Compare commits
2 Commits
v1.3.0-rc.
...
v1.3.0
| Author | SHA1 | Date | |
|---|---|---|---|
|
6d1c6ed109 | ||
|
|
1619f5311c |
@@ -54,17 +54,10 @@ See the [Latest release](https://github.com/kamax-matrix/mxisd/releases/latest)
|
||||
|
||||
> **NOTE**: Details about configuration syntax and format are described [here](configure.md)
|
||||
|
||||
Create/edit a minimal configuration (see installer doc for the location):
|
||||
```yaml
|
||||
matrix:
|
||||
domain: 'example.org'
|
||||
key:
|
||||
path: '/path/to/signing.key.file'
|
||||
storage:
|
||||
provider:
|
||||
sqlite:
|
||||
database: '/path/to/mxisd.db'
|
||||
```
|
||||
If you haven't created a configuration file yet, copy `mxisd.example.yaml` to where the configuration file is stored given
|
||||
your installation method and edit to your needs.
|
||||
|
||||
The following items must be at least configured:
|
||||
- `matrix.domain` should be set to your Homeserver domain (`server_name` in synapse configuration)
|
||||
- `key.path` will store the signing keys, which must be kept safe! If the file does not exist, keys will be generated for you.
|
||||
- `storage.provider.sqlite.database` is the location of the SQLite Database file which will hold state (invites, etc.)
|
||||
@@ -88,7 +81,7 @@ Typical configuration would look like:
|
||||
<VirtualHost *:443>
|
||||
ServerName matrix.example.org
|
||||
|
||||
...
|
||||
# ...
|
||||
|
||||
ProxyPreserveHost on
|
||||
ProxyPass /_matrix/identity http://localhost:8090/_matrix/identity
|
||||
@@ -112,7 +105,7 @@ server {
|
||||
listen 443 ssl;
|
||||
server_name matrix.example.org;
|
||||
|
||||
...
|
||||
# ...
|
||||
|
||||
location /_matrix/identity {
|
||||
proxy_pass http://localhost:8090/_matrix/identity;
|
||||
|
||||
@@ -7,7 +7,7 @@ Follow the [build instructions](../build.md) then:
|
||||
# Create a dedicated user
|
||||
useradd -r mxisd
|
||||
|
||||
# Create config directory and set ownership
|
||||
# Create config directory
|
||||
mkdir -p /etc/mxisd
|
||||
|
||||
# Create data directory and set ownership
|
||||
@@ -26,7 +26,7 @@ ln -s /usr/lib/mxisd/mxisd /usr/bin/mxisd
|
||||
```
|
||||
|
||||
### Prepare config file
|
||||
Copy the sample config file `./mxisd.example.yaml` to `/etc/mxisd/mxisd.yaml`, edit to your needs
|
||||
Copy the configuration file you've created following the build instructions to `/etc/mxisd/mxisd.yaml`
|
||||
|
||||
### Prepare Systemd
|
||||
1. Copy `src/systemd/mxisd.service` to `/etc/systemd/system/` and edit if needed
|
||||
|
||||
@@ -1,27 +1,26 @@
|
||||
/*
|
||||
* The MIT License
|
||||
*
|
||||
* Copyright (c) 2013 Edin Dazdarevic (edin.dazdarevic@gmail.com)
|
||||
* The MIT License
|
||||
*
|
||||
* Copyright (c) 2013 Edin Dazdarevic (edin.dazdarevic@gmail.com)
|
||||
|
||||
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
* Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
* of this software and associated documentation files (the "Software"), to deal
|
||||
* in the Software without restriction, including without limitation the rights
|
||||
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
* copies of the Software, and to permit persons to whom the Software is
|
||||
* furnished to do so, subject to the following conditions:
|
||||
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
* The above copyright notice and this permission notice shall be included in
|
||||
* all copies or substantial portions of the Software.
|
||||
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*
|
||||
* */
|
||||
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
|
||||
* THE SOFTWARE.
