2020-06-15 03:54:11 -05:00
|
|
|
// Copyright 2020 The Matrix.org Foundation C.I.C.
|
|
|
|
//
|
|
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
// you may not use this file except in compliance with the License.
|
|
|
|
// You may obtain a copy of the License at
|
|
|
|
//
|
|
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
//
|
|
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
// See the License for the specific language governing permissions and
|
|
|
|
// limitations under the License.
|
|
|
|
|
|
|
|
package internal
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
"database/sql"
|
2020-06-18 12:36:03 -05:00
|
|
|
"encoding/json"
|
2020-06-16 11:39:56 -05:00
|
|
|
"errors"
|
2020-06-15 03:54:11 -05:00
|
|
|
"fmt"
|
|
|
|
|
2022-02-16 11:55:38 -06:00
|
|
|
"github.com/matrix-org/gomatrixserverlib"
|
|
|
|
"github.com/matrix-org/util"
|
|
|
|
"github.com/sirupsen/logrus"
|
|
|
|
|
2020-06-16 08:10:55 -05:00
|
|
|
"github.com/matrix-org/dendrite/appservice/types"
|
|
|
|
"github.com/matrix-org/dendrite/clientapi/userutil"
|
2020-06-16 11:39:56 -05:00
|
|
|
"github.com/matrix-org/dendrite/internal/sqlutil"
|
2020-07-30 12:00:56 -05:00
|
|
|
keyapi "github.com/matrix-org/dendrite/keyserver/api"
|
2020-12-02 11:41:00 -06:00
|
|
|
"github.com/matrix-org/dendrite/setup/config"
|
2020-06-15 03:54:11 -05:00
|
|
|
"github.com/matrix-org/dendrite/userapi/api"
|
2022-02-18 05:31:05 -06:00
|
|
|
"github.com/matrix-org/dendrite/userapi/storage"
|
2020-06-15 03:54:11 -05:00
|
|
|
)
|
|
|
|
|
|
|
|
type UserInternalAPI struct {
|
2022-02-18 05:31:05 -06:00
|
|
|
DB storage.Database
|
2020-06-15 03:54:11 -05:00
|
|
|
ServerName gomatrixserverlib.ServerName
|
2020-06-16 08:10:55 -05:00
|
|
|
// AppServices is the list of all registered AS
|
|
|
|
AppServices []config.ApplicationService
|
2020-07-30 12:00:56 -05:00
|
|
|
KeyAPI keyapi.KeyInternalAPI
|
2020-06-15 03:54:11 -05:00
|
|
|
}
|
|
|
|
|
2020-06-18 12:36:03 -05:00
|
|
|
func (a *UserInternalAPI) InputAccountData(ctx context.Context, req *api.InputAccountDataRequest, res *api.InputAccountDataResponse) error {
|
|
|
|
local, domain, err := gomatrixserverlib.SplitID('@', req.UserID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if domain != a.ServerName {
|
|
|
|
return fmt.Errorf("cannot query profile of remote users: got %s want %s", domain, a.ServerName)
|
|
|
|
}
|
|
|
|
if req.DataType == "" {
|
|
|
|
return fmt.Errorf("data type must not be empty")
|
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
return a.DB.SaveAccountData(ctx, local, req.RoomID, req.DataType, req.AccountData)
|
2020-06-18 12:36:03 -05:00
|
|
|
}
|
|
|
|
|
2020-06-16 11:39:56 -05:00
|
|
|
func (a *UserInternalAPI) PerformAccountCreation(ctx context.Context, req *api.PerformAccountCreationRequest, res *api.PerformAccountCreationResponse) error {
|
2022-02-21 05:12:07 -06:00
|
|
|
acc, err := a.DB.CreateAccount(ctx, req.Localpart, req.Password, req.AppServiceID, req.PolicyVersion, req.AccountType)
|
2020-06-16 11:39:56 -05:00
|
|
|
if err != nil {
|
|
|
|
if errors.Is(err, sqlutil.ErrUserExists) { // This account already exists
|
|
|
|
switch req.OnConflict {
|
|
|
|
case api.ConflictUpdate:
|
|
|
|
break
|
|
|
|
case api.ConflictAbort:
|
|
|
|
return &api.ErrorConflict{
|
|
|
|
Message: err.Error(),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2020-06-17 05:22:26 -05:00
|
|
|
// account already exists
|
2020-06-16 11:39:56 -05:00
|
|
|
res.AccountCreated = false
|
2020-06-17 05:22:26 -05:00
|
|
|
res.Account = &api.Account{
|
|
|
|
AppServiceID: req.AppServiceID,
|
|
|
|
Localpart: req.Localpart,
|
|
|
|
ServerName: a.ServerName,
|
|
|
|
UserID: fmt.Sprintf("@%s:%s", req.Localpart, a.ServerName),
|
2022-02-16 11:55:38 -06:00
