Update cryptoids to match join & create changes

This commit is contained in:
Devon Hudson 2023-11-27 13:10:07 -07:00
parent b45e72830e
commit 1dc00f5fd2
No known key found for this signature in database
GPG key ID: CD06B18E77F6A628
7 changed files with 97 additions and 36 deletions

View file

@ -48,7 +48,7 @@ type createRoomRequest struct {
RoomVersion gomatrixserverlib.RoomVersion `json:"room_version"` RoomVersion gomatrixserverlib.RoomVersion `json:"room_version"`
PowerLevelContentOverride json.RawMessage `json:"power_level_content_override"` PowerLevelContentOverride json.RawMessage `json:"power_level_content_override"`
IsDirect bool `json:"is_direct"` IsDirect bool `json:"is_direct"`
SenderID string `json:"sender_id"` CryptoID string `json:"cryptoid"`
} }
func (r createRoomRequest) Validate() *util.JSONResponse { func (r createRoomRequest) Validate() *util.JSONResponse {
@ -225,7 +225,7 @@ func makeCreateRoomEvents(
PrivateKey: privateKey, PrivateKey: privateKey,
EventTime: evTime, EventTime: evTime,
SenderID: createRequest.SenderID, SenderID: createRequest.CryptoID,
} }
createEvents, err := rsAPI.PerformCreateRoomCryptoIDs(ctx, *userID, *roomID, &req) createEvents, err := rsAPI.PerformCreateRoomCryptoIDs(ctx, *userID, *roomID, &req)

View file

@ -27,6 +27,7 @@ import (
"github.com/matrix-org/gomatrix" "github.com/matrix-org/gomatrix"
"github.com/matrix-org/gomatrixserverlib/spec" "github.com/matrix-org/gomatrixserverlib/spec"
"github.com/matrix-org/util" "github.com/matrix-org/util"
"github.com/sirupsen/logrus"
) )
func JoinRoomByIDOrAlias( func JoinRoomByIDOrAlias(
@ -183,6 +184,17 @@ func JoinRoomByIDOrAliasCryptoIDs(
// event content. // event content.
_ = httputil.UnmarshalJSONRequest(req, &joinReq.Content) _ = httputil.UnmarshalJSONRequest(req, &joinReq.Content)
if senderid, ok := joinReq.Content["cryptoid"]; ok {
logrus.Errorf("CryptoID: %s", senderid.(string))
joinReq.SenderID = spec.SenderID(senderid.(string))
} else {
return util.JSONResponse{
Code: http.StatusBadRequest,
JSON: spec.Unknown("Missing cryptoid in request body"),
}
}
delete(joinReq.Content, "cryptoid")
// Work out our localpart for the client profile request. // Work out our localpart for the client profile request.
// Request our profile content to populate the request content with. // Request our profile content to populate the request content with.

