From d75ff5a791eb1dbdf00e78aec055d8af2f194bd3 Mon Sep 17 00:00:00 2001 From: Rafael Soares Date: Fri, 17 Jan 2025 18:14:43 -0300 Subject: [PATCH 1/7] add domain verification on register --- api/main.go | 14 +++++++++- config/config.go | 4 +++ docker/Dockerfile | 2 +- go.mod | 2 +- local_test_webchat.html | 11 ++++++++ pkg/flows/client.go | 42 ++++++++++++++++++++++++++++ pkg/flows/client_test.go | 52 +++++++++++++++++++++++++++++++++++ pkg/memcache/memcache.go | 49 +++++++++++++++++++++++++++++++++ pkg/memcache/memcache_test.go | 26 ++++++++++++++++++ pkg/websocket/application.go | 5 +++- pkg/websocket/client.go | 48 ++++++++++++++++++++++++++++++++ pkg/websocket/client_test.go | 36 ++++++++++++++++++++---- pkg/websocket/payload.go | 11 ++++++++ script.js | 45 ++++++++++++++++++++++++++++++ 14 files changed, 338 insertions(+), 9 deletions(-) create mode 100644 local_test_webchat.html create mode 100644 pkg/flows/client.go create mode 100644 pkg/flows/client_test.go create mode 100644 pkg/memcache/memcache.go create mode 100644 pkg/memcache/memcache_test.go create mode 100644 script.js diff --git a/api/main.go b/api/main.go index fcee51d..0bae49e 100644 --- a/api/main.go +++ b/api/main.go @@ -12,6 +12,7 @@ import ( "github.com/go-redis/redis/v8" "github.com/ilhasoft/wwcs/config" "github.com/ilhasoft/wwcs/pkg/db" + "github.com/ilhasoft/wwcs/pkg/flows" "github.com/ilhasoft/wwcs/pkg/history" "github.com/ilhasoft/wwcs/pkg/metric" "github.com/ilhasoft/wwcs/pkg/queue" @@ -87,7 +88,18 @@ func main() { clientM := websocket.NewClientManager(rdb, int(queueConfig.ClientTTL)) - app := websocket.NewApp(websocket.NewPool(), rdb, mdb, metrics, histories, clientM, queueConn) + flowsClient := flows.NewClient(config.Get().FlowsURL) + + app := websocket.NewApp( + websocket.NewPool(), + rdb, + mdb, + metrics, + histories, + clientM, + queueConn, + flowsClient, + ) app.StartConnectionsHeartbeat() websocket.SetupRoutes(app) diff --git a/config/config.go b/config/config.go index 103310e..5c0341e 100644 --- a/config/config.go +++ b/config/config.go @@ -17,6 +17,10 @@ type Configuration struct { RedisQueue RedisQueue SentryDSN string `env:"WWC_APP_SENTRY_DSN"` DB DB + + RestrictDomains bool `default:"false" env:"WWC_RESTRICT_DOMAINS"` + + FlowsURL string `default:"flows.weni.ai" env:"WWC_FLOWS_URL"` } type S3 struct { diff --git a/docker/Dockerfile b/docker/Dockerfile index cc4d5c2..4cc2b44 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.17.11-alpine3.16 AS base +FROM golang:1.23-alpine3.20 AS base ARG APP_UID=1000 ARG APP_GID=1000 diff --git a/go.mod b/go.mod index b354fb6..e87ab92 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/ilhasoft/wwcs -go 1.17 +go 1.23 require ( github.com/adjust/rmq/v4 v4.0.1 diff --git a/local_test_webchat.html b/local_test_webchat.html new file mode 100644 index 0000000..ea62b30 --- /dev/null +++ b/local_test_webchat.html @@ -0,0 +1,11 @@ + \ No newline at end of file diff --git a/pkg/flows/client.go b/pkg/flows/client.go new file mode 100644 index 0000000..18bbc5f --- /dev/null +++ b/pkg/flows/client.go @@ -0,0 +1,42 @@ +package flows + +import ( + "encoding/json" + "fmt" + "net/http" +) + +type IClient interface { + GetChannelAllowedDomains(string) ([]string, error) +} + +type Client struct { + BaseURL string `json:"base_url"` +} + +func NewClient(baseURL string) *Client { + return &Client{ + BaseURL: baseURL, + } +} + +func (c *Client) GetChannelAllowedDomains(channelUUID string) ([]string, error) { + url := fmt.Sprintf("%s/api/v2/internals/channel_allowed_domains?channel=%s", c.BaseURL, channelUUID) + resp, err := http.Get(url) + if err != nil { + return nil, err + } + defer resp.Body.Close() + + if resp.StatusCode != http.StatusOK { + return nil, fmt.Errorf("failed to get channel allowed domains, status code: %d", resp.StatusCode) + } + + var domains []string + err = json.NewDecoder(resp.Body).Decode(&domains) + if err != nil { + return nil, err + } + + return domains, nil +} diff --git a/pkg/flows/client_test.go b/pkg/flows/client_test.go new file mode 100644 index 0000000..de91eb3 --- /dev/null +++ b/pkg/flows/client_test.go @@ -0,0 +1,52 @@ +package flows + +import ( + "net/http" + "net/http/httptest" + "testing" + + "github.com/stretchr/testify/assert" +) + +func TestGetChannelAllowedDomains(t *testing.T) { + server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusOK) + _, _ = w.Write([]byte("[\"domain1.com\", \"domain2.com\"]")) + })) + defer server.Close() + + client := Client{BaseURL: server.URL} + + domains, err := client.GetChannelAllowedDomains("09bf3dee-973e-43d3-8b94-441406c4a565") + + assert.NoError(t, err) + assert.Equal(t, 2, len(domains)) +} + +func TestGetChannelAllowedDomainsStatus404(t *testing.T) { + server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusNotFound) + })) + defer server.Close() + + client := Client{BaseURL: server.URL} + + _, err := client.GetChannelAllowedDomains("09bf3dee-973e-43d3-8b94-441406c4a565") + + assert.Equal(t, err.Error(), "failed to get channel allowed domains, status code: 404") +} + +func TestGetChannelAllowedDomainsStatusWithNoDomain(t *testing.T) { + server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusOK) + _, _ = w.Write([]byte("[]")) + })) + defer server.Close() + + client := Client{BaseURL: server.URL} + + domains, err := client.GetChannelAllowedDomains("09bf3dee-973e-43d3-8b94-441406c4a565") + + assert.NoError(t, err) + assert.Equal(t, 0, len(domains)) +} diff --git a/pkg/memcache/memcache.go b/pkg/memcache/memcache.go new file mode 100644 index 0000000..303fc76 --- /dev/null +++ b/pkg/memcache/memcache.go @@ -0,0 +1,49 @@ +package memcache + +import ( + "sync" + "time" +) + +type Cache[K comparable, V any] struct { + items map[K]item[V] + mu sync.Mutex +} + +type item[V any] struct { + value V + expiry time.Time + deleted bool +} + +func New[K comparable, V any]() *Cache[K, V] { + return &Cache[K, V]{ + items: make(map[K]item[V]), + } +} + +func (c *Cache[K, V]) Set(key K, value V, ttl time.Duration) { + c.mu.Lock() + defer c.mu.Unlock() + c.items[key] = item[V]{ + value: value, + expiry: time.Now().Add(ttl), + } +} + +func (c *Cache[K, V]) Get(key K) (V, bool) { + c.mu.Lock() + defer c.mu.Unlock() + item, found := c.items[key] + if !found || time.Now().After(item.expiry) || item.deleted { + delete(c.items, key) + return item.value, false + } + return item.value, true +} + +func (c *Cache[K, V]) Remove(key K) { + c.mu.Lock() + defer c.mu.Unlock() + delete(c.items, key) +} diff --git a/pkg/memcache/memcache_test.go