rpn: did token

Author: ignoramous

intra/backend/ipn_proxies.go

@@ -85,11 +85,13 @@ const ( // see ipn/proxies.go
 
 type Rpn interface {
 	// EntitlementFrom returns the RpnEntitlement represented by entitlementOrStateJson.
-	EntitlementFrom(entitlementOrStateJson []byte, rpnProviderID string) (RpnEntitlement, error)
+	// `did` is the device identifier to use for this entitlement, if applicable; and `rpnProviderID` is the RPN provider for this entitlement, if applicable.
+	// `rpnProviderID` is the RPN provider to use with this entitlement (ex: RpnWin, RpnSE, etc).
+	EntitlementFrom(entitlementOrStateJson []byte, rpnProviderID, did string) (RpnEntitlement, error)
 	// RegisterSE registers a new SurfEasy user.
 	RegisterSE() error
 	// RegisterWin is alias for RegisterWin.
-	RegisterWin(entitlementOrStateJson []byte) (json []byte, err error)
+	RegisterWin(entitlementOrStateJson []byte, did string) (json []byte, err error)
 	// UnregisterWin unregisters a Windscribe installation.
 	UnregisterWin() bool
 	// UnregisterSE unregisters a SurfEasy user.
@@ -171,8 +173,10 @@ type RpnAcc interface {
 type RpnEntitlement interface {
 	// ProviderID is RPN provider for this entitlement.
 	ProviderID() string
-	// Cid is the Client identifier
+	// Cid is the Client identifier.
 	CID() string
+	// DID is the Device identifier, if any.
+	DID() string
 	// Token is the entitlement token, if any.
 	Token() string
 	// Expiry is ISO 8601 string of the expiry time of this entitlement, if any.
@@ -183,6 +187,8 @@ type RpnEntitlement interface {
 	AllowRestore() bool
 	// Test is set if this entitlement is valid only in the test domain.
 	Test() bool
+	// Json returns entitlement (but not the state) as json.
+	Json() ([]byte, error)
 }
 
 type Proxies interface {

intra/dns53/dot_test.go

@@ -110,7 +110,7 @@ type fakeObs struct {
 
 func (*fakeObs) OnProxyAdded(string)   {}
 func (*fakeObs) OnProxyRemoved(string) {}
-func (*fakeObs) OnProxiesStopped()       {}
+func (*fakeObs) OnProxiesStopped()     {}
 
 type fakeBdg struct {
 	protect.Controller
@@ -125,10 +125,10 @@ var (
 
 func (*fakeBdg) OnQuery(_, _, _ string, _ int) *x.DNSOpts              { return autoNsOpts }
 func (*fakeBdg) OnUpstreamAnswer(_ *x.DNSSummary, _ string) *x.DNSOpts { return nil }
-func (*fakeBdg) OnResponse(*x.DNSSummary)                                {}
+func (*fakeBdg) OnResponse(*x.DNSSummary)                              {}
 func (*fakeBdg) OnDNSAdded(string)                                     {}
 func (*fakeBdg) OnDNSRemoved(string)                                   {}
-func (*fakeBdg) OnDNSStopped()                                           {}
+func (*fakeBdg) OnDNSStopped()                                         {}
 
 func (*fakeBdg) Route(a, b, c, d, e string) *x.Tab { return baseTab }
 func (*fakeBdg) OnComplete(*x.ServerSummary)       {}
@@ -440,8 +440,9 @@ func TestWinReaches(t *testing.T) {
 	}
 	ko(t, err)
 
+	const did = "deadbeefdeadbeefdeadbeefdeadbeef" // some device id
 	ilog.D("ws: read ent (sess? %t): %d", readWinJson, len(entjson))
-	if wreg, err := pxr.RegisterWin(entjson); err != nil {
+	if wreg, err := pxr.RegisterWin(entjson, did); err != nil {
 		t.Fatal(err)
 	} else {
 		entjson = wreg

intra/ipn/proxies.go

@@ -129,6 +129,7 @@ var (
 	errHopGlobalProxy     = errors.New("proxy: hop must be global proxy")
 	errHopNotConnected    = errors.New("proxy: set but not connected over hop")
 	errNilWinCfg          = errors.New("proxy: win cfg nil")
+	errNilWinDevice       = errors.New("proxy: missing win device id")
 	errNilSEProxy         = errors.New("proxy: se proxy nil")
 	errNotRpnProxy        = errors.New("proxy: rpn not found")
 	errNotRpnID           = errors.New("proxy: not rpn id")
@@ -1236,23 +1237,30 @@ func (px *proxifier) Reaches(urlOrHostPortOrIPPortCsv string) bool {
 	return false
 }
 
