0
0
Fork 0
mirror of https://github.com/matrix-org/dendrite synced 2024-12-13 19:53:14 +01:00

Start implementing /join for room aliases for rooms the server is not in. (#115)

* Start implementing the join room API

* Hacks to get join room working

* Make the TLS fingerprint configurable

* Fix the client API proxy to handle '#' correctly

* Return a 200 OK response

* Write the join event along with current state to the room server

* Comment on the error handling

* Fix typos

* Fix tab

* Add TODO for moving authEventIDs to gomatrixserverlib

* Comment on why we ignore the key ID argument for local keys

* Avoid 'preceeded'

* Neaten the control flow

* Neaten the control flow even more

* Return pointers

* Rename err to lastErr for the loop
This commit is contained in:
Mark Haines 2017-05-25 16:08:28 +01:00 committed by GitHub
parent 445dce14ae
commit 84ad4ff9f6
15 changed files with 528 additions and 66 deletions

View file

@ -45,22 +45,61 @@ func NewRoomserverProducer(kafkaURIs []string, topic string) (*RoomserverProduce
func (c *RoomserverProducer) SendEvents(events []gomatrixserverlib.Event) error {
eventIDs := make([]string, len(events))
ires := make([]api.InputRoomEvent, len(events))
for i := range events {
var authEventIDs []string
for _, ref := range events[i].AuthEvents() {
authEventIDs = append(authEventIDs, ref.EventID)
}
ire := api.InputRoomEvent{
for i, event := range events {
ires[i] = api.InputRoomEvent{
Kind: api.KindNew,
Event: events[i].JSON(),
AuthEventIDs: authEventIDs,
Event: event.JSON(),
AuthEventIDs: authEventIDs(event),
}
ires[i] = ire
eventIDs[i] = events[i].EventID()
eventIDs[i] = event.EventID()
}
return c.SendInputRoomEvents(ires, eventIDs)
}
// SendEventWithState writes an event with KindNew to the roomserver input log
// with the state at the event as KindOutlier before it.
func (c *RoomserverProducer) SendEventWithState(state gomatrixserverlib.RespState, event gomatrixserverlib.Event) error {
outliers, err := state.Events()
if err != nil {
return err
}
eventIDs := make([]string, len(outliers)+1)
ires := make([]api.InputRoomEvent, len(outliers)+1)
for i, outlier := range outliers {
ires[i] = api.InputRoomEvent{
Kind: api.KindOutlier,
Event: outlier.JSON(),
AuthEventIDs: authEventIDs(outlier),
}
eventIDs[i] = outlier.EventID()
}
stateEventIDs := make([]string, len(state.StateEvents))
for i := range state.StateEvents {
stateEventIDs[i] = state.StateEvents[i].EventID()
}
ires[len(outliers)] = api.InputRoomEvent{
Kind: api.KindNew,
Event: event.JSON(),
AuthEventIDs: authEventIDs(event),
HasState: true,
StateEventIDs: stateEventIDs,
}
eventIDs[len(outliers)] = event.EventID()
return c.SendInputRoomEvents(ires, eventIDs)
}
// TODO Make this a method on gomatrixserverlib.Event
func authEventIDs(event gomatrixserverlib.Event) (ids []string) {
for _, ref := range event.AuthEvents() {
ids = append(ids, ref.EventID)
}
return
}
// SendInputRoomEvents writes the given input room events to the roomserver input log. The length of both
// arrays must match, and each element must correspond to the same event.
func (c *RoomserverProducer) SendInputRoomEvents(ires []api.InputRoomEvent, eventIDs []string) error {

