From 72a843be36f1f167f97e624328d5357d192c94c4 Mon Sep 17 00:00:00 2001
From: Dominik Hebeler <dominik@hebeler.club>
Date: Fri, 15 Mar 2024 21:55:11 +0100
Subject: [PATCH] hide metager key when anonymous tokens are enabled

---
 build/js/TokenManager.js | 55 ++++++++++++++++++++++++++++++++++++++--
 webpack.config.js        |  1 +
 2 files changed, 54 insertions(+), 2 deletions(-)

diff --git a/build/js/TokenManager.js b/build/js/TokenManager.js
index 095bf89..52abe09 100644
--- a/build/js/TokenManager.js
+++ b/build/js/TokenManager.js
@@ -92,7 +92,9 @@ export class TokenManager {
 
   async handleRequestHeaders(details) {
     await this.init();
-    return details.requestHeaders;
+    let requestHeaders = details.requestHeaders;
+    requestHeaders = this.hideMetaGerKey(requestHeaders);
+    return requestHeaders;
   }
 
   async handleResponseHeaders(details) {
@@ -100,6 +102,50 @@ export class TokenManager {
     return details.responseHeaders;
   }
 
+  /**
+   * Removes the MetaGer key from the request
+   * and replaces it with the headers for anonymous tokens
+   * https://gitlab.metager.de/open-source/MetaGer/-/wikis/Anonymous%20Token%20System
+   */
+  hideMetaGerKey(requestHeaders) {
+    if (this._anonymous_tokens_enabled == false) return requestHeaders;
+    let new_headers = [];
+
+    let cookie_header = null;
+    for (let header of requestHeaders) {
+      if (header.name.match(/cookie/i)) {
+        cookie_header = header;
+      } else {
+        new_headers.push(header);
+      }
+    }
+
+    let new_cookies = [];
+    if (cookie_header) {
+      let cookies = cookie_header.value.split(";");
+      for (let cookie of cookies) {
+        let cookie_array = cookie.split("=");
+        if (cookie_array.length != 2) continue;
+        let name = cookie_array[0].trim();
+        let value = decodeURIComponent(cookie_array[1].trim());
+        if (name != "key") {
+          new_cookies.push(name + "=" + value);
+        }
+      }
+    }
+
+    // Set the tokenauthorization cookie instead of the actual key
+    let token_authorization = "empty";
+    if (this._key_charge > 30) {
+      token_authorization = "full";
+    } else if (this._key_charge > 0) {
+      token_authorization = "low";
+    }
+    new_cookies.push(`tokenauthorization=${token_authorization}`);
+    new_headers.push({ name: "Cookie", value: new_cookies.join("; ") });
+    return new_headers;
+  }
+
   /**
    * Refills locally stored tokens
    */
@@ -108,7 +154,12 @@ export class TokenManager {
     for (let cost of this._recent_costs) {
       required_token_count += cost;
     }
-    if (this._tokens.length >= this._max_cost || this._key == null) return;
+    if (
+      this._tokens.length >= this._max_cost ||
+      this._key == null ||
+      this._anonymous_tokens_enabled == false
+    )
+      return;
     let public_key = await fetch(this._api_base + "/token/pubkey").then(
       (response) => response.json()
     );
diff --git a/webpack.config.js b/webpack.config.js
index ec9aa42..8f9af63 100644
--- a/webpack.config.js
+++ b/webpack.config.js
@@ -7,6 +7,7 @@ module.exports = {
       assert: false,
       crypto: require.resolve("crypto-browserify"),
       constants: false,
+      vm: false,
       stream: require.resolve("stream-browserify"),
       buffer: require.resolve("buffer/"),
     },
-- 
GitLab