2021-02-02 12:05:47 +01:00
|
|
|
// Package probeservices contains code to contact OONI probe services.
|
|
|
|
|
//
|
|
|
|
|
// The probe services are HTTPS endpoints distributed across a bunch of data
|
|
|
|
|
// centres implementing a bunch of OONI APIs. When started, OONI will benchmark
|
|
|
|
|
// the available probe services and select the fastest one. Eventually all the
|
|
|
|
|
// possible OONI APIs will run as probe services.
|
|
|
|
|
//
|
|
|
|
|
// This package implements the following APIs:
|
|
|
|
|
//
|
|
|
|
|
// 1. v2.0.0 of the OONI bouncer specification defined
|
|
|
|
|
// in https://github.com/ooni/spec/blob/master/backends/bk-004-bouncer;
|
|
|
|
|
//
|
|
|
|
|
// 2. v2.0.0 of the OONI collector specification defined
|
|
|
|
|
// in https://github.com/ooni/spec/blob/master/backends/bk-003-collector.md;
|
|
|
|
|
//
|
|
|
|
|
// 3. most of the OONI orchestra API: login, register, fetch URLs for
|
|
|
|
|
// the Web Connectivity experiment, input for Tor and Psiphon.
|
|
|
|
|
//
|
|
|
|
|
// Orchestra is a set of OONI APIs for probe orchestration. We currently mainly
|
|
|
|
|
// using it for fetching inputs for the tor, psiphon, and web experiments.
|
|
|
|
|
//
|
|
|
|
|
// In addition, this package also contains code to benchmark the available
|
|
|
|
|
// probe services, discard non working ones, select the fastest.
|
|
|
|
|
package probeservices
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"errors"
|
|
|
|
|
"net/http"
|
|
|
|
|
"net/url"
|
|
|
|
|
|
refactor: flatten and separate (#353)
* refactor(atomicx): move outside the engine package
After merging probe-engine into probe-cli, my impression is that we have
too much unnecessary nesting of packages in this repository.
The idea of this commit and of a bunch of following commits will instead
be to reduce the nesting and simplify the structure.
While there, improve the documentation.
* fix: always use the atomicx package
For consistency, never use sync/atomic and always use ./internal/atomicx
so we can just grep and make sure we're not risking to crash if we make
a subtle mistake on a 32 bit platform.
While there, mention in the contributing guidelines that we want to
always prefer the ./internal/atomicx package over sync/atomic.
* fix(atomicx): remove unnecessary constructor
We don't need a constructor here. The default constructed `&Int64{}`
instance is already usable and the constructor does not add anything to
what we are doing, rather it just creates extra confusion.
* cleanup(atomicx): we are not using Float64
Because atomicx.Float64 is unused, we can safely zap it.
* cleanup(atomicx): simplify impl and improve tests
We can simplify the implementation by using defer and by letting
the Load() method call Add(0).
We can improve tests by making many goroutines updated the
atomic int64 value concurrently.
* refactor(fsx): can live in the ./internal pkg
Let us reduce the amount of nesting. While there, ensure that the
package only exports the bare minimum, and improve the documentation
of the tests, to ease reading the code.
* refactor: move runtimex to ./internal
* refactor: move shellx into the ./internal package
While there, remove unnecessary dependency between packages.
While there, specify in the contributing guidelines that
one should use x/sys/execabs instead of os/exec.
* refactor: move ooapi into the ./internal pkg
* refactor(humanize): move to ./internal and better docs
* refactor: move platform to ./internal
* refactor(randx): move to ./internal
* refactor(multierror): move into the ./internal pkg
* refactor(kvstore): all kvstores in ./internal
Rather than having part of the kvstore inside ./internal/engine/kvstore
and part in ./internal/engine/kvstore.go, let us put every piece of code
that is kvstore related into the ./internal/kvstore package.
* fix(kvstore): always return ErrNoSuchKey on Get() error
It should help to use the kvstore everywhere removing all the
copies that are lingering around the tree.
* sessionresolver: make KVStore mandatory
Simplifies implementation. While there, use the ./internal/kvstore
package rather than having our private implementation.
