Compare commits
	
		
			6 Commits
		
	
	
		
			0f3c37bf6a
			...
			max/google
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
|  | 3d39ee97dd | ||
|  | 94d60b6fc9 | ||
|  | ac9881fa4b | ||
|  | 547cafdd13 | ||
|  | 0da1af9869 | ||
|  | 268df533f5 | 
| @@ -102,6 +102,9 @@ dependencies { | ||||
|     compile 'com.sun.mail:javax.mail:1.5.6' | ||||
|     compile 'javax.mail:javax.mail-api:1.5.6' | ||||
|  | ||||
|     // Google Client APIs | ||||
|     compile 'com.google.api-client:google-api-client:1.23.0' | ||||
|  | ||||
|     // Google Firebase Authentication backend | ||||
|     compile 'com.google.firebase:firebase-admin:5.3.0' | ||||
|  | ||||
|   | ||||
| @@ -43,8 +43,7 @@ public class AuthManager { | ||||
|  | ||||
|     private Logger log = LoggerFactory.getLogger(AuthManager.class); | ||||
|  | ||||
|     @Autowired | ||||
|     private List<AuthenticatorProvider> providers = new ArrayList<>(); | ||||
|     private List<AuthenticatorProvider> providers; | ||||
|  | ||||
|     @Autowired | ||||
|     private MatrixConfig mxCfg; | ||||
| @@ -52,6 +51,10 @@ public class AuthManager { | ||||
|     @Autowired | ||||
|     private InvitationManager invMgr; | ||||
|  | ||||
|     public AuthManager(List<AuthenticatorProvider> providers) { | ||||
|         this.providers = new ArrayList<>(providers); | ||||
|     } | ||||
|  | ||||
|     public UserAuthResult authenticate(String id, String password) { | ||||
|         _MatrixID mxid = MatrixID.asAcceptable(id); | ||||
|         for (AuthenticatorProvider provider : providers) { | ||||
| @@ -59,6 +62,7 @@ public class AuthManager { | ||||
|                 continue; | ||||
|             } | ||||
|  | ||||
|             log.info("Attempting auth with " + provider.getClass().getSimpleName()); | ||||
|             BackendAuthResult result = provider.authenticate(mxid, password); | ||||
|             if (result.isSuccess()) { | ||||
|  | ||||
|   | ||||
| @@ -49,8 +49,9 @@ public class BackendAuthResult { | ||||
|         return r; | ||||
|     } | ||||
|  | ||||
|     public void fail() { | ||||
|     public BackendAuthResult fail() { | ||||
|         success = false; | ||||
|         return this; | ||||
|     } | ||||
|  | ||||
|     public static BackendAuthResult success(String id, UserIdType type, String displayName) { | ||||
| @@ -63,10 +64,11 @@ public class BackendAuthResult { | ||||
|         return r; | ||||
|     } | ||||
|  | ||||
|     public void succeed(String id, String type, String displayName) { | ||||
|     public BackendAuthResult succeed(String id, String type, String displayName) { | ||||
|         this.success = true; | ||||
|         this.id = new UserID(type, id); | ||||
|         this.profile.displayName = displayName; | ||||
|         return this; | ||||
|     } | ||||
|  | ||||
|     private Boolean success; | ||||
|   | ||||
| @@ -0,0 +1,134 @@ | ||||
| /* | ||||
|  * mxisd - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2018 Kamax Sàrl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.backend.google; | ||||
|  | ||||
| import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken; | ||||
| import com.google.api.client.googleapis.auth.oauth2.GoogleIdTokenVerifier; | ||||
| import com.google.api.client.googleapis.javanet.GoogleNetHttpTransport; | ||||
| import com.google.api.client.http.HttpTransport; | ||||
| import com.google.api.client.json.JsonFactory; | ||||
| import com.google.api.client.json.jackson2.JacksonFactory; | ||||
| import io.kamax.matrix._MatrixID; | ||||
| import io.kamax.matrix.ThreePid; | ||||
| import io.kamax.mxisd.UserIdType; | ||||
| import io.kamax.mxisd.auth.provider.AuthenticatorProvider; | ||||
| import io.kamax.mxisd.auth.provider.BackendAuthResult; | ||||
| import io.kamax.mxisd.config.GoogleConfig; | ||||
