basicswap_miserver/basicswap/http_server.py

# -*- coding: utf-8 -*-

# Copyright (c) 2019-2022 tecnovert
# Distributed under the MIT software license, see the accompanying
# file LICENSE or http://www.opensource.org/licenses/mit-license.php.

import os
import json
import traceback
import threading
import http.client
from urllib import parse
from http.server import BaseHTTPRequestHandler, HTTPServer
from jinja2 import Environment, PackageLoader

from . import __version__
from .util import (
    dumpj,
    ensure,
    LockedCoinError,
    format_timestamp,
)
from .chainparams import (
    Coins,
    chainparams,
)
from .basicswap_util import (
    strBidState,
    strTxState,
    strAddressType,
)

from .js_server import (
    js_error,
    js_url_to_function,
)
from .ui.util import (
    getCoinName,
    get_data_entry,
    have_data_entry,
    listAvailableCoins,
)
from .ui.page_automation import (
    page_automation_strategies,
    page_automation_strategy,
    page_automation_strategy_new,
)

from .ui.page_bids import page_bids, page_bid
from .ui.page_offers import page_offers, page_offer, page_newoffer
from .ui.page_tor import page_tor, get_tor_established_state
from .ui.page_wallet import page_wallets, page_wallet
from .ui.page_settings import page_settings
from .ui.page_encryption import page_changepassword, page_unlock, page_lock

env = Environment(loader=PackageLoader('basicswap', 'templates'))
env.filters['formatts'] = format_timestamp


def validateTextInput(text, name, messages, max_length=None):
    if max_length is not None and len(text) > max_length:
        messages.append(f'Error: {name} is too long')
        return False
    if len(text) > 0 and all(c.isalnum() or c.isspace() for c in text) is False:
        messages.append(f'Error: {name} must consist of only letters and digits')
        return False
    return True


def extractDomain(url):
    return url.split('://', 1)[1].split('/', 1)[0]


def listAvailableExplorers(swap_client):
    explorers = []
    for c in Coins:
        if c not in chainparams:
            continue
        for i, e in enumerate(swap_client.coin_clients[c]['explorers']):
            explorers.append(('{}_{}'.format(int(c), i), getCoinName(c) + ' - ' + extractDomain(e.base_url)))
    return explorers


def listExplorerActions(swap_client):
    actions = [('height', 'Chain Height'),
               ('block', 'Get Block'),
               ('tx', 'Get Transaction'),
               ('balance', 'Address Balance'),
               ('unspent', 'List Unspent')]
    return actions


class HttpHandler(BaseHTTPRequestHandler):

    def log_error(self, format, *args):
        super().log_message(format, *args)

    def log_message(self, format, *args):
        # TODO: Add debug flag to re-enable.
        pass

    def generate_form_id(self):
        return os.urandom(8).hex()

    def checkForm(self, post_string, name, messages):
        if post_string == '':
            return None
        form_data = parse.parse_qs(post_string)
        form_id = form_data[b'formid'][0].decode('utf-8')
        if self.server.last_form_id.get(name, None) == form_id:
            messages.append('Prevented double submit for form {}.'.format(form_id))
            return None
        self.server.last_form_id[name] = form_id
        return form_data

    def render_template(self, template, args_dict, status_code=200):
        swap_client = self.server.swap_client
        if swap_client.ws_server:
            args_dict['ws_url'] = swap_client.ws_server.url
        if swap_client.debug:
            args_dict['debug_mode'] = True
        if swap_client.debug_ui:
            args_dict['debug_ui_mode'] = True
        if swap_client.use_tor_proxy:
            args_dict['use_tor_proxy'] = True
            # TODO: Cache value?
            try:
                args_dict['tor_established'] = True if get_tor_established_state(swap_client) == '1' else False
            except Exception:
                if swap_client.debug:
                    swap_client.log.error(traceback.format_exc())

        if swap_client._show_notifications:
            args_dict['notifications'] = swap_client.getNotifications()

