mirror of
https://mau.dev/maunium/synapse.git
synced 2024-11-18 16:02:15 +01:00
Remove unspecced GET endpoints for e2e keys
GET /keys/claim is a terrible idea, since it isn't idempotent; also it throws 500 errors if you call it without all the right params. GET /keys/query is arguable, but it's unspecced, so let's get rid of it too to stop people relying on unspecced APIs.
This commit is contained in:
parent
9240948346
commit
abed247182
1 changed files with 4 additions and 39 deletions
|
@ -94,10 +94,6 @@ class KeyUploadServlet(RestServlet):
|
||||||
|
|
||||||
class KeyQueryServlet(RestServlet):
|
class KeyQueryServlet(RestServlet):
|
||||||
"""
|
"""
|
||||||
GET /keys/query/<user_id> HTTP/1.1
|
|
||||||
|
|
||||||
GET /keys/query/<user_id>/<device_id> HTTP/1.1
|
|
||||||
|
|
||||||
POST /keys/query HTTP/1.1
|
POST /keys/query HTTP/1.1
|
||||||
Content-Type: application/json
|
Content-Type: application/json
|
||||||
{
|
{
|
||||||
|
@ -131,11 +127,7 @@ class KeyQueryServlet(RestServlet):
|
||||||
"""
|
"""
|
||||||
|
|
||||||
PATTERNS = client_v2_patterns(
|
PATTERNS = client_v2_patterns(
|
||||||
"/keys/query(?:"
|
"/keys/query$",
|
||||||
"/(?P<user_id>[^/]*)(?:"
|
|
||||||
"/(?P<device_id>[^/]*)"
|
|
||||||
")?"
|
|
||||||
")?",
|
|
||||||
releases=()
|
releases=()
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -149,31 +141,16 @@ class KeyQueryServlet(RestServlet):
|
||||||
self.e2e_keys_handler = hs.get_e2e_keys_handler()
|
self.e2e_keys_handler = hs.get_e2e_keys_handler()
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_POST(self, request, user_id, device_id):
|
def on_POST(self, request):
|
||||||
yield self.auth.get_user_by_req(request, allow_guest=True)
|
yield self.auth.get_user_by_req(request, allow_guest=True)
|
||||||
timeout = parse_integer(request, "timeout", 10 * 1000)
|
timeout = parse_integer(request, "timeout", 10 * 1000)
|
||||||
body = parse_json_object_from_request(request)
|
body = parse_json_object_from_request(request)
|
||||||
result = yield self.e2e_keys_handler.query_devices(body, timeout)
|
result = yield self.e2e_keys_handler.query_devices(body, timeout)
|
||||||
defer.returnValue((200, result))
|
defer.returnValue((200, result))
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
|
||||||
def on_GET(self, request, user_id, device_id):
|
|
||||||
requester = yield self.auth.get_user_by_req(request, allow_guest=True)
|
|
||||||
timeout = parse_integer(request, "timeout", 10 * 1000)
|
|
||||||
auth_user_id = requester.user.to_string()
|
|
||||||
user_id = user_id if user_id else auth_user_id
|
|
||||||
device_ids = [device_id] if device_id else []
|
|
||||||
result = yield self.e2e_keys_handler.query_devices(
|
|
||||||
{"device_keys": {user_id: device_ids}},
|
|
||||||
timeout,
|
|
||||||
)
|
|
||||||
defer.returnValue((200, result))
|
|
||||||
|
|
||||||
|
|
||||||
class OneTimeKeyServlet(RestServlet):
|
class OneTimeKeyServlet(RestServlet):
|
||||||
"""
|
"""
|
||||||
GET /keys/claim/<user-id>/<device-id>/<algorithm> HTTP/1.1
|
|
||||||
|
|
||||||
POST /keys/claim HTTP/1.1
|
POST /keys/claim HTTP/1.1
|
||||||
{
|
{
|
||||||
"one_time_keys": {
|
"one_time_keys": {
|
||||||
|
@ -191,9 +168,7 @@ class OneTimeKeyServlet(RestServlet):
|
||||||
|
|
||||||
"""
|
"""
|
||||||
PATTERNS = client_v2_patterns(
|
PATTERNS = client_v2_patterns(
|
||||||
"/keys/claim(?:/?|(?:/"
|
"/keys/claim$",
|
||||||
"(?P<user_id>[^/]*)/(?P<device_id>[^/]*)/(?P<algorithm>[^/]*)"
|
|
||||||
")?)",
|
|
||||||
releases=()
|
releases=()
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -203,17 +178,7 @@ class OneTimeKeyServlet(RestServlet):
|
||||||
self.e2e_keys_handler = hs.get_e2e_keys_handler()
|
self.e2e_keys_handler = hs.get_e2e_keys_handler()
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def on_GET(self, request, user_id, device_id, algorithm):
|
def on_POST(self, request):
|
||||||
yield self.auth.get_user_by_req(request, allow_guest=True)
|
|
||||||
timeout = parse_integer(request, "timeout", 10 * 1000)
|
|
||||||
result = yield self.e2e_keys_handler.claim_one_time_keys(
|
|
||||||
{"one_time_keys": {user_id: {device_id: algorithm}}},
|
|
||||||
timeout,
|
|
||||||
)
|
|
||||||
defer.returnValue((200, result))
|
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
|
||||||
def on_POST(self, request, user_id, device_id, algorithm):
|
|
||||||
yield self.auth.get_user_by_req(request, allow_guest=True)
|
yield self.auth.get_user_by_req(request, allow_guest=True)
|
||||||
timeout = parse_integer(request, "timeout", 10 * 1000)
|
timeout = parse_integer(request, "timeout", 10 * 1000)
|
||||||
body = parse_json_object_from_request(request)
|
body = parse_json_object_from_request(request)
|
||||||
|
|
Loading…
Reference in a new issue