dendrite/clientapi/auth/password.go

// Copyright 2020 The Matrix.org Foundation C.I.C.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package auth

import (
	"context"
	"net/http"
	"strings"

	"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
	"github.com/matrix-org/dendrite/clientapi/httputil"
	"github.com/matrix-org/dendrite/clientapi/userutil"
	"github.com/matrix-org/dendrite/setup/config"
	"github.com/matrix-org/dendrite/userapi/api"
	"github.com/matrix-org/gomatrixserverlib/spec"
	"github.com/matrix-org/util"
)

type GetAccountByPassword func(ctx context.Context, req *api.QueryAccountByPasswordRequest, res *api.QueryAccountByPasswordResponse) error

type PasswordRequest struct {
	Login
	Password string `json:"password"`
}

// LoginTypePassword implements https://matrix.org/docs/spec/client_server/r0.6.1#password-based
type LoginTypePassword struct {
	GetAccountByPassword GetAccountByPassword
	Config               *config.ClientAPI
}

func (t *LoginTypePassword) Name() string {
	return authtypes.LoginTypePassword
}

func (t *LoginTypePassword) LoginFromJSON(ctx context.Context, reqBytes []byte) (*Login, LoginCleanupFunc, *util.JSONResponse) {
	var r PasswordRequest
	if err := httputil.UnmarshalJSON(reqBytes, &r); err != nil {
		return nil, nil, err
	}

	login, err := t.Login(ctx, &r)
	if err != nil {
		return nil, nil, err
	}

	return login, func(context.Context, *util.JSONResponse) {}, nil
}

func (t *LoginTypePassword) Login(ctx context.Context, req interface{}) (*Login, *util.JSONResponse) {
	r := req.(*PasswordRequest)
	username := r.Username()
	if username == "" {
		return nil, &util.JSONResponse{
			Code: http.StatusUnauthorized,
			JSON: spec.BadJSON("A username must be supplied."),
		}
	}
	if len(r.Password) == 0 {
		return nil, &util.JSONResponse{
			Code: http.StatusUnauthorized,
			JSON: spec.BadJSON("A password must be supplied."),
		}
	}
	localpart, domain, err := userutil.ParseUsernameParam(username, t.Config.Matrix)
	if err != nil {
		return nil, &util.JSONResponse{
			Code: http.StatusUnauthorized,
			JSON: spec.InvalidUsername(err.Error()),
		}
	}
	if !t.Config.Matrix.IsLocalServerName(domain) {
		return nil, &util.JSONResponse{
			Code: http.StatusUnauthorized,
			JSON: spec.InvalidUsername("The server name is not known."),
		}
	}
	// Squash username to all lowercase letters
	res := &api.QueryAccountByPasswordResponse{}
	err = t.GetAccountByPassword(ctx, &api.QueryAccountByPasswordRequest{
		Localpart:         strings.ToLower(localpart),
		ServerName:        domain,
		PlaintextPassword: r.Password,
	}, res)
	if err != nil {
		return nil, &util.JSONResponse{
			Code: http.StatusInternalServerError,
			JSON: spec.Unknown("Unable to fetch account by password."),
		}
	}

	// If we couldn't find the user by the lower cased localpart, try the provided
	// localpart as is.
	if !res.Exists {
		err = t.GetAccountByPassword(ctx, &api.QueryAccountByPasswordRequest{
			Localpart:         localpart,
			ServerName:        domain,
			PlaintextPassword: r.Password,
		}, res)
		if err != nil {
			return nil, &util.JSONResponse{
				Code: http.StatusInternalServerError,
				JSON: spec.Unknown("Unable to fetch account by password."),
			}
		}
		// Technically we could tell them if the user does not exist by checking if err == sql.ErrNoRows
		// but that would leak the existence of the user.
		if !res.Exists {
			return nil, &util.JSONResponse{
				Code: http.StatusForbidden,
				JSON: spec.Forbidden("The username or password was incorrect or the account does not exist."),
			}
		}
	}
	// Set the user, so login.Username() can do the right thing
	r.Identifier.User = res.Account.UserID
	r.User = res.Account.UserID
	return &r.Login, nil
}
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`// Copyright 2020 The Matrix.org Foundation C.I.C.`
			`//`
			`// Licensed under the Apache License, Version 2.0 (the "License");`
			`// you may not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing, software`
			`// distributed under the License is distributed on an "AS IS" BASIS,`
			`// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`// See the License for the specific language governing permissions and`
			`// limitations under the License.`

