[NEW] E2E Encryption push (iOS) #2463

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

diegolmello merged 64 commits into develop from new.e2e-encryption-push

Sep 24, 2020

app/lib/encryption/encryption.js

-Original file line number
+Diff line change
@@ Expand Up / @@ -43,7 +43,8 @@ class Encryption { @@
     	}
     	// Initialize Encryption client
-    	initialize = () => {
+    	initialize = (userId) => {
+    		this.userId = userId;
     		this.roomInstances = {};
     		// Don't await these promises
@@ Expand All / @@ -69,6 +70,7 @@ class Encryption { @@
     	// Stop Encryption client
     	stop = () => {
+    		this.userId = null;
     		this.privateKey = null;
     		this.roomInstances = {};
     		// Cancel ongoing encryption/decryption requests
@@ Expand Down Expand Up / @@ -199,7 +201,7 @@ class Encryption { @@
     		// If doesn't have a instance of this room
     		if (!this.roomInstances[rid]) {
-    			this.roomInstances[rid] = new EncryptionRoom(rid);
+    			this.roomInstances[rid] = new EncryptionRoom(rid, this.userId);
     		}
     		const roomE2E = this.roomInstances[rid];
@@ Expand Down @@

app/lib/encryption/room.js

-Original file line number
+Diff line change
@@ Expand Up / @@ -21,9 +21,10 @@ import database from '../database'; @@
     import log from '../../utils/log';
     export default class EncryptionRoom {
-    	constructor(roomId) {
+    	constructor(roomId, userId) {
     		this.ready = false;
     		this.roomId = roomId;
+    		this.userId = userId;
     		this.establishing = false;
     		this.readyPromise = new Deferred();
     		this.readyPromise.then(() => {
@@ Expand Down @@

app/sagas/encryption.js

-Original file line number
+Diff line change
@@ Expand Up @@
     		}
     		// Decrypt all pending messages/subscriptions
-    		Encryption.initialize();
+    		Encryption.initialize(user.id);
     	} catch (e) {
     		log(e);
     	}
@@ Expand Down Expand Up @@
     		yield Encryption.persistKeys(server, publicKey, privateKey);
     		// Decrypt all pending messages/subscriptions
-    		Encryption.initialize();
+    		Encryption.initialize(user.id);
     		// Hide encryption banner
     		yield put(encryptionSetBanner());
@@ Expand Down @@

ios/NotificationService/NotificationService-Bridging-Header.h

-Original file line number
+Diff line change
@@ Expand Up / @@ -2,5 +2,8 @@ @@
     //  Use this file to import your target's public headers that you would like to expose to Swift.
     //
-    #import "SecureStorage.h"
-    #import <MMKVAppExtension/MMKV.h>
+    #import <MMKV/MMKV.h>
+    #import <react-native-mmkv-storage/SecureStorage.h>
+    #import <react-native-simple-crypto/Aes.h>
+    #import <react-native-simple-crypto/Rsa.h>
+    #import <react-native-simple-crypto/Shared.h>