| import io.kamax.mxisd.lookup.strategy.LookupStrategy; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
| import org.springframework.beans.factory.annotation.Autowired; | ||||
| import org.springframework.stereotype.Component; | ||||
|  | ||||
| import java.io.IOException; | ||||
| import java.security.GeneralSecurityException; | ||||
| import java.util.ArrayList; | ||||
| import java.util.Collections; | ||||
| import java.util.List; | ||||
| import java.util.Optional; | ||||
|  | ||||
| @Component | ||||
| public class GoogleProviderBackend implements AuthenticatorProvider { | ||||
|  | ||||
|     private final Logger log = LoggerFactory.getLogger(GoogleProviderBackend.class); | ||||
|     private final GoogleConfig cfg; | ||||
|     private final LookupStrategy lookup; | ||||
|  | ||||
|     private GoogleIdTokenVerifier verifier; | ||||
|  | ||||
|     public Optional<GoogleIdToken> extractToken(String data) throws GeneralSecurityException, IOException { | ||||
|         return Optional.ofNullable(verifier.verify(data)); | ||||
|     } | ||||
|  | ||||
|     public List<ThreePid> extractThreepids(GoogleIdToken token) { | ||||
|         List<ThreePid> tpids = new ArrayList<>(); | ||||
|         tpids.add(new ThreePid("io.kamax.google.id", token.getPayload().getSubject())); | ||||
|         if (token.getPayload().getEmailVerified()) { | ||||
|             tpids.add(new ThreePid("email", token.getPayload().getEmail())); | ||||
|         } | ||||
|         return tpids; | ||||
|     } | ||||
|  | ||||
|     @Autowired | ||||
|     public GoogleProviderBackend(GoogleConfig cfg, LookupStrategy lookup) { | ||||
|         this.cfg = cfg; | ||||
|         this.lookup = lookup; | ||||
|  | ||||
|         if (isEnabled()) { | ||||
|             try { | ||||
|                 HttpTransport transport = GoogleNetHttpTransport.newTrustedTransport(); | ||||
|                 JsonFactory jsonFactory = JacksonFactory.getDefaultInstance(); | ||||
|  | ||||
|                 verifier = new GoogleIdTokenVerifier.Builder(transport, jsonFactory) | ||||
|                         .setAudience(Collections.singletonList(cfg.getClient().getId())) | ||||
|                         .build(); | ||||
|             } catch (IOException | GeneralSecurityException e) { | ||||
|                 throw new RuntimeException(e); | ||||
|             } | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public boolean isEnabled() { | ||||
|         return cfg.isEnabled(); | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public BackendAuthResult authenticate(_MatrixID mxid, String password) { | ||||
|         BackendAuthResult result = new BackendAuthResult(); | ||||
|  | ||||
|         try { | ||||
|             return extractToken(password).map(idToken -> { | ||||
|                 GoogleIdToken.Payload payload = idToken.getPayload(); | ||||
|                 if (!payload.getEmailVerified()) { // We only want users who validated their email | ||||
|                     return BackendAuthResult.failure(); | ||||
|                 } | ||||
|  | ||||
|                 // Get user identifier | ||||
|                 String userId = payload.getSubject(); | ||||
|  | ||||
|                 // We validate that the user who authenticated has his Google account associated already | ||||
|                 return lookup.find("io.kamax.google.id", userId, false).map(r -> { | ||||
|  | ||||
|                     if (!r.getMxid().equals(mxid)) { | ||||
|                         return result.fail(); | ||||
|                     } | ||||
|  | ||||
|                     // Get profile information from payload | ||||
|                     extractThreepids(idToken).forEach(result::withThreePid); | ||||
|                     String name = (String) payload.get("name"); | ||||
|  | ||||
|                     payload.getUnknownKeys().keySet().forEach(key -> { | ||||
