Compare commits
9 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
1e413af019 | ||
|
|
a0f8af820e | ||
|
|
5ef145212a | ||
|
|
91ccb75fa1 | ||
|
|
ac6f549618 | ||
|
|
7f9c7aa76d | ||
|
|
02688942fd | ||
|
|
48668bcd92 | ||
|
|
a9627121fa |
@@ -66,6 +66,7 @@ buildscript {
|
||||
|
||||
repositories {
|
||||
maven { url "https://kamax.io/maven/releases/" }
|
||||
maven { url "https://kamax.io/maven/snapshots/" }
|
||||
mavenCentral()
|
||||
}
|
||||
|
||||
@@ -80,7 +81,7 @@ dependencies {
|
||||
compile "org.springframework.boot:spring-boot-starter-thymeleaf:1.5.10.RELEASE"
|
||||
|
||||
// Matrix Java SDK
|
||||
compile 'io.kamax:matrix-java-sdk:0.0.8'
|
||||
compile 'io.kamax:matrix-java-sdk:0.0.11'
|
||||
|
||||
// ed25519 handling
|
||||
compile 'net.i2p.crypto:eddsa:0.1.0'
|
||||
@@ -94,9 +95,6 @@ dependencies {
|
||||
// HTTP connections
|
||||
compile 'org.apache.httpcomponents:httpclient:4.5.3'
|
||||
|
||||
// JSON
|
||||
compile 'com.google.code.gson:gson:2.8.1'
|
||||
|
||||
// Phone numbers validation
|
||||
compile 'com.googlecode.libphonenumber:libphonenumber:8.7.1'
|
||||
|
||||
|
||||
12
docs/features/profile.md
Normal file
12
docs/features/profile.md
Normal file
@@ -0,0 +1,12 @@
|
||||
# Profile enhancement
|
||||
|
||||
## Configuration
|
||||
|
||||
### Reverse proxy
|
||||
|
||||
#### Apache
|
||||
```
|
||||
ProxyPassMatch "^/_matrix/client/r0/profile/([^/]+)$" "http://127.0.0.1:8090/_matrix/client/r0/profile/$1"
|
||||
ProxyPassMatch "^/_matrix/client/r0/profile/([^/]+)/(.+)" "http://127.0.0.1:8008/_matrix/client/r0/profile/$1/$2"
|
||||
|
||||
```
|
||||
@@ -1,69 +0,0 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2017 Maxime Dor
|
||||
*
|
||||
* https://max.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd;
|
||||
|
||||
// FIXME this should be in matrix-java-sdk
|
||||
public class ThreePid {
|
||||
|
||||
private String medium;
|
||||
private String address;
|
||||
|
||||
public ThreePid(ThreePid tpid) {
|
||||
this(tpid.getMedium(), tpid.getAddress());
|
||||
}
|
||||
|
||||
public ThreePid(String medium, String address) {
|
||||
this.medium = medium;
|
||||
this.address = address;
|
||||
}
|
||||
|
||||
public String getMedium() {
|
||||
return medium;
|
||||
}
|
||||
|
||||
public String getAddress() {
|
||||
return address;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return getMedium() + ":" + getAddress();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean equals(Object o) {
|
||||
if (this == o) return true;
|
||||
if (o == null || getClass() != o.getClass()) return false;
|
||||
|
||||
ThreePid threePid = (ThreePid) o;
|
||||
|
||||
if (!medium.equals(threePid.medium)) return false;
|
||||
return address.equals(threePid.address);
|
||||
}
|
||||
|
||||
@Override
|
||||
public int hashCode() {
|
||||
int result = medium.hashCode();
|
||||
result = 31 * result + address.hashCode();
|
||||
return result;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -21,8 +21,9 @@
|
||||
package io.kamax.mxisd.auth;
|
||||
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix._ThreePid;
|
||||
import io.kamax.mxisd.UserIdType;
|
||||
import io.kamax.mxisd.auth.provider.AuthenticatorProvider;
|
||||
import io.kamax.mxisd.auth.provider.BackendAuthResult;
|
||||
@@ -72,7 +73,7 @@ public class AuthManager {
|
||||
}
|
||||
|
||||
UserAuthResult authResult = new UserAuthResult().success(result.getProfile().getDisplayName());
|
||||
for (ThreePid pid : result.getProfile().getThreePids()) {
|
||||
for (_ThreePid pid : result.getProfile().getThreePids()) {
|
||||
authResult.withThreePid(pid.getMedium(), pid.getAddress());
|
||||
}
|
||||