b/pkg/memcache/memcache_test.go new file mode 100644 index 0000000..86a0fa7 --- /dev/null +++ b/pkg/memcache/memcache_test.go @@ -0,0 +1,26 @@ +package memcache + +import ( + "testing" + "time" +) + +func TestCache(t *testing.T) { + cacheDomains := New[string, []string]() + chanUUID := "5f610454-98c1-4a54-9499-e2d2b9b68334" + cacheDomains.Set(chanUUID, []string{"127.0.0.1", "localhost"}, time.Duration(time.Second*2)) + + chan1domains, ok := cacheDomains.Get(chanUUID) + if !ok { + t.Error("Expected channel UUID to be found") + } + if len(chan1domains) != 2 { + t.Error("Expected 2 domains in cache, got", len(chan1domains)) + } + time.Sleep(3 * time.Second) + + _, ok = cacheDomains.Get(chanUUID) + if ok { + t.Error("Expected channel UUID not to be found") + } +} diff --git a/pkg/websocket/application.go b/pkg/websocket/application.go index aae9046..287f4f7 100644 --- a/pkg/websocket/application.go +++ b/pkg/websocket/application.go @@ -5,6 +5,7 @@ import ( "time" "github.com/go-redis/redis/v8" + "github.com/ilhasoft/wwcs/pkg/flows" "github.com/ilhasoft/wwcs/pkg/history" "github.com/ilhasoft/wwcs/pkg/metric" "github.com/ilhasoft/wwcs/pkg/queue" @@ -21,10 +22,11 @@ type App struct { Histories history.Service ClientManager ClientManager QueueConnectionManager queue.Connection + FlowsClient flows.IClient } // Create new App instance. -func NewApp(pool *ClientPool, rdb *redis.Client, mdb *mongo.Database, metrics *metric.Service, histories history.Service, clientM ClientManager, qconnM queue.Connection) *App { +func NewApp(pool *ClientPool, rdb *redis.Client, mdb *mongo.Database, metrics *metric.Service, histories history.Service, clientM ClientManager, qconnM queue.Connection, fc flows.IClient) *App { return &App{ ClientPool: pool, RDB: rdb, @@ -33,6 +35,7 @@ func NewApp(pool *ClientPool, rdb *redis.Client, mdb *mongo.Database, metrics *m Histories: histories, ClientManager: clientM, QueueConnectionManager: qconnM, + FlowsClient: fc, } } diff --git a/pkg/websocket/client.go b/pkg/websocket/client.go index 56e1a70..76ba70e 100644 --- a/pkg/websocket/client.go +++ b/pkg/websocket/client.go @@ -17,6 +17,7 @@ import ( "github.com/gorilla/websocket" "github.com/ilhasoft/wwcs/config" "github.com/ilhasoft/wwcs/pkg/history" + "github.com/ilhasoft/wwcs/pkg/memcache" "github.com/ilhasoft/wwcs/pkg/metric" "github.com/ilhasoft/wwcs/pkg/queue" "github.com/pkg/errors" @@ -31,6 +32,8 @@ var ( ErrorNeedRegistration = errors.New("unable to redirect: id and url is blank") ) +var cacheChannelDomains = memcache.New[string, []string]() + // Client side data type Client struct { ID string @@ -174,8 +177,53 @@ func CloseClientSession(payload OutgoingPayload, app *App) error { return nil } +func CheckAllowedDomain(app *App, channelUUID string, originDomain string) bool { + var allowedDomains []string = nil + var err error + cachedDomains, notexpired := cacheChannelDomains.Get(channelUUID) + if !notexpired { + allowedDomains = cachedDomains + } else { + allowedDomains, err = app.FlowsClient.GetChannelAllowedDomains(channelUUID) + if err != nil { + log.Error("Error on get allowed domains", err) + return false + } + cacheChannelDomains.Set(channelUUID, allowedDomains, time.Minute*5) + } + if len(allowedDomains) > 0 { + for _, domain := range