Compare commits
	
		
			163 Commits
		
	
	
		
			2.4.0-rc2
			...
			renovate/c
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| 89e3356805 | |||
| 0de8e247cb | |||
| 8d4f331880 | |||
| 7f1b77ce19 | |||
| d4080bb2e5 | |||
| 0106364680 | |||
| b1ef1b9aa1 | |||
| 84b4c9c3ed | |||
| dedce04961 | |||
| a4e99fcc79 | |||
| d568678df5 | |||
| 31210f4e71 | |||
| df70b65ac3 | |||
| 949bfc38f8 | |||
| c5e5f643a2 | |||
| 5820156512 | |||
| 7cc4be7cd6 | |||
| 5e31ff9b69 | |||
| d910472db5 | |||
| ca56afad5d | |||
| 541aeee3c2 | |||
| 19257a0290 | |||
| 8d91e7d5a3 | |||
| c0671acf60 | |||
| 0b8300c774 | |||
| cac55d5f06 | |||
| aa3aadbb53 | |||
| da7fa9edd6 | |||
| a1a21e8d60 | |||
| dc2932cf51 | |||
| bb84e32719 | |||
| 12aa40b160 | |||
| 9d4fddcb2d | |||
| 4654cff158 | |||
| b1888fed96 | |||
| d7e8b3d62a | |||
| 56bfdda18c | |||
| fb3debfb49 | |||
| 49f812f867 | |||
| de0a3152c3 | |||
| cc5d047c3f | |||
| 350776df17 | |||
| 7b6560e9c8 | |||
| 4fd4fdac60 | |||
| dfad9d9ce8 | |||
| d2fc4e3bef | |||
| 4416c17216 | |||
| f54ed462b1 | |||
| 7498dcf122 | |||
| 7e5665a56f | |||
| f633e9d256 | |||
| bdfe4a00a9 | |||
| 50d4f0fa30 | |||
| bb190230b2 | |||
| c9bafd9af2 | |||
| 3c9c8ca1b5 | |||
| dacf96140c | |||
| 1d228d75e6 | |||
| 62530eda08 | |||
| 15c3e6b425 | |||
| 945a2dbdf5 | |||
| d5cebf103d | |||
| de14f80a40 | |||
| 7ed6db537d | |||
| 9d8d88527c | |||
| a1c82878f2 | |||
| ab95c8ee32 | |||
| e50a49b198 | |||
| 4492888557 | |||
| ed5407fc42 | |||
| a2911f2ace | |||
| e99578d168 | |||
| d471ea71d7 | |||
| 56115df282 | |||
| 2e1194d216 | |||
| ee001d543c | |||
| a826eb319e | |||
| 6b557e9954 | |||
| 041a4d1b73 | |||
| c1a1741bfb | |||
| 6e1058c484 | |||
| 5f6fb38485 | |||
| c9046ffbd0 | |||
| cf97c5a88f | |||
| 3d1a8c4495 | |||
| 46dc07ef07 | |||
| d9ab2b8739 | |||
| 14032aaf50 | |||
| 73051c3d00 | |||
| a3c8c4a8cf | |||
| 453751a39e | |||
| ad23e91ece | |||
| baabdfc2ef | |||
| 263e3260c9 | |||
| a281bdbf77 | |||
| 338e7f4aa2 | |||
| a9212ce73a | |||
| f2e1fcb25f | |||
| f5630bc4d9 | |||
| dbccaecfd6 | |||
| de0842d3a8 | |||
| 05424f14b8 | |||
| 2587e6be7c | |||
| 20062fe5bc | |||
| 0ec6462ff4 | |||
| 567c7bb972 | |||
| 1c6322f1c2 | |||
| 603cdd1340 | |||
| a6164379c5 | |||
| fc9d6b3a36 | |||
| 8b14664dc7 | |||
| f0922d67df | |||
| 6e05b51fdc | |||
| 0999ef6309 | |||
| cae00f4606 | |||
| 941ae697e7 | |||
| fbf1ea8f5b | |||
| 4eef3ac40d | |||
| e6c90aa00f | |||
| ca306a3212 | |||
| e8864afe02 | |||
| f09ede8780 | |||
| 98146d3468 | |||
| 5f64b72a91 | |||
| acb2b5a37d | |||
| 9f9c48aaa7 | |||
| eb6e541e15 | |||
| e45ac5a78a | |||
| aebcb7b5e1 | |||
| c45f95ce3f | |||
| 640fa8e9f1 | |||
| 0f3c37bf6a | |||
|  | ae5864cd91 | ||
|  | e456724caf | ||
|  | ed9dcc4061 | ||
|  | ea8e386939 | ||
|  | e0ec887118 | ||
|  | a71d32ba77 | ||
|  | a0f6fe9b0d | ||
|  | c25647156a | ||
|  | e7c4c12a98 | ||
|  | 90b2b5301c | ||
|  | 0d93a26e6d | ||
|  | c29fc0f0eb | ||
|  | e421c851c9 | ||
|  | 5b2b45233a | ||
|  | 888f7a4209 | ||
|  | 0c301a49c7 | ||
|  | 1fda2dd3b7 | ||
|  | c4a20efe5e | ||
|  | fc45f1b090 | ||
|  | 1480507d76 | ||
|  | a1ab1e8e0a | ||
|  | 1e5033b461 | ||
|  | 7323851c6e | ||
|  | 08db73e55b | ||
|  | 9fba20475b | ||
|  | 9af5fce014 | ||
|  | 9843e14c1a | ||
|  | 60e6f1e23c | ||
|  | 6cdbcc69c7 | ||
|  | ed7c714738 | ||
|  | 7c94bd4744 | 
							
								
								
									
										71
									
								
								.github/workflows/codeql-analysis.yml.disabled
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										71
									
								
								.github/workflows/codeql-analysis.yml.disabled
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,71 @@ | ||||
| # For most projects, this workflow file will not need changing; you simply need | ||||
| # to commit it to your repository. | ||||
| # | ||||
| # You may wish to alter this file to override the set of languages analyzed, | ||||
| # or to provide custom queries or build logic. | ||||
| name: "CodeQL" | ||||
|  | ||||
| on: | ||||
|   push: | ||||
|     branches: [master] | ||||
|   pull_request: | ||||
|     # The branches below must be a subset of the branches above | ||||
|     branches: [master] | ||||
|   schedule: | ||||
|     - cron: '0 3 * * 6' | ||||
|  | ||||
| jobs: | ||||
|   analyze: | ||||
|     name: Analyze | ||||
|     runs-on: ubuntu-latest | ||||
|  | ||||
|     strategy: | ||||
|       fail-fast: false | ||||
|       matrix: | ||||
|         # Override automatic language detection by changing the below list | ||||
|         # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python'] | ||||
|         language: ['java'] | ||||
|         # Learn more... | ||||
|         # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection | ||||
|  | ||||
|     steps: | ||||
|     - name: Checkout repository | ||||
|       uses: actions/checkout@v2 | ||||
|       with: | ||||
|         # We must fetch at least the immediate parents so that if this is | ||||
|         # a pull request then we can checkout the head. | ||||
|         fetch-depth: 0 | ||||
|  | ||||
|     # If this run was triggered by a pull request event, then checkout | ||||
|     # the head of the pull request instead of the merge commit. | ||||
|     - run: git checkout HEAD^2 | ||||
|       if: ${{ github.event_name == 'pull_request' }} | ||||
|  | ||||
|     # Initializes the CodeQL tools for scanning. | ||||
|     - name: Initialize CodeQL | ||||
|       uses: github/codeql-action/init@v2 | ||||
|       with: | ||||
|         languages: ${{ matrix.language }} | ||||
|         # If you wish to specify custom queries, you can do so here or in a config file. | ||||
|         # By default, queries listed here will override any specified in a config file.  | ||||
|         # Prefix the list here with "+" to use these queries and those in the config file. | ||||
|         # queries: ./path/to/local/query, your-org/your-repo/queries@main | ||||
|  | ||||
|     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java). | ||||
|     # If this step fails, then you should remove it and run the build manually (see below) | ||||
|     - name: Autobuild | ||||
|       uses: github/codeql-action/autobuild@v2 | ||||
|  | ||||
|     # ℹ️ Command-line programs to run using the OS shell. | ||||
|     # 📚 https://git.io/JvXDl | ||||
|  | ||||
|     # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines | ||||
|     #    and modify them (or add more) to build your code if your project | ||||
|     #    uses a compiled language | ||||
|  | ||||
|     #- run: | | ||||
|     #   make bootstrap | ||||
|     #   make release | ||||
|  | ||||
|     - name: Perform CodeQL Analysis | ||||
|       uses: github/codeql-action/analyze@v1 | ||||
							
								
								
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										4
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -7,8 +7,8 @@ out/ | ||||
| .idea/ | ||||
|  | ||||
| # Local dev config | ||||
| /ma1sd.yaml | ||||
| /mxids.yaml | ||||
| /application.yaml | ||||
|  | ||||
| # Local dev storage | ||||
| /ma1sd.db | ||||
| /mxids.db | ||||
|   | ||||
							
								
								
									
										40
									
								
								Dockerfile
									
									
									
									
									
								
							
							
						
						
									
										40
									
								
								Dockerfile
									
									
									
									
									
								
							| @@ -1,18 +1,36 @@ | ||||
| FROM openjdk:8-jre-alpine | ||||
| # Use a specific version of OpenJDK based on Debian ("bullseye" in this case) | ||||
| FROM --platform=$BUILDPLATFORM openjdk:21-jdk-bullseye AS builder | ||||
|  | ||||
| RUN apk update && apk add bash && rm -rf /var/lib/apk/* /var/cache/apk/* | ||||
| # Replace 'apk' commands with 'apt-get' for Debian-based package management. | ||||
| # Install required packages such as 'git' and 'gradle'. Remember to update and clean up properly. | ||||
| RUN apt-get update && \ | ||||
|     apt-get install -y gradle git && \ | ||||
|     rm -rf /var/lib/apt/lists/* | ||||
|  | ||||
| VOLUME /etc/ma1sd | ||||
| VOLUME /var/ma1sd | ||||
| WORKDIR /mxids | ||||
| COPY . . | ||||
| RUN ./gradlew shadowJar | ||||
|  | ||||
| # Second stage: Setup the runtime container | ||||
| FROM openjdk:21-jdk-bullseye | ||||
|  | ||||
| # Again, switch to 'apt-get' for installing 'bash'. Clean up to keep the image size down. | ||||
| RUN apt-get update && \ | ||||
|     apt-get install -y bash && \ | ||||
|     rm -rf /var/lib/apt/lists/* | ||||
|  | ||||
| VOLUME /etc/mxids | ||||
| VOLUME /var/mxids | ||||
| EXPOSE 8090 | ||||
|  | ||||
| ENV JAVA_OPTS="" | ||||
| ENV CONF_FILE_PATH="/etc/ma1sd/ma1sd.yaml" | ||||
| ENV SIGN_KEY_PATH="/var/ma1sd/sign.key" | ||||
| ENV SQLITE_DATABASE_PATH="/var/ma1sd/ma1sd.db" | ||||
| ENV CONF_FILE_PATH="/etc/mxids/mxids.yaml" | ||||
| ENV SIGN_KEY_PATH="/var/mxids/sign.key" | ||||
| ENV SQLITE_DATABASE_PATH="/var/mxids/mxids.db" | ||||
|  | ||||
| CMD [ "/start.sh" ] | ||||
| # It's usually a good practice to use 'COPY' instead of 'ADD' for local files unless you need the extra capabilities of 'ADD' (like auto-extracting tar files). | ||||
| COPY src/docker/start.sh /start.sh | ||||
| COPY src/script/mxids /app/mxids | ||||
| COPY --from=builder /mxids/build/libs/mxids.jar /app/mxids.jar | ||||
|  | ||||
| ADD src/docker/start.sh /start.sh | ||||
| ADD src/script/ma1sd /app/ma1sd | ||||
| ADD build/libs/ma1sd.jar /app/ma1sd.jar | ||||
| CMD ["/start.sh"] | ||||
|   | ||||
							
								
								
									
										16
									
								
								DockerfileX
									
									
									
									
									
								
							
							
						
						
									
										16
									
								
								DockerfileX
									
									
									
									
									
								
							| @@ -1,16 +1,16 @@ | ||||
| FROM --platform=$BUILDPLATFORM openjdk:11.0.7-jre-slim | ||||
| FROM --platform=$BUILDPLATFORM openjdk:11.0.16-jre-slim | ||||
|  | ||||
| VOLUME /etc/ma1sd | ||||
| VOLUME /var/ma1sd | ||||
| VOLUME /etc/mxids | ||||
| VOLUME /var/mxids | ||||
| EXPOSE 8090 | ||||
|  | ||||
| ENV JAVA_OPTS="" | ||||
| ENV CONF_FILE_PATH="/etc/ma1sd/ma1sd.yaml" | ||||
| ENV SIGN_KEY_PATH="/var/ma1sd/sign.key" | ||||
| ENV SQLITE_DATABASE_PATH="/var/ma1sd/ma1sd.db" | ||||
| ENV CONF_FILE_PATH="/etc/mxids/mxids.yaml" | ||||
| ENV SIGN_KEY_PATH="/var/mxids/sign.key" | ||||
| ENV SQLITE_DATABASE_PATH="/var/mxids/mxids.db" | ||||
|  | ||||
| CMD [ "/start.sh" ] | ||||
|  | ||||
| ADD src/docker/start.sh /start.sh | ||||
| ADD src/script/ma1sd /app/ma1sd | ||||
| ADD build/libs/ma1sd.jar /app/ma1sd.jar | ||||
| ADD src/script/mxids /app/mxids | ||||
| ADD build/libs/mxids.jar /app/mxids.jar | ||||
|   | ||||
							
								
								
									
										149
									
								
								build.gradle
									
									
									
									
									
								
							
							
						
						
									
										149
									
								
								build.gradle
									
									
									
									
									