View file

@ -28,6 +28,7 @@ import (
"github.com/matrix-org/dendrite/clientapi/writers"
"github.com/matrix-org/dendrite/common"
"github.com/matrix-org/dendrite/roomserver/api"
"github.com/matrix-org/gomatrixserverlib"
"github.com/matrix-org/util"
"github.com/prometheus/client_golang/prometheus"
)
@ -36,8 +37,14 @@ const pathPrefixR0 = "/_matrix/client/r0"
// Setup registers HTTP handlers with the given ServeMux. It also supplies the given http.Client
// to clients which need to make outbound HTTP requests.
func Setup(servMux *http.ServeMux, httpClient *http.Client, cfg config.ClientAPI, producer *producers.RoomserverProducer,
queryAPI api.RoomserverQueryAPI, accountDB *accounts.Database, deviceDB *devices.Database) {
func Setup(
servMux *http.ServeMux, httpClient *http.Client, cfg config.ClientAPI,
producer *producers.RoomserverProducer, queryAPI api.RoomserverQueryAPI,
accountDB *accounts.Database,
deviceDB *devices.Database,
federation *gomatrixserverlib.FederationClient,
keyRing gomatrixserverlib.KeyRing,
) {
apiMux := mux.NewRouter()
r0mux := apiMux.PathPrefix(pathPrefixR0).Subrouter()
r0mux.Handle("/createRoom",
@ -45,6 +52,14 @@ func Setup(servMux *http.ServeMux, httpClient *http.Client, cfg config.ClientAPI
return writers.CreateRoom(req, device, cfg, producer)
}),
)
r0mux.Handle("/join/{roomIDOrAlias}",
common.MakeAuthAPI("join", deviceDB, func(req *http.Request, device *authtypes.Device) util.JSONResponse {
vars := mux.Vars(req)
return writers.JoinRoomByIDOrAlias(
req, device, vars["roomIDOrAlias"], cfg, federation, producer, queryAPI, keyRing,
)
}),
)
r0mux.Handle("/rooms/{roomID}/send/{eventType}/{txnID}",
common.MakeAuthAPI("send_message", deviceDB, func(req *http.Request, device *authtypes.Device) util.JSONResponse {
vars := mux.Vars(req)

