Secure backend socket.io from other applications that can access loca…

…lhost i.e. browser (#1940)

* secure socket IO connection with token and origin, transform token from main.ts to backend and state manager

* add JWT

* not throw error on missing auth token

* send 401 to unauthorized user

* generate random secret

* use basic auth instead of JWT

* auth tests

* WIP: secure sockets mobile

* fix:lint

* Pass socketioSecret to backend

* Add authorization headers to socketio android notifications client

* Secure socketIO connection on iOS

* Use random string for securing socketIO pn iOS

* Extend lastKnownPort to lastKnownSocketIOData on android

* Handle socketIOSecret for iOS lifecycle event

* Code quality fixes

* Create Utils class on iOS and move relevant methods there

* feat: getRandomValues and concept for validating options on backend

* fix: generating secret

* feat: use IPC and Redux store for transfering socketIOSecret

* test: add socketIOSecret selector test

* test: add startConnectionSaga test

* Use secure random for socketio secret

* fix: use secure crypto for ios socketio secret

* fix: add Utils file to the project

* fix: check pkijs

* fix: revert changes with pkijs

* fix:change order

* fix: generate secret after setEngine

* fix: backwards test for prod versions

* fix: remove peculiar/webcrypto from common

* fix: file name

---------

Co-authored-by: Vin Kabuki <[email protected]>
Co-authored-by: siepra <[email protected]>

.github/workflows/check-visual-regression.yml

@@ -17,7 +17,7 @@ jobs:
       - name: "Print OS"
         run: echo ${{ matrix.os }}
 
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0 # Required to retrieve git history