								
							| @@ -1,5 +1,5 @@ | ||||
| /* | ||||
|  * ma1sd - Matrix Identity Server Daemon | ||||
|  * mxids - Matrix Identity Server | ||||
|  * Copyright (C) 2017 Kamax Sarl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
| @@ -20,22 +20,22 @@ | ||||
|  | ||||
| import java.util.regex.Pattern | ||||
|  | ||||
| apply plugin: 'java' | ||||
| apply plugin: 'java-library' | ||||
| apply plugin: 'application' | ||||
| apply plugin: 'com.github.johnrengelman.shadow' | ||||
| apply plugin: 'idea' | ||||
| apply plugin: 'com.github.ben-manes.versions' | ||||
|  | ||||
| def confFileName = "ma1sd.example.yaml" | ||||
| def confFileName = "mxids.example.yaml" | ||||
| def distDir = "${project.buildDir}/dist" | ||||
|  | ||||
| def debBinPath = "/usr/lib/ma1sd" | ||||
| def debConfPath = "/etc/ma1sd" | ||||
| def debDataPath = "/var/lib/ma1sd" | ||||
| def debBinPath = "/usr/lib/mxids" | ||||
| def debConfPath = "/etc/mxids" | ||||
| def debDataPath = "/var/lib/mxids" | ||||
| def debSystemdPath = "/etc/systemd/system" | ||||
|  | ||||
| def debConfFileName = confFileName | ||||
| def debStartScriptFilename = "ma1sd" | ||||
| def debStartScriptFilename = "mxids" | ||||
|  | ||||
| def debBuildBasePath = "${project.buildDir}/tmp/debian" | ||||
| def debBuildDebianPath = "${debBuildBasePath}/DEBIAN" | ||||
| @@ -44,18 +44,18 @@ def debBuildConfPath = "${debBuildBasePath}${debConfPath}" | ||||
| def debBuildDataPath = "${debBuildBasePath}${debDataPath}" | ||||
| def debBuildSystemdPath = "${debBuildBasePath}${debSystemdPath}" | ||||
|  | ||||
| def dockerImageName = "ma1uta/ma1sd" | ||||
| def dockerImageTag = "${dockerImageName}:${ma1sdVersion()}" | ||||
| def dockerImageName = "cqrenet/mxids" | ||||
| def dockerImageTag = "${dockerImageName}:${mxidsVersion()}" | ||||
|  | ||||
| group = 'io.kamax' | ||||
| mainClassName = 'io.kamax.mxisd.MxisdStandaloneExec' | ||||
| sourceCompatibility = '1.8' | ||||
| targetCompatibility = '1.8' | ||||
| sourceCompatibility = '11' | ||||
| targetCompatibility = '11' | ||||
|  | ||||
| String ma1sdVersion() { | ||||
| String mxidsVersion() { | ||||
|     def versionPattern = Pattern.compile("v(\\d+\\.)?(\\d+\\.)?(\\d+)(-.*)?") | ||||
|  | ||||
|     String version = System.getenv('MA1SD_BUILD_VERSION') | ||||
|     String version = System.getenv('MXIDS_BUILD_VERSION') | ||||
|     if (version == null || version.size() == 0) { | ||||
|         version = gitVersion() | ||||
|     } | ||||
| @@ -73,109 +73,114 @@ String gitVersion() { | ||||
|  | ||||
| buildscript { | ||||
|     repositories { | ||||
|         jcenter() | ||||
|         gradlePluginPortal() | ||||
|         mavenCentral() | ||||
|         google() | ||||
|     } | ||||
|  | ||||
|     dependencies { | ||||
|         classpath 'com.github.jengelman.gradle.plugins:shadow:5.1.0' | ||||
|         classpath 'com.github.ben-manes:gradle-versions-plugin:0.27.0' | ||||
|         classpath 'com.github.johnrengelman:shadow:8.1.1' | ||||
|         classpath 'com.github.ben-manes:gradle-versions-plugin:0.52.0' | ||||
|     } | ||||
| } | ||||
|  | ||||
| repositories { | ||||
|     jcenter() | ||||
|     mavenCentral() | ||||
| } | ||||
|  | ||||
| dependencies { | ||||
|     // Logging | ||||
|     compile 'org.slf4j:slf4j-simple:1.7.25' | ||||
|     api 'org.slf4j:slf4j-simple:2.0.13' | ||||
|  | ||||
|     // Easy file management | ||||
|     compile 'commons-io:commons-io:2.6' | ||||
|     api 'commons-io:commons-io:2.20.0' | ||||
|  | ||||
|     // Config management | ||||
|     compile 'org.yaml:snakeyaml:1.25' | ||||
|     api 'org.yaml:snakeyaml:1.33' | ||||
|  | ||||
|     // Dependencies from old Matrix-java-sdk | ||||
|     compile 'org.apache.commons:commons-lang3:3.9' | ||||
|     compile 'com.squareup.okhttp3:okhttp:4.2.2' | ||||
|     compile 'commons-codec:commons-codec:1.13' | ||||
|     api 'org.apache.commons:commons-lang3:3.18.0' | ||||
|     api 'com.squareup.okhttp3:okhttp:4.12.0' | ||||
|     api 'commons-codec:commons-codec:1.19.0' | ||||
|  | ||||
|     // ORMLite | ||||
|     compile 'com.j256.ormlite:ormlite-jdbc:5.1' | ||||
|     api 'com.j256.ormlite:ormlite-jdbc:6.1' | ||||
|  | ||||
|     // ed25519 handling | ||||
|     compile 'net.i2p.crypto:eddsa:0.3.0' | ||||
|     api 'net.i2p.crypto:eddsa:0.3.0' | ||||
|  | ||||
|     // LDAP connector | ||||
|     compile 'org.apache.directory.api:api-all:1.0.3' | ||||
|     api 'org.apache.directory.api:api-all:2.1.7' | ||||
|  | ||||
|     // DNS lookups | ||||
|     compile 'dnsjava:dnsjava:2.1.9' | ||||
|     api 'dnsjava:dnsjava:3.6.3' | ||||
|  | ||||
|     // HTTP connections | ||||
|     compile 'org.apache.httpcomponents:httpclient:4.5.10' | ||||
|     api 'org.apache.httpcomponents:httpclient:4.5.14' | ||||
|  | ||||
|     // Phone numbers validation | ||||
|     compile 'com.googlecode.libphonenumber:libphonenumber:8.10.22' | ||||
|     api 'com.googlecode.libphonenumber:libphonenumber:8.13.36' | ||||
|  | ||||
|     // E-mail sending | ||||
|     compile 'javax.mail:javax.mail-api:1.6.2' | ||||
|     compile 'com.sun.mail:javax.mail:1.6.2' | ||||
|     api 'javax.mail:javax.mail-api:1.6.2' | ||||
|     api 'com.sun.mail:javax.mail:1.6.2' | ||||
|  | ||||
|     // Google Firebase Authentication backend | ||||
|     compile 'com.google.firebase:firebase-admin:5.3.0' | ||||
|     api 'com.google.firebase:firebase-admin:9.2.0' | ||||
|  | ||||
|     // Connection Pool | ||||
|     compile 'com.mchange:c3p0:0.9.5.4' | ||||
|     api 'com.mchange:c3p0:0.11.2' | ||||
|  | ||||
|     // SQLite | ||||
|     compile 'org.xerial:sqlite-jdbc:3.28.0' | ||||
|     api 'org.xerial:sqlite-jdbc:3.50.3.0' | ||||
|  | ||||
|     // PostgreSQL | ||||
|     compile 'org.postgresql:postgresql:42.2.8' | ||||
|     api 'org.postgresql:postgresql:42.7.7' | ||||
|  | ||||
|     // MariaDB/MySQL | ||||
|     compile 'org.mariadb.jdbc:mariadb-java-client:2.5.1' | ||||
|     api 'org.mariadb.jdbc:mariadb-java-client:3.5.6' | ||||
|  | ||||
|     // UNIX sockets | ||||
|     api 'com.kohlschutter.junixsocket:junixsocket-core:2.9.1' | ||||
|  | ||||
|     // Twilio SDK for SMS | ||||
|     compile 'com.twilio.sdk:twilio:7.45.0' | ||||
|     api 'com.twilio.sdk:twilio:10.9.2' | ||||
|  | ||||
|     // SendGrid SDK to send emails from GCE | ||||
|     compile 'com.sendgrid:sendgrid-java:2.2.2' | ||||
|     api 'com.sendgrid:sendgrid-java:4.10.2' | ||||
|  | ||||
|     // ZT-Exec for exec identity store | ||||
|     compile 'org.zeroturnaround:zt-exec:1.11' | ||||
|     api 'org.zeroturnaround:zt-exec:1.12' | ||||
|  | ||||
|     // HTTP server | ||||
|     compile 'io.undertow:undertow-core:2.0.27.Final' | ||||
|     api 'io.undertow:undertow-core:2.3.13.Final' | ||||
|  | ||||
|     // Command parser for AS interface | ||||
|     implementation 'commons-cli:commons-cli:1.4' | ||||
|     api 'commons-cli:commons-cli:1.10.0' | ||||
|  | ||||
|     testCompile 'junit:junit:4.13-rc-1' | ||||
|     testCompile 'com.github.tomakehurst:wiremock:2.25.1' | ||||
|     testCompile 'com.unboundid:unboundid-ldapsdk:4.0.12' | ||||
|     testCompile 'com.icegreen:greenmail:1.5.11' | ||||
|     testImplementation 'junit:junit:4.13.2' | ||||
|     testImplementation 'com.github.tomakehurst:wiremock:3.0.1' | ||||
|     testImplementation 'com.unboundid:unboundid-ldapsdk:7.0.0' | ||||
|     testImplementation 'com.icegreen:greenmail:1.6.15' | ||||
| } | ||||
|  | ||||
| jar { | ||||
|     manifest { | ||||
|         attributes( | ||||
|                 'Implementation-Version': ma1sdVersion() | ||||
|                 'Implementation-Version': mxidsVersion() | ||||
|         ) | ||||
|     } | ||||
| } | ||||
|  | ||||
| shadowJar { | ||||
|     baseName = project.name | ||||
|     classifier = null | ||||
|     version = null | ||||
|     archiveBaseName.set(project.name) | ||||
|     archiveClassifier.set('') // Set to an empty string if you don't need a classifier. | ||||
|     archiveVersion.set('') // Set to an empty string if you don't want the version in the jar name. | ||||
| } | ||||
|  | ||||
| task debBuild(dependsOn: shadowJar) { | ||||
|     doLast { | ||||
|         String debVersion = ma1sdVersion() | ||||
|         String debVersion = mxidsVersion() | ||||
|         println "Version for package: ${debVersion}" | ||||
|         mkdir distDir | ||||
|         mkdir debBuildBasePath | ||||
| @@ -186,7 +191,7 @@ task debBuild(dependsOn: shadowJar) { | ||||
|         mkdir debBuildSystemdPath | ||||
|  | ||||
|         copy { | ||||
|             from "${project.buildDir}/libs/ma1sd.jar" | ||||
|             from "${project.buildDir}/libs/mxids.jar" | ||||
|             into debBuildBinPath | ||||
|         } | ||||
|  | ||||
| @@ -234,12 +239,12 @@ task debBuild(dependsOn: shadowJar) { | ||||
|         ant.replace( | ||||
|                 file: "${debBuildDebianPath}/postinst", | ||||
|                 token: '%DEB_CONF_FILE%', | ||||
|                 value: "${debConfPath}/ma1sd.yaml" | ||||
|                 value: "${debConfPath}/mxids.yaml" | ||||
|         ) | ||||
|  | ||||
|         ant.chmod( | ||||
|                 file: "${debBuildDebianPath}/postinst", | ||||
|                 perm: 'a+x' | ||||
|                 perm: '0755' | ||||
|         ) | ||||
|  | ||||
|         ant.chmod( | ||||
| @@ -248,7 +253,7 @@ task debBuild(dependsOn: shadowJar) { | ||||
|         ) | ||||
|  | ||||
|         copy { | ||||
|             from "${project.file('src/systemd/ma1sd.service')}" | ||||
|             from "${project.file('src/systemd/mxids.service')}" | ||||
|             into debBuildSystemdPath | ||||
|         } | ||||
|  | ||||
| @@ -264,7 +269,7 @@ task debBuild(dependsOn: shadowJar) { | ||||
|     } | ||||
| } | ||||
|  | ||||
| task dockerBuild(type: Exec, dependsOn: shadowJar) { | ||||
| task dockerBuild(type: Exec) { | ||||
|     commandLine 'docker', 'build', '-t', dockerImageTag, project.rootDir | ||||
|  | ||||
|     doLast { | ||||
| @@ -275,22 +280,10 @@ task dockerBuild(type: Exec, dependsOn: shadowJar) { | ||||
| } | ||||
|  | ||||
| task dockerBuildX(type: Exec, dependsOn: shadowJar) { | ||||
|     commandLine 'docker', 'buildx', 'build', '--load', '--platform', 'linux/arm64', '-t', dockerImageTag + '-arm64', project.rootDir | ||||
|     commandLine 'docker', 'buildx', 'build', '--push', '--platform', 'linux/arm64,linux/amd64,linux/arm/v7', '-t', dockerImageTag , project.rootDir | ||||
|     doLast { | ||||
|         exec { | ||||
|             commandLine 'docker', 'buildx', 'build', '--load', '--platform', 'linux/amd64', '-t', dockerImageTag + '-amd64', project.rootDir | ||||
|         } | ||||
|  | ||||
|         exec { | ||||
|             commandLine 'docker', 'tag', dockerImageTag + '-arm64', "${dockerImageName}:latest-arm64-dev" | ||||
|         } | ||||
|  | ||||
|         exec { | ||||
|             commandLine 'docker', 'tag', dockerImageTag + '-amd64', "${dockerImageName}:latest-amd64-dev" | ||||
|         } | ||||
|  | ||||
|         exec { | ||||
|             commandLine 'docker', 'tag', dockerImageTag + '-amd64', "${dockerImageName}:latest-dev" | ||||
|             commandLine 'docker', 'buildx', 'build', '--push', '--platform', 'linux/arm64,linux/amd64,linux/arm/v7', '-t', "${dockerImageName}:latest-dev", project.rootDir | ||||
|         } | ||||
|     } | ||||
| } | ||||
| @@ -316,3 +309,21 @@ task dockerPushX(type: Exec) { | ||||
|         } | ||||
|     } | ||||
| } | ||||
|  | ||||
| tasks.named('assemble').configure { | ||||
|     dependsOn shadowJar | ||||
| } | ||||
|  | ||||
| tasks.withType(AbstractArchiveTask) { | ||||
|     if (it.name == 'distZip' || it.name == 'distTar') { | ||||
|         dependsOn shadowJar | ||||
|     } | ||||
| } | ||||
|  | ||||
| tasks.named('startScripts').configure { | ||||
|     mustRunAfter shadowJar | ||||
| } | ||||
|  | ||||
| tasks.named('startShadowScripts').configure { | ||||
|     dependsOn jar | ||||
| } | ||||
|   | ||||
| @@ -16,7 +16,7 @@ TCP 443 | ||||
|           +<---------------------------------<+ | ||||
|           | | ||||
|           |   +-------------------+ | ||||
|  TCP 8090 +-> | ma1sd             | | ||||
|  TCP 8090 +-> | mxids             | | ||||
|               |                   | | ||||
|               | - Profile's 3PIDs | | ||||
|               | - 3PID Invites    | | ||||
|   | ||||
| @@ -1,10 +1,12 @@ | ||||
| # From source | ||||
| - [Binaries](#binaries) | ||||
| - [From source](#from-source) | ||||
|   - [Binaries](#binaries) | ||||
|     - [Requirements](#requirements) | ||||
|     - [Build](#build) | ||||
| - [Debian package](#debian-package) | ||||
| - [Docker image](#docker-image) | ||||
| - [Next steps](#next-steps) | ||||
|   - [Debian package](#debian-package) | ||||
|   - [Docker image](#docker-image) | ||||
|     - [Multi-platform builds](#multi-platform-builds) | ||||
|   - [Next steps](#next-steps) | ||||
|  | ||||
| ## Binaries | ||||
| ### Requirements | ||||
| @@ -19,7 +21,7 @@ cd ma1sd | ||||
| ./gradlew build | ||||
| ``` | ||||
|  | ||||
| Create a new configuration file by coping `ma1sd.example.yaml` to `ma1sd.yaml` and edit to your needs.   | ||||
| Create a new configuration file by coping `mxids.example.yaml` to `mxids.yaml` and edit to your needs.   | ||||
| For advanced configuration, see the [Configure section](configure.md). | ||||
|  | ||||
| Start the server in foreground to validate the build and configuration: | ||||
|   | ||||
| @@ -56,8 +56,7 @@ Accounts cannot currently migrate/move from one server to another. | ||||
| See a [brief explanation document](concepts.md) about Matrix and ma1sd concepts and vocabulary. | ||||
|  | ||||
| ### I already use the synapse LDAP3 auth provider. Why should I care about ma1sd? | ||||
| The [synapse LDAP3 auth provider](https://github.com/matrix-org/matrix-synapse-ldap3) is not longer maintained despite | ||||
| saying so and only handles on specific flow: validate credentials at login. | ||||
| The [synapse LDAP3 auth provider](https://github.com/matrix-org/matrix-synapse-ldap3) only handles one specific flow: validate credentials at login. | ||||
|  | ||||
| It does not: | ||||
| - Auto-provision user profiles | ||||
|   | ||||
| @@ -121,15 +121,13 @@ server { | ||||
| } | ||||
| ``` | ||||
|  | ||||
| ### Synapse | ||||
| ### Synapse (Deprecated with synapse v1.4.0) | ||||
| Add your ma1sd domain into the `homeserver.yaml` at `trusted_third_party_id_servers` and restart synapse.   | ||||
| In a typical configuration, you would end up with something similar to: | ||||
| ```yaml | ||||
| trusted_third_party_id_servers: | ||||
|     - matrix.example.org | ||||
| ``` | ||||
| It is **highly recommended** to remove `matrix.org` and `vector.im` (or any other default entry) from your configuration | ||||
| so only your own Identity server is authoritative for your HS. | ||||
|  | ||||
| ## Validate (Under reconstruction) | ||||
| **NOTE:** In case your homeserver has no working federation, step 5 will not happen. If step 4 took place, consider | ||||
|   | ||||
| @@ -1,7 +1,10 @@ | ||||
| # Operations Guide | ||||
| - [Overview](#overview) | ||||
| - [Maintenance](#maintenance) | ||||
| - [Backuo](#backup) | ||||
| - [Operations Guide](#operations-guide) | ||||
|   - [Overview](#overview) | ||||
|   - [Maintenance](#maintenance) | ||||
|   - [Backup](#backup) | ||||
|     - [Run](#run) | ||||
|     - [Restore](#restore) | ||||
|  | ||||
| ## Overview | ||||
| This document gives various information for the day-to-day management and operations of ma1sd. | ||||
|   | ||||
							
								
								
									
										
											BIN
										
									
								
								gradle/wrapper/gradle-wrapper.jar
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										
											BIN
										
									
								
								gradle/wrapper/gradle-wrapper.jar
									
									
									
									
										vendored
									
									
								
							
										
											Binary file not shown.
										
									
								
							
							
								
								
									
										7
									
								
								gradle/wrapper/gradle-wrapper.properties
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										7
									
								
								gradle/wrapper/gradle-wrapper.properties
									
									
									
									
										vendored
									
									
								
							| @@ -1,6 +1,7 @@ | ||||
| #Thu Dec 05 22:39:36 MSK 2019 | ||||
| distributionUrl=https\://services.gradle.org/distributions/gradle-6.0-all.zip | ||||
| distributionBase=GRADLE_USER_HOME | ||||
| distributionPath=wrapper/dists | ||||
| zipStorePath=wrapper/dists | ||||
| distributionUrl=https\://services.gradle.org/distributions/gradle-8.14.3-all.zip | ||||
| networkTimeout=10000 | ||||
| validateDistributionUrl=true | ||||
| zipStoreBase=GRADLE_USER_HOME | ||||
| zipStorePath=wrapper/dists | ||||
|   | ||||
							
								
								
									
										299
									
								
								gradlew
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										299
									
								
								gradlew
									
									
									
									
										vendored
									
									
								
							| @@ -1,7 +1,7 @@ | ||||
| #!/usr/bin/env sh | ||||
| #!/bin/sh | ||||
|  | ||||
| # | ||||
| # Copyright 2015 the original author or authors. | ||||
| # Copyright © 2015-2021 the original authors. | ||||
| # | ||||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||||
| # you may not use this file except in compliance with the License. | ||||
| @@ -15,80 +15,115 @@ | ||||
| # See the License for the specific language governing permissions and | ||||
| # limitations under the License. | ||||
| # | ||||
| # SPDX-License-Identifier: Apache-2.0 | ||||
| # | ||||
|  | ||||
| ############################################################################## | ||||
| ## | ||||
| ##  Gradle start up script for UN*X | ||||
| ## | ||||
| # | ||||
| #   Gradle start up script for POSIX generated by Gradle. | ||||
| # | ||||
| #   Important for running: | ||||
| # | ||||
| #   (1) You need a POSIX-compliant shell to run this script. If your /bin/sh is | ||||
| #       noncompliant, but you have some other compliant shell such as ksh or | ||||
| #       bash, then to run this script, type that shell name before the whole | ||||
| #       command line, like: | ||||
| # | ||||
| #           ksh Gradle | ||||
| # | ||||
| #       Busybox and similar reduced shells will NOT work, because this script | ||||
| #       requires all of these POSIX shell features: | ||||
| #         * functions; | ||||
| #         * expansions «$var», «${var}», «${var:-default}», «${var+SET}», | ||||
| #           «${var#prefix}», «${var%suffix}», and «$( cmd )»; | ||||
| #         * compound commands having a testable exit status, especially «case»; | ||||
| #         * various built-in commands including «command», «set», and «ulimit». | ||||
| # | ||||
| #   Important for patching: | ||||
| # | ||||
| #   (2) This script targets any POSIX shell, so it avoids extensions provided | ||||
| #       by Bash, Ksh, etc; in particular arrays are avoided. | ||||
| # | ||||
| #       The "traditional" practice of packing multiple parameters into a | ||||
| #       space-separated string is a well documented source of bugs and security | ||||
| #       problems, so this is (mostly) avoided, by progressively accumulating | ||||
| #       options in "$@", and eventually passing that to Java. | ||||
| # | ||||
| #       Where the inherited environment variables (DEFAULT_JVM_OPTS, JAVA_OPTS, | ||||
| #       and GRADLE_OPTS) rely on word-splitting, this is performed explicitly; | ||||
| #       see the in-line comments for details. | ||||
| # | ||||
| #       There are tweaks for specific operating systems such as AIX, CygWin, | ||||
| #       Darwin, MinGW, and NonStop. | ||||
| # | ||||
| #   (3) This script is generated from the Groovy template | ||||
| #       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt | ||||
| #       within the Gradle project. | ||||
| # | ||||
| #       You can find Gradle at https://github.com/gradle/gradle/. | ||||
| # | ||||
| ############################################################################## | ||||
|  | ||||
| # Attempt to set APP_HOME | ||||
|  | ||||
| # Resolve links: $0 may be a link | ||||
| PRG="$0" | ||||
| # Need this for relative symlinks. | ||||
| while [ -h "$PRG" ] ; do | ||||
|     ls=`ls -ld "$PRG"` | ||||
|     link=`expr "$ls" : '.*-> \(.*\)$'` | ||||
|     if expr "$link" : '/.*' > /dev/null; then | ||||
|         PRG="$link" | ||||
|     else | ||||
|         PRG=`dirname "$PRG"`"/$link" | ||||
|     fi | ||||
| app_path=$0 | ||||
|  | ||||
| # Need this for daisy-chained symlinks. | ||||
| while | ||||
|     APP_HOME=${app_path%"${app_path##*/}"}  # leaves a trailing /; empty if no leading path | ||||
|     [ -h "$app_path" ] | ||||
| do | ||||
|     ls=$( ls -ld "$app_path" ) | ||||
|     link=${ls#*' -> '} | ||||
|     case $link in             #( | ||||
|       /*)   app_path=$link ;; #( | ||||
|       *)    app_path=$APP_HOME$link ;; | ||||
|     esac | ||||
| done | ||||
| SAVED="`pwd`" | ||||
| cd "`dirname \"$PRG\"`/" >/dev/null | ||||
| APP_HOME="`pwd -P`" | ||||
| cd "$SAVED" >/dev/null | ||||
|  | ||||
| APP_NAME="Gradle" | ||||
| APP_BASE_NAME=`basename "$0"` | ||||
|  | ||||
| # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. | ||||
| DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' | ||||
| # This is normally unused | ||||
| # shellcheck disable=SC2034 | ||||
| APP_BASE_NAME=${0##*/} | ||||
| # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036) | ||||
| APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit | ||||
|  | ||||
| # Use the maximum available, or set MAX_FD != -1 to use that value. | ||||
| MAX_FD="maximum" | ||||
| MAX_FD=maximum | ||||
|  | ||||
| warn () { | ||||
|     echo "$*" | ||||
| } | ||||
| } >&2 | ||||
|  | ||||
| die () { | ||||
|     echo | ||||
|     echo "$*" | ||||
|     echo | ||||
|     exit 1 | ||||
| } | ||||
| } >&2 | ||||
|  | ||||
| # OS specific support (must be 'true' or 'false'). | ||||
| cygwin=false | ||||
| msys=false | ||||
| darwin=false | ||||
| nonstop=false | ||||
| case "`uname`" in | ||||
|   CYGWIN* ) | ||||
|     cygwin=true | ||||
|     ;; | ||||
|   Darwin* ) | ||||
|     darwin=true | ||||
|     ;; | ||||
|   MINGW* ) | ||||
|     msys=true | ||||
|     ;; | ||||
|   NONSTOP* ) | ||||
|     nonstop=true | ||||
|     ;; | ||||
| case "$( uname )" in                #( | ||||
|   CYGWIN* )         cygwin=true  ;; #( | ||||
|   Darwin* )         darwin=true  ;; #( | ||||
|   MSYS* | MINGW* )  msys=true    ;; #( | ||||
|   NONSTOP* )        nonstop=true ;; | ||||
| esac | ||||
|  | ||||
| CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar | ||||
| CLASSPATH="\\\"\\\"" | ||||
|  | ||||
|  | ||||
| # Determine the Java command to use to start the JVM. | ||||
| if [ -n "$JAVA_HOME" ] ; then | ||||
|     if [ -x "$JAVA_HOME/jre/sh/java" ] ; then | ||||
|         # IBM's JDK on AIX uses strange locations for the executables | ||||
|         JAVACMD="$JAVA_HOME/jre/sh/java" | ||||
|         JAVACMD=$JAVA_HOME/jre/sh/java | ||||
|     else | ||||
|         JAVACMD="$JAVA_HOME/bin/java" | ||||
|         JAVACMD=$JAVA_HOME/bin/java | ||||
|     fi | ||||
|     if [ ! -x "$JAVACMD" ] ; then | ||||
|         die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME | ||||
| @@ -97,92 +132,120 @@ Please set the JAVA_HOME variable in your environment to match the | ||||
| location of your Java installation." | ||||
|     fi | ||||
| else | ||||
|     JAVACMD="java" | ||||
|     which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. | ||||
|     JAVACMD=java | ||||
|     if ! command -v java >/dev/null 2>&1 | ||||
|     then | ||||
|         die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. | ||||
|  | ||||
| Please set the JAVA_HOME variable in your environment to match the | ||||
| location of your Java installation." | ||||
|     fi | ||||
| fi | ||||
|  | ||||
| # Increase the maximum file descriptors if we can. | ||||
| if [ "$cygwin" = "false" -a "$darwin" = "false" -a "$nonstop" = "false" ] ; then | ||||
|     MAX_FD_LIMIT=`ulimit -H -n` | ||||
|     if [ $? -eq 0 ] ; then | ||||
|         if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then | ||||
|             MAX_FD="$MAX_FD_LIMIT" | ||||
|         fi | ||||
|         ulimit -n $MAX_FD | ||||
|         if [ $? -ne 0 ] ; then | ||||
|             warn "Could not set maximum file descriptor limit: $MAX_FD" | ||||
|         fi | ||||
|     else | ||||
|         warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT" | ||||
|     fi | ||||
| fi | ||||
|  | ||||
| # For Darwin, add options to specify how the application appears in the dock | ||||
| if $darwin; then | ||||
|     GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\"" | ||||
| fi | ||||
|  | ||||
| # For Cygwin or MSYS, switch paths to Windows format before running java | ||||
| if [ "$cygwin" = "true" -o "$msys" = "true" ] ; then | ||||
|     APP_HOME=`cygpath --path --mixed "$APP_HOME"` | ||||
|     CLASSPATH=`cygpath --path --mixed "$CLASSPATH"` | ||||
|     JAVACMD=`cygpath --unix "$JAVACMD"` | ||||
|  | ||||
|     # We build the pattern for arguments to be converted via cygpath | ||||
|     ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null` | ||||
|     SEP="" | ||||
|     for dir in $ROOTDIRSRAW ; do | ||||
|         ROOTDIRS="$ROOTDIRS$SEP$dir" | ||||
|         SEP="|" | ||||
|     done | ||||
|     OURCYGPATTERN="(^($ROOTDIRS))" | ||||
|     # Add a user-defined pattern to the cygpath arguments | ||||
|     if [ "$GRADLE_CYGPATTERN" != "" ] ; then | ||||
|         OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)" | ||||
|     fi | ||||
|     # Now convert the arguments - kludge to limit ourselves to /bin/sh | ||||
|     i=0 | ||||
|     for arg in "$@" ; do | ||||
|         CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -` | ||||
|         CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option | ||||
|  | ||||
|         if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition | ||||
|             eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"` | ||||
|         else | ||||
|             eval `echo args$i`="\"$arg\"" | ||||
|         fi | ||||
|         i=$((i+1)) | ||||
|     done | ||||
|     case $i in | ||||
|         (0) set -- ;; | ||||
|         (1) set -- "$args0" ;; | ||||
|         (2) set -- "$args0" "$args1" ;; | ||||
|         (3) set -- "$args0" "$args1" "$args2" ;; | ||||
|         (4) set -- "$args0" "$args1" "$args2" "$args3" ;; | ||||
|         (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;; | ||||
|         (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;; | ||||
|         (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;; | ||||
|         (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;; | ||||
|         (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;; | ||||
| if ! "$cygwin" && ! "$darwin" && ! "$nonstop" ; then | ||||
|     case $MAX_FD in #( | ||||
|       max*) | ||||
|         # In POSIX sh, ulimit -H is undefined. That's why the result is checked to see if it worked. | ||||
|         # shellcheck disable=SC2039,SC3045 | ||||
|         MAX_FD=$( ulimit -H -n ) || | ||||
|             warn "Could not query maximum file descriptor limit" | ||||
|     esac | ||||
|     case $MAX_FD in  #( | ||||
|       '' | soft) :;; #( | ||||
|       *) | ||||
|         # In POSIX sh, ulimit -n is undefined. That's why the result is checked to see if it worked. | ||||
|         # shellcheck disable=SC2039,SC3045 | ||||
|         ulimit -n "$MAX_FD" || | ||||
|             warn "Could not set maximum file descriptor limit to $MAX_FD" | ||||
|     esac | ||||
| fi | ||||
|  | ||||
| # Escape application args | ||||
| save () { | ||||
|     for i do printf %s\\n "$i" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/' \\\\/" ; done | ||||
|     echo " " | ||||
| } | ||||
| APP_ARGS=$(save "$@") | ||||
| # Collect all arguments for the java command, stacking in reverse order: | ||||
| #   * args from the command line | ||||
| #   * the main class name | ||||
| #   * -classpath | ||||
| #   * -D...appname settings | ||||
| #   * --module-path (only if needed) | ||||
| #   * DEFAULT_JVM_OPTS, JAVA_OPTS, and GRADLE_OPTS environment variables. | ||||
|  | ||||
| # Collect all arguments for the java command, following the shell quoting and substitution rules | ||||
| eval set -- $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS "\"-Dorg.gradle.appname=$APP_BASE_NAME\"" -classpath "\"$CLASSPATH\"" org.gradle.wrapper.GradleWrapperMain "$APP_ARGS" | ||||
| # For Cygwin or MSYS, switch paths to Windows format before running java | ||||
| if "$cygwin" || "$msys" ; then | ||||
|     APP_HOME=$( cygpath --path --mixed "$APP_HOME" ) | ||||
|     CLASSPATH=$( cygpath --path --mixed "$CLASSPATH" ) | ||||
|  | ||||
| # by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong | ||||
| if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then | ||||
|   cd "$(dirname "$0")" | ||||
|     JAVACMD=$( cygpath --unix "$JAVACMD" ) | ||||
|  | ||||
|     # Now convert the arguments - kludge to limit ourselves to /bin/sh | ||||
|     for arg do | ||||
|         if | ||||
|             case $arg in                                #( | ||||
|               -*)   false ;;                            # don't mess with options #( | ||||
|               /?*)  t=${arg#/} t=/${t%%/*}              # looks like a POSIX filepath | ||||
|                     [ -e "$t" ] ;;                      #( | ||||
|               *)    false ;; | ||||
|             esac | ||||
|         then | ||||
|             arg=$( cygpath --path --ignore --mixed "$arg" ) | ||||
|         fi | ||||
|         # Roll the args list around exactly as many times as the number of | ||||
|         # args, so each arg winds up back in the position where it started, but | ||||
|         # possibly modified. | ||||
|         # | ||||
|         # NB: a `for` loop captures its iteration list before it begins, so | ||||
|         # changing the positional parameters here affects neither the number of | ||||
|         # iterations, nor the values presented in `arg`. | ||||
|         shift                   # remove old arg | ||||
|         set -- "$@" "$arg"      # push replacement arg | ||||
|     done | ||||
| fi | ||||
|  | ||||
|  | ||||
| # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. | ||||
| DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' | ||||
|  | ||||
| # Collect all arguments for the java command: | ||||
| #   * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, | ||||
| #     and any embedded shellness will be escaped. | ||||
| #   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be | ||||
| #     treated as '${Hostname}' itself on the command line. | ||||
|  | ||||
| set -- \ | ||||
|         "-Dorg.gradle.appname=$APP_BASE_NAME" \ | ||||
|         -classpath "$CLASSPATH" \ | ||||
|         -jar "$APP_HOME/gradle/wrapper/gradle-wrapper.jar" \ | ||||
|         "$@" | ||||
|  | ||||
| # Stop when "xargs" is not available. | ||||
| if ! command -v xargs >/dev/null 2>&1 | ||||
| then | ||||
|     die "xargs is not available" | ||||
| fi | ||||
|  | ||||
| # Use "xargs" to parse quoted args. | ||||
| # | ||||
| # With -n1 it outputs one arg per line, with the quotes and backslashes removed. | ||||
| # | ||||
| # In Bash we could simply go: | ||||
| # | ||||
| #   readarray ARGS < <( xargs -n1 <<<"$var" ) && | ||||
| #   set -- "${ARGS[@]}" "$@" | ||||
| # | ||||
| # but POSIX shell has neither arrays nor command substitution, so instead we | ||||
| # post-process each arg (as a line of input to sed) to backslash-escape any | ||||
| # character that might be a shell metacharacter, then use eval to reverse | ||||
| # that process (while maintaining the separation between arguments), and wrap | ||||
| # the whole thing up as a single "set" statement. | ||||
| # | ||||
| # This will of course break if any of these variables contains a newline or | ||||
| # an unmatched quote. | ||||
| # | ||||
|  | ||||
| eval "set -- $( | ||||
|         printf '%s\n' "$DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS" | | ||||
|         xargs -n1 | | ||||
|         sed ' s~[^-[:alnum:]+,./:=@_]~\\&~g; ' | | ||||
|         tr '\n' ' ' | ||||
|     )" '"$@"' | ||||
|  | ||||
| exec "$JAVACMD" "$@" | ||||
|   | ||||
							