log.info("{} was authenticated by {}, publishing 3PID mappings, if any", id, provider.getClass().getSimpleName());
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
package io.kamax.mxisd.auth;
|
||||
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
|
||||
import java.util.Collections;
|
||||
import java.util.HashSet;
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
package io.kamax.mxisd.auth.provider;
|
||||
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.mxisd.UserID;
|
||||
import io.kamax.mxisd.UserIdType;
|
||||
|
||||
|
||||
@@ -23,9 +23,9 @@ package io.kamax.mxisd.backend.firebase;
|
||||
import com.google.firebase.auth.UserInfo;
|
||||
import com.google.i18n.phonenumbers.NumberParseException;
|
||||
import com.google.i18n.phonenumbers.PhoneNumberUtil;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.matrix.ThreePidMedium;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.mxisd.UserIdType;
|
||||
import io.kamax.mxisd.auth.provider.AuthenticatorProvider;
|
||||
import io.kamax.mxisd.auth.provider.BackendAuthResult;
|
||||
|
||||
@@ -22,9 +22,9 @@ package io.kamax.mxisd.backend.ldap;
|
||||
|
||||
import com.google.i18n.phonenumbers.NumberParseException;
|
||||
import com.google.i18n.phonenumbers.PhoneNumberUtil;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.matrix.ThreePidMedium;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.mxisd.UserIdType;
|
||||
import io.kamax.mxisd.auth.provider.AuthenticatorProvider;
|
||||
import io.kamax.mxisd.auth.provider.BackendAuthResult;
|
||||
|
||||
@@ -23,6 +23,7 @@ package io.kamax.mxisd.backend.memory;
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.matrix._ThreePid;
|
||||
import io.kamax.mxisd.UserIdType;
|
||||
import io.kamax.mxisd.auth.provider.AuthenticatorProvider;
|
||||
import io.kamax.mxisd.auth.provider.BackendAuthResult;
|
||||
@@ -30,22 +31,28 @@ import io.kamax.mxisd.config.MatrixConfig;
|
||||
import io.kamax.mxisd.config.memory.MemoryIdentityConfig;
|
||||
import io.kamax.mxisd.config.memory.MemoryStoreConfig;
|
||||
import io.kamax.mxisd.config.memory.MemoryThreePid;
|
||||
import io.kamax.mxisd.controller.directory.v1.io.UserDirectorySearchResult;
|
||||
import io.kamax.mxisd.directory.IDirectoryProvider;
|
||||
import io.kamax.mxisd.lookup.SingleLookupReply;
|
||||
import io.kamax.mxisd.lookup.SingleLookupRequest;
|
||||
import io.kamax.mxisd.lookup.ThreePidMapping;
|
||||
import io.kamax.mxisd.lookup.provider.IThreePidProvider;
|
||||
import io.kamax.mxisd.profile.ProfileProvider;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
import java.util.function.Function;
|
||||
import java.util.function.Predicate;
|
||||
|
||||
@Component
|
||||
public class MemoryIdentityStore implements AuthenticatorProvider, IThreePidProvider {
|
||||
public class MemoryIdentityStore implements AuthenticatorProvider, IDirectoryProvider, IThreePidProvider, ProfileProvider {
|
||||
|
||||
private final Logger logger = LoggerFactory.getLogger(MemoryIdentityStore.class);
|
||||
|
||||
@@ -59,7 +66,9 @@ public class MemoryIdentityStore implements AuthenticatorProvider, IThreePidProv
|
||||
}
|
||||
|
||||
public Optional<MemoryIdentityConfig> findByUsername(String username) {
|
||||
return cfg.getIdentities().stream().filter(id -> StringUtils.equals(id.getUsername(), username)).findFirst();
|
||||
return cfg.getIdentities().stream()
|
||||
.filter(id -> StringUtils.equals(id.getUsername(), username))
|
||||
.findFirst();
|
||||
}
|
||||
|
||||
@Override
|
||||
@@ -67,6 +76,56 @@ public class MemoryIdentityStore implements AuthenticatorProvider, IThreePidProv
|
||||
return cfg.isEnabled();
|
||||
}
|
||||
|
||||