|
|
|
AccountType: req.AccountType,
|
2020-06-17 05:22:26 -05:00
|
|
|
}
|
2021-03-03 08:01:34 -06:00
|
|
|
return nil
|
2020-06-16 11:39:56 -05:00
|
|
|
}
|
2020-07-01 07:35:58 -05:00
|
|
|
|
2022-02-16 11:55:38 -06:00
|
|
|
if req.AccountType == api.AccountTypeGuest {
|
|
|
|
res.AccountCreated = true
|
|
|
|
res.Account = acc
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2022-02-18 05:31:05 -06:00
|
|
|
if err = a.DB.SetDisplayName(ctx, req.Localpart, req.Localpart); err != nil {
|
2020-07-01 07:35:58 -05:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2020-06-16 11:39:56 -05:00
|
|
|
res.AccountCreated = true
|
2020-06-17 05:22:26 -05:00
|
|
|
res.Account = acc
|
2020-06-16 11:39:56 -05:00
|
|
|
return nil
|
|
|
|
}
|
2020-09-04 09:16:13 -05:00
|
|
|
|
|
|
|
func (a *UserInternalAPI) PerformPasswordUpdate(ctx context.Context, req *api.PerformPasswordUpdateRequest, res *api.PerformPasswordUpdateResponse) error {
|
2022-02-18 05:31:05 -06:00
|
|
|
if err := a.DB.SetPassword(ctx, req.Localpart, req.Password); err != nil {
|
2020-09-04 09:16:13 -05:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
res.PasswordUpdated = true
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2020-06-16 11:39:56 -05:00
|
|
|
func (a *UserInternalAPI) PerformDeviceCreation(ctx context.Context, req *api.PerformDeviceCreationRequest, res *api.PerformDeviceCreationResponse) error {
|
2020-08-10 06:38:33 -05:00
|
|
|
util.GetLogger(ctx).WithFields(logrus.Fields{
|
|
|
|
"localpart": req.Localpart,
|
|
|
|
"device_id": req.DeviceID,
|
|
|
|
"display_name": req.DeviceDisplayName,
|
|
|
|
}).Info("PerformDeviceCreation")
|
2022-02-18 05:31:05 -06:00
|
|
|
dev, err := a.DB.CreateDevice(ctx, req.Localpart, req.DeviceID, req.AccessToken, req.DeviceDisplayName, req.IPAddr, req.UserAgent)
|
2020-06-16 11:39:56 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
res.DeviceCreated = true
|
2020-06-17 05:22:26 -05:00
|
|
|
res.Device = dev
|
2021-12-03 11:18:35 -06:00
|
|
|
if req.NoDeviceListUpdate {
|
|
|
|
return nil
|
|
|
|
}
|
2020-07-31 08:40:45 -05:00
|
|
|
// create empty device keys and upload them to trigger device list changes
|
|
|
|
return a.deviceListUpdate(dev.UserID, []string{dev.ID})
|
2020-06-16 11:39:56 -05:00
|
|
|
}
|
|
|
|
|
2020-07-30 12:00:56 -05:00
|
|
|
func (a *UserInternalAPI) PerformDeviceDeletion(ctx context.Context, req *api.PerformDeviceDeletionRequest, res *api.PerformDeviceDeletionResponse) error {
|
|
|
|
util.GetLogger(ctx).WithField("user_id", req.UserID).WithField("devices", req.DeviceIDs).Info("PerformDeviceDeletion")
|
|
|
|
local, domain, err := gomatrixserverlib.SplitID('@', req.UserID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if domain != a.ServerName {
|
|
|
|
return fmt.Errorf("cannot PerformDeviceDeletion of remote users: got %s want %s", domain, a.ServerName)
|
|
|
|
}
|
2020-08-27 12:53:40 -05:00
|
|
|
deletedDeviceIDs := req.DeviceIDs
|
|
|
|
if len(req.DeviceIDs) == 0 {
|
|
|
|
var devices []api.Device
|
2022-02-18 05:31:05 -06:00
|
|
|
devices, err = a.DB.RemoveAllDevices(ctx, local, req.ExceptDeviceID)
|
2020-08-27 12:53:40 -05:00
|
|
|
for _, d := range devices {
|
|
|
|
deletedDeviceIDs = append(deletedDeviceIDs, d.ID)
|
|
|
|
}
|
|
|
|
} else {
|
2022-02-18 05:31:05 -06:00
|
|
|
err = a.DB.RemoveDevices(ctx, local, req.DeviceIDs)
|
2020-08-27 12:53:40 -05:00
|
|
|
}
|
2020-07-30 12:00:56 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2021-08-18 06:07:09 -05:00
|
|
|
// Ask the keyserver to delete device keys and signatures for those devices
|
|
|
|
deleteReq := &keyapi.PerformDeleteKeysRequest{
|
|
|
|
UserID: req.UserID,
|
|
|
|
}
|
|
|
|
for _, keyID := range req.DeviceIDs {
|
|
|
|