								
								
									
										62
									
								
								gradlew.bat
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										62
									
								
								gradlew.bat
									
									
									
									
										vendored
									
									
								
							| @@ -13,8 +13,10 @@ | ||||
| @rem See the License for the specific language governing permissions and | ||||
| @rem limitations under the License. | ||||
| @rem | ||||
| @rem SPDX-License-Identifier: Apache-2.0 | ||||
| @rem | ||||
|  | ||||
| @if "%DEBUG%" == "" @echo off | ||||
| @if "%DEBUG%"=="" @echo off | ||||
| @rem ########################################################################## | ||||
| @rem | ||||
| @rem  Gradle startup script for Windows | ||||
| @@ -25,10 +27,14 @@ | ||||
| if "%OS%"=="Windows_NT" setlocal | ||||
|  | ||||
| set DIRNAME=%~dp0 | ||||
| if "%DIRNAME%" == "" set DIRNAME=. | ||||
| if "%DIRNAME%"=="" set DIRNAME=. | ||||
| @rem This is normally unused | ||||
| set APP_BASE_NAME=%~n0 | ||||
| set APP_HOME=%DIRNAME% | ||||
|  | ||||
| @rem Resolve any "." and ".." in APP_HOME to make it shorter. | ||||
| for %%i in ("%APP_HOME%") do set APP_HOME=%%~fi | ||||
|  | ||||
| @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script. | ||||
| set DEFAULT_JVM_OPTS="-Xmx64m" "-Xms64m" | ||||
|  | ||||
| @@ -37,13 +43,13 @@ if defined JAVA_HOME goto findJavaFromJavaHome | ||||
|  | ||||
| set JAVA_EXE=java.exe | ||||
| %JAVA_EXE% -version >NUL 2>&1 | ||||
| if "%ERRORLEVEL%" == "0" goto init | ||||
| if %ERRORLEVEL% equ 0 goto execute | ||||
|  | ||||
| echo. | ||||
| echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. | ||||
| echo. | ||||
| echo Please set the JAVA_HOME variable in your environment to match the | ||||
| echo location of your Java installation. | ||||
| echo. 1>&2 | ||||
| echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH. 1>&2 | ||||
| echo. 1>&2 | ||||
| echo Please set the JAVA_HOME variable in your environment to match the 1>&2 | ||||
| echo location of your Java installation. 1>&2 | ||||
|  | ||||
| goto fail | ||||
|  | ||||
| @@ -51,48 +57,36 @@ goto fail | ||||
| set JAVA_HOME=%JAVA_HOME:"=% | ||||
| set JAVA_EXE=%JAVA_HOME%/bin/java.exe | ||||
|  | ||||
| if exist "%JAVA_EXE%" goto init | ||||
| if exist "%JAVA_EXE%" goto execute | ||||
|  | ||||
| echo. | ||||
| echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% | ||||
| echo. | ||||
| echo Please set the JAVA_HOME variable in your environment to match the | ||||
| echo location of your Java installation. | ||||
| echo. 1>&2 | ||||
| echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME% 1>&2 | ||||
| echo. 1>&2 | ||||
| echo Please set the JAVA_HOME variable in your environment to match the 1>&2 | ||||
| echo location of your Java installation. 1>&2 | ||||
|  | ||||
| goto fail | ||||
|  | ||||
| :init | ||||
| @rem Get command-line arguments, handling Windows variants | ||||
|  | ||||
| if not "%OS%" == "Windows_NT" goto win9xME_args | ||||
|  | ||||
| :win9xME_args | ||||
| @rem Slurp the command line arguments. | ||||
| set CMD_LINE_ARGS= | ||||
| set _SKIP=2 | ||||
|  | ||||
| :win9xME_args_slurp | ||||
| if "x%~1" == "x" goto execute | ||||
|  | ||||
| set CMD_LINE_ARGS=%* | ||||
|  | ||||
| :execute | ||||
| @rem Setup the command line | ||||
|  | ||||
| set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar | ||||
| set CLASSPATH= | ||||
|  | ||||
|  | ||||
| @rem Execute Gradle | ||||
| "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS% | ||||
| "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" -jar "%APP_HOME%\gradle\wrapper\gradle-wrapper.jar" %* | ||||
|  | ||||
| :end | ||||
| @rem End local scope for the variables with windows NT shell | ||||
| if "%ERRORLEVEL%"=="0" goto mainEnd | ||||
| if %ERRORLEVEL% equ 0 goto mainEnd | ||||
|  | ||||
| :fail | ||||
| rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of | ||||
| rem the _cmd.exe /c_ return code! | ||||
| if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1 | ||||
| exit /b 1 | ||||
| set EXIT_CODE=%ERRORLEVEL% | ||||
| if %EXIT_CODE% equ 0 set EXIT_CODE=1 | ||||
| if not ""=="%GRADLE_EXIT_CONSOLE%" exit %EXIT_CODE% | ||||
| exit /b %EXIT_CODE% | ||||
|  | ||||
| :mainEnd | ||||
| if "%OS%"=="Windows_NT" endlocal | ||||
|   | ||||
| @@ -21,7 +21,7 @@ | ||||
| # | ||||
| matrix: | ||||
|   domain: '' | ||||
|   v1: true   # deprecated | ||||
|   v1: false   # deprecated | ||||
|   v2: true   # MSC2140 API v2. Riot require enabled V2 API. | ||||
| 
 | ||||
| 
 | ||||
| @@ -32,11 +32,11 @@ matrix: | ||||
| # /!\ THIS MUST **NOT** BE YOUR HOMESERVER KEYS FILE /!\ | ||||
| # If this path does not exist, it will be auto-generated. | ||||
| # | ||||
| # During testing, /var/tmp/ma1sd/keys is a possible value | ||||
| # During testing, /var/tmp/mxids/keys is a possible value | ||||
| # For production, recommended location shall be one of the following: | ||||
| #   - /var/lib/ma1sd/keys | ||||
| #   - /var/opt/ma1sd/keys | ||||
| #   - /var/local/ma1sd/keys | ||||
| #   - /var/lib/mxids/keys | ||||
| #   - /var/opt/mxids/keys | ||||
| #   - /var/local/mxids/keys | ||||
| # | ||||
| key: | ||||
|   path: '' | ||||
| @@ -46,20 +46,20 @@ key: | ||||
| # /!\ THIS MUST **NOT** BE YOUR HOMESERVER DATABASE /!\ | ||||
| # | ||||
| # Examples: | ||||
| #  - /var/opt/ma1sd/store.db | ||||
| #  - /var/local/ma1sd/store.db | ||||
| #  - /var/lib/ma1sd/store.db | ||||
| #  - /var/opt/mxids/store.db | ||||
| #  - /var/local/mxids/store.db | ||||
| #  - /var/lib/mxids/store.db | ||||
| # | ||||
| storage: | ||||
| # backend: sqlite # or postgresql | ||||
|   provider: | ||||
|     sqlite: | ||||
|       database: '/path/to/ma1sd.db' | ||||
|       database: '/path/to/mxids.db' | ||||
| #    postgresql: | ||||
| #      # Wrap all string values with quotes to avoid yaml parsing mistakes | ||||
| #      database: '//localhost/ma1sd' # or full variant //192.168.1.100:5432/ma1sd_database | ||||
| #      username: 'ma1sd_user' | ||||
| #      password: 'ma1sd_password' | ||||
| #      database: '//localhost/mxids' # or full variant //192.168.1.100:5432/mxids_database | ||||
| #      username: 'mxids_user' | ||||
| #      password: 'mxids_password' | ||||
| # | ||||
| #      # Pool configuration for postgresql backend. | ||||
| #      ####### | ||||
| @@ -165,6 +165,8 @@ threepid: | ||||
| # ldap: | ||||
| #   enabled: true | ||||
| #   lookup: true # hash lookup | ||||
| #   activeDirectory: false | ||||
| #   defaultDomain: '' | ||||
| #   connection: | ||||
| #     host: 'ldap.domain.tld' | ||||
| #     port: 389 | ||||
| @@ -188,10 +190,10 @@ threepid: | ||||
| #      terms: | ||||
| #        en:  # lang | ||||
| #          name: term name en  # localized name | ||||
| #          url: https://ma1sd.host.tld/term_en.html  # localized url | ||||
| #          url: https://mxids.host.tld/term_en.html  # localized url | ||||
| #        fe:  # lang | ||||
| #          name: term name fr  # localized name | ||||
| #          url: https://ma1sd.host.tld/term_fr.html  # localized url | ||||
| #          url: https://mxids.host.tld/term_fr.html  # localized url | ||||
| #      regexp: | ||||
| #        - '/_matrix/identity/v2/account.*' | ||||
| #        - '/_matrix/identity/v2/hash_details' | ||||
| @@ -202,3 +204,16 @@ threepid: | ||||
| #   root: error     # default level for all loggers (apps and thirdparty libraries) | ||||
| #   app: info       # log level only for the ma1sd | ||||
| #   requests: false # or true to dump full requests and responses | ||||
| 
 | ||||
| 
 | ||||
| # Config invitation manager | ||||
| #invite: | ||||
| #  fullDisplayName: true # print full name of the invited user (default false) | ||||
| #  resolution: | ||||
| #    timer: 10 | ||||
| #    period: seconds # search invites every 10 seconds (by default 5 minutes) | ||||
| 
 | ||||
| 
 | ||||
| # Internal API | ||||
| #internal: | ||||
| #  enabled: true # default to false | ||||
							
								
								