private UserDirectorySearchResult search(
|
||||
Predicate<MemoryIdentityConfig> predicate,
|
||||
Function<MemoryIdentityConfig, UserDirectorySearchResult.Result> mapper
|
||||
) {
|
||||
UserDirectorySearchResult search = new UserDirectorySearchResult();
|
||||
cfg.getIdentities().stream().filter(predicate).map(mapper).forEach(search::addResult);
|
||||
return search;
|
||||
}
|
||||
|
||||
@Override
|
||||
public UserDirectorySearchResult searchByDisplayName(String query) {
|
||||
return search(
|
||||
entry -> StringUtils.containsIgnoreCase(entry.getUsername(), query),
|
||||
entry -> {
|
||||
UserDirectorySearchResult.Result result = new UserDirectorySearchResult.Result();
|
||||
result.setUserId(MatrixID.from(entry.getUsername(), mxCfg.getDomain()).acceptable().getId());
|
||||
result.setDisplayName(entry.getUsername());
|
||||
return result;
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
public UserDirectorySearchResult searchBy3pid(String query) {
|
||||
return search(
|
||||
entry -> entry.getThreepids().stream()
|
||||
.anyMatch(tpid -> StringUtils.containsIgnoreCase(tpid.getAddress(), query)),
|
||||
entry -> {
|
||||
UserDirectorySearchResult.Result result = new UserDirectorySearchResult.Result();
|
||||
result.setUserId(MatrixID.from(entry.getUsername(), mxCfg.getDomain()).acceptable().getId());
|
||||
result.setDisplayName(entry.getUsername());
|
||||
return result;
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<_ThreePid> getThreepids(_MatrixID mxid) {
|
||||
List<_ThreePid> l = new ArrayList<>();
|
||||
findByUsername(mxid.getLocalPart()).ifPresent(c -> l.addAll(c.getThreepids()));
|
||||
return l;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> getRoles(_MatrixID mxid) {
|
||||
List<String> l = new ArrayList<>();
|
||||
findByUsername(mxid.getLocalPart()).ifPresent(c -> l.addAll(c.getRoles()));
|
||||
return l;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isLocal() {
|
||||
return true;
|
||||
@@ -103,7 +162,10 @@ public class MemoryIdentityStore implements AuthenticatorProvider, IThreePidProv
|
||||
if (!StringUtils.equals(id.getUsername(), mxid.getLocalPart())) {
|
||||
return BackendAuthResult.failure();
|
||||
} else {
|
||||
return BackendAuthResult.success(mxid.getId(), UserIdType.MatrixID, "");
|
||||
BackendAuthResult result = new BackendAuthResult();
|
||||
id.getThreepids().forEach(tpid -> result.withThreePid(new ThreePid(tpid.getMedium(), tpid.getAddress())));
|
||||
result.succeed(mxid.getId(), UserIdType.MatrixID.getId(), "");
|
||||
return result;
|
||||
}
|
||||
}).orElseGet(BackendAuthResult::failure);
|
||||
}
|
||||
|
||||
@@ -21,12 +21,16 @@
|
||||
package io.kamax.mxisd.backend.sql;
|
||||
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.matrix._ThreePid;
|
||||
import io.kamax.mxisd.config.MatrixConfig;
|
||||
import io.kamax.mxisd.config.sql.SqlConfig;
|
||||
import io.kamax.mxisd.lookup.SingleLookupReply;
|
||||
import io.kamax.mxisd.lookup.SingleLookupRequest;
|
||||
import io.kamax.mxisd.lookup.ThreePidMapping;
|
||||
import io.kamax.mxisd.lookup.provider.IThreePidProvider;
|
||||
import io.kamax.mxisd.profile.ProfileProvider;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
@@ -36,10 +40,11 @@ import java.sql.PreparedStatement;
|
||||
import java.sql.ResultSet;
|
||||
import java.sql.SQLException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
|
||||
public abstract class SqlThreePidProvider implements IThreePidProvider {
|
||||
public abstract class SqlThreePidProvider implements IThreePidProvider, ProfileProvider {
|
||||
|
||||
private Logger log = LoggerFactory.getLogger(SqlThreePidProvider.class);
|
||||
|
||||