        if 'messages' in args_dict:
            messages_with_ids = []
            for msg in args_dict['messages']:
                messages_with_ids.append((self.server.msg_id_counter, msg))
                self.server.msg_id_counter += 1
            args_dict['messages'] = messages_with_ids
        if 'err_messages' in args_dict:
            err_messages_with_ids = []
            for msg in args_dict['err_messages']:
                err_messages_with_ids.append((self.server.msg_id_counter, msg))
                self.server.msg_id_counter += 1
            args_dict['err_messages'] = err_messages_with_ids

        shutdown_token = os.urandom(8).hex()
        self.server.session_tokens['shutdown'] = shutdown_token
        args_dict['shutdown_token'] = shutdown_token

        encrypted, locked = swap_client.getLockedState()
        args_dict['encrypted'] = encrypted
        args_dict['locked'] = locked

        if self.server.msg_id_counter >= 0x7FFFFFFF:
            self.server.msg_id_counter = 0

        self.putHeaders(status_code, 'text/html')
        return bytes(template.render(
            title=self.server.title,
            h2=self.server.title,
            form_id=self.generate_form_id(),
            **args_dict,
        ), 'UTF-8')

    def render_simple_template(self, template, args_dict):
        swap_client = self.server.swap_client
        return bytes(template.render(
            title=self.server.title,
            **args_dict,
        ), 'UTF-8')

    def page_info(self, info_str, post_string=None):
        template = env.get_template('info.html')
        swap_client = self.server.swap_client
        summary = swap_client.getSummary()
        return self.render_template(template, {
            'title_str': 'BasicSwap Info',
            'message_str': info_str,
            'summary': summary,
        })

    def page_error(self, error_str, post_string=None):
        template = env.get_template('error.html')
        swap_client = self.server.swap_client
        summary = swap_client.getSummary()
        return self.render_template(template, {
            'title_str': 'BasicSwap Error',
            'message_str': error_str,
            'summary': summary,
        })

    def page_explorers(self, url_split, post_string):
        swap_client = self.server.swap_client
        swap_client.checkSystemStatus()
        summary = swap_client.getSummary()

        result = None
        explorer = -1
        action = -1
        messages = []
        err_messages = []
        form_data = self.checkForm(post_string, 'explorers', err_messages)
        if form_data:

            explorer = form_data[b'explorer'][0].decode('utf-8')
            action = form_data[b'action'][0].decode('utf-8')

            args = '' if b'args' not in form_data else form_data[b'args'][0].decode('utf-8')
            try:
                c, e = explorer.split('_')
                exp = swap_client.coin_clients[Coins(int(c))]['explorers'][int(e)]
                if action == 'height':
                    result = str(exp.getChainHeight())
                elif action == 'block':
                    result = dumpj(exp.getBlock(args))
                elif action == 'tx':
                    result = dumpj(exp.getTransaction(args))
                elif action == 'balance':
                    result = dumpj(exp.getBalance(args))
                elif action == 'unspent':
                    result = dumpj(exp.lookupUnspentByAddress(args))
                else:
                    result = 'Unknown action'
            except Exception as ex:
                result = str(ex)

        template = env.get_template('explorers.html')
        return self.render_template(template, {
            'messages': messages,
            'err_messages': err_messages,
            'explorers': listAvailableExplorers(swap_client),
            'explorer': explorer,
            'actions': listExplorerActions(swap_client),
            'action': action,
            'result': result,
            'summary': summary,
        })

    def page_rpc(self, url_split, post_string):
        swap_client = self.server.swap_client
        swap_client.checkSystemStatus()
        summary = swap_client.getSummary()

        result = None
        coin_type = -1
        coin_id = -1
        messages = []
        err_messages = []
        form_data = self.checkForm(post_string, 'rpc', err_messages)
        if form_data:
            try:
                coin_id = int(form_data[b'coin_type'][0])
                if coin_id in (-2, -3, -4):
                    coin_type = Coins(Coins.XMR)
                else:
                    coin_type = Coins(coin_id)
            except Exception:
                raise ValueError('Unknown Coin Type')

            cmd = form_data[b'cmd'][0].decode('utf-8')