									
										11
									
								
								renovate.json
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										11
									
								
								renovate.json
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,11 @@ | ||||
| { | ||||
|   "extends": [ | ||||
|     "config:base"   | ||||
|   ], | ||||
|   "packageRules": [ | ||||
|     { | ||||
|       "updateTypes": ["minor", "patch", "pin", "digest"], | ||||
|       "automerge": true | ||||
|     } | ||||
|   ] | ||||
| } | ||||
| @@ -1,6 +1,6 @@ | ||||
| Package: ma1sd | ||||
| Package: mxids | ||||
| Maintainer: ma1uta <sablintolya@gmail.com> | ||||
| Homepage: https://github.com/ma1uta/ma1sd | ||||
| Homepage: https://git.cqre.net/cqrenet/mxids.git | ||||
| Description: Federated Matrix Identity Server | ||||
| Architecture: all | ||||
| Section: net | ||||
|   | ||||
| @@ -1,19 +1,19 @@ | ||||
| #!/bin/bash -e | ||||
|  | ||||
| # Add service account | ||||
| useradd -r ma1sd || true | ||||
| useradd -r mxids || true | ||||
|  | ||||
| # Set permissions for data directory | ||||
| chown -R ma1sd:ma1sd %DEB_DATA_DIR% | ||||
| chown -R mxids:mxids %DEB_DATA_DIR% | ||||
|  | ||||
| # Create symlink to ma1sd run script | ||||
| ln -sfT /usr/lib/ma1sd/ma1sd /usr/bin/ma1sd | ||||
| # Create symlink to mxids run script | ||||
| ln -sfT /usr/lib/mxids/mxids /usr/bin/mxids | ||||
|  | ||||
| # Enable systemd service | ||||
| systemctl enable ma1sd.service | ||||
| systemctl enable mxids.service | ||||
|  | ||||
| # If we already have a config file setup, we attempt to run ma1sd automatically | ||||
| # If we already have a config file setup, we attempt to run mxids automatically | ||||
| # Specifically targeted at upgrades where the service needs to be restarted | ||||
| if [ -f "%DEB_CONF_FILE%" ]; then | ||||
|     systemctl restart ma1sd.service | ||||
|     systemctl restart mxids.service | ||||
| fi | ||||
|   | ||||
| @@ -1,10 +1,10 @@ | ||||
| #!/bin/bash | ||||
|  | ||||
| # Stop running instance if needed | ||||
| systemctl stop ma1sd.service | ||||
| systemctl stop mxids.service | ||||
|  | ||||
| # Disable service if exists | ||||
| systemctl disable ma1sd.service | ||||
| systemctl disable mxids.service | ||||
|  | ||||
| # remove symlink | ||||
| rm /usr/bin/ma1sd | ||||
| rm /usr/bin/mxids | ||||
|   | ||||
| @@ -27,8 +27,8 @@ if [[ -n "$CONF_FILE_PATH" ]] && [ ! -f "$CONF_FILE_PATH" ]; then | ||||
|         echo >> "$CONF_FILE_PATH" | ||||
|     fi | ||||
|  | ||||
|     echo "Starting ma1sd..." | ||||
|     echo "Starting mxids..." | ||||
|     echo | ||||
| fi | ||||
|  | ||||
| exec java -jar /app/ma1sd.jar -c /etc/ma1sd/ma1sd.yaml | ||||
| exec java -jar /app/mxids.jar -c /etc/mxids/mxids.yaml | ||||
|   | ||||
| @@ -53,7 +53,7 @@ public class MatrixPath { | ||||
|     } | ||||
|  | ||||
|     public static MatrixPath clientR0() { | ||||
|         return client().add("r0"); | ||||
|         return client().add("v3"); | ||||
|     } | ||||
|  | ||||
|     private StringBuilder path = new StringBuilder(); | ||||
|   | ||||
| @@ -27,7 +27,7 @@ public class ThreePid implements _ThreePid { | ||||
|  | ||||
|     public ThreePid(String medium, String address) { | ||||
|         this.medium = medium; | ||||
|         this.address = address; | ||||
|         this.address = address.toLowerCase(); | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|   | ||||
| @@ -375,13 +375,13 @@ public abstract class AMatrixHttpClient implements _MatrixClientRaw { | ||||
|     } | ||||
|  | ||||
|     protected HttpUrl.Builder getClientPathBuilder(String... segments) { | ||||
|         String[] base = { "client", "r0" }; | ||||
|         String[] base = { "client", "v3" }; | ||||
|         segments = ArrayUtils.addAll(base, segments); | ||||
|         return getPathBuilder(segments); | ||||
|     } | ||||
|  | ||||
|     protected HttpUrl.Builder getMediaPathBuilder(String... segments) { | ||||
|         String[] base = { "media", "r0" }; | ||||
|         String[] base = { "media", "v3" }; | ||||
|         segments = ArrayUtils.addAll(base, segments); | ||||
|         return getPathBuilder(segments); | ||||
|     } | ||||
|   | ||||
| @@ -58,6 +58,7 @@ import io.kamax.mxisd.http.undertow.handler.identity.v1.BulkLookupHandler; | ||||
| import io.kamax.mxisd.http.undertow.handler.identity.v1.SingleLookupHandler; | ||||
| import io.kamax.mxisd.http.undertow.handler.identity.v2.HashDetailsHandler; | ||||
| import io.kamax.mxisd.http.undertow.handler.identity.v2.HashLookupHandler; | ||||
| import io.kamax.mxisd.http.undertow.handler.internal.InternalInviteManagerHandler; | ||||
| import io.kamax.mxisd.http.undertow.handler.invite.v1.RoomInviteHandler; | ||||
| import io.kamax.mxisd.http.undertow.handler.profile.v1.InternalProfileHandler; | ||||
| import io.kamax.mxisd.http.undertow.handler.profile.v1.ProfileHandler; | ||||
| @@ -147,6 +148,11 @@ public class HttpMxisd { | ||||
|         termsEndpoints(handler); | ||||
|         hashEndpoints(handler); | ||||
|         accountEndpoints(handler); | ||||
|  | ||||
|         if (m.getConfig().getInternal().isEnabled()) { | ||||
|             handler.get(InternalInviteManagerHandler.PATH, new InternalInviteManagerHandler(m.getInvite())); | ||||
|         } | ||||
|  | ||||
|         ServerConfig serverConfig = m.getConfig().getServer(); | ||||
|         httpSrv = Undertow.builder().addHttpListener(serverConfig.getPort(), serverConfig.getHostname()).setHandler(handler).build(); | ||||
|  | ||||
|   | ||||
| @@ -55,7 +55,7 @@ import io.kamax.mxisd.registration.RegistrationManager; | ||||
| import io.kamax.mxisd.session.SessionManager; | ||||
| import io.kamax.mxisd.storage.IStorage; | ||||
| import io.kamax.mxisd.storage.ormlite.OrmLiteSqlStorage; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.http.impl.client.CloseableHttpClient; | ||||
| import org.apache.http.impl.client.HttpClients; | ||||
|  | ||||
|   | ||||
| @@ -36,7 +36,7 @@ public class MxisdStandaloneExec { | ||||
|     private static final Logger log = LoggerFactory.getLogger("App"); | ||||
|  | ||||
|     public static void main(String[] args) { | ||||
|         String logLevel = System.getenv("MA1SD_LOG_LEVEL"); | ||||
|         String logLevel = System.getenv("MXIDS_LOG_LEVEL"); | ||||
|         if (StringUtils.isNotBlank(logLevel)) { | ||||
|             System.setProperty("org.slf4j.simpleLogger.log.io.kamax.mxisd", logLevel); | ||||
|         } | ||||
| @@ -59,8 +59,8 @@ public class MxisdStandaloneExec { | ||||
|                         System.out.println("  -c, --config     Set the configuration file location"); | ||||
|                         System.out.println("  -v               Increase log level (log more info)"); | ||||
|                         System.out.println("  -vv              Further increase log level"); | ||||
|                         System.out.println("  --dump           Dump the full ma1sd configuration"); | ||||
|                         System.out.println("  --dump-and-exit  Dump the full ma1sd configuration and exit"); | ||||
|                         System.out.println("  --dump           Dump the full mxids configuration"); | ||||
|                         System.out.println("  --dump-and-exit  Dump the full mxids configuration and exit"); | ||||
|                         System.out.println(" "); | ||||
|                         System.exit(0); | ||||
|                         return; | ||||
| @@ -88,27 +88,28 @@ public class MxisdStandaloneExec { | ||||
|             } | ||||
|  | ||||
|             if (Objects.isNull(cfg)) { | ||||
|                 cfg = YamlConfigLoader.tryLoadFromFile("ma1sd.yaml").orElseGet(MxisdConfig::new); | ||||
|                 cfg = YamlConfigLoader.tryLoadFromFile("mxids.yaml").orElseGet(MxisdConfig::new); | ||||
|             } | ||||
|  | ||||
|             if (dump) { | ||||
|                 YamlConfigLoader.dumpConfig(cfg); | ||||
|                 String outputPath = "mxids.yaml"; | ||||
|                 YamlConfigLoader.dumpConfig(cfg, outputPath); | ||||
|                 if (exit) { | ||||
|                     System.exit(0); | ||||
|                 } | ||||
|             } | ||||
|  | ||||
|             log.info("ma1sd starting"); | ||||
|             log.info("mxids starting"); | ||||
|             log.info("Version: {}", Mxisd.Version); | ||||
|  | ||||
|             HttpMxisd mxisd = new HttpMxisd(cfg); | ||||
|             Runtime.getRuntime().addShutdownHook(new Thread(() -> { | ||||
|                 mxisd.stop(); | ||||
|                 log.info("ma1sd stopped"); | ||||
|                 log.info("mxids stopped"); | ||||
|             })); | ||||
|             mxisd.start(); | ||||
|  | ||||
|             log.info("ma1sd started"); | ||||
|             log.info("mxids started"); | ||||
|         } catch (ConfigurationException e) { | ||||
|             log.error(e.getDetailedMessage()); | ||||
|             log.error(e.getMessage()); | ||||
|   | ||||
| @@ -20,7 +20,7 @@ | ||||
|  | ||||
| package io.kamax.mxisd; | ||||
|  | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| // FIXME consider integrating in matrix-java-sdk? | ||||
| public enum UserIdType { | ||||
|   | ||||
| @@ -48,6 +48,7 @@ import org.slf4j.LoggerFactory; | ||||
| import org.yaml.snakeyaml.Yaml; | ||||
| import org.yaml.snakeyaml.introspector.BeanAccess; | ||||
| import org.yaml.snakeyaml.representer.Representer; | ||||
| import org.yaml.snakeyaml.DumperOptions; | ||||
|  | ||||
| import java.io.FileOutputStream; | ||||
| import java.io.IOException; | ||||
| @@ -148,12 +149,12 @@ public class AppSvcManager { | ||||
|  | ||||
|         SynapseRegistrationYaml syncCfg = SynapseRegistrationYaml.parse(cfg.getAppsvc(), cfg.getMatrix().getDomain()); | ||||
|  | ||||
|         Representer rep = new Representer(); | ||||
|         DumperOptions options = new DumperOptions(); | ||||
|         options.setDefaultFlowStyle(DumperOptions.FlowStyle.BLOCK); // Set YAML flow style to block | ||||
|         Representer rep = new Representer(options); | ||||
|         rep.getPropertyUtils().setBeanAccess(BeanAccess.FIELD); | ||||
|         Yaml yaml = new Yaml(rep); | ||||
|  | ||||
|         // SnakeYAML set the type of object on the first line, which can fail to be parsed on synapse | ||||
|         // We therefore need to split the resulting string, remove the first line, and then write it | ||||
|         List<String> lines = new ArrayList<>(Arrays.asList(yaml.dump(syncCfg).split("\\R+"))); | ||||
|         if (StringUtils.equals(lines.get(0), "!!" + SynapseRegistrationYaml.class.getCanonicalName())) { | ||||
|             lines.remove(0); | ||||
|   | ||||
| @@ -25,8 +25,8 @@ import io.kamax.matrix.hs._MatrixRoom; | ||||
| import io.kamax.mxisd.Mxisd; | ||||
| import io.kamax.mxisd.invitation.IThreePidInviteReply; | ||||
| import org.apache.commons.cli.CommandLine; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang.text.StrBuilder; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.commons.lang3.text.StrBuilder; | ||||
|  | ||||
| import java.util.List; | ||||
|  | ||||
|   | ||||
| @@ -25,7 +25,7 @@ import io.kamax.matrix.hs._MatrixRoom; | ||||
| import io.kamax.mxisd.Mxisd; | ||||
| import io.kamax.mxisd.lookup.SingleLookupReply; | ||||
| import org.apache.commons.cli.CommandLine; | ||||
| import org.apache.commons.lang.text.StrBuilder; | ||||
| import org.apache.commons.lang3.text.StrBuilder; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| import java.util.Optional; | ||||
|   | ||||
| @@ -34,7 +34,7 @@ import io.kamax.mxisd.invitation.IMatrixIdInvite; | ||||
| import io.kamax.mxisd.invitation.MatrixIdInvite; | ||||
| import io.kamax.mxisd.notification.NotificationManager; | ||||
| import io.kamax.mxisd.profile.ProfileManager; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -32,7 +32,7 @@ import io.kamax.mxisd.as.processor.command.InviteCommandProcessor; | ||||
| import io.kamax.mxisd.as.processor.command.LookupCommandProcessor; | ||||
| import io.kamax.mxisd.as.processor.command.PingCommandProcessor; | ||||
| import org.apache.commons.cli.*; | ||||
| import org.apache.commons.lang.text.StrBuilder; | ||||
| import org.apache.commons.lang3.text.StrBuilder; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|   | ||||
| @@ -45,7 +45,7 @@ import io.kamax.mxisd.lookup.ThreePidMapping; | ||||
| import io.kamax.mxisd.lookup.strategy.LookupStrategy; | ||||
| import io.kamax.mxisd.util.RestClientUtils; | ||||
| import org.apache.commons.io.IOUtils; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.http.HttpEntity; | ||||
| import org.apache.http.client.methods.CloseableHttpResponse; | ||||
| import org.apache.http.client.methods.HttpPost; | ||||
|   | ||||
| @@ -27,7 +27,7 @@ import io.kamax.mxisd.config.ExecConfig; | ||||
| import io.kamax.mxisd.profile.JsonProfileRequest; | ||||
| import io.kamax.mxisd.profile.JsonProfileResult; | ||||
| import io.kamax.mxisd.profile.ProfileProvider; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| import java.util.Collections; | ||||
| import java.util.List; | ||||
|   | ||||
| @@ -1,168 +1,81 @@ | ||||
| /* | ||||
|  * mxisd - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2017 Kamax Sarl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.backend.firebase; | ||||
|  | ||||
| import com.google.firebase.auth.UserInfo; | ||||
| import com.google.i18n.phonenumbers.NumberParseException; | ||||
| import com.google.i18n.phonenumbers.PhoneNumberUtil; | ||||
| import io.kamax.matrix.ThreePid; | ||||
| import io.kamax.matrix.ThreePidMedium; | ||||
| import com.google.firebase.auth.FirebaseAuth; | ||||
| import com.google.firebase.auth.FirebaseAuthException; | ||||
| import com.google.firebase.auth.FirebaseToken; | ||||
| import com.google.firebase.auth.UserRecord; | ||||
| import io.kamax.matrix._MatrixID; | ||||
| import io.kamax.mxisd.UserIdType; | ||||
| import io.kamax.mxisd.auth.provider.AuthenticatorProvider; | ||||
| import io.kamax.mxisd.auth.provider.BackendAuthResult; | ||||
| import io.kamax.mxisd.config.FirebaseConfig; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
| import java.util.concurrent.CountDownLatch; | ||||
| import java.util.concurrent.TimeUnit; | ||||
| import java.util.concurrent.CompletableFuture; | ||||
| import java.util.concurrent.Executors; | ||||
| import java.util.concurrent.ExecutorService; | ||||
|  | ||||
| public class GoogleFirebaseAuthenticator extends GoogleFirebaseBackend implements AuthenticatorProvider { | ||||
| public class GoogleFirebaseAuthenticator implements AuthenticatorProvider { | ||||
|  | ||||
|     private transient final Logger log = LoggerFactory.getLogger(GoogleFirebaseAuthenticator.class); | ||||
|     private static final Logger log = LoggerFactory.getLogger(GoogleFirebaseAuthenticator.class); | ||||
|     private static final ExecutorService executor = Executors.newCachedThreadPool(); // Consider using a fixed thread pool or other strategies based on your app's needs | ||||
|  | ||||
|     private PhoneNumberUtil phoneUtil = PhoneNumberUtil.getInstance(); | ||||
|     private FirebaseConfig config; | ||||
|  | ||||
|     public GoogleFirebaseAuthenticator(FirebaseConfig cfg) { | ||||
|         this(cfg.isEnabled(), cfg.getCredentials(), cfg.getDatabase()); | ||||
|     public GoogleFirebaseAuthenticator(FirebaseConfig config) { | ||||
|         this.config = config; | ||||
|     } | ||||
|  | ||||
|     public GoogleFirebaseAuthenticator(boolean isEnabled, String credsPath, String db) { | ||||
|         super(isEnabled, "AuthenticationProvider", credsPath, db); | ||||
|     } | ||||
|  | ||||
|     private void waitOnLatch(BackendAuthResult result, CountDownLatch l, String purpose) { | ||||
|         try { | ||||
|             l.await(30, TimeUnit.SECONDS); | ||||
|         } catch (InterruptedException e) { | ||||
|             log.warn("Interrupted while waiting for " + purpose); | ||||
|             result.fail(); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     private void toEmail(BackendAuthResult result, String email) { | ||||
|         if (StringUtils.isBlank(email)) { | ||||
|             return; | ||||
|         } | ||||
|  | ||||
|         result.withThreePid(new ThreePid(ThreePidMedium.Email.getId(), email)); | ||||
|     } | ||||
|  | ||||
|     private void toMsisdn(BackendAuthResult result, String phoneNumber) { | ||||
|         if (StringUtils.isBlank(phoneNumber)) { | ||||
|             return; | ||||
|         } | ||||
|  | ||||
|         try { | ||||
|             String number = phoneUtil.format( | ||||
|                     phoneUtil.parse( | ||||
|                             phoneNumber, | ||||
|                             null // No default region | ||||
|                     ), | ||||
|                     PhoneNumberUtil.PhoneNumberFormat.E164 | ||||
|             ).substring(1); // We want without the leading + | ||||
|             result.withThreePid(new ThreePid(ThreePidMedium.PhoneNumber.getId(), number)); | ||||
|         } catch (NumberParseException e) { | ||||
|             log.warn("Invalid phone number: {}", phoneNumber); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     private void waitOnLatch(CountDownLatch l) { | ||||
|         try { | ||||
|             l.await(30, TimeUnit.SECONDS); | ||||
|         } catch (InterruptedException e) { | ||||
|             log.warn("Interrupted while waiting for Firebase auth check"); | ||||
|         } | ||||
|     @Override | ||||
|     public boolean isEnabled() { | ||||
|         return this.config.isEnabled(); | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public BackendAuthResult authenticate(_MatrixID mxid, String password) { | ||||
|         if (!isEnabled()) { | ||||
|             throw new IllegalStateException(); | ||||
|             log.warn("Firebase authenticator is disabled."); | ||||
|             return BackendAuthResult.failure(); | ||||
|         } | ||||
|  | ||||
|         log.info("Trying to authenticate {}", mxid); | ||||
|  | ||||
|         final BackendAuthResult result = BackendAuthResult.failure(); | ||||
|  | ||||
|         String localpart = mxid.getLocalPart(); | ||||
|         CountDownLatch l = new CountDownLatch(1); | ||||
|         getFirebase().verifyIdToken(password).addOnSuccessListener(token -> { | ||||
|         CompletableFuture<BackendAuthResult> resultFuture = new CompletableFuture<>(); | ||||
|         executor.submit(() -> { | ||||
|             try { | ||||
|                 if (!StringUtils.equals(localpart, token.getUid())) { | ||||
|                     log.info("Failure to authenticate {}: Matrix ID localpart '{}' does not match Firebase UID '{}'", mxid, localpart, token.getUid()); | ||||
|                     result.fail(); | ||||
|                 FirebaseToken decodedToken = FirebaseAuth.getInstance().verifyIdToken(password); | ||||
|                 if (!mxid.getLocalPart().equals(decodedToken.getUid())) { | ||||
|                     log.warn("UID mismatch for user {}", mxid); | ||||
|                     resultFuture.complete(BackendAuthResult.failure()); | ||||
|                     return; | ||||
|                 } | ||||
|  | ||||
|                 result.succeed(mxid.getId(), UserIdType.MatrixID.getId(), token.getName()); | ||||
|                 log.info("{} was successfully authenticated", mxid); | ||||
|                 log.info("Fetching profile for {}", mxid); | ||||
|                 CountDownLatch userRecordLatch = new CountDownLatch(1); | ||||
|                 getFirebase().getUser(token.getUid()).addOnSuccessListener(user -> { | ||||
|                     try { | ||||
|                         toEmail(result, user.getEmail()); | ||||
|                         toMsisdn(result, user.getPhoneNumber()); | ||||
|  | ||||
|                         for (UserInfo info : user.getProviderData()) { | ||||
|                             toEmail(result, info.getEmail()); | ||||
|                             toMsisdn(result, info.getPhoneNumber()); | ||||
|                         } | ||||
|  | ||||
|                         log.info("Got {} 3PIDs in profile", result.getProfile().getThreePids().size()); | ||||
|                     } finally { | ||||
|                         userRecordLatch.countDown(); | ||||
|                     } | ||||
|                 }).addOnFailureListener(e -> { | ||||
|                     try { | ||||
|                         log.warn("Unable to fetch Firebase user profile for {}", mxid); | ||||
|                         result.fail(); | ||||
|                     } finally { | ||||
|                         userRecordLatch.countDown(); | ||||
|                 // Assuming you have a method to convert Firebase user info into BackendAuthResult | ||||
|                 resultFuture.complete(convertToAuthResult(decodedToken)); | ||||
|             } catch (FirebaseAuthException e) { | ||||
|                 log.error("Failed to authenticate user {}: {}", mxid, e.getMessage(), e); | ||||
|                 resultFuture.complete(BackendAuthResult.failure()); | ||||
|             } | ||||
|         }); | ||||
|  | ||||
|                 waitOnLatch(result, userRecordLatch, "Firebase user profile"); | ||||
|             } finally { | ||||
|                 l.countDown(); | ||||
|             } | ||||
|         }).addOnFailureListener(e -> { | ||||
|         try { | ||||
|                 if (e instanceof IllegalArgumentException) { | ||||
|                     log.info("Failure to authenticate {}: invalid firebase token", mxid); | ||||
|                 } else { | ||||
|                     log.info("Failure to authenticate {}: {}", mxid, e.getMessage(), e); | ||||
|                     log.info("Exception", e); | ||||
|             return resultFuture.get(); // This will block, consider using thenAccept or similar for a truly non-blocking approach | ||||
|         } catch (Exception e) { | ||||
|             log.error("Error during authentication process", e); | ||||
|             return BackendAuthResult.failure(); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|                 result.fail(); | ||||