deleteReq.KeyIDs = append(deleteReq.KeyIDs, gomatrixserverlib.KeyID(keyID))
|
|
|
|
}
|
|
|
|
deleteRes := &keyapi.PerformDeleteKeysResponse{}
|
|
|
|
a.KeyAPI.PerformDeleteKeys(ctx, deleteReq, deleteRes)
|
|
|
|
if err := deleteRes.Error; err != nil {
|
|
|
|
return fmt.Errorf("a.KeyAPI.PerformDeleteKeys: %w", err)
|
|
|
|
}
|
2020-07-30 12:00:56 -05:00
|
|
|
// create empty device keys and upload them to delete what was once there and trigger device list changes
|
2020-08-27 12:53:40 -05:00
|
|
|
return a.deviceListUpdate(req.UserID, deletedDeviceIDs)
|
2020-07-31 08:40:45 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
func (a *UserInternalAPI) deviceListUpdate(userID string, deviceIDs []string) error {
|
|
|
|
deviceKeys := make([]keyapi.DeviceKeys, len(deviceIDs))
|
|
|
|
for i, did := range deviceIDs {
|
2020-07-30 12:00:56 -05:00
|
|
|
deviceKeys[i] = keyapi.DeviceKeys{
|
2020-07-31 08:40:45 -05:00
|
|
|
UserID: userID,
|
2020-07-30 12:00:56 -05:00
|
|
|
DeviceID: did,
|
|
|
|
KeyJSON: nil,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
var uploadRes keyapi.PerformUploadKeysResponse
|
|
|
|
a.KeyAPI.PerformUploadKeys(context.Background(), &keyapi.PerformUploadKeysRequest{
|
2021-03-02 05:40:20 -06:00
|
|
|
UserID: userID,
|
2020-07-30 12:00:56 -05:00
|
|
|
DeviceKeys: deviceKeys,
|
|
|
|
}, &uploadRes)
|
|
|
|
if uploadRes.Error != nil {
|
2021-09-08 11:31:03 -05:00
|
|
|
return fmt.Errorf("failed to delete device keys: %v", uploadRes.Error)
|
2020-07-30 12:00:56 -05:00
|
|
|
}
|
|
|
|
if len(uploadRes.KeyErrors) > 0 {
|
2021-09-08 11:31:03 -05:00
|
|
|
return fmt.Errorf("failed to delete device keys, key errors: %+v", uploadRes.KeyErrors)
|
2020-07-30 12:00:56 -05:00
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2020-11-20 05:29:02 -06:00
|
|
|
func (a *UserInternalAPI) PerformLastSeenUpdate(
|
|
|
|
ctx context.Context,
|
|
|
|
req *api.PerformLastSeenUpdateRequest,
|
|
|
|
res *api.PerformLastSeenUpdateResponse,
|
|
|
|
) error {
|
|
|
|
localpart, _, err := gomatrixserverlib.SplitID('@', req.UserID)
|
|
|
|
if err != nil {
|
|
|
|
return fmt.Errorf("gomatrixserverlib.SplitID: %w", err)
|
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
if err := a.DB.UpdateDeviceLastSeen(ctx, localpart, req.DeviceID, req.RemoteAddr); err != nil {
|
2020-11-20 05:29:02 -06:00
|
|
|
return fmt.Errorf("a.DeviceDB.UpdateDeviceLastSeen: %w", err)
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2020-07-31 08:40:45 -05:00
|
|
|
func (a *UserInternalAPI) PerformDeviceUpdate(ctx context.Context, req *api.PerformDeviceUpdateRequest, res *api.PerformDeviceUpdateResponse) error {
|
|
|
|
localpart, _, err := gomatrixserverlib.SplitID('@', req.RequestingUserID)
|
|
|
|
if err != nil {
|
|
|
|
util.GetLogger(ctx).WithError(err).Error("gomatrixserverlib.SplitID failed")
|
|
|
|
return err
|
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
dev, err := a.DB.GetDeviceByID(ctx, localpart, req.DeviceID)
|
2020-07-31 08:40:45 -05:00
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
res.DeviceExists = false
|
|
|
|
return nil
|
|
|
|
} else if err != nil {
|
|
|
|
util.GetLogger(ctx).WithError(err).Error("deviceDB.GetDeviceByID failed")
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
res.DeviceExists = true
|
|
|
|
|
|
|
|
if dev.UserID != req.RequestingUserID {
|
|
|
|
res.Forbidden = true
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2022-02-18 05:31:05 -06:00
|
|
|
err = a.DB.UpdateDevice(ctx, localpart, req.DeviceID, req.DisplayName)
|
2020-07-31 08:40:45 -05:00
|
|
|
if err != nil {
|
|
|
|
util.GetLogger(ctx).WithError(err).Error("deviceDB.UpdateDevice failed")
|
|
|
|
return err
|
|
|
|
}
|
2020-08-12 16:43:02 -05:00
|
|
|
if req.DisplayName != nil && dev.DisplayName != *req.DisplayName {