            try:
                if coin_type == Coins.XMR:
                    ci = swap_client.ci(coin_type)
                    arr = cmd.split(None, 1)
                    method = arr[0]
                    params = json.loads(arr[1]) if len(arr) > 1 else []
                    if coin_id == -4:
                        rv = ci.rpc_wallet_cb(method, params)
                    elif coin_id == -3:
                        rv = ci.rpc_cb(method, params)
                    elif coin_id == -2:
                        if params == []:
                            params = None
                        rv = ci.rpc_cb2(method, params)
                    else:
                        raise ValueError('Unknown XMR RPC variant')
                    result = json.dumps(rv, indent=4)
                else:
                    result = cmd + '\n' + swap_client.callcoincli(coin_type, cmd)
            except Exception as ex:
                result = str(ex)
                if self.server.swap_client.debug is True:
                    self.server.swap_client.log.error(traceback.format_exc())

        template = env.get_template('rpc.html')

        coins = listAvailableCoins(swap_client, with_variants=False)
        coins = [c for c in coins if c[0] != Coins.XMR]
        coins.append((-2, 'Monero'))
        coins.append((-3, 'Monero JSON'))
        coins.append((-4, 'Monero Wallet'))

        return self.render_template(template, {
            'messages': messages,
            'err_messages': err_messages,
            'coins': coins,
            'coin_type': coin_id,
            'result': result,
            'messages': messages,
            'summary': summary,
        })

    def page_debug(self, url_split, post_string):
        swap_client = self.server.swap_client
        swap_client.checkSystemStatus()
        summary = swap_client.getSummary()

        result = None
        messages = []
        err_messages = []
        form_data = self.checkForm(post_string, 'wallets', err_messages)
        if form_data:
            if have_data_entry(form_data, 'reinit_xmr'):
                try:
                    swap_client.initialiseWallet(Coins.XMR)
                    messages.append('Done.')
                except Exception as a:
                    err_messages.append('Failed.')

        template = env.get_template('debug.html')
        return self.render_template(template, {
            'messages': messages,
            'err_messages': err_messages,
            'result': result,
            'summary': summary,
        })

    def page_active(self, url_split, post_string):
        swap_client = self.server.swap_client
        swap_client.checkSystemStatus()
        active_swaps = swap_client.listSwapsInProgress()
        summary = swap_client.getSummary()

        template = env.get_template('active.html')
        return self.render_template(template, {
            'refresh': 30,
            'active_swaps': [(s[0].hex(), s[1], strBidState(s[2]), strTxState(s[3]), strTxState(s[4])) for s in active_swaps],
            'summary': summary,
        })

    def page_watched(self, url_split, post_string):
        swap_client = self.server.swap_client
        swap_client.checkSystemStatus()
        watched_outputs, last_scanned = swap_client.listWatchedOutputs()
        summary = swap_client.getSummary()

        template = env.get_template('watched.html')
        return self.render_template(template, {
            'refresh': 30,
            'last_scanned': [(getCoinName(ls[0]), ls[1]) for ls in last_scanned],
            'watched_outputs': [(wo[1].hex(), getCoinName(wo[0]), wo[2], wo[3], int(wo[4])) for wo in watched_outputs],
            'summary': summary,
        })

    def page_smsgaddresses(self, url_split, post_string):
        swap_client = self.server.swap_client
        swap_client.checkSystemStatus()
        summary = swap_client.getSummary()

        page_data = {}
        messages = []
        err_messages = []
        smsgaddresses = []