-func (px *proxifier) EntitlementFrom(entitlementOrStateJson []byte, id string) (x.RpnEntitlement, error) {
+func (px *proxifier) EntitlementFrom(entitlementOrStateJson []byte, did, id string) (ent x.RpnEntitlement, err error) {
 	switch id {
 	case RpnWin:
-		return px.extc.MakeWsEntitlement(entitlementOrStateJson)
+		ent, err = px.extc.MakeWsEntitlement(entitlementOrStateJson, did)
+	default:
+		err = errNotRpnAcc
 	}
-	return nil, errNotRpnAcc
+	return
 }
 
 // RegisterWin implements x.Rpn.
-func (px *proxifier) RegisterWin(entitlementOrState []byte) (stateJson []byte, err error) {
+func (px *proxifier) RegisterWin(entitlementOrState []byte, did string) (stateJson []byte, err error) {
 	defer func() {
 		px.lastWinErr.Store(err) // may be nil
 	}()
+
+	if len(did) <= 0 {
+		return nil, errNilWinDevice
+	}
+
 	existingStateJson := entitlementOrState
 	restore := len(existingStateJson) > 0
 
-	win, err := px.registerWin(existingStateJson)
+	win, err := px.registerWin(existingStateJson, did)
 	if err != nil || core.IsNil(win) {
 		log.E("proxy: ws: make failed: %v", err)
 		return nil, core.JoinErr(err, errNilWinCfg)
@@ -1276,8 +1284,8 @@ func (px *proxifier) RegisterWin(entitlementOrState []byte) (stateJson []byte, e
 	return state, nil
 }
 
-func (px *proxifier) registerWin(entitlementOrStateJson []byte) (RpnAcc, error) {
-	return px.extc.MakeWsWgFrom(entitlementOrStateJson)
+func (px *proxifier) registerWin(entitlementOrStateJson []byte, did string) (RpnAcc, error) {
+	return px.extc.MakeWsWgFrom(entitlementOrStateJson, did)
 }
 
 // RegisterSE implements x.Rpn.

intra/ipn/rpn/yegor.go

@@ -128,6 +128,7 @@ var (
 	errWsNoEntitlement  = errors.New("ws: missing entitlement")
 	errWsNoToken        = errors.New("ws: missing token")
 	errWsNoCid          = errors.New("ws: missing cid")
+	errWsNoDid          = errors.New("ws: missing device id")
 	errWsNoResponse     = errors.New("ws: no response")
 	errWsNoLocHash      = errors.New("ws: no loc hash")
 	errWsNoServerList   = errors.New("ws: no server list")
@@ -702,6 +703,7 @@ type WsWgConfig struct {
 type WsEntitlement struct {
 	Kind         string `json:"kind"`          // e.g. "ws#v1"
 	Cid          string `json:"cid"`           // Client ID
+	Did          string `json:"did,omitempty"` // Device ID, if any
 	Pid          string `json:"pid,omitempty"` // Share ID
 	SessionToken string `json:"sessiontoken"`  // Encrypted session token
 	// Expiry date of the entitlement; go.dev/play/p/d2gshytEF61
@@ -718,6 +720,10 @@ func (e *WsEntitlement) ProviderID() string {
 	return x.RpnWin
 }
 
+func (e *WsEntitlement) DID() string {
+	return e.Did
+}
+
 func (e *WsEntitlement) CID() string {
 	return e.Cid
 }
@@ -742,6 +748,19 @@ func (e *WsEntitlement) Test() bool {
 	return e.TestDomain
 }
 