			`package auth`

			`import (`
			`"context"`
			`"net/http"`
Squash username to lowercase at login (#2065) Signed-off-by: Bernard Zhao <bernard.zhao.us@gmail.com> 2021-12-03 10:48:49 +01:00			`"strings"`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00
Support for `m.login.token` (#2014) * Add GOPATH to PATH in find-lint.sh. The user doesn't necessarily have it in PATH. * Refactor LoginTypePassword and Type to support m.login.token and m.login.sso. For login token: * m.login.token will require deleting the token after completeAuth has generated an access token, so a cleanup function is returned by Type.Login. * Allowing different login types will require parsing the /login body twice: first to extract the "type" and then the type-specific parsing. Thus, we will have to buffer the request JSON in /login, like UserInteractive already does. For SSO: * NewUserInteractive will have to also use GetAccountByLocalpart. It makes more sense to just pass a (narrowed-down) accountDB interface to it than adding more function pointers. Code quality: * Passing around (and down-casting) interface{} for login request types has drawbacks in terms of type-safety, and no inherent benefits. We always decode JSON anyway. Hence renaming to Type.LoginFromJSON. Code that directly uses LoginTypePassword with parsed data can still use Login. * Removed a TODO for SSO. This is already tracked in #1297. * httputil.UnmarshalJSON is useful because it returns a JSONResponse. This change is intended to have no functional changes. * Support login tokens in User API. This adds full lifecycle functions for login tokens: create, query, delete. * Support m.login.token in /login. * Fixes for PR review. * Set @matrix-org/dendrite-core as repository code owner * Return event NID from `StoreEvent`, match PSQL vs SQLite behaviour, tweak backfill persistence (#2071) Co-authored-by: kegsay <kegan@matrix.org> Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-02-10 11:27:26 +01:00			`"github.com/matrix-org/dendrite/clientapi/auth/authtypes"`
			`"github.com/matrix-org/dendrite/clientapi/httputil"`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`"github.com/matrix-org/dendrite/clientapi/userutil"`
Top-level setup package (#1605) * Move config, setup, mscs into "setup" top-level folder * oops, forgot the EDU server * Add setup * goimports 2020-12-02 18:41:00 +01:00			`"github.com/matrix-org/dendrite/setup/config"`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`"github.com/matrix-org/dendrite/userapi/api"`
Move json errors over to gmsl (#3080) 2023-05-10 00:46:49 +02:00			`"github.com/matrix-org/gomatrixserverlib/spec"`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`"github.com/matrix-org/util"`
			`)`

Refactor appservice & client API to use userapi internal (#2290) * Refactor user api internal * Refactor clientapi to use internal userapi * Use internal userapi instead of user DB directly * Remove AccountDB dependency * Fix linter issues Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-03-24 22:45:44 +01:00			`type GetAccountByPassword func(ctx context.Context, req api.QueryAccountByPasswordRequest, res api.QueryAccountByPasswordResponse) error`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00
			`type PasswordRequest struct {`
			`Login`
			Password string `json:"password"`
			`}`

