Разрешить pairing без доп пароля

This commit is contained in:
AidarKC
2026-06-15 00:54:56 +04:00
parent 49fdbbf7ae
commit bef205aec7
10 changed files with 94 additions and 27 deletions
@@ -55,9 +55,6 @@ public class Net_StartEspPairing_Handler implements JsonMessageHandler {
return NetExceptionResponseFactory.error(req, WireCodes.Status.BAD_REQUEST, "BAD_PAYLOAD_TYPE", "payloadType должен быть 1, 2 или 3");
}
String passwordHash = EspPairingSupport.normalizeOpaqueHash(req.getPasswordHash());
if (passwordHash == null) {
return NetExceptionResponseFactory.error(req, WireCodes.Status.BAD_REQUEST, "EMPTY_PASSWORD_HASH", "Пустой passwordHash");
}
SolanaUserEntry user = SolanaUsersDAO.getInstance().getByLogin(login);
if (user == null) {
@@ -84,9 +81,14 @@ public class Net_StartEspPairing_Handler implements JsonMessageHandler {
if (recentAttempts >= EspPairingSupport.REQUEST_RATE_LIMIT) {
return NetExceptionResponseFactory.error(req, EspPairingSupport.STATUS_PAIRING_RATE_LIMIT, "PAIRING_RATE_LIMITED", "Слишком много pairing-запросов за короткое время");
}
if (!settings.getPasswordHash().equals(passwordHash)) {
String configuredPasswordHash = settings.getPasswordHash() == null ? "" : settings.getPasswordHash().trim();
boolean requiresPassword = !configuredPasswordHash.isBlank();
if (requiresPassword && !configuredPasswordHash.equals(passwordHash)) {
return NetExceptionResponseFactory.error(req, 422, "PAIRING_PASSWORD_INVALID", "Неверный pairing-пароль");
}
if (!requiresPassword && passwordHash != null && !passwordHash.isBlank()) {
passwordHash = "";
}
String clientPlatform = AuthSessionTypeSupport.normalizeClientPlatform(req.getRequesterClientPlatform());
int ttlSeconds = EspPairingSupport.normalizeTtlSeconds(settings.getTtlSeconds());
@@ -29,9 +29,6 @@ public class Net_UpsertEspPairingSettings_Handler implements JsonMessageHandler
boolean enabled = req.getEnabled() != null && req.getEnabled();
String passwordHash = EspPairingSupport.normalizeOpaqueHash(req.getPasswordHash());
int ttlSeconds = EspPairingSupport.normalizeTtlSeconds(req.getTtlSeconds());
if (enabled && (passwordHash == null || passwordHash.isBlank())) {
return NetExceptionResponseFactory.error(req, WireCodes.Status.BAD_REQUEST, "EMPTY_PASSWORD_HASH", "Для включения pairing нужен passwordHash");
}
long now = System.currentTimeMillis();
EspPairingSettingsEntry entry = new EspPairingSettingsEntry();
@@ -79,6 +79,21 @@ public class IT_07_EspPairing {
assertEquals("approved", JsonParsers.payloadText(statusResp, "state"));
assertEquals("AQIDBA==", JsonParsers.payloadText(statusResp, "encryptedPayload"));
String upsertNoPasswordResp = clientWs.call(
"UpsertEspPairingSettings",
JsonBuilders.upsertEspPairingSettings(true, "", 180),
t
);
assertEquals(200, JsonParsers.status(upsertNoPasswordResp), "UpsertEspPairingSettings without password must be 200");
SessionMaterial requesterNoPasswordMaterial = newSessionMaterial();
String startNoPasswordResp = requesterWs.call(
"StartEspPairing",
JsonBuilders.startEspPairing(LOGIN, "", requesterNoPasswordMaterial.sessionKey(), 1, "Android", 1),
t
);
assertEquals(200, JsonParsers.status(startNoPasswordResp), "StartEspPairing without password must be 200");
String forbiddenResp = requesterWs.call(
"ListEspPairingRequests#anonymous",
JsonBuilders.listEspPairingRequests(),
@@ -86,7 +101,7 @@ public class IT_07_EspPairing {
);
assertErrorFormat(forbiddenResp, "ListEspPairingRequests", "PAIRING_REQUIRES_AUTH_SESSION");
r.ok("ESP pairing: обычная доверенная сессия увидела запрос и подтвердила зашифрованный payload");
r.ok("ESP pairing: доверенная сессия принимает заявки как с доп. паролем, так и без него");
}
} catch (Throwable e) {
r.fail("IT_07_EspPairing упал: " + e.getMessage());