View file

@ -40,10 +40,15 @@ import (
"github.com/matrix-org/util" "github.com/matrix-org/util"
) )
type membershipCryptoIDsResponse struct {
PDU json.RawMessage `json:"pdu"`
}
func SendBan( func SendBan(
req *http.Request, profileAPI userapi.ClientUserAPI, device *userapi.Device, req *http.Request, profileAPI userapi.ClientUserAPI, device *userapi.Device,
roomID string, cfg *config.ClientAPI, roomID string, cfg *config.ClientAPI,
rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI, rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI,
cryptoIDs bool,
) util.JSONResponse { ) util.JSONResponse {
body, evTime, reqErr := extractRequestData(req) body, evTime, reqErr := extractRequestData(req)
if reqErr != nil { if reqErr != nil {
@ -96,13 +101,14 @@ func SendBan(
} }
} }
return sendMembership(req.Context(), profileAPI, device, roomID, spec.Ban, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI) return sendMembership(req.Context(), profileAPI, device, roomID, spec.Ban, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI, cryptoIDs)
} }
func sendMembership(ctx context.Context, profileAPI userapi.ClientUserAPI, device *userapi.Device, func sendMembership(ctx context.Context, profileAPI userapi.ClientUserAPI, device *userapi.Device,
roomID, membership, reason string, cfg *config.ClientAPI, targetUserID string, evTime time.Time, roomID, membership, reason string, cfg *config.ClientAPI, targetUserID string, evTime time.Time,
rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI) util.JSONResponse { rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI, cryptoIDs bool) util.JSONResponse {
// TODO: cryptoIDs - what about when we don't know the senderID for a user?
event, err := buildMembershipEvent( event, err := buildMembershipEvent(
ctx, targetUserID, reason, profileAPI, device, membership, ctx, targetUserID, reason, profileAPI, device, membership,
roomID, false, cfg, evTime, rsAPI, asAPI, roomID, false, cfg, evTime, rsAPI, asAPI,
@ -115,6 +121,8 @@ func sendMembership(ctx context.Context, profileAPI userapi.ClientUserAPI, devic
} }
} }
var json interface{}
if !cryptoIDs {
serverName := device.UserDomain() serverName := device.UserDomain()
if err = roomserverAPI.SendEvents( if err = roomserverAPI.SendEvents(
ctx, rsAPI, ctx, rsAPI,
@ -132,10 +140,14 @@ func sendMembership(ctx context.Context, profileAPI userapi.ClientUserAPI, devic
JSON: spec.InternalServerError{}, JSON: spec.InternalServerError{},
} }
} }
json = struct{}{}
} else {
json = membershipCryptoIDsResponse{PDU: event.JSON()}
}
return util.JSONResponse{ return util.JSONResponse{
Code: http.StatusOK, Code: http.StatusOK,
JSON: struct{}{}, JSON: json,
} }
} }
@ -143,6 +155,7 @@ func SendKick(
req *http.Request, profileAPI userapi.ClientUserAPI, device *userapi.Device, req *http.Request, profileAPI userapi.ClientUserAPI, device *userapi.Device,
roomID string, cfg *config.ClientAPI, roomID string, cfg *config.ClientAPI,
rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI, rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI,
cryptoIDs bool,
) util.JSONResponse { ) util.JSONResponse {
body, evTime, reqErr := extractRequestData(req) body, evTime, reqErr := extractRequestData(req)
if reqErr != nil { if reqErr != nil {
@ -217,13 +230,14 @@ func SendKick(
} }
} }
// TODO: should we be using SendLeave instead? // TODO: should we be using SendLeave instead?
return sendMembership(req.Context(), profileAPI, device, roomID, spec.Leave, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI) return sendMembership(req.Context(), profileAPI, device, roomID, spec.Leave, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI, cryptoIDs)
} }
func SendUnban( func SendUnban(
req *http.Request, profileAPI userapi.ClientUserAPI, device *userapi.Device, req *http.Request, profileAPI userapi.ClientUserAPI, device *userapi.Device,
roomID string, cfg *config.ClientAPI, roomID string, cfg *config.ClientAPI,
rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI, rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI,
cryptoIDs bool,
) util.JSONResponse { ) util.JSONResponse {
body, evTime, reqErr := extractRequestData(req) body, evTime, reqErr := extractRequestData(req)
if reqErr != nil { if reqErr != nil {
@ -273,7 +287,7 @@ func SendUnban(
} }
} }
// TODO: should we be using SendLeave instead? // TODO: should we be using SendLeave instead?
return sendMembership(req.Context(), profileAPI, device, roomID, spec.Leave, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI) return sendMembership(req.Context(), profileAPI, device, roomID, spec.Leave, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI, cryptoIDs)
} }
func SendInvite( func SendInvite(

View file

@ -490,14 +490,22 @@ func Setup(
) )
}), }),
).Methods(http.MethodPost, http.MethodOptions) ).Methods(http.MethodPost, http.MethodOptions)
// TODO: update for cryptoIDs
v3mux.Handle("/rooms/{roomID}/ban", v3mux.Handle("/rooms/{roomID}/ban",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse { httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req)) vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil { if err != nil {
return util.ErrorResponse(err) return util.ErrorResponse(err)
} }
return SendBan(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI) return SendBan(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, false)
}),
).Methods(http.MethodPost, http.MethodOptions)
unstableMux.Handle("/org.matrix.msc4080/rooms/{roomID}/ban",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil {
return util.ErrorResponse(err)
}
return SendBan(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, true)
}), }),
).Methods(http.MethodPost, http.MethodOptions) ).Methods(http.MethodPost, http.MethodOptions)
v3mux.Handle("/rooms/{roomID}/invite", v3mux.Handle("/rooms/{roomID}/invite",
@ -525,24 +533,40 @@ func Setup(
return SendInvite(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, true) return SendInvite(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, true)
}), }),
).Methods(http.MethodPost, http.MethodOptions) ).Methods(http.MethodPost, http.MethodOptions)
// TODO: update for cryptoIDs
v3mux.Handle("/rooms/{roomID}/kick", v3mux.Handle("/rooms/{roomID}/kick",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse { httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req)) vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil { if err != nil {
return util.ErrorResponse(err) return util.ErrorResponse(err)
} }
return SendKick(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI) return SendKick(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, false)
}),
).Methods(http.MethodPost, http.MethodOptions)
unstableMux.Handle("/org.matrix.msc4080/rooms/{roomID}/kick",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil {
return util.ErrorResponse(err)
}
return SendKick(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, true)
}), }),
).Methods(http.MethodPost, http.MethodOptions) ).Methods(http.MethodPost, http.MethodOptions)
// TODO: update for cryptoIDs
v3mux.Handle("/rooms/{roomID}/unban", v3mux.Handle("/rooms/{roomID}/unban",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse { httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req)) vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil { if err != nil {
return util.ErrorResponse(err) return util.ErrorResponse(err)
} }
return SendUnban(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI) return SendUnban(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, false)
}),
).Methods(http.MethodPost, http.MethodOptions)
unstableMux.Handle("/org.matrix.msc4080/rooms/{roomID}/unban",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil {
return util.ErrorResponse(err)
}
return SendUnban(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, true)
}), }),
).Methods(http.MethodPost, http.MethodOptions) ).Methods(http.MethodPost, http.MethodOptions)
v3mux.Handle("/rooms/{roomID}/send/{eventType}", v3mux.Handle("/rooms/{roomID}/send/{eventType}",