|
|
|
|
// display name has changed: update the device key
|
|
|
|
var uploadRes keyapi.PerformUploadKeysResponse
|
|
|
|
a.KeyAPI.PerformUploadKeys(context.Background(), &keyapi.PerformUploadKeysRequest{
|
2021-03-02 05:40:20 -06:00
|
|
|
UserID: req.RequestingUserID,
|
2020-08-12 16:43:02 -05:00
|
|
|
DeviceKeys: []keyapi.DeviceKeys{
|
|
|
|
{
|
|
|
|
DeviceID: dev.ID,
|
|
|
|
DisplayName: *req.DisplayName,
|
|
|
|
KeyJSON: nil,
|
|
|
|
UserID: dev.UserID,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
OnlyDisplayNameUpdates: true,
|
|
|
|
}, &uploadRes)
|
|
|
|
if uploadRes.Error != nil {
|
2021-09-08 11:31:03 -05:00
|
|
|
return fmt.Errorf("failed to update device key display name: %v", uploadRes.Error)
|
2020-08-12 16:43:02 -05:00
|
|
|
}
|
|
|
|
if len(uploadRes.KeyErrors) > 0 {
|
2021-09-08 11:31:03 -05:00
|
|
|
return fmt.Errorf("failed to update device key display name, key errors: %+v", uploadRes.KeyErrors)
|
2020-08-12 16:43:02 -05:00
|
|
|
}
|
|
|
|
}
|
2020-07-31 08:40:45 -05:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2020-06-15 03:54:11 -05:00
|
|
|
func (a *UserInternalAPI) QueryProfile(ctx context.Context, req *api.QueryProfileRequest, res *api.QueryProfileResponse) error {
|
|
|
|
local, domain, err := gomatrixserverlib.SplitID('@', req.UserID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if domain != a.ServerName {
|
|
|
|
return fmt.Errorf("cannot query profile of remote users: got %s want %s", domain, a.ServerName)
|
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
prof, err := a.DB.GetProfileByLocalpart(ctx, local)
|
2020-06-15 03:54:11 -05:00
|
|
|
if err != nil {
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
res.UserExists = true
|
|
|
|
res.AvatarURL = prof.AvatarURL
|
|
|
|
res.DisplayName = prof.DisplayName
|
|
|
|
return nil
|
2020-07-28 04:53:17 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
func (a *UserInternalAPI) QuerySearchProfiles(ctx context.Context, req *api.QuerySearchProfilesRequest, res *api.QuerySearchProfilesResponse) error {
|
2022-02-18 05:31:05 -06:00
|
|
|
profiles, err := a.DB.SearchProfiles(ctx, req.SearchString, req.Limit)
|
2020-07-28 04:53:17 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
res.Profiles = profiles
|
|
|
|
return nil
|
2020-06-15 03:54:11 -05:00
|
|
|
}
|
2020-06-16 08:10:55 -05:00
|
|
|
|
2020-07-22 11:04:57 -05:00
|
|
|
func (a *UserInternalAPI) QueryDeviceInfos(ctx context.Context, req *api.QueryDeviceInfosRequest, res *api.QueryDeviceInfosResponse) error {
|
2022-02-18 05:31:05 -06:00
|
|
|
devices, err := a.DB.GetDevicesByID(ctx, req.DeviceIDs)
|
2020-07-22 11:04:57 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
res.DeviceInfo = make(map[string]struct {
|
|
|
|
DisplayName string
|
|
|
|
UserID string
|
|
|
|
})
|
|
|
|
for _, d := range devices {
|
|
|
|
res.DeviceInfo[d.ID] = struct {
|
|
|
|
DisplayName string
|
|
|
|
UserID string
|
|
|
|
}{
|
|
|
|
DisplayName: d.DisplayName,
|
|
|
|
UserID: d.UserID,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2020-06-16 08:53:19 -05:00
|
|
|
func (a *UserInternalAPI) QueryDevices(ctx context.Context, req *api.QueryDevicesRequest, res *api.QueryDevicesResponse) error {
|
|
|
|
local, domain, err := gomatrixserverlib.SplitID('@', req.UserID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if domain != a.ServerName {
|
|
|
|
return fmt.Errorf("cannot query devices of remote users: got %s want %s", domain, a.ServerName)
|
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
devs, err := a.DB.GetDevicesByLocalpart(ctx, local)
|
2020-06-16 08:53:19 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
res.UserExists = true
|
2020-06-16 08:53:19 -05:00
|
|
|
res.Devices = devs
