MSC2140 Add hash configuration.
This commit is contained in:
Anatoly Sablin
@@ -54,6 +54,7 @@ import io.kamax.mxisd.http.undertow.handler.identity.share.SignEd25519Handler;
|
|||||||
import io.kamax.mxisd.http.undertow.handler.identity.share.StoreInviteHandler;
|
import io.kamax.mxisd.http.undertow.handler.identity.share.StoreInviteHandler;
|
||||||
import io.kamax.mxisd.http.undertow.handler.identity.v1.*;
|
import io.kamax.mxisd.http.undertow.handler.identity.v1.*;
|
||||||
import io.kamax.mxisd.http.undertow.handler.identity.v2.HashDetailsHandler;
|
import io.kamax.mxisd.http.undertow.handler.identity.v2.HashDetailsHandler;
|
||||||
|
import io.kamax.mxisd.http.undertow.handler.identity.v2.HashLookupHandler;
|
||||||
import io.kamax.mxisd.http.undertow.handler.invite.v1.RoomInviteHandler;
|
import io.kamax.mxisd.http.undertow.handler.invite.v1.RoomInviteHandler;
|
||||||
import io.kamax.mxisd.http.undertow.handler.profile.v1.InternalProfileHandler;
|
import io.kamax.mxisd.http.undertow.handler.profile.v1.InternalProfileHandler;
|
||||||
import io.kamax.mxisd.http.undertow.handler.profile.v1.ProfileHandler;
|
import io.kamax.mxisd.http.undertow.handler.profile.v1.ProfileHandler;
|
||||||
|
|||||||
@@ -3,6 +3,9 @@ package io.kamax.mxisd.config;
|
|||||||
import org.slf4j.Logger;
|
import org.slf4j.Logger;
|
||||||
import org.slf4j.LoggerFactory;
|
import org.slf4j.LoggerFactory;
|
||||||
|
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.List;
|
||||||
|
|
||||||
public class HashingConfig {
|
public class HashingConfig {
|
||||||
|
|
||||||
private static final Logger LOGGER = LoggerFactory.getLogger(HashingConfig.class);
|
private static final Logger LOGGER = LoggerFactory.getLogger(HashingConfig.class);
|
||||||
@@ -12,6 +15,7 @@ public class HashingConfig {
|
|||||||
private RotationPolicyEnum rotationPolicy;
|
private RotationPolicyEnum rotationPolicy;
|
||||||
private HashStorageEnum hashStorageType;
|
private HashStorageEnum hashStorageType;
|
||||||
private long delay = 10;
|
private long delay = 10;
|
||||||
|
private List<Algorithm> algorithms = new ArrayList<>();
|
||||||
|
|
||||||
public void build() {
|
public void build() {
|
||||||
if (isEnabled()) {
|
if (isEnabled()) {
|
||||||
@@ -27,6 +31,11 @@ public class HashingConfig {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public enum Algorithm {
|
||||||
|
NONE,
|
||||||
|
SHA256
|
||||||
|
}
|
||||||
|
|
||||||
public enum RotationPolicyEnum {
|
public enum RotationPolicyEnum {
|
||||||
PER_REQUESTS,
|
PER_REQUESTS,
|
||||||
PER_SECONDS
|
PER_SECONDS
|
||||||
@@ -76,4 +85,12 @@ public class HashingConfig {
|
|||||||
public void setDelay(long delay) {
|
public void setDelay(long delay) {
|
||||||
this.delay = delay;
|
this.delay = delay;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public List<Algorithm> getAlgorithms() {
|
||||||
|
return algorithms;
|
||||||
|
}
|
||||||
|
|
||||||
|
public void setAlgorithms(List<Algorithm> algorithms) {
|
||||||
|
this.algorithms = algorithms;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -2,6 +2,7 @@ package io.kamax.mxisd.http.undertow.handler.identity.v2;
|
|||||||
|
|
||||||
import com.google.gson.JsonArray;
|
import com.google.gson.JsonArray;
|
||||||
import com.google.gson.JsonObject;
|
import com.google.gson.JsonObject;
|
||||||
|
import io.kamax.mxisd.config.HashingConfig;
|
||||||
import io.kamax.mxisd.hash.HashManager;
|
import io.kamax.mxisd.hash.HashManager;
|
||||||
import io.kamax.mxisd.http.undertow.handler.BasicHttpHandler;
|
import io.kamax.mxisd.http.undertow.handler.BasicHttpHandler;
|
||||||
import io.undertow.server.HttpServerExchange;
|
import io.undertow.server.HttpServerExchange;
|
||||||
@@ -11,7 +12,6 @@ public class HashDetailsHandler extends BasicHttpHandler {
|
|||||||
public static final String PATH = "/_matrix/identity/v2/hash_details";
|
public static final String PATH = "/_matrix/identity/v2/hash_details";
|
||||||
|
|
||||||
private final HashManager hashManager;
|
private final HashManager hashManager;
|
||||||
private volatile JsonObject response = null;
|
|
||||||
|
|
||||||
public HashDetailsHandler(HashManager hashManager) {
|
public HashDetailsHandler(HashManager hashManager) {
|
||||||
this.hashManager = hashManager;
|
this.hashManager = hashManager;
|
||||||
@@ -23,20 +23,16 @@ public class HashDetailsHandler extends BasicHttpHandler {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private JsonObject getResponse() {
|
private JsonObject getResponse() {
|
||||||
if (response == null) {
|
JsonObject response = new JsonObject();
|
||||||
synchronized (this) {
|
|
||||||
if (response == null) {
|
|
||||||
response = new JsonObject();
|
|
||||||
response.addProperty("lookup_pepper", hashManager.getHashEngine().getPepper());
