From e0e4566b36547d2da16dca376781e09d316dcd57 Mon Sep 17 00:00:00 2001
From: Kegan Dougal <kegan@matrix.org>
Date: Tue, 27 Jul 2021 14:29:37 +0100
Subject: [PATCH] Add PUT key backup endpoints and glue them to
 PerformKeyBackup

---
 clientapi/routing/key_backup.go | 45 +++++++++++++++++++
 clientapi/routing/routing.go    | 79 +++++++++++++++++++++++++++++++++
 userapi/api/api.go              | 22 ++++++++-
 3 files changed, 144 insertions(+), 2 deletions(-)

diff --git a/clientapi/routing/key_backup.go b/clientapi/routing/key_backup.go
index 0aa736245..0283143bd 100644
--- a/clientapi/routing/key_backup.go
+++ b/clientapi/routing/key_backup.go
@@ -42,6 +42,17 @@ type keyBackupVersionResponse struct {
 	Version   string          `json:"version"`
 }
 
+type keyBackupSessionRequest struct {
+	Rooms map[string]struct {
+		Sessions map[string]userapi.KeyBackupSession `json:"sessions"`
+	} `json:"rooms"`
+}
+
+type keyBackupSessionResponse struct {
+	Count int    `json:"count"`
+	ETag  string `json:"etag"`
+}
+
 // Create a new key backup. Request must contain a `keyBackupVersion`. Returns a `keyBackupVersionCreateResponse`.
 // Implements  POST /_matrix/client/r0/room_keys/version
 func CreateKeyBackupVersion(req *http.Request, userAPI userapi.UserInternalAPI, device *userapi.Device) util.JSONResponse {
@@ -171,3 +182,37 @@ func DeleteKeyBackupVersion(req *http.Request, userAPI userapi.UserInternalAPI,
 		},
 	}
 }
+
+// Upload a bunch of session keys for a given `version`.
+func UploadBackupKeys(
+	req *http.Request, userAPI userapi.UserInternalAPI, device *userapi.Device, version string, keys *keyBackupSessionRequest,
+) util.JSONResponse {
+	var performKeyBackupResp userapi.PerformKeyBackupResponse
+	userAPI.PerformKeyBackup(req.Context(), &userapi.PerformKeyBackupRequest{
+		UserID:  device.UserID,
+		Version: version,
+		Keys:    *keys,
+	}, &performKeyBackupResp)
+	if performKeyBackupResp.Error != "" {
+		if performKeyBackupResp.BadInput {
+			return util.JSONResponse{
+				Code: 400,
+				JSON: jsonerror.InvalidArgumentValue(performKeyBackupResp.Error),
+			}
+		}
+		return util.ErrorResponse(fmt.Errorf("PerformKeyBackup: %s", performKeyBackupResp.Error))
+	}
+	if !performKeyBackupResp.Exists {
+		return util.JSONResponse{
+			Code: 404,
+			JSON: jsonerror.NotFound("backup version not found"),
+		}
+	}
+	return util.JSONResponse{
+		Code: 200,
+		JSON: keyBackupSessionResponse{
+			Count: performKeyBackupResp.KeyCount,
+			ETag:  performKeyBackupResp.KeyETag,
+		},
+	}
+}
diff --git a/clientapi/routing/routing.go b/clientapi/routing/routing.go
index 194ab2997..3e0c53ee4 100644
--- a/clientapi/routing/routing.go
+++ b/clientapi/routing/routing.go
@@ -938,6 +938,85 @@ func Setup(
 		}),
 	).Methods(http.MethodPost, http.MethodOptions)
 