ios/NotificationService/NotificationService.swift

-Original file line number
+Diff line change
@@ -1,177 +1,55 @@
-    import CoreLocation
     import UserNotifications
-    struct PushResponse: Decodable {
-        let success: Bool
-        let data: Data
-        struct Data: Decodable {
-            let notification: Notification
-            struct Notification: Decodable {
-                let notId: Int
-                let title: String
-                let text: String
-                let payload: Payload
-                struct Payload: Decodable, Encodable {
-                    let host: String
-                    let rid: String?
-                    let type: String?
-                    let sender: Sender?
-                    let messageId: String
-                    let notificationType: String?
-                    let name: String?
-                    let messageType: String?
-                    struct Sender: Decodable, Encodable {
-                        let _id: String
-                        let username: String
-                        let name: String?
-                    }
-                }
-            }
-        }
-    }
     class NotificationService: UNNotificationServiceExtension {
-        var contentHandler: ((UNNotificationContent) -> Void)?
-        var bestAttemptContent: UNMutableNotificationContent?
-        var retryCount = 0
-        var retryTimeout = [1.0, 3.0, 5.0, 10.0]
-        override func didReceive(_ request: UNNotificationRequest, withContentHandler contentHandler: @escaping (UNNotificationContent) -> Void) {
-            self.contentHandler = contentHandler
-            bestAttemptContent = (request.content.mutableCopy() as? UNMutableNotificationContent)
-            if let bestAttemptContent = bestAttemptContent {
-                let ejson = (bestAttemptContent.userInfo["ejson"] as? String ?? "").data(using: .utf8)!
-                guard let data = try? (JSONDecoder().decode(PushResponse.Data.Notification.Payload.self, from: ejson)) else {
-                  return
-                }
-                let notificationType = data.notificationType ?? ""
-                // If the notification have the content at her payload, show it
-                if notificationType != "message-id-only" {
-                    contentHandler(bestAttemptContent)
-                    return
-                }
-                let mmapID = "default"
-                let instanceID = "com.MMKV.\(mmapID)"
-                let secureStorage = SecureStorage()
-                var cryptKey: Data = Data()
-                // get mmkv instance password from keychain
-                secureStorage.getSecureKey(instanceID.toHex()) { (response) -> () in
-                  guard let password = response?[1] as? String else {
-                    // kill the process and show notification as it came from APN
-                    exit(0)
-                  }
-                  cryptKey = password.data(using: .utf8)!
-                }
-                // Get App Group directory
-                let suiteName = Bundle.main.object(forInfoDictionaryKey: "AppGroup") as! String
-                guard let directory = FileManager.default.containerURL(forSecurityApplicationGroupIdentifier: suiteName) else {
-                  return
-                }
-                // Set App Group dir
-                MMKV.initialize(rootDir: nil, groupDir: directory.path, logLevel: MMKVLogLevel.none)
-                guard let mmkv = MMKV(mmapID: mmapID, cryptKey: cryptKey, mode: MMKVMode.multiProcess) else {
-                    return
-                }
-                var server = data.host
-                if (server.last == "/") {
-                    server.removeLast()
-                }
-                let msgId = data.messageId
-                let userId = mmkv.string(forKey: "reactnativemeteor_usertoken-\(server)") ?? ""
-                let token = mmkv.string(forKey: "reactnativemeteor_usertoken-\(userId)") ?? ""
-                if userId.isEmpty || token.isEmpty {
-                    contentHandler(bestAttemptContent)
-                    return
-                }
-                var urlComponents = URLComponents(string: "\(server)/api/v1/push.get")!
-                let queryItems = [URLQueryItem(name: "id", value: msgId)]
-                urlComponents.queryItems = queryItems
-                var request = URLRequest(url: urlComponents.url!)
-                request.httpMethod = "GET"
-                request.addValue(userId, forHTTPHeaderField: "x-user-id")
-                request.addValue(token, forHTTPHeaderField: "x-auth-token")
-                runRequest(request: request, bestAttemptContent: bestAttemptContent, contentHandler: contentHandler)
+      var contentHandler: ((UNNotificationContent) -> Void)?
+      var bestAttemptContent: UNMutableNotificationContent?
+      var rocketchat: RocketChat?
+      override func didReceive(_ request: UNNotificationRequest, withContentHandler contentHandler: @escaping (UNNotificationContent) -> Void) {
+        self.contentHandler = contentHandler
+        bestAttemptContent = (request.content.mutableCopy() as? UNMutableNotificationContent)
+        if let bestAttemptContent = bestAttemptContent {
+          let ejson = (bestAttemptContent.userInfo["ejson"] as? String ?? "").data(using: .utf8)!
+          guard let data = try? (JSONDecoder().decode(Payload.self, from: ejson)) else {
+            return
+          }
+          rocketchat = RocketChat.instanceForServer(server: data.host.removeTrailingSlash())
+          // If the notification has the content on the payload, show it
+          if data.notificationType != .messageIdOnly {
+            self.processPayload(payload: data)
+            return
+          }
+          // Request the content from server
+          rocketchat?.getPushWithId(data.messageId) { notification in
+            if let notification = notification {
+              self.bestAttemptContent?.title = notification.title
+              self.bestAttemptContent?.body = notification.text
+              self.processPayload(payload: notification.payload)
             }
+          }
         }
+      }
-        func runRequest(request: URLRequest, bestAttemptContent: UNMutableNotificationContent, contentHandler: @escaping (UNNotificationContent) -> Void) {
-            let task = URLSession.shared.dataTask(with: request) {(data, response, error) in
-            func retryRequest() {
-              // if we can try again
-              if self.retryCount < self.retryTimeout.count {
-                // Try again after X seconds
-                DispatchQueue.main.asyncAfter(deadline: .now() + self.retryTimeout[self.retryCount], execute: {
-                  self.runRequest(request: request, bestAttemptContent: bestAttemptContent, contentHandler: contentHandler)
-                  self.retryCount += 1
-                })
+      func processPayload(payload: Payload) {
+        // If is a encrypted message
+        if payload.messageType == .e2e {
+          if let message = payload.msg, let rid = payload.rid {
+            if let decryptedMessage = rocketchat?.decryptMessage(rid: rid, message: message) {
+              bestAttemptContent?.body = decryptedMessage
+              if let roomType = payload.type, roomType == .group, let sender = payload.senderName {
+                bestAttemptContent?.body = "\(sender): \(decryptedMessage)"
               }
             }
-            // If some error happened
-            if error != nil {
-              retryRequest()
-            // Check if the request did successfully
-            } else if let response = response as? HTTPURLResponse {
-                // if it not was successfully
-                if response.statusCode != 200 {
-                  retryRequest()
-                // If the response status is 200
-                } else {
-                    // Process data
-                    if let data = data {
-                        // Parse data of response
-                        let push = try? (JSONDecoder().decode(PushResponse.self, from: data))
-                        if let push = push {
-                          if push.success {
-                            bestAttemptContent.title = push.data.notification.title
-                            bestAttemptContent.body = push.data.notification.text
-                            let payload = try? (JSONEncoder().encode(push.data.notification.payload))
-                            if let payload = payload {
-                                bestAttemptContent.userInfo["ejson"] = String(data: payload, encoding: .utf8) ?? "{}"
-                            }
-                            // Show notification with the content modified
-                            contentHandler(bestAttemptContent)
-                            return
-                          }
-                        }
-                    }
-                    retryRequest()
-                }
-            }
           }
-          task.resume()
         }
-        override func serviceExtensionTimeWillExpire() {
-            // Called just before the extension will be terminated by the system.
-            // Use this as an opportunity to deliver your "best attempt" at modified content, otherwise the original push payload will be used.
-            if let contentHandler = contentHandler, let bestAttemptContent =  bestAttemptContent {
-                contentHandler(bestAttemptContent)
-            }
+        if let bestAttemptContent = bestAttemptContent {
+          contentHandler?(bestAttemptContent)
         }
+      }
     }

ios/NotificationService/SecureStorage.h

This file was deleted.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[NEW] E2E Encryption push (iOS) #2463

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!

Uh oh!