2015-05-06 12:45:18 +02:00
|
|
|
#!/usr/bin/env python
|
|
|
|
|
# -*- coding: utf-8 -*-
|
2016-01-07 05:26:29 +01:00
|
|
|
# Copyright 2015, 2016 OpenMarket Ltd
|
2015-05-06 12:45:18 +02:00
|
|
|
#
|
|
|
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
# you may not use this file except in compliance with the License.
|
|
|
|
|
# You may obtain a copy of the License at
|
|
|
|
|
#
|
|
|
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
#
|
|
|
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
# See the License for the specific language governing permissions and
|
|
|
|
|
# limitations under the License.
|
|
|
|
|
|
2018-10-20 02:16:55 +02:00
|
|
|
from __future__ import print_function
|
2015-05-06 12:45:18 +02:00
|
|
|
|
|
|
|
|
import argparse
|
|
|
|
|
import getpass
|
|
|
|
|
import hashlib
|
|
|
|
|
import hmac
|
|
|
|
|
import json
|
|
|
|
|
import sys
|
|
|
|
|
import urllib2
|
2018-10-20 02:16:55 +02:00
|
|
|
|
|
|
|
|
from six import input
|
|
|
|
|
|
2015-05-06 12:45:18 +02:00
|
|
|
import yaml
|
|
|
|
|
|
|
|
|
|
|
2016-07-05 18:18:19 +02:00
|
|
|
def request_registration(user, password, server_location, shared_secret, admin=False):
|
2018-07-20 14:41:13 +02:00
|
|
|
req = urllib2.Request(
|
|
|
|
|
"%s/_matrix/client/r0/admin/register" % (server_location,),
|
2018-10-20 02:16:55 +02:00
|
|
|
headers={'Content-Type': 'application/json'},
|
2018-07-20 14:41:13 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
try:
|
|
|
|
|
if sys.version_info[:3] >= (2, 7, 9):
|
|
|
|
|
# As of version 2.7.9, urllib2 now checks SSL certs
|
|
|
|
|
import ssl
|
2018-10-20 02:16:55 +02:00
|
|
|
|
2018-07-20 14:41:13 +02:00
|
|
|
f = urllib2.urlopen(req, context=ssl.SSLContext(ssl.PROTOCOL_SSLv23))
|
|
|
|
|
else:
|
|
|
|
|
f = urllib2.urlopen(req)
|
|
|
|
|
body = f.read()
|
|
|
|
|
f.close()
|
|
|
|
|
nonce = json.loads(body)["nonce"]
|
|
|
|
|
except urllib2.HTTPError as e:
|
2018-10-20 02:16:55 +02:00
|
|
|
print("ERROR! Received %d %s" % (e.code, e.reason))
|
2018-07-20 14:41:13 +02:00
|
|
|
if 400 <= e.code < 500:
|
|
|
|
|
if e.info().type == "application/json":
|
|
|
|
|
resp = json.load(e)
|
|
|
|
|
if "error" in resp:
|
2018-10-20 02:16:55 +02:00
|
|
|
print(resp["error"])
|
2018-07-20 14:41:13 +02:00
|
|
|
sys.exit(1)
|
|
|
|
|
|
2018-10-20 02:16:55 +02:00
|
|
|
mac = hmac.new(key=shared_secret, digestmod=hashlib.sha1)
|
2016-07-05 18:18:19 +02:00
|
|
|
|
2018-07-20 14:41:13 +02:00
|
|
|
mac.update(nonce)
|
|
|
|
|
mac.update("\x00")
|
2016-07-05 18:18:19 +02:00
|
|
|
mac.update(user)
|
2016-07-06 12:04:44 +02:00
|
|
|
mac.update("\x00")
|
2016-07-05 18:18:19 +02:00
|
|
|
mac.update(password)
|
2016-07-06 12:04:44 +02:00
|
|
|
mac.update("\x00")
|
2016-07-05 18:18:19 +02:00
|
|
|
mac.update("admin" if admin else "notadmin")
|
|
|
|
|
|
|
|
|
|
mac = mac.hexdigest()
|
2015-05-06 12:45:18 +02:00
|
|
|
|
|
|
|
|
data = {
|
2018-07-20 14:41:13 +02:00
|
|
|
"nonce": nonce,
|
|
|
|
|
"username": user,
|
2015-05-06 12:45:18 +02:00
|
|
|
"password": password,
|
|
|
|
|
"mac": mac,
|
2016-07-05 18:30:22 +02:00
|
|
|
"admin": admin,
|
2015-05-06 12:45:18 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
server_location = server_location.rstrip("/")
|
|
|
|
|
|
2018-10-20 02:16:55 +02:00
|
|
|
print("Sending registration request...")