+	// E2E Backup Keys
+	// Bulk room and session
+	r0mux.Handle("/room_keys/keys",
+		httputil.MakeAuthAPI("put_backup_keys", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
+			version := req.URL.Query().Get("version")
+			if version == "" {
+				return util.JSONResponse{
+					Code: 400,
+					JSON: jsonerror.InvalidArgumentValue("version must be specified"),
+				}
+			}
+			var reqBody keyBackupSessionRequest
+			resErr := clientutil.UnmarshalJSONRequest(req, &reqBody)
+			if resErr != nil {
+				return *resErr
+			}
+			return UploadBackupKeys(req, userAPI, device, version, &reqBody)
+		}),
+	).Methods(http.MethodPut)
+	// Single room bulk session
+	r0mux.Handle("/room_keys/keys/{roomID}",
+		httputil.MakeAuthAPI("put_backup_keys_room", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
+			vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
+			if err != nil {
+				return util.ErrorResponse(err)
+			}
+			version := req.URL.Query().Get("version")
+			if version == "" {
+				return util.JSONResponse{
+					Code: 400,
+					JSON: jsonerror.InvalidArgumentValue("version must be specified"),
+				}
+			}
+			roomID := vars["roomID"]
+			var reqBody keyBackupSessionRequest
+			reqBody.Rooms[roomID] = struct {
+				Sessions map[string]userapi.KeyBackupSession `json:"sessions"`
+			}{
+				Sessions: map[string]userapi.KeyBackupSession{},
+			}
+			body := reqBody.Rooms[roomID]
+			resErr := clientutil.UnmarshalJSONRequest(req, &body)
+			if resErr != nil {
+				return *resErr
+			}
+			reqBody.Rooms[roomID] = body
+			return UploadBackupKeys(req, userAPI, device, version, &reqBody)
+		}),
+	).Methods(http.MethodPut)
+	// Single room, single session
+	r0mux.Handle("/room_keys/keys/{roomID}/{sessionID}",
+		httputil.MakeAuthAPI("put_backup_keys_room", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
+			vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
+			if err != nil {
+				return util.ErrorResponse(err)
+			}
+			version := req.URL.Query().Get("version")
+			if version == "" {
+				return util.JSONResponse{
+					Code: 400,
+					JSON: jsonerror.InvalidArgumentValue("version must be specified"),
+				}
+			}
+			var reqBody userapi.KeyBackupSession
+			resErr := clientutil.UnmarshalJSONRequest(req, &reqBody)
+			if resErr != nil {
+				return *resErr
+			}
+			roomID := vars["roomID"]
+			sessionID := vars["sessionID"]
+			var keyReq keyBackupSessionRequest
+			keyReq.Rooms[roomID] = struct {
+				Sessions map[string]userapi.KeyBackupSession `json:"sessions"`
+			}{}
+			keyReq.Rooms[roomID].Sessions[sessionID] = reqBody
+			return UploadBackupKeys(req, userAPI, device, version, &keyReq)
+		}),
+	).Methods(http.MethodPut)
+
 	// Supplying a device ID is deprecated.
 	r0mux.Handle("/keys/upload/{deviceID}",
 		httputil.MakeAuthAPI("keys_upload", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
diff --git a/userapi/api/api.go b/userapi/api/api.go
index ff10bfcd8..6802fe23e 100644
--- a/userapi/api/api.go
+++ b/userapi/api/api.go
@@ -50,13 +50,31 @@ type PerformKeyBackupRequest struct {
 	AuthData     json.RawMessage
 	Algorithm    string
 	DeleteBackup bool // if true will delete the backup based on 'Version'.
+
+	// The keys to upload, if any. If blank, creates/updates/deletes key version metadata only.
+	Keys struct {
+		Rooms map[string]struct {
+			Sessions map[string]KeyBackupSession `json:"sessions"`
+		} `json:"rooms"`
+	}
+}
+
+type KeyBackupSession struct {
+	FirstMessageIndex int             `json:"first_message_index"`
+	ForwardedCount    int             `json:"forwarded_count"`
+	IsVerified        bool            `json:"is_verified"`
+	SessionData       json.RawMessage `json:"session_data"`
 }
 
 type PerformKeyBackupResponse struct {
 	Error    string // set if there was a problem performing the request
 	BadInput bool   // if set, the Error was due to bad input (HTTP 400)
-	Exists   bool   // set to true if the Version exists
-	Version  string
+
+	Exists  bool   // set to true if the Version exists
+	Version string // the newly created version
+
+	KeyCount int    // only set if Keys were given in the request
+	KeyETag  string // only set if Keys were given in the request
 }
 
 type QueryKeyBackupRequest struct {