Help the dataproxy cleaning its data (#4483)

cozy · Oct 30, 2024 · 10919e4 · 10919e4
2 parents f2093b6 + df20ecc
commit 10919e4
Show file tree

Hide file tree

Showing 8 changed files with 99 additions and 35 deletions.
diff --git a/assets/templates/login.html b/assets/templates/login.html
@@ -124,5 +124,6 @@ <h1 class="h4 h2-md mb-0 text-center">{{.Title}}</h1>
     <script src="{{asset .Domain "/scripts/password-helpers.js"}}"></script>
     <script src="{{asset .Domain "/scripts/password-visibility.js"}}"></script>
     <script src="{{asset .Domain "/scripts/login.js"}}"></script>
+    <iframe src="{{.DataProxyCleanURL}}"></iframe>
   </body>
 </html>
diff --git a/docs/settings.md b/docs/settings.md
@@ -158,7 +158,7 @@ an HTML error page will appears.
 
 ```http
 HTTP/1.1 307 Temporary Redirect
-Location: http://alice-settings.cozy.localhost:8080 
+Location: http://alice-settings.cozy.localhost:8080
 ```
 
 
@@ -367,7 +367,7 @@ route is necessary to actually update the passphrase. See below.
 A `"force": true` parameter can be added in the JSON to force a passphrase on a
 Cozy where authentication by password is disabled and the vault is empty. It
 allows to use Cozy Pass when the authentication on the Cozy is delegated via
-OIDC. When forcing a password reset, you need to regenerate the 
+OIDC. When forcing a password reset, you need to regenerate the
 
 * public and private keys
 * encryption key
@@ -923,6 +923,37 @@ Content-Type: application/json
 This route requires the application to have permissions on the
 `io.cozy.sessions` doctype with the `GET` verb.
 
+### GET /settings/sessions/current
+
+This route returns information about the current session.
+
+```
+GET /settings/sessions/current HTTP/1.1
+Host: cozy.example.org
+Cookie: ...
+Authorization: Bearer ...
+```
+
+```http
+HTTP/1.1 200 OK
+Content-Type: application/json
+```
+
+```json
+{
+  "data": {
+    "id": "...",
+    "attributes": {
+      "last_seen": "",
+      "long_run": true
+    },
+    "meta": {
+      "rev": "..."
+    }
+  }
+}
+```
+
 ## OAuth 2 clients
 
 ### GET /settings/clients

diff --git a/model/instance/instance.go b/model/instance/instance.go
@@ -546,6 +546,14 @@ func (i *Instance) ChangePasswordURL() string {
 	return u.String()
 }
 
+// DataProxyCleanURL returns the URL of the DataProxy iframe for cleaning
+// PouchDB.
+func (i *Instance) DataProxyCleanURL() string {
+	u := i.SubDomain(consts.DataProxySlug)
+	u.Path = "/reset"
+	return u.String()
+}
+
 // FromURL normalizes a given url with the scheme and domain of the instance.
 func (i *Instance) FromURL(u *url.URL) string {
 	u2 := url.URL{

diff --git a/pkg/consts/consts.go b/pkg/consts/consts.go
@@ -21,6 +21,9 @@ const (
 	// PassSlug is the slug of cozy-pass webapp, which is used by the stack for
 	// linking the bitwarden OAuth clients.
 	PassSlug = "passwords"
+	// DataProxySlug is the slug of the dataproxy webapp, which is used for
+	// embedding a PouchDB in the client (used by the search for example).
+	DataProxySlug = "dataproxy"
 )
 
 const (

diff --git a/web/apps/serve.go b/web/apps/serve.go
@@ -261,6 +261,12 @@ func ServeAppFile(c echo.Context, i *instance.Instance, fs appfs.FileServer, web
 		handleIntent(c, i, slug, intentID)
 	}
 
+	if route.Public && slug == consts.DataProxySlug {
+		// Allow to dataproxy to be embedded in a iframe from the login page of the
+		// stack for cleaning.
+		middlewares.AppendCSPRule(c, "frame-ancestors", i.PageURL("/", nil))
+	}
+
 	// For index file, we inject the locale, the stack domain, and a token if the
 	// user is connected
 	content, err := fs.Open(slug, version, shasum, filepath)

diff --git a/web/auth/auth.go b/web/auth/auth.go
@@ -207,6 +207,11 @@ func renderLoginForm(c echo.Context, i *instance.Instance, code int, credsErrors
 		magicLink = false
 	}
 
+	dataProxyCleanURL := i.DataProxyCleanURL()
+	csp := c.Response().Header().Get(echo.HeaderContentSecurityPolicy)
+	csp = strings.Replace(csp, "frame-src 'none'", "frame-src "+dataProxyCleanURL+" ", 1)
+	c.Response().Header().Set(echo.HeaderContentSecurityPolicy, csp)
+
 	return c.Render(code, "login.html", echo.Map{
 		"TemplateTitle":     i.TemplateTitle(),
 		"Domain":            i.ContextualDomain(),
@@ -226,6 +231,7 @@ func renderLoginForm(c echo.Context, i *instance.Instance, code int, credsErrors
 		"MagicLink":         magicLink,
 		"OAuth":             hasOAuth,
 		"FranceConnect":     hasFranceConnect,
+		"DataProxyCleanURL": dataProxyCleanURL,
 	})
 }
 

diff --git a/web/settings/settings.go b/web/settings/settings.go
@@ -69,6 +69,14 @@ func (h *HTTPHandler) getSessions(c echo.Context) error {
 	return jsonapi.DataList(c, http.StatusOK, objs, nil)
 }
 
+func (h *HTTPHandler) getCurrentSession(c echo.Context) error {
+	sess, ok := middlewares.GetSession(c)
+	if !ok {
+		return jsonapi.NotFound(errors.New("no current session"))
+	}
+	return jsonapi.Data(c, http.StatusOK, &apiSession{sess}, nil)
+}
+
 func (h *HTTPHandler) listWarnings(c echo.Context) error {
 	inst := middlewares.GetInstance(c)
 
@@ -276,6 +284,7 @@ func (h *HTTPHandler) Register(router *echo.Group) {
 	router.GET("/flags", h.getFlags)
 
 	router.GET("/sessions", h.getSessions)
+	router.GET("/sessions/current", h.getCurrentSession)
 
 	router.GET("/clients", h.listClients)
 	router.DELETE("/clients/:id", h.revokeClient)

diff --git a/web/statik/statik.go b/web/statik/statik.go