prs/prs.server/Engines/Database/Proxies/HTTPDatabaseProxyEngine.cs

using GenHTTP.Api.Content;
using GenHTTP.Api.Protocol;
using GenHTTP.Modules.IO;
using GenHTTP.Modules.IO.Streaming;
using GenHTTP.Modules.IO.Strings;
using InABox.Clients;
using InABox.Core;
using InABox.Database;
using InABox.Rpc;
using InABox.Server;
using PRSServices;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using System.Reflection;
using System.Text;
using System.Threading.Tasks;
using RequestMethod = GenHTTP.Api.Protocol.RequestMethod;

namespace PRSServer;


public class HTTPDatabaseProxyHandlerProperties
{
    public HTTPDatabaseProxyProperties Properties { get; set; }

    public IRpcClientTransport ServerTransport { get; set; }

    public HTTPDatabaseProxyHandlerProperties(HTTPDatabaseProxyProperties properties, IRpcClientTransport serverTransport)
    {
        Properties = properties;
        ServerTransport = serverTransport;
    }
}

internal class HTTPDatabaseProxyHandler : Handler<HTTPDatabaseProxyHandlerProperties>
{
    private HTTPDatabaseProxyProperties Properties { get; set; }

    public IRpcClientTransport ServerTransport { get; set; }

    public override void Init(HTTPDatabaseProxyHandlerProperties properties)
    {
        Properties = properties.Properties;
        ServerTransport = properties.ServerTransport;
    }
    
    private static RequestData GetRequestData(IRequest request)
    {
        BinarySerializationSettings settings = BinarySerializationSettings.V1_0;
        if (request.Query.TryGetValue("serializationVersion", out var versionString))
        {
            settings = BinarySerializationSettings.ConvertVersionString(versionString);
        }

        var data = new RequestData(settings);
        if (request.Query.TryGetValue("format", out var formatString) && Enum.TryParse<SerializationFormat>(formatString, out var format))
        {
            data.RequestFormat = format;
        }
        data.ResponseFormat = SerializationFormat.Json;
        if (request.Query.TryGetValue("responseFormat", out formatString) && Enum.TryParse<SerializationFormat>(formatString, out format))
        {
            data.ResponseFormat = format;
        }

        return data;
    }

    /// <summary>
    /// The main handler for the server; an HTTP request comes in, an HTTP response goes out.
    /// </summary>
    /// <param name="request"></param>
    /// <returns></returns>
    public override ValueTask<IResponse?> HandleAsync(IRequest request)
    {
        try
        {
            switch (request.Method.KnownMethod)
            {
                case RequestMethod.GET:
                case RequestMethod.HEAD:
                    var current = request.Target.Current?.Value;
                    if (String.Equals(current,"update"))
                    {
                        request.Target.Advance();
                        current = request.Target.Current?.Value;
                    }
                    switch (current)
                    {
                        case "operations" or "supported_operations":
                            Logger.Send(LogType.Error, "", "Supported operations is no longer supported");
                            return new ValueTask<IResponse?>(request.Respond().Status(ResponseStatus.NotFound).Build());
                        case "classes" or "supported_classes":
                            Logger.Send(LogType.Error, "", "Supported classes is no longer supported");
                            return new ValueTask<IResponse?>(request.Respond().Status(ResponseStatus.NotFound).Build());
                        case "version" or "releasenotes" or "release_notes" or "install" or "install_desktop":
                            return new ValueTask<IResponse?>(GetUpdateFile(request).Build());
                        case "info":
                            return new ValueTask<IResponse?>(GetServerInfo(request).Build());
                        case "ping":
                            return new ValueTask<IResponse?>(request.Respond().Status(ResponseStatus.OK).Build());
                    }

