cqrenet/mxids
3
0
Fork 0
Code Pull Requests 10 Actions Releases Activity

Add check for legality of the returned Matrix ID in Auth

Browse Source 
- Helps troubleshoot reported issues that might not be obvious at first
- Add basic unit test for auth manager
This commit is contained in:
Max Dor
2019-05-28 19:28:46 +02:00
parent 917f87bf8c
commit 544f8e59f0
2 changed files with 85 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/main/java/io/kamax/mxisd/auth/AuthManager.java
View File

@@ -64,6 +64,8 @@ import java.util.Objects;
public class AuthManager {
private static final Logger log = LoggerFactory.getLogger(AuthManager.class);
private static final String TypeKey = "type";
private static final String UserKey = "user";
private static final String IdentifierKey = "identifier";
@@ -72,7 +74,6 @@ public class AuthManager {
private static final String UserIdTypeValue = "m.id.user";
private static final String ThreepidTypeValue = "m.id.thirdparty";
private transient final Logger log = LoggerFactory.getLogger(AuthManager.class);
private final Gson gson = GsonUtil.get(); // FIXME replace
private List<AuthenticatorProvider> providers;
@@ -138,6 +139,12 @@ public class AuthManager {
invMgr.publishMappingIfInvited(new ThreePidMapping(pid, mxId));
}
try {
MatrixID.asValid(mxId);
} catch (IllegalArgumentException e) {
log.warn("The returned User ID {} is not a valid Matrix ID. Login might fail at the Homeserver level", mxId);
}
invMgr.lookupMappingsForInvites();
return authResult;

77
src/test/java/io/kamax/mxisd/test/auth/AuthManagerTest.java Normal file
View File

@@ -0,0 +1,77 @@
/*
* mxisd - Matrix Identity Server Daemon
* Copyright (C) 2019 Kamax Sarl
*
* https://www.kamax.io/
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package io.kamax.mxisd.test.auth;
import io.kamax.mxisd.Mxisd;
import io.kamax.mxisd.auth.AuthManager;
import io.kamax.mxisd.auth.UserAuthResult;
import io.kamax.mxisd.config.MxisdConfig;
import io.kamax.mxisd.config.memory.MemoryIdentityConfig;
import io.kamax.mxisd.config.memory.MemoryThreePid;
import org.junit.BeforeClass;
import org.junit.Test;
import static org.junit.Assert.assertTrue;
public class AuthManagerTest {
private static AuthManager mgr;
// FIXME we should be able to easily build the class ourselves
// FIXME use constants
@BeforeClass
public static void beforeClass() {
MxisdConfig cfg = new MxisdConfig();
cfg.getMatrix().setDomain("localhost");
cfg.getKey().setPath(":memory:");
cfg.getStorage().getProvider().getSqlite().setDatabase(":memory:");
MemoryThreePid mem3pid = new MemoryThreePid();
mem3pid.setMedium("email");
mem3pid.setAddress("john@localhost");
MemoryIdentityConfig validCfg = new MemoryIdentityConfig();
validCfg.setUsername("john");
validCfg.setPassword("doe");
validCfg.getThreepids().add(mem3pid);
MemoryIdentityConfig illegalUser = new MemoryIdentityConfig();
illegalUser.setUsername("JANE");
illegalUser.setPassword("doe");
cfg.getMemory().setEnabled(true);
cfg.getMemory().getIdentities().add(validCfg);
cfg.getMemory().getIdentities().add(illegalUser);
Mxisd m = new Mxisd(cfg);
m.start();
mgr = m.getAuth();
}
@Test
public void basic() {
UserAuthResult result = mgr.authenticate("@john:localhost", "doe");
assertTrue(result.isSuccess());
// For backward-compatibility as per instructed by the spec, we do not fail on an illegal username
// This makes sure we don't break it
result = mgr.authenticate("@JANE:localhost", "doe");
assertTrue(result.isSuccess());
}
}