|                         log.info("Unknown key in Google profile: {} -> ", key, payload.get(key)); | ||||
|                     }); | ||||
|  | ||||
|                     return result.succeed(mxid.getId(), UserIdType.MatrixID.getId(), name); | ||||
|                 }).orElse(BackendAuthResult.failure()); | ||||
|             }).orElse(BackendAuthResult.failure()); | ||||
|         } catch (GeneralSecurityException e) { | ||||
|             throw new RuntimeException(e); | ||||
|         } catch (IOException e) { | ||||
|             log.error("Unable to authenticate via Google due to network error", e); | ||||
|             return result.fail(); | ||||
|         } | ||||
|     } | ||||
|  | ||||
| } | ||||
| @@ -59,6 +59,10 @@ public abstract class SqlThreePidProvider implements IThreePidProvider, ProfileP | ||||
|         this.mxCfg = mxCfg; | ||||
|     } | ||||
|  | ||||
|     protected Connection getConnection() throws SQLException { | ||||
|         return pool.get(); | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public boolean isEnabled() { | ||||
|         return cfg.isEnabled(); | ||||
| @@ -119,7 +123,7 @@ public abstract class SqlThreePidProvider implements IThreePidProvider, ProfileP | ||||
|         List<_ThreePid> threepids = new ArrayList<>(); | ||||
|  | ||||
|         String stmtSql = cfg.getProfile().getThreepid().getQuery(); | ||||
|         try (Connection conn = pool.get()) { | ||||
|         try (Connection conn = getConnection()) { | ||||
|             PreparedStatement stmt = conn.prepareStatement(stmtSql); | ||||
|             stmt.setString(1, mxid.getId()); | ||||
|  | ||||
|   | ||||
| @@ -20,17 +20,50 @@ | ||||
|  | ||||
| package io.kamax.mxisd.backend.sql; | ||||
|  | ||||
| import io.kamax.matrix.ThreePid; | ||||
| import io.kamax.matrix._MatrixID; | ||||
| import io.kamax.mxisd.config.MatrixConfig; | ||||
| import io.kamax.mxisd.config.sql.synapse.SynapseSqlProviderConfig; | ||||
| import io.kamax.mxisd.profile.ProfileWriter; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
| import org.springframework.beans.factory.annotation.Autowired; | ||||
| import org.springframework.stereotype.Component; | ||||
|  | ||||
| import java.sql.Connection; | ||||
| import java.sql.PreparedStatement; | ||||
| import java.sql.SQLException; | ||||
| import java.time.Instant; | ||||
|  | ||||
| @Component | ||||
| public class SynapseSqlThreePidProvider extends SqlThreePidProvider { | ||||
| public class SynapseSqlThreePidProvider extends SqlThreePidProvider implements ProfileWriter { | ||||
|  | ||||
|     private final Logger log = LoggerFactory.getLogger(SynapseSqlThreePidProvider.class); | ||||
|  | ||||
|     @Autowired | ||||
|     public SynapseSqlThreePidProvider(SynapseSqlProviderConfig cfg, MatrixConfig mxCfg) { | ||||
|         super(cfg, mxCfg); | ||||
|     } | ||||
|  | ||||
|     @Override | ||||
|     public boolean addThreepid(_MatrixID mxid, ThreePid tpid) { | ||||
|         try (Connection conn = getConnection()) { | ||||
|             PreparedStatement stmt = conn.prepareStatement("INSERT INTO user_threepids (user_id, medium, address, validated_at, added_at) values (?,?,?,?,?)"); | ||||
|             stmt.setString(1, mxid.getId()); | ||||
|             stmt.setString(2, tpid.getMedium()); | ||||
|             stmt.setString(3, tpid.getAddress()); | ||||
|             stmt.setLong(4, Instant.now().toEpochMilli()); | ||||
|             stmt.setLong(5, Instant.now().toEpochMilli()); | ||||
|  | ||||
|             int rows = stmt.executeUpdate(); | ||||
|             if (rows != 1) { | ||||
|                 log.error("Unable to update 3PID info. Modified row(s): {}", rows); | ||||
|             } | ||||
|  | ||||
|             return true; | ||||
|         } catch (SQLException e) { | ||||
|             throw new RuntimeException(e); | ||||