View file

@ -0,0 +1,263 @@
// Copyright 2017 Vector Creations Ltd
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package writers
import (
"fmt"
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
"github.com/matrix-org/dendrite/clientapi/config"
"github.com/matrix-org/dendrite/clientapi/httputil"
"github.com/matrix-org/dendrite/clientapi/jsonerror"
"github.com/matrix-org/dendrite/clientapi/producers"
"github.com/matrix-org/dendrite/roomserver/api"
"github.com/matrix-org/gomatrix"
"github.com/matrix-org/gomatrixserverlib"
"github.com/matrix-org/util"
"net/http"
"strings"
"time"
)
// JoinRoomByIDOrAlias implements the "/join/{roomIDOrAlias}" API.
// https://matrix.org/docs/spec/client_server/r0.2.0.html#post-matrix-client-r0-join-roomidoralias
func JoinRoomByIDOrAlias(
req *http.Request,
device *authtypes.Device,
roomIDOrAlias string,
cfg config.ClientAPI,
federation *gomatrixserverlib.FederationClient,
producer *producers.RoomserverProducer,
queryAPI api.RoomserverQueryAPI,
keyRing gomatrixserverlib.KeyRing,
) util.JSONResponse {
var content map[string]interface{} // must be a JSON object
if resErr := httputil.UnmarshalJSONRequest(req, &content); resErr != nil {
return *resErr
}
content["membership"] = "join"
r := joinRoomReq{req, content, device.UserID, cfg, federation, producer, queryAPI, keyRing}
if strings.HasPrefix(roomIDOrAlias, "!") {
return r.joinRoomByID()
}
if strings.HasPrefix(roomIDOrAlias, "#") {
return r.joinRoomByAlias(roomIDOrAlias)
}
return util.JSONResponse{
Code: 400,
JSON: jsonerror.BadJSON("Invalid first character for room ID or alias"),
}
}
type joinRoomReq struct {
req *http.Request
content map[string]interface{}
userID string
cfg config.ClientAPI
federation *gomatrixserverlib.FederationClient
producer *producers.RoomserverProducer
queryAPI api.RoomserverQueryAPI
keyRing gomatrixserverlib.KeyRing
}
// joinRoomByID joins a room by room ID
func (r joinRoomReq) joinRoomByID() util.JSONResponse {
// TODO: Implement joining rooms by ID.
// A client should only join a room by room ID when it has an invite
// to the room. If the server is already in the room then we can
// lookup the invite and process the request as a normal state event.
// If the server is not in the room the we will need to look up the
// remote server the invite came from in order to request a join event
// from that server.
panic(fmt.Errorf("Joining rooms by ID is not implemented"))
}
// joinRoomByAlias joins a room using a room alias.
func (r joinRoomReq) joinRoomByAlias(roomAlias string) util.JSONResponse {
domain, err := domainFromID(roomAlias)
if err != nil {
return util.JSONResponse{
Code: 400,
JSON: jsonerror.BadJSON("Room alias must be in the form '#localpart:domain'"),
}
}
if domain == r.cfg.ServerName {
// TODO: Implement joining local room aliases.
panic(fmt.Errorf("Joining local room aliases is not implemented"))
} else {
return r.joinRoomByRemoteAlias(domain, roomAlias)
}
}
func (r joinRoomReq) joinRoomByRemoteAlias(
domain gomatrixserverlib.ServerName, roomAlias string,
) util.JSONResponse {
resp, err := r.federation.LookupRoomAlias(domain, roomAlias)
if err != nil {
switch x := err.(type) {
case gomatrix.HTTPError:
if x.Code == 404 {
return util.JSONResponse{
Code: 404,
JSON: jsonerror.NotFound("Room alias not found"),
}
}
}
return httputil.LogThenError(r.req, err)
}
return r.joinRoomUsingServers(resp.RoomID, resp.Servers)
}
func (r joinRoomReq) writeToBuilder(eb *gomatrixserverlib.EventBuilder, roomID string) {
eb.Type = "m.room.member"
eb.SetContent(r.content) // TODO: Set avatar_url / displayname
eb.SetUnsigned(struct{}{})
eb.Sender = r.userID
eb.StateKey = &r.userID
eb.RoomID = roomID
eb.Redacts = ""
}
func (r joinRoomReq) joinRoomUsingServers(
roomID string, servers []gomatrixserverlib.ServerName,
) util.JSONResponse {
var eb gomatrixserverlib.EventBuilder
r.writeToBuilder(&eb, roomID)
needed, err := gomatrixserverlib.StateNeededForEventBuilder(&eb)
if err != nil {
return httputil.LogThenError(r.req, err)
}
// Ask the roomserver for information about this room
queryReq := api.QueryLatestEventsAndStateRequest{
RoomID: roomID,
StateToFetch: needed.Tuples(),
}
var queryRes api.QueryLatestEventsAndStateResponse
if queryErr := r.queryAPI.QueryLatestEventsAndState(&queryReq, &queryRes); queryErr != nil {
return httputil.LogThenError(r.req, queryErr)
}
if queryRes.RoomExists {
// TODO: Implement joining rooms that already the server is already in.
// This should just fall through to the usual event sending code.
panic(fmt.Errorf("Joining rooms that the server already in is not implemented"))
}
if len(servers) == 0 {
return util.JSONResponse{
Code: 404,
JSON: jsonerror.NotFound("No candidate servers found for room"),
}
}
var lastErr error
for _, server := range servers {
var response *util.JSONResponse
response, lastErr = r.joinRoomUsingServer(roomID, server)
if lastErr != nil {
// There was a problem talking to one of the servers.
util.GetLogger(r.req.Context()).WithError(lastErr).WithField("server", server).Warn("Failed to join room using server")
// Try the next server.
continue
}
return *response
}
// Every server we tried to join through resulted in an error.
// We return the error from the last server.
// TODO: Generate the correct HTTP status code for all different
// kinds of errors that could have happened.
// The possible errors include:
// 1) We can't connect to the remote servers.
// 2) None of the servers we could connect to think we are allowed
// to join the room.
// 3) The remote server returned something invalid.
// 4) We couldn't fetch the public keys needed to verify the
// signatures on the state events.
// 5) ...
return httputil.LogThenError(r.req, lastErr)
}
// joinRoomUsingServer tries to join a remote room using a given matrix server.
// If there was a failure communicating with the server or the response from the
// server was invalid this returns an error.
// Otherwise this returns a JSONResponse.
func (r joinRoomReq) joinRoomUsingServer(roomID string, server gomatrixserverlib.ServerName) (*util.JSONResponse, error) {
respMakeJoin, err := r.federation.MakeJoin(server, roomID, r.userID)
if err != nil {
// TODO: Check if the user was not allowed to join the room.
return nil, err
}
// Set all the fields to be what they should be, this should be a no-op
// but it's possible that the remote server returned us something "odd"
r.writeToBuilder(&respMakeJoin.JoinEvent, roomID)
now := time.Now()
eventID := fmt.Sprintf("$%s:%s", util.RandomString(16), r.cfg.ServerName)
event, err := respMakeJoin.JoinEvent.Build(
eventID, now, r.cfg.ServerName, r.cfg.KeyID, r.cfg.PrivateKey,
)
if err != nil {
res := httputil.LogThenError(r.req, err)
return &res, nil
}
respSendJoin, err := r.federation.SendJoin(server, event)
if err != nil {
return nil, err
}
if err = respSendJoin.Check(r.keyRing, event); err != nil {
return nil, err
}
if err = r.producer.SendEventWithState(
gomatrixserverlib.RespState(respSendJoin), event,
); err != nil {
res := httputil.LogThenError(r.req, err)
return &res, nil
}
return &util.JSONResponse{
Code: 200,
// TODO: Put the response struct somewhere common.
JSON: struct {
RoomID string `json:"room_id"`
}{roomID},
}, nil
}
// domainFromID returns everything after the first ":" character to extract
// the domain part of a matrix ID.
// TODO: duplicated from gomatrixserverlib.
func domainFromID(id string) (gomatrixserverlib.ServerName, error) {
// IDs have the format: SIGIL LOCALPART ":" DOMAIN
// Split on the first ":" character since the domain can contain ":"
// characters.
parts := strings.SplitN(id, ":", 2)
if len(parts) != 2 {
// The ID must have a ":" character.
return "", fmt.Errorf("invalid ID: %q", id)
}
// Return everything after the first ":" character.
return gomatrixserverlib.ServerName(parts[1]), nil
}

