feat(http): add options to disable GoogleReader/Fever/API

Some users aren't using those, and it thus makes sense to provide a way to
disable them, as they expose quite a lot of sensitive-ish features.

Author: jvoisin

internal/config/config_test.go

@@ -2104,3 +2104,57 @@ func TestInvalidHTTPClientProxy(t *testing.T) {
 		t.Fatalf(`Expected error for invalid HTTP_CLIENT_PROXY value, but got none`)
 	}
 }
+
+func TestDisableAPI(t *testing.T) {
+	os.Clearenv()
+	os.Setenv("DISABLE_API", "1")
+
+	parser := NewParser()
+	opts, err := parser.ParseEnvironmentVariables()
+	if err != nil {
+		t.Fatalf(`Parsing failure: %v`, err)
+	}
+
+	expected := true
+	result := opts.DisableAPI()
+
+	if result != expected {
+		t.Fatalf(`Unexpected DISABLE_API value, got %v instead of %v`, result, expected)
+	}
+}
+
+func TestDisableGoogleReaderAPI(t *testing.T) {
+	os.Clearenv()
+	os.Setenv("DISABLE_GOOGLEREADER_API", "1")
+
+	parser := NewParser()
+	opts, err := parser.ParseEnvironmentVariables()
+	if err != nil {
+		t.Fatalf(`Parsing failure: %v`, err)
+	}
+
+	expected := true
+	result := opts.DisableGoogleReaderAPI()
+
+	if result != expected {
+		t.Fatalf(`Unexpected DISABLE_API value, got %v instead of %v`, result, expected)
+	}
+}
+
+func TestDisableFeverAPI(t *testing.T) {
+	os.Clearenv()
+	os.Setenv("DISABLE_FEVER_API", "1")
+
+	parser := NewParser()
+	opts, err := parser.ParseEnvironmentVariables()
+	if err != nil {
+		t.Fatalf(`Parsing failure: %v`, err)
+	}
+
+	expected := true
+	result := opts.DisableFeverAPI()
+
+	if result != expected {
+		t.Fatalf(`Unexpected DISABLE_API value, got %v instead of %v`, result, expected)
+	}
+}

internal/config/options.go

@@ -89,6 +89,9 @@ const (
 	defaultWatchdog                           = true
 	defaultInvidiousInstance                  = "yewtu.be"
 	defaultWebAuthn                           = false
+	defaultDisableFeverAPI                    = false
+	defaultDisableGoogleReaderAPI             = false
+	defaultDisableAPI                         = false
 )
 
 var defaultHTTPClientUserAgent = "Mozilla/5.0 (compatible; Miniflux/" + version.Version + "; +https://miniflux.app)"
@@ -179,6 +182,9 @@ type options struct {
 	invidiousInstance                  string
 	mediaProxyPrivateKey               []byte
 	webAuthn                           bool
+	disableFeverAPI                    bool
+	disableGoogleReaderAPI             bool
+	disableAPI                         bool
 }
 
 // NewOptions returns Options with default values.
@@ -259,6 +265,9 @@ func NewOptions() *options {
 		invidiousInstance:                  defaultInvidiousInstance,
 		mediaProxyPrivateKey:               crypto.GenerateRandomBytes(16),
 		webAuthn:                           defaultWebAuthn,
+		disableFeverAPI:                    defaultDisableFeverAPI,
+		disableGoogleReaderAPI:             defaultDisableGoogleReaderAPI,
+		disableAPI:                         defaultDisableAPI,
 	}
 }
 
@@ -666,6 +675,21 @@ func (o *options) WebAuthn() bool {
 	return o.webAuthn
 }
 
+// DisableGoogleReaderAPI returns true if the Google Reader API should be disabled
+func (o *options) DisableGoogleReaderAPI() bool {
+	return o.disableGoogleReaderAPI
+}
+
+// DisableFeverAPI returns true if the Fever API should be disabled
+func (o *options) DisableFeverAPI() bool {
+	return o.disableFeverAPI
+}
+
+// DisableAPI returns true if the API should be disabled
+func (o *options) DisableAPI() bool {
+	return o.disableAPI
+}
+
 // FilterEntryMaxAgeDays returns the number of days after which entries should be retained.
 func (o *options) FilterEntryMaxAgeDays() int {
 	return o.filterEntryMaxAgeDays
@@ -780,6 +804,9 @@ func (o *options) SortedOptions(redactSecret bool) []*option {
 		"YOUTUBE_API_KEY":                        redactSecretValue(o.youTubeApiKey, redactSecret),
 		"YOUTUBE_EMBED_URL_OVERRIDE":             o.youTubeEmbedUrlOverride,
 		"WEBAUTHN":                               o.webAuthn,
+		"DISABLE_FEVER_API":                      o.disableFeverAPI,
+		"DISABLE_GOOGLEREADER_API":               o.disableGoogleReaderAPI,
+		"DISABLE_API":                            o.disableAPI,
 	}
 
 	keys := make([]string, 0, len(keyValues))

internal/config/parser.go

@@ -115,6 +115,12 @@ func (p *parser) parseLines(lines []string) (err error) {
 			p.opts.HTTPS = parseBool(value, defaultHTTPS)
 		case "DISABLE_SCHEDULER_SERVICE":
 			p.opts.schedulerService = !parseBool(value, defaultSchedulerService)
+		case "DISABLE_API":
+			p.opts.disableAPI = parseBool(value, defaultDisableAPI)
+		case "DISABLE_FEVER_API":
+			p.opts.disableFeverAPI = parseBool(value, defaultDisableFeverAPI)
+		case "DISABLE_GOOGLEREADER_API":
+			p.opts.disableGoogleReaderAPI = parseBool(value, defaultDisableGoogleReaderAPI)
 		case "DISABLE_HTTP_SERVICE":
 			p.opts.httpService = !parseBool(value, defaultHTTPService)
 		case "CERT_FILE":

internal/http/server/httpd.go

@@ -242,9 +242,15 @@ func setupHandler(store *storage.Storage, pool *worker.Pool) *mux.Router {
 
 	subrouter.Use(middleware)
 
-	fever.Serve(subrouter, store)
-	googlereader.Serve(subrouter, store)
-	api.Serve(subrouter, store, pool)
+	if !config.Opts.DisableFeverAPI() {
+		fever.Serve(subrouter, store)
+	}
+	if !config.Opts.DisableGoogleReaderAPI() {
+		googlereader.Serve(subrouter, store)
+	}
+	if !config.Opts.DisableAPI() {
+		api.Serve(subrouter, store, pool)
+	}
 	ui.Serve(subrouter, store, pool)
 
 	subrouter.HandleFunc("/healthcheck", readinessProbe).Name("healthcheck")

miniflux.1

@@ -235,6 +235,21 @@ Path to a secret key exposed as a file, it should contain $DATABASE_URL value\&.
 .br
 Default is empty\&.
 .TP
+.B DISABLE_API
+Disable miniflux' API\&.
+.br
+Default is false (The API is enabled)\&.
+.TP
+.B DISABLE_FEVER_API
+Disable the Fever API\&.
+.br
+Default is false (The Fever API is enabled)\&.
+.TP
+.B DISABLE_GOOGLEREADER_API
+Disable the Google Reader API\&.
+.br
+Default is false (The Google Reader API is enabled)\&.
+.TP
 .B DISABLE_HSTS
 Disable HTTP Strict Transport Security header if \fBHTTPS\fR is set\&.
 .br