Mirrors
/
nextcloud-spreed
mirror of https://github.com/nextcloud/spreed
3
0
Fork 0
Code Releases Activity
Browse Source

feat: Add occ command to verify/update signaling token keys 

Signed-off-by: Marcel Müller <marcel-mueller@gmx.de>
pull/15332/head
Marcel Müller 5 months ago
committed by Joas Schilling
parent
4948321257
commit
6f45ccb525
No known key found for this signature in database GPG Key ID: F72FA5B49FFA96B0
4 changed files with 82 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      appinfo/info.xml
  2. 13
      docs/occ.md
  3. 67
      lib/Command/Signaling/VerifyKeys.php
  4. 2
      lib/SetupCheck/HighPerformanceBackend.php

1
appinfo/info.xml
View File

@ -119,6 +119,7 @@
<command>OCA\Talk\Command\Signaling\Add</command>
<command>OCA\Talk\Command\Signaling\Delete</command>
<command>OCA\Talk\Command\Signaling\ListCommand</command>
<command>OCA\Talk\Command\Signaling\VerifyKeys</command>
<command>OCA\Talk\Command\Stun\Add</command>
<command>OCA\Talk\Command\Stun\Delete</command>

13
docs/occ.md
View File

@ -386,6 +386,19 @@ List external signaling servers.
|---|---|---|---|---|---|
| `--output` | Output format (plain, json or json_pretty, default is plain) | yes | no | no | `'plain'` |
## talk:signaling:verify-keys
Verify if the stored public key matches the stored private key for the signaling server
### Usage
* `talk:signaling:verify-keys [--output [OUTPUT]] [--update]`
| Options | Description | Accept value | Is value required | Is multiple | Default |
|---|---|---|---|---|---|
| `--output` | Output format (plain, json or json_pretty, default is plain) | yes | no | no | `'plain'` |
| `--update` | Updates the stored public key to match the private key if there is a mis-match | no | no | no | `false` |
## talk:stun:add
Add a new STUN server.

67
lib/Command/Signaling/VerifyKeys.php
View File

@ -0,0 +1,67 @@
<?php
declare(strict_types=1);
/**
* SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
* SPDX-License-Identifier: AGPL-3.0-or-later
*/
namespace OCA\Talk\Command\Signaling;
use OC\Core\Command\Base;
use OCA\Talk\Config;
use OCP\IConfig;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;
class VerifyKeys extends Base {
public function __construct(
private IConfig $config,
private Config $talkConfig,
) {
parent::__construct();
}
#[\Override]
protected function configure(): void {
parent::configure();
$this
->setName('talk:signaling:verify-keys')
->setDescription('Verify if the stored public key matches the stored private key for the signaling server')
->addOption('update', null, InputOption::VALUE_NONE, 'Updates the stored public key to match the private key if there is a mis-match');
}
protected function execute(InputInterface $input, OutputInterface $output): int {
$update = $input->getOption('update');
$alg = $this->talkConfig->getSignalingTokenAlgorithm();
$privateKey = $this->talkConfig->getSignalingTokenPrivateKey();
$publicKey = $this->talkConfig->getSignalingTokenPublicKey();
$publicKeyDerived = $this->talkConfig->deriveSignalingTokenPublicKey($privateKey, $alg);
$output->writeln('Stored public key:');
$output->writeln($publicKey);
$output->writeln('Derived public key:');
$output->writeln($publicKeyDerived);
if ($publicKey != $publicKeyDerived) {
if ($update) {
$output->writeln('<comment>Stored public key for algorithm ' . strtolower($alg) . ' did not match stored private key.</comment>');
$output->writeln('<info>A new public key was created and stored.</info>');
$this->config->setAppValue('spreed', 'signaling_token_pubkey_' . strtolower($alg), $publicKeyDerived);
return 0;
}
$output->writeln('<error>Stored public key for algorithm ' . strtolower($alg) . ' does not match stored private key</error>');
return 1;
}
$output->writeln('<info>Stored public key for algorithm ' . strtolower($alg) . ' matches stored private key</info>');
return 0;
}
}

2
lib/SetupCheck/HighPerformanceBackend.php
View File

@ -79,7 +79,7 @@ class HighPerformanceBackend implements ISetupCheck {
$publicKeyDerived = $this->talkConfig->deriveSignalingTokenPublicKey($privateKey, $alg);
if ($publicKey != $publicKeyDerived) {
return SetupResult::error($this->l->t('The stored public key for used algorithm %$1s does not match the stored private key. Run %$2s to fix the issue.', [$alg, '`occ talk:signaling:verify-keys --update`']));
return SetupResult::error($this->l->t('The stored public key for used algorithm %1$s does not match the stored private key. Run %2$s to fix the issue.', [$alg, '`occ talk:signaling:verify-keys --update`']));
}
} catch (\Exception) {
return SetupResult::error($this->l->t('High-performance backend not configured correctly. Run %s for details.', ['`occ talk:signaling:verify-keys`']));

Write Preview
Loading…
Cancel
Save