        listaddresses = True
        form_data = self.checkForm(post_string, 'smsgaddresses', err_messages)
        if form_data:
            edit_address_id = None
            for key in form_data:
                if key.startswith(b'editaddr_'):
                    edit_address_id = int(key.split(b'_')[1])
                    break
            if edit_address_id is not None:
                listaddresses = False
                page_data['edit_address'] = edit_address_id
                page_data['addr_data'] = swap_client.listAllSMSGAddresses(addr_id=edit_address_id)[0]
            elif b'saveaddr' in form_data:
                edit_address_id = int(form_data[b'edit_address_id'][0].decode('utf-8'))
                edit_addr = form_data[b'edit_address'][0].decode('utf-8')
                active_ind = int(form_data[b'active_ind'][0].decode('utf-8'))
                ensure(active_ind in (0, 1), 'Invalid sort by')
                addressnote = '' if b'addressnote' not in form_data else form_data[b'addressnote'][0].decode('utf-8')
                if not validateTextInput(addressnote, 'Address note', messages, max_length=30):
                    listaddresses = False
                    page_data['edit_address'] = edit_address_id
                else:
                    swap_client.editSMSGAddress(edit_addr, active_ind=active_ind, addressnote=addressnote)
                    messages.append(f'Edited address {edit_addr}')
            elif b'shownewaddr' in form_data:
                listaddresses = False
                page_data['new_address'] = True
            elif b'showaddaddr' in form_data:
                listaddresses = False
                page_data['new_send_address'] = True
            elif b'createnewaddr' in form_data:
                addressnote = '' if b'addressnote' not in form_data else form_data[b'addressnote'][0].decode('utf-8')
                if not validateTextInput(addressnote, 'Address note', messages, max_length=30):
                    listaddresses = False
                    page_data['new_address'] = True
                else:
                    new_addr, pubkey = swap_client.newSMSGAddress(addressnote=addressnote)
                    messages.append(f'Created address {new_addr}, pubkey {pubkey}')
            elif b'createnewsendaddr' in form_data:
                pubkey_hex = form_data[b'addresspubkey'][0].decode('utf-8')
                addressnote = '' if b'addressnote' not in form_data else form_data[b'addressnote'][0].decode('utf-8')
                if not validateTextInput(addressnote, 'Address note', messages, max_length=30) or \
                   not validateTextInput(pubkey_hex, 'Pubkey', messages, max_length=66):
                    listaddresses = False
                    page_data['new_send_address'] = True
                else:
                    new_addr = swap_client.addSMSGAddress(pubkey_hex, addressnote=addressnote)
                    messages.append(f'Added address {new_addr}')

        if listaddresses is True:
            smsgaddresses = swap_client.listAllSMSGAddresses()
        network_addr = swap_client.network_addr

        for addr in smsgaddresses:
            addr['type'] = strAddressType(addr['type'])

        template = env.get_template('smsgaddresses.html')
        return self.render_template(template, {
            'messages': messages,
            'err_messages': err_messages,
            'data': page_data,
            'smsgaddresses': smsgaddresses,
            'network_addr': network_addr,
            'summary': summary,
        })

    def page_identity(self, url_split, post_string):
        ensure(len(url_split) > 2, 'Address not specified')
        identity_address = url_split[2]
        swap_client = self.server.swap_client
        swap_client.checkSystemStatus()
        summary = swap_client.getSummary()

        page_data = {'identity_address': identity_address}
        messages = []
        err_messages = []
        form_data = self.checkForm(post_string, 'identity', err_messages)
        if form_data:
            if have_data_entry(form_data, 'edit'):
                page_data['show_edit_form'] = True
            if have_data_entry(form_data, 'apply'):
                new_label = get_data_entry(form_data, 'label')

                try:
                    swap_client.updateIdentity(identity_address, new_label)
                    messages.append('Updated')
                except Exception as e:
                    err_messages.append(str(e))

        try:
            identity = swap_client.getIdentity(identity_address)
            if identity is None:
                raise ValueError('Unknown address')
            page_data['label'] = identity.label
            page_data['num_sent_bids_successful'] = identity.num_sent_bids_successful
            page_data['num_recv_bids_successful'] = identity.num_recv_bids_successful
            page_data['num_sent_bids_rejected'] = identity.num_sent_bids_rejected
            page_data['num_recv_bids_rejected'] = identity.num_recv_bids_rejected
            page_data['num_sent_bids_failed'] = identity.num_sent_bids_failed
            page_data['num_recv_bids_failed'] = identity.num_recv_bids_failed
        except Exception as e:
            messages.append(e)

        template = env.get_template('identity.html')
        return self.render_template(template, {
            'messages': messages,
            'err_messages': err_messages,
            'data': page_data,
            'summary': summary,
        })

    def page_shutdown(self, url_split, post_string):
        swap_client = self.server.swap_client

        if len(url_split) > 2:
            token = url_split[2]
            expect_token = self.server.session_tokens.get('shutdown', None)
            if token != expect_token:
                return self.page_info('Unexpected token, still running.')

