Update cryptoids to match join & create changes

This commit is contained in:
Devon Hudson 2023-11-27 13:10:07 -07:00
parent b45e72830e
commit 1dc00f5fd2
No known key found for this signature in database
GPG key ID: CD06B18E77F6A628
7 changed files with 97 additions and 36 deletions

View file

@ -48,7 +48,7 @@ type createRoomRequest struct {
RoomVersion gomatrixserverlib.RoomVersion `json:"room_version"`
PowerLevelContentOverride json.RawMessage `json:"power_level_content_override"`
IsDirect bool `json:"is_direct"`
SenderID string `json:"sender_id"`
CryptoID string `json:"cryptoid"`
}
func (r createRoomRequest) Validate() *util.JSONResponse {
@ -225,7 +225,7 @@ func makeCreateRoomEvents(
PrivateKey: privateKey,
EventTime: evTime,
SenderID: createRequest.SenderID,
SenderID: createRequest.CryptoID,
}
createEvents, err := rsAPI.PerformCreateRoomCryptoIDs(ctx, *userID, *roomID, &req)

View file

@ -27,6 +27,7 @@ import (
"github.com/matrix-org/gomatrix"
"github.com/matrix-org/gomatrixserverlib/spec"
"github.com/matrix-org/util"
"github.com/sirupsen/logrus"
)
func JoinRoomByIDOrAlias(
@ -183,6 +184,17 @@ func JoinRoomByIDOrAliasCryptoIDs(
// event content.
_ = httputil.UnmarshalJSONRequest(req, &joinReq.Content)
if senderid, ok := joinReq.Content["cryptoid"]; ok {
logrus.Errorf("CryptoID: %s", senderid.(string))
joinReq.SenderID = spec.SenderID(senderid.(string))
} else {
return util.JSONResponse{
Code: http.StatusBadRequest,
JSON: spec.Unknown("Missing cryptoid in request body"),
}
}
delete(joinReq.Content, "cryptoid")
// Work out our localpart for the client profile request.
// Request our profile content to populate the request content with.

View file

@ -40,10 +40,15 @@ import (
"github.com/matrix-org/util"
)
type membershipCryptoIDsResponse struct {
PDU json.RawMessage `json:"pdu"`
}
func SendBan(
req *http.Request, profileAPI userapi.ClientUserAPI, device *userapi.Device,
roomID string, cfg *config.ClientAPI,
rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI,
cryptoIDs bool,
) util.JSONResponse {
body, evTime, reqErr := extractRequestData(req)
if reqErr != nil {
@ -96,13 +101,14 @@ func SendBan(
}
}
return sendMembership(req.Context(), profileAPI, device, roomID, spec.Ban, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI)
return sendMembership(req.Context(), profileAPI, device, roomID, spec.Ban, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI, cryptoIDs)
}
func sendMembership(ctx context.Context, profileAPI userapi.ClientUserAPI, device *userapi.Device,
roomID, membership, reason string, cfg *config.ClientAPI, targetUserID string, evTime time.Time,
rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI) util.JSONResponse {
rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI, cryptoIDs bool) util.JSONResponse {
// TODO: cryptoIDs - what about when we don't know the senderID for a user?
event, err := buildMembershipEvent(
ctx, targetUserID, reason, profileAPI, device, membership,
roomID, false, cfg, evTime, rsAPI, asAPI,
@ -115,6 +121,8 @@ func sendMembership(ctx context.Context, profileAPI userapi.ClientUserAPI, devic
}
}
var json interface{}
if !cryptoIDs {
serverName := device.UserDomain()
if err = roomserverAPI.SendEvents(
ctx, rsAPI,
@ -132,10 +140,14 @@ func sendMembership(ctx context.Context, profileAPI userapi.ClientUserAPI, devic
JSON: spec.InternalServerError{},
}
}
json = struct{}{}
} else {
json = membershipCryptoIDsResponse{PDU: event.JSON()}
}
return util.JSONResponse{
Code: http.StatusOK,
JSON: struct{}{},
JSON: json,
}
}
@ -143,6 +155,7 @@ func SendKick(
req *http.Request, profileAPI userapi.ClientUserAPI, device *userapi.Device,
roomID string, cfg *config.ClientAPI,
rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI,
cryptoIDs bool,
) util.JSONResponse {
body, evTime, reqErr := extractRequestData(req)
if reqErr != nil {
@ -217,13 +230,14 @@ func SendKick(
}
}
// TODO: should we be using SendLeave instead?
return sendMembership(req.Context(), profileAPI, device, roomID, spec.Leave, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI)
return sendMembership(req.Context(), profileAPI, device, roomID, spec.Leave, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI, cryptoIDs)
}
func SendUnban(
req *http.Request, profileAPI userapi.ClientUserAPI, device *userapi.Device,
roomID string, cfg *config.ClientAPI,
rsAPI roomserverAPI.ClientRoomserverAPI, asAPI appserviceAPI.AppServiceInternalAPI,
cryptoIDs bool,
) util.JSONResponse {
body, evTime, reqErr := extractRequestData(req)
if reqErr != nil {
@ -273,7 +287,7 @@ func SendUnban(
}
}
// TODO: should we be using SendLeave instead?
return sendMembership(req.Context(), profileAPI, device, roomID, spec.Leave, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI)
return sendMembership(req.Context(), profileAPI, device, roomID, spec.Leave, body.Reason, cfg, body.UserID, evTime, rsAPI, asAPI, cryptoIDs)
}
func SendInvite(