@@ -109,4 +114,31 @@ public abstract class SqlThreePidProvider implements IThreePidProvider {
|
||||
return new ArrayList<>();
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<_ThreePid> getThreepids(_MatrixID mxid) {
|
||||
List<_ThreePid> threepids = new ArrayList<>();
|
||||
|
||||
String stmtSql = cfg.getProfile().getThreepid().getQuery();
|
||||
try (Connection conn = pool.get()) {
|
||||
PreparedStatement stmt = conn.prepareStatement(stmtSql);
|
||||
stmt.setString(1, mxid.getId());
|
||||
|
||||
ResultSet rSet = stmt.executeQuery();
|
||||
while (rSet.next()) {
|
||||
String medium = rSet.getString("medium");
|
||||
String address = rSet.getString("address");
|
||||
threepids.add(new ThreePid(medium, address));
|
||||
}
|
||||
|
||||
return threepids;
|
||||
} catch (SQLException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<String> getRoles(_MatrixID mxid) {
|
||||
return Collections.emptyList();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -32,10 +32,10 @@ import java.sql.PreparedStatement;
|
||||
import java.sql.SQLException;
|
||||
|
||||
@Component
|
||||
public class SynapseSqliteDirectoryProvider extends GenericSqlDirectoryProvider {
|
||||
public class SynapseSqlDirectoryProvider extends GenericSqlDirectoryProvider {
|
||||
|
||||
@Autowired
|
||||
public SynapseSqliteDirectoryProvider(SynapseSqlProviderConfig cfg, MatrixConfig mxCfg) {
|
||||
public SynapseSqlDirectoryProvider(SynapseSqlProviderConfig cfg, MatrixConfig mxCfg) {
|
||||
super(cfg, mxCfg);
|
||||
|
||||
if (StringUtils.equals("sqlite", cfg.getType())) {
|
||||
@@ -20,8 +20,8 @@
|
||||
|
||||
package io.kamax.mxisd.backend.wordpress;
|
||||
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.mxisd.UserIdType;
|
||||
import io.kamax.mxisd.auth.provider.AuthenticatorProvider;
|
||||
import io.kamax.mxisd.auth.provider.BackendAuthResult;
|
||||
|
||||
@@ -83,8 +83,12 @@ public class WordpressDirectoryProvider implements IDirectoryProvider {
|
||||
|
||||
while (rSet.next()) {
|
||||
processRow(rSet).ifPresent(e -> {
|
||||
e.setUserId(MatrixID.from(e.getUserId(), mxCfg.getDomain()).valid().getId());
|
||||
result.addResult(e);
|
||||
try {
|
||||
e.setUserId(MatrixID.from(e.getUserId(), mxCfg.getDomain()).valid().getId());
|
||||
result.addResult(e);
|
||||
} catch (IllegalArgumentException ex) {
|
||||
log.warn("Ignoring result {} - Invalid characters for a Matrix ID", e.getUserId());
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@@ -21,8 +21,8 @@
|
||||
package io.kamax.mxisd.backend.wordpress;
|
||||
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.mxisd.config.MatrixConfig;
|
||||
import io.kamax.mxisd.config.wordpress.WordpressConfig;
|
||||
import io.kamax.mxisd.lookup.SingleLookupReply;
|
||||
@@ -87,10 +87,14 @@ public class WordpressThreePidProvider implements IThreePidProvider {
|
||||
while (rSet.next()) {
|
||||
String uid = rSet.getString("uid");
|
||||
log.info("Found match: {}", uid);
|
||||
return Optional.of(MatrixID.from(uid, mxCfg.getDomain()).valid());
|
||||
try {
|
||||
return Optional.of(MatrixID.from(uid, mxCfg.getDomain()).valid());
|
||||
} catch (IllegalArgumentException ex) {
|
||||
log.warn("Ignoring match {} - Invalid characters for a Matrix ID", uid);
|
||||
}
|
||||
}
|
||||
|
||||
log.info("No match found in Wordpress");
|
||||
log.info("No valid match found in Wordpress");
|
||||
return Optional.empty();
|
||||
}
|
||||
} catch (SQLException e) {
|
||||
|
||||
@@ -31,6 +31,7 @@ public class MemoryIdentityConfig {
|
||||
private String username;
|
||||
private String password;
|
||||
private List<MemoryThreePid> threepids = new ArrayList<>();
|
||||
private List<String> roles = new ArrayList<>();