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2020-06-16 11:05:38 -05:00
|
|
|
func (a *UserInternalAPI) QueryAccountData(ctx context.Context, req *api.QueryAccountDataRequest, res *api.QueryAccountDataResponse) error {
|
|
|
|
local, domain, err := gomatrixserverlib.SplitID('@', req.UserID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
if domain != a.ServerName {
|
|
|
|
return fmt.Errorf("cannot query account data of remote users: got %s want %s", domain, a.ServerName)
|
|
|
|
}
|
|
|
|
if req.DataType != "" {
|
2020-06-18 12:36:03 -05:00
|
|
|
var data json.RawMessage
|
2022-02-18 05:31:05 -06:00
|
|
|
data, err = a.DB.GetAccountDataByType(ctx, local, req.RoomID, req.DataType)
|
2020-06-16 11:05:38 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2020-06-18 12:36:03 -05:00
|
|
|
res.RoomAccountData = make(map[string]map[string]json.RawMessage)
|
|
|
|
res.GlobalAccountData = make(map[string]json.RawMessage)
|
|
|
|
if data != nil {
|
2020-06-16 11:05:38 -05:00
|
|
|
if req.RoomID != "" {
|
2020-06-18 12:36:03 -05:00
|
|
|
if _, ok := res.RoomAccountData[req.RoomID]; !ok {
|
|
|
|
res.RoomAccountData[req.RoomID] = make(map[string]json.RawMessage)
|
|
|
|
}
|
|
|
|
res.RoomAccountData[req.RoomID][req.DataType] = data
|
2020-06-16 11:05:38 -05:00
|
|
|
} else {
|
2020-06-18 12:36:03 -05:00
|
|
|
res.GlobalAccountData[req.DataType] = data
|
2020-06-16 11:05:38 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
global, rooms, err := a.DB.GetAccountData(ctx, local)
|
2020-06-16 11:05:38 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
res.RoomAccountData = rooms
|
|
|
|
res.GlobalAccountData = global
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2020-06-16 08:10:55 -05:00
|
|
|
func (a *UserInternalAPI) QueryAccessToken(ctx context.Context, req *api.QueryAccessTokenRequest, res *api.QueryAccessTokenResponse) error {
|
|
|
|
if req.AppServiceUserID != "" {
|
|
|
|
appServiceDevice, err := a.queryAppServiceToken(ctx, req.AccessToken, req.AppServiceUserID)
|
2021-12-03 11:18:35 -06:00
|
|
|
if err != nil {
|
|
|
|
res.Err = err.Error()
|
|
|
|
}
|
2020-06-16 08:10:55 -05:00
|
|
|
res.Device = appServiceDevice
|
2021-12-03 11:18:35 -06:00
|
|
|
|
2020-06-16 08:10:55 -05:00
|
|
|
return nil
|
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
device, err := a.DB.GetDeviceByAccessToken(ctx, req.AccessToken)
|
2020-06-16 08:10:55 -05:00
|
|
|
if err != nil {
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
return err
|
|
|
|
}
|
2022-02-16 11:55:38 -06:00
|
|
|
localPart, _, err := gomatrixserverlib.SplitID('@', device.UserID)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
acc, err := a.DB.GetAccountByLocalpart(ctx, localPart)
|
2022-02-16 11:55:38 -06:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
device.AccountType = acc.AccountType
|
2020-06-16 08:10:55 -05:00
|
|
|
res.Device = device
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Return the appservice 'device' or nil if the token is not an appservice. Returns an error if there was a problem
|
|
|
|
// creating a 'device'.
|
|
|
|
func (a *UserInternalAPI) queryAppServiceToken(ctx context.Context, token, appServiceUserID string) (*api.Device, error) {
|
|
|
|
// Search for app service with given access_token
|
|
|
|
var appService *config.ApplicationService
|
|
|
|
for _, as := range a.AppServices {
|
|
|
|
if as.ASToken == token {
|
|
|
|
appService = &as
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if appService == nil {
|
|
|
|
return nil, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Create a dummy device for AS user
|
|
|
|
dev := api.Device{
|
|
|
|
// Use AS dummy device ID
|
|
|
|
ID: types.AppServiceDeviceID,
|
|
|
|
// AS dummy device has AS's token.