|
||||
*/
|
||||
|
||||
package edazdarevic.commons.net;
|
||||
|
||||
|
||||
@@ -37,4 +37,5 @@ public class LookupSingleRequestJson {
|
||||
public String getAddress() {
|
||||
return address;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -25,8 +25,14 @@ import org.apache.http.HttpStatus;
|
||||
|
||||
public class NotAllowedException extends HttpMatrixException {
|
||||
|
||||
public static final String ErrCode = "M_FORBIDDEN";
|
||||
|
||||
public NotAllowedException(int code, String s) {
|
||||
super(code, ErrCode, s);
|
||||
}
|
||||
|
||||
public NotAllowedException(String s) {
|
||||
super(HttpStatus.SC_FORBIDDEN, "M_FORBIDDEN", s);
|
||||
super(HttpStatus.SC_FORBIDDEN, ErrCode, s);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -178,7 +178,6 @@ public class SessionManager {
|
||||
}
|
||||
|
||||
public void unbind(JsonObject reqData) {
|
||||
// TODO also check for HS header to know which domain attempting the unbind
|
||||
if (reqData.entrySet().size() == 2 && reqData.has("mxid") && reqData.has("threepid")) {
|
||||
/* This is a HS request to remove a 3PID and is considered:
|
||||
* - An attack on user privacy
|
||||
@@ -218,11 +217,13 @@ public class SessionManager {
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
throw new NotAllowedException("You have attempted to alter 3PID bindings, which can only be done by the 3PID owner directly. " +
|
||||
"We have informed the 3PID owner of your fraudulent attempt.");
|
||||
}
|
||||
|
||||
log.info("Denying request");
|
||||
throw new NotAllowedException("You have attempted to alter 3PID bindings, which can only be done by the 3PID owner directly. " +
|
||||
"We have informed the 3PID owner of your fraudulent attempt.");
|
||||
log.info("Denying unbind request as the endpoint is not defined in the spec.");
|
||||
throw new NotAllowedException(499, "This endpoint does not exist in the spec and therefore is not supported.");
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -1,80 +0,0 @@
|
||||
package io.kamax.mxisd.test;
|
||||
|
||||
import com.icegreen.greenmail.util.GreenMail;
|
||||
import com.icegreen.greenmail.util.ServerSetupTest;
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix.ThreePidMedium;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.matrix.json.GsonUtil;
|
||||
import io.kamax.mxisd.Mxisd;
|
||||
import io.kamax.mxisd.as.MatrixIdInvite;
|
||||
import io.kamax.mxisd.config.MxisdConfig;
|
||||
import io.kamax.mxisd.config.threepid.connector.EmailSmtpConfig;
|
||||
import io.kamax.mxisd.config.threepid.medium.EmailConfig;
|
||||
import io.kamax.mxisd.threepid.connector.email.EmailSmtpConnector;
|
||||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import javax.mail.Message;
|
||||
import javax.mail.MessagingException;
|
||||
import javax.mail.internet.MimeMessage;
|
||||
import java.util.Collections;
|
||||
|
||||
import static junit.framework.TestCase.assertEquals;
|
||||
|
||||
public class MxisdEmailNotifTest {
|
||||
|
||||
private final String domain = "localhost";
|
||||
private Mxisd m;
|
||||
private GreenMail gm;
|
||||
|
||||
@Before
|
||||
public void before() {
|
||||
EmailSmtpConfig smtpCfg = new EmailSmtpConfig();
|
||||
smtpCfg.setPort(3025);
|
||||
smtpCfg.setLogin("mxisd");
|
||||
smtpCfg.setPassword("mxisd");
|
||||