|         } | ||||
|     } | ||||
|  | ||||
| } | ||||
|   | ||||
							
								
								
									
										107
									
								
								src/main/java/io/kamax/mxisd/config/GoogleConfig.java
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										107
									
								
								src/main/java/io/kamax/mxisd/config/GoogleConfig.java
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,107 @@ | ||||
| /* | ||||
|  * mxisd - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2018 Kamax Sàrl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.config; | ||||
|  | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
| import org.springframework.boot.context.properties.ConfigurationProperties; | ||||
| import org.springframework.context.annotation.Configuration; | ||||
|  | ||||
| import javax.annotation.PostConstruct; | ||||
|  | ||||
| @Configuration | ||||
| @ConfigurationProperties("google") | ||||
| public class GoogleConfig { | ||||
|  | ||||
|     public static class Client { | ||||
|  | ||||
|         private String id; | ||||
|         private String secret; | ||||
|  | ||||
|         public String getId() { | ||||
|             return id; | ||||
|         } | ||||
|  | ||||
|         public void setId(String id) { | ||||
|             this.id = id; | ||||
|         } | ||||
|  | ||||
|         public String getSecret() { | ||||
|             return secret; | ||||
|         } | ||||
|  | ||||
|         public void setSecret(String secret) { | ||||
|             this.secret = secret; | ||||
|         } | ||||
|  | ||||
|     } | ||||
|  | ||||
|     private final Logger log = LoggerFactory.getLogger(GoogleConfig.class); | ||||
|  | ||||
|     private boolean enabled; | ||||
|     private Client client = new Client(); | ||||
|     private String medium = "io.kamax.google.id"; | ||||
|     private String prefix = "google_"; | ||||
|  | ||||
|     public boolean isEnabled() { | ||||
|         return enabled; | ||||
|     } | ||||
|  | ||||
|     public void setEnabled(boolean enabled) { | ||||
|         this.enabled = enabled; | ||||
|     } | ||||
|  | ||||
|     public Client getClient() { | ||||
|         return client; | ||||
|     } | ||||
|  | ||||
|     public void setClient(Client client) { | ||||
|         this.client = client; | ||||
|     } | ||||
|  | ||||
|     public String getMedium() { | ||||
|         return medium; | ||||
|     } | ||||
|  | ||||
|     public void setMedium(String medium) { | ||||
|         this.medium = medium; | ||||
|     } | ||||
|  | ||||
|     public String getPrefix() { | ||||
|         return prefix; | ||||
|     } | ||||
|  | ||||
|     public void setPrefix(String prefix) { | ||||
|         this.prefix = prefix; | ||||
|     } | ||||
|  | ||||
|     @PostConstruct | ||||
|     public void build() { | ||||
|         log.info("--- Google config ---"); | ||||
|         log.info("Enabled: {}", isEnabled()); | ||||
|         log.info("Client ID: {}", getClient().getId()); | ||||
|         log.info("Client secret set? {}", StringUtils.isNotBlank(getClient().getSecret())); | ||||
|         log.info("3PID medium: {}", getMedium()); | ||||
|         log.info("MXID prefix: {}", getPrefix()); | ||||
|     } | ||||
|  | ||||
| } | ||||
| @@ -0,0 +1,159 @@ | ||||
| /* | ||||
|  * mxisd - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2018 Kamax Sàrl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.controller.auth.v1; | ||||
|  | ||||
| import com.google.api.client.googleapis.auth.oauth2.GoogleIdToken; | ||||
| import com.google.gson.Gson; | ||||
| import com.google.gson.JsonObject; | ||||
| import io.kamax.matrix.MatrixID; | ||||
| import io.kamax.matrix.ThreePid; | ||||
| import io.kamax.matrix._MatrixID; | ||||
| import io.kamax.mxisd.backend.google.GoogleProviderBackend; | ||||
| import io.kamax.mxisd.dns.ClientDnsOverwrite; | ||||