allowedDomains { + if originDomain == domain { + return true + } + } + return false + } + return true +} + +func OriginToDomain(origin string) (string, error) { + u, err := url.Parse(origin) + if err != nil { + fmt.Println("Error on parse URL to get domain:", err) + return "", err + } + domain := strings.Split(u.Host, ":")[0] + return domain, nil +} + // Register register an user func (c *Client) Register(payload OutgoingPayload, triggerTo postJSON, app *App) error { + if config.Get().RestrictDomains { + domain, err := OriginToDomain(c.Origin) + if err != nil { + return err + } + allowed := CheckAllowedDomain(app, payload.ChannelUUID(), domain) + if !allowed { + return errors.New("domain not allowed") + } + } start := time.Now() err := validateOutgoingPayloadRegister(payload) if err != nil { diff --git a/pkg/websocket/client_test.go b/pkg/websocket/client_test.go index d0bd285..7c9bdb9 100644 --- a/pkg/websocket/client_test.go +++ b/pkg/websocket/client_test.go @@ -5,6 +5,7 @@ import ( "encoding/json" "errors" "fmt" + "net/http" "net/http/httptest" "testing" "time" @@ -12,6 +13,7 @@ import ( "github.com/go-redis/redis/v8" "github.com/golang/mock/gomock" "github.com/gorilla/websocket" + "github.com/ilhasoft/wwcs/pkg/flows" "github.com/ilhasoft/wwcs/pkg/history" "github.com/stretchr/testify/assert" "go.mongodb.org/mongo-driver/bson/primitive" @@ -51,7 +53,7 @@ func TestParsePayload(t *testing.T) { rdb := redis.NewClient(&redis.Options{Addr: "localhost:6379", DB: 3}) defer rdb.FlushAll(context.TODO()) cm := NewClientManager(rdb, 4) - app := NewApp(NewPool(), rdb, nil, nil, nil, cm, nil) + app := NewApp(NewPool(), rdb, nil, nil, nil, cm, nil, nil) client, ws, s := newTestClient(t) defer client.Conn.Close() defer ws.Close() @@ -111,7 +113,7 @@ func TestCloseSession(t *testing.T) { rdb := redis.NewClient(&redis.Options{Addr: "localhost:6379", DB: 3}) defer rdb.FlushAll(context.TODO()) cm := NewClientManager(rdb, 4) - app := NewApp(NewPool(), rdb, nil, nil, nil, cm, nil) + app := NewApp(NewPool(), rdb, nil, nil, nil, cm, nil, nil) conn := NewOpenConnection(t) client := &Client{ @@ -212,7 +214,7 @@ func TestClientRegister(t *testing.T) { rdb := redis.NewClient(&redis.Options{Addr: "localhost:6379", DB: 3}) defer rdb.FlushAll(context.TODO()) cm := NewClientManager(rdb, 4) - app := NewApp(NewPool(), rdb, nil, nil, nil, cm, nil) + app := NewApp(NewPool(), rdb, nil, nil, nil, cm, nil, nil) var poolSize int client, ws, s := newTestClient(t) @@ -430,7 +432,7 @@ func TestRedirect(t *testing.T) { rdb := redis.NewClient(&redis.Options{Addr: "localhost:6379", DB: 3}) defer rdb.FlushAll(context.TODO()) cm := NewClientManager(rdb, 4) - app := NewApp(NewPool(), rdb, nil, nil, nil, cm, nil) + app := NewApp(NewPool(), rdb, nil, nil, nil, cm, nil, nil) c, ws, s := newTestClient(t) defer c.Conn.Close() defer ws.Close() @@ -596,7 +598,7 @@ func TestGetHistory(t *testing.T) { rdb := redis.NewClient(&redis.Options{Addr: "localhost:6379", DB: 3}) defer rdb.FlushAll(context.TODO()) cm := NewClientManager(rdb, 4) - _ = NewApp(NewPool(), rdb, nil, nil, nil, cm, nil) + _ = NewApp(NewPool(), rdb, nil, nil, nil, cm, nil, nil) client, ws, s := newTestClient(t) defer client.Conn.Close() defer ws.Close() @@ -673,3 +675,27 @@ func NewOpenConnection(t *testing.T) *websocket.Conn { return conn } + +func TestOriginToDomain(t *testing.T) { + origin := "http://foo.bar" + domain, err := OriginToDomain(origin) + assert.Nil(t, err) + assert.Equal(t, "foo.bar", domain) +} + +func TestCheckAllowedDoamin(t *testing.T) { + server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusOK) + _, _ = w.Write([]byte("[\"domain1.com\", \"domain2.com\"]")) + })) + defer server.Close() + + // client := flows.Client{BaseURL: server.URL} + client := flows.NewClient(server.URL) + + app := &App{FlowsClient: client} + + allowed := CheckAllowedDomain(app, "09bf3dee-973e-43d3-8b94-441406c4a565", "domain1.com") + + assert.True(t, allowed) +} diff --git a/pkg/websocket/payload.go b/pkg/websocket/payload.go index 6f993b7..390d4fb 100644 --- a/pkg/websocket/payload.go +++ b/pkg/websocket/payload.go @@ -1,6 +1,8 @@ package websocket import ( + "strings" + "github.com/ilhasoft/wwcs/pkg/history" ) @@ -27,6 +29,15 @@ type OutgoingPayload struct { Params map[string]interface{} `json:"params,omitempty"` } +func (p *OutgoingPayload) ChannelUUID() string { + // "https://flows.stg.cloud.weni.ai/c/wwc/c4dc40fa-37e0-4147-a379-a3e8ffd23f80/receive" + cbsplited := strings.Split(p.Callback, "/") + if len(cbsplited) < 2 { + return "" + } + return cbsplited[len(cbsplited)-2] +} + // HistoryPayload data (history messages) type HistoryPayload struct { Type string `json:"type,omitempty"` diff --git a/script.js b/script.js new file mode 100644 index 0000000..65d741d --- /dev/null +++ b/script.js @@ -0,0 +1,45 @@ +let j = document.createElement("div"); +j.id = "wwc"; +document.body.appendChild(j); + +let s = document.createElement("link"); +s.rel = "stylesheet"; +s.href = ""; +document.head.appendChild(s); + +let p = { + "title": "rafas local webchat", + "inputTextFieldHint": "Type a message...", + "showFullScreenButton": false, + "displayUnreadCount": false, + "mainColor": "#009E96", + "startFullScreen": false, + "embedded": false, + "selector": "#wwc", + "customizeWidget": { + "headerBackgroundColor": "#009E96", + "launcherColor": "#009E96", + "userMessageBubbleColor": "#009E96", + "quickRepliesFontColor": "#009E96", + "quickRepliesBackgroundColor": "#009E9633", + "quickRepliesBorderColor": "#009E96" + }, + "params": { + "images": { + "dims": { + "width": 300, + "height": 200 + } + }, + "storage": "session" + }, + "socketUrl": "https://9f08-2804-14d-128a-832f-45ea-8817-b603-4d1a.ngrok-free.app", + "host": "https://flows.stg.cloud.weni.ai", + "channelUuid": "c4dc40fa-37e0-4147-a379-a3e8ffd23f80" +}; + +p["customMessageDelay"] = message => { + return 1 * 1000; +} + +WebChat.default.init(p); \ No newline at end of file From a272907a18aa8e1bdf0e5732b78488302136c028 Mon Sep 17 00:00:00 2001 From: Rafael Soares Date: Mon, 20 Jan 2025 16:44:35 -0300 Subject: [PATCH 2/7] send messsage forbidden on not allowed domain connection --- pkg/websocket/client.