Merge pull request #681 from Pylons-tech/fix/push-notification-end-po…

…ints

Fix/push notification end points

big-dipper/.meteor/packages

@@ -35,3 +35,5 @@ ostrio:flow-router-meta
 ostrio:flow-router-extra
 server-render@0.4.0
 nimble:restivus
+meteorhacks:async
+webapp

big-dipper/.meteor/versions

@@ -48,6 +48,7 @@ localstorage@1.2.0
 logging@1.3.1
 meteor@1.10.0
 meteor-base@1.5.1
+meteorhacks:async@1.0.0
 meteortesting:browser-tests@1.3.5
 meteortesting:mocha@1.1.5
 meteortesting:mocha-core@7.0.1

big-dipper/imports/api/fcmtoken/server/methods.js

@@ -1,104 +1,138 @@
-import { Meteor } from "meteor/meteor";
-import { FCMToken } from "../fcmtoken.js";
-import { admin } from "../../admin.js";
+import { WebApp } from 'meteor/webapp'
+import { FCMToken } from '../fcmtoken.js'
+import { admin } from '../../admin.js'
+import connectRoute from 'connect-route'
+import { isString } from 'lodash'
 // Global API configuration
-var Api = new Restivus({
-  useDefaultAuth: true,
-  prettyJson: true,
-});
 
-const StatusOk = 200;
-const StatusInvalidInput = 400;
-const InternalServerError = 500;
-const Success = "Success";
-const Failed = "Failed";
-const BadRequest = "Bad Request";
-const AppCheckFailed = "App Check Failed"
+const StatusOk = 200
+const StatusInvalidInput = 400
+const Success = 'Success'
+const Failed = 'Failed'
+const BadRequest = 'Bad Request'
+const AppCheckFailed = 'App Check Failed'
 
-Api.addRoute(
-  "fcmtoken/update/:address/:token",
-  { authRequired: false },
-  {
-    //update fcm token against address
-    post: function () {
-      if (!Valid(this.urlParams.address) || !Valid(this.urlParams.token)) {
-        return {
-          Code: StatusInvalidInput,
-          Message: BadRequest,
-          Data: null,
-        };
+WebApp.connectHandlers.use(
+  connectRoute(function (router) {
+    router.post('/fcmtoken/update/:address/:token', async function (req, res) {
+      // validate that params exist
+      if (!Valid(req.params.address) || !Valid(req.params.token)) {
+        res.writeHead(StatusOk, {
+          'Content-Type': 'text/html'
+        })
+
+        res.end(
+          JSON.stringify({
+            Code: StatusInvalidInput,
+            Message: BadRequest,
+            Data: null
+          })
+        )
       }
 
+      const h = req.headers
+      // app check header check
+      if (!h['x-firebase-appcheck']) {
+        res.writeHead(StatusOk, {
+          'Content-Type': 'text/html'
+        })
 
-      let h = this.request.headers;
-      if(!h['x-firebase-appcheck']){
-        return {
-          Code: StatusInvalidInput,
-          Message: AppCheckFailed,
-          Data: "x-firebase-appcheck header not found",
-        }; 
-      }
-
-      // admin.appCheck().verifyToken(h['x-firebase-appcheck']).then((res) => {
-          var result = updateFCMToken(this.urlParams.address, this.urlParams.token);
-
-          if (result === false) {
-            return {
-              Code: InternalServerError,
+        res.end(
+          JSON.stringify({
+            Code: StatusInvalidInput,
+            Message: AppCheckFailed,
+            Data: 'x-firebase-appcheck header missing'
+          })
+        )
+      } else {
+        // performing app check
+        const appCheckClaims = await verifyAppCheckToken(
+          h['x-firebase-appcheck']
+        )
+
+        // app check failed
+        if (!appCheckClaims) {
+          res.writeHead(StatusOk, {
+            'Content-Type': 'text/html'
+          })
+
+          res.end(
+            JSON.stringify({
+              Code: StatusInvalidInput,
+              Message: AppCheckFailed,
+              Data: 'invalid x-firebase-appcheck header'
+            })
+          )
+        }
+
+        const result = updateFCMToken(req.params.address, req.params.token)
+
+        if (result === false) {
+          res.writeHead(400, {
+            'Content-Type': 'text/html'
+          })
+
+          res.end(
+            JSON.stringify({
+              Code: StatusInvalidInput,
               Message: Failed,
-              Data: "",
-            };
-          }
-
-          return {
+              Data: null
+            })
+          )
+        }
+
+        res.writeHead(200, {
+          'Content-Type': 'text/html'
+        })
+
+        res.end(
+          JSON.stringify({
             Code: StatusOk,
             Message: Success,
-            Data: result,
-          };
-
-      // Useful for future debug
-      // }).catch((e)=>{
-      //   return {
-      //     Code: StatusInvalidInput,
-      //     Message: AppCheckFailed,
-      //     Data: "x-firebase-appcheck Failed",
-      //   };
-      // })
-
-      return {
-        Code: StatusInvalidInput,
-        Message: BadRequest,
-        Data: null,
-      };
-
-    },
-  }
-);
+            Data: null
+          })
+        )
+      }
+    })
+  })
+)
 
-function updateFCMToken(userAddress, fcmToken) {
+function updateFCMToken (userAddress, fcmToken) {
   try {
     FCMToken.upsert(
       { address: userAddress },
       {
         $set: {
           address: userAddress,
-          token: fcmToken,
-        },
+          token: fcmToken
+        }
       }
-    );
+    )
   } catch (error) {
     console.log(error)
-    return false;
+    return false
   }
-  return true;
+  return true
 }
 
-function Valid(parameter) {
-  if (typeof(parameter) != "string"){
+function Valid (parameter) {
+  if (isString(parameter)) {
     return false
   }
-  if (parameter.length == 0){
+  if (parameter.length === 0) {
     return false
   }
   return true
 }
+
+async function verifyAppCheckToken (appCheckToken) {
+  if (!appCheckToken) {
+    return null
+  }
+  try {
+    const res = await admin.appCheck().verifyToken(appCheckToken)
+    return res
+  } catch (err) {
+    return null
+  }
+}