| import io.kamax.mxisd.profile.ProfileManager; | ||||
| import io.kamax.mxisd.util.GsonParser; | ||||
| import io.kamax.mxisd.util.GsonUtil; | ||||
| import io.kamax.mxisd.util.RestClientUtils; | ||||
| import org.apache.commons.lang.StringUtils; | ||||
| import org.apache.http.client.methods.CloseableHttpResponse; | ||||
| import org.apache.http.client.methods.HttpGet; | ||||
| import org.apache.http.client.methods.HttpPost; | ||||
| import org.apache.http.client.utils.URIBuilder; | ||||
| import org.apache.http.impl.client.CloseableHttpClient; | ||||
| import org.apache.http.util.EntityUtils; | ||||
| import org.slf4j.Logger; | ||||
| import org.slf4j.LoggerFactory; | ||||
| import org.springframework.beans.factory.annotation.Autowired; | ||||
| import org.springframework.http.MediaType; | ||||
| import org.springframework.web.bind.annotation.CrossOrigin; | ||||
| import org.springframework.web.bind.annotation.RequestMapping; | ||||
| import org.springframework.web.bind.annotation.RequestMethod; | ||||
| import org.springframework.web.bind.annotation.RestController; | ||||
|  | ||||
| import javax.servlet.http.HttpServletRequest; | ||||
| import javax.servlet.http.HttpServletResponse; | ||||
| import java.io.IOException; | ||||
| import java.net.URI; | ||||
| import java.security.GeneralSecurityException; | ||||
| import java.util.ArrayList; | ||||
| import java.util.List; | ||||
|  | ||||
| @RestController | ||||
| @CrossOrigin | ||||
| @RequestMapping(produces = MediaType.APPLICATION_JSON_UTF8_VALUE) | ||||
| public class RegistrationController { | ||||
|  | ||||
|     private final Logger log = LoggerFactory.getLogger(RegistrationController.class); | ||||
|  | ||||
|     private final String registerV1Url = "/_matrix/client/r0/register"; | ||||
|  | ||||
|     private GoogleProviderBackend google; | ||||
|     private ProfileManager pMgr; | ||||
|     private ClientDnsOverwrite dns; | ||||
|     private CloseableHttpClient client; | ||||
|     private Gson gson; | ||||
|     private GsonParser parser; | ||||
|  | ||||
|     @Autowired | ||||
|     public RegistrationController(GoogleProviderBackend google, ProfileManager pMgr, ClientDnsOverwrite dns, CloseableHttpClient client) { | ||||
|         this.google = google; | ||||
|         this.pMgr = pMgr; | ||||
|         this.dns = dns; | ||||
|         this.client = client; | ||||
|         this.gson = GsonUtil.build(); | ||||
|         this.parser = new GsonParser(gson); | ||||
|     } | ||||
|  | ||||
|     private String resolveProxyUrl(HttpServletRequest req) { | ||||
|         URI target = URI.create(req.getRequestURL().toString()); | ||||
|         URIBuilder builder = dns.transform(target); | ||||
|         String urlToLogin = builder.toString(); | ||||
|         log.info("Proxy resolution: {} to {}", target.toString(), urlToLogin); | ||||
|         return urlToLogin; | ||||
|     } | ||||
|  | ||||
|     @RequestMapping(path = registerV1Url, method = RequestMethod.GET) | ||||
|     public String getLogin(HttpServletRequest req, HttpServletResponse res) { | ||||
|         try (CloseableHttpResponse hsResponse = client.execute(new HttpGet(resolveProxyUrl(req)))) { | ||||
|             res.setStatus(hsResponse.getStatusLine().getStatusCode()); | ||||
|             return EntityUtils.toString(hsResponse.getEntity()); | ||||
|         } catch (IOException e) { | ||||
|             throw new RuntimeException(e); | ||||
|         } | ||||
|     } | ||||
|  | ||||
|     @RequestMapping(path = registerV1Url, method = RequestMethod.POST) | ||||
|     public String register(HttpServletRequest req, HttpServletResponse res) { | ||||
|         List<ThreePid> ids = new ArrayList<>(); | ||||
|         try { | ||||
|             JsonObject reqJsonObject = parser.parse(req.getInputStream()); | ||||