                    Logger.Send(LogType.Error, request.Client.IPAddress.ToString(),
                        string.Format("GET/HEAD request to endpoint '{0}' is unresolved, because it does not exist", current));
                    return new ValueTask<IResponse?>(request.Respond().Status(ResponseStatus.NotFound).Build());
                case RequestMethod.POST:
                    var target = request.Target.Current;
                    if (target is not null)
                    {
                        var data = GetRequestData(request);
                        return target.Value switch
                        {
                            "validate" => new ValueTask<IResponse?>(Validate(request, data).Build()),
                            "check_2fa" => new ValueTask<IResponse?>(Check2FA(request, data).Build()),
                            _ => HandleDatabaseRequest(request, data),
                        };
                    }
                    return new ValueTask<IResponse?>(request.Respond().Status(ResponseStatus.NotFound).Build());
            }

            return new ValueTask<IResponse?>(request.Respond().Status(ResponseStatus.MethodNotAllowed).Header("Allow", "GET, POST, HEAD").Build());
        }
        catch(Exception e)
        {
            Logger.Send(LogType.Error, "", CoreUtils.FormatException(e));
            return new ValueTask<IResponse?>(request.Respond().Status(ResponseStatus.InternalServerError).Build());
        }
    }

    private IResponseBuilder DoForward<TRequest, TResponse, TCommand, TParameters, TResult>(
        IRequest request,
        RequestData data,
        Func<TRequest, TParameters> convertRequest,
        Func<TRequest, TResult, TResponse> convertResponse
    )
        where TRequest : Request
        where TResponse : Response, new()
        where TCommand : IRpcCommand<TParameters,TResult> 
        where TParameters : IRpcCommandParameters, ISerializeBinary
        where TResult : IRpcCommandResult, ISerializeBinary, new()
    {
        var requestObj = Deserialize<TRequest>(request.Content, data.RequestFormat, data.BinarySerializationSettings, true);

        var internalMessage = new InternalServerMessage
        {
            Session = requestObj.Credentials.Session,
            Payload = convertRequest(requestObj).WriteBinary(BinarySerializationSettings.Latest)
        };

        var serverResponse = ServerTransport.Send(typeof(TCommand).Name, internalMessage, checkErrors: false);

        TResponse response;
        if(serverResponse.Error == RpcError.NONE)
        {
            var result = Serialization.ReadBinary<TResult>(serverResponse.Payload, BinarySerializationSettings.Latest)
                ?? throw new Exception($"Cannot Deserialize {typeof(TCommand).Name}");
            response = convertResponse(requestObj, result);
            response.Status = StatusCode.OK;
        }
        else
        {
            response = new TResponse
            {
                Status = serverResponse.Error switch
                {
                    RpcError.UNAUTHENTICATED => StatusCode.Unauthenticated,
                    _ => StatusCode.Error
                },
            };
            response.Messages.Add(Encoding.UTF8.GetString(serverResponse.Payload));
        }
        return SerializeResponse(request, data.ResponseFormat, data.BinarySerializationSettings, response);
    }
    
    /// <summary>
    /// Returns the Splash Logo and Color Scheme for this Database
    /// </summary>
    /// <param name="request"></param>
    /// <returns></returns>
    private IResponseBuilder GetServerInfo(IRequest request)
    {
        var data = GetRequestData(request);
        return DoForward<InfoRequest, InfoResponse, RpcInfoCommand, RpcInfoParameters, RpcInfoResult>(
            request, data,
            x => new RpcInfoParameters(),
            (r, x) => new InfoResponse
            {
                Info = x.Info ?? new DatabaseInfo()
            });
    }

    #region Authentication

    private IResponseBuilder Validate(IRequest request, RequestData data)
    {
        return DoForward<ValidateRequest, ValidateResponse, RpcValidateCommand, RpcValidateParameters, RpcValidateResult>(
            request, data,
            x => new RpcValidateParameters
            {
                UserID = x.UserID,
                Password = x.Password,
                PIN = x.PIN,
                UsePIN = x.UsePIN,
                SessionID = x.Credentials.Session,
                Platform = x.Credentials.Platform,
                Version = x.Credentials.Version,
            },
            (r, x) => new ValidateResponse
            {
                ValidationStatus = x.Status,
                UserGuid = x.UserGuid,
                UserID = x.UserID,
                SecurityID = x.SecurityID,
                Session = x.SessionID,
                Recipient2FA = x.Recipient2FA,
                PasswordExpiration = x.PasswordExpiration
            });
    }

    private IResponseBuilder Check2FA(IRequest request, RequestData data)
    {
        return DoForward<Check2FARequest, Check2FAResponse, RpcCheck2FACommand, RpcCheck2FAParameters, RpcCheck2FAResult>(
            request, data,
            x => new RpcCheck2FAParameters
            {
                Code = x.Code,
                SessionId = x.Credentials.Session
            },
            (r, x) => new Check2FAResponse
            {
                Valid = x.Valid
            });
    }

