Add key validity fetching to server key API (#1094)

* Add key validity checks

* Store fetched keys

* Don't double-cache key results

* Perform server key API operations using new context

* Revert "Perform server key API operations using new context"

This reverts commit 02172223f5.

* Perform server key API operations using new context
This commit is contained in:
Neil Alexander 2020-06-04 15:40:23 +01:00 committed by GitHub
parent f4c676ccdd
commit d785ad82b9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 31 additions and 18 deletions

View file

@ -4,6 +4,7 @@ import (
"context" "context"
"errors" "errors"
"net/http" "net/http"
"time"
"github.com/matrix-org/dendrite/internal/caching" "github.com/matrix-org/dendrite/internal/caching"
"github.com/matrix-org/gomatrixserverlib" "github.com/matrix-org/gomatrixserverlib"
@ -69,9 +70,12 @@ func (s *httpServerKeyInternalAPI) FetcherName() string {
} }
func (s *httpServerKeyInternalAPI) StoreKeys( func (s *httpServerKeyInternalAPI) StoreKeys(
ctx context.Context, _ context.Context,
results map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult, results map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult,
) error { ) error {
// Run in a background context - we don't want to stop this work just
// because the caller gives up waiting.
ctx := context.Background()
request := InputPublicKeysRequest{ request := InputPublicKeysRequest{
Keys: make(map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult), Keys: make(map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult),
} }
@ -84,9 +88,12 @@ func (s *httpServerKeyInternalAPI) StoreKeys(
} }
func (s *httpServerKeyInternalAPI) FetchKeys( func (s *httpServerKeyInternalAPI) FetchKeys(
ctx context.Context, _ context.Context,
requests map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.Timestamp, requests map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.Timestamp,
) (map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult, error) { ) (map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult, error) {
// Run in a background context - we don't want to stop this work just
// because the caller gives up waiting.
ctx := context.Background()
result := make(map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult) result := make(map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult)
request := QueryPublicKeysRequest{ request := QueryPublicKeysRequest{
Requests: make(map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.Timestamp), Requests: make(map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.Timestamp),
@ -94,8 +101,12 @@ func (s *httpServerKeyInternalAPI) FetchKeys(
response := QueryPublicKeysResponse{ response := QueryPublicKeysResponse{
Results: make(map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult), Results: make(map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult),
} }
now := gomatrixserverlib.AsTimestamp(time.Now())
for req, ts := range requests { for req, ts := range requests {
if res, ok := s.immutableCache.GetServerKey(req); ok { if res, ok := s.immutableCache.GetServerKey(req); ok {
if now > res.ValidUntilTS && res.ExpiredTS == gomatrixserverlib.PublicKeyNotExpired {
continue
}
result[req] = res result[req] = res
continue continue
} }

View file

@ -3,6 +3,7 @@ package internal
import ( import (
"context" "context"
"fmt" "fmt"
"time"
"github.com/matrix-org/dendrite/internal/caching" "github.com/matrix-org/dendrite/internal/caching"
"github.com/matrix-org/dendrite/serverkeyapi/api" "github.com/matrix-org/dendrite/serverkeyapi/api"
@ -24,25 +25,35 @@ func (s *ServerKeyAPI) KeyRing() *gomatrixserverlib.KeyRing {
} }
func (s *ServerKeyAPI) StoreKeys( func (s *ServerKeyAPI) StoreKeys(
ctx context.Context, _ context.Context,
results map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult, results map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult,
) error { ) error {
// Run in a background context - we don't want to stop this work just
// because the caller gives up waiting.
ctx := context.Background()
// Store any keys that we were given in our database. // Store any keys that we were given in our database.
return s.OurKeyRing.KeyDatabase.StoreKeys(ctx, results) return s.OurKeyRing.KeyDatabase.StoreKeys(ctx, results)
} }
func (s *ServerKeyAPI) FetchKeys( func (s *ServerKeyAPI) FetchKeys(
ctx context.Context, _ context.Context,
requests map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.Timestamp, requests map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.Timestamp,
) (map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult, error) { ) (map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult, error) {
// Run in a background context - we don't want to stop this work just
// because the caller gives up waiting.
ctx := context.Background()
results := map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult{} results := map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult{}
// First consult our local database and see if we have the requested // First consult our local database and see if we have the requested
// keys. These might come from a cache, depending on the database // keys. These might come from a cache, depending on the database
// implementation used. // implementation used.
now := gomatrixserverlib.AsTimestamp(time.Now())
if dbResults, err := s.OurKeyRing.KeyDatabase.FetchKeys(ctx, requests); err == nil { if dbResults, err := s.OurKeyRing.KeyDatabase.FetchKeys(ctx, requests); err == nil {
// We successfully got some keys. Add them to the results and // We successfully got some keys. Add them to the results and
// remove them from the request list. // remove them from the request list.
for req, res := range dbResults { for req, res := range dbResults {
if now > res.ValidUntilTS && res.ExpiredTS == gomatrixserverlib.PublicKeyNotExpired {
continue
}
results[req] = res results[req] = res
delete(requests, req) delete(requests, req)
} }
@ -61,6 +72,9 @@ func (s *ServerKeyAPI) FetchKeys(
results[req] = res results[req] = res
delete(requests, req) delete(requests, req)
} }
if err = s.OurKeyRing.KeyDatabase.StoreKeys(ctx, fetcherResults); err != nil {
return nil, fmt.Errorf("server key API failed to store retrieved keys: %w", err)
}
} }
} }
// If we failed to fetch any keys then we should report an error. // If we failed to fetch any keys then we should report an error.

View file

@ -14,28 +14,16 @@ import (
func (s *ServerKeyAPI) SetupHTTP(internalAPIMux *mux.Router) { func (s *ServerKeyAPI) SetupHTTP(internalAPIMux *mux.Router) {
internalAPIMux.Handle(api.ServerKeyQueryPublicKeyPath, internalAPIMux.Handle(api.ServerKeyQueryPublicKeyPath,
internal.MakeInternalAPI("queryPublicKeys", func(req *http.Request) util.JSONResponse { internal.MakeInternalAPI("queryPublicKeys", func(req *http.Request) util.JSONResponse {
result := map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.PublicKeyLookupResult{}
request := api.QueryPublicKeysRequest{} request := api.QueryPublicKeysRequest{}
response := api.QueryPublicKeysResponse{} response := api.QueryPublicKeysResponse{}
if err := json.NewDecoder(req.Body).Decode(&request); err != nil { if err := json.NewDecoder(req.Body).Decode(&request); err != nil {
return util.MessageResponse(http.StatusBadRequest, err.Error()) return util.MessageResponse(http.StatusBadRequest, err.Error())
} }
lookup := make(map[gomatrixserverlib.PublicKeyLookupRequest]gomatrixserverlib.Timestamp) keys, err := s.FetchKeys(req.Context(), request.Requests)
for req, timestamp := range request.Requests {
if res, ok := s.ImmutableCache.GetServerKey(req); ok {
result[req] = res
continue
}
lookup[req] = timestamp
}
keys, err := s.FetchKeys(req.Context(), lookup)
if err != nil { if err != nil {
return util.ErrorResponse(err) return util.ErrorResponse(err)
} }
for req, res := range keys { response.Results = keys
result[req] = res
}
response.Results = result
return util.JSONResponse{Code: http.StatusOK, JSON: &response} return util.JSONResponse{Code: http.StatusOK, JSON: &response}
}), }),
) )