocket'); if ((node == null) || (typeof node.pmt != 'string')) { func(0, 'error'); return; } obj.log('sendToDevice, node:' + node._id + ', payload: ' + JSON.stringify(payload) + ', options: ' + JSON.stringify(options)); - + // Fill in our lookup table if (node._id != null) { obj.tokenToNodeMap[node.pmt] = { nid: node._id, mid: node.meshid, did: node.domain } } - + // Fill in the server agent cert hash if (payload.data == null) { payload.data = {}; } if (payload.data.shash == null) { payload.data.shash = parent.webserver.agentCertificateHashBase64; } // Add the server agent hash, new Android agents will reject notifications that don't have this. - + // If the web socket is open, send now if (obj.wsopen == true) { try { obj.wsclient.send(JSON.stringify({ pmt: node.pmt, payload: payload, options: options })); } catch (ex) { func(0, 'error'); obj.stats.sendError++; return; } @@ -318,7 +270,7 @@ module.exports.CreateFirebaseRelay = function (parent, url, key) { } else if (relayUrl.protocol == 'https:') { // Send an outbound push notification using an HTTPS POST obj.pushOnly = true; - + obj.sendToDevice = function (node, payload, options, func) { if (typeof node == 'string') { parent.db.Get(node, function (err, docs) { if ((err == null) && (docs != null) && (docs.length == 1)) { obj.sendToDeviceEx(docs[0], payload, options, func); } else { func(0, 'error'); } }) @@ -326,18 +278,18 @@ module.exports.CreateFirebaseRelay = function (parent, url, key) { obj.sendToDeviceEx(node, payload, options, func); } } - + obj.sendToDeviceEx = function (node, payload, options, func) { parent.debug('email', 'Firebase-sendToDevice-httpPost'); if ((node == null) || (typeof node.pmt != 'string')) return; - + // Fill in the server agent cert hash if (payload.data == null) { payload.data = {}; } if (payload.data.shash == null) { payload.data.shash = parent.webserver.agentCertificateHashBase64; } // Add the server agent hash, new Android agents will reject notifications that don't have this. - + obj.log('sendToDevice, node:' + node._id + ', payload: ' + JSON.stringify(payload) + ', options: ' + JSON.stringify(options)); const querydata = querystring.stringify({ 'msg': JSON.stringify({ pmt: node.pmt, payload: payload, options: options }) }); - + // Send the message to the relay const httpOptions = { hostname: relayUrl.hostname, @@ -361,6 +313,6 @@ module.exports.CreateFirebaseRelay = function (parent, url, key) { req.end(); } } - + return obj; }; \ No newline at end of file diff --git a/meshcentral.js b/meshcentral.js index 2fd72eba..e253e07a 100644 --- a/meshcentral.js +++ b/meshcentral.js @@ -1998,25 +1998,17 @@ function CreateMeshCentralServer(config, args) { // Setup Firebase if ((config.firebase != null) && (typeof config.firebase.senderid == 'string') && (typeof config.firebase.serverkey == 'string')) { - if (nodeVersion >= 23) { - addServerWarning('Firebase is not supported on this version of NodeJS.', 27); - } else { - obj.firebase = require('./firebase').CreateFirebase(obj, config.firebase.senderid, config.firebase.serverkey); - } + addServerWarning('Firebase now requires a service account JSON file, Firebase disabled.', 27); + } else if ((config.firebase != null) && (typeof config.firebase.serviceaccountfile == 'string')) { + var serviceAccount; + try { serviceAccount = JSON.parse(obj.fs.readFileSync(obj.path.join(obj.datapath, config.firebase.serviceaccountfile)).toString()); } catch (ex) { console.log(ex); } + if (serviceAccount != null) { obj.firebase = require('./firebase').CreateFirebase(obj, serviceAccount); } } else if ((typeof config.firebaserelay == 'object') && (typeof config.firebaserelay.url == 'string')) { - if (nodeVersion >= 23) { - addServerWarning('Firebase is not supported on this version of NodeJS.', 27); - } else { - // Setup the push messaging relay - obj.firebase = require('./firebase').CreateFirebaseRelay(obj, config.firebaserelay.url, config.firebaserelay.key); - } + // Setup the push messaging relay + obj.firebase = require('./firebase').CreateFirebaseRelay(obj, config.firebaserelay.url, config.firebaserelay.key); } else if (obj.config.settings.publicpushnotifications === true) { - if (nodeVersion >= 23) { - addServerWarning('Firebase is not supported on this version of NodeJS.', 27); - } else { - // Setup the Firebase push messaging relay using https://alt.meshcentral.com, this is the public push notification server. - obj.firebase = require('./firebase').CreateFirebaseRelay(obj, 'https://alt.meshcentral.com/firebaserelay.aspx'); - } + // Setup the Firebase push messaging relay using https://alt.meshcentral.com, this is the public push notification server. + obj.firebase = require('./firebase').CreateFirebaseRelay(obj, 'https://alt.meshcentral.com/firebaserelay.aspx'); } // Start periodic maintenance @@ -4049,7 +4041,12 @@ function InstallModules(modules, args, func) { try { // Does the module need a specific version? if (moduleVersion) { - if (require(`${moduleName}/package.json`).version != moduleVersion) { throw new Error(); } + var versionMatch = false; + try { versionMatch = (require(`${moduleName}/package.json`).version == moduleVersion) } catch (ex) { } + if (versionMatch == false) { + const packageJson = JSON.parse(require('fs').readFileSync(require('path').join(__dirname, 'node_modules', moduleName, 'package.json'), 'utf8')); + if (packageJson.version != moduleVersion) { throw new Error(); } + } } else { // For all other modules, do the check here. // Is the module in package.json? Install exact version. @@ -4129,7 +4126,7 @@ var ServerWarnings = { 24: "Unable to load agent logo file: {0}.", 25: "This NodeJS version does not support OpenID.", 26: "This NodeJS version does not support Discord.js.", - 27: "Firebase is not supported on this version of NodeJS." + 27: "Firebase now requires a service account JSON file, Firebase disabled." }; */ @@ -4301,8 +4298,7 @@ function mainStart() { if ((typeof config.settings.webpush == 'object') && (typeof config.settings.webpush.email == 'string')) { modules.push('web-push@3.6.6'); } // Firebase Support - // Avoid 0.1.8 due to bugs: https://github.com/guness/node-xcs/issues/43 - if (config.firebase != null) { modules.push('node-xcs@0.1.8'); } + if ((config.firebase != null) && (typeof config.firebase.serviceaccountfile == 'string')) { modules.push('firebase-admin@12.7.0'); } // Syslog support if ((require('os').platform() != 'win32') && (config.settings.syslog || config.settings.syslogjson)) { modules.push('modern-syslog@1.2.0'); } diff --git a/views/default.handlebars b/views/default.handlebars index c4610639..052abd16 100644 --- a/views/default.handlebars +++ b/views/default.handlebars @@ -2484,7 +2484,7 @@ 24: "Unable to load agent logo file: {0}.", 25: "This NodeJS version does not support OpenID.", 26: "This NodeJS version does not support Discord.js.", - 27: "Firebase is not supported on this version of NodeJS." + 27: "Firebase now requires a service account JSON file, Firebase disabled." }; var x = ''; for (var i in message.warnings) {