View file

@ -76,7 +76,11 @@ func makeProxy(targetURL string) (*httputil.ReverseProxy, error) {
"url": targetURL,
"method": req.Method,
}).Print("proxying request")
newURL, err := url.Parse(targetURL + path)
newURL, err := url.Parse(targetURL)
// Set the path separately as we need to preserve '#' characters
// that would otherwise be interpreted as being the start of a URL
// fragment.
newURL.Path += path
if err != nil {
// We already checked that we can parse the URL
// So this shouldn't ever get hit.

View file

@ -26,6 +26,7 @@ import (
"github.com/matrix-org/dendrite/clientapi/routing"
"github.com/matrix-org/dendrite/common"
"github.com/matrix-org/dendrite/roomserver/api"
"github.com/matrix-org/gomatrixserverlib"
log "github.com/Sirupsen/logrus"
@ -81,6 +82,8 @@ func main() {
log.Panicf("Failed to setup kafka producers(%s): %s", cfg.KafkaProducerURIs, err)
}
federation := gomatrixserverlib.NewFederationClient(cfg.ServerName, cfg.KeyID, cfg.PrivateKey)
queryAPI := api.NewRoomserverQueryAPIHTTP(cfg.RoomserverURL, nil)
accountDB, err := accounts.NewDatabase(accountDataSource, serverName)
if err != nil {
@ -91,6 +94,32 @@ func main() {
log.Panicf("Failed to setup device database(%s): %s", accountDataSource, err.Error())
}
routing.Setup(http.DefaultServeMux, http.DefaultClient, cfg, roomserverProducer, queryAPI, accountDB, deviceDB)
keyRing := gomatrixserverlib.KeyRing{
KeyFetchers: []gomatrixserverlib.KeyFetcher{
// TODO: Use perspective key fetchers for production.
&gomatrixserverlib.DirectKeyFetcher{federation.Client},
},
KeyDatabase: &dummyKeyDatabase{},
}
routing.Setup(
http.DefaultServeMux, http.DefaultClient, cfg, roomserverProducer,
queryAPI, accountDB, deviceDB, federation, keyRing,
)
log.Fatal(http.ListenAndServe(bindAddr, nil))
}
// TODO: Implement a proper key database.
type dummyKeyDatabase struct{}
func (d *dummyKeyDatabase) FetchKeys(
requests map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.Timestamp,
) (map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.ServerKeys, error) {
return nil, nil
}
func (d *dummyKeyDatabase) StoreKeys(
map[gomatrixserverlib.PublicKeyRequest]gomatrixserverlib.ServerKeys,
) error {
return nil
}

