Registration API. Add DAO, Manager.

This commit is contained in:
Anatoly Sablin
2019-09-30 23:16:58 +03:00
parent d0fd9fb9b0
commit 614b3440e2
6 changed files with 360 additions and 3 deletions

View File

@@ -0,0 +1,78 @@
package io.kamax.mxisd.auth;
import com.google.gson.JsonObject;
import io.kamax.matrix.json.GsonUtil;
import io.kamax.mxisd.exception.InvalidCredentialsException;
import io.kamax.mxisd.exception.NotFoundException;
import io.kamax.mxisd.matrix.HomeserverFederationResolver;
import io.kamax.mxisd.storage.IStorage;
import io.kamax.mxisd.storage.ormlite.dao.AccountDao;
import org.apache.http.HttpStatus;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.util.EntityUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.IOException;
import java.time.Instant;
import java.util.Objects;
import java.util.UUID;
public class AccountManager {
private static final Logger LOGGER = LoggerFactory.getLogger(AccountManager.class);
private final IStorage storage;
private final HomeserverFederationResolver resolver;
private final CloseableHttpClient httpClient;
public AccountManager(IStorage storage, HomeserverFederationResolver resolver,
CloseableHttpClient httpClient) {
this.storage = storage;
this.resolver = resolver;
this.httpClient = httpClient;
}
public String register(OpenIdToken openIdToken) {
Objects.requireNonNull(openIdToken.getAccessToken(), "Missing required access_token");
Objects.requireNonNull(openIdToken.getTokenType(), "Missing required token type");
Objects.requireNonNull(openIdToken.getMatrixServerName(), "Missing required matrix domain");
String homeserverURL = resolver.resolve(openIdToken.getMatrixServerName()).toString();
HttpGet getUserInfo = new HttpGet(
"https://" + homeserverURL + "/_matrix/federation/v1/openid/userinfo?access_token=" + openIdToken.getAccessToken());
String userId;
try (CloseableHttpResponse response = httpClient.execute(getUserInfo)) {
int statusCode = response.getStatusLine().getStatusCode();
if (statusCode == HttpStatus.SC_OK) {
JsonObject body = GsonUtil.parseObj(EntityUtils.toString(response.getEntity()));
userId = GsonUtil.getStringOrThrow(body, "sub");
} else {
LOGGER.error("Wrong response status: {}", statusCode);
throw new InvalidCredentialsException();
}
} catch (IOException e) {
LOGGER.error("Unable to get user info.");
throw new InvalidCredentialsException();
}
String token = UUID.randomUUID().toString();
AccountDao account = new AccountDao(openIdToken.getAccessToken(), openIdToken.getTokenType(),
openIdToken.getMatrixServerName(), openIdToken.getExpiredIn(),
Instant.now().getEpochSecond(), userId, token);
storage.insertToken(account);
return token;
}
public String getUserId(String token) {
return storage.findUserId(token).orElseThrow(NotFoundException::new);
}
public void logout(String token) {
String userId = storage.findUserId(token).orElseThrow(InvalidCredentialsException::new);
LOGGER.info("Logout: {}", userId);
storage.deleteToken(token);
}
}

View File

@@ -0,0 +1,44 @@
package io.kamax.mxisd.auth;
public class OpenIdToken {
private String accessToken;
private String tokenType;
private String matrixServerName;
private long expiredIn;
public String getAccessToken() {
return accessToken;
}
public void setAccessToken(String accessToken) {
this.accessToken = accessToken;
}
public String getTokenType() {
return tokenType;
}
public void setTokenType(String tokenType) {
this.tokenType = tokenType;
}
public String getMatrixServerName() {
return matrixServerName;
}
public void setMatrixServerName(String matrixServerName) {
this.matrixServerName = matrixServerName;
}
public long getExpiredIn() {
return expiredIn;
}
public void setExpiredIn(long expiredIn) {
this.expiredIn = expiredIn;
}
}