|
||||
|
||||
public String getUsername() {
|
||||
return username;
|
||||
@@ -56,4 +57,12 @@ public class MemoryIdentityConfig {
|
||||
this.threepids = threepids;
|
||||
}
|
||||
|
||||
public List<String> getRoles() {
|
||||
return roles;
|
||||
}
|
||||
|
||||
public void setRoles(List<String> roles) {
|
||||
this.roles = roles;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -20,14 +20,16 @@
|
||||
|
||||
package io.kamax.mxisd.config.memory;
|
||||
|
||||
import io.kamax.matrix._ThreePid;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@Component
|
||||
public class MemoryThreePid {
|
||||
public class MemoryThreePid implements _ThreePid {
|
||||
|
||||
private String medium;
|
||||
private String address;
|
||||
|
||||
@Override
|
||||
public String getMedium() {
|
||||
return medium;
|
||||
}
|
||||
@@ -36,6 +38,7 @@ public class MemoryThreePid {
|
||||
this.medium = medium;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getAddress() {
|
||||
return address;
|
||||
}
|
||||
|
||||
@@ -37,22 +37,22 @@ public abstract class SqlConfig {
|
||||
|
||||
public static class Type {
|
||||
|
||||
private GenericSqlProviderConfig.Query name = new GenericSqlProviderConfig.Query();
|
||||
private GenericSqlProviderConfig.Query threepid = new GenericSqlProviderConfig.Query();
|
||||
private Query name = new Query();
|
||||
private Query threepid = new Query();
|
||||
|
||||
public GenericSqlProviderConfig.Query getName() {
|
||||
public Query getName() {
|
||||
return name;
|
||||
}
|
||||
|
||||
public void setName(GenericSqlProviderConfig.Query name) {
|
||||
public void setName(Query name) {
|
||||
this.name = name;
|
||||
}
|
||||
|
||||
public GenericSqlProviderConfig.Query getThreepid() {
|
||||
public Query getThreepid() {
|
||||
return threepid;
|
||||
}
|
||||
|
||||
public void setThreepid(GenericSqlProviderConfig.Query threepid) {
|
||||
public void setThreepid(Query threepid) {
|
||||
this.threepid = threepid;
|
||||
}
|
||||
|
||||
@@ -75,7 +75,7 @@ public abstract class SqlConfig {
|
||||
public static class Directory {
|
||||
|
||||
private Boolean enabled;
|
||||
private GenericSqlProviderConfig.Type query = new GenericSqlProviderConfig.Type();
|
||||
private Type query = new Type();
|
||||
|
||||
public Boolean isEnabled() {
|
||||
return enabled;
|
||||
@@ -85,11 +85,11 @@ public abstract class SqlConfig {
|
||||
this.enabled = enabled;
|
||||
}
|
||||
|
||||
public GenericSqlProviderConfig.Type getQuery() {
|
||||
public Type getQuery() {
|
||||
return query;
|
||||
}
|
||||
|
||||
public void setQuery(GenericSqlProviderConfig.Type query) {
|
||||
public void setQuery(Type query) {
|
||||
this.query = query;
|
||||
}
|
||||
|
||||
@@ -136,12 +136,41 @@ public abstract class SqlConfig {
|
||||
|
||||
}
|
||||
|
||||
public static class ProfileThreepids {
|
||||
|
||||
private String query;
|
||||
|
||||
public String getQuery() {
|
||||
return query;
|
||||
}
|
||||
|
||||
public void setQuery(String query) {
|
||||
this.query = query;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
public static class Profile {
|
||||
|
||||
private ProfileThreepids threepid = new ProfileThreepids();
|
||||
|
||||
public ProfileThreepids getThreepid() {
|
||||
return threepid;
|
||||
}
|
||||
|
||||
public void setThreepid(ProfileThreepids threepid) {
|
||||
this.threepid = threepid;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
private boolean enabled;
|
||||
private String type;
|
||||
private String connection;
|
||||
private GenericSqlProviderConfig.Auth auth = new GenericSqlProviderConfig.Auth();
|
||||
private GenericSqlProviderConfig.Directory directory = new GenericSqlProviderConfig.Directory();