|
2015-05-06 12:45:18 +02:00
|
|
|
|
|
|
|
|
req = urllib2.Request(
|
2018-07-20 14:41:13 +02:00
|
|
|
"%s/_matrix/client/r0/admin/register" % (server_location,),
|
2015-05-06 12:45:18 +02:00
|
|
|
data=json.dumps(data),
|
2018-10-20 02:16:55 +02:00
|
|
|
headers={'Content-Type': 'application/json'},
|
2015-05-06 12:45:18 +02:00
|
|
|
)
|
|
|
|
|
try:
|
|
|
|
|
if sys.version_info[:3] >= (2, 7, 9):
|
|
|
|
|
# As of version 2.7.9, urllib2 now checks SSL certs
|
|
|
|
|
import ssl
|
2018-10-20 02:16:55 +02:00
|
|
|
|
2015-05-06 12:45:18 +02:00
|
|
|
f = urllib2.urlopen(req, context=ssl.SSLContext(ssl.PROTOCOL_SSLv23))
|
|
|
|
|
else:
|
|
|
|
|
f = urllib2.urlopen(req)
|
|
|
|
|
f.read()
|
|
|
|
|
f.close()
|
2018-10-20 02:16:55 +02:00
|
|
|
print("Success.")
|
2015-05-06 12:45:18 +02:00
|
|
|
except urllib2.HTTPError as e:
|
2018-10-20 02:16:55 +02:00
|
|
|
print("ERROR! Received %d %s" % (e.code, e.reason))
|
2015-05-06 12:45:18 +02:00
|
|
|
if 400 <= e.code < 500:
|
|
|
|
|
if e.info().type == "application/json":
|
|
|
|
|
resp = json.load(e)
|
|
|
|
|
if "error" in resp:
|
2018-10-20 02:16:55 +02:00
|
|
|
print(resp["error"])
|
2015-05-06 12:45:18 +02:00
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
|
2016-07-05 18:30:22 +02:00
|
|
|
def register_new_user(user, password, server_location, shared_secret, admin):
|
2015-05-06 12:45:18 +02:00
|
|
|
if not user:
|
|
|
|
|
try:
|
|
|
|
|
default_user = getpass.getuser()
|
2018-10-20 02:16:55 +02:00
|
|
|
except Exception:
|
2015-05-06 12:45:18 +02:00
|
|
|
default_user = None
|
|
|
|
|
|
|
|
|
|
if default_user:
|
2018-10-20 02:16:55 +02:00
|
|
|
user = input("New user localpart [%s]: " % (default_user,))
|
2015-05-06 12:45:18 +02:00
|
|
|
if not user:
|
|
|
|
|
user = default_user
|
|
|
|
|
else:
|
2018-10-20 02:16:55 +02:00
|
|
|
user = input("New user localpart: ")
|
2015-05-06 12:45:18 +02:00
|
|
|
|
|
|
|
|
if not user:
|
2018-10-20 02:16:55 +02:00
|
|
|
print("Invalid user name")
|
2015-05-06 12:45:18 +02:00
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
if not password:
|
|
|
|
|
password = getpass.getpass("Password: ")
|
|
|
|
|
|
|
|
|
|
if not password:
|
2018-10-20 02:16:55 +02:00
|
|
|
print("Password cannot be blank.")
|
2015-05-06 12:45:18 +02:00
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
|
|
confirm_password = getpass.getpass("Confirm password: ")
|
|
|
|
|
|
|
|
|
|
if password != confirm_password:
|
2018-10-20 02:16:55 +02:00
|
|
|
print("Passwords do not match")
|
2015-05-06 12:45:18 +02:00
|
|
|
sys.exit(1)
|
|
|
|
|
|
2018-09-28 14:36:56 +02:00
|
|
|
if admin is None:
|
2018-10-20 02:16:55 +02:00
|
|
|
admin = input("Make admin [no]: ")
|
2016-07-05 18:30:22 +02:00
|
|
|
if admin in ("y", "yes", "true"):
|
|
|
|
|
admin = True
|
|
|
|
|
else:
|
|
|
|
|
admin = False
|
|
|
|
|
|
|
|
|
|
request_registration(user, password, server_location, shared_secret, bool(admin))
|
2015-05-06 12:45:18 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
|
parser = argparse.ArgumentParser(
|
|
|
|
|
description="Used to register new users with a given home server when"
|
2018-10-20 02:16:55 +02:00
|
|
|
" registration has been disabled. The home server must be"
|
|
|
|
|
" configured with the 'registration_shared_secret' option"
|
|
|
|
|
" set."