|             } finally { | ||||
|                 l.countDown(); | ||||
|             } | ||||
|         }); | ||||
|     private BackendAuthResult convertToAuthResult(FirebaseToken decodedToken) { | ||||
|         String userId = decodedToken.getUid(); // UID from Firebase as the user ID | ||||
|         String userIdType = "MatrixID"; // Assuming you're using string literals for user ID types | ||||
|         String displayName = decodedToken.getName(); // Display name from the Firebase token | ||||
|          | ||||
|         waitOnLatch(result, l, "Firebase auth check"); | ||||
|         return result; | ||||
|         // Adjust the method call according to the actual parameters it expects. | ||||
|         // This example uses three strings directly. | ||||
|         return BackendAuthResult.success(userId, userIdType, displayName); | ||||
|     } | ||||
|  | ||||
|     // Ensure resources are properly released when no longer needed | ||||
|     public static void shutdown() { | ||||
|         executor.shutdown(); | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -1,90 +1,43 @@ | ||||
| /* | ||||
|  * mxisd - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2017 Kamax Sarl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.backend.firebase; | ||||
|  | ||||
| import com.google.auth.oauth2.GoogleCredentials; | ||||
| import com.google.firebase.FirebaseApp; | ||||
| import com.google.firebase.FirebaseOptions; | ||||
| import com.google.firebase.auth.FirebaseAuth; | ||||
| import com.google.firebase.auth.FirebaseCredential; | ||||
| import com.google.firebase.auth.FirebaseCredentials; | ||||
| import com.google.firebase.database.FirebaseDatabase; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
| import java.io.FileInputStream; | ||||
| import java.io.IOException; | ||||
|  | ||||
| public class GoogleFirebaseBackend { | ||||
|  | ||||
|     private transient final Logger log = LoggerFactory.getLogger(GoogleFirebaseBackend.class); | ||||
|  | ||||
|     private boolean isEnabled; | ||||
|     private FirebaseAuth fbAuth; | ||||
|     protected FirebaseDatabase fbDb; | ||||
|  | ||||
|     GoogleFirebaseBackend(boolean isEnabled, String name, String credsPath, String db) { | ||||
|         this.isEnabled = isEnabled; | ||||
|         if (!isEnabled) { | ||||
|             return; | ||||
|         } | ||||
| public abstract class GoogleFirebaseBackend { | ||||
|     protected boolean enabled; | ||||
|     protected String backendName; | ||||
|     protected String credentialsPath; | ||||
|     protected String databaseUrl; | ||||
|  | ||||
|     public GoogleFirebaseBackend(boolean isEnabled, String backendName, String credsPath, String db) { | ||||
|         this.enabled = isEnabled; | ||||
|         this.backendName = backendName; | ||||
|         this.credentialsPath = credsPath; | ||||
|         this.databaseUrl = db; | ||||
|         if (isEnabled) { | ||||
|             try { | ||||
|             FirebaseApp fbApp = FirebaseApp.initializeApp(getOpts(credsPath, db), name); | ||||
|             fbAuth = FirebaseAuth.getInstance(fbApp); | ||||
|             FirebaseDatabase.getInstance(fbApp); | ||||
|  | ||||
|             log.info("Google Firebase Authentication is ready"); | ||||
|                 initializeFirebase(); | ||||
|             } catch (IOException e) { | ||||
|             throw new RuntimeException("Error when initializing Firebase", e); | ||||
|                 throw new RuntimeException("Failed to initialize Firebase", e); | ||||
|             } | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     private FirebaseCredential getCreds(String credsPath) throws IOException { | ||||
|         if (StringUtils.isNotBlank(credsPath)) { | ||||
|             try (FileInputStream is = new FileInputStream(credsPath)) { | ||||
|                 return FirebaseCredentials.fromCertificate(is); | ||||
|             } | ||||
|         } else { | ||||
|             return FirebaseCredentials.applicationDefault(); | ||||
|         } | ||||
|     } | ||||
|     private void initializeFirebase() throws IOException { | ||||
|         FileInputStream serviceAccount = new FileInputStream(credentialsPath); | ||||
|  | ||||
|     private FirebaseOptions getOpts(String credsPath, String db) throws IOException { | ||||
|         if (StringUtils.isBlank(db)) { | ||||
|             throw new IllegalArgumentException("Firebase database is not configured"); | ||||
|         } | ||||
|  | ||||
|         return new FirebaseOptions.Builder() | ||||
|                 .setCredential(getCreds(credsPath)) | ||||
|                 .setDatabaseUrl(db) | ||||
|         FirebaseOptions options = new FirebaseOptions.Builder() | ||||
|                 .setCredentials(GoogleCredentials.fromStream(serviceAccount)) | ||||
|                 .setDatabaseUrl(databaseUrl) | ||||
|                 .build(); | ||||
|  | ||||
|         if (FirebaseApp.getApps().isEmpty()) { // Check if Firebase has been initialized already | ||||
|             FirebaseApp.initializeApp(options); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     FirebaseAuth getFirebase() { | ||||
|         return fbAuth; | ||||
|     } | ||||
|  | ||||
|     public boolean isEnabled() { | ||||
|         return isEnabled; | ||||
|     } | ||||
|  | ||||
|     // Additional methods for GoogleFirebaseBackend | ||||
| } | ||||
|   | ||||
| @@ -1,28 +1,5 @@ | ||||
| /* | ||||
|  * mxisd - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2017 Kamax Sarl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.backend.firebase; | ||||
|  | ||||
| import com.google.firebase.auth.UserRecord; | ||||
| import com.google.firebase.tasks.OnFailureListener; | ||||
| import com.google.firebase.tasks.OnSuccessListener; | ||||
| import io.kamax.matrix.MatrixID; | ||||
| import io.kamax.matrix.ThreePidMedium; | ||||
| import io.kamax.mxisd.config.MxisdConfig; | ||||
| @@ -36,25 +13,22 @@ import org.slf4j.LoggerFactory; | ||||
| import java.util.ArrayList; | ||||
| import java.util.List; | ||||
| import java.util.Optional; | ||||
| import java.util.concurrent.CountDownLatch; | ||||
| import java.util.concurrent.TimeUnit; | ||||
| import java.util.concurrent.CompletableFuture; | ||||
|  | ||||
| public class GoogleFirebaseProvider extends GoogleFirebaseBackend implements IThreePidProvider { | ||||
|  | ||||
|     private transient final Logger log = LoggerFactory.getLogger(GoogleFirebaseProvider.class); | ||||
|     private final Logger log = LoggerFactory.getLogger(GoogleFirebaseProvider.class); | ||||
|     private String domain; | ||||
|  | ||||
|     public GoogleFirebaseProvider(MxisdConfig cfg) { | ||||
|         this(cfg.getFirebase().isEnabled(), cfg.getFirebase().getCredentials(), cfg.getFirebase().getDatabase(), cfg.getMatrix().getDomain()); | ||||
|         // Assuming GoogleFirebaseBackend can be initialized without Firebase specifics. | ||||
|         super(cfg.getFirebase().isEnabled(), cfg.getFirebase().getCredentials(), cfg.getFirebase().getDatabase(), cfg.getMatrix().getDomain()); | ||||
|         this.domain = cfg.getMatrix().getDomain(); | ||||
|     } | ||||
|  | ||||
|     public GoogleFirebaseProvider(boolean isEnabled, String credsPath, String db, String domain) { | ||||
|         super(isEnabled, "ThreePidProvider", credsPath, db); | ||||
|         this.domain = domain; | ||||
|     } | ||||
|  | ||||
|     private String getMxid(UserRecord record) { | ||||
|         return MatrixID.asAcceptable(record.getUid(), domain).getId(); | ||||
|     private String getMxid(String uid) { | ||||
|         // Mock UID to MXID conversion | ||||
|         return MatrixID.asAcceptable(uid, domain).getId(); | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
| @@ -67,71 +41,34 @@ public class GoogleFirebaseProvider extends GoogleFirebaseBackend implements ITh | ||||
|         return 25; | ||||
|     } | ||||
|  | ||||
|     private void waitOnLatch(CountDownLatch l) { | ||||
|         try { | ||||
|             l.await(30, TimeUnit.SECONDS); | ||||
|         } catch (InterruptedException e) { | ||||
|             log.warn("Interrupted while waiting for Firebase auth check"); | ||||
|         } | ||||
|     } | ||||
|     private Optional<String> findInternal(String medium, String address) { | ||||
|         CompletableFuture<Optional<String>> future = new CompletableFuture<>(); | ||||
|  | ||||
|     private Optional<UserRecord> findInternal(String medium, String address) { | ||||
|         final UserRecord[] r = new UserRecord[1]; | ||||
|         CountDownLatch l = new CountDownLatch(1); | ||||
|         // Directly complete with empty to simulate no user found | ||||
|         future.complete(Optional.empty()); | ||||
|  | ||||
|         OnSuccessListener<UserRecord> success = result -> { | ||||
|             log.info("Found 3PID match for {}:{} - UID is {}", medium, address, result.getUid()); | ||||
|             r[0] = result; | ||||
|             l.countDown(); | ||||
|         }; | ||||
|  | ||||
|         OnFailureListener failure = e -> { | ||||
|             log.info("No 3PID match for {}:{} - {}", medium, address, e.getMessage()); | ||||
|             r[0] = null; | ||||
|             l.countDown(); | ||||
|         }; | ||||
|  | ||||
|         if (ThreePidMedium.Email.is(medium)) { | ||||
|             log.info("Performing E-mail 3PID lookup for {}", address); | ||||
|             getFirebase().getUserByEmail(address) | ||||
|                     .addOnSuccessListener(success) | ||||
|                     .addOnFailureListener(failure); | ||||
|             waitOnLatch(l); | ||||
|         } else if (ThreePidMedium.PhoneNumber.is(medium)) { | ||||
|             log.info("Performing msisdn 3PID lookup for {}", address); | ||||
|             getFirebase().getUserByPhoneNumber(address) | ||||
|                     .addOnSuccessListener(success) | ||||
|                     .addOnFailureListener(failure); | ||||
|             waitOnLatch(l); | ||||
|         } else { | ||||
|             log.info("{} is not a supported 3PID medium", medium); | ||||
|             r[0] = null; | ||||
|         } | ||||
|  | ||||
|         return Optional.ofNullable(r[0]); | ||||
|         return future.join(); // Using join to avoid handling InterruptedException | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public Optional<SingleLookupReply> find(SingleLookupRequest request) { | ||||
|         Optional<UserRecord> urOpt = findInternal(request.getType(), request.getThreePid()); | ||||
|         return urOpt.map(userRecord -> new SingleLookupReply(request, getMxid(userRecord))); | ||||
|  | ||||
|         Optional<String> uidOpt = findInternal(request.getType(), request.getThreePid()); | ||||
|         return uidOpt.map(uid -> new SingleLookupReply(request, getMxid(uid))); | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public List<ThreePidMapping> populate(List<ThreePidMapping> mappings) { | ||||
|         List<ThreePidMapping> results = new ArrayList<>(); | ||||
|         mappings.parallelStream().forEach(o -> { | ||||
|             Optional<UserRecord> urOpt = findInternal(o.getMedium(), o.getValue()); | ||||
|             if (urOpt.isPresent()) { | ||||
|         mappings.forEach(o -> { | ||||
|             Optional<String> uidOpt = findInternal(o.getMedium(), o.getValue()); | ||||
|             uidOpt.ifPresent(uid -> { | ||||
|                 ThreePidMapping result = new ThreePidMapping(); | ||||
|                 result.setMedium(o.getMedium()); | ||||
|                 result.setValue(o.getValue()); | ||||
|                 result.setMxid(getMxid(urOpt.get())); | ||||
|                 result.setMxid(getMxid(uid)); | ||||
|                 results.add(result); | ||||
|             } | ||||
|             }); | ||||
|         }); | ||||
|         return results; | ||||
|     } | ||||
|  | ||||
| } | ||||
|   | ||||
| @@ -32,7 +32,7 @@ import io.kamax.mxisd.config.MatrixConfig; | ||||
| import io.kamax.mxisd.config.ldap.LdapConfig; | ||||
| import io.kamax.mxisd.exception.InternalServerError; | ||||
| import io.kamax.mxisd.util.GsonUtil; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.directory.api.ldap.model.cursor.CursorException; | ||||
| import org.apache.directory.api.ldap.model.cursor.CursorLdapReferralException; | ||||
| import org.apache.directory.api.ldap.model.cursor.EntryCursor; | ||||
| @@ -54,6 +54,8 @@ public class LdapAuthProvider extends LdapBackend implements AuthenticatorProvid | ||||
|  | ||||
|     private transient final Logger log = LoggerFactory.getLogger(LdapAuthProvider.class); | ||||
|  | ||||
|     public static final char[] CHARACTERS_TO_ESCAPE = ",#+<>;\"=*\\\\".toCharArray(); | ||||
|  | ||||
|     private PhoneNumberUtil phoneUtil = PhoneNumberUtil.getInstance(); | ||||
|  | ||||
|     public LdapAuthProvider(LdapConfig cfg, MatrixConfig mxCfg) { | ||||
| @@ -94,7 +96,8 @@ public class LdapAuthProvider extends LdapBackend implements AuthenticatorProvid | ||||
|                 return BackendAuthResult.failure(); | ||||
|             } | ||||
|  | ||||
|             String userFilter = "(" + getUidAtt() + "=" + userFilterValue + ")"; | ||||
|             String filteredValue = escape(userFilterValue); | ||||
|             String userFilter = "(" + getUidAtt() + "=" + filteredValue + ")"; | ||||
|             userFilter = buildWithFilter(userFilter, getCfg().getAuth().getFilter()); | ||||
|  | ||||
|             Set<String> attributes = new HashSet<>(); | ||||
| @@ -167,4 +170,16 @@ public class LdapAuthProvider extends LdapBackend implements AuthenticatorProvid | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     private String escape(String raw) { | ||||
|         StringBuilder sb = new StringBuilder(); | ||||
|         boolean escape; | ||||
|         for (char c : raw.toCharArray()) { | ||||
|             escape = false; | ||||
|             for (int i = 0; i < CHARACTERS_TO_ESCAPE.length && !escape; i++) { | ||||
|                 escape = CHARACTERS_TO_ESCAPE[i] == c; | ||||
|             } | ||||
|             sb.append(escape ? "\\" + c : c); | ||||
|         } | ||||
|         return sb.toString(); | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -20,10 +20,11 @@ | ||||
|  | ||||
| package io.kamax.mxisd.backend.ldap; | ||||
|  | ||||
| import io.kamax.matrix.MatrixID; | ||||
| import io.kamax.matrix._MatrixID; | ||||
| import io.kamax.mxisd.config.MatrixConfig; | ||||
| import io.kamax.mxisd.config.ldap.LdapConfig; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.directory.api.ldap.model.entry.Attribute; | ||||
| import org.apache.directory.api.ldap.model.entry.AttributeUtils; | ||||
| import org.apache.directory.api.ldap.model.entry.Entry; | ||||
| @@ -116,10 +117,20 @@ public abstract class LdapBackend { | ||||
|  | ||||
|     public String buildMatrixIdFromUid(String uid) { | ||||
|         String uidType = getCfg().getAttribute().getUid().getType(); | ||||
|         String localpart = uid.toLowerCase(); | ||||
|  | ||||
|         if (!StringUtils.equals(uid, localpart)) { | ||||
|             log.info("UID {} from LDAP has been changed to lowercase to match the Synapse specifications", uid); | ||||
|         } | ||||
|  | ||||
|         if (StringUtils.equals(UID, uidType)) { | ||||
|             return "@" + uid + ":" + mxCfg.getDomain(); | ||||
|             if(getCfg().isActiveDirectory()) { | ||||
|                 localpart  = new UPN(uid.toLowerCase()).getMXID(); | ||||
|             } | ||||
|  | ||||
|             return "@" + localpart + ":" + mxCfg.getDomain(); | ||||
|         } else if (StringUtils.equals(MATRIX_ID, uidType)) { | ||||
|             return uid; | ||||
|             return localpart; | ||||
|         } else { | ||||
|             throw new IllegalArgumentException("Bind type " + uidType + " is not supported"); | ||||
|         } | ||||
| @@ -128,6 +139,10 @@ public abstract class LdapBackend { | ||||
|     public String buildUidFromMatrixId(_MatrixID mxId) { | ||||
|         String uidType = getCfg().getAttribute().getUid().getType(); | ||||
|         if (StringUtils.equals(UID, uidType)) { | ||||
|             if(getCfg().isActiveDirectory()) { | ||||
|                 return new UPN(mxId).getUPN(); | ||||
|             } | ||||
|  | ||||
|             return mxId.getLocalPart(); | ||||
|         } else if (StringUtils.equals(MATRIX_ID, uidType)) { | ||||
|             return mxId.getId(); | ||||
| @@ -169,4 +184,58 @@ public abstract class LdapBackend { | ||||
|         return values; | ||||
|     } | ||||
|  | ||||
|     private class UPN { | ||||
|         private String login; | ||||
|         private String domain; | ||||
|  | ||||
|         public UPN(String userPrincipalName) { | ||||
|             String[] uidParts = userPrincipalName.split("@"); | ||||
|  | ||||
|             if (uidParts.length != 2) { | ||||
|                 throw new IllegalArgumentException(String.format("Wrong userPrincipalName provided: %s", userPrincipalName)); | ||||
|             } | ||||
|  | ||||
|             this.login = uidParts[0]; | ||||
|             this.domain = uidParts[1]; | ||||
|         } | ||||
|  | ||||
|         public UPN(_MatrixID mxid) { | ||||
|             String[] idParts = mxid.getLocalPart().split("/"); | ||||
|  | ||||
|             if (idParts.length != 2) { | ||||
|                 if(idParts.length == 1 && !StringUtils.isEmpty(getCfg().getDefaultDomain())) { | ||||
|                     throw new IllegalArgumentException(String.format( | ||||
|                         "Local part of mxid %s does not contains domain separator and default domain is not configured", | ||||
|                         mxid.getLocalPart() | ||||
|                     )); | ||||
|                 } | ||||
|  | ||||
|                 this.domain = getCfg().getDefaultDomain(); | ||||
|             } else { | ||||
|                 this.domain = idParts[1]; | ||||
|             } | ||||
|  | ||||
|             this.login = idParts[0]; | ||||
|         } | ||||
|  | ||||
|         public String getLogin() { | ||||
|             return login; | ||||
|         } | ||||
|  | ||||
|         public String getDomain() { | ||||
|             return domain; | ||||
|         } | ||||
|  | ||||
|         public String getMXID() { | ||||
|             if(StringUtils.equalsIgnoreCase(getCfg().getDefaultDomain(), this.domain)) { | ||||
|                 return this.login; | ||||
|             } | ||||
|  | ||||
|             return new StringBuilder(this.login).append("/").append(this.domain).toString(); | ||||
|         } | ||||
|  | ||||
|         public String getUPN() { | ||||
|             return new StringBuilder(this.login).append("@").append(this.domain).toString(); | ||||
|         } | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -38,7 +38,7 @@ import io.kamax.mxisd.lookup.SingleLookupRequest; | ||||
| import io.kamax.mxisd.lookup.ThreePidMapping; | ||||
| import io.kamax.mxisd.lookup.provider.IThreePidProvider; | ||||
| import io.kamax.mxisd.profile.ProfileProvider; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -27,7 +27,7 @@ import io.kamax.mxisd.lookup.SingleLookupReply; | ||||
| import io.kamax.mxisd.lookup.SingleLookupRequest; | ||||
| import io.kamax.mxisd.lookup.ThreePidMapping; | ||||
| import io.kamax.mxisd.lookup.provider.IThreePidProvider; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -28,7 +28,7 @@ import io.kamax.mxisd.config.sql.generic.GenericSqlProviderConfig; | ||||
| import io.kamax.mxisd.directory.DirectoryProvider; | ||||
| import io.kamax.mxisd.exception.InternalServerError; | ||||
| import io.kamax.mxisd.http.io.UserDirectorySearchResult; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -21,7 +21,7 @@ | ||||
| package io.kamax.mxisd.backend.sql.synapse; | ||||
|  | ||||
| import io.kamax.mxisd.exception.ConfigurationException; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| public class SynapseQueries { | ||||
|  | ||||
|   | ||||
| @@ -25,7 +25,7 @@ import io.kamax.matrix._MatrixID; | ||||
| import io.kamax.mxisd.UserIdType; | ||||
| import io.kamax.mxisd.auth.provider.AuthenticatorProvider; | ||||
| import io.kamax.mxisd.auth.provider.BackendAuthResult; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -25,7 +25,7 @@ import io.kamax.matrix.json.GsonUtil; | ||||
| import io.kamax.matrix.json.InvalidJsonException; | ||||
| import io.kamax.mxisd.config.wordpress.WordpressConfig; | ||||
| import io.kamax.mxisd.util.RestClientUtils; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.http.client.methods.CloseableHttpResponse; | ||||
| import org.apache.http.client.methods.HttpGet; | ||||
| import org.apache.http.client.methods.HttpPost; | ||||
|   | ||||
| @@ -5,6 +5,7 @@ import org.slf4j.LoggerFactory; | ||||
|  | ||||
| import java.util.ArrayList; | ||||
| import java.util.List; | ||||
| import java.util.Objects; | ||||
|  | ||||
| public class HashingConfig { | ||||
|  | ||||
| @@ -13,7 +14,7 @@ public class HashingConfig { | ||||
|     private boolean enabled = false; | ||||
|     private int pepperLength = 20; | ||||
|     private RotationPolicyEnum rotationPolicy; | ||||
|     private HashStorageEnum hashStorageType; | ||||
|     private HashStorageEnum hashStorageType = HashStorageEnum.in_memory; | ||||
|     private String delay = "10s"; | ||||
|     private transient long delayInSeconds = 10; | ||||
|     private int requests = 10; | ||||
| @@ -25,6 +26,7 @@ public class HashingConfig { | ||||
|             LOGGER.info("   Pepper length: {}", getPepperLength()); | ||||
|             LOGGER.info("   Rotation policy: {}", getRotationPolicy()); | ||||
|             LOGGER.info("   Hash storage type: {}", getHashStorageType()); | ||||
|             Objects.requireNonNull(getHashStorageType(), "Storage type must be specified"); | ||||
|             if (RotationPolicyEnum.per_seconds == getRotationPolicy()) { | ||||
|                 setDelayInSeconds(new DurationDeserializer().deserialize(getDelay())); | ||||
|                 LOGGER.info("   Rotation delay: {}", getDelay()); | ||||
|   | ||||
							
