forked from MirrorHub/synapse
Move event contents into third_party_layout field
This commit is contained in:
parent
32a453d7ba
commit
17dffef5ec
7 changed files with 35 additions and 21 deletions
|
@ -374,24 +374,24 @@ class Auth(object):
|
|||
return True
|
||||
|
||||
def _verify_third_party_invite(self, event, auth_events):
|
||||
for key in ThirdPartyInvites.JOIN_KEYS:
|
||||
if key not in event.content:
|
||||
return False
|
||||
token = event.content["token"]
|
||||
if not ThirdPartyInvites.join_has_third_party_invite(event.content):
|
||||
return False
|
||||
join_third_party_invite = event.content["third_party_invite"]
|
||||
token = join_third_party_invite["token"]
|
||||
invite_event = auth_events.get(
|
||||
(EventTypes.ThirdPartyInvite, token,)
|
||||
)
|
||||
if not invite_event:
|
||||
return False
|
||||
try:
|
||||
public_key = event.content["public_key"]
|
||||
key_validity_url = event.content["key_validity_url"]
|
||||
public_key = join_third_party_invite["public_key"]
|
||||
key_validity_url = join_third_party_invite["key_validity_url"]
|
||||
if invite_event.content["public_key"] != public_key:
|
||||
return False
|
||||
if invite_event.content["key_validity_url"] != key_validity_url:
|
||||
return False
|
||||
verify_key = nacl.signing.VerifyKey(decode_base64(public_key))
|
||||
encoded_signature = event.content["signature"]
|
||||
encoded_signature = join_third_party_invite["signature"]
|
||||
signature = decode_base64(encoded_signature)
|
||||
verify_key.verify(token, signature)
|
||||
return True
|
||||
|
@ -677,8 +677,11 @@ class Auth(object):
|
|||
if e_type == Membership.JOIN:
|
||||
if member_event and not is_public:
|
||||
auth_ids.append(member_event.event_id)
|
||||
if ThirdPartyInvites.has_join_keys(event.content):
|
||||
key = (EventTypes.ThirdPartyInvite, event.content["token"])
|
||||
if ThirdPartyInvites.join_has_third_party_invite(event.content):
|
||||
key = (
|
||||
EventTypes.ThirdPartyInvite,
|
||||
event.content["third_party_invite"]["token"]
|
||||
)
|
||||
invite = current_state.get(key)
|
||||
if invite:
|
||||
auth_ids.append(invite.event_id)
|
||||
|
|
|
@ -363,8 +363,8 @@ class FederationClient(FederationBase):
|
|||
continue
|
||||
|
||||
args = {}
|
||||
if ThirdPartyInvites.has_join_keys(content):
|
||||
ThirdPartyInvites.copy_join_keys(content, args)
|
||||
if ThirdPartyInvites.join_has_third_party_invite(content):
|
||||
ThirdPartyInvites.copy_join_keys(content["third_party_invite"], args)
|
||||
try:
|
||||
ret = yield self.transport_layer.make_join(
|
||||
destination, room_id, user_id, args
|
||||
|
|
|
@ -127,7 +127,7 @@ class BaseHandler(object):
|
|||
if (
|
||||
event.type == EventTypes.Member and
|
||||
event.content["membership"] == Membership.JOIN and
|
||||
ThirdPartyInvites.has_join_keys(event.content)
|
||||
ThirdPartyInvites.join_has_third_party_invite(event.content)
|
||||
):
|
||||
yield ThirdPartyInvites.check_key_valid(
|
||||
self.hs.get_simple_http_client(),
|
||||
|
|
|
@ -705,7 +705,8 @@ class FederationHandler(BaseHandler):
|
|||
"""
|
||||
event_content = {"membership": Membership.JOIN}
|
||||
if ThirdPartyInvites.has_join_keys(query):
|
||||
ThirdPartyInvites.copy_join_keys(query, event_content)
|
||||
event_content["third_party_invite"] = {}
|
||||
ThirdPartyInvites.copy_join_keys(query, event_content["third_party_invite"])
|
||||
|
||||
builder = self.event_builder_factory.new({
|
||||
"type": EventTypes.Member,
|
||||
|
@ -721,7 +722,7 @@ class FederationHandler(BaseHandler):
|
|||
|
||||
self.auth.check(event, auth_events=context.current_state)
|
||||
|
||||
if ThirdPartyInvites.has_join_keys(event.content):
|
||||
if ThirdPartyInvites.join_has_third_party_invite(event.content):
|
||||
ThirdPartyInvites.check_key_valid(self.hs.get_simple_http_client(), event)
|
||||
|
||||
defer.returnValue(event)
|
||||
|
|
|
@ -483,10 +483,13 @@ class RoomMemberHandler(BaseHandler):
|
|||
|
||||
should_do_dance = not self.hs.is_mine(inviter)
|
||||
room_hosts = [inviter.domain]
|
||||
elif "sender" in event.content:
|
||||
inviter = UserID.from_string(event.content["sender"])
|
||||
should_do_dance = not self.hs.is_mine(inviter)
|
||||
room_hosts = [inviter.domain]
|
||||
elif "third_party_invite" in event.content:
|
||||
if "sender" in event.content["third_party_invite"]:
|
||||
inviter = UserID.from_string(
|
||||
event.content["third_party_invite"]["sender"]
|
||||
)
|
||||
should_do_dance = not self.hs.is_mine(inviter)
|
||||
room_hosts = [inviter.domain]
|
||||
else:
|
||||
# return the same error as join_room_alias does
|
||||
raise SynapseError(404, "No known servers")
|
||||
|
|
|
@ -456,7 +456,8 @@ class RoomMembershipRestServlet(ClientV1RestServlet):
|
|||
}
|
||||
|
||||
if membership_action == "join" and ThirdPartyInvites.has_join_keys(content):
|
||||
ThirdPartyInvites.copy_join_keys(content, event_content)
|
||||
event_content["third_party_invite"] = {}
|
||||
ThirdPartyInvites.copy_join_keys(content, event_content["third_party_invite"])
|
||||
|
||||
yield msg_handler.create_and_send_event(
|
||||
{
|
||||
|
|
|
@ -42,6 +42,12 @@ class ThirdPartyInvites(object):
|
|||
return False
|
||||
return True
|
||||
|
||||
@classmethod
|
||||
def join_has_third_party_invite(cls, content):
|
||||
if "third_party_invite" not in content:
|
||||
return False
|
||||
return cls.has_join_keys(content["third_party_invite"])
|
||||
|
||||
@classmethod
|
||||
def copy_join_keys(cls, src, dst):
|
||||
for key in cls.JOIN_KEYS:
|
||||
|
@ -53,8 +59,8 @@ class ThirdPartyInvites(object):
|
|||
def check_key_valid(cls, http_client, event):
|
||||
try:
|
||||
response = yield http_client.get_json(
|
||||
event.content["key_validity_url"],
|
||||
{"public_key": event.content["public_key"]}
|
||||
event.content["third_party_invite"]["key_validity_url"],
|
||||
{"public_key": event.content["third_party_invite"]["public_key"]}
|
||||
)
|
||||
if not response["valid"]:
|
||||
raise AuthError(403, "Third party certificate was invalid")
|
||||
|
|
Loading…
Reference in a new issue