|
||||
private GenericSqlProviderConfig.Identity identity = new GenericSqlProviderConfig.Identity();
|
||||
private Auth auth = new Auth();
|
||||
private Directory directory = new Directory();
|
||||
private Identity identity = new Identity();
|
||||
private Profile profile = new Profile();
|
||||
|
||||
public boolean isEnabled() {
|
||||
return enabled;
|
||||
@@ -167,30 +196,38 @@ public abstract class SqlConfig {
|
||||
this.connection = connection;
|
||||
}
|
||||
|
||||
public GenericSqlProviderConfig.Auth getAuth() {
|
||||
public Auth getAuth() {
|
||||
return auth;
|
||||
}
|
||||
|
||||
public void setAuth(GenericSqlProviderConfig.Auth auth) {
|
||||
public void setAuth(Auth auth) {
|
||||
this.auth = auth;
|
||||
}
|
||||
|
||||
public GenericSqlProviderConfig.Directory getDirectory() {
|
||||
public Directory getDirectory() {
|
||||
return directory;
|
||||
}
|
||||
|
||||
public void setDirectory(GenericSqlProviderConfig.Directory directory) {
|
||||
public void setDirectory(Directory directory) {
|
||||
this.directory = directory;
|
||||
}
|
||||
|
||||
public GenericSqlProviderConfig.Identity getIdentity() {
|
||||
public Identity getIdentity() {
|
||||
return identity;
|
||||
}
|
||||
|
||||
public void setIdentity(GenericSqlProviderConfig.Identity identity) {
|
||||
public void setIdentity(Identity identity) {
|
||||
this.identity = identity;
|
||||
}
|
||||
|
||||
public Profile getProfile() {
|
||||
return profile;
|
||||
}
|
||||
|
||||
public void setProfile(Profile profile) {
|
||||
this.profile = profile;
|
||||
}
|
||||
|
||||
protected abstract String getProviderName();
|
||||
|
||||
protected void doBuild() {
|
||||
@@ -222,6 +259,7 @@ public abstract class SqlConfig {
|
||||
log.info("Identity type: {}", getIdentity().getType());
|
||||
log.info("3PID mapping query: {}", getIdentity().getQuery());
|
||||
log.info("Identity medium queries: {}", GsonUtil.build().toJson(getIdentity().getMedium()));
|
||||
log.info("Profile 3PID query: {}", getProfile().getThreepid().getQuery());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -84,8 +84,8 @@ public class DefaultExceptionHandler {
|
||||
return handleGeneric(request, response, e);
|
||||
}
|
||||
|
||||
@ExceptionHandler(MatrixException.class)
|
||||
public String handleGeneric(HttpServletRequest request, HttpServletResponse response, MatrixException e) {
|
||||
@ExceptionHandler(HttpMatrixException.class)
|
||||
public String handleGeneric(HttpServletRequest request, HttpServletResponse response, HttpMatrixException e) {
|
||||
response.setStatus(e.getStatus());
|
||||
return handle(request, e.getErrorCode(), e.getError());
|
||||
}
|
||||
|
||||
54
src/main/java/io/kamax/mxisd/controller/ProxyController.java
Normal file
54
src/main/java/io/kamax/mxisd/controller/ProxyController.java
Normal file
@@ -0,0 +1,54 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2018 Kamax Sarl
|
||||
*
|
||||
* https://www.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.controller;
|
||||
|
||||
import io.kamax.mxisd.exception.AccessTokenNotFoundException;
|
||||
import io.kamax.mxisd.util.OptionalUtil;
|
||||
import org.thymeleaf.util.StringUtils;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.Optional;
|
||||
|
||||
public class ProxyController {
|
||||
|
||||
private final static String headerName = "Authorization";
|
||||
private final static String headerValuePrefix = "Bearer ";
|
||||
private final static String parameterName = "access_token";
|
||||
|
||||
Optional<String> findAccessTokenInHeaders(HttpServletRequest request) {
|
||||
return Optional.ofNullable(request.getHeader(headerName))
