Adjust again for uncertian config

2025-08-26 20:25:42 +02:00 · 2025-08-20 17:48:55 -07:00 · 2025-08-20 17:48:55 -07:00 · 77796e8a75
commit 77796e8a75
parent 49f0f6ec7d
9 changed files with 18 additions and 13 deletions
--- a/server/lib/consts.ts
+++ b/server/lib/consts.ts
@ -2,7 +2,7 @@ import path from "path";
 import { fileURLToPath } from "url";

 // This is a placeholder value replaced by the build process
-export const APP_VERSION = "1.8.0";
+export const APP_VERSION = "1.9.0";

 export const __FILENAME = fileURLToPath(import.meta.url);
 export const __DIRNAME = path.dirname(__FILENAME);
--- a/server/lib/readConfigFile.ts
+++ b/server/lib/readConfigFile.ts
@ -44,7 +44,7 @@ export const configSchema = z
                name: z.string().optional(),
                id: z.string().optional(),
                secret: z.string().optional(),
-                endpoint: z.string().optional(),
+                endpoint: z.string().optional().default("https://pangolin.fossorial.io"),
                redirect_endpoint: z.string().optional()
            })
            .optional(),
--- a/server/routers/badger/verifySession.ts
+++ b/server/routers/badger/verifySession.ts
@ -195,7 +195,7 @@ export async function verifyResourceSession(
        if (config.isHybridMode()) {
            endpoint = config.getRawConfig().hybrid?.redirect_endpoint || config.getRawConfig().hybrid?.endpoint || "";
        } else {
-            endpoint = config.getRawConfig().app.dashboard_url;
+            endpoint = config.getRawConfig().app.dashboard_url!;
        }
        const redirectUrl = `${endpoint}/auth/resource/${encodeURIComponent(
            resource.resourceId
--- a/server/routers/idp/createOidcIdp.ts
+++ b/server/routers/idp/createOidcIdp.ts
@ -81,7 +81,7 @@ export async function createOidcIdp(
            autoProvision
        } = parsedBody.data;

-        const key = config.getRawConfig().server.secret;
+        const key = config.getRawConfig().server.secret!;

        const encryptedSecret = encrypt(clientSecret, key);
        const encryptedClientId = encrypt(clientId, key);
--- a/server/routers/idp/generateOidcUrl.ts
+++ b/server/routers/idp/generateOidcUrl.ts
@ -89,7 +89,7 @@ export async function generateOidcUrl(
                return scope.length > 0;
            });

-        const key = config.getRawConfig().server.secret;
+        const key = config.getRawConfig().server.secret!;

        const decryptedClientId = decrypt(
            existingIdp.idpOidcConfig.clientId,
@ -124,7 +124,7 @@ export async function generateOidcUrl(
                state,
                codeVerifier
            },
-            config.getRawConfig().server.secret
+            config.getRawConfig().server.secret!
        );

        res.cookie("p_oidc_state", stateJwt, {
--- a/server/routers/idp/getIdp.ts
+++ b/server/routers/idp/getIdp.ts
@ -65,7 +65,7 @@ export async function getIdp(
            return next(createHttpError(HttpCode.NOT_FOUND, "Idp not found"));
        }

-        const key = config.getRawConfig().server.secret;
+        const key = config.getRawConfig().server.secret!;

        if (idpRes.idp.type === "oidc") {
            const clientSecret = idpRes.idpOidcConfig!.clientSecret;
--- a/server/routers/idp/updateOidcIdp.ts
+++ b/server/routers/idp/updateOidcIdp.ts
@ -119,7 +119,7 @@ export async function updateOidcIdp(
            );
        }

-        const key = config.getRawConfig().server.secret;
+        const key = config.getRawConfig().server.secret!;
        const encryptedSecret = clientSecret
            ? encrypt(clientSecret, key)
            : undefined;
--- a/server/routers/idp/validateOidcCallback.ts
+++ b/server/routers/idp/validateOidcCallback.ts
@ -96,7 +96,7 @@ export async function validateOidcCallback(
            );
        }

-        const key = config.getRawConfig().server.secret;
+        const key = config.getRawConfig().server.secret!;

        const decryptedClientId = decrypt(
            existingIdp.idpOidcConfig.clientId,
@ -116,7 +116,7 @@ export async function validateOidcCallback(

        const statePayload = jsonwebtoken.verify(
            storedState,
-            config.getRawConfig().server.secret,
+            config.getRawConfig().server.secret!,
            function (err, decoded) {
                if (err) {
                    logger.error("Error verifying state JWT", { err });
--- a/server/routers/newt/handleNewtRegisterMessage.ts
+++ b/server/routers/newt/handleNewtRegisterMessage.ts
@ -71,8 +71,8 @@ export const handleNewtRegisterMessage: MessageHandler = async (context) => {
        .where(eq(sites.siteId, siteId))
        .limit(1);

-    if (!oldSite || !oldSite.exitNodeId) {
-        logger.warn("Site not found or does not have exit node");
+    if (!oldSite) {
+        logger.warn("Site not found");
        return;
    }

@ -137,13 +137,18 @@ export const handleNewtRegisterMessage: MessageHandler = async (context) => {
            .returning();
    }

+    if (!exitNodeIdToQuery) {
+        logger.warn("No exit node ID to query");
+        return;
+    }
+
    const [exitNode] = await db
        .select()
        .from(exitNodes)
        .where(eq(exitNodes.exitNodeId, exitNodeIdToQuery))
        .limit(1);

-    if (oldSite.pubKey && oldSite.pubKey !== publicKey) {
+    if (oldSite.pubKey && oldSite.pubKey !== publicKey && oldSite.exitNodeId) {
        logger.info("Public key mismatch. Deleting old peer...");
        await deletePeer(oldSite.exitNodeId, oldSite.pubKey);
    }