🏗️ Allow saving password and threepid info on application service registration.

2025-12-06 14:33:10 -06:00 · 2024-01-25 19:23:03 +02:00 · 2024-01-25 19:23:03 +02:00 · 733ad9a5a3
parent 7e16873f2f
commit 733ad9a5a3
2 changed files with 41 additions and 18 deletions
--- a/clientapi/routing/key_crosssigning.go
+++ b/clientapi/routing/key_crosssigning.go
@ -25,6 +25,7 @@ import (
 	"github.com/matrix-org/dendrite/clientapi/httputil"
 	"github.com/matrix-org/dendrite/setup/config"
 	"github.com/matrix-org/dendrite/userapi/api"
+	userapi "github.com/matrix-org/dendrite/userapi/api"
 	"github.com/matrix-org/gomatrixserverlib/spec"
 	"github.com/matrix-org/util"
 )
@ -50,6 +51,9 @@ func UploadCrossSigningDeviceKeys(
 	if sessionID == "" {
 		sessionID = util.RandomString(sessionIDLength)
 	}
+
+	//! GlobeKeeper Customization: If user was registered with appservice (like BridgeAS), then we allow it to upload keys without a password
+	if device.AccountType != userapi.AccountTypeAppService {
 		if uploadReq.Auth.Type != authtypes.LoginTypePassword {
 			return util.JSONResponse{
 				Code: http.StatusUnauthorized,
@ -71,6 +75,7 @@ func UploadCrossSigningDeviceKeys(
 		if _, authErr := typePassword.Login(req.Context(), &uploadReq.Auth.PasswordRequest); authErr != nil {
 			return *authErr
 		}
+	}
 	sessions.addCompletedSessionStage(sessionID, authtypes.LoginTypePassword)

 	uploadReq.UserID = device.UserID
--- a/clientapi/routing/register.go
+++ b/clientapi/routing/register.go
@ -225,6 +225,9 @@ type registerRequest struct {
 	// Application Services place Type in the root of their registration
 	// request, whereas clients place it in the authDict struct.
 	Type authtypes.LoginType `json:"type"`
+
+	// GlobeKeeper custom
+	Email string `json:"email"`
 }

 type authDict struct {
@ -818,6 +821,21 @@ func handleApplicationServiceRegistration(
 		return *err
 	}

+	//! Custom GlobeKeeper logic to support AS registration with email (3pid) & password.
+	if r.Email != "" && r.Password != "" {
+		// If no error, application service was successfully validated.
+		// Don't need to worry about appending to registration stages as
+		// application service registration is entirely separate.
+		return completeRegistration(
+			req.Context(), userAPI, r.Username, r.ServerName, "", r.Password, appserviceID, req.RemoteAddr, req.UserAgent(), r.Auth.Session,
+			r.InhibitLogin, r.InitialDisplayName, r.DeviceID, userapi.AccountTypeAppService, &authtypes.ThreePID{
+				Address:     r.Email,
+				Medium:      "email",
+				AddedAt:     time.Now().Unix(),
+				ValidatedAt: time.Now().Unix(),
+			},
+		)
+	}
 	// If no error, application service was successfully validated.
 	// Don't need to worry about appending to registration stages as
 	// application service registration is entirely separate.