|
2021-03-03 10:27:44 -06:00
|
|
|
AccessToken: token,
|
|
|
|
AppserviceID: appService.ID,
|
2022-02-16 11:55:38 -06:00
|
|
|
AccountType: api.AccountTypeAppService,
|
2020-06-16 08:10:55 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
localpart, err := userutil.ParseUsernameParam(appServiceUserID, &a.ServerName)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
|
|
|
|
if localpart != "" { // AS is masquerading as another user
|
|
|
|
// Verify that the user is registered
|
2022-02-18 05:31:05 -06:00
|
|
|
account, err := a.DB.GetAccountByLocalpart(ctx, localpart)
|
2021-01-04 04:43:23 -06:00
|
|
|
// Verify that the account exists and either appServiceID matches or
|
|
|
|
// it belongs to the appservice user namespaces
|
|
|
|
if err == nil && (account.AppServiceID == appService.ID || appService.IsInterestedInUserID(appServiceUserID)) {
|
2020-06-16 08:10:55 -05:00
|
|
|
// Set the userID of dummy device
|
|
|
|
dev.UserID = appServiceUserID
|
|
|
|
return &dev, nil
|
|
|
|
}
|
|
|
|
return nil, &api.ErrorForbidden{Message: "appservice has not registered this user"}
|
|
|
|
}
|
|
|
|
|
|
|
|
// AS is not masquerading as any user, so use AS's sender_localpart
|
|
|
|
dev.UserID = appService.SenderLocalpart
|
|
|
|
return &dev, nil
|
|
|
|
}
|
2020-10-02 11:18:20 -05:00
|
|
|
|
|
|
|
// PerformAccountDeactivation deactivates the user's account, removing all ability for the user to login again.
|
|
|
|
func (a *UserInternalAPI) PerformAccountDeactivation(ctx context.Context, req *api.PerformAccountDeactivationRequest, res *api.PerformAccountDeactivationResponse) error {
|
2022-02-18 05:31:05 -06:00
|
|
|
err := a.DB.DeactivateAccount(ctx, req.Localpart)
|
2020-10-02 11:18:20 -05:00
|
|
|
res.AccountDeactivated = err == nil
|
|
|
|
return err
|
|
|
|
}
|
2021-04-07 07:26:20 -05:00
|
|
|
|
|
|
|
// PerformOpenIDTokenCreation creates a new token that a relying party uses to authenticate a user
|
|
|
|
func (a *UserInternalAPI) PerformOpenIDTokenCreation(ctx context.Context, req *api.PerformOpenIDTokenCreationRequest, res *api.PerformOpenIDTokenCreationResponse) error {
|
|
|
|
token := util.RandomString(24)
|
|
|
|
|
2022-02-18 05:31:05 -06:00
|
|
|
exp, err := a.DB.CreateOpenIDToken(ctx, token, req.UserID)
|
2021-04-07 07:26:20 -05:00
|
|
|
|
|
|
|
res.Token = api.OpenIDToken{
|
|
|
|
Token: token,
|
|
|
|
UserID: req.UserID,
|
|
|
|
ExpiresAtMS: exp,
|
|
|
|
}
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// QueryOpenIDToken validates that the OpenID token was issued for the user, the replying party uses this for validation
|
|
|
|
func (a *UserInternalAPI) QueryOpenIDToken(ctx context.Context, req *api.QueryOpenIDTokenRequest, res *api.QueryOpenIDTokenResponse) error {
|
2022-02-18 05:31:05 -06:00
|
|
|
openIDTokenAttrs, err := a.DB.GetOpenIDTokenAttributes(ctx, req.Token)
|
2021-04-07 07:26:20 -05:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
res.Sub = openIDTokenAttrs.UserID
|
|
|
|
res.ExpiresAtMS = openIDTokenAttrs.ExpiresAtMS
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
2021-07-27 06:47:32 -05:00
|
|
|
|
2021-12-03 11:18:35 -06:00
|
|
|
func (a *UserInternalAPI) PerformKeyBackup(ctx context.Context, req *api.PerformKeyBackupRequest, res *api.PerformKeyBackupResponse) error {
|
2021-07-27 11:08:53 -05:00
|