			`// LoginTypePassword implements https://matrix.org/docs/spec/client_server/r0.6.1#password-based`
			`type LoginTypePassword struct {`
			`GetAccountByPassword GetAccountByPassword`
Configuration format v1 (#1230) * Initial pass at refactoring config (not finished) * Don't forget current state and EDU servers * More shifting around * Update server key API tests * Fix roomserver test * Fix more tests * Further tweaks * Fix current state server test (sort of) * Maybe fix appservices * Fix client API test * Include database connection string in database options * Fix sync API build * Update config test * Fix unit tests * Fix federation sender build * Fix gobind build * Set Listen address for all services in HTTP monolith mode * Validate config, reinstate appservice derived in directory, tweaks * Tweak federation API test * Set MaxOpenConnections/MaxIdleConnections to previous values * Update generate-config 2020-08-10 15:18:04 +02:00			`Config *config.ClientAPI`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`}`

			`func (t *LoginTypePassword) Name() string {`
Support for `m.login.token` (#2014) * Add GOPATH to PATH in find-lint.sh. The user doesn't necessarily have it in PATH. * Refactor LoginTypePassword and Type to support m.login.token and m.login.sso. For login token: * m.login.token will require deleting the token after completeAuth has generated an access token, so a cleanup function is returned by Type.Login. * Allowing different login types will require parsing the /login body twice: first to extract the "type" and then the type-specific parsing. Thus, we will have to buffer the request JSON in /login, like UserInteractive already does. For SSO: * NewUserInteractive will have to also use GetAccountByLocalpart. It makes more sense to just pass a (narrowed-down) accountDB interface to it than adding more function pointers. Code quality: * Passing around (and down-casting) interface{} for login request types has drawbacks in terms of type-safety, and no inherent benefits. We always decode JSON anyway. Hence renaming to Type.LoginFromJSON. Code that directly uses LoginTypePassword with parsed data can still use Login. * Removed a TODO for SSO. This is already tracked in #1297. * httputil.UnmarshalJSON is useful because it returns a JSONResponse. This change is intended to have no functional changes. * Support login tokens in User API. This adds full lifecycle functions for login tokens: create, query, delete. * Support m.login.token in /login. * Fixes for PR review. * Set @matrix-org/dendrite-core as repository code owner * Return event NID from `StoreEvent`, match PSQL vs SQLite behaviour, tweak backfill persistence (#2071) Co-authored-by: kegsay <kegan@matrix.org> Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-02-10 11:27:26 +01:00			`return authtypes.LoginTypePassword`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`}`

Support for `m.login.token` (#2014) * Add GOPATH to PATH in find-lint.sh. The user doesn't necessarily have it in PATH. * Refactor LoginTypePassword and Type to support m.login.token and m.login.sso. For login token: * m.login.token will require deleting the token after completeAuth has generated an access token, so a cleanup function is returned by Type.Login. * Allowing different login types will require parsing the /login body twice: first to extract the "type" and then the type-specific parsing. Thus, we will have to buffer the request JSON in /login, like UserInteractive already does. For SSO: * NewUserInteractive will have to also use GetAccountByLocalpart. It makes more sense to just pass a (narrowed-down) accountDB interface to it than adding more function pointers. Code quality: * Passing around (and down-casting) interface{} for login request types has drawbacks in terms of type-safety, and no inherent benefits. We always decode JSON anyway. Hence renaming to Type.LoginFromJSON. Code that directly uses LoginTypePassword with parsed data can still use Login. * Removed a TODO for SSO. This is already tracked in #1297. * httputil.UnmarshalJSON is useful because it returns a JSONResponse. This change is intended to have no functional changes. * Support login tokens in User API. This adds full lifecycle functions for login tokens: create, query, delete. * Support m.login.token in /login. * Fixes for PR review. * Set @matrix-org/dendrite-core as repository code owner * Return event NID from `StoreEvent`, match PSQL vs SQLite behaviour, tweak backfill persistence (#2071) Co-authored-by: kegsay <kegan@matrix.org> Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-02-10 11:27:26 +01:00			`func (t LoginTypePassword) LoginFromJSON(ctx context.Context, reqBytes []byte) (Login, LoginCleanupFunc, *util.JSONResponse) {`
			`var r PasswordRequest`
			`if err := httputil.UnmarshalJSON(reqBytes, &r); err != nil {`
			`return nil, nil, err`
			`}`

