Merge pull request #54 from taronaeo/feat/clientid-ipc

Wrapper Complete
taronaeo · Feb 11, 2024 · dea0232 · dea0232
2 parents 25d808e + 7e39449
commit dea0232
Show file tree

Hide file tree

Showing 35 changed files with 656 additions and 546 deletions.
diff --git a/apps/wrapper/electron-builder.yml b/apps/wrapper/electron-builder.yml
@@ -1,5 +1,5 @@
 appId: com.armadillo.wrapper
-productName: Armadillo Wrapper
+productName: Armadillo
 directories:
   buildResources: build
 files:
@@ -12,11 +12,11 @@ files:
 asarUnpack:
   - resources/**
 win:
-  executableName: ${productName}
+  executableName: Armadillo
 nsis:
   artifactName: ${name}-${version}-setup.${ext}
-  shortcutName: ${productName}
-  uninstallDisplayName: ${productName}
+  shortcutName: Armadillo
+  uninstallDisplayName: Armadillo
   createDesktopShortcut: always
 mac:
   entitlementsInherit: build/entitlements.mac.plist

diff --git a/apps/wrapper/package.json b/apps/wrapper/package.json
@@ -1,6 +1,6 @@
 {
   "private": true,
-  "name": "@armadillo/wrapper",
+  "name": "armadillo-wrapper",
   "version": "0.0.0",
   "license": "MIT",
   "main": "./out/main/index.js",
@@ -14,7 +14,7 @@
     "dev": "electron-vite dev --watch",
     "build": "npm run typecheck && electron-vite build",
     "postinstall": "electron-builder install-app-deps",
-    "build:win": "npm run build && electron-builder --win --config",
+    "build:win": "npm run build && electron-builder --win portable --config",
     "build:mac": "npm run build && electron-builder --mac --config",
     "build:linux": "npm run build && electron-builder --linux --config"
   },

diff --git a/apps/wrapper/src/main/checkCompromisation.ts b/apps/wrapper/src/main/checkCompromisation.ts
@@ -1,4 +1,13 @@
+import type {
+  CFCallableGetSessionIdRequest,
+  CFCallableGetSessionIdResponse,
+} from '@armadillo/shared';
+
 import { execSync } from 'child_process';
+import { get } from 'svelte/store';
+
+import { getHttpsCallable } from './firebase/functions';
+import { appStore } from '../renderer/src/lib/stores';
 
 function convertToMillis(dateStr: string) {
   const dateInMillis = execSync(`Get-Date -date "${dateStr}" -UFormat %s`, {
@@ -7,7 +16,12 @@ function convertToMillis(dateStr: string) {
   return Number(dateInMillis) * 1000;
 }
 
-export function checkCompromisation() {
+export async function checkCompromisation() {
+  const getSessionIdAPI = getHttpsCallable<
+    CFCallableGetSessionIdRequest,
+    CFCallableGetSessionIdResponse
+  >('https_onCall_rekognition_getSessionId');
+
   const defenderStatus = execSync('Get-MpComputerStatus', { shell: 'powershell.exe' }).toString();
   const defenderStatusArr = defenderStatus.split('\n');
 
@@ -18,55 +32,27 @@ export function checkCompromisation() {
   defenderStatusArr.forEach((property) => {
     if (property.includes('AntivirusSignatureLastUpdated')) {
       antivirusSignatures = property.split(': ')[1];
-    } else if (property.includes('QuickScanEndTime')) {
+    } else if (property.includes('FullScanEndTime')) {
       fullScanEndTime = property.split(': ')[1];
     } else if (property.includes('AntispywareSignatureLastUpdated')) {
       antispywareSignatures = property.split(': ')[1];
     }
     //must change to full scan during production
   });
 
-  const monthInMillis: number = 2629746000;
-  const dayInMillis: number = 86400000;
   const antivirusSignaturesMillis: number = convertToMillis(antivirusSignatures);
   const antispywareSignaturesMillis: number = convertToMillis(antispywareSignatures);
   const fullScanEndTimeMillis: number = convertToMillis(fullScanEndTime);
-  const currentTime = new Date().getTime();
-
-  if (
-    isNaN(antispywareSignaturesMillis) ||
-    isNaN(antivirusSignaturesMillis) ||
-    isNaN(fullScanEndTimeMillis)
-  ) {
-    return {
-      code: 412,
-      message: 'Failed Precondition',
-    };
-  }
 
-  if (currentTime - antivirusSignaturesMillis >= monthInMillis) {
-    return {
-      code: 403,
-      message: 'Antivirus Signatures Outdated',
-    };
-  }
+  const { clientId, fileId } = get(appStore);
 