|
response.addProperty("lookup_pepper", hashManager.getHashEngine().getPepper());
|
||||||
JsonArray algorithms = new JsonArray();
|
JsonArray algorithms = new JsonArray();
|
||||||
algorithms.add("none");
|
HashingConfig config = hashManager.getConfig();
|
||||||
if (hashManager.getConfig().isEnabled()) {
|
if (config.isEnabled()) {
|
||||||
algorithms.add("sha256");
|
for (HashingConfig.Algorithm algorithm : config.getAlgorithms()) {
|
||||||
|
algorithms.add(algorithm.name().toLowerCase());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
response.add("algorithms", algorithms);
|
response.add("algorithms", algorithms);
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return response;
|
return response;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -18,8 +18,9 @@
|
|||||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
*/
|
*/
|
||||||
|
|
||||||
package io.kamax.mxisd.http.undertow.handler.identity.v1;
|
package io.kamax.mxisd.http.undertow.handler.identity.v2;
|
||||||
|
|
||||||
|
import io.kamax.mxisd.config.HashingConfig;
|
||||||
import io.kamax.mxisd.exception.InvalidParamException;
|
import io.kamax.mxisd.exception.InvalidParamException;
|
||||||
import io.kamax.mxisd.exception.InvalidPepperException;
|
import io.kamax.mxisd.exception.InvalidPepperException;
|
||||||
import io.kamax.mxisd.hash.HashManager;
|
import io.kamax.mxisd.hash.HashManager;
|
||||||
@@ -51,6 +52,7 @@ public class HashLookupHandler extends LookupHandler implements ApiHandler {
|
|||||||
|
|
||||||
public HashLookupHandler(LookupStrategy strategy, HashManager hashManager) {
|
public HashLookupHandler(LookupStrategy strategy, HashManager hashManager) {
|
||||||
this.strategy = strategy;
|
this.strategy = strategy;
|
||||||
|
this.hashManager = hashManager;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
@@ -61,6 +63,10 @@ public class HashLookupHandler extends LookupHandler implements ApiHandler {
|
|||||||
log.info("Got bulk lookup request from {} with client {} - Is recursive? {}",
|
log.info("Got bulk lookup request from {} with client {} - Is recursive? {}",
|
||||||
lookupRequest.getRequester(), lookupRequest.getUserAgent(), lookupRequest.isRecursive());
|
lookupRequest.getRequester(), lookupRequest.getUserAgent(), lookupRequest.isRecursive());
|
||||||
|
|
||||||
|
if (!hashManager.getConfig().isEnabled()) {
|
||||||
|
throw new InvalidParamException();
|
||||||
|
}
|
||||||
|
|
||||||
if (!hashManager.getHashEngine().getPepper().equals(input.getPepper())) {
|
if (!hashManager.getHashEngine().getPepper().equals(input.getPepper())) {
|
||||||
throw new InvalidPepperException();
|
throw new InvalidPepperException();
|
||||||
}
|
}
|
||||||
@@ -78,6 +84,10 @@ public class HashLookupHandler extends LookupHandler implements ApiHandler {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private void noneAlgorithm(HttpServerExchange exchange, HashLookupRequest request, ClientHashLookupRequest input) throws Exception {
|
private void noneAlgorithm(HttpServerExchange exchange, HashLookupRequest request, ClientHashLookupRequest input) throws Exception {
|
||||||
|
if (!hashManager.getConfig().getAlgorithms().contains(HashingConfig.Algorithm.NONE)) {
|
||||||
|
throw new InvalidParamException();
|
||||||
|
}
|
||||||
|
|
||||||
BulkLookupRequest bulkLookupRequest = new BulkLookupRequest();
|
BulkLookupRequest bulkLookupRequest = new BulkLookupRequest();
|
||||||
List<ThreePidMapping> mappings = new ArrayList<>();
|
List<ThreePidMapping> mappings = new ArrayList<>();
|
||||||
for (String address : input.getAddresses()) {
|
for (String address : input.getAddresses()) {
|
||||||
@@ -100,6 +110,10 @@ public class HashLookupHandler extends LookupHandler implements ApiHandler {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private void sha256Algorithm(HttpServerExchange exchange, HashLookupRequest request, ClientHashLookupRequest input) {
|
private void sha256Algorithm(HttpServerExchange exchange, HashLookupRequest request, ClientHashLookupRequest input) {
|
||||||
|
if (!hashManager.getConfig().getAlgorithms().contains(HashingConfig.Algorithm.SHA256)) {
|
||||||
|
throw new InvalidParamException();
|
||||||
|
}
|
||||||
|
|
||||||
ClientHashLookupAnswer answer = new ClientHashLookupAnswer();
|
ClientHashLookupAnswer answer = new ClientHashLookupAnswer();
|
||||||
for (Pair<String, ThreePidMapping> pair : hashManager.getHashStorage().find(request.getHashes())) {
|
for (Pair<String, ThreePidMapping> pair : hashManager.getHashStorage().find(request.getHashes())) {
|
||||||
answer.getMappings().put(pair.getKey(), pair.getValue().getMxid());
|
answer.getMappings().put(pair.getKey(), pair.getValue().getMxid());
|
||||||
Reference in New Issue
Block a user