    #endregion

    #region Database

    private static MethodInfo GetMethod(string name) =>
        typeof(HTTPDatabaseProxyHandler).GetMethod(name, BindingFlags.NonPublic | BindingFlags.Instance)
        ?? throw new Exception($"Invalid method '{name}'");

    private static readonly List<Tuple<string, MethodInfo>> methodMap = new()
    {
        new("List", GetMethod(nameof(List))),
        new("Save", GetMethod(nameof(Save))),
        new("Delete", GetMethod(nameof(Delete))),
        new("MultiSave", GetMethod(nameof(MultiSave))),
        new("MultiDelete", GetMethod(nameof(MultiDelete)))
    };

    private class RequestData
    {
        public SerializationFormat RequestFormat { get; set; }
        public SerializationFormat ResponseFormat { get; set; }

        public BinarySerializationSettings BinarySerializationSettings { get; set; }

        public RequestData(BinarySerializationSettings binarySerializationSettings)
        {
            BinarySerializationSettings = binarySerializationSettings;
        }
    }

    private IResponseBuilder List<T>(IRequest request, RequestData data) where T : Entity, new()
    {
        return DoForward<QueryRequest<T>, QueryResponse<T>, RpcQueryCommand, RpcQueryParameters, RpcQueryResult>(
            request, data,
            x => new RpcQueryParameters
            {
                Queries = new[]
                {
                    new RpcQueryDefinition
                    {
                        Key = typeof(T).Name,
                        Type = typeof(T),
                        Filter = x.Filter,
                        Columns = x.Columns,
                        Sort = x.Sort
                    }
                }
            },
            (r, x) => new QueryResponse<T>
            {
                Items = x.Tables[0].Table
            });
    }
    private IResponseBuilder Save<T>(IRequest request, RequestData data) where T : Entity, new()
    {
        return DoForward<SaveRequest<T>, SaveResponse<T>, RpcSaveCommand, RpcSaveParameters, RpcSaveResult>(
            request, data,
            x => new RpcSaveParameters
            {
                AuditNote = x.AuditNote,
                Items = new[] { x.Item },
                Type = typeof(T)
            },
            (r, x) =>
            {
                if (r.ReturnOnlyChanged)
                {
                    return new SaveResponse<T>
                    {
                        ChangedValues = x.Deltas[0]
                    };
                }
                else
                {
                    var deltas = x.Deltas[0];
                    r.Item.SetObserving(false);
                    foreach (var (key, value) in deltas)
                    {
                        if (CoreUtils.TryGetProperty<T>(key, out var property))
                            CoreUtils.SetPropertyValue(deltas, key, CoreUtils.ChangeType(value, property.PropertyType));
                    }
                    r.Item.CommitChanges();
                    r.Item.SetObserving(true);
                    return new SaveResponse<T>
                    {
                        Item = r.Item
                    };
                }
            });
    }
    private IResponseBuilder Delete<T>(IRequest request, RequestData data) where T : Entity, new()
    {
        return DoForward<DeleteRequest<T>, DeleteResponse<T>, RpcDeleteCommand, RpcDeleteParameters, RpcDeleteResult>(
            request, data,
            x => new RpcDeleteParameters
            {
                AuditNote = x.AuditNote,
                IDs = new[] { x.Item.ID },
                Type = typeof(T)
            },
            (r, x) => new DeleteResponse<T>());
    }
    private IResponseBuilder MultiSave<T>(IRequest request, RequestData data) where T : Entity, new()
    {
        return DoForward<MultiSaveRequest<T>, MultiSaveResponse<T>, RpcSaveCommand, RpcSaveParameters, RpcSaveResult>(
            request, data,
            x => new RpcSaveParameters
            {
                AuditNote = x.AuditNote,
                Items = x.Items,
                Type = typeof(T)
            },
            (r, x) =>
            {
                if (r.ReturnOnlyChanged)
                {
                    return new MultiSaveResponse<T>
                    {
                        ChangedValues = x.Deltas.ToList()
                    };
                }
                else
                {
                    for (int i = 0; i < x.Deltas.Length; i++)
                    {
                        r.Items[i].SetObserving(false);
                        foreach (var (key, value) in x.Deltas[i])
                        {
                            if (CoreUtils.TryGetProperty<T>(key, out var property))
                                CoreUtils.SetPropertyValue(r.Items[i], key, CoreUtils.ChangeType(value, property.PropertyType));
                        }
                        r.Items[i].CommitChanges();
                        r.Items[i].SetObserving(true);
                    }
                    return new MultiSaveResponse<T>
                    {
                        Items = r.Items
                    };
                }
            });
    }
    private IResponseBuilder MultiDelete<T>(IRequest request, RequestData data) where T : Entity, new()
    {
        return DoForward<MultiDeleteRequest<T>, MultiDeleteResponse<T>, RpcDeleteCommand, RpcDeleteParameters, RpcDeleteResult>(
            request, data,
            x => new RpcDeleteParameters
            {
                AuditNote = x.AuditNote,
                IDs = x.Items.Select(x => x.ID).ToArray(),
                Type = typeof(T)
            },
            (r, x) => new MultiDeleteResponse<T>());
    }
    private IResponseBuilder QueryMultiple(IRequest request, RequestData data)
    {
        return DoForward<MultiQueryRequest, MultiQueryResponse, RpcQueryCommand, RpcQueryParameters, RpcQueryResult>(
            request, data,
            x => new RpcQueryParameters
            {
                Queries = x.Queries.Select(x => new RpcQueryDefinition
                {
                    Key = x.Key,
                    Type = CoreUtils.GetEntity(x.Value.Type),
                    Filter = x.Value.Filter,
                    Columns = x.Value.Columns,
                    Sort = x.Value.Sort
                }).ToArray()
            },
            (r, x) => new MultiQueryResponse
            {
                Tables = x.Tables.ToDictionary(x => x.Key, x => x.Table)
            });
    }