+func (e *WsEntitlement) Json() ([]byte, error) {
+	if e == nil {
+		return nil, errWsNoEntitlement
+	}
+	var w core.ByteWriter
+	enc := json.NewEncoder(&w)
+	if err := enc.Encode(e); err != nil {
+		return nil, fmt.Errorf("ws: entitlement encode err: %w", err)
+	}
+	// Bytes not recycled as these are crossing into cgo
+	return w.Bytes(), nil
+}
+
 func (a *WsWgConfig) Json() ([]byte, error) {
 	if a == nil {
 		return nil, errWsNoConfig
@@ -751,7 +770,7 @@ func (a *WsWgConfig) Json() ([]byte, error) {
 	if err := a.writeJson(&w); err != nil {
 		return nil, err
 	}
-	// Bytes not recycled
+	// Bytes not recycled as these are crossing into cgo
 	return w.Bytes(), nil
 }
 
@@ -1539,17 +1558,21 @@ func newWsGw(c *WsWgConfig, h *http.Client) (*WsClient, error) {
 	return a, nil
 }
 
-func (w *BaseClient) MakeWsWg(entitlement []byte) (*WsClient, error) {
+func (w *BaseClient) MakeWsWg(entitlement []byte, did string) (*WsClient, error) {
 	if len(entitlement) <= 0 {
 		return nil, errWsNoEntitlement
 	}
+	if len(did) <= 0 {
+		return nil, errWsNoDid
+	}
 
 	var ent WsEntitlement
 	err := json.Unmarshal(entitlement, &ent)
 	if err != nil {
 		return nil, err
 	}
 
+	(&ent).Did = did
 	return makeWsWg(&w.h2, &ent)
 }
 
@@ -1585,28 +1608,37 @@ func makeWsWg(h *http.Client, ent *WsEntitlement) (*WsClient, error) {
 	return newWsGw(cfg, h)
 }
 
-func (w *BaseClient) MakeWsEntitlement(entitlementOrStateJson []byte) (x.RpnEntitlement, error) {
+func (w *BaseClient) MakeWsEntitlement(entitlementOrStateJson []byte, did string) (x.RpnEntitlement, error) {
 	if len(entitlementOrStateJson) <= 0 {
 		return nil, errWsNoEntitlement
 	}
+	if len(did) <= 0 {
+		return nil, errWsNoDid
+	}
 
 	var ent WsEntitlement
 	err1 := json.Unmarshal(entitlementOrStateJson, &ent)
 	if err1 == nil {
+		(&ent).Did = did
 		return &ent, nil
 	}
 	var existingConf WsWgConfig
 	err2 := json.Unmarshal(entitlementOrStateJson, &existingConf)
 	if err2 == nil && existingConf.Entitlement != nil && len(existingConf.Entitlement.SessionToken) > 0 {
-		return existingConf.Entitlement, nil
+		ent := existingConf.Entitlement
+		(ent).Did = did
+		return ent, nil
 	}
 	return nil, core.JoinErr(err1, err2)
 }
 
-func (w *BaseClient) MakeWsWgFrom(entitlementOrWsConfigJson []byte) (*WsClient, error) {
+func (w *BaseClient) MakeWsWgFrom(entitlementOrWsConfigJson []byte, did string) (*WsClient, error) {
 	if len(entitlementOrWsConfigJson) <= 0 {
 		return nil, errWsNoJsonConfig
 	}
+	if len(did) <= 0 {
+		return nil, errWsNoDid
+	}
 
 	var existingConf WsWgConfig
 	err := json.Unmarshal(entitlementOrWsConfigJson, &existingConf)
@@ -1618,8 +1650,9 @@ func (w *BaseClient) MakeWsWgFrom(entitlementOrWsConfigJson []byte) (*WsClient,
 		// may be this is an entitlement and not conf?
 		log.W("ws: make: unmarshal config (sz %d / hasEnt %t / hasTok %t) err? %v; retry as entitlement",
 			sz, hasEnt, hasTok, err)
-		return w.MakeWsWg(entitlementOrWsConfigJson)
+		return w.MakeWsWg(entitlementOrWsConfigJson, did)
 	}
+	(existingConf.Entitlement).Did = did
 	return w.makeWsWgFrom(&existingConf)
 }