tomas.kracmar/ma1sd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Recursive lookup management

Browse Source
This commit is contained in:
Maxime Dor
2017-02-12 01:53:17 +01:00
parent df6bcc8c1a
commit 250819391a
13 changed files with 308 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files

97
src/main/groovy/io/kamax/mxisd/lookup/provider/DnsLookupProvider.groovy Normal file
View File

@@ -0,0 +1,97 @@
/*
* mxisd - Matrix Identity Server Daemon
* Copyright (C) 2017 Maxime Dor
*
* https://max.kamax.io/
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package io.kamax.mxisd.lookup.provider
import io.kamax.mxisd.api.ThreePidType
import io.kamax.mxisd.config.ServerConfig
import io.kamax.mxisd.lookup.LookupRequest
import org.apache.commons.lang.StringUtils
import org.slf4j.Logger
import org.slf4j.LoggerFactory
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.stereotype.Component
import org.xbill.DNS.Lookup
import org.xbill.DNS.SRVRecord
import org.xbill.DNS.Type
@Component
class DnsLookupProvider extends RemoteIdentityServerProvider {
private Logger log = LoggerFactory.getLogger(DnsLookupProvider.class)
@Autowired
private ServerConfig srvCfg
@Override
int getPriority() {
return 10
}
@Override
Optional<?> find(LookupRequest request) {
log.info("Performing DNS lookup for {}", request.getThreePid())
if (ThreePidType.email != request.getType()) {
log.info("Skipping unsupported type {} for {}", request.getType(), request.getThreePid())
return Optional.empty()
}
String domain = request.getThreePid().substring(request.getThreePid().lastIndexOf("@") + 1)
log.info("Domain name for {}: {}", request.getThreePid(), domain)
if (StringUtils.equals(srvCfg.getName(), domain)) {
log.warn("We are authoritative for ${domain}, no remote lookup - is your server.name configured properly?")
return Optional.empty()
}
log.info("Performing SRV lookup")
String lookupDns = "_matrix-identity._tcp." + domain
log.info("Lookup name: {}", lookupDns)
SRVRecord[] records = (SRVRecord[]) new Lookup(lookupDns, Type.SRV).run()
if (records != null) {
Arrays.sort(records, new Comparator<SRVRecord>() {
@Override
int compare(SRVRecord o1, SRVRecord o2) {
return Integer.compare(o1.getPriority(), o2.getPriority())
}
})
for (SRVRecord record : records) {
log.info("Found SRV record: {}", record.toString())
String baseUrl = "https://${record.getTarget().toString(true)}:${record.getPort()}"
Optional<?> answer = find(baseUrl, request.getType(), request.getThreePid())
if (answer.isPresent()) {
return answer
} else {
log.info("No mapping found at {}", baseUrl)
}
}
} else {
log.info("No SRV record for {}", lookupDns)
}
log.info("Performing basic lookup using domain name {}", domain)
String baseUrl = "https://" + domain
return find(baseUrl, request.getType(), request.getThreePid())
}
}

51
src/main/groovy/io/kamax/mxisd/lookup/provider/ForwarderProvider.groovy Normal file
View File

@@ -0,0 +1,51 @@
/*
* mxisd - Matrix Identity Server Daemon
* Copyright (C) 2017 Maxime Dor
*
* https://max.kamax.io/
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package io.kamax.mxisd.lookup.provider
import io.kamax.mxisd.config.ForwardConfig
import io.kamax.mxisd.lookup.LookupRequest
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.stereotype.Component
@Component
class ForwarderProvider extends RemoteIdentityServerProvider {
@Autowired
private ForwardConfig cfg
@Override
int getPriority() {
return 0
}
@Override
Optional<?> find(LookupRequest request) {
for (String root : cfg.getServers()) {
Optional<?> answer = find(root, request.getType(), request.getThreePid())
if (answer.isPresent()) {
return answer
}
}
return Optional.empty()
}
}

125
src/main/groovy/io/kamax/mxisd/lookup/provider/LdapProvider.groovy Normal file
View File