        swap_client.stopRunning()

        return self.page_info('Shutting down')

    def page_index(self, url_split):
        swap_client = self.server.swap_client
        swap_client.checkSystemStatus()
        summary = swap_client.getSummary()

        template = env.get_template('index.html')
        return self.render_template(template, {
            'refresh': 30,
            'version': __version__,
            'summary': summary,
            'use_tor_proxy': swap_client.use_tor_proxy
        })

    def page_404(self, url_split):
        swap_client = self.server.swap_client
        summary = swap_client.getSummary()
        template = env.get_template('404.html')
        return self.render_template(template, {
            'summary': summary,
        })

    def putHeaders(self, status_code, content_type):
        self.send_response(status_code)
        if self.server.allow_cors:
            self.send_header('Access-Control-Allow-Origin', '*')
        self.send_header('Content-Type', content_type)
        self.end_headers()

    def handle_http(self, status_code, path, post_string='', is_json=False):
        swap_client = self.server.swap_client
        parsed = parse.urlparse(self.path)
        url_split = parsed.path.split('/')
        if post_string == '' and len(parsed.query) > 0:
            post_string = parsed.query
        if len(url_split) > 1 and url_split[1] == 'json':
            try:
                self.putHeaders(status_code, 'text/plain')
                func = js_url_to_function(url_split)
                return func(self, url_split, post_string, is_json)
            except Exception as ex:
                if swap_client.debug is True:
                    swap_client.log.error(traceback.format_exc())
                return js_error(self, str(ex))

        if len(url_split) > 1 and url_split[1] == 'static':
            try:
                static_path = os.path.join(os.path.dirname(__file__), 'static')
                if len(url_split) > 3 and url_split[2] == 'sequence_diagrams':
                    with open(os.path.join(static_path, 'sequence_diagrams', url_split[3]), 'rb') as fp:
                        self.putHeaders(status_code, 'image/svg+xml')
                        return fp.read()
                elif len(url_split) > 3 and url_split[2] == 'images':
                    filename = os.path.join(*url_split[3:])
                    _, extension = os.path.splitext(filename)
                    mime_type = {
                        '.svg': 'image/svg+xml',
                        '.png': 'image/png',
                        '.jpg': 'image/jpeg',
                        '.gif': 'image/gif',
                        '.ico': 'image/x-icon',
                    }.get(extension, '')
                    if mime_type == '':
                        raise ValueError('Unknown file type ' + filename)
                    with open(os.path.join(static_path, 'images', filename), 'rb') as fp:
                        self.putHeaders(status_code, mime_type)
                        return fp.read()
                elif len(url_split) > 3 and url_split[2] == 'css':
                    filename = os.path.join(*url_split[3:])
                    with open(os.path.join(static_path, 'css', filename), 'rb') as fp:
                        self.putHeaders(status_code, 'text/css; charset=utf-8')
                        return fp.read()
                elif len(url_split) > 3 and url_split[2] == 'js':
                    filename = os.path.join(*url_split[3:])
                    with open(os.path.join(static_path, 'js', filename), 'rb') as fp:
                        self.putHeaders(status_code, 'application/javascript')
                        return fp.read()
                else:
                    return self.page_404(url_split)
            except FileNotFoundError:
                return self.page_404(url_split)
            except Exception as ex:
                if swap_client.debug is True:
                    swap_client.log.error(traceback.format_exc())
                return self.page_error(str(ex))

        try:
            if len(url_split) > 1:
                page = url_split[1]