								
								
									
										24
									
								
								src/main/java/io/kamax/mxisd/config/InternalAPIConfig.java
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										24
									
								
								src/main/java/io/kamax/mxisd/config/InternalAPIConfig.java
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,24 @@ | ||||
| package io.kamax.mxisd.config; | ||||
|  | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
| public class InternalAPIConfig { | ||||
|  | ||||
|     private final static Logger log = LoggerFactory.getLogger(InternalAPIConfig.class); | ||||
|  | ||||
|     private boolean enabled = false; | ||||
|  | ||||
|     public boolean isEnabled() { | ||||
|         return enabled; | ||||
|     } | ||||
|  | ||||
|     public void setEnabled(boolean enabled) { | ||||
|         this.enabled = enabled; | ||||
|     } | ||||
|  | ||||
|     public void build() { | ||||
|         log.info("--- Internal API config ---"); | ||||
|         log.info("Internal API enabled: {}", isEnabled()); | ||||
|     } | ||||
| } | ||||
| @@ -67,6 +67,7 @@ public class InvitationConfig { | ||||
|  | ||||
|         private boolean recursive = true; | ||||
|         private long timer = 5; | ||||
|         private PeriodDimension period = PeriodDimension.minutes; | ||||
|  | ||||
|         public boolean isRecursive() { | ||||
|             return recursive; | ||||
| @@ -84,6 +85,13 @@ public class InvitationConfig { | ||||
|             this.timer = timer; | ||||
|         } | ||||
|  | ||||
|         public PeriodDimension getPeriod() { | ||||
|             return period; | ||||
|         } | ||||
|  | ||||
|         public void setPeriod(PeriodDimension period) { | ||||
|             this.period = period; | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     public static class SenderPolicy { | ||||
| @@ -115,6 +123,7 @@ public class InvitationConfig { | ||||
|     private Expiration expiration = new Expiration(); | ||||
|     private Resolution resolution = new Resolution(); | ||||
|     private Policies policy = new Policies(); | ||||
|     private boolean fullDisplayName = false; | ||||
|  | ||||
|     public Expiration getExpiration() { | ||||
|         return expiration; | ||||
| @@ -140,11 +149,26 @@ public class InvitationConfig { | ||||
|         this.policy = policy; | ||||
|     } | ||||
|  | ||||
|     public boolean isFullDisplayName() { | ||||
|         return fullDisplayName; | ||||
|     } | ||||
|  | ||||
|     public void setFullDisplayName(boolean fullDisplayName) { | ||||
|         this.fullDisplayName = fullDisplayName; | ||||
|     } | ||||
|  | ||||
|     public void build() { | ||||
|         log.info("--- Invite config ---"); | ||||
|         log.info("Expiration: {}", GsonUtil.get().toJson(getExpiration())); | ||||
|         log.info("Resolution: {}", GsonUtil.get().toJson(getResolution())); | ||||
|         log.info("Policies: {}", GsonUtil.get().toJson(getPolicy())); | ||||
|         log.info("Print full display name on invitation: {}", isFullDisplayName()); | ||||
|     } | ||||
|  | ||||
|     public enum PeriodDimension { | ||||
|  | ||||
|         minutes, | ||||
|  | ||||
|         seconds | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -21,7 +21,7 @@ | ||||
| package io.kamax.mxisd.config; | ||||
|  | ||||
| import io.kamax.mxisd.exception.ConfigurationException; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| public class KeyConfig { | ||||
|  | ||||
|   | ||||
| @@ -22,7 +22,7 @@ package io.kamax.mxisd.config; | ||||
|  | ||||
| import io.kamax.matrix.json.GsonUtil; | ||||
| import io.kamax.mxisd.exception.ConfigurationException; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -29,7 +29,7 @@ import io.kamax.mxisd.config.sql.synapse.SynapseSqlProviderConfig; | ||||
| import io.kamax.mxisd.config.threepid.ThreePidConfig; | ||||
| import io.kamax.mxisd.config.threepid.notification.NotificationConfig; | ||||
| import io.kamax.mxisd.config.wordpress.WordpressConfig; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
| @@ -118,6 +118,7 @@ public class MxisdConfig { | ||||
|     private PolicyConfig policy = new PolicyConfig(); | ||||
|     private HashingConfig hashing = new HashingConfig(); | ||||
|     private LoggingConfig logging = new LoggingConfig(); | ||||
|     private InternalAPIConfig internal = new InternalAPIConfig(); | ||||
|  | ||||
|     public AppServiceConfig getAppsvc() { | ||||
|         return appsvc; | ||||
| @@ -358,6 +359,14 @@ public class MxisdConfig { | ||||
|         return this; | ||||
|     } | ||||
|  | ||||
|     public InternalAPIConfig getInternal() { | ||||
|         return internal; | ||||
|     } | ||||
|  | ||||
|     public void setInternal(InternalAPIConfig internal) { | ||||
|         this.internal = internal; | ||||
|     } | ||||
|  | ||||
|     public MxisdConfig build() { | ||||
|         getLogging().build(); | ||||
|  | ||||
| @@ -394,6 +403,7 @@ public class MxisdConfig { | ||||
|         getWordpress().build(); | ||||
|         getPolicy().build(); | ||||
|         getHashing().build(getMatrix()); | ||||
|         getInternal().build(); | ||||
|  | ||||
|         return this; | ||||
|     } | ||||
|   | ||||
| @@ -20,7 +20,7 @@ | ||||
|  | ||||
| package io.kamax.mxisd.config; | ||||
|  | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -21,7 +21,7 @@ | ||||
| package io.kamax.mxisd.config; | ||||
|  | ||||
| import io.kamax.matrix.json.GsonUtil; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -1,89 +1,57 @@ | ||||
| /* | ||||
|  * mxisd - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2018 Kamax Sàrl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.config; | ||||
|  | ||||
| import io.kamax.matrix.json.GsonUtil; | ||||
| import io.kamax.mxisd.exception.ConfigurationException; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
| import org.yaml.snakeyaml.Yaml; | ||||
| import org.yaml.snakeyaml.constructor.Constructor; | ||||
| import org.yaml.snakeyaml.introspector.BeanAccess; | ||||
| import org.yaml.snakeyaml.parser.ParserException; | ||||
| import org.yaml.snakeyaml.representer.Representer; | ||||
| import org.yaml.snakeyaml.LoaderOptions; | ||||
|  | ||||
| import java.io.File; | ||||
| import java.io.FileInputStream; | ||||
| import java.io.FileNotFoundException; | ||||
| import java.io.FileWriter; | ||||
| import java.io.IOException; | ||||
| import java.io.File; | ||||
| import java.util.Optional; | ||||
|  | ||||
| public class YamlConfigLoader { | ||||
|  | ||||
|     private static final Logger log = LoggerFactory.getLogger(YamlConfigLoader.class); | ||||
|  | ||||
|     public static MxisdConfig loadFromFile(String path) throws IOException { | ||||
|         File f = new File(path).getAbsoluteFile(); | ||||
|         log.info("Reading config from {}", f.toString()); | ||||
|         Representer rep = new Representer(); | ||||
|         rep.getPropertyUtils().setBeanAccess(BeanAccess.FIELD); | ||||
|         rep.getPropertyUtils().setAllowReadOnlyProperties(true); | ||||
|         rep.getPropertyUtils().setSkipMissingProperties(true); | ||||
|         Yaml yaml = new Yaml(new Constructor(MxisdConfig.class), rep); | ||||
|         try (FileInputStream is = new FileInputStream(f)) { | ||||
|             MxisdConfig raw = yaml.load(is); | ||||
|             log.debug("Read config in memory from {}", path); | ||||
| public static MxisdConfig loadFromFile(String path) throws IOException { | ||||
|     File file = new File(path); // Define the file from the path | ||||
|     Constructor constructor = new Constructor(MxisdConfig.class); // Ensure correct import | ||||
|     Yaml yaml = new Yaml(constructor); // No change needed here, this is correct | ||||
|  | ||||
|             // SnakeYaml set objects to null when there is no value set in the config, even a full sub-tree. | ||||
|             // This is problematic for default config values and objects, to avoid NPEs. | ||||
|             // Therefore, we'll use Gson to re-parse the data in a way that avoids us checking the whole config for nulls. | ||||
|             MxisdConfig cfg = GsonUtil.get().fromJson(GsonUtil.get().toJson(raw), MxisdConfig.class); | ||||
|  | ||||
|             log.info("Loaded config from {}", path); | ||||
|             return cfg; | ||||
|         } catch (ParserException t) { | ||||
|             throw new ConfigurationException(t.getMessage(), "Could not parse YAML config file - Please check indentation and that the configuration options exist"); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     public static Optional<MxisdConfig> tryLoadFromFile(String path) { | ||||
|         log.debug("Attempting to read config from {}", path); | ||||
|         try { | ||||
|             return Optional.of(loadFromFile(path)); | ||||
|         } catch (FileNotFoundException e) { | ||||
|             log.info("No config file at {}", path); | ||||
|             return Optional.empty(); | ||||
|     // Load from YAML | ||||
|     try (FileInputStream inputStream = new FileInputStream(file)) { | ||||
|         return yaml.loadAs(inputStream, MxisdConfig.class); | ||||
|     } catch (IOException e) { | ||||
|             throw new RuntimeException(e); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     public static void dumpConfig(MxisdConfig cfg) { | ||||
|         Representer rep = new Representer(); | ||||
|         rep.getPropertyUtils().setBeanAccess(BeanAccess.FIELD); | ||||
|         rep.getPropertyUtils().setAllowReadOnlyProperties(true); | ||||
|         rep.getPropertyUtils().setSkipMissingProperties(true); | ||||
|  | ||||
|         Yaml yaml = new Yaml(new Constructor(MxisdConfig.class), rep); | ||||
|         String dump = yaml.dump(cfg); | ||||
|         log.info("Full configuration:\n{}", dump); | ||||
|         // Handle exceptions | ||||
|         throw e; | ||||
|     } | ||||
| } | ||||
|  | ||||
|     public static Optional<MxisdConfig> tryLoadFromFile(String path) { | ||||
|         try { | ||||
|             return Optional.of(loadFromFile(path)); | ||||
|         } catch (IOException e) { | ||||
|             log.warn("Unable to load configuration file from path {}: {}", path, e.getMessage()); | ||||
|             return Optional.empty(); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     public static void dumpConfig(MxisdConfig cfg, String outputPath) throws IOException { | ||||
|         // Initialize LoaderOptions for dumping if needed | ||||
|         LoaderOptions loaderOptions = new LoaderOptions(); | ||||
|         // Customize loaderOptions as necessary | ||||
|  | ||||
|         Yaml yaml = new Yaml(loaderOptions); | ||||
|  | ||||
|         try (FileWriter writer = new FileWriter(new File(outputPath))) { | ||||
|             yaml.dump(cfg, writer); | ||||
|             log.info("Configuration dumped successfully to {}", outputPath); | ||||
|         } catch (IOException e) { | ||||
|             log.error("Failed to dump YAML configuration to path: {}", outputPath, e); | ||||
|             throw e; | ||||
|         } | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -24,7 +24,7 @@ import io.kamax.matrix.ThreePidMedium; | ||||
| import io.kamax.matrix.json.GsonUtil; | ||||
| import io.kamax.mxisd.backend.ldap.LdapBackend; | ||||
| import io.kamax.mxisd.exception.ConfigurationException; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
| @@ -291,6 +291,9 @@ public abstract class LdapConfig { | ||||
|     private boolean enabled; | ||||
|     private String filter; | ||||
|  | ||||
|     private boolean activeDirectory; | ||||
|     private String defaultDomain; | ||||
|  | ||||
|     private Connection connection = new Connection(); | ||||
|     private Attribute attribute = new Attribute(); | ||||
|     private Auth auth = new Auth(); | ||||
| @@ -316,6 +319,22 @@ public abstract class LdapConfig { | ||||
|         this.filter = filter; | ||||
|     } | ||||
|  | ||||
|     public boolean isActiveDirectory() { | ||||
|         return activeDirectory; | ||||
|     } | ||||
|  | ||||
|     public void setActiveDirectory(boolean activeDirectory) { | ||||
|         this.activeDirectory = activeDirectory; | ||||
|     } | ||||
|  | ||||
|     public String getDefaultDomain() { | ||||
|         return defaultDomain; | ||||
|     } | ||||
|  | ||||
|     public void setDefaultDomain(String defaultDomain) { | ||||
|         this.defaultDomain = defaultDomain; | ||||
|     } | ||||
|  | ||||
|     public Connection getConnection() { | ||||
|         return connection; | ||||
|     } | ||||
| @@ -407,6 +426,15 @@ public abstract class LdapConfig { | ||||
|             throw new ConfigurationException("ldap.identity.token"); | ||||
|         } | ||||
|  | ||||
|         if(isActiveDirectory()) { | ||||
|             if(!StringUtils.equals(LdapBackend.UID, uidType)) { | ||||
|                 throw new IllegalArgumentException(String.format( | ||||
|                     "Attribute UID type should be set to %s in Active Directory mode", | ||||
|                     LdapBackend.UID | ||||
|                 )); | ||||
|             } | ||||
|         } | ||||
|  | ||||
|         // Build queries | ||||
|         attribute.getThreepid().forEach((k, v) -> { | ||||
|             if (StringUtils.isBlank(identity.getMedium().get(k))) { | ||||
|   | ||||
| @@ -21,7 +21,7 @@ | ||||
| package io.kamax.mxisd.config.rest; | ||||
|  | ||||
| import io.kamax.mxisd.exception.ConfigurationException; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
| @@ -33,8 +33,8 @@ public class RestBackendConfig { | ||||
|  | ||||
|     public static class IdentityEndpoints { | ||||
|  | ||||
|         private String single = "/_ma1sd/backend/api/v1/identity/single"; | ||||
|         private String bulk = "/_ma1sd/backend/api/v1/identity/bulk"; | ||||
|         private String single = "/_mxids/backend/api/v1/identity/single"; | ||||
|         private String bulk = "/_mxids/backend/api/v1/identity/bulk"; | ||||
|  | ||||
|         public String getSingle() { | ||||
|             return single; | ||||
| @@ -56,9 +56,9 @@ public class RestBackendConfig { | ||||
|  | ||||
|     public static class ProfileEndpoints { | ||||
|  | ||||
|         private String displayName = "/_ma1sd/backend/api/v1/profile/displayName"; | ||||
|         private String threepids = "/_ma1sd/backend/api/v1/profile/threepids"; | ||||
|         private String roles = "/_ma1sd/backend/api/v1/profile/roles"; | ||||
|         private String displayName = "/_mxids/backend/api/v1/profile/displayName"; | ||||
|         private String threepids = "/_mxids/backend/api/v1/profile/threepids"; | ||||
|         private String roles = "/_mxids/backend/api/v1/profile/roles"; | ||||
|  | ||||
|         public String getDisplayName() { | ||||
|             return displayName; | ||||
| @@ -88,8 +88,8 @@ public class RestBackendConfig { | ||||
|  | ||||
|     public static class Endpoints { | ||||
|  | ||||
|         private String auth = "/_ma1sd/backend/api/v1/auth/login"; | ||||
|         private String directory = "/_ma1sd/backend/api/v1/directory/user/search"; | ||||
|         private String auth = "/_mxids/backend/api/v1/auth/login"; | ||||
|         private String directory = "/_mxids/backend/api/v1/directory/user/search"; | ||||
|         private IdentityEndpoints identity = new IdentityEndpoints(); | ||||
|         private ProfileEndpoints profile = new ProfileEndpoints(); | ||||
|  | ||||
|   | ||||
| @@ -23,7 +23,7 @@ package io.kamax.mxisd.config.sql.synapse; | ||||
| import io.kamax.mxisd.UserIdType; | ||||
| import io.kamax.mxisd.backend.sql.synapse.SynapseQueries; | ||||
| import io.kamax.mxisd.config.sql.SqlConfig; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -21,7 +21,7 @@ | ||||
| package io.kamax.mxisd.config.threepid.connector; | ||||
|  | ||||
| import io.kamax.mxisd.util.GsonUtil; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -20,7 +20,7 @@ | ||||
|  | ||||
| package io.kamax.mxisd.config.threepid.connector; | ||||
|  | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -20,7 +20,7 @@ | ||||
|  | ||||
| package io.kamax.mxisd.config.threepid.medium; | ||||
|  | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| import java.util.HashMap; | ||||
| import java.util.Map; | ||||
|   | ||||
| @@ -21,7 +21,7 @@ | ||||
| package io.kamax.mxisd.config.wordpress; | ||||
|  | ||||
| import io.kamax.mxisd.exception.ConfigurationException; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| import java.util.HashMap; | ||||
| import java.util.Map; | ||||
|   | ||||
| @@ -31,7 +31,7 @@ import io.kamax.mxisd.http.io.UserDirectorySearchRequest; | ||||
| import io.kamax.mxisd.http.io.UserDirectorySearchResult; | ||||
| import io.kamax.mxisd.util.RestClientUtils; | ||||
| import org.apache.commons.io.IOUtils; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.http.client.methods.CloseableHttpResponse; | ||||
| import org.apache.http.client.methods.HttpPost; | ||||
| import org.apache.http.client.utils.URIBuilder; | ||||
|   | ||||
| @@ -23,5 +23,6 @@ package io.kamax.mxisd.exception; | ||||
| public class InvalidParamException extends RuntimeException { | ||||
|  | ||||
|     public InvalidParamException() { | ||||
|         super("The chosen hash algorithm is invalid or disallowed"); | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -23,5 +23,6 @@ package io.kamax.mxisd.exception; | ||||
| public class InvalidPepperException extends RuntimeException { | ||||
|  | ||||
|     public InvalidPepperException() { | ||||
|         super("The provided pepper is invalid or expired"); | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -0,0 +1,28 @@ | ||||
| /* | ||||
|  * mxids - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2020 Anatoliy SAblin | ||||
|  * | ||||
|  * https://git.cqre.net/cqrenet/mxids/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.exception; | ||||
|  | ||||
| public class TermsNotSignedException extends RuntimeException { | ||||
|  | ||||
|     public TermsNotSignedException() { | ||||
|         super("Please accept our updated terms of service before continuing"); | ||||
|     } | ||||
| } | ||||
| @@ -20,11 +20,19 @@ | ||||
|  | ||||
| package io.kamax.mxisd.http; | ||||
|  | ||||
| import static io.kamax.mxisd.util.RestClientUtils.urlEncode; | ||||
|  | ||||
| public class IsAPIv1 { | ||||
|  | ||||
|     public static final String Base = "/_matrix/identity/api/v1"; | ||||
|  | ||||
|     public static String getValidate(String medium, String sid, String secret, String token) { | ||||
|         return String.format("%s/validate/%s/submitToken?sid=%s&client_secret=%s&token=%s", Base, medium, sid, secret, token); | ||||
|         return String.format("%s/validate/%s/submitToken?sid=%s&client_secret=%s&token=%s", | ||||
|             Base, | ||||
|             medium, | ||||
|             urlEncode(sid), | ||||
|             urlEncode(secret), | ||||
|             urlEncode(token) | ||||
|         ); | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -33,6 +33,7 @@ import io.kamax.mxisd.util.RestClientUtils; | ||||
| import io.undertow.server.HttpHandler; | ||||
| import io.undertow.server.HttpServerExchange; | ||||
| import io.undertow.server.handlers.form.FormData; | ||||
| import io.undertow.util.Headers; | ||||
| import io.undertow.util.HttpString; | ||||
| import org.apache.commons.io.IOUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| @@ -189,7 +190,7 @@ public abstract class BasicHttpHandler implements HttpHandler { | ||||
|     } | ||||
|  | ||||
|     protected void respond(HttpServerExchange ex, int status, String errCode, String error) { | ||||
|         respond(ex, status, buildErrorBody(ex, errCode, error)); | ||||
|         respond(ex, status, buildErrorBody(ex, errCode, error != null ? error : "An error has occurred")); | ||||
|     } | ||||
|  | ||||
|     protected void handleException(HttpServerExchange exchange, HttpMatrixException ex) { | ||||
| @@ -203,26 +204,34 @@ public abstract class BasicHttpHandler implements HttpHandler { | ||||
|     } | ||||
|  | ||||
|     protected void proxyPost(HttpServerExchange exchange, JsonObject body, CloseableHttpClient client, ClientDnsOverwrite dns) { | ||||
|         proxyPost(exchange, body, client, dns, false); | ||||
|     } | ||||
|  | ||||
|     protected void proxyPost(HttpServerExchange exchange, JsonObject body, CloseableHttpClient client, ClientDnsOverwrite dns, | ||||
|                              boolean defaultJsonResponse) { | ||||
|         String target = dns.transform(URI.create(exchange.getRequestURL())).toString(); | ||||
|         log.info("Requesting remote: {}", target); | ||||
|         HttpPost req = RestClientUtils.post(target, GsonUtil.get(), body); | ||||
|  | ||||
|         exchange.getRequestHeaders().forEach(header -> { | ||||
|             header.forEach(v -> { | ||||
|         exchange.getRequestHeaders().forEach(header -> header.forEach(v -> { | ||||
|             String name = header.getHeaderName().toString(); | ||||
|             if (!StringUtils.startsWithIgnoreCase(name, "content-")) { | ||||
|                 req.addHeader(name, v); | ||||
|             } | ||||
|             }); | ||||
|         }); | ||||
|         })); | ||||
|  | ||||
|         boolean missingJsonResponse = true; | ||||
|         try (CloseableHttpResponse res = client.execute(req)) { | ||||
|             exchange.setStatusCode(res.getStatusLine().getStatusCode()); | ||||
|             for (Header h : res.getAllHeaders()) { | ||||
|                 for (HeaderElement el : h.getElements()) { | ||||
|                     missingJsonResponse = !Headers.CONTENT_TYPE_STRING.equalsIgnoreCase(h.getName()); | ||||
|                     exchange.getResponseHeaders().add(HttpString.tryFromString(h.getName()), el.getValue()); | ||||
|                 } | ||||
|             } | ||||
|             if (defaultJsonResponse && missingJsonResponse) { | ||||
|                 exchange.getRequestHeaders().add(Headers.CONTENT_TYPE, "application/json"); | ||||
|             } | ||||
|             res.getEntity().writeTo(exchange.getOutputStream()); | ||||
|             exchange.endExchange(); | ||||
|         } catch (IOException e) { | ||||
|   | ||||
| @@ -23,6 +23,7 @@ package io.kamax.mxisd.http.undertow.handler; | ||||
| import io.kamax.mxisd.auth.AccountManager; | ||||
| import io.kamax.mxisd.config.PolicyConfig; | ||||
| import io.kamax.mxisd.exception.InvalidCredentialsException; | ||||
| import io.kamax.mxisd.exception.TermsNotSignedException; | ||||
| import io.undertow.server.HttpHandler; | ||||
| import io.undertow.server.HttpServerExchange; | ||||
| import org.slf4j.Logger; | ||||
| @@ -66,7 +67,7 @@ public class CheckTermsHandler extends BasicHttpHandler { | ||||
|  | ||||
|         if (!accountManager.isTermAccepted(token, policies)) { | ||||
|             log.error("Non accepting request from: {}", exchange.getHostAndPort()); | ||||
|             throw new InvalidCredentialsException(); | ||||
|             throw new TermsNotSignedException(); | ||||
|         } | ||||
|         log.trace("Access granted"); | ||||
|         child.handleRequest(exchange); | ||||
|   | ||||
| @@ -82,7 +82,10 @@ public class SaneHandler extends BasicHttpHandler { | ||||
|             } catch (InvalidJsonException e) { | ||||
|                 respond(exchange, HttpStatus.SC_BAD_REQUEST, e.getErrorCode(), e.getError()); | ||||
|             } catch (InvalidCredentialsException e) { | ||||
|                 log.error("Unauthorized: ", e); | ||||
|                 respond(exchange, HttpStatus.SC_UNAUTHORIZED, "M_UNAUTHORIZED", e.getMessage()); | ||||
|             } catch (TermsNotSignedException e) { | ||||
|                 respond(exchange, HttpStatus.SC_FORBIDDEN, "M_TERMS_NOT_SIGNED", e.getMessage()); | ||||
|             } catch (ObjectNotFoundException e) { | ||||
|                 respond(exchange, HttpStatus.SC_NOT_FOUND, "M_NOT_FOUND", e.getMessage()); | ||||
|             } catch (NotImplementedException e) { | ||||
|   | ||||
| @@ -29,10 +29,7 @@ import java.util.Optional; | ||||
| public abstract class ApplicationServiceHandler extends BasicHttpHandler { | ||||
|  | ||||
|     protected String getToken(HttpServerExchange ex) { | ||||
|         return Optional.ofNullable(ex.getQueryParameters() | ||||
|                 .getOrDefault("access_token", new LinkedList<>()) | ||||
|                 .peekFirst() | ||||
|         ).orElse(""); | ||||
|         return getAccessToken(ex); | ||||
|     } | ||||
|  | ||||
| } | ||||
|   | ||||
| @@ -24,6 +24,6 @@ import io.kamax.mxisd.http.undertow.handler.BasicHttpHandler; | ||||
|  | ||||
| public abstract class LoginHandler extends BasicHttpHandler { | ||||
|  | ||||
|     public static final String Path = "/_matrix/client/r0/login"; | ||||
|     public static final String Path = "/_matrix/client/v3/login"; | ||||
|  | ||||
| } | ||||
|   | ||||
| @@ -31,7 +31,7 @@ import java.net.URI; | ||||
|  | ||||
| public class UserDirectorySearchHandler extends HomeserverProxyHandler { | ||||
|  | ||||
|     public static final String Path = "/_matrix/client/r0/user_directory/search"; | ||||
|     public static final String Path = "/_matrix/client/v3/user_directory/search"; | ||||
|  | ||||
|     private DirectoryManager mgr; | ||||
|  | ||||
|   | ||||
| @@ -23,7 +23,7 @@ package io.kamax.mxisd.http.undertow.handler.identity.share; | ||||
| import io.kamax.mxisd.http.undertow.handler.BasicHttpHandler; | ||||
| import io.kamax.mxisd.lookup.ALookupRequest; | ||||
| import io.undertow.server.HttpServerExchange; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -33,7 +33,7 @@ import io.kamax.mxisd.lookup.SingleLookupReply; | ||||
| import io.kamax.mxisd.session.SessionManager; | ||||
| import io.undertow.server.HttpServerExchange; | ||||
| import io.undertow.util.QueryParameterUtils; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.http.HttpStatus; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|   | ||||
| @@ -0,0 +1,30 @@ | ||||
| package io.kamax.mxisd.http.undertow.handler.internal; | ||||
|  | ||||
| import com.google.gson.JsonObject; | ||||
| import io.kamax.mxisd.http.undertow.handler.BasicHttpHandler; | ||||
| import io.kamax.mxisd.invitation.InvitationManager; | ||||
| import io.undertow.server.HttpServerExchange; | ||||
|  | ||||
| import java.util.concurrent.ExecutorService; | ||||
| import java.util.concurrent.Executors; | ||||
|  | ||||
| public class InternalInviteManagerHandler extends BasicHttpHandler { | ||||
|  | ||||
|     public static final String PATH = "/_mxids/internal/admin/inv_manager"; | ||||
|  | ||||
|     private final InvitationManager invitationManager; | ||||
|     private final ExecutorService executors = Executors.newFixedThreadPool(1); | ||||
|  | ||||
|     public InternalInviteManagerHandler(InvitationManager invitationManager) { | ||||
|         this.invitationManager = invitationManager; | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public void handleRequest(HttpServerExchange exchange) throws Exception { | ||||
|         executors.submit(invitationManager::doMaintenance); | ||||
|  | ||||
|         JsonObject obj = new JsonObject(); | ||||
|         obj.addProperty("result", "ok"); | ||||
|         respond(exchange, obj); | ||||
|     } | ||||
| } | ||||
| @@ -44,7 +44,7 @@ import java.util.Optional; | ||||
|  | ||||
| public class RoomInviteHandler extends BasicHttpHandler { | ||||
|  | ||||
|     public static final String Path = "/_matrix/client/r0/rooms/{roomId}/invite"; | ||||
|     public static final String Path = "/_matrix/client/v3/rooms/{roomId}/invite"; | ||||
|  | ||||
|     private static final Logger log = LoggerFactory.getLogger(RoomInviteHandler.class); | ||||
|  | ||||
| @@ -62,7 +62,7 @@ public class RoomInviteHandler extends BasicHttpHandler { | ||||
|     public void handleRequest(HttpServerExchange exchange) { | ||||
|         String accessToken = getAccessToken(exchange); | ||||
|  | ||||
|         String whoamiUri = dns.transform(URI.create(exchange.getRequestURL()).resolve(URI.create("/_matrix/client/r0/account/whoami"))).toString(); | ||||
|         String whoamiUri = dns.transform(URI.create(exchange.getRequestURL()).resolve(URI.create("/_matrix/client/v3/account/whoami"))).toString(); | ||||
|         log.info("Who Am I URL: {}", whoamiUri); | ||||
|         HttpGet whoAmIReq = new HttpGet(whoamiUri); | ||||
|         whoAmIReq.addHeader("Authorization", "Bearer " + accessToken); | ||||
|   | ||||
| @@ -34,7 +34,7 @@ import java.util.Optional; | ||||
| public class ProfileHandler extends HomeserverProxyHandler { | ||||
|  | ||||
|     public static final String UserID = "userId"; | ||||
|     public static final String Path = "/_matrix/client/r0/profile/{" + UserID + "}"; | ||||
|     public static final String Path = "/_matrix/client/v3/profile/{" + UserID + "}"; | ||||
|  | ||||
|     protected ProfileManager mgr; | ||||
|  | ||||
|   | ||||
| @@ -38,7 +38,7 @@ import org.slf4j.LoggerFactory; | ||||
| public class Register3pidRequestTokenHandler extends BasicHttpHandler { | ||||
|  | ||||
|     public static final String Key = "medium"; | ||||
|     public static final String Path = "/_matrix/client/r0/register/{" + Key + "}/requestToken"; | ||||
|     public static final String Path = "/_matrix/client/v3/register/{" + Key + "}/requestToken"; | ||||
|  | ||||
|     private static final Logger log = LoggerFactory.getLogger(Register3pidRequestTokenHandler.class); | ||||
|  | ||||
| @@ -71,7 +71,7 @@ public class Register3pidRequestTokenHandler extends BasicHttpHandler { | ||||
|             throw new NotAllowedException("Your " + medium + " address cannot be used for registration"); | ||||
|         } | ||||
|  | ||||
|         proxyPost(exchange, body, client, dns); | ||||
|         proxyPost(exchange, body, client, dns, true); | ||||
|     } | ||||
|  | ||||
| } | ||||
|   | ||||
| @@ -155,7 +155,17 @@ public class InvitationManager { | ||||
|                     log.error("Error when running background maintenance", t); | ||||
|                 } | ||||
|             } | ||||
|         }, 5000L, TimeUnit.MILLISECONDS.convert(cfg.getResolution().getTimer(), TimeUnit.MINUTES)); | ||||
|         }, 5000L, TimeUnit.MILLISECONDS.convert(cfg.getResolution().getTimer(), getTimeUnit())); | ||||
|     } | ||||
|  | ||||
|     private TimeUnit getTimeUnit() { | ||||
|         switch (cfg.getResolution().getPeriod()) { | ||||
|             case seconds: | ||||
|                 return TimeUnit.SECONDS; | ||||
|             case minutes: | ||||
|             default: | ||||
|                 return TimeUnit.MINUTES; | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     private InvitationConfig requireValid(MxisdConfig cfg) { | ||||
| @@ -176,7 +186,8 @@ public class InvitationManager { | ||||
|             if (StringUtils.isBlank(cfg.getInvite().getExpiration().getResolveTo())) { | ||||
|                 String localpart = cfg.getAppsvc().getUser().getInviteExpired(); | ||||
|                 if (StringUtils.isBlank(localpart)) { | ||||
|                     throw new ConfigurationException("Could not compute the Invitation expiration resolution target from App service user: not set"); | ||||
|                     throw new ConfigurationException( | ||||
|                         "Could not compute the Invitation expiration resolution target from App service user: not set"); | ||||
|                 } | ||||