View file

@ -40,6 +40,7 @@ type PerformJoinRequest struct {
Content map[string]interface{} `json:"content"` Content map[string]interface{} `json:"content"`
ServerNames []spec.ServerName `json:"server_names"` ServerNames []spec.ServerName `json:"server_names"`
Unsigned map[string]interface{} `json:"unsigned"` Unsigned map[string]interface{} `json:"unsigned"`
SenderID spec.SenderID
} }
type PerformJoinRequestCryptoIDs struct { type PerformJoinRequestCryptoIDs struct {

View file

@ -3,6 +3,7 @@ package internal
import ( import (
"context" "context"
"crypto/ed25519" "crypto/ed25519"
"fmt"
"github.com/getsentry/sentry-go" "github.com/getsentry/sentry-go"
"github.com/matrix-org/gomatrixserverlib" "github.com/matrix-org/gomatrixserverlib"
@ -328,7 +329,7 @@ func (r *RoomserverInternalAPI) SigningIdentityFor(ctx context.Context, roomID s
roomVersion = roomInfo.RoomVersion roomVersion = roomInfo.RoomVersion
} }
} }
if roomVersion == gomatrixserverlib.RoomVersionPseudoIDs || roomVersion == gomatrixserverlib.RoomVersionCryptoIDs { if roomVersion == gomatrixserverlib.RoomVersionPseudoIDs {
privKey, err := r.GetOrCreateUserRoomPrivateKey(ctx, senderID, roomID) privKey, err := r.GetOrCreateUserRoomPrivateKey(ctx, senderID, roomID)
if err != nil { if err != nil {
return fclient.SigningIdentity{}, err return fclient.SigningIdentity{}, err
@ -339,6 +340,19 @@ func (r *RoomserverInternalAPI) SigningIdentityFor(ctx context.Context, roomID s
ServerName: spec.ServerName(spec.SenderIDFromPseudoIDKey(privKey)), ServerName: spec.ServerName(spec.SenderIDFromPseudoIDKey(privKey)),
}, nil }, nil
} }
if roomVersion == gomatrixserverlib.RoomVersionCryptoIDs {
sender, err := r.QuerySenderIDForUser(ctx, roomID, senderID)
if err != nil {
return fclient.SigningIdentity{}, err
} else if sender == nil {
return fclient.SigningIdentity{}, fmt.Errorf("no sender ID for %s in %s", senderID.String(), roomID.String())
}
return fclient.SigningIdentity{
PrivateKey: nil,
KeyID: "ed25519:1",
ServerName: spec.ServerName(*sender),
}, nil
}
identity, err := r.Cfg.Global.SigningIdentityFor(senderID.Domain()) identity, err := r.Cfg.Global.SigningIdentityFor(senderID.Domain())
if err != nil { if err != nil {
return fclient.SigningIdentity{}, err return fclient.SigningIdentity{}, err

View file

@ -571,6 +571,8 @@ func (r *Joiner) performJoinRoomByIDCryptoIDs(
return nil, "", "", "", rsAPI.ErrInvalidID{Err: fmt.Errorf("user ID %q is invalid: %w", req.UserID, err)} return nil, "", "", "", rsAPI.ErrInvalidID{Err: fmt.Errorf("user ID %q is invalid: %w", req.UserID, err)}
} }
//TODO: CryptoIDs - what is provided & calculated senderIDs don't match?
// Look up the room NID for the supplied room ID. // Look up the room NID for the supplied room ID.
var senderID spec.SenderID var senderID spec.SenderID
checkInvitePending := false checkInvitePending := false
@ -583,13 +585,7 @@ func (r *Joiner) performJoinRoomByIDCryptoIDs(
checkInvitePending = true checkInvitePending = true
} }
if senderIDPtr == nil { if senderIDPtr == nil {
// create user room key if needed senderID = req.SenderID
key, keyErr := r.RSAPI.GetOrCreateUserRoomPrivateKey(ctx, *userID, *roomID)
if keyErr != nil {
util.GetLogger(ctx).WithError(keyErr).Error("GetOrCreateUserRoomPrivateKey failed")
return nil, "", "", "", fmt.Errorf("GetOrCreateUserRoomPrivateKey failed: %w", keyErr)
}
senderID = spec.SenderIDFromPseudoIDKey(key)
} else { } else {
senderID = *senderIDPtr senderID = *senderIDPtr
} }