Fix bug with token expiration. Increase the default length of the pepper. Update hashes on startup with RotationPerRequest strategy. Don't check for existing pepper on the none hash algorithm.

2019-11-28 00:28:11 +03:00
parent 86b880069b
commit 0ec4df2c06
7 changed files with 19 additions and 12 deletions
--- a/src/main/java/io/kamax/mxisd/http/undertow/handler/auth/v2/AccountRegisterHandler.java
+++ b/src/main/java/io/kamax/mxisd/http/undertow/handler/auth/v2/AccountRegisterHandler.java
@@ -48,7 +48,7 @@ public class AccountRegisterHandler extends BasicHttpHandler {

        if (LOGGER.isInfoEnabled()) {
            LOGGER.info("Registration from domain: {}, expired at {}", openIdToken.getMatrixServerName(),
-                new Date(openIdToken.getExpiredIn()));
+                new Date(openIdToken.getExpiresIn()));
        }

        String token = accountManager.register(openIdToken);
--- a/src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v2/HashLookupHandler.java
+++ b/src/main/java/io/kamax/mxisd/http/undertow/handler/identity/v2/HashLookupHandler.java
@@ -67,7 +67,7 @@ public class HashLookupHandler extends LookupHandler implements ApiHandler {
            throw new InvalidParamException();
        }

-        if (!hashManager.getHashEngine().getPepper().equals(input.getPepper())) {
+        if ("sha256".equals(input.getAlgorithm()) && !hashManager.getHashEngine().getPepper().equals(input.getPepper())) {
            throw new InvalidPepperException();
        }

@@ -93,8 +93,8 @@ public class HashLookupHandler extends LookupHandler implements ApiHandler {
        for (String address : input.getAddresses()) {
            String[] parts = address.split(" ");
            ThreePidMapping mapping = new ThreePidMapping();
-            mapping.setMedium(parts[0]);
-            mapping.setValue(parts[1]);
+            mapping.setMedium(parts[1]);
+            mapping.setValue(parts[0]);
            mappings.add(mapping);
        }
        bulkLookupRequest.setMappings(mappings);