    private static T Deserialize<T>(Stream? stream, SerializationFormat requestFormat, BinarySerializationSettings binarySettings, bool strict = false)
    {
        if (stream is null)
            throw new Exception("Stream is null");
        if (requestFormat == SerializationFormat.Binary && typeof(T).IsAssignableTo(typeof(ISerializeBinary)))
        {
            return (T)Serialization.ReadBinary(typeof(T), stream, binarySettings);
        }
        else
        {
            var str = new StreamReader(stream).ReadToEnd();
            return Serialization.Deserialize<T>(str, strict)
                   ?? throw new Exception("Deserialization failed");
        }
    }

    private static IResponseBuilder SerializeResponse(IRequest request, SerializationFormat responseFormat, BinarySerializationSettings binarySettings, Response? result)
    {
        if (responseFormat == SerializationFormat.Binary && result is ISerializeBinary binary)
        {
            var stream = new MemoryStream();
            binary.SerializeBinary(new CoreBinaryWriter(stream, binarySettings));

            var response = request.Respond()
                .Type(new FlexibleContentType(ContentType.ApplicationOctetStream))
                .Content(stream, (ulong?)stream.Length, () => new ValueTask<ulong?>((ulong)stream.GetHashCode()));
            return response;
        }
        else
        {
            var serialized = Serialization.Serialize(result);

            var response = request.Respond()
                .Type(new FlexibleContentType(ContentType.ApplicationJson))
                .Content(new ResourceContent(Resource.FromString(serialized).Build()));
            return response;
        }
    }

    /// <summary>
    /// Handler for all database requests
    /// </summary>
    /// <param name="request"></param>
    /// <returns></returns>
    private ValueTask<IResponse?> HandleDatabaseRequest(IRequest request, RequestData requestData)
    {
        var endpoint = request.Target.Current?.Value ?? "";
        if (endpoint.StartsWith("QueryMultiple"))
        {
            var result = QueryMultiple(request, requestData);
            return new ValueTask<IResponse?>(result.Build());
        }

        foreach (var (name, method) in methodMap)
            if (endpoint.Length > name.Length && endpoint.StartsWith(name))
            {
                var entityName = endpoint[name.Length..];