View file

@ -15,6 +15,7 @@
package main
import (
"encoding/base64"
"net/http"
"os"
"time"
@ -32,6 +33,14 @@ var (
logDir = os.Getenv("LOG_DIR")
serverName = gomatrixserverlib.ServerName(os.Getenv("SERVER_NAME"))
serverKey = os.Getenv("SERVER_KEY")
// Base64 encoded SHA256 TLS fingerprint of the X509 certificate used by
// the public federation listener for this server.
// Can be generated from a PEM certificate called "server.crt" using:
//
// openssl x509 -noout -fingerprint -sha256 -inform pem -in server.crt |\
// python -c 'print raw_input()[19:].replace(":","").decode("hex").encode("base64").rstrip("=\n")'
//
tlsFingerprint = os.Getenv("TLS_FINGERPRINT")
)
func main() {
@ -44,6 +53,10 @@ func main() {
serverName = "localhost"
}
if tlsFingerprint == "" {
log.Panic("No TLS_FINGERPRINT environment variable found.")
}
cfg := config.FederationAPI{
ServerName: serverName,
// TODO: make the validity period configurable.
@ -56,6 +69,12 @@ func main() {
log.Panicf("Failed to load private key: %s", err)
}
var fingerprintSHA256 []byte
if fingerprintSHA256, err = base64.RawStdEncoding.DecodeString(tlsFingerprint); err != nil {
log.Panicf("Failed to load TLS fingerprint: %s", err)
}
cfg.TLSFingerPrints = []gomatrixserverlib.TLSFingerprint{{fingerprintSHA256}}
routing.Setup(http.DefaultServeMux, cfg)
log.Fatal(http.ListenAndServe(bindAddr, nil))
}

View file

@ -24,7 +24,7 @@ import (
)
const (
pathPrefixV2Keys = "/_matrix/keys/v2"
pathPrefixV2Keys = "/_matrix/key/v2"
)
// Setup registers HTTP handlers with the given ServeMux.
@ -32,11 +32,16 @@ func Setup(servMux *http.ServeMux, cfg config.FederationAPI) {
apiMux := mux.NewRouter()
v2keysmux := apiMux.PathPrefix(pathPrefixV2Keys).Subrouter()
v2keysmux.Handle("/server/",
makeAPI("localkeys", func(req *http.Request) util.JSONResponse {
return readers.LocalKeys(req, cfg)
}),
)
localKeys := makeAPI("localkeys", func(req *http.Request) util.JSONResponse {
return readers.LocalKeys(req, cfg)
})
// Ignore the {keyID} argument as we only have a single server key so we always
// return that key.
// Even if we had more than one server key, we would probably still ignore the
// {keyID} argument and always return a response containing all of the keys.
v2keysmux.Handle("/server/{keyID}", localKeys)
v2keysmux.Handle("/server/", localKeys)
servMux.Handle("/metrics", prometheus.Handler())
servMux.Handle("/api/", http.StripPrefix("/api", apiMux))

2
vendor/manifest vendored
View file

@ -98,7 +98,7 @@
{
"importpath": "github.com/matrix-org/gomatrixserverlib",
"repository": "https://github.com/matrix-org/gomatrixserverlib",
"revision": "9cefcd6c3a00bff51e719a33e19a16edf52cdd6f",
"revision": "c396ef3cc1e546729f7052f1f48e345cc59269f4",
"branch": "master"
},
{

View file

@ -386,7 +386,7 @@ func (e Event) CheckFields() error {
// are allowed to have a different sender because they have the same
// sender as the "m.room.third_party_invite" event they derived from.
// https://github.com/matrix-org/synapse/blob/v0.21.0/synapse/event_auth.py#L58-L64
if e.fields.Type != "m.room.member" {
if e.fields.Type != MRoomMember {
return fmt.Errorf(
"gomatrixserverlib: sender domain doesn't match origin: %q != %q",
eventDomain, e.fields.Origin,