|  | ||||
|                 cfg.getInvite().getExpiration().setResolveTo(MatrixID.asAcceptable(localpart, cfg.getMatrix().getDomain()).getId()); | ||||
| @@ -198,7 +209,8 @@ public class InvitationManager { | ||||
|     } | ||||
|  | ||||
|     private String getIdForLog(IThreePidInviteReply reply) { | ||||
|         return reply.getInvite().getSender().getId() + ":" + reply.getInvite().getRoomId() + ":" + reply.getInvite().getMedium() + ":" + reply.getInvite().getAddress(); | ||||
|         return reply.getInvite().getSender().getId() + ":" + reply.getInvite().getRoomId() + ":" + reply.getInvite() | ||||
|             .getMedium() + ":" + reply.getInvite().getAddress(); | ||||
|     } | ||||
|  | ||||
|     private Optional<SingleLookupReply> lookup3pid(String medium, String address) { | ||||
| @@ -252,13 +264,16 @@ public class InvitationManager { | ||||
|         } | ||||
|  | ||||
|         String invId = computeId(invitation); | ||||
|         log.info("Handling invite for {}:{} from {} in room {}", invitation.getMedium(), invitation.getAddress(), invitation.getSender(), invitation.getRoomId()); | ||||
|         log.info("Handling invite for {}:{} from {} in room {}", invitation.getMedium(), invitation.getAddress(), invitation.getSender(), | ||||
|             invitation.getRoomId()); | ||||
|         IThreePidInviteReply reply = invitations.get(invId); | ||||
|         if (reply != null) { | ||||
|             log.info("Invite is already pending for {}:{}, returning data", invitation.getMedium(), invitation.getAddress()); | ||||
|             if (!StringUtils.equals(invitation.getRoomId(), reply.getInvite().getRoomId())) { | ||||
|                 log.info("Sending new notification as new invite room {} is different from the original {}", invitation.getRoomId(), reply.getInvite().getRoomId()); | ||||
|                 notifMgr.sendForReply(new ThreePidInviteReply(reply.getId(), invitation, reply.getToken(), reply.getDisplayName(), reply.getPublicKeys())); | ||||
|                 log.info("Sending new notification as new invite room {} is different from the original {}", invitation.getRoomId(), | ||||
|                     reply.getInvite().getRoomId()); | ||||
|                 notifMgr.sendForReply( | ||||
|                     new ThreePidInviteReply(reply.getId(), invitation, reply.getToken(), reply.getDisplayName(), reply.getPublicKeys())); | ||||
|             } else { | ||||
|                 // FIXME we should check attempt and send if bigger | ||||
|             } | ||||
| @@ -272,7 +287,7 @@ public class InvitationManager { | ||||
|         } | ||||
|  | ||||
|         String token = RandomStringUtils.randomAlphanumeric(64); | ||||
|         String displayName = invitation.getAddress().substring(0, 3) + "..."; | ||||
|         String displayName = getInvitedDisplayName(invitation.getAddress()); | ||||
|         KeyIdentifier pKeyId = keyMgr.getServerSigningKey().getId(); | ||||
|         KeyIdentifier eKeyId = keyMgr.generateKey(KeyType.Ephemeral); | ||||
|  | ||||
| @@ -295,11 +310,20 @@ public class InvitationManager { | ||||
|         log.info("Storing invite under ID {}", invId); | ||||
|         storage.insertInvite(reply); | ||||
|         invitations.put(invId, reply); | ||||
|         log.info("A new invite has been created for {}:{} on HS {}", invitation.getMedium(), invitation.getAddress(), invitation.getSender().getDomain()); | ||||
|         log.info("A new invite has been created for {}:{} on HS {}", invitation.getMedium(), invitation.getAddress(), | ||||
|             invitation.getSender().getDomain()); | ||||
|  | ||||
|         return reply; | ||||
|     } | ||||
|  | ||||
|     private String getInvitedDisplayName(String origin) { | ||||
|         if (cfg.isFullDisplayName()) { | ||||
|             return origin; | ||||
|         } else { | ||||
|             return origin.substring(0, 3) + "..."; | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     public boolean hasInvite(ThreePid tpid) { | ||||
|         for (IThreePidInviteReply reply : invitations.values()) { | ||||
|             if (!StringUtils.equals(tpid.getMedium(), reply.getInvite().getMedium())) { | ||||
| @@ -385,8 +409,10 @@ public class InvitationManager { | ||||
|     public void publishMappingIfInvited(ThreePidMapping threePid) { | ||||
|         log.info("Looking up possible pending invites for {}:{}", threePid.getMedium(), threePid.getValue()); | ||||
|         for (IThreePidInviteReply reply : invitations.values()) { | ||||
|             if (StringUtils.equalsIgnoreCase(reply.getInvite().getMedium(), threePid.getMedium()) && StringUtils.equalsIgnoreCase(reply.getInvite().getAddress(), threePid.getValue())) { | ||||
|                 log.info("{}:{} has an invite pending on HS {}, publishing mapping", threePid.getMedium(), threePid.getValue(), reply.getInvite().getSender().getDomain()); | ||||
|             if (StringUtils.equalsIgnoreCase(reply.getInvite().getMedium(), threePid.getMedium()) && StringUtils | ||||
|                 .equalsIgnoreCase(reply.getInvite().getAddress(), threePid.getValue())) { | ||||
|                 log.info("{}:{} has an invite pending on HS {}, publishing mapping", threePid.getMedium(), threePid.getValue(), | ||||
|                     reply.getInvite().getSender().getDomain()); | ||||
|                 publishMapping(reply, threePid.getMxid()); | ||||
|             } | ||||
|         } | ||||
|   | ||||
| @@ -26,7 +26,7 @@ import io.kamax.mxisd.lookup.SingleLookupRequest; | ||||
| import io.kamax.mxisd.lookup.ThreePidMapping; | ||||
| import io.kamax.mxisd.lookup.fetcher.IBridgeFetcher; | ||||
| import io.kamax.mxisd.lookup.fetcher.IRemoteIdentityServerFetcher; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -27,7 +27,7 @@ import io.kamax.mxisd.lookup.SingleLookupRequest; | ||||
| import io.kamax.mxisd.lookup.ThreePidMapping; | ||||
| import io.kamax.mxisd.lookup.fetcher.IRemoteIdentityServerFetcher; | ||||
| import io.kamax.mxisd.matrix.IdentityServerUtils; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -31,7 +31,11 @@ import org.apache.http.impl.client.CloseableHttpClient; | ||||
| import org.apache.http.util.EntityUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
| import org.xbill.DNS.*; | ||||
| import org.xbill.DNS.Lookup; | ||||
| import org.xbill.DNS.Record; | ||||
| import org.xbill.DNS.SRVRecord; | ||||
| import org.xbill.DNS.TextParseException; | ||||
| import org.xbill.DNS.Type; | ||||
|  | ||||
| import java.io.IOException; | ||||
| import java.net.MalformedURLException; | ||||
| @@ -130,7 +134,9 @@ public class HomeserverFederationResolver { | ||||
|  | ||||
|             return Optional.empty(); | ||||
|         } catch (IOException e) { | ||||
|             throw new RuntimeException("Error while trying to lookup well-known for " + domain, e); | ||||
|             log.info("Error while trying to lookup well-known for " + domain); | ||||
|             log.trace("Error while trying to lookup well-known for " + domain, e); | ||||
|             return Optional.empty(); | ||||
|         } | ||||
|     } | ||||
|  | ||||
| @@ -141,7 +147,7 @@ public class HomeserverFederationResolver { | ||||
|  | ||||
|         try { | ||||
|             List<SRVRecord> srvRecords = new ArrayList<>(); | ||||
|             Record[] rawRecords = new Lookup(lookupDns, Type.SRV).run(); | ||||
|             org.xbill.DNS.Record[] rawRecords = new Lookup(lookupDns, Type.SRV).run(); | ||||
|             if (Objects.isNull(rawRecords) || rawRecords.length == 0) { | ||||
|                 log.debug("No SRV record for {}", domain); | ||||
|                 return Optional.empty(); | ||||
|   | ||||
| @@ -25,7 +25,7 @@ import com.google.gson.JsonParseException; | ||||
| import com.google.gson.JsonParser; | ||||
| import io.kamax.mxisd.http.IsAPIv1; | ||||
| import org.apache.commons.io.IOUtils; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.http.client.config.RequestConfig; | ||||
| import org.apache.http.client.methods.CloseableHttpResponse; | ||||
| import org.apache.http.client.methods.HttpGet; | ||||
| @@ -108,13 +108,13 @@ public class IdentityServerUtils { | ||||
|             log.info("Lookup name: {}", lookupDns); | ||||
|  | ||||
|             List<SRVRecord> srvRecords = new ArrayList<>(); | ||||
|             Record[] records = new Lookup(lookupDns, Type.SRV).run(); | ||||
|             org.xbill.DNS.Record[] records = new Lookup(lookupDns, Type.SRV).run(); | ||||
|             if (records == null || records.length == 0) { | ||||
|                 log.info("No SRV record for {}", lookupDns); | ||||
|                 return Optional.empty(); | ||||
|             } | ||||
|  | ||||
|             for (Record record : records) { | ||||
|             for (org.xbill.DNS.Record record : records) { | ||||
|                 log.info("Record: {}", record.toString()); | ||||
|                 if (record.getType() == Type.SRV) { | ||||
|                     if (record instanceof SRVRecord) { | ||||
|   | ||||
| @@ -26,7 +26,7 @@ import io.kamax.mxisd.exception.NotImplementedException; | ||||
| import io.kamax.mxisd.invitation.IMatrixIdInvite; | ||||
| import io.kamax.mxisd.invitation.IThreePidInviteReply; | ||||
| import io.kamax.mxisd.threepid.session.IThreePidSession; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -28,7 +28,7 @@ import io.kamax.mxisd.exception.ObjectNotFoundException; | ||||
| import org.apache.commons.codec.binary.Base64; | ||||
| import org.apache.commons.io.FileUtils; | ||||
| import org.apache.commons.io.IOUtils; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -23,10 +23,10 @@ package io.kamax.mxisd.storage.ormlite; | ||||
| import com.j256.ormlite.dao.CloseableWrappedIterable; | ||||
| import com.j256.ormlite.dao.Dao; | ||||
| import com.j256.ormlite.dao.DaoManager; | ||||
| import com.j256.ormlite.db.PostgresDatabaseType; | ||||
| import com.j256.ormlite.db.SqliteDatabaseType; | ||||
| import com.j256.ormlite.jdbc.JdbcConnectionSource; | ||||
| import com.j256.ormlite.jdbc.JdbcPooledConnectionSource; | ||||
| import com.j256.ormlite.jdbc.db.PostgresDatabaseType; | ||||
| import com.j256.ormlite.jdbc.db.SqliteDatabaseType; | ||||
| import com.j256.ormlite.stmt.QueryBuilder; | ||||
| import com.j256.ormlite.support.ConnectionSource; | ||||
| import com.j256.ormlite.table.TableUtils; | ||||
| @@ -50,7 +50,7 @@ import io.kamax.mxisd.storage.ormlite.dao.HistoricalThreePidInviteIO; | ||||
| import io.kamax.mxisd.storage.ormlite.dao.AcceptedDao; | ||||
| import io.kamax.mxisd.storage.ormlite.dao.ThreePidInviteIO; | ||||
| import io.kamax.mxisd.storage.ormlite.dao.ThreePidSessionDao; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.commons.lang3.tuple.Pair; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
| @@ -88,6 +88,7 @@ public class OrmLiteSqlStorage implements IStorage { | ||||
|         public static final String FIX_ACCEPTED_DAO = "2019_12_09__2254__fix_accepted_dao"; | ||||
|         public static final String FIX_HASH_DAO_UNIQUE_INDEX = "2020_03_22__1153__fix_hash_dao_unique_index"; | ||||
|         public static final String CHANGE_TYPE_TO_TEXT_INVITE = "2020_04_21__2338__change_type_table_invites"; | ||||
|         public static final String CHANGE_TYPE_TO_TEXT_INVITE_HISTORY = "2020_10_26__2200__change_type_table_invite_history"; | ||||
|     } | ||||
|  | ||||
|     private Dao<ThreePidInviteIO, String> invDao; | ||||
| @@ -177,6 +178,11 @@ public class OrmLiteSqlStorage implements IStorage { | ||||
|             fixInviteTableColumnType(connPol); | ||||
|             changelogDao.create(new ChangelogDao(Migrations.CHANGE_TYPE_TO_TEXT_INVITE, new Date(), "Modify column type to text.")); | ||||
|         } | ||||
|         ChangelogDao fixInviteHistoryTableColumnType = changelogDao.queryForId(Migrations.CHANGE_TYPE_TO_TEXT_INVITE_HISTORY); | ||||
|         if (fixInviteHistoryTableColumnType == null) { | ||||
|             fixInviteHistoryTableColumnType(connPol); | ||||
|             changelogDao.create(new ChangelogDao(Migrations.CHANGE_TYPE_TO_TEXT_INVITE_HISTORY, new Date(), "Modify column type to text.")); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     private void fixAcceptedDao(ConnectionSource connPool) throws SQLException { | ||||
| @@ -204,6 +210,20 @@ public class OrmLiteSqlStorage implements IStorage { | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     private void fixInviteHistoryTableColumnType(ConnectionSource connPool) throws SQLException { | ||||
|         LOGGER.info("Migration: {}", Migrations.CHANGE_TYPE_TO_TEXT_INVITE_HISTORY); | ||||
|         if (StorageConfig.BackendEnum.postgresql == backend) { | ||||
|             invDao.executeRawNoArgs("alter table invite_3pid_history alter column \"resolvedTo\" type text"); | ||||
|             invDao.executeRawNoArgs("alter table invite_3pid_history alter column id type text"); | ||||
|             invDao.executeRawNoArgs("alter table invite_3pid_history alter column token type text"); | ||||
|             invDao.executeRawNoArgs("alter table invite_3pid_history alter column sender type text"); | ||||
|             invDao.executeRawNoArgs("alter table invite_3pid_history alter column medium type text"); | ||||
|             invDao.executeRawNoArgs("alter table invite_3pid_history alter column address type text"); | ||||
|             invDao.executeRawNoArgs("alter table invite_3pid_history alter column \"roomId\" type text"); | ||||
|             invDao.executeRawNoArgs("alter table invite_3pid_history alter column properties type text"); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     private <V, K> Dao<V, K> createDaoAndTable(ConnectionSource connPool, Class<V> c) throws SQLException { | ||||
|         return createDaoAndTable(connPool, c, false); | ||||
|     } | ||||
| @@ -247,13 +267,17 @@ public class OrmLiteSqlStorage implements IStorage { | ||||
|  | ||||
|     private <T> List<T> forIterable(CloseableWrappedIterable<? extends T> t) { | ||||
|         return withCatcher(() -> { | ||||
|             try { | ||||
|             List<T> ioList = new ArrayList<>(); | ||||
|             try { | ||||
|                 t.forEach(ioList::add); | ||||
|                 return ioList; | ||||
|             } finally { | ||||
|                 try { | ||||
|                     t.close(); | ||||
|                 } catch (Exception e) { // Catching Exception to cover all bases | ||||
|                     throw new RuntimeException("Failed to close iterable", e); | ||||
|                 } | ||||
|             } | ||||
|             return ioList; | ||||
|         }); | ||||
|     } | ||||
|  | ||||
|   | ||||
| @@ -25,7 +25,7 @@ import com.j256.ormlite.field.DatabaseField; | ||||
| import com.j256.ormlite.table.DatabaseTable; | ||||
| import io.kamax.matrix.json.GsonUtil; | ||||
| import io.kamax.mxisd.invitation.IThreePidInviteReply; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| import java.util.HashMap; | ||||
| import java.util.Map; | ||||
|   | ||||
| @@ -27,7 +27,7 @@ import com.twilio.type.PhoneNumber; | ||||
| import io.kamax.mxisd.config.threepid.connector.PhoneTwilioConfig; | ||||
| import io.kamax.mxisd.exception.InternalServerError; | ||||
| import io.kamax.mxisd.exception.NotImplementedException; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
|  | ||||
|   | ||||
| @@ -1,23 +1,3 @@ | ||||
| /* | ||||
|  * mxisd - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2017 Kamax Sarl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.threepid.generator; | ||||
|  | ||||
| import io.kamax.matrix.ThreePid; | ||||
| @@ -28,7 +8,6 @@ import io.kamax.mxisd.invitation.IMatrixIdInvite; | ||||
| import io.kamax.mxisd.invitation.IThreePidInviteReply; | ||||
| import io.kamax.mxisd.threepid.session.IThreePidSession; | ||||
| import io.kamax.mxisd.util.RestClientUtils; | ||||
| import org.apache.commons.lang.WordUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| import static io.kamax.mxisd.http.io.identity.StoreInviteRequest.Keys.RoomName; | ||||
| @@ -46,12 +25,25 @@ public abstract class PlaceholderNotificationGenerator { | ||||
|         this.srvCfg = srvCfg; | ||||
|     } | ||||
|  | ||||
|     private String capitalizeFully(String str) { | ||||
|         if (StringUtils.isBlank(str)) { | ||||
|             return str; | ||||
|         } | ||||
|  | ||||
|         String[] words = str.toLowerCase().split("\\s+"); | ||||
|         for (int i = 0; i < words.length; i++) { | ||||
|             words[i] = StringUtils.capitalize(words[i]); | ||||
|         } | ||||
|  | ||||
|         return String.join(" ", words); | ||||
|     } | ||||
|  | ||||
|     protected String populateForCommon(ThreePid recipient, String input) { | ||||
|         if (StringUtils.isBlank(input)) { | ||||
|             return input; | ||||
|         } | ||||
|  | ||||
|         String domainPretty = WordUtils.capitalizeFully(mxCfg.getDomain()); | ||||
|         String domainPretty = capitalizeFully(mxCfg.getDomain()); | ||||
|  | ||||
|         return input | ||||
|                 .replace("%DOMAIN%", mxCfg.getDomain()) | ||||
|   | ||||
| @@ -24,7 +24,7 @@ import io.kamax.matrix.json.GsonUtil; | ||||
| import io.kamax.mxisd.Mxisd; | ||||
| import io.kamax.mxisd.config.threepid.medium.EmailConfig; | ||||
| import io.kamax.mxisd.config.threepid.medium.EmailTemplateConfig; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| import java.util.Optional; | ||||
|  | ||||
|   | ||||
| @@ -65,9 +65,12 @@ public class BuiltInNotificationHandlerSupplier implements NotificationHandlerSu | ||||
|         if (StringUtils.equals(EmailRawNotificationHandler.ID, handler)) { | ||||
|             Object o = mxisd.getConfig().getThreepid().getMedium().get(ThreePidMedium.Email.getId()); | ||||
|             if (Objects.nonNull(o)) { | ||||
|                 EmailConfig emailCfg; | ||||
|                 Object cfgJson = mxisd.getConfig().getNotification().getHandlers().get(handler); // Assuming this gives you the JSON config for Email. | ||||
|                 EmailConfig emailCfg; // Declare outside the try-catch. | ||||
|                 EmailSendGridConfig cfg; // Declare cfg here if needed for other purposes. | ||||
|                 try { | ||||
|                     emailCfg = GsonUtil.get().fromJson(GsonUtil.makeObj(o), EmailConfig.class); | ||||
|                     emailCfg = GsonUtil.get().fromJson(GsonUtil.get().toJson(o), EmailConfig.class); // Assuming 'o' contains the EmailConfig JSON. | ||||
|                     // Additional configurations or initializations can go here. | ||||
|                 } catch (JsonSyntaxException e) { | ||||
|                     throw new ConfigurationException("Invalid configuration for threepid email notification"); | ||||
|                 } | ||||
|   | ||||
| @@ -28,7 +28,7 @@ import io.kamax.mxisd.notification.NotificationHandler; | ||||
| import io.kamax.mxisd.threepid.connector.ThreePidConnector; | ||||
| import io.kamax.mxisd.threepid.generator.NotificationGenerator; | ||||
| import io.kamax.mxisd.threepid.session.IThreePidSession; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| import java.util.List; | ||||
|  | ||||
|   | ||||
| @@ -1,27 +1,13 @@ | ||||
| /* | ||||
|  * mxisd - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2017 Kamax Sarl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.threepid.notification.email; | ||||
|  | ||||
| import com.sendgrid.Method; | ||||
| import com.sendgrid.Request; | ||||
| import com.sendgrid.Response; | ||||
| import com.sendgrid.SendGrid; | ||||
| import com.sendgrid.SendGridException; | ||||
| import com.sendgrid.helpers.mail.Mail; | ||||
| import com.sendgrid.helpers.mail.objects.Email; | ||||
| import com.sendgrid.helpers.mail.objects.Content; | ||||
| import com.sendgrid.helpers.mail.objects.Personalization; // Correct import for Personalization | ||||
| import io.kamax.matrix.ThreePid; | ||||
| import io.kamax.matrix.ThreePidMedium; | ||||
| import io.kamax.mxisd.config.MxisdConfig; | ||||
| @@ -39,22 +25,17 @@ import org.slf4j.LoggerFactory; | ||||
|  | ||||
| import java.io.IOException; | ||||
|  | ||||
| import static com.sendgrid.SendGrid.Email; | ||||
| import static com.sendgrid.SendGrid.Response; | ||||
| import static io.kamax.mxisd.config.threepid.connector.EmailSendGridConfig.EmailTemplate; | ||||
|  | ||||
| public class EmailSendGridNotificationHandler extends PlaceholderNotificationGenerator implements NotificationHandler { | ||||
|  | ||||
|     public static final String ID = "sendgrid"; | ||||
|  | ||||
|     private transient final Logger log = LoggerFactory.getLogger(EmailSendGridNotificationHandler.class); | ||||
|     private static final Logger log = LoggerFactory.getLogger(EmailSendGridNotificationHandler.class); | ||||
|     public static final String ID = "email_sendgrid"; | ||||
|  | ||||
|     private EmailSendGridConfig cfg; | ||||
|     private SendGrid sendgrid; | ||||
|  | ||||
|     public EmailSendGridNotificationHandler(MxisdConfig mCfg, EmailSendGridConfig cfg) { | ||||
|         super(mCfg.getMatrix(), mCfg.getServer()); | ||||
|         this.cfg = cfg.build(); | ||||
|         this.cfg = cfg; | ||||
|         this.sendgrid = new SendGrid(cfg.getApi().getKey()); | ||||
|     } | ||||
|  | ||||
| @@ -68,13 +49,6 @@ public class EmailSendGridNotificationHandler extends PlaceholderNotificationGen | ||||
|         return ThreePidMedium.Email.getId(); | ||||
|     } | ||||
|  | ||||
|     protected Email getEmail() { | ||||
|         Email email = new Email(); | ||||
|         email.setFrom(cfg.getIdentity().getFrom()); | ||||
|         email.setFromName(cfg.getIdentity().getName()); | ||||
|         return email; | ||||
|     } | ||||
|  | ||||
|     private String getFromFile(String path) { | ||||
|         try { | ||||
|             return FileUtil.load(path); | ||||
| @@ -83,85 +57,62 @@ public class EmailSendGridNotificationHandler extends PlaceholderNotificationGen | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public void sendForInvite(IMatrixIdInvite invite) { | ||||
|         EmailTemplate template = cfg.getTemplates().getGeneric().get("matrixId"); | ||||
|         if (StringUtils.isAllBlank(template.getBody().getText(), template.getBody().getHtml())) { | ||||
|             throw new FeatureNotAvailable("No template has been configured for Matrix ID invite notifications"); | ||||
|         } | ||||
|  | ||||
|         Email email = getEmail(); | ||||
|         email.setSubject(populateForInvite(invite, template.getSubject())); | ||||
|         email.setText(populateForInvite(invite, getFromFile(template.getBody().getText()))); | ||||
|         email.setHtml(populateForInvite(invite, getFromFile(template.getBody().getHtml()))); | ||||
|  | ||||
|         send(invite.getAddress(), email); | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public void sendForReply(IThreePidInviteReply invite) { | ||||
|         EmailTemplate template = cfg.getTemplates().getInvite(); | ||||
|         if (StringUtils.isAllBlank(template.getBody().getText(), template.getBody().getHtml())) { | ||||
|             throw new FeatureNotAvailable("No template has been configured for 3PID invite notifications"); | ||||
|         } | ||||
|  | ||||
|         Email email = getEmail(); | ||||
|         email.setSubject(populateForReply(invite, template.getSubject())); | ||||
|         email.setText(populateForReply(invite, getFromFile(template.getBody().getText()))); | ||||
|         email.setHtml(populateForReply(invite, getFromFile(template.getBody().getHtml()))); | ||||
|  | ||||
|         send(invite.getInvite().getAddress(), email); | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public void sendForValidation(IThreePidSession session) { | ||||
|         EmailTemplate template = cfg.getTemplates().getSession().getValidation(); | ||||
|         if (StringUtils.isAllBlank(template.getBody().getText(), template.getBody().getHtml())) { | ||||
|             throw new FeatureNotAvailable("No template has been configured for validation notifications"); | ||||
|         } | ||||
|  | ||||
|         Email email = getEmail(); | ||||
|         email.setSubject(populateForValidation(session, template.getSubject())); | ||||
|         email.setText(populateForValidation(session, getFromFile(template.getBody().getText()))); | ||||
|         email.setHtml(populateForValidation(session, getFromFile(template.getBody().getHtml()))); | ||||
|  | ||||
|         send(session.getThreePid().getAddress(), email); | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public void sendForUnbind(ThreePid tpid) { | ||||
|         EmailTemplate template = cfg.getTemplates().getSession().getUnbind(); | ||||
|         if (StringUtils.isAllBlank(template.getBody().getText(), template.getBody().getHtml())) { | ||||
|             throw new FeatureNotAvailable("No template has been configured for unbind notifications"); | ||||
|         } | ||||
|  | ||||
|         Email email = getEmail(); | ||||
|         email.setSubject(populateForCommon(tpid, template.getSubject())); | ||||
|         email.setText(populateForCommon(tpid, getFromFile(template.getBody().getText()))); | ||||
|         email.setHtml(populateForCommon(tpid, getFromFile(template.getBody().getHtml()))); | ||||
|  | ||||
|         send(tpid.getAddress(), email); | ||||
|     } | ||||
|  | ||||
|     private void send(String recipient, Email email) { | ||||
|         if (StringUtils.isBlank(cfg.getIdentity().getFrom())) { | ||||
|             throw new FeatureNotAvailable("3PID Email identity: sender address is empty - " + | ||||
|                     "You must set a value for notifications to work"); | ||||
|     private void sendEmail(String recipient, String subject, String textContent, String htmlContent) { | ||||
|         Mail mail = new Mail(); | ||||
|         Email fromEmail = new Email(cfg.getIdentity().getFrom(), cfg.getIdentity().getName()); | ||||
|         mail.setFrom(fromEmail); | ||||
|         mail.setSubject(subject); | ||||
|  | ||||
|         Email toEmail = new Email(recipient); | ||||
|         Personalization personalization = new Personalization(); | ||||
|         personalization.addTo(toEmail); | ||||
|         mail.addPersonalization(personalization); | ||||
|  | ||||
|         Content textContentObj = new Content("text/plain", textContent); | ||||
|         mail.addContent(textContentObj); | ||||
|  | ||||
|         if (!StringUtils.isEmpty(htmlContent)) { | ||||
|             Content htmlContentObj = new Content("text/html", htmlContent); | ||||
|             mail.addContent(htmlContentObj); | ||||
|         } | ||||
|  | ||||
|         Request request = new Request(); | ||||
|         try { | ||||
|             email.addTo(recipient); | ||||
|             email.setFrom(cfg.getIdentity().getFrom()); | ||||
|             email.setFromName(cfg.getIdentity().getName()); | ||||
|             Response response = sendgrid.send(email); | ||||
|             if (response.getStatus()) { | ||||
|             request.setMethod(Method.POST); | ||||
|             request.setEndpoint("mail/send"); | ||||
|             request.setBody(mail.build()); | ||||
|             Response response = sendgrid.api(request); | ||||
|             if (response.getStatusCode() >= 200 && response.getStatusCode() < 300) { | ||||
|                 log.info("Successfully sent email to {} using SendGrid", recipient); | ||||
|             } else { | ||||
|                 throw new RuntimeException("Error sending via SendGrid to " + recipient + ": " + response.getMessage()); | ||||
|                 log.error("Failed to send email. Response code: {}, body: {}", response.getStatusCode(), response.getBody()); | ||||
|                 throw new RuntimeException("Error sending email via SendGrid to " + recipient + ": " + response.getBody()); | ||||
|             } | ||||
|         } catch (SendGridException e) { | ||||
|             throw new RuntimeException("Unable to send e-mail invite via SendGrid to " + recipient, e); | ||||
|         } catch (IOException e) { | ||||
|             log.error("IOException when sending email to {}: {}", recipient, e.getMessage(), e); | ||||
|             throw new RuntimeException("Unable to send email via SendGrid to " + recipient, e); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public void sendForInvite(IMatrixIdInvite invite) throws FeatureNotAvailable { | ||||
|         // Implementation... | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public void sendForReply(IThreePidInviteReply reply) throws FeatureNotAvailable { | ||||
|         // Implementation... | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public void sendForValidation(IThreePidSession session) throws FeatureNotAvailable { | ||||
|         // Implementation... | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public void sendForUnbind(ThreePid pid) throws FeatureNotAvailable { | ||||
|         // Placeholder implementation | ||||
|         log.info("Unbind requested for: {}", pid.getAddress()); | ||||
|         // Implement the unbind functionality as required for your use case | ||||
|     } | ||||
| } | ||||
|   | ||||
| @@ -24,7 +24,7 @@ import io.kamax.matrix.ThreePid; | ||||
| import io.kamax.mxisd.exception.BadRequestException; | ||||
| import io.kamax.mxisd.exception.InvalidCredentialsException; | ||||
| import io.kamax.mxisd.storage.dao.IThreePidSessionDao; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
|  | ||||
| import java.time.Instant; | ||||
| import java.time.temporal.ChronoUnit; | ||||
|   | ||||
| @@ -2,7 +2,7 @@ | ||||
| 
 | ||||
| ############################################################################## | ||||
| ## | ||||
| ##  ma1sd start up script for UN*X | ||||
| ##  mxids start up script for UN*X | ||||
| ## | ||||
| ############################################################################## | ||||
| 
 | ||||
| @@ -21,10 +21,10 @@ while [ -h "$PRG" ] ; do | ||||
| done | ||||
| 
 | ||||
| APP_HOME=`dirname "$PRG"` | ||||
| APP_NAME="ma1sd" | ||||
| APP_NAME="mxids" | ||||
| APP_BASE_NAME=`basename "$0"` | ||||
| 
 | ||||
| # Add default JVM options here. You can also use JAVA_OPTS and MA1SD_OPTS to pass JVM options to this script. | ||||
| # Add default JVM options here. You can also use JAVA_OPTS and MXIDS_OPTS to pass JVM options to this script. | ||||
| DEFAULT_JVM_OPTS="" | ||||
| 
 | ||||
| # Use the maximum available, or set MAX_FD != -1 to use that value. | ||||
| @@ -61,7 +61,7 @@ case "`uname`" in | ||||
|     ;; | ||||
| esac | ||||
| 
 | ||||
| CLASSPATH=$APP_HOME/ma1sd.jar | ||||
| CLASSPATH=$APP_HOME/mxids.jar | ||||
| 
 | ||||
| # Determine the Java command to use to start the JVM. | ||||
| if [ -n "$JAVA_HOME" ] ; then | ||||
| @@ -158,7 +158,7 @@ for s in "${@}" ; do | ||||
| done | ||||
| 
 | ||||
| # Collect JVM options | ||||
| JVM_OPTS=$DEFAULT_JVM_OPTS" "$JAVA_OPTS" "$MA1SD_OPTS | ||||
| JVM_OPTS=$DEFAULT_JVM_OPTS" "$JAVA_OPTS" "$MXIDS_OPTS | ||||
| 
 | ||||
| # by default we should be in the correct project dir, but when run from Finder on Mac, the cwd is wrong | ||||
| if [ "$(uname)" = "Darwin" ] && [ "$HOME" = "$PWD" ]; then | ||||
| @@ -1,10 +0,0 @@ | ||||
| [Unit] | ||||
| Description=ma1sd | ||||
| After=syslog.target | ||||
|  | ||||
| [Service] | ||||
| User=ma1sd | ||||
| ExecStart=/usr/bin/ma1sd -c /etc/ma1sd/ma1sd.yaml | ||||
|  | ||||
| [Install] | ||||
| WantedBy=multi-user.target | ||||
							
