From 20f4c2e58d565e25d0ad48203569e1ff1a06a298 Mon Sep 17 00:00:00 2001 From: Anant Prakash Date: Sat, 2 Jun 2018 19:46:33 +0530 Subject: [PATCH] Refactor arguments into auth.Data --- .../dendrite/clientapi/auth/auth.go | 24 ++++++++++++------- .../matrix-org/dendrite/common/httpapi.go | 15 ++++++------ 2 files changed, 23 insertions(+), 16 deletions(-) diff --git a/src/github.com/matrix-org/dendrite/clientapi/auth/auth.go b/src/github.com/matrix-org/dendrite/clientapi/auth/auth.go index 68c6071dd..187c5fcb9 100644 --- a/src/github.com/matrix-org/dendrite/clientapi/auth/auth.go +++ b/src/github.com/matrix-org/dendrite/clientapi/auth/auth.go @@ -48,17 +48,24 @@ type AccountDatabase interface { GetAccountByLocalpart(ctx context.Context, localpart string) (*authtypes.Account, error) } +// Data contains information required to authenticate a request. +type Data struct { + AccountDB AccountDatabase + DeviceDB DeviceDatabase + // AppServices is the list of all registered AS + AppServices []config.ApplicationService +} + // VerifyUserFromRequest authenticates the HTTP request, // on success returns UserID, Device of the requester. // Finds local user or an application service user. // Note: For an AS user, AS dummy device is returned. // On failure returns an JSON error response which can be sent to the client. func VerifyUserFromRequest( - req *http.Request, accountDB AccountDatabase, deviceDB DeviceDatabase, - applicationServices []config.ApplicationService, + req *http.Request, data Data, ) (*authtypes.Device, *util.JSONResponse) { // Try to find local user from device database - dev, devErr := verifyAccessToken(req, deviceDB) + dev, devErr := verifyAccessToken(req, data.DeviceDB) if devErr == nil { return dev, nil } @@ -74,7 +81,7 @@ func VerifyUserFromRequest( // Search for app service with given access_token var appService *config.ApplicationService - for _, as := range applicationServices { + for _, as := range data.AppServices { if as.ASToken == token { appService = &as break @@ -92,13 +99,14 @@ func VerifyUserFromRequest( } // Verify that the user is registered - account, accountErr := accountDB.GetAccountByLocalpart(req.Context(), localpart) + account, err := data.AccountDB.GetAccountByLocalpart(req.Context(), localpart) + // Verify that account exists & appServiceID matches - if accountErr == nil && account.AppServiceID == appService.ID { + if err == nil && account.AppServiceID == appService.ID { // Create a dummy device for AS user dev := authtypes.Device{ - // AS_Device signifies a AS dummy device - ID: "ASDEVICE", + // Use AS dummy device ID + ID: "AS_Device", // User the AS is masquerading as. UserID: userID, // AS dummy device has AS's token. diff --git a/src/github.com/matrix-org/dendrite/common/httpapi.go b/src/github.com/matrix-org/dendrite/common/httpapi.go index 48e51e90f..99e15830a 100644 --- a/src/github.com/matrix-org/dendrite/common/httpapi.go +++ b/src/github.com/matrix-org/dendrite/common/httpapi.go @@ -6,7 +6,6 @@ import ( "github.com/matrix-org/dendrite/clientapi/auth" "github.com/matrix-org/dendrite/clientapi/auth/authtypes" - "github.com/matrix-org/dendrite/common/config" "github.com/matrix-org/gomatrixserverlib" "github.com/matrix-org/util" opentracing "github.com/opentracing/opentracing-go" @@ -14,18 +13,18 @@ import ( "github.com/prometheus/client_golang/prometheus/promhttp" ) -// MakeAuthAPI turns a util.JSONRequestHandler function into an http.Handler which checks the access token in the request. +// MakeAuthAPI turns a util.JSONRequestHandler function into an http.Handler which authenticates the request. func MakeAuthAPI( - metricsName string, accountDB auth.AccountDatabase, deviceDB auth.DeviceDatabase, - appServices []config.ApplicationService, f func(*http.Request, string, *authtypes.Device) util.JSONResponse) http.Handler { + metricsName string, data auth.Data, + f func(*http.Request, *authtypes.Device) util.JSONResponse, +) http.Handler { h := func(req *http.Request) util.JSONResponse { - user, device, err := auth.VerifyUserFromRequest(req, accountDB, deviceDB, appServices) - + device, err := auth.VerifyUserFromRequest(req, data) if err != nil { return *err } - // device is nil for AS virtual users, as they do not have a device in database - return f(req, user, device) + + return f(req, device) } return MakeExternalAPI(metricsName, h) }