Implement consent tracking
This commit is contained in:
parent
b2045c24cb
commit
11144de92f
|
@ -1,10 +1,14 @@
|
||||||
package routing
|
package routing
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/hmac"
|
||||||
|
"crypto/sha256"
|
||||||
|
"encoding/hex"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
|
||||||
"github.com/matrix-org/dendrite/setup/config"
|
"github.com/matrix-org/dendrite/setup/config"
|
||||||
userapi "github.com/matrix-org/dendrite/userapi/api"
|
userapi "github.com/matrix-org/dendrite/userapi/api"
|
||||||
|
"github.com/matrix-org/gomatrixserverlib"
|
||||||
"github.com/sirupsen/logrus"
|
"github.com/sirupsen/logrus"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -25,23 +29,93 @@ func consent(userAPI userapi.UserInternalAPI, cfg *config.ClientAPI) http.Handle
|
||||||
_, _ = writer.Write([]byte("consent tracking is disabled"))
|
_, _ = writer.Write([]byte("consent tracking is disabled"))
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
switch req.Method {
|
|
||||||
case http.MethodGet:
|
|
||||||
// The data used to populate the /consent request
|
// The data used to populate the /consent request
|
||||||
data := constentTemplateData{
|
data := constentTemplateData{
|
||||||
User: req.FormValue("u"),
|
User: req.FormValue("u"),
|
||||||
Version: req.FormValue("v"),
|
Version: req.FormValue("v"),
|
||||||
UserHMAC: req.FormValue("h"),
|
UserHMAC: req.FormValue("h"),
|
||||||
}
|
}
|
||||||
|
switch req.Method {
|
||||||
|
case http.MethodGet:
|
||||||
// display the privacy policy without a form
|
// display the privacy policy without a form
|
||||||
data.PublicVersion = data.User == "" || data.UserHMAC == "" || data.Version == ""
|
data.PublicVersion = data.User == "" || data.UserHMAC == "" || data.Version == ""
|
||||||
|
|
||||||
|
// let's see if the user already consented to the current version
|
||||||
|
if !data.PublicVersion {
|
||||||
|
res := &userapi.QueryPolicyVersionResponse{}
|
||||||
|
localPart, _, err := gomatrixserverlib.SplitID('@', data.User)
|
||||||
|
if err != nil {
|
||||||
|
logrus.WithError(err).Error("unable to print consent template")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if err = userAPI.QueryPolicyVersion(req.Context(), &userapi.QueryPolicyVersionRequest{
|
||||||
|
LocalPart: localPart,
|
||||||
|
}, res); err != nil {
|
||||||
|
logrus.WithError(err).Error("unable to print consent template")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
data.HasConsented = res.PolicyVersion == consentCfg.Version
|
||||||
|
}
|
||||||
|
|
||||||
err := consentCfg.Templates.ExecuteTemplate(writer, consentCfg.Version+".gohtml", data)
|
err := consentCfg.Templates.ExecuteTemplate(writer, consentCfg.Version+".gohtml", data)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logrus.WithError(err).Error("unable to print consent template")
|
logrus.WithError(err).Error("unable to print consent template")
|
||||||
|
return
|
||||||
}
|
}
|
||||||
case http.MethodPost:
|
case http.MethodPost:
|
||||||
|
localPart, _, err := gomatrixserverlib.SplitID('@', data.User)
|
||||||
|
if err != nil {
|
||||||
|
logrus.WithError(err).Error("unable to split username")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
ok, err := validHMAC(data.User, data.UserHMAC, consentCfg.FormSecret)
|
||||||
|
if err != nil || !ok {
|
||||||
|
writer.WriteHeader(http.StatusBadRequest)
|
||||||
|
_, err = writer.Write([]byte("invalid HMAC provided"))
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if err := userAPI.PerformUpdatePolicyVersion(
|
||||||
|
req.Context(),
|
||||||
|
&userapi.UpdatePolicyVersionRequest{
|
||||||
|
PolicyVersion: data.Version,
|
||||||
|
LocalPart: localPart,
|
||||||
|
},
|
||||||
|
&userapi.UpdatePolicyVersionResponse{},
|
||||||
|
); err != nil {
|
||||||
|
writer.WriteHeader(http.StatusInternalServerError)
|
||||||
|
_, err = writer.Write([]byte("unable to update database"))
|
||||||
|
if err != nil {
|
||||||
|
logrus.WithError(err).Error("unable to write to database")
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
// display the privacy policy without a form
|
||||||
|
data.PublicVersion = false
|
||||||
|
data.HasConsented = true
|
||||||
|
|
||||||
|
err = consentCfg.Templates.ExecuteTemplate(writer, consentCfg.Version+".gohtml", data)
|
||||||
|
if err != nil {
|
||||||
|
logrus.WithError(err).Error("unable to print consent template")
|
||||||
|
return
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func validHMAC(username, userHMAC, secret string) (bool, error) {
|
||||||
|
mac := hmac.New(sha256.New, []byte(secret))
|
||||||
|
_, err := mac.Write([]byte(username))
|
||||||
|
if err != nil {
|
||||||
|
return false, err
|
||||||
|
}
|
||||||
|
expectedMAC := mac.Sum(nil)
|
||||||
|
decoded, err := hex.DecodeString(userHMAC)
|
||||||
|
if err != nil {
|
||||||
|
return false, err
|
||||||
|
}
|
||||||
|
return hmac.Equal(decoded, expectedMAC), nil
|
||||||
|
}
|
||||||
|
|
48
clientapi/routing/consent_tracking_test.go
Normal file
48
clientapi/routing/consent_tracking_test.go
Normal file
|
@ -0,0 +1,48 @@
|
||||||
|
package routing
|
||||||
|
|
||||||
|
import "testing"
|
||||||
|
|
||||||
|
func Test_validHMAC(t *testing.T) {
|
||||||
|
type args struct {
|
||||||
|
username string
|
||||||
|
userHMAC string
|
||||||
|
secret string
|
||||||
|
}
|
||||||
|
tests := []struct {
|
||||||
|
name string
|
||||||
|
args args
|
||||||
|
want bool
|
||||||
|
wantErr bool
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
name: "invalid hmac",
|
||||||
|
args: args{},
|
||||||
|
wantErr: false,
|
||||||
|
want: false,
|
||||||
|
},
|
||||||
|
// $ echo -n '@alice:localhost' | openssl sha256 -hmac 'helloWorld' 27m ⚑ ◒ 15:35:54
|
||||||
|
//(stdin)= 121c9bab767ed87a3136db0c3002144dfe414720aa328d235199082e4757541e
|
||||||
|
//
|
||||||
|
{
|
||||||
|
name: "valid hmac",
|
||||||
|
args: args{
|
||||||
|
username: "@alice:localhost",
|
||||||
|
userHMAC: "121c9bab767ed87a3136db0c3002144dfe414720aa328d235199082e4757541e",
|
||||||
|
secret: "helloWorld",
|
||||||
|
},
|
||||||
|
want: true,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
for _, tt := range tests {
|
||||||
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
|
got, err := validHMAC(tt.args.username, tt.args.userHMAC, tt.args.secret)
|
||||||
|
if (err != nil) != tt.wantErr {
|
||||||
|
t.Errorf("validHMAC() error = %v, wantErr %v", err, tt.wantErr)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
if got != tt.want {
|
||||||
|
t.Errorf("validHMAC() got = %v, want %v", got, tt.want)
|
||||||
|
}
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in a new issue