                var entityType = GetEntity(entityName);
                if (entityType != null)
                {
                    if (entityType.IsAssignableTo(typeof(ISecure)))
                    {
                        Logger.Send(LogType.Error, "", $"{entityType} is a secure entity. Request failed from IP {request.Client.IPAddress}");
                        return new ValueTask<IResponse?>(request.Respond().Status(ResponseStatus.NotFound).Build());
                    }

                    var resolvedMethod = method.MakeGenericMethod(entityType);
                    var result = (resolvedMethod.Invoke(null, new object[] { request, requestData }) as IResponseBuilder)!;

                    return new ValueTask<IResponse?>(result.Build());
                }

                Logger.Send(LogType.Error, request.Client.IPAddress.ToString(),
                    $"Request to endpoint '{endpoint}' unresolved, because '{entityName}' is not a valid entity");
                return new ValueTask<IResponse?>(request.Respond().Status(ResponseStatus.NotFound).Build());
            }

        Logger.Send(LogType.Error, request.Client.IPAddress.ToString(), $"Request to endpoint '{endpoint}' unresolved, because the method does not exist");
        return new ValueTask<IResponse?>(request.Respond().Status(ResponseStatus.NotFound).Build());
    }

    private Dictionary<string, Type>? _persistentRemotable;

    private Type? GetEntity(string entityName)
    {
        _persistentRemotable ??= CoreUtils.TypeList(
            e => e.IsSubclassOf(typeof(Entity)) &&
                 e.GetInterfaces().Contains(typeof(IRemotable)) &&
                 e.GetInterfaces().Contains(typeof(IPersistent))).ToDictionary(x => x.Name, x => x);
        return _persistentRemotable.GetValueOrDefault(entityName);
    }

    #endregion

    #region Installer

    private IResponseBuilder GetUpdateFile(IRequest request)
    {
        var endpoint = request.Target.Current;
        switch (endpoint?.Value)
        {
            case "version":
                return request.Respond()
                    .Type(new FlexibleContentType(ContentType.TextPlain))
                    .Content(new ResourceContent(Resource.FromString(Client.Version()).Build()));
            case "releasenotes" or "release_notes":
                return request.Respond()
                    .Type(new FlexibleContentType(ContentType.TextPlain))
                    .Content(new ResourceContent(Resource.FromString(Client.ReleaseNotes()).Build()));
            case "install" or "install_desktop":
                return request.Respond()
                    .Header("Content-Disposition", $"attachment; filename=PRSDesktopSetup.exe")
                    .Content(new ResourceContent(new ByteArrayResource(Client.Installer() ?? Array.Empty<byte>(), "PRSDesktopSetup.exe", new FlexibleContentType(ContentType.ApplicationOctetStream), null)));
        }
        return request.Respond().Status(ResponseStatus.NotFound);
    }

    #endregion

    #region GenHTTP stuff
    public IHandler Parent { get; }

    public ValueTask PrepareAsync()
    {
        return new ValueTask();
    }

    public IEnumerable<ContentElement> GetContent(IRequest request)
    {
        return Enumerable.Empty<ContentElement>();
    }

    #endregion
}

internal class HTTPDatabaseProxyEngine : DatabaseProxyEngine<HTTPDatabaseProxyProperties>
{
    private Listener<HTTPDatabaseProxyHandler, HTTPDatabaseProxyHandlerProperties>? Listener;

    protected override void RunProxy()
    {
        Logger.Send(LogType.Information, "", "Starting Listener on port " + Properties.ListenPort);

        try
        {
            Listener = new Listener<HTTPDatabaseProxyHandler, HTTPDatabaseProxyHandlerProperties>(new HTTPDatabaseProxyHandlerProperties(Properties, ServerTransport));
            Listener.InitHTTPS((ushort)Properties.ListenPort, CertificateFileName());
            Listener.Start();
        }
        catch (Exception eListen)
        {
            Logger.Send(LogType.Error, ClientFactory.UserID, eListen.Message);
        }
    }
    private string CertificateFileName() =>
        !string.IsNullOrWhiteSpace(Properties.CertificateFile)
        ? Properties.CertificateFile
        : CertificateEngine.CertificateFile;

    public override void Stop()
    {
        Logger.Send(LogType.Information, "", "Stopping");
        Listener?.Stop();
    }
}