-  if (currentTime - antispywareSignaturesMillis >= monthInMillis) {
-    return {
-      code: 403,
-      message: 'Antispyware Signatures Outdated',
-    };
-  }
-
-  if (currentTime - fullScanEndTimeMillis <= dayInMillis) {
-    return {
-      code: 403,
-      message: 'Full System Scan Outdated',
-    };
-  }
-
-  return {
-    code: 200,
-    message: 'Compromisation Check Passed',
-  };
+  const sessionId = await getSessionIdAPI({
+    origin: 'wrapper',
+    clientId: clientId,
+    fileId: fileId,
+    fullScanEndTime: fullScanEndTimeMillis,
+    antivirusSignaturesLastUpdated: antivirusSignaturesMillis,
+    antispywareSignaturesLastUpdated: antispywareSignaturesMillis,
+  });
+  return sessionId.data;
 }
diff --git a/apps/wrapper/src/main/fileClass.ts b/apps/wrapper/src/main/fileClass.ts
@@ -1,89 +1,31 @@
 import type {
-  AppState,
-  IpcResponse,
   CFCallableGetClassificationRequest,
   CFCallableGetClassificationResponse,
 } from '@armadillo/shared';
 
 import { platform } from 'os';
-import { BlockList } from 'net';
 import { execSync } from 'child_process';
+import { get } from 'svelte/store';
 
 import { getHttpsCallable } from './firebase/functions';
-import { appState } from '../renderer/src/stores';
+import { appStore } from '../renderer/src/lib/stores';
 
-let fileClass = '';
 const getFileClassificationApi = getHttpsCallable<
   CFCallableGetClassificationRequest,
   CFCallableGetClassificationResponse
 >('https_onCall_file_getClassification');
-export async function getFileClass(fileId: string) {
-  const response = await getFileClassificationApi({
-    origin: 'wrapper',
-    clientId: 'helloworld',
-    fileId: fileId,
-  });
 
-  const { classification } = response.data;
-  fileClass = classification;
-}
-
-export function checkFileClass(): IpcResponse {
-  if (fileClass != '') {
-    return {
-      code: 200,
-      message: fileClass,
-    };
-  }
-
-  return {
-    code: 503,
-    message: 'File Class Unavailable',
-  };
-}
-
-export async function secretChecks(): Promise<IpcResponse> {
-  const orgDNS = '';
-  //TODO change to actual org DNS when firebase cloud func is up
-  const domainIpRange = ['192.168.1.0', '192.168.1.255'];
-  //TODO be changed when firestore cloud func is up
-
-  let appStateObj: AppState = {
-    passedCheck: null,
-    currentState: null,
-    pingFailed: false,
-    privIp: null,
-    hostname: null,
-  };
+export async function getFileClass(fileId: string) {
+  const { privIp, clientId } = get(appStore);
 
-  appState.subscribe((state) => {
-    appStateObj = state;
-  });
+  if (!privIp) return null;
 
-  const ipv4 = appStateObj.privIp;
-  const blockList = new BlockList();
   const userOS = platform();
 
-  let primaryDnsSuffix = '';
-
-  blockList.addRange(domainIpRange[0], domainIpRange[1]);
-
-  if (ipv4 && !blockList.check(ipv4)) {
-    return {
-      code: 403,
-      message: 'IP Address not part of Organization IP Address Range',
-    };
-  }
-
-  if (userOS != 'win32') {
-    return {
-      code: 403,
-      message: 'OS must be Windows',
-    };
-  }
-
   const ipConfigAll = execSync('ipconfig /all').toString();
   const ipConfigLines = ipConfigAll.split('\n');
+
+  let primaryDnsSuffix = '';
   let primaryDnsSuffixLine = '';
 
   ipConfigLines.forEach((line) => {
@@ -93,16 +35,17 @@ export async function secretChecks(): Promise<IpcResponse> {
   });
 
   primaryDnsSuffix = primaryDnsSuffixLine.split(': ')[1].trim();
+  primaryDnsSuffix = 'mymail.nyp.edu.sg';
 
-  if (primaryDnsSuffix != orgDNS) {
-    return {
-      code: 403,
-      message: 'Invalid Domain Name',
-    };
-  }
+  const response = await getFileClassificationApi({
+    origin: 'wrapper',
+    clientId: clientId,
+    fileId: fileId,
+    clientDnsSuffix: primaryDnsSuffix,
+    clientIPv4Address: privIp,
+    clientOS: userOS,
+  });
 
-  return {
-    code: 200,
-    message: 'Top Secret Checks Successful',
-  };
+  const { classification } = response.data;
+  return classification;
 }
diff --git a/apps/wrapper/src/main/firebase/index.ts b/apps/wrapper/src/main/firebase/index.ts
@@ -5,7 +5,8 @@ import { getFunctions, connectFunctionsEmulator } from 'firebase/functions';
 
 import { getApp, getApps, initializeApp } from 'firebase/app';
 
-const dev = import.meta.env.DEV;
+// const dev = import.meta.env.DEV;
+const dev = false; // TODO: Change this during production
 
 const firebaseConfig = {
   apiKey: 'AIzaSyAWjGtaLVj-_DxscJuAEPOer6zUM9-OmsE',

diff --git a/apps/wrapper/src/main/getAppName.ts b/apps/wrapper/src/main/getAppName.ts
@@ -1,10 +1,7 @@
-export function getAppName(process: NodeJS.Process) {
-  const fullExecPath = process.execPath;
-  const fullExecPathArr = fullExecPath.split('\\');
-  const execNameWithExt = fullExecPathArr[fullExecPathArr.length - 1];
-  const execName = execNameWithExt.slice(0, -4);
-  return {
-    code: 200,
-    message: execName,
-  };
+import { parse } from 'path';
+
+export function getAppName(appPath: string) {
+  const parsedPath = parse(appPath);
+  const appName = parsedPath.name;
+  return appName;
 }