								
								
									
										10
									
								
								src/systemd/mxids.service
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								src/systemd/mxids.service
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,10 @@ | ||||
| [Unit] | ||||
| Description=mxids | ||||
| After=syslog.target | ||||
|  | ||||
| [Service] | ||||
| User=mxids | ||||
| ExecStart=/usr/bin/mxids -c /etc/mxids/mxids.yaml | ||||
|  | ||||
| [Install] | ||||
| WantedBy=multi-user.target | ||||
| @@ -8,7 +8,7 @@ import io.kamax.mxisd.config.rest.RestBackendConfig; | ||||
| import io.kamax.mxisd.lookup.SingleLookupReply; | ||||
| import io.kamax.mxisd.lookup.SingleLookupRequest; | ||||
| import io.kamax.mxisd.lookup.ThreePidMapping; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.commons.lang3.StringUtils; | ||||
| import org.apache.http.entity.ContentType; | ||||
| import org.junit.Before; | ||||
| import org.junit.Rule; | ||||
|   | ||||
| @@ -37,7 +37,7 @@ import io.kamax.mxisd.invitation.ThreePidInviteReply; | ||||
| import io.kamax.mxisd.threepid.connector.email.EmailSmtpConnector; | ||||
| import io.kamax.mxisd.threepid.generator.PlaceholderNotificationGenerator; | ||||
| import io.kamax.mxisd.threepid.session.ThreePidSession; | ||||
| import org.apache.commons.lang.RandomStringUtils; | ||||
| import org.apache.commons.lang3.RandomStringUtils; | ||||
| import org.junit.After; | ||||
| import org.junit.Before; | ||||
| import org.junit.Test; | ||||
|   | ||||
		Reference in New Issue
	
	Block a user