View file

@ -28,6 +28,22 @@ const (
leave = "leave"
invite = "invite"
public = "public"
// MRoomCreate https://matrix.org/docs/spec/client_server/r0.2.0.html#m-room-create
MRoomCreate = "m.room.create"
// MRoomJoinRules https://matrix.org/docs/spec/client_server/r0.2.0.html#m-room-join-rules
MRoomJoinRules = "m.room.join_rules"
// MRoomPowerLevels https://matrix.org/docs/spec/client_server/r0.2.0.html#m-room-power-levels
MRoomPowerLevels = "m.room.power_levels"
// MRoomMember https://matrix.org/docs/spec/client_server/r0.2.0.html#m-room-member
MRoomMember = "m.room.member"
// MRoomThirdPartyInvite https://matrix.org/docs/spec/client_server/r0.2.0.html#m-room-third-party-invite
MRoomThirdPartyInvite = "m.room.third_party_invite"
// MRoomAliases https://matrix.org/docs/spec/client_server/r0.2.0.html#m-room-aliases
MRoomAliases = "m.room.aliases"
// MRoomHistoryVisibility https://matrix.org/docs/spec/client_server/r0.2.0.html#m-room-history-visibility
MRoomHistoryVisibility = "m.room.history_visibility"
// MRoomRedaction https://matrix.org/docs/spec/client_server/r0.2.0.html#id21
MRoomRedaction = "m.room.redaction"
)
// StateNeeded lists the event types and state_keys needed to authenticate an event.
@ -47,19 +63,19 @@ type StateNeeded struct {
// Tuples returns the needed state key tuples for performing auth on an event.
func (s StateNeeded) Tuples() (res []StateKeyTuple) {
if s.Create {
res = append(res, StateKeyTuple{"m.room.create", ""})
res = append(res, StateKeyTuple{MRoomCreate, ""})
}
if s.JoinRules {
res = append(res, StateKeyTuple{"m.room.join_rules", ""})
res = append(res, StateKeyTuple{MRoomJoinRules, ""})
}
if s.PowerLevels {
res = append(res, StateKeyTuple{"m.room.power_levels", ""})
res = append(res, StateKeyTuple{MRoomPowerLevels, ""})
}
for _, userID := range s.Member {
res = append(res, StateKeyTuple{"m.room.member", userID})
res = append(res, StateKeyTuple{MRoomMember, userID})
}
for _, token := range s.ThirdPartyInvite {
res = append(res, StateKeyTuple{"m.room.third_party_invite", token})
res = append(res, StateKeyTuple{MRoomThirdPartyInvite, token})
}
return
}
@ -114,7 +130,7 @@ func (s StateNeeded) AuthEventReferences(provider AuthEventProvider) (refs []Eve
func StateNeededForEventBuilder(builder *EventBuilder) (result StateNeeded, err error) {
// Extract the 'content' object from the event if it is m.room.member as we need to know 'membership'
var content *memberContent
if builder.Type == "m.room.member" {
if builder.Type == MRoomMember {
if err = json.Unmarshal(builder.Content, &content); err != nil {
err = errorf("unparsable member event content: %s", err.Error())
return
@ -132,7 +148,7 @@ func StateNeededForAuth(events []Event) (result StateNeeded) {
for _, event := range events {
// Extract the 'content' object from the event if it is m.room.member as we need to know 'membership'
var content *memberContent
if event.Type() == "m.room.member" {
if event.Type() == MRoomMember {
c, err := newMemberContentFromEvent(event)
if err == nil {
content = &c
@ -151,17 +167,17 @@ func StateNeededForAuth(events []Event) (result StateNeeded) {
func accumulateStateNeeded(result *StateNeeded, eventType, sender string, stateKey *string, content *memberContent) (err error) {
switch eventType {
case "m.room.create":
case MRoomCreate:
// The create event doesn't require any state to authenticate.
// https://github.com/matrix-org/synapse/blob/v0.18.5/synapse/api/auth.py#L123
case "m.room.aliases":
case MRoomAliases:
// Alias events need:
// * The create event.
// https://github.com/matrix-org/synapse/blob/v0.18.5/synapse/api/auth.py#L128
// Alias events need no further authentication.
// https://github.com/matrix-org/synapse/blob/v0.18.5/synapse/api/auth.py#L160
result.Create = true
case "m.room.member":
case MRoomMember:
// Member events need:
// * The previous membership of the target.
// https://github.com/matrix-org/synapse/blob/v0.18.5/synapse/api/auth.py#L355
@ -255,27 +271,27 @@ func (a *AuthEvents) AddEvent(event *Event) error {
// Create implements AuthEventProvider
func (a *AuthEvents) Create() (*Event, error) {
return a.events[StateKeyTuple{"m.room.create", ""}], nil
return a.events[StateKeyTuple{MRoomCreate, ""}], nil
}
// JoinRules implements AuthEventProvider
func (a *AuthEvents) JoinRules() (*Event, error) {
return a.events[StateKeyTuple{"m.room.join_rules", ""}], nil
return a.events[StateKeyTuple{MRoomJoinRules, ""}], nil
}
// PowerLevels implements AuthEventProvider
func (a *AuthEvents) PowerLevels() (*Event, error) {
return a.events[StateKeyTuple{"m.room.power_levels", ""}], nil
return a.events[StateKeyTuple{MRoomPowerLevels, ""}], nil
}
// Member implements AuthEventProvider
func (a *AuthEvents) Member(stateKey string) (*Event, error) {
return a.events[StateKeyTuple{"m.room.member", stateKey}], nil
return a.events[StateKeyTuple{MRoomMember, stateKey}], nil
}
// ThirdPartyInvite implements AuthEventProvider
func (a *AuthEvents) ThirdPartyInvite(stateKey string) (*Event, error) {
return a.events[StateKeyTuple{"m.room.third_party_invite", stateKey}], nil
return a.events[StateKeyTuple{MRoomThirdPartyInvite, stateKey}], nil
}
// NewAuthEvents returns an AuthEventProvider backed by the given events. New events can be added by
@ -306,15 +322,15 @@ func errorf(message string, args ...interface{}) error {
// If there was an error loading the auth events then it returns that error.
func Allowed(event Event, authEvents AuthEventProvider) error {
switch event.Type() {
case "m.room.create":
case MRoomCreate:
return createEventAllowed(event)
case "m.room.aliases":
case MRoomAliases:
return aliasEventAllowed(event, authEvents)
case "m.room.member":
case MRoomMember:
return memberEventAllowed(event, authEvents)
case "m.room.power_levels":
case MRoomPowerLevels:
return powerLevelsEventAllowed(event, authEvents)
case "m.room.redaction":
case MRoomRedaction:
return redactEventAllowed(event, authEvents)
default:
return defaultEventAllowed(event, authEvents)