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/pkg/websocket/client.go b/pkg/websocket/client.go index 76ba70e..f131bf9 100644 --- a/pkg/websocket/client.go +++ b/pkg/websocket/client.go @@ -221,7 +221,11 @@ func (c *Client) Register(payload OutgoingPayload, triggerTo postJSON, app *App) } allowed := CheckAllowedDomain(app, payload.ChannelUUID(), domain) if !allowed { - return errors.New("domain not allowed") + payload := IncomingPayload{ + Type: "forbidden", + Warning: "domain not allowed, forbidden connection", + } + return c.Send(payload) } } start := time.Now() From abadd8b9cb1f99f8b6a9ca47af2e167faf0298af Mon Sep 17 00:00:00 2001 From: Rafael Soares Date: Mon, 20 Jan 2025 18:12:26 -0300 Subject: [PATCH 3/7] update dockerfile --- docker/Dockerfile | 7 +++---- docker/docker-entrypoint.sh | 4 ++-- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/docker/Dockerfile b/docker/Dockerfile index 4cc2b44..ef75328 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.23-alpine3.20 AS base +FROM golang:1.23-bookworm AS base ARG APP_UID=1000 ARG APP_GID=1000 @@ -11,7 +11,6 @@ ARG BUILD_DEPS="\ ARG RUNTIME_DEPS="\ curl \ - su-exec \ bash" ARG WWC_PORT="8000" @@ -45,7 +44,7 @@ WORKDIR ${PROJECT_PATH} FROM base AS build -RUN if [ ! "x${BUILD_DEPS}" = "x" ] ; then apk add --no-cache ${BUILD_DEPS}; fi +RUN if [ ! "x${BUILD_DEPS}" = "x" ] ; then apt install ${BUILD_DEPS}; fi # Copy and download dependency using go mod COPY go.mod . @@ -63,7 +62,7 @@ FROM base # copy project COPY --from=build --chown=app_user:app_group ${PROJECT_PATH}/${APPLICATION_NAME} ${PROJECT_PATH} -RUN if [ ! "x${RUNTIME_DEPS}" = "x" ] ; then apk add --no-cache ${RUNTIME_DEPS}; fi +RUN if [ ! "x${RUNTIME_DEPS}" = "x" ] ; then apt install ${RUNTIME_DEPS}; fi COPY docker/docker-entrypoint.sh . diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh index 0cc3ebc..d14c129 100755 --- a/docker/docker-entrypoint.sh +++ b/docker/docker-entrypoint.sh @@ -9,9 +9,9 @@ bootstrap_conf(){ bootstrap_conf if [[ "start" == "$1" ]]; then - exec su-exec "${APP_UID}:${APP_GID}" "./${APPLICATION_NAME}" + exec "./${APPLICATION_NAME}" elif [[ "healthcheck" == "$1" ]]; then - su-exec "${APP_UID}:${APP_GID}" curl -SsLf "http://127.0.0.1:${WWC_PORT}/healthcheck" -o /tmp/null --connect-timeout 3 --max-time 20 -w "%{http_code} %{http_version} %{response_code} %{time_total}\n" || exit 1 + curl -SsLf "http://127.0.0.1:${WWC_PORT}/healthcheck" -o /tmp/null --connect-timeout 3 --max-time 20 -w "%{http_code} %{http_version} %{response_code} %{time_total}\n" || exit 1 exit 0 fi From b65ea6c0cdc8df35816ede8e8af490c7c1dae472 Mon Sep 17 00:00:00 2001 From: Rafael Soares Date: Mon, 20 Jan 2025 19:23:18 -0300 Subject: [PATCH 4/7] fix domain cache verification and add cache timeout config --- config/config.go | 3 ++- pkg/websocket/client.go | 5 +++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/config/config.go b/config/config.go index 5c0341e..e738b19 100644 --- a/config/config.go +++ b/config/config.go @@ -20,7 +20,8 @@ type Configuration struct { RestrictDomains bool `default:"false" env:"WWC_RESTRICT_DOMAINS"` - FlowsURL string `default:"flows.weni.ai" env:"WWC_FLOWS_URL"` + FlowsURL string `default:"flows.weni.ai" env:"WWC_FLOWS_URL"` + MemCacheTimeout int64 `default:"5" env:"WWC_MEM_CACHE_TIMEOUT"` } type S3 struct { diff --git a/pkg/websocket/client.go b/pkg/websocket/client.go index f131bf9..7a7bbfb 100644 --- a/pkg/websocket/client.go +++ b/pkg/websocket/client.go @@ -181,7 +181,7 @@ func CheckAllowedDomain(app *App, channelUUID string, originDomain string) bool var allowedDomains []string = nil var err error