tomas.kracmar/ma1sd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Auto-generate username

Browse Source
This commit is contained in:
Maxime Dor
2018-03-11 15:35:09 +01:00
committed by Max Dor
parent ac9881fa4b
commit 94d60b6fc9
2 changed files with 31 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/main/java/io/kamax/mxisd/backend/google/GoogleProviderBackend.java
View File

@@ -31,7 +31,6 @@ import io.kamax.mxisd.UserIdType;
import io.kamax.mxisd.auth.provider.AuthenticatorProvider; import io.kamax.mxisd.auth.provider.AuthenticatorProvider;
import io.kamax.mxisd.auth.provider.BackendAuthResult; import io.kamax.mxisd.auth.provider.BackendAuthResult;
import io.kamax.mxisd.config.GoogleConfig; import io.kamax.mxisd.config.GoogleConfig;
import io.kamax.mxisd.config.MatrixConfig;
import io.kamax.mxisd.lookup.strategy.LookupStrategy; import io.kamax.mxisd.lookup.strategy.LookupStrategy;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@@ -41,21 +40,24 @@ import org.springframework.stereotype.Component;
import java.io.IOException; import java.io.IOException;
import java.security.GeneralSecurityException; import java.security.GeneralSecurityException;
import java.util.Collections; import java.util.Collections;
import java.util.Optional;
@Component @Component
public class GoogleProviderBackend implements AuthenticatorProvider { public class GoogleProviderBackend implements AuthenticatorProvider {
private final Logger log = LoggerFactory.getLogger(GoogleProviderBackend.class); private final Logger log = LoggerFactory.getLogger(GoogleProviderBackend.class);
private final GoogleConfig cfg; private final GoogleConfig cfg;
private final MatrixConfig mxCfg;
private final LookupStrategy lookup; private final LookupStrategy lookup;
private GoogleIdTokenVerifier verifier; private GoogleIdTokenVerifier verifier;
public Optional<GoogleIdToken> extractToken(String data) throws GeneralSecurityException, IOException {
return Optional.ofNullable(verifier.verify(data));
}
@Autowired @Autowired
public GoogleProviderBackend(GoogleConfig cfg, MatrixConfig mxCfg, LookupStrategy lookup) { public GoogleProviderBackend(GoogleConfig cfg, LookupStrategy lookup) {
this.cfg = cfg; this.cfg = cfg;
this.mxCfg = mxCfg;
this.lookup = lookup; this.lookup = lookup;
if (isEnabled()) { if (isEnabled()) {
@@ -80,8 +82,7 @@ public class GoogleProviderBackend implements AuthenticatorProvider {
@Override @Override
public BackendAuthResult authenticate(_MatrixID mxid, String password) { public BackendAuthResult authenticate(_MatrixID mxid, String password) {
try { try {
GoogleIdToken idToken = verifier.verify(password); return extractToken(password).map(idToken -> {
if (idToken != null) {
GoogleIdToken.Payload payload = idToken.getPayload(); GoogleIdToken.Payload payload = idToken.getPayload();
if (!payload.getEmailVerified()) { // We only want users who validated their email if (!payload.getEmailVerified()) { // We only want users who validated their email
return BackendAuthResult.failure(); return BackendAuthResult.failure();
@@ -101,10 +102,7 @@ public class GoogleProviderBackend implements AuthenticatorProvider {
return BackendAuthResult.success(mxid.getId(), UserIdType.MatrixID, name); return BackendAuthResult.success(mxid.getId(), UserIdType.MatrixID, name);
}).orElse(BackendAuthResult.failure()); }).orElse(BackendAuthResult.failure());
} else { }).orElse(BackendAuthResult.failure());
log.info("Not a valid Google token");
return BackendAuthResult.failure();
}
} catch (GeneralSecurityException e) { } catch (GeneralSecurityException e) {
throw new RuntimeException(e); throw new RuntimeException(e);
} catch (IOException e) { } catch (IOException e) {

23
src/main/java/io/kamax/mxisd/controller/auth/v1/RegistrationController.java
View File