View file

@ -191,7 +191,7 @@ func (c *powerLevelContent) userLevel(userID string) int64 {
// eventLevel returns the power level needed to send an event in the room.
func (c *powerLevelContent) eventLevel(eventType string, isState bool) int64 {
if eventType == "m.room.third_party_invite" {
if eventType == MRoomThirdPartyInvite {
// Special case third_party_invite events to have the same level as
// m.room.member invite events.
// https://github.com/matrix-org/synapse/blob/v0.18.5/synapse/api/auth.py#L182

View file

@ -201,9 +201,9 @@ func VerifyEventSignatures(events []Event, keyRing KeyRing) error {
}
toVerify = append(toVerify, v)
// "m.room.member" invite events are signed by both the server sending
// MRoomMember invite events are signed by both the server sending
// the invite and the server the invite is for.
if event.Type() == "m.room.member" && event.StateKey() != nil {
if event.Type() == MRoomMember && event.StateKey() != nil {
targetDomain, err := domainFromID(*event.StateKey())
if err != nil {
return err

View file

@ -34,6 +34,78 @@ type RespState struct {
AuthEvents []Event `json:"auth_chain"`
}
// Events combines the auth events and the state events and returns
// them in an order where every event comes after its auth events.
// Each event will only appear once in the output list.
// Returns an error if there are missing auth events or if there is
// a cycle in the auth events.
func (r RespState) Events() ([]Event, error) {
eventsByID := map[string]*Event{}
// Collect a map of event reference to event
for i := range r.StateEvents {
eventsByID[r.StateEvents[i].EventID()] = &r.StateEvents[i]
}
for i := range r.AuthEvents {
eventsByID[r.AuthEvents[i].EventID()] = &r.AuthEvents[i]
}
queued := map[*Event]bool{}
outputted := map[*Event]bool{}
var result []Event
for _, event := range eventsByID {
if outputted[event] {
// If we've already written the event then we can skip it.
continue
}
// The code below does a depth first scan through the auth events
// looking for events that can be appended to the output.
// We use an explicit stack rather than using recursion so
// that we can check we aren't creating cycles.
stack := []*Event{event}
LoopProcessTopOfStack:
for len(stack) > 0 {
top := stack[len(stack)-1]
// Check if we can output the top of the stack.
// We can output it if we have outputted all of its auth_events.
for _, ref := range top.AuthEvents() {
authEvent := eventsByID[ref.EventID]
if authEvent == nil {
return nil, fmt.Errorf(
"gomatrixserverlib: missing auth event with ID %q for event %q",
ref.EventID, top.EventID(),
)
}
if outputted[authEvent] {
continue
}
if queued[authEvent] {
return nil, fmt.Errorf(
"gomatrixserverlib: auth event cycle for ID %q",
ref.EventID,
)
}
// If we haven't visited the auth event yet then we need to
// process it before processing the event currently on top of
// the stack.
stack = append(stack, authEvent)
queued[authEvent] = true
continue LoopProcessTopOfStack
}
// If we've processed all the auth events for the event on top of
// the stack then we can append it to the result and try processing
// the item below it in the stack.
result = append(result, *top)
outputted[top] = true
stack = stack[:len(stack)-1]
}
}
return result, nil
}
// Check that a response to /state is valid.
func (r RespState) Check(keyRing KeyRing) error {
var allEvents []Event