			`login, err := t.Login(ctx, &r)`
			`if err != nil {`
			`return nil, nil, err`
			`}`

			`return login, func(context.Context, *util.JSONResponse) {}, nil`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`}`

			`func (t LoginTypePassword) Login(ctx context.Context, req interface{}) (Login, *util.JSONResponse) {`
			`r := req.(*PasswordRequest)`
Virtual hosting schema and logic changes (#2876) Note that virtual users cannot federate correctly yet. 2022-11-11 17:41:37 +01:00			`username := r.Username()`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`if username == "" {`
			`return nil, &util.JSONResponse{`
			`Code: http.StatusUnauthorized,`
Move json errors over to gmsl (#3080) 2023-05-10 00:46:49 +02:00			`JSON: spec.BadJSON("A username must be supplied."),`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`}`
			`}`
Tweak `GetAccountByPassword` more 2022-10-10 12:14:16 +02:00			`if len(r.Password) == 0 {`
			`return nil, &util.JSONResponse{`
			`Code: http.StatusUnauthorized,`
Move json errors over to gmsl (#3080) 2023-05-10 00:46:49 +02:00			`JSON: spec.BadJSON("A password must be supplied."),`
Tweak `GetAccountByPassword` more 2022-10-10 12:14:16 +02:00			`}`
			`}`
Virtual hosting schema and logic changes (#2876) Note that virtual users cannot federate correctly yet. 2022-11-11 17:41:37 +01:00			`localpart, domain, err := userutil.ParseUsernameParam(username, t.Config.Matrix)`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`if err != nil {`
			`return nil, &util.JSONResponse{`
			`Code: http.StatusUnauthorized,`
Move json errors over to gmsl (#3080) 2023-05-10 00:46:49 +02:00			`JSON: spec.InvalidUsername(err.Error()),`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`}`
			`}`
Virtual hosting schema and logic changes (#2876) Note that virtual users cannot federate correctly yet. 2022-11-11 17:41:37 +01:00			`if !t.Config.Matrix.IsLocalServerName(domain) {`
			`return nil, &util.JSONResponse{`
			`Code: http.StatusUnauthorized,`
Move json errors over to gmsl (#3080) 2023-05-10 00:46:49 +02:00			`JSON: spec.InvalidUsername("The server name is not known."),`
Virtual hosting schema and logic changes (#2876) Note that virtual users cannot federate correctly yet. 2022-11-11 17:41:37 +01:00			`}`
			`}`
Allow uppercase username on login (#2126) * ADD jetstream folder to gitignore * CHANGE login to check on uppercase if lowercase not exists Co-authored-by: kegsay <kegan@matrix.org> 2022-01-31 14:44:52 +01:00			`// Squash username to all lowercase letters`
Refactor appservice & client API to use userapi internal (#2290) * Refactor user api internal * Refactor clientapi to use internal userapi * Use internal userapi instead of user DB directly * Remove AccountDB dependency * Fix linter issues Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-03-24 22:45:44 +01:00			`res := &api.QueryAccountByPasswordResponse{}`
Virtual hosting schema and logic changes (#2876) Note that virtual users cannot federate correctly yet. 2022-11-11 17:41:37 +01:00			`err = t.GetAccountByPassword(ctx, &api.QueryAccountByPasswordRequest{`
			`Localpart: strings.ToLower(localpart),`
			`ServerName: domain,`
			`PlaintextPassword: r.Password,`
			`}, res)`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`if err != nil {`
Refactor appservice & client API to use userapi internal (#2290) * Refactor user api internal * Refactor clientapi to use internal userapi * Use internal userapi instead of user DB directly * Remove AccountDB dependency * Fix linter issues Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-03-24 22:45:44 +01:00			`return nil, &util.JSONResponse{`
			`Code: http.StatusInternalServerError,`
Move json errors over to gmsl (#3080) 2023-05-10 00:46:49 +02:00			`JSON: spec.Unknown("Unable to fetch account by password."),`
Refactor appservice & client API to use userapi internal (#2290) * Refactor user api internal * Refactor clientapi to use internal userapi * Use internal userapi instead of user DB directly * Remove AccountDB dependency * Fix linter issues Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-03-24 22:45:44 +01:00			`}`
			`}`

