From ca5c761ff252dd9c55ac5afd4f30c7353070c456 Mon Sep 17 00:00:00 2001 From: Gregor Billing Date: Thu, 1 Oct 2020 14:29:20 +0200 Subject: [PATCH] Use signedBuild property in frontend --- .../tnoodle/server/serial/VersionInfo.kt | 2 - .../src/main/components/VersionInfo.jsx | 85 +++++++++---------- 2 files changed, 42 insertions(+), 45 deletions(-) diff --git a/tnoodle-server/src/main/kotlin/org/worldcubeassociation/tnoodle/server/serial/VersionInfo.kt b/tnoodle-server/src/main/kotlin/org/worldcubeassociation/tnoodle/server/serial/VersionInfo.kt index 5b7213547..5d61fa45a 100644 --- a/tnoodle-server/src/main/kotlin/org/worldcubeassociation/tnoodle/server/serial/VersionInfo.kt +++ b/tnoodle-server/src/main/kotlin/org/worldcubeassociation/tnoodle/server/serial/VersionInfo.kt @@ -6,7 +6,6 @@ import org.worldcubeassociation.tnoodle.server.crypto.BuildVerification @Serializable data class VersionInfo( - val runningVersion: String, val projectName: String, val projectVersion: String, val signedBuild: Boolean, @@ -15,7 +14,6 @@ data class VersionInfo( companion object { fun fromEnvironmentConfig(config: ServerEnvironmentConfig): VersionInfo { return VersionInfo( - config.title, config.projectName, config.projectVersion, BuildVerification.BUILD_VERIFIED, diff --git a/tnoodle-ui/src/main/components/VersionInfo.jsx b/tnoodle-ui/src/main/components/VersionInfo.jsx index 3d4336712..32e0842d8 100644 --- a/tnoodle-ui/src/main/components/VersionInfo.jsx +++ b/tnoodle-ui/src/main/components/VersionInfo.jsx @@ -19,7 +19,9 @@ const VersionInfo = connect( currentTnoodle: null, allowedTnoodleVersions: null, runningVersion: null, - officialBuild: null, + signedBuild: null, + signatureKeyBytes: null, + wcaPublicKeyBytes: null, wcaResponse: false, tnoodleResponse: false, }; @@ -31,46 +33,53 @@ const VersionInfo = connect( if (!response) { return; } + let {current, allowed, publicKeyBytes} = response; this.setState({ ...this.state, - currentTnoodle: response.current, - allowedTnoodleVersions: response.allowed, + currentTnoodle: current, + allowedTnoodleVersions: allowed, + wcaPublicKeyBytes: publicKeyBytes, wcaResponse: true, }); - this.analizeVersion(); + this.analyzeVersion(); }); fetchRunningVersion().then((response) => { if (!response) { return; } - let { projectName, projectVersion, signedBuild } = response; + let {projectName, projectVersion, signedBuild, signatureKeyBytes} = response; this.setState({ ...this.state, // Running version is based on projectName and projectVersion runningVersion: - projectVersion != null && projectVersion != null + projectName != null && projectVersion != null ? `${projectName}-${projectVersion}` : "", - officialBuild: signedBuild, + signedBuild: signedBuild, + signatureKeyBytes: signatureKeyBytes, tnoodleResponse: true, }); - this.analizeVersion(); + this.analyzeVersion(); }); } + signatureValid() { + return this.state.signedBuild && this.state.signatureKeyBytes === this.state.wcaPublicKeyBytes; + } + // This method avoids global state update while rendering - analizeVersion() { - // We wait until both wca and tnoodle answes + analyzeVersion() { + // We wait until both wca and tnoodle answers if (!this.state.tnoodleResponse || !this.state.wcaResponse) { return; } let runningVersion = this.state.runningVersion; let allowedVersions = this.state.allowedTnoodleVersions; - let officialBuild = this.state.officialBuild; + let signedBuild = this.signatureValid(); - if (!officialBuild || !allowedVersions.includes(runningVersion)) { + if (!signedBuild || !allowedVersions.includes(runningVersion)) { this.props.updateOfficialZipStatus(false); } } @@ -79,54 +88,44 @@ const VersionInfo = connect( let runningVersion = this.state.runningVersion; let allowedVersions = this.state.allowedTnoodleVersions; let currentTnoodle = this.state.currentTnoodle; - let officialBuild = this.state.officialBuild; + let signedBuild = this.signatureValid(); // We cannot analyze TNoodle version here. We do not bother the user. if (!runningVersion || !allowedVersions) { return null; } - // Generated version is not an official jar - if (!officialBuild) { - return ( -
- This TNoodle version is not official and scrambles - generated with this must not be used in competition. You - are on version {runningVersion}, you should use{" "} - {currentTnoodle.name} available{" "} - here -
- ); - } - - // Best case scenario. We place this after the officialBuild - // so we can avoid not official build from being accidentally used. - if (runningVersion === currentTnoodle.name) { - return null; - } + // Running version is not the most recent release + if (runningVersion !== currentTnoodle.name) { + // Running version is allowed, but not the latest. + if (allowedVersions.includes(runningVersion)) { + return ( +
+ You are running {runningVersion}, which is still + allowed, but you should upgrade to {currentTnoodle.name}{" "} + available here. +
+ ); + } - // Running version is not allowed anymore. - if (!allowedVersions.includes(runningVersion)) { return (
This TNoodle version is not allowed. Do not use scrambles generated in any official competition and consider downloading the latest version{" "} - here. + here.
); } - // Running version is allowed, but not the latest. - if ( - allowedVersions.includes(runningVersion) && - runningVersion !== currentTnoodle.name - ) { + // Generated version is not an officially signed jar + if (!signedBuild) { return ( -
- You are running {runningVersion}, which is still - allowed, but you should upgrade to {currentTnoodle.name}{" "} - available here. +
+ This TNoodle version is not signed. Do not use + scrambles generated in any official competition and + consider downloading the official program{" "} + here
); }