|
|
// Delete metadata
|
2021-07-27 06:47:32 -05:00
|
|
|
if req.DeleteBackup {
|
|
|
|
if req.Version == "" {
|
|
|
|
res.BadInput = true
|
|
|
|
res.Error = "must specify a version to delete"
|
2021-12-03 11:18:35 -06:00
|
|
|
if res.Error != "" {
|
|
|
|
return fmt.Errorf(res.Error)
|
|
|
|
}
|
|
|
|
return nil
|
2021-07-27 06:47:32 -05:00
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
exists, err := a.DB.DeleteKeyBackup(ctx, req.UserID, req.Version)
|
2021-07-27 06:47:32 -05:00
|
|
|
if err != nil {
|
|
|
|
res.Error = fmt.Sprintf("failed to delete backup: %s", err)
|
|
|
|
}
|
|
|
|
res.Exists = exists
|
|
|
|
res.Version = req.Version
|
2021-12-03 11:18:35 -06:00
|
|
|
if res.Error != "" {
|
|
|
|
return fmt.Errorf(res.Error)
|
|
|
|
}
|
|
|
|
return nil
|
2021-07-27 06:47:32 -05:00
|
|
|
}
|
2021-07-27 11:08:53 -05:00
|
|
|
// Create metadata
|
2021-07-27 06:47:32 -05:00
|
|
|
if req.Version == "" {
|
2022-02-18 05:31:05 -06:00
|
|
|
version, err := a.DB.CreateKeyBackup(ctx, req.UserID, req.Algorithm, req.AuthData)
|
2021-07-27 06:47:32 -05:00
|
|
|
if err != nil {
|
|
|
|
res.Error = fmt.Sprintf("failed to create backup: %s", err)
|
|
|
|
}
|
|
|
|
res.Exists = err == nil
|
|
|
|
res.Version = version
|
2021-12-03 11:18:35 -06:00
|
|
|
if res.Error != "" {
|
|
|
|
return fmt.Errorf(res.Error)
|
|
|
|
}
|
|
|
|
return nil
|
2021-07-27 06:47:32 -05:00
|
|
|
}
|
2021-07-27 11:08:53 -05:00
|
|
|
// Update metadata
|
|
|
|
if len(req.Keys.Rooms) == 0 {
|
2022-02-18 05:31:05 -06:00
|
|
|
err := a.DB.UpdateKeyBackupAuthData(ctx, req.UserID, req.Version, req.AuthData)
|
2021-07-27 11:08:53 -05:00
|
|
|
if err != nil {
|
|
|
|
res.Error = fmt.Sprintf("failed to update backup: %s", err)
|
|
|
|
}
|
2021-07-27 13:29:32 -05:00
|
|
|
res.Exists = err == nil
|
2021-07-27 11:08:53 -05:00
|
|
|
res.Version = req.Version
|
2021-12-03 11:18:35 -06:00
|
|
|
if res.Error != "" {
|
|
|
|
return fmt.Errorf(res.Error)
|
|
|
|
}
|
|
|
|
return nil
|
2021-07-27 11:08:53 -05:00
|
|
|
}
|
|
|
|
// Upload Keys for a specific version metadata
|
|
|
|
a.uploadBackupKeys(ctx, req, res)
|
2021-12-03 11:18:35 -06:00
|
|
|
if res.Error != "" {
|
|
|
|
return fmt.Errorf(res.Error)
|
|
|
|
}
|
|
|
|
return nil
|
2021-07-27 11:08:53 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
func (a *UserInternalAPI) uploadBackupKeys(ctx context.Context, req *api.PerformKeyBackupRequest, res *api.PerformKeyBackupResponse) {
|
2021-07-27 13:29:32 -05:00
|
|
|
// you can only upload keys for the CURRENT version
|
2022-02-18 05:31:05 -06:00
|
|
|
version, _, _, _, deleted, err := a.DB.GetKeyBackup(ctx, req.UserID, "")
|
2021-07-27 06:47:32 -05:00
|
|
|
if err != nil {
|
2021-07-27 11:08:53 -05:00
|
|
|
res.Error = fmt.Sprintf("failed to query version: %s", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
if deleted {
|
|
|
|
res.Error = "backup was deleted"
|
|
|
|
return
|
|
|
|
}
|
2021-07-27 13:29:32 -05:00
|
|
|
if version != req.Version {
|
|
|
|
res.BadInput = true
|
|
|
|
res.Error = fmt.Sprintf("%s isn't the current version, %s is.", req.Version, version)
|
|
|
|
return
|
|
|
|
}
|
2021-07-27 11:08:53 -05:00
|
|
|
res.Exists = true
|
|
|
|
res.Version = version
|
|
|
|
|
|
|
|
// map keys to a form we can upload more easily - the map ensures we have no duplicates.