View File

@@ -0,0 +1,70 @@
/*
* mxisd - Matrix Identity Server Daemon
* Copyright (C) 2018 Kamax Sarl
*
* https://www.kamax.io/
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package io.kamax.mxisd.http.undertow.handler.auth.v2;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import io.kamax.matrix.json.GsonUtil;
import io.kamax.mxisd.auth.AuthManager;
import io.kamax.mxisd.auth.UserAuthResult;
import io.kamax.mxisd.exception.JsonMemberNotFoundException;
import io.kamax.mxisd.http.io.CredentialsValidationResponse;
import io.kamax.mxisd.http.undertow.handler.BasicHttpHandler;
import io.undertow.server.HttpServerExchange;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
public class AccountRegisterHandler extends BasicHttpHandler {
public static final String Path = "/_matrix/identity/v2/account/register";
private static final Logger log = LoggerFactory.getLogger(AccountRegisterHandler.class);
private AuthManager mgr;
public AccountRegisterHandler(AuthManager mgr) {
this.mgr = mgr;
}
@Override
public void handleRequest(HttpServerExchange exchange) {
JsonObject authData = parseJsonObject(exchange, "user");
if (!authData.has("id") || !authData.has("password")) {
throw new JsonMemberNotFoundException("Missing id or password keys");
}
String id = GsonUtil.getStringOrThrow(authData, "id");
log.info("Requested to check credentials for {}", id);
String password = GsonUtil.getStringOrThrow(authData, "password");
UserAuthResult result = mgr.authenticate(id, password);
CredentialsValidationResponse response = new CredentialsValidationResponse(result.isSuccess());
if (result.isSuccess()) {
response.setDisplayName(result.getDisplayName());
response.getProfile().setThreePids(result.getThreePids());
}
JsonElement authObj = GsonUtil.get().toJsonTree(response);
respond(exchange, GsonUtil.makeObj("auth", authObj));
}
}

View File

@@ -24,6 +24,7 @@ import io.kamax.matrix.ThreePid;
import io.kamax.mxisd.invitation.IThreePidInviteReply;
import io.kamax.mxisd.storage.dao.IThreePidSessionDao;
import io.kamax.mxisd.storage.ormlite.dao.ASTransactionDao;
import io.kamax.mxisd.storage.ormlite.dao.AccountDao;
import io.kamax.mxisd.storage.ormlite.dao.ThreePidInviteIO;
import java.time.Instant;
@@ -52,4 +53,9 @@ public interface IStorage {
Optional<ASTransactionDao> getTransactionResult(String localpart, String txnId);
void insertToken(AccountDao accountDao);
Optional<String> findUserId(String accessToken);
void deleteToken(String accessToken);
}