* fix(ooapi): use the ./internal/kvstore package
* fix(platform): better documentation
2021-06-04 10:34:18 +02:00
|
|
|
"github.com/ooni/probe-cli/v3/internal/atomicx"
|
2022-01-05 17:17:20 +01:00
|
|
|
"github.com/ooni/probe-cli/v3/internal/httpx"
|
2022-01-03 13:53:23 +01:00
|
|
|
"github.com/ooni/probe-cli/v3/internal/model"
|
2021-02-02 12:05:47 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var (
|
|
|
|
|
// ErrUnsupportedEndpoint indicates that we don't support this endpoint type.
|
|
|
|
|
ErrUnsupportedEndpoint = errors.New("probe services: unsupported endpoint type")
|
|
|
|
|
|
|
|
|
|
// ErrUnsupportedCloudFrontAddress indicates that we don't support this
|
|
|
|
|
// cloudfront address (e.g. wrong scheme, presence of port).
|
|
|
|
|
ErrUnsupportedCloudFrontAddress = errors.New(
|
|
|
|
|
"probe services: unsupported cloud front address",
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// ErrNotRegistered indicates that the probe is not registered
|
|
|
|
|
// with the OONI orchestra backend.
|
|
|
|
|
ErrNotRegistered = errors.New("not registered")
|
|
|
|
|
|
|
|
|
|
// ErrNotLoggedIn indicates that we are not logged in
|
|
|
|
|
ErrNotLoggedIn = errors.New("not logged in")
|
|
|
|
|
|
|
|
|
|
// ErrInvalidMetadata indicates that the metadata is not valid
|
|
|
|
|
ErrInvalidMetadata = errors.New("invalid metadata")
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Session is how this package sees a Session.
|
|
|
|
|
type Session interface {
|
|
|
|
|
DefaultHTTPClient() *http.Client
|
|
|
|
|
KeyValueStore() model.KeyValueStore
|
|
|
|
|
Logger() model.Logger
|
|
|
|
|
ProxyURL() *url.URL
|
|
|
|
|
UserAgent() string
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Client is a client for the OONI probe services API.
|
|
|
|
|
type Client struct {
|
2022-01-05 14:15:42 +01:00
|
|
|
httpx.APIClientTemplate
|
2021-02-02 12:05:47 +01:00
|
|
|
LoginCalls *atomicx.Int64
|
|
|
|
|
RegisterCalls *atomicx.Int64
|
|
|
|
|
StateFile StateFile
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// GetCredsAndAuth is an utility function that returns the credentials with
|
|
|
|
|
// which we are registered and the token with which we're logged in. If we're
|
|
|
|
|
// not registered or not logged in, an error is returned instead.
|
|
|
|
|
func (c Client) GetCredsAndAuth() (*LoginCredentials, *LoginAuth, error) {
|
|
|
|
|
state := c.StateFile.Get()
|
|
|
|
|
creds := state.Credentials()
|
|
|
|
|
if creds == nil {
|
|
|
|
|
return nil, nil, ErrNotRegistered
|
|
|
|
|
}
|
|
|
|
|
auth := state.Auth()
|
|
|
|
|
if auth == nil {
|
|
|
|
|
return nil, nil, ErrNotLoggedIn
|
|
|
|
|
}
|
|
|
|
|
return creds, auth, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewClient creates a new client for the specified probe services endpoint. This
|
|
|
|
|
// function fails, e.g., we don't support the specified endpoint.
|
2022-01-03 13:53:23 +01:00
|
|
|
func NewClient(sess Session, endpoint model.OOAPIService) (*Client, error) {
|
2021-02-02 12:05:47 +01:00
|
|
|
client := &Client{
|
2022-01-05 14:15:42 +01:00
|
|
|
APIClientTemplate: httpx.APIClientTemplate{
|
2021-02-02 12:05:47 +01:00
|
|
|
BaseURL: endpoint.Address,
|
|
|
|
|
HTTPClient: sess.DefaultHTTPClient(),
|
|
|
|
|
Logger: sess.Logger(),
|
|
|
|
|
UserAgent: sess.UserAgent(),
|
|
|
|
|
},
|
refactor: flatten and separate (#353)
* refactor(atomicx): move outside the engine package
After merging probe-engine into probe-cli, my impression is that we have
too much unnecessary nesting of packages in this repository.