|
||||
EmailConfig eCfg = new EmailConfig();
|
||||
eCfg.setConnector(EmailSmtpConnector.ID);
|
||||
eCfg.getIdentity().setFrom("mxisd@" + domain);
|
||||
eCfg.getIdentity().setName("Mxisd Server (Unit Test)");
|
||||
eCfg.getConnectors().put(EmailSmtpConnector.ID, GsonUtil.makeObj(smtpCfg));
|
||||
|
||||
MxisdConfig cfg = new MxisdConfig();
|
||||
cfg.getMatrix().setDomain(domain);
|
||||
cfg.getKey().setPath(":memory:");
|
||||
cfg.getStorage().getProvider().getSqlite().setDatabase(":memory:");
|
||||
cfg.getThreepid().getMedium().put(ThreePidMedium.Email.getId(), GsonUtil.makeObj(eCfg));
|
||||
|
||||
m = new Mxisd(cfg);
|
||||
m.start();
|
||||
|
||||
gm = new GreenMail(ServerSetupTest.SMTP_IMAP);
|
||||
gm.start();
|
||||
}
|
||||
|
||||
@After
|
||||
public void after() {
|
||||
gm.stop();
|
||||
m.stop();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void forMatrixIdInvite() throws MessagingException {
|
||||
gm.setUser("mxisd", "mxisd");
|
||||
|
||||
_MatrixID sender = MatrixID.asAcceptable("mxisd", domain);
|
||||
_MatrixID recipient = MatrixID.asAcceptable("john", domain);
|
||||
MatrixIdInvite idInvite = new MatrixIdInvite("!rid:" + domain, sender, recipient, ThreePidMedium.Email.getId(), "john@" + domain, Collections.emptyMap());
|
||||
m.getNotif().sendForInvite(idInvite);
|
||||
|
||||
assertEquals(1, gm.getReceivedMessages().length);
|
||||
MimeMessage msg = gm.getReceivedMessages()[0];
|
||||
assertEquals(1, msg.getFrom().length);
|
||||
assertEquals("\"Mxisd Server (Unit Test)\" <mxisd@localhost>", msg.getFrom()[0].toString());
|
||||
assertEquals(1, msg.getRecipients(Message.RecipientType.TO).length);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,151 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2019 Kamax Sarl
|
||||
*
|
||||
* https://www.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.test.notification;
|
||||
|
||||
import com.icegreen.greenmail.util.GreenMail;
|
||||
import com.icegreen.greenmail.util.ServerSetupTest;
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.matrix.ThreePidMedium;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.matrix.json.GsonUtil;
|
||||
import io.kamax.mxisd.Mxisd;
|
||||
import io.kamax.mxisd.as.MatrixIdInvite;
|
||||
import io.kamax.mxisd.config.MxisdConfig;
|
||||
import io.kamax.mxisd.config.threepid.connector.EmailSmtpConfig;
|
||||
import io.kamax.mxisd.config.threepid.medium.EmailConfig;
|
||||
import io.kamax.mxisd.threepid.connector.email.EmailSmtpConnector;
|
||||
import io.kamax.mxisd.threepid.session.ThreePidSession;
|
||||
import org.apache.commons.lang.RandomStringUtils;
|
||||
import org.junit.After;
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import javax.mail.Message;
|
||||
import javax.mail.MessagingException;
|
||||
import javax.mail.internet.MimeBodyPart;
|
||||
import javax.mail.internet.MimeMessage;
|
||||
import javax.mail.internet.MimeMultipart;
|
||||
import java.io.IOException;
|
||||
import java.util.Collections;
|
||||
|
||||
import static junit.framework.TestCase.assertEquals;
|
||||
import static junit.framework.TestCase.assertTrue;
|
||||
|
||||
public class EmailNotificationTest {
|
||||
|
||||
private final String domain = "localhost";
|
||||
private final String user = "mxisd";
|
||||
private final String notifiee = "john";
