aljaz/signal-cli-rest-api
1
0
Fork 0
mirror of https://github.com/aljazceru/signal-cli-rest-api.git synced 2025-12-19 15:44:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

extended trust endpoint

Browse Source 
* added possibility to trust all known keys. This option doesn't require
  the user to provide a safety number, but insted all known keys are
  trusted. This option is obviously less secure and should only be used
  for testing.

see #237
This commit is contained in:
Bernhard B
2022-04-09 09:23:34 +02:00
parent ab4934832a
commit 00ea8809b2
5 changed files with 69 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
src/api/api.go
View File

@@ -116,7 +116,8 @@ type UpdateProfileRequest struct {
}
type TrustIdentityRequest struct {
VerifiedSafetyNumber string `json:"verified_safety_number"`
VerifiedSafetyNumber *string `json:"verified_safety_number"`
TrustAllKnownKeys *bool `json:"trust_all_known_keys" example:"false"`
}
type SendMessageResponse struct {
@@ -967,7 +968,7 @@ func (a *Api) ListIdentities(c *gin.Context) {
// @Summary Trust Identity
// @Tags Identities
// @Description Trust an identity.
// @Description Trust an identity. When 'trust_all_known_keys' is set to' true', all known keys of this user are trusted. **This is only recommended for testing.**
// @Produce json
// @Success 204 {string} OK
// @Param data body TrustIdentityRequest true "Input Data"
@@ -996,12 +997,22 @@ func (a *Api) TrustIdentity(c *gin.Context) {
return
}
if req.VerifiedSafetyNumber == "" {
c.JSON(400, Error{Msg: "Couldn't process request - verified safety number missing"})
if (req.VerifiedSafetyNumber == nil && req.TrustAllKnownKeys == nil) || (req.VerifiedSafetyNumber == nil && req.TrustAllKnownKeys != nil && !*req.TrustAllKnownKeys) {
c.JSON(400, Error{Msg: "Couldn't process request - please either provide a safety number (preferred & more secure) or set 'trust_all_known_keys' to true"})
return
}
err = a.signalClient.TrustIdentity(number, numberToTrust, req.VerifiedSafetyNumber)
if req.VerifiedSafetyNumber != nil && req.TrustAllKnownKeys != nil && *req.TrustAllKnownKeys {
c.JSON(400, Error{Msg: "Couldn't process request - please either provide a safety number or set 'trust_all_known_keys' to true. But do not set both parameters at once!"})
return
}
if req.VerifiedSafetyNumber != nil && *req.VerifiedSafetyNumber == "" {
c.JSON(400, Error{Msg: "Couldn't process request - please provide a valid safety number"})
return
}
err = a.signalClient.TrustIdentity(number, numberToTrust, req.VerifiedSafetyNumber, req.TrustAllKnownKeys)
if err != nil {
c.JSON(400, Error{Msg: err.Error()})
return