@@ -0,0 +1,125 @@
/*
* mxisd - Matrix Identity Server Daemon
* Copyright (C) 2017 Maxime Dor
*
* https://max.kamax.io/
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package io.kamax.mxisd.lookup.provider
import io.kamax.mxisd.config.LdapConfig
import io.kamax.mxisd.config.ServerConfig
import io.kamax.mxisd.lookup.LookupRequest
import org.apache.commons.lang.StringUtils
import org.apache.directory.api.ldap.model.cursor.EntryCursor
import org.apache.directory.api.ldap.model.entry.Attribute
import org.apache.directory.api.ldap.model.message.SearchScope
import org.apache.directory.ldap.client.api.LdapConnection
import org.apache.directory.ldap.client.api.LdapNetworkConnection
import org.slf4j.Logger
import org.slf4j.LoggerFactory
import org.springframework.beans.factory.InitializingBean
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.stereotype.Component
@Component
class LdapProvider implements ThreePidProvider, InitializingBean {
public static final String UID = "uid"
public static final String MATRIX_ID = "mxid"
private Logger log = LoggerFactory.getLogger(LdapProvider.class)
@Autowired
private ServerConfig srvCfg
@Autowired
private LdapConfig ldapCfg
@Override
void afterPropertiesSet() throws Exception {
if (!Arrays.asList(UID, MATRIX_ID).contains(ldapCfg.getType())) {
throw new IllegalArgumentException(ldapCfg.getType() + " is not a valid LDAP lookup type")
}
}
@Override
boolean isLocal() {
return true
}
@Override
int getPriority() {
return 20
}
@Override
Optional<?> find(LookupRequest request) {
log.info("Performing LDAP lookup ${request.getThreePid()} of type ${request.getType()}")
LdapConnection conn = new LdapNetworkConnection(ldapCfg.getHost(), ldapCfg.getPort())
try {
conn.bind(ldapCfg.getBindDn(), ldapCfg.getBindPassword())
String searchQuery = ldapCfg.getQuery().replaceAll("%3pid", request.getThreePid())
EntryCursor cursor = conn.search(ldapCfg.getBaseDn(), searchQuery, SearchScope.SUBTREE, ldapCfg.getAttribute())
try {
if (cursor.next()) {
Attribute attribute = cursor.get().get(ldapCfg.getAttribute())
if (attribute != null) {
String data = attribute.get().toString()
if (data.length() < 1) {
log.warn("Bind was found but value is empty")
return Optional.empty()
}
StringBuilder matrixId = new StringBuilder()
// TODO Should we turn this block into a map of functions?
if (StringUtils.equals("uid", ldapCfg.getType())) {
matrixId.append("@").append(data).append(":").append(srvCfg.getName())
}
if (StringUtils.equals("mxid", ldapCfg.getType())) {
matrixId.append(data)
}
if (matrixId.length() < 1) {
log.warn("Bind was found but type ${ldapCfg.getType()} is not supported")
return Optional.empty()
}
return Optional.of([
address : request.getThreePid(),
medium : request.getType(),
mxid : matrixId.toString(),
not_before: 0,
not_after : 9223372036854775807,
ts : 0
])
}
}
} finally {
cursor.close()
}
} finally {
conn.close()
}
log.info("No match found")
return Optional.empty()
}
}

65
src/main/groovy/io/kamax/mxisd/lookup/provider/RemoteIdentityServerProvider.groovy Normal file
View File

@@ -0,0 +1,65 @@
/*
* mxisd - Matrix Identity Server Daemon
* Copyright (C) 2017 Maxime Dor
*
* https://max.kamax.io/
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package io.kamax.mxisd.lookup.provider
import groovy.json.JsonException
import groovy.json.JsonSlurper
import io.kamax.mxisd.api.ThreePidType
import org.slf4j.Logger
import org.slf4j.LoggerFactory
abstract class RemoteIdentityServerProvider implements ThreePidProvider {
private Logger log = LoggerFactory.getLogger(RemoteIdentityServerProvider.class)
private JsonSlurper json = new JsonSlurper()
@Override
boolean isLocal() {
return false
}
Optional<?> find(String remote, ThreePidType type, String threePid) {
log.info("Looking up {} 3PID {} using {}", type, threePid, remote)
HttpURLConnection rootSrvConn = (HttpURLConnection) new URL(
"${remote}/_matrix/identity/api/v1/lookup?medium=${type}&address=${threePid}"
).openConnection()
try {
def output = json.parseText(rootSrvConn.getInputStream().getText())
if (output['address']) {
log.info("Found 3PID mapping: {}", output)
return Optional.of(output)
}
log.info("Empty 3PID mapping from {}", remote)
return Optional.empty()
} catch (IOException e) {
log.warn("Error looking up 3PID mapping {}: {}", threePid, e.getMessage())
return Optional.empty()
} catch (JsonException e) {
log.warn("Invalid JSON answer from {}", remote)
return Optional.empty()
}
}
}

36
src/main/groovy/io/kamax/mxisd/lookup/provider/ThreePidProvider.groovy Normal file
View File

@@ -0,0 +1,36 @@
/*
* mxisd - Matrix Identity Server Daemon
* Copyright (C) 2017 Maxime Dor
*
* https://max.kamax.io/
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as
* published by the Free Software Foundation, either version 3 of the
* License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
package io.kamax.mxisd.lookup.provider
import io.kamax.mxisd.lookup.LookupRequest
interface ThreePidProvider {
boolean isLocal()
/**
* Higher has more priority
*/
int getPriority() // Should not be here but let's KISS for now
Optional<?> find(LookupRequest request)
}