|
2015-05-06 12:45:18 +02:00
|
|
|
)
|
|
|
|
|
parser.add_argument(
|
2018-10-20 02:16:55 +02:00
|
|
|
"-u",
|
|
|
|
|
"--user",
|
2015-05-06 12:45:18 +02:00
|
|
|
default=None,
|
|
|
|
|
help="Local part of the new user. Will prompt if omitted.",
|
|
|
|
|
)
|
|
|
|
|
parser.add_argument(
|
2018-10-20 02:16:55 +02:00
|
|
|
"-p",
|
|
|
|
|
"--password",
|
2015-05-06 12:45:18 +02:00
|
|
|
default=None,
|
|
|
|
|
help="New password for user. Will prompt if omitted.",
|
|
|
|
|
)
|
2018-09-28 14:36:56 +02:00
|
|
|
admin_group = parser.add_mutually_exclusive_group()
|
|
|
|
|
admin_group.add_argument(
|
2018-10-20 02:16:55 +02:00
|
|
|
"-a",
|
|
|
|
|
"--admin",
|
2016-07-05 18:30:22 +02:00
|
|
|
action="store_true",
|
2018-10-20 02:16:55 +02:00
|
|
|
help=(
|
|
|
|
|
"Register new user as an admin. "
|
|
|
|
|
"Will prompt if --no-admin is not set either."
|
|
|
|
|
),
|
2018-09-28 14:36:56 +02:00
|
|
|
)
|
|
|
|
|
admin_group.add_argument(
|
|
|
|
|
"--no-admin",
|
|
|
|
|
action="store_true",
|
2018-10-20 02:16:55 +02:00
|
|
|
help=(
|
|
|
|
|
"Register new user as a regular user. "
|
|
|
|
|
"Will prompt if --admin is not set either."
|
|
|
|
|
),
|
2016-07-05 18:30:22 +02:00
|
|
|
)
|
2015-05-06 12:45:18 +02:00
|
|
|
|
|
|
|
|
group = parser.add_mutually_exclusive_group(required=True)
|
|
|
|
|
group.add_argument(
|
2018-10-20 02:16:55 +02:00
|
|
|
"-c",
|
|
|
|
|
"--config",
|
2015-05-06 12:45:18 +02:00
|
|
|
type=argparse.FileType('r'),
|
|
|
|
|
help="Path to server config file. Used to read in shared secret.",
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
group.add_argument(
|
2018-10-20 02:16:55 +02:00
|
|
|
"-k", "--shared-secret", help="Shared secret as defined in server config file."
|
2015-05-06 12:45:18 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
parser.add_argument(
|
|
|
|
|
"server_url",
|
|
|
|
|
default="https://localhost:8448",
|
|
|
|
|
nargs='?',
|
|
|
|
|
help="URL to use to talk to the home server. Defaults to "
|
2018-10-20 02:16:55 +02:00
|
|
|
" 'https://localhost:8448'.",
|
2015-05-06 12:45:18 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
args = parser.parse_args()
|
|
|
|
|
|
|
|
|
|
if "config" in args and args.config:
|
|
|
|
|
config = yaml.safe_load(args.config)
|
|
|
|
|
secret = config.get("registration_shared_secret", None)
|
|
|
|
|
if not secret:
|
2018-10-20 02:16:55 +02:00
|
|
|
print("No 'registration_shared_secret' defined in config.")
|
2015-05-06 12:45:18 +02:00
|
|
|
sys.exit(1)
|
|
|
|
|
else:
|
|
|
|
|
secret = args.shared_secret
|
|
|
|
|
|
2018-09-28 14:36:56 +02:00
|
|
|
admin = None
|
|
|
|
|
if args.admin or args.no_admin:
|
|
|
|
|
admin = args.admin
|
|
|
|
|
|
|
|
|
|
register_new_user(args.user, args.password, args.server_url, secret, admin)
|