@@ -20,11 +20,13 @@
package io.kamax.mxisd.controller.auth.v1; package io.kamax.mxisd.controller.auth.v1;
import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken;
import com.google.gson.Gson; import com.google.gson.Gson;
import com.google.gson.JsonObject; import com.google.gson.JsonObject;
import io.kamax.matrix.MatrixID; import io.kamax.matrix.MatrixID;
import io.kamax.matrix.ThreePid; import io.kamax.matrix.ThreePid;
import io.kamax.matrix._MatrixID; import io.kamax.matrix._MatrixID;
import io.kamax.mxisd.backend.google.GoogleProviderBackend;
import io.kamax.mxisd.dns.ClientDnsOverwrite; import io.kamax.mxisd.dns.ClientDnsOverwrite;
import io.kamax.mxisd.profile.ProfileManager; import io.kamax.mxisd.profile.ProfileManager;
import io.kamax.mxisd.util.GsonParser; import io.kamax.mxisd.util.GsonParser;
@@ -50,9 +52,9 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.io.IOException; import java.io.IOException;
import java.net.URI; import java.net.URI;
import java.security.GeneralSecurityException;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.UUID;
@RestController @RestController
@CrossOrigin @CrossOrigin
@@ -63,6 +65,7 @@ public class RegistrationController {
private final String registerV1Url = "/_matrix/client/r0/register"; private final String registerV1Url = "/_matrix/client/r0/register";
private GoogleProviderBackend google;
private ProfileManager pMgr; private ProfileManager pMgr;
private ClientDnsOverwrite dns; private ClientDnsOverwrite dns;
private CloseableHttpClient client; private CloseableHttpClient client;
@@ -70,7 +73,8 @@ public class RegistrationController {
private GsonParser parser; private GsonParser parser;
@Autowired @Autowired
public RegistrationController(ProfileManager pMgr, ClientDnsOverwrite dns, CloseableHttpClient client) { public RegistrationController(GoogleProviderBackend google, ProfileManager pMgr, ClientDnsOverwrite dns, CloseableHttpClient client) {
this.google = google;
this.pMgr = pMgr; this.pMgr = pMgr;
this.dns = dns; this.dns = dns;
this.client = client; this.client = client;
@@ -110,11 +114,22 @@ public class RegistrationController {
} }
String gId = auth.get("googleId").getAsString(); String gId = auth.get("googleId").getAsString();
try {
GoogleIdToken token = google.extractToken(reqJsonObject.get("password").getAsString()).orElseThrow(() -> new IllegalArgumentException("Google ID Token is missing or invalid"));
if (!StringUtils.equals(gId, token.getPayload().getSubject())) {
throw new IllegalArgumentException("Google ID does not match token");
}
log.info("Google ID: {}", gId); log.info("Google ID: {}", gId);
ids.add(gId); ids.add(gId);
auth.addProperty("type", "m.login.dummy"); auth.addProperty("type", "m.login.dummy");
auth.remove("googleId"); auth.remove("googleId");
reqJsonObject.addProperty("password", UUID.randomUUID().toString()); reqJsonObject.addProperty("username", "g-" + gId);
reqJsonObject.addProperty("password", "");
} catch (IOException | GeneralSecurityException e) {
throw new RuntimeException(e);
}
} }
}); });
}); });
@@ -126,7 +141,7 @@ public class RegistrationController {
String body = EntityUtils.toString(httpResponse.getEntity()); String body = EntityUtils.toString(httpResponse.getEntity());
JsonObject json = parser.parse(body); JsonObject json = parser.parse(body);
if (sc == 200 && json.has("user_id")) { if (sc == 200 && json.has("user_id")) {
log.info("User was registered, adding 3PID"); log.info("User was registered, adding 3PID"); // FIXME we should do this in the backend really
_MatrixID mxid = new MatrixID(json.get("user_id").getAsString()); _MatrixID mxid = new MatrixID(json.get("user_id").getAsString());
pMgr.addThreepid(mxid, new ThreePid("io.kamax.google.id", ids.get(0))); pMgr.addThreepid(mxid, new ThreePid("io.kamax.google.id", ids.get(0)));
} }