|
|
|
|
var uploads []api.InternalKeyBackupSession
|
|
|
|
for roomID, data := range req.Keys.Rooms {
|
|
|
|
for sessionID, sessionData := range data.Sessions {
|
|
|
|
uploads = append(uploads, api.InternalKeyBackupSession{
|
|
|
|
RoomID: roomID,
|
|
|
|
SessionID: sessionID,
|
|
|
|
KeyBackupSession: sessionData,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
2022-02-18 05:31:05 -06:00
|
|
|
count, etag, err := a.DB.UpsertBackupKeys(ctx, version, req.UserID, uploads)
|
2021-07-27 11:08:53 -05:00
|
|
|
if err != nil {
|
|
|
|
res.Error = fmt.Sprintf("failed to upsert keys: %s", err)
|
|
|
|
return
|
2021-07-27 06:47:32 -05:00
|
|
|
}
|
2021-07-27 11:08:53 -05:00
|
|
|
res.KeyCount = count
|
|
|
|
res.KeyETag = etag
|
2021-07-27 06:47:32 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
func (a *UserInternalAPI) QueryKeyBackup(ctx context.Context, req *api.QueryKeyBackupRequest, res *api.QueryKeyBackupResponse) {
|
2022-02-18 05:31:05 -06:00
|
|
|
version, algorithm, authData, etag, deleted, err := a.DB.GetKeyBackup(ctx, req.UserID, req.Version)
|
2021-07-27 06:47:32 -05:00
|
|
|
res.Version = version
|
|
|
|
if err != nil {
|
|
|
|
if err == sql.ErrNoRows {
|
|
|
|
res.Exists = false
|
|
|
|
return
|
|
|
|
}
|
|
|
|
res.Error = fmt.Sprintf("failed to query key backup: %s", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
res.Algorithm = algorithm
|
|
|
|
res.AuthData = authData
|
2021-07-27 13:29:32 -05:00
|
|
|
res.ETag = etag
|
2021-07-27 06:47:32 -05:00
|
|
|
res.Exists = !deleted
|
|
|
|
|
2021-07-27 13:29:32 -05:00
|
|
|
if !req.ReturnKeys {
|
2022-02-18 05:31:05 -06:00
|
|
|
res.Count, err = a.DB.CountBackupKeys(ctx, version, req.UserID)
|
2021-07-27 13:29:32 -05:00
|
|
|
if err != nil {
|
|
|
|
res.Error = fmt.Sprintf("failed to count keys: %s", err)
|
|
|
|
}
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2022-02-18 05:31:05 -06:00
|
|
|
result, err := a.DB.GetBackupKeys(ctx, version, req.UserID, req.KeysForRoomID, req.KeysForSessionID)
|
2021-07-27 13:29:32 -05:00
|
|
|
if err != nil {
|
|
|
|
res.Error = fmt.Sprintf("failed to query keys: %s", err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
res.Keys = result
|
2021-07-27 06:47:32 -05:00
|
|
|
}
|
2022-02-14 07:03:30 -06:00
|
|
|
|
|
|
|
func (a *UserInternalAPI) QueryPolicyVersion(
|
|
|
|
ctx context.Context,
|
|
|
|
req *api.QueryPolicyVersionRequest,
|
|
|
|
res *api.QueryPolicyVersionResponse,
|
|
|
|
) error {
|
|
|
|
var err error
|
2022-02-21 05:12:07 -06:00
|
|
|
res.PolicyVersion, err = a.DB.GetPrivacyPolicy(ctx, req.LocalPart)
|
2022-02-14 07:03:30 -06:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2022-02-25 08:32:19 -06:00
|
|
|
func (a *UserInternalAPI) QueryOutdatedPolicy(
|
2022-02-14 07:03:30 -06:00
|
|
|
ctx context.Context,
|
2022-02-25 08:32:19 -06:00
|
|
|
req *api.QueryOutdatedPolicyRequest,
|
|
|
|
res *api.QueryOutdatedPolicyResponse,
|
2022-02-14 07:03:30 -06:00
|
|
|
) error {
|
|
|
|
var err error
|
2022-02-21 05:12:07 -06:00
|
|
|
res.OutdatedUsers, err = a.DB.GetOutdatedPolicy(ctx, req.PolicyVersion)
|
2022-02-14 07:03:30 -06:00
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
2022-02-14 08:08:00 -06:00
|
|
|
|
|
|
|
func (a *UserInternalAPI) PerformUpdatePolicyVersion(
|
|
|
|
ctx context.Context,
|
|
|
|
req *api.UpdatePolicyVersionRequest,
|
|
|
|
res *api.UpdatePolicyVersionResponse,
|
|
|
|
) error {
|
2022-02-21 07:26:00 -06:00
|
|
|
return a.DB.UpdatePolicyVersion(ctx, req.PolicyVersion, req.LocalPart, req.ServerNoticeUpdate)
|
2022-02-14 08:08:00 -06:00
|
|
|
}
|