Fix `/login` issue causing wrong device list updates (#2922) Fixes https://github.com/matrix-org/dendrite/issues/2914 and possibly https://github.com/matrix-org/dendrite/issues/2073? 2023-01-10 17:02:38 +01:00			`// If we couldn't find the user by the lower cased localpart, try the provided`
			`// localpart as is.`
Refactor appservice & client API to use userapi internal (#2290) * Refactor user api internal * Refactor clientapi to use internal userapi * Use internal userapi instead of user DB directly * Remove AccountDB dependency * Fix linter issues Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-03-24 22:45:44 +01:00			`if !res.Exists {`
			`err = t.GetAccountByPassword(ctx, &api.QueryAccountByPasswordRequest{`
			`Localpart: localpart,`
Virtual hosting schema and logic changes (#2876) Note that virtual users cannot federate correctly yet. 2022-11-11 17:41:37 +01:00			`ServerName: domain,`
Refactor appservice & client API to use userapi internal (#2290) * Refactor user api internal * Refactor clientapi to use internal userapi * Use internal userapi instead of user DB directly * Remove AccountDB dependency * Fix linter issues Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-03-24 22:45:44 +01:00			`PlaintextPassword: r.Password,`
			`}, res)`
			`if err != nil {`
			`return nil, &util.JSONResponse{`
			`Code: http.StatusInternalServerError,`
Move json errors over to gmsl (#3080) 2023-05-10 00:46:49 +02:00			`JSON: spec.Unknown("Unable to fetch account by password."),`
Allow uppercase username on login (#2126) * ADD jetstream folder to gitignore * CHANGE login to check on uppercase if lowercase not exists Co-authored-by: kegsay <kegan@matrix.org> 2022-01-31 14:44:52 +01:00			`}`
			`}`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`// Technically we could tell them if the user does not exist by checking if err == sql.ErrNoRows`
			`// but that would leak the existence of the user.`
Refactor appservice & client API to use userapi internal (#2290) * Refactor user api internal * Refactor clientapi to use internal userapi * Use internal userapi instead of user DB directly * Remove AccountDB dependency * Fix linter issues Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-03-24 22:45:44 +01:00			`if !res.Exists {`
			`return nil, &util.JSONResponse{`
			`Code: http.StatusForbidden,`
Move json errors over to gmsl (#3080) 2023-05-10 00:46:49 +02:00			`JSON: spec.Forbidden("The username or password was incorrect or the account does not exist."),`
Refactor appservice & client API to use userapi internal (#2290) * Refactor user api internal * Refactor clientapi to use internal userapi * Use internal userapi instead of user DB directly * Remove AccountDB dependency * Fix linter issues Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> 2022-03-24 22:45:44 +01:00			`}`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`}`
			`}`
Fix `/login` issue causing wrong device list updates (#2922) Fixes https://github.com/matrix-org/dendrite/issues/2914 and possibly https://github.com/matrix-org/dendrite/issues/2073? 2023-01-10 17:02:38 +01:00			`// Set the user, so login.Username() can do the right thing`
			`r.Identifier.User = res.Account.UserID`
			`r.User = res.Account.UserID`
Add User-Interactive Authentication (#1193) * Add User-Interactive Authentication And use it when deleting a device. With tests. * Make remaining sytest pass * Linting * 403 not 401 on wrong user/pass 2020-07-10 01:39:44 +02:00			`return &r.Login, nil`
			`}`