View file

@ -490,14 +490,22 @@ func Setup(
)
}),
).Methods(http.MethodPost, http.MethodOptions)
// TODO: update for cryptoIDs
v3mux.Handle("/rooms/{roomID}/ban",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil {
return util.ErrorResponse(err)
}
return SendBan(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI)
return SendBan(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, false)
}),
).Methods(http.MethodPost, http.MethodOptions)
unstableMux.Handle("/org.matrix.msc4080/rooms/{roomID}/ban",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil {
return util.ErrorResponse(err)
}
return SendBan(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, true)
}),
).Methods(http.MethodPost, http.MethodOptions)
v3mux.Handle("/rooms/{roomID}/invite",
@ -525,24 +533,40 @@ func Setup(
return SendInvite(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, true)
}),
).Methods(http.MethodPost, http.MethodOptions)
// TODO: update for cryptoIDs
v3mux.Handle("/rooms/{roomID}/kick",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil {
return util.ErrorResponse(err)
}
return SendKick(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI)
return SendKick(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, false)
}),
).Methods(http.MethodPost, http.MethodOptions)
unstableMux.Handle("/org.matrix.msc4080/rooms/{roomID}/kick",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil {
return util.ErrorResponse(err)
}
return SendKick(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, true)
}),
).Methods(http.MethodPost, http.MethodOptions)
// TODO: update for cryptoIDs
v3mux.Handle("/rooms/{roomID}/unban",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil {
return util.ErrorResponse(err)
}
return SendUnban(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI)
return SendUnban(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, false)
}),
).Methods(http.MethodPost, http.MethodOptions)
unstableMux.Handle("/org.matrix.msc4080/rooms/{roomID}/unban",
httputil.MakeAuthAPI("membership", userAPI, func(req *http.Request, device *userapi.Device) util.JSONResponse {
vars, err := httputil.URLDecodeMapValues(mux.Vars(req))
if err != nil {
return util.ErrorResponse(err)
}
return SendUnban(req, userAPI, device, vars["roomID"], cfg, rsAPI, asAPI, true)
}),
).Methods(http.MethodPost, http.MethodOptions)
v3mux.Handle("/rooms/{roomID}/send/{eventType}",

View file

@ -40,6 +40,7 @@ type PerformJoinRequest struct {
Content map[string]interface{} `json:"content"`
ServerNames []spec.ServerName `json:"server_names"`
Unsigned map[string]interface{} `json:"unsigned"`
SenderID spec.SenderID
}
type PerformJoinRequestCryptoIDs struct {

View file

@ -3,6 +3,7 @@ package internal
import (
"context"
"crypto/ed25519"
"fmt"
"github.com/getsentry/sentry-go"
"github.com/matrix-org/gomatrixserverlib"
@ -328,7 +329,7 @@ func (r *RoomserverInternalAPI) SigningIdentityFor(ctx context.Context, roomID s
roomVersion = roomInfo.RoomVersion
}
}
if roomVersion == gomatrixserverlib.RoomVersionPseudoIDs || roomVersion == gomatrixserverlib.RoomVersionCryptoIDs {
if roomVersion == gomatrixserverlib.RoomVersionPseudoIDs {
privKey, err := r.GetOrCreateUserRoomPrivateKey(ctx, senderID, roomID)
if err != nil {
return fclient.SigningIdentity{}, err
@ -339,6 +340,19 @@ func (r *RoomserverInternalAPI) SigningIdentityFor(ctx context.Context, roomID s
ServerName: spec.ServerName(spec.SenderIDFromPseudoIDKey(privKey)),
}, nil
}
if roomVersion == gomatrixserverlib.RoomVersionCryptoIDs {
sender, err := r.QuerySenderIDForUser(ctx, roomID, senderID)
if err != nil {
return fclient.SigningIdentity{}, err
} else if sender == nil {
return fclient.SigningIdentity{}, fmt.Errorf("no sender ID for %s in %s", senderID.String(), roomID.String())
}
return fclient.SigningIdentity{
PrivateKey: nil,
KeyID: "ed25519:1",
ServerName: spec.ServerName(*sender),
}, nil
}
identity, err := r.Cfg.Global.SigningIdentityFor(senderID.Domain())
if err != nil {
return fclient.SigningIdentity{}, err

View file

@ -571,6 +571,8 @@ func (r *Joiner) performJoinRoomByIDCryptoIDs(
return nil, "", "", "", rsAPI.ErrInvalidID{Err: fmt.Errorf("user ID %q is invalid: %w", req.UserID, err)}
}
//TODO: CryptoIDs - what is provided & calculated senderIDs don't match?
// Look up the room NID for the supplied room ID.
var senderID spec.SenderID
checkInvitePending := false
@ -583,13 +585,7 @@ func (r *Joiner) performJoinRoomByIDCryptoIDs(
checkInvitePending = true
}
if senderIDPtr == nil {
// create user room key if needed
key, keyErr := r.RSAPI.GetOrCreateUserRoomPrivateKey(ctx, *userID, *roomID)
if keyErr != nil {
util.GetLogger(ctx).WithError(keyErr).Error("GetOrCreateUserRoomPrivateKey failed")
return nil, "", "", "", fmt.Errorf("GetOrCreateUserRoomPrivateKey failed: %w", keyErr)
}
senderID = spec.SenderIDFromPseudoIDKey(key)
senderID = req.SenderID
} else {
senderID = *senderIDPtr
}