The idea of this commit and of a bunch of following commits will instead
be to reduce the nesting and simplify the structure.
While there, improve the documentation.
* fix: always use the atomicx package
For consistency, never use sync/atomic and always use ./internal/atomicx
so we can just grep and make sure we're not risking to crash if we make
a subtle mistake on a 32 bit platform.
While there, mention in the contributing guidelines that we want to
always prefer the ./internal/atomicx package over sync/atomic.
* fix(atomicx): remove unnecessary constructor
We don't need a constructor here. The default constructed `&Int64{}`
instance is already usable and the constructor does not add anything to
what we are doing, rather it just creates extra confusion.
* cleanup(atomicx): we are not using Float64
Because atomicx.Float64 is unused, we can safely zap it.
* cleanup(atomicx): simplify impl and improve tests
We can simplify the implementation by using defer and by letting
the Load() method call Add(0).
We can improve tests by making many goroutines updated the
atomic int64 value concurrently.
* refactor(fsx): can live in the ./internal pkg
Let us reduce the amount of nesting. While there, ensure that the
package only exports the bare minimum, and improve the documentation
of the tests, to ease reading the code.
* refactor: move runtimex to ./internal
* refactor: move shellx into the ./internal package
While there, remove unnecessary dependency between packages.
While there, specify in the contributing guidelines that
one should use x/sys/execabs instead of os/exec.
* refactor: move ooapi into the ./internal pkg
* refactor(humanize): move to ./internal and better docs
* refactor: move platform to ./internal
* refactor(randx): move to ./internal
* refactor(multierror): move into the ./internal pkg
* refactor(kvstore): all kvstores in ./internal
Rather than having part of the kvstore inside ./internal/engine/kvstore
and part in ./internal/engine/kvstore.go, let us put every piece of code
that is kvstore related into the ./internal/kvstore package.
* fix(kvstore): always return ErrNoSuchKey on Get() error
It should help to use the kvstore everywhere removing all the
copies that are lingering around the tree.
* sessionresolver: make KVStore mandatory
Simplifies implementation. While there, use the ./internal/kvstore
package rather than having our private implementation.
* fix(ooapi): use the ./internal/kvstore package
* fix(platform): better documentation
2021-06-04 10:34:18 +02:00
|
|
|
LoginCalls: &atomicx.Int64{},
|
|
|
|
|
RegisterCalls: &atomicx.Int64{},
|
2021-02-02 12:05:47 +01:00
|
|
|
StateFile: NewStateFile(sess.KeyValueStore()),
|
|
|
|
|
}
|
|
|
|
|
switch endpoint.Type {
|
|
|
|
|
case "https":
|
|
|
|
|
return client, nil
|
|
|
|
|
case "cloudfront":
|
|
|
|
|
// Do the cloudfronting dance. The front must appear inside of the
|
|
|
|
|
// URL, so that we use it for DNS resolution and SNI. The real domain
|
|
|
|
|
// must instead appear inside of the Host header.
|
|
|
|
|
URL, err := url.Parse(client.BaseURL)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
if URL.Scheme != "https" || URL.Host != URL.Hostname() {
|
|
|
|
|
return nil, ErrUnsupportedCloudFrontAddress
|
|
|
|
|
}
|
2022-01-05 14:15:42 +01:00
|
|
|
client.APIClientTemplate.Host = URL.Hostname()
|
2021-02-02 12:05:47 +01:00
|
|
|
URL.Host = endpoint.Front
|
|
|
|
|
client.BaseURL = URL.String()
|
|
|
|
|
if _, err := url.Parse(client.BaseURL); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
return client, nil
|
|
|
|
|
default:
|
|
|
|
|
return nil, ErrUnsupportedEndpoint
|
|
|
|
|
}
|
|
|
|
|
}
|