                if page == 'active':
                    return self.page_active(url_split, post_string)
                if page == 'wallets':
                    return page_wallets(self, url_split, post_string)
                if page == 'wallet':
                    return page_wallet(self, url_split, post_string)
                if page == 'settings':
                    return page_settings(self, url_split, post_string)
                if page == 'error':
                    return self.page_error(url_split, post_string)
                if page == 'info':
                    return self.page_info(url_split, post_string)
                if page == 'rpc':
                    return self.page_rpc(url_split, post_string)
                if page == 'debug':
                    return self.page_debug(url_split, post_string)
                if page == 'explorers':
                    return self.page_explorers(url_split, post_string)
                if page == 'offer':
                    return page_offer(self, url_split, post_string)
                if page == 'offers':
                    return page_offers(self, url_split, post_string)
                if page == 'newoffer':
                    return page_newoffer(self, url_split, post_string)
                if page == 'sentoffers':
                    return page_offers(self, url_split, post_string, sent=True)
                if page == 'bid':
                    return page_bid(self, url_split, post_string)
                if page == 'receivedbids':
                    return page_bids(self, url_split, post_string, received=True)
                if page == 'sentbids':
                    return page_bids(self, url_split, post_string, sent=True)
                if page == 'availablebids':
                    return page_bids(self, url_split, post_string, available=True)
                if page == 'watched':
                    return self.page_watched(url_split, post_string)
                if page == 'smsgaddresses':
                    return self.page_smsgaddresses(url_split, post_string)
                if page == 'identity':
                    return self.page_identity(url_split, post_string)
                if page == 'tor':
                    return page_tor(self, url_split, post_string)
                if page == 'automation':
                    return page_automation_strategies(self, url_split, post_string)
                if page == 'automationstrategy':
                    return page_automation_strategy(self, url_split, post_string)
                if page == 'newautomationstrategy':
                    return page_automation_strategy_new(self, url_split, post_string)
                if page == 'shutdown':
                    return self.page_shutdown(url_split, post_string)
                if page == 'changepassword':
                    return page_changepassword(self, url_split, post_string)
                if page == 'unlock':
                    return page_unlock(self, url_split, post_string)
                if page == 'lock':
                    return page_lock(self, url_split, post_string)
                if page != '':
                    return self.page_404(url_split)
            return self.page_index(url_split)
        except LockedCoinError:
            return page_unlock(self, url_split, post_string)
        except Exception as ex:
            if swap_client.debug is True:
                swap_client.log.error(traceback.format_exc())
            return self.page_error(str(ex))

    def do_GET(self):
        response = self.handle_http(200, self.path)
        self.wfile.write(response)

    def do_POST(self):
        post_string = self.rfile.read(int(self.headers.get('Content-Length')))

        is_json = True if 'json' in self.headers.get('Content-Type', '') else False
        response = self.handle_http(200, self.path, post_string, is_json)
        self.wfile.write(response)

    def do_HEAD(self):
        self.putHeaders(200, 'text/html')

    def do_OPTIONS(self):
        self.send_response(200, 'ok')
        if self.server.allow_cors:
            self.send_header('Access-Control-Allow-Origin', '*')
            self.send_header('Access-Control-Allow-Headers', '*')
        self.end_headers()


class HttpThread(threading.Thread, HTTPServer):
    def __init__(self, fp, host_name, port_no, allow_cors, swap_client):
        threading.Thread.__init__(self)

        self.stop_event = threading.Event()
        self.fp = fp
        self.host_name = host_name
        self.port_no = port_no
        self.allow_cors = allow_cors
        self.swap_client = swap_client
        self.title = 'BasicSwap - ' + __version__
        self.last_form_id = dict()
        self.session_tokens = dict()
        self.env = env
        self.msg_id_counter = 0

        self.timeout = 60
        HTTPServer.__init__(self, (self.host_name, self.port_no), HttpHandler)

    def stop(self):
        self.stop_event.set()

        # Send fake request
        conn = http.client.HTTPConnection(self.host_name, self.port_no)
        conn.connect()
        conn.request('GET', '/none')
        response = conn.getresponse()
        data = response.read()
        conn.close()

    def stopped(self):
        return self.stop_event.is_set()

    def serve_forever(self):
        while not self.stopped():
            self.handle_request()
        self.socket.close()

    def run(self):
        self.serve_forever()