cachedDomains, notexpired := cacheChannelDomains.Get(channelUUID) - if !notexpired { + if notexpired { allowedDomains = cachedDomains } else { allowedDomains, err = app.FlowsClient.GetChannelAllowedDomains(channelUUID) @@ -189,7 +189,8 @@ func CheckAllowedDomain(app *App, channelUUID string, originDomain string) bool log.Error("Error on get allowed domains", err) return false } - cacheChannelDomains.Set(channelUUID, allowedDomains, time.Minute*5) + cacheTimeout := config.Get().MemCacheTimeout + cacheChannelDomains.Set(channelUUID, allowedDomains, time.Minute*time.Duration(cacheTimeout)) } if len(allowedDomains) > 0 { for _, domain := range allowedDomains { From 1a2d76abdb31cf9b7ec507a001c2d1bc0a8548ce Mon Sep 17 00:00:00 2001 From: Rafael Soares Date: Tue, 21 Jan 2025 16:24:13 -0300 Subject: [PATCH 5/7] update ci go version --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 08c9e06..14441f9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,7 +1,7 @@ name: ci on: [push, pull_request] env: - go-version: '1.17.x' + go-version: '1.23' jobs: test: name: Test From 3753066badcd127282db95a57abdc3507b7e9f5c Mon Sep 17 00:00:00 2001 From: Rafael Soares Date: Tue, 21 Jan 2025 16:26:00 -0300 Subject: [PATCH 6/7] fix typo --- pkg/websocket/client_test.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/pkg/websocket/client_test.go b/pkg/websocket/client_test.go index 7c9bdb9..5183261 100644 --- a/pkg/websocket/client_test.go +++ b/pkg/websocket/client_test.go @@ -683,14 +683,13 @@ func TestOriginToDomain(t *testing.T) { assert.Equal(t, "foo.bar", domain) } -func TestCheckAllowedDoamin(t *testing.T) { +func TestCheckAllowedDomain(t *testing.T) { server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { w.WriteHeader(http.StatusOK) _, _ = w.Write([]byte("[\"domain1.com\", \"domain2.com\"]")) })) defer server.Close() - // client := flows.Client{BaseURL: server.URL} client := flows.NewClient(server.URL) app := &App{FlowsClient: client} From 369c4dca4ebc4ee213275cf0ba59bfa6393ce0ff Mon Sep 17 00:00:00 2001 From: Rafael Soares Date: Tue, 21 Jan 2025 16:31:36 -0300 Subject: [PATCH 7/7] update configs tests --- config/config.go | 2 +- config/config_test.go | 6 ++++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/config/config.go b/config/config.go index e738b19..0bc261a 100644 --- a/config/config.go +++ b/config/config.go @@ -20,7 +20,7 @@ type Configuration struct { RestrictDomains bool `default:"false" env:"WWC_RESTRICT_DOMAINS"` - FlowsURL string `default:"flows.weni.ai" env:"WWC_FLOWS_URL"` + FlowsURL string `default:"https://flows.weni.ai" env:"WWC_FLOWS_URL"` MemCacheTimeout int64 `default:"5" env:"WWC_MEM_CACHE_TIMEOUT"` } diff --git a/config/config_test.go b/config/config_test.go index aeb8f85..e790aab 100644 --- a/config/config_test.go +++ b/config/config_test.go @@ -36,6 +36,9 @@ var ttDefaultConfigs = Configuration{ ContextTimeout: 15, HealthcheckTimeout: 15, }, + RestrictDomains: false, + FlowsURL: "https://flows.weni.ai", + MemCacheTimeout: 5, } var ttEnvConfigs = Configuration{ @@ -69,6 +72,9 @@ var ttEnvConfigs = Configuration{ ContextTimeout: 15, HealthcheckTimeout: 15, }, + RestrictDomains: false, + FlowsURL: "https://flows.weni.ai", + MemCacheTimeout: 5, } var requiredEnvCases = map[string]string{