|             GsonUtil.findObj(reqJsonObject, "auth").ifPresent(auth -> { | ||||
|                 GsonUtil.findPrimitive(auth, "type").ifPresent(type -> { | ||||
|                     if (StringUtils.equals("io.kamax.google.auth", type.getAsString())) { | ||||
|                         log.info("Got registration attempt with Google account"); | ||||
|                         if (!auth.has("googleId")) { | ||||
|                             throw new IllegalArgumentException("Google ID is missing"); | ||||
|                         } | ||||
|  | ||||
|                         String gId = auth.get("googleId").getAsString(); | ||||
|                         try { | ||||
|                             GoogleIdToken token = google.extractToken(reqJsonObject.get("password").getAsString()).orElseThrow(() -> new IllegalArgumentException("Google ID Token is missing or invalid")); | ||||
|                             if (!StringUtils.equals(gId, token.getPayload().getSubject())) { | ||||
|                                 throw new IllegalArgumentException("Google ID does not match token"); | ||||
|                             } | ||||
|                             log.info("Google ID: {}", gId); | ||||
|  | ||||
|                             ids.addAll(google.extractThreepids(token)); | ||||
|  | ||||
|                             auth.addProperty("type", "m.login.dummy"); | ||||
|                             auth.remove("googleId"); | ||||
|                             reqJsonObject.addProperty("username", "g-" + gId); | ||||
|                             reqJsonObject.addProperty("password", ""); | ||||
|                         } catch (IOException | GeneralSecurityException e) { | ||||
|                             throw new RuntimeException(e); | ||||
|                         } | ||||
|                     } | ||||
|                 }); | ||||
|             }); | ||||
|  | ||||
|             log.info("Sending body: {}", gson.toJson(reqJsonObject)); | ||||
|             HttpPost httpPost = RestClientUtils.post(resolveProxyUrl(req), gson, reqJsonObject); | ||||
|             try (CloseableHttpResponse httpResponse = client.execute(httpPost)) { | ||||
|                 int sc = httpResponse.getStatusLine().getStatusCode(); | ||||
|                 String body = EntityUtils.toString(httpResponse.getEntity()); | ||||
|                 JsonObject json = parser.parse(body); | ||||
|                 if (sc == 200 && json.has("user_id")) { | ||||
|                     // Required here as synapse doesn't call pass provider on register | ||||
|                     log.info("User was registered, adding 3PIDs"); | ||||
|                     _MatrixID mxid = new MatrixID(json.get("user_id").getAsString()); | ||||
|                     for (ThreePid tpid : ids) { | ||||
|                         pMgr.addThreepid(mxid, tpid); | ||||
|                     } | ||||
|                 } | ||||
|                 res.setStatus(sc); | ||||
|                 return body; | ||||
|             } | ||||
|         } catch (IOException e) { | ||||
|             throw new RuntimeException(e); | ||||
|         } | ||||
|     } | ||||
|  | ||||
| } | ||||
| @@ -20,6 +20,7 @@ | ||||
|  | ||||
| package io.kamax.mxisd.profile; | ||||
|  | ||||
| import io.kamax.matrix.ThreePid; | ||||
| import io.kamax.matrix._MatrixID; | ||||
| import io.kamax.matrix._ThreePid; | ||||
| import org.springframework.stereotype.Component; | ||||
| @@ -32,16 +33,21 @@ import java.util.stream.Collectors; | ||||
| @Component | ||||
| public class ProfileManager { | ||||
|  | ||||
|     private List<ProfileProvider> providers; | ||||
|     private List<ProfileProvider> readers; | ||||
|     private List<ProfileWriter> writers; | ||||
|  | ||||
|     public ProfileManager(List<ProfileProvider> providers) { | ||||
|         this.providers = providers.stream() | ||||