View File

@@ -34,6 +34,7 @@ import io.kamax.mxisd.invitation.IThreePidInviteReply;
import io.kamax.mxisd.storage.IStorage;
import io.kamax.mxisd.storage.dao.IThreePidSessionDao;
import io.kamax.mxisd.storage.ormlite.dao.ASTransactionDao;
import io.kamax.mxisd.storage.ormlite.dao.AccountDao;
import io.kamax.mxisd.storage.ormlite.dao.HistoricalThreePidInviteIO;
import io.kamax.mxisd.storage.ormlite.dao.ThreePidInviteIO;
import io.kamax.mxisd.storage.ormlite.dao.ThreePidSessionDao;
@@ -42,7 +43,11 @@ import org.apache.commons.lang.StringUtils;
import java.io.IOException;
import java.sql.SQLException;
import java.time.Instant;
import java.util.*;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Optional;
import java.util.UUID;
public class OrmLiteSqlStorage implements IStorage {
@@ -64,6 +69,7 @@ public class OrmLiteSqlStorage implements IStorage {
private Dao<HistoricalThreePidInviteIO, String> expInvDao;
private Dao<ThreePidSessionDao, String> sessionDao;
private Dao<ASTransactionDao, String> asTxnDao;
private Dao<AccountDao, String> accountDao;
public OrmLiteSqlStorage(MxisdConfig cfg) {
this(cfg.getStorage().getBackend(), cfg.getStorage().getProvider().getSqlite().getDatabase());
@@ -84,6 +90,7 @@ public class OrmLiteSqlStorage implements IStorage {
expInvDao = createDaoAndTable(connPool, HistoricalThreePidInviteIO.class);
sessionDao = createDaoAndTable(connPool, ThreePidSessionDao.class);
asTxnDao = createDaoAndTable(connPool, ASTransactionDao.class);
accountDao = createDaoAndTable(connPool, AccountDao.class);
});
}
@@ -237,4 +244,37 @@ public class OrmLiteSqlStorage implements IStorage {
});
}
@Override
public void insertToken(AccountDao account) {
withCatcher(() -> {
int created = accountDao.create(account);
if (created != 1) {
throw new RuntimeException("Unexpected row count after DB action: " + created);
}
});
}
@Override
public Optional<String> findUserId(String token) {
return withCatcher(() -> {
List<AccountDao> accounts = accountDao.queryForEq("token", token);
if (accounts.isEmpty()) {
return Optional.empty();
}
if (accounts.size() != 1) {
throw new RuntimeException("Unexpected rows for access token: " + accounts.size());
}
return Optional.of(accounts.get(0).getUserId());
});
}
@Override
public void deleteToken(String token) {
withCatcher(() -> {
int updated = accountDao.deleteById(token);
if (updated != 1) {
throw new RuntimeException("Unexpected row count after DB action: " + updated);
}
});
}
}

View File

@@ -0,0 +1,119 @@
/*
* mxisd - Matrix Identity Server Daemon
* Copyright (C) 2018 Kamax Sarl
*
* https://www.kamax.io/
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package io.kamax.mxisd.storage.ormlite.dao;
import com.j256.ormlite.field.DatabaseField;
import com.j256.ormlite.table.DatabaseTable;
@DatabaseTable(tableName = "account")
public class AccountDao {
@DatabaseField(canBeNull = false, id = true)
private String token;
@DatabaseField(canBeNull = false)
private String accessToken;
@DatabaseField(canBeNull = false)
private String tokenType;
@DatabaseField(canBeNull = false)
private String matrixServerName;
@DatabaseField(canBeNull = false)
private long expiresIn;
@DatabaseField(canBeNull = false)
private long createdAt;
@DatabaseField(canBeNull = false)
private String userId;
public AccountDao() {
// Needed for ORMLite
}
public AccountDao(String accessToken, String tokenType, String matrixServerName, long expiresIn, long createdAt, String userId, String token) {
this.accessToken = accessToken;
this.tokenType = tokenType;
this.matrixServerName = matrixServerName;
this.expiresIn = expiresIn;
this.createdAt = createdAt;
this.userId = userId;
this.token = token;
}
public String getAccessToken() {
return accessToken;
}
public void setAccessToken(String accessToken) {
this.accessToken = accessToken;
}
public String getTokenType() {
return tokenType;
}
public void setTokenType(String tokenType) {
this.tokenType = tokenType;
}
public String getMatrixServerName() {
return matrixServerName;
}
public void setMatrixServerName(String matrixServerName) {
this.matrixServerName = matrixServerName;
}
public long getExpiresIn() {
return expiresIn;
}
public void setExpiresIn(long expiresIn) {
this.expiresIn = expiresIn;
}
public long getCreatedAt() {
return createdAt;
}
public void setCreatedAt(long createdAt) {
this.createdAt = createdAt;
}
public String getUserId() {
return userId;
}
public void setUserId(String userId) {
this.userId = userId;
}
public String getToken() {
return token;
}
public void setToken(String token) {
this.token = token;
}
}