mirror/kopia
1
0
Fork 0
mirror of https://github.com/kopia/kopia.git synced 2026-03-26 01:51:20 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
8ec295eddd2f61ec0a4bd628d6b5fa2f40f031ea
kopia/internal/server/server_authz_checks.go
Jarek Kowalski 0f7253eb66 feat(general): rewrote content logs to always be JSON-based and reorganized log structure (#4822) 
This is a breaking change to users who might be using Kopia as a library.

### Log Format

```json
{"t":"<timestamp-rfc-3389-microseconds>", "span:T1":"V1", "span:T2":"V2", "n":"<source>", "m":"<message>", /*parameters*/}
```

Where each record is associated with one or more spans that describe its scope:

* `"span:client": "<hash-of-username@hostname>"`
* `"span:repo": "<random>"` - random identifier of a repository connection (from `repo.Open`)
* `"span:maintenance": "<random>"` - random identifier of a maintenance session
* `"span:upload": "<hash-of-username@host:/path>"` - uniquely identifies upload session of a given directory
* `"span:checkpoint": "<random>"` - encapsulates each checkpoint operation during Upload
* `"span:server-session": "<random>"` -single client connection to the server
* `"span:flush": "<random>"` - encapsulates each Flush session
* `"span:maintenance": "<random>"` - encapsulates each maintenance operation
* `"span:loadIndex" : "<random>"` - encapsulates index loading operation
* `"span:emr" : "<random>"` - encapsulates epoch manager refresh
* `"span:writePack": "<pack-blob-ID>"` - encapsulates pack blob preparation and writing

(plus additional minor spans for various phases of the maintenance).

Notable points:

- Used internal zero allocation JSON writer for reduced memory usage.
- renamed `--disable-internal-log` to `--disable-repository-log` (controls saving blobs to repository)
- added `--disable-content-log` (controls writing of `content-log` files)
- all storage operations are also logged in a structural way and associated with the corresponding spans.
- all content IDs are logged in a truncated format (since first N bytes that are usually enough to be unique) to improve compressibility of logs (blob IDs are frequently repeated but content IDs usually appear just once).

This format should make it possible to recreate the journey of any single content throughout pack blobs, indexes and compaction events.
2025-09-27 17:11:13 -07:00

102 lines
2.2 KiB
Go
Raw Blame History

package server
import (
"context"
"crypto/hmac"
"crypto/sha256"
"crypto/subtle"
"encoding/hex"
"io"
"net/http"
"github.com/kopia/kopia/internal/apiclient"
)
// kopiaSessionCookie is the name of the session cookie that Kopia server will generate for all
// UI sessions.
const kopiaSessionCookie = "Kopia-Session-Cookie"
func (s *Server) generateCSRFToken(sessionID string) string {
h := hmac.New(sha256.New, s.authCookieSigningKey)
if _, err := io.WriteString(h, sessionID); err != nil {
panic("io.WriteString() failed: " + err.Error())
}
return hex.EncodeToString(h.Sum(nil))
}
func (s *Server) validateCSRFToken(r *http.Request) bool {
if s.options.DisableCSRFTokenChecks {
return true
}
ctx := r.Context()
path := r.URL.Path
sessionCookie, err := r.Cookie(kopiaSessionCookie)
if err != nil {
userLog(ctx).Warnf("missing or invalid session cookie for %q: %v", path, err)
return false
}
validToken := s.generateCSRFToken(sessionCookie.Value)
token := r.Header.Get(apiclient.CSRFTokenHeader)
if token == "" {
userLog(ctx).Warnf("missing CSRF token for %v", path)
return false
}
if subtle.ConstantTimeCompare([]byte(validToken), []byte(token)) == 1 {
return true
}
userLog(ctx).Warnf("got invalid CSRF token for %v: %v, want %v, session %v", path, token, validToken, sessionCookie.Value)
return false
}
func requireUIUser(_ context.Context, rc requestContext) bool {
if rc.srv.getAuthenticator() == nil {
return true
}
if rc.srv.getOptions().UIUser == "" {
return false
}
user, _, _ := rc.req.BasicAuth()
return user == rc.srv.getOptions().UIUser
}
func requireServerControlUser(_ context.Context, rc requestContext) bool {
if rc.srv.getAuthenticator() == nil {
return true
}
if rc.srv.getOptions().ServerControlUser == "" {
return false
}
user, _, _ := rc.req.BasicAuth()
return user == rc.srv.getOptions().ServerControlUser
}
func anyAuthenticatedUser(_ context.Context, _ requestContext) bool {
return true
}
func handlerWillCheckAuthorization(_ context.Context, _ requestContext) bool {
return true
}
var (
_ isAuthorizedFunc = requireUIUser
_ isAuthorizedFunc = anyAuthenticatedUser
_ isAuthorizedFunc = handlerWillCheckAuthorization
)
Reference in New Issue View Git Blame Copy Permalink