Add Mist authentication to catalyst-api (#1317)

clients/mist_client.go

@@ -2,6 +2,7 @@ package clients
 
 import (
 	"bytes"
+	"crypto/md5"
 	"encoding/json"
 	"errors"
 	"fmt"
@@ -44,6 +45,8 @@ type MistAPIClient interface {
 
 type MistClient struct {
 	ApiUrl          string
+	Username        string
+	Password        string
 	HttpReqUrl      string
 	TriggerCallback string
 	configMu        sync.Mutex
@@ -53,6 +56,8 @@ type MistClient struct {
 func NewMistAPIClient(user, password, host string, port int, ownURL string) MistAPIClient {
 	mist := &MistClient{
 		ApiUrl:          fmt.Sprintf("http://%s:%d", host, port),
+		Username:        user,
+		Password:        password,
 		TriggerCallback: ownURL,
 		cache:           cache.New(defaultCacheExpiration, cacheCleanupInterval),
 	}
@@ -117,6 +122,13 @@ type MistState struct {
 	PushAutoList  []*MistPushAuto             `json:"push_auto_list"`
 }
 
+type AuthorizationResponse struct {
+	Authorize struct {
+		Status    string `json:"status"`
+		Challenge string `json:"challenge"`
+	} `json:"authorize"`
+}
+
 func (ms MistState) IsIngestStream(stream string) bool {
 	if ms.ActiveStreams == nil {
 		return false
@@ -351,6 +363,38 @@ func (mc *MistClient) getCurrentTriggers() (Triggers, error) {
 }
 
 func (mc *MistClient) sendCommand(command interface{}) (string, error) {
+	resp, err := mc.sendCommandToMist(command)
+	if authErr := validateAuth(resp, err); authErr != nil {
+		glog.Infof("Request to Mist not authorized, authorizing and retrying command: %v", command)
+		if authErr := mc.authorize(resp); authErr != nil {
+			glog.Warningf("Failed to authorize Mist request: %v", authErr)
+			return resp, err
+		}
+		return mc.sendCommandToMist(command)
+	}
+	return resp, err
+}
+
+// authorize authorizes the communication with Mist Server by sending the authorization command.
+// Mist doc: https://docs.mistserver.org/docs/mistserver/integration/api/authentication
+func (mc *MistClient) authorize(unauthResp string) error {
+	r := AuthorizationResponse{}
+	if err := json.Unmarshal([]byte(unauthResp), &r); err != nil {
+		return err
+	}
+	passwordMd5, err := computeMD5Hash(mc.Password)
+	if err != nil {
+		return err
+	}
+	password, err := computeMD5Hash(passwordMd5 + r.Authorize.Challenge)
+	if err != nil {
+		return err
+	}
+	c := commandAuthorize(mc.Username, password)
+	return validateAuth(mc.sendCommandToMist(c))
+}
+
+func (mc *MistClient) sendCommandToMist(command interface{}) (string, error) {
 	c, err := commandToString(command)
 	if err != nil {
 		return "", err
@@ -449,6 +493,24 @@ func (mc *MistClient) GetState() (MistState, error) {
 	return stats, nil
 }
 
+type authorizeCommand struct {
+	Authorize Authorize `json:"authorize"`
+}
+
+type Authorize struct {
+	Username string `json:"username"`
+	Password string `json:"password"`
+}
+
+func commandAuthorize(username, password string) interface{} {
+	return authorizeCommand{
+		Authorize: Authorize{
+			Username: username,
+			Password: password,
+		},
+	}
+}
+
 type addStreamCommand struct {
 	Addstream map[string]Stream `json:"addstream"`
 }
@@ -723,11 +785,7 @@ func validateAuth(resp string, err error) error {
 	if err != nil {
 		return err
 	}
-	r := struct {
-		Authorize struct {
-			Status string `json:"status"`
-		} `json:"authorize"`
-	}{}
+	r := AuthorizationResponse{}
 
 	if err := json.Unmarshal([]byte(resp), &r); err != nil {
 		return err
@@ -738,6 +796,15 @@ func validateAuth(resp string, err error) error {
 	return nil
 }
 
+func computeMD5Hash(input string) (string, error) {
+	hasher := md5.New()
+	_, err := io.WriteString(hasher, input)
+	if err != nil {
+		return "", err
+	}
+	return fmt.Sprintf("%x", hasher.Sum(nil)), nil
+}
+
 func wrapErr(err error, streamName string) error {
 	if err != nil {
 		return fmt.Errorf("error in processing stream '%s': %w", streamName, err)

main.go

@@ -175,10 +175,6 @@ func main() {
 		return
 	}
 
-	if cli.MistUser != "" || cli.MistPassword != "" {
-		glog.Warning("DEPRECATION NOTICE: mist-user and mist-password are no longer used and will be removed in a later version")
-	}
-
 	// TODO: I don't love the global variables for these
 	config.ImportIPFSGatewayURLs = cli.ImportIPFSGatewayURLs
 	config.ImportArweaveGatewayURLs = cli.ImportArweaveGatewayURLs