|     public ProfileManager(List<ProfileProvider> providers, List<ProfileWriter> writers) { | ||||
|         this.readers = providers.stream() | ||||
|                 .filter(ProfileProvider::isEnabled) | ||||
|                 .collect(Collectors.toList()); | ||||
|  | ||||
|         this.writers = writers.stream() | ||||
|                 .filter(ProfileWriter::isEnabled) | ||||
|                 .collect(Collectors.toList()); | ||||
|     } | ||||
|  | ||||
|     public <T> List<T> get(Function<ProfileProvider, List<T>> function) { | ||||
|         return providers.stream() | ||||
|         return readers.stream() | ||||
|                 .map(function) | ||||
|                 .flatMap(Collection::stream) | ||||
|                 .collect(Collectors.toList()); | ||||
| @@ -55,4 +61,8 @@ public class ProfileManager { | ||||
|         return get(p -> p.getRoles(mxid)); | ||||
|     } | ||||
|  | ||||
|     public void addThreepid(_MatrixID mxid, ThreePid tpid) { | ||||
|         writers.forEach(w -> w.addThreepid(mxid, tpid)); | ||||
|     } | ||||
|  | ||||
| } | ||||
|   | ||||
							
								
								
									
										32
									
								
								src/main/java/io/kamax/mxisd/profile/ProfileWriter.java
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										32
									
								
								src/main/java/io/kamax/mxisd/profile/ProfileWriter.java
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,32 @@ | ||||
| /* | ||||
|  * mxisd - Matrix Identity Server Daemon | ||||
|  * Copyright (C) 2018 Kamax Sàrl | ||||
|  * | ||||
|  * https://www.kamax.io/ | ||||
|  * | ||||
|  * This program is free software: you can redistribute it and/or modify | ||||
|  * it under the terms of the GNU Affero General Public License as | ||||
|  * published by the Free Software Foundation, either version 3 of the | ||||
|  * License, or (at your option) any later version. | ||||
|  * | ||||
|  * This program is distributed in the hope that it will be useful, | ||||
|  * but WITHOUT ANY WARRANTY; without even the implied warranty of | ||||
|  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the | ||||
|  * GNU Affero General Public License for more details. | ||||
|  * | ||||
|  * You should have received a copy of the GNU Affero General Public License | ||||
|  * along with this program.  If not, see <http://www.gnu.org/licenses/>. | ||||
|  */ | ||||
|  | ||||
| package io.kamax.mxisd.profile; | ||||
|  | ||||
| import io.kamax.matrix.ThreePid; | ||||
| import io.kamax.matrix._MatrixID; | ||||
|  | ||||
| public interface ProfileWriter { | ||||
|  | ||||
|     boolean isEnabled(); | ||||
|  | ||||
|     boolean addThreepid(_MatrixID mxid, ThreePid tpid); | ||||
|  | ||||
| } | ||||
| @@ -45,8 +45,8 @@ public class GsonParser { | ||||
|         this.gson = gson; | ||||
|     } | ||||
|  | ||||
|     public JsonObject parse(InputStream stream) throws IOException { | ||||
|         JsonElement el = parser.parse(IOUtils.toString(stream, StandardCharsets.UTF_8)); | ||||
|     public JsonObject parse(String raw) { | ||||
|         JsonElement el = parser.parse(raw); | ||||
|         if (!el.isJsonObject()) { | ||||
|             throw new InvalidResponseJsonException("Response body is not a JSON object"); | ||||
|         } | ||||
| @@ -54,6 +54,10 @@ public class GsonParser { | ||||
|         return el.getAsJsonObject(); | ||||
|     } | ||||
|  | ||||
|     public JsonObject parse(InputStream stream) throws IOException { | ||||
|         return parse(IOUtils.toString(stream, StandardCharsets.UTF_8)); | ||||
|     } | ||||
|  | ||||
|     public <T> T parse(HttpServletRequest req, Class<T> type) throws IOException { | ||||
|         return gson.fromJson(parse(req.getInputStream()), type); | ||||
|     } | ||||
|   | ||||
		Reference in New Issue
	
	Block a user