View file

@ -140,17 +140,17 @@ func redactEvent(eventJSON []byte) ([]byte, error) {
// Copy the content fields that we should keep for the event type.
// By default we copy nothing leaving the content object empty.
switch event.Type {
case "m.room.create":
case MRoomCreate:
newContent.createContent = event.Content.createContent
case "m.room.member":
case MRoomMember:
newContent.memberContent = event.Content.memberContent
case "m.room.join_rules":
case MRoomJoinRules:
newContent.joinRulesContent = event.Content.joinRulesContent
case "m.room.power_levels":
case MRoomPowerLevels:
newContent.powerLevelContent = event.Content.powerLevelContent
case "m.room.history_visibility":
case MRoomHistoryVisibility:
newContent.historyVisibilityContent = event.Content.historyVisibilityContent
case "m.room.aliases":
case MRoomAliases:
newContent.aliasesContent = event.Content.aliasesContent
}
// Replace the content with our new filtered content.

View file

@ -114,24 +114,24 @@ func (r *stateResolver) addConflicted(events []Event) {
// By default we add the event to a block in the others list.
blockList := &r.others
switch key.eventType {
case "m.room.create":
case MRoomCreate:
if key.stateKey == "" {
r.creates = append(r.creates, event)
continue
}
case "m.room.power_levels":
case MRoomPowerLevels:
if key.stateKey == "" {
r.powerLevels = append(r.powerLevels, event)
continue
}
case "m.room.join_rules":
case MRoomJoinRules:
if key.stateKey == "" {
r.joinRules = append(r.joinRules, event)
continue
}
case "m.room.member":
case MRoomMember:
blockList = &r.members
case "m.room.third_party_invite":
case MRoomThirdPartyInvite:
blockList = &r.thirdPartyInvites
}
// We need to find an entry for the state key in a block list.
@ -153,21 +153,21 @@ func (r *stateResolver) addConflicted(events []Event) {
// Add an event to the resolved auth events.
func (r *stateResolver) addAuthEvent(event *Event) {
switch event.Type() {
case "m.room.create":
case MRoomCreate:
if event.StateKeyEquals("") {
r.resolvedCreate = event
}
case "m.room.power_levels":
case MRoomPowerLevels:
if event.StateKeyEquals("") {
r.resolvedPowerLevels = event
}
case "m.room.join_rules":
case MRoomJoinRules:
if event.StateKeyEquals("") {
r.resolvedJoinRules = event
}
case "m.room.member":
case MRoomMember:
r.resolvedMembers[*event.StateKey()] = event
case "m.room.third_party_invite":
case MRoomThirdPartyInvite:
r.resolvedThirdPartyInvites[*event.StateKey()] = event
default:
panic(fmt.Errorf("Unexpected auth event with type %q", event.Type()))
@ -177,21 +177,21 @@ func (r *stateResolver) addAuthEvent(event *Event) {
// Remove the auth event with the given type and state key.
func (r *stateResolver) removeAuthEvent(eventType, stateKey string) {
switch eventType {
case "m.room.create":
case MRoomCreate:
if stateKey == "" {
r.resolvedCreate = nil
}
case "m.room.power_levels":
case MRoomPowerLevels:
if stateKey == "" {
r.resolvedPowerLevels = nil
}
case "m.room.join_rules":
case MRoomJoinRules:
if stateKey == "" {
r.resolvedJoinRules = nil
}
case "m.room.member":
case MRoomMember:
r.resolvedMembers[stateKey] = nil
case "m.room.third_party_invite":
case MRoomThirdPartyInvite:
r.resolvedThirdPartyInvites[stateKey] = nil
default:
panic(fmt.Errorf("Unexpected auth event with type %q", eventType))