|
||||
private final String sender = user + "@" + domain;
|
||||
private final String senderEmail = "\"Mxisd Server (Unit Test)\" <" + sender + ">";
|
||||
private final String target = notifiee + "@" + domain;
|
||||
|
||||
private Mxisd m;
|
||||
private GreenMail gm;
|
||||
|
||||
@Before
|
||||
public void before() {
|
||||
EmailSmtpConfig smtpCfg = new EmailSmtpConfig();
|
||||
smtpCfg.setPort(3025);
|
||||
smtpCfg.setLogin(user);
|
||||
smtpCfg.setPassword(user);
|
||||
|
||||
EmailConfig eCfg = new EmailConfig();
|
||||
eCfg.setConnector(EmailSmtpConnector.ID);
|
||||
eCfg.getIdentity().setFrom(sender);
|
||||
eCfg.getIdentity().setName("Mxisd Server (Unit Test)");
|
||||
eCfg.getConnectors().put(EmailSmtpConnector.ID, GsonUtil.makeObj(smtpCfg));
|
||||
|
||||
MxisdConfig cfg = new MxisdConfig();
|
||||
cfg.getMatrix().setDomain(domain);
|
||||
cfg.getKey().setPath(":memory:");
|
||||
cfg.getStorage().getProvider().getSqlite().setDatabase(":memory:");
|
||||
cfg.getThreepid().getMedium().put(ThreePidMedium.Email.getId(), GsonUtil.makeObj(eCfg));
|
||||
|
||||
m = new Mxisd(cfg);
|
||||
m.start();
|
||||
|
||||
gm = new GreenMail(ServerSetupTest.SMTP_IMAP);
|
||||
gm.start();
|
||||
}
|
||||
|
||||
@After
|
||||
public void after() {
|
||||
gm.stop();
|
||||
m.stop();
|
||||
}
|
||||
|
||||
@Test
|
||||
public void forMatrixIdInvite() throws MessagingException {
|
||||
gm.setUser("mxisd", "mxisd");
|
||||
|
||||
_MatrixID sender = MatrixID.asAcceptable(user, domain);
|
||||
_MatrixID recipient = MatrixID.asAcceptable(notifiee, domain);
|
||||
MatrixIdInvite idInvite = new MatrixIdInvite(
|
||||
"!rid:" + domain,
|
||||
sender,
|
||||
recipient,
|
||||
ThreePidMedium.Email.getId(),
|
||||
target,
|
||||
Collections.emptyMap()
|
||||
);
|
||||
|
||||
m.getNotif().sendForInvite(idInvite);
|
||||
|
||||
assertEquals(1, gm.getReceivedMessages().length);
|
||||
MimeMessage msg = gm.getReceivedMessages()[0];
|
||||
assertEquals(1, msg.getFrom().length);
|
||||
assertEquals(senderEmail, msg.getFrom()[0].toString());
|
||||
assertEquals(1, msg.getRecipients(Message.RecipientType.TO).length);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void forValidation() throws MessagingException, IOException {
|
||||
gm.setUser(user, user);
|
||||
|
||||
String token = RandomStringUtils.randomAlphanumeric(128);
|
||||
ThreePidSession session = new ThreePidSession(
|
||||
"",
|
||||
"",
|
||||
new ThreePid(ThreePidMedium.Email.getId(), target),
|
||||
"",
|
||||
1,
|
||||
"",
|
||||
token
|
||||
);
|
||||
|
||||
m.getNotif().sendForValidation(session);
|
||||
|
||||
assertEquals(1, gm.getReceivedMessages().length);
|
||||
MimeMessage msg = gm.getReceivedMessages()[0];
|
||||
assertEquals(1, msg.getFrom().length);
|
||||
assertEquals(senderEmail, msg.getFrom()[0].toString());
|
||||
assertEquals(1, msg.getRecipients(Message.RecipientType.TO).length);
|
||||
|
||||
// We just check on the text/plain one. HTML is multipart and it's difficult so we skip
|
||||
MimeMultipart content = (MimeMultipart) msg.getContent();
|
||||
MimeBodyPart mbp = (MimeBodyPart) content.getBodyPart(0);
|
||||
String mbpContent = mbp.getContent().toString();
|
||||
assertTrue(mbpContent.contains(token));
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user