|
||||
.filter(header -> StringUtils.startsWith(header, headerValuePrefix))
|
||||
.map(header -> header.substring(headerValuePrefix.length()));
|
||||
}
|
||||
|
||||
Optional<String> findAccessTokenInQuery(HttpServletRequest request) {
|
||||
return Optional.ofNullable(request.getParameter(parameterName));
|
||||
}
|
||||
|
||||
public Optional<String> findAccessToken(HttpServletRequest request) {
|
||||
return OptionalUtil.findFirst(() -> findAccessTokenInHeaders(request), () -> findAccessTokenInQuery(request));
|
||||
}
|
||||
|
||||
public String getAccessToken(HttpServletRequest request) {
|
||||
return findAccessToken(request).orElseThrow(AccessTokenNotFoundException::new);
|
||||
}
|
||||
|
||||
}
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
package io.kamax.mxisd.controller.auth.v1.io;
|
||||
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
@@ -21,6 +21,7 @@
|
||||
package io.kamax.mxisd.controller.directory.v1;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import io.kamax.mxisd.controller.ProxyController;
|
||||
import io.kamax.mxisd.controller.directory.v1.io.UserDirectorySearchRequest;
|
||||
import io.kamax.mxisd.controller.directory.v1.io.UserDirectorySearchResult;
|
||||
import io.kamax.mxisd.directory.DirectoryManager;
|
||||
@@ -28,7 +29,10 @@ import io.kamax.mxisd.util.GsonParser;
|
||||
import io.kamax.mxisd.util.GsonUtil;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import org.springframework.web.bind.annotation.CrossOrigin;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RequestMethod;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.io.IOException;
|
||||
@@ -37,7 +41,7 @@ import java.net.URI;
|
||||
@RestController
|
||||
@CrossOrigin
|
||||
@RequestMapping(path = "/_matrix/client/r0/user_directory", produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
|
||||
public class UserDirectoryController {
|
||||
public class UserDirectoryController extends ProxyController {
|
||||
|
||||
private Gson gson = GsonUtil.build();
|
||||
private GsonParser parser = new GsonParser(gson);
|
||||
@@ -46,7 +50,8 @@ public class UserDirectoryController {
|
||||
private DirectoryManager mgr;
|
||||
|
||||
@RequestMapping(path = "/search", method = RequestMethod.POST)
|
||||
public String search(HttpServletRequest request, @RequestParam("access_token") String accessToken) throws IOException {
|
||||
public String search(HttpServletRequest request) throws IOException {
|
||||
String accessToken = getAccessToken(request);
|
||||
UserDirectorySearchRequest searchQuery = parser.parse(request, UserDirectorySearchRequest.class);
|
||||
URI target = URI.create(request.getRequestURL().toString());
|
||||
UserDirectorySearchResult result = mgr.search(target, accessToken, searchQuery.getSearchTerm());
|
||||
|
||||
@@ -22,13 +22,13 @@ package io.kamax.mxisd.controller.identity.v1;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix.crypto.KeyManager;
|
||||
import io.kamax.mxisd.config.ServerConfig;
|
||||
import io.kamax.mxisd.controller.identity.v1.io.ThreePidInviteReplyIO;
|
||||
import io.kamax.mxisd.invitation.IThreePidInvite;
|
||||
import io.kamax.mxisd.invitation.IThreePidInviteReply;
|
||||
import io.kamax.mxisd.invitation.InvitationManager;
|
||||
import io.kamax.mxisd.invitation.ThreePidInvite;
|
||||
import io.kamax.mxisd.key.KeyManager;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
||||
@@ -22,9 +22,9 @@ package io.kamax.mxisd.controller.identity.v1;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.JsonObject;
|
||||
import io.kamax.matrix.crypto.KeyManager;
|
||||
import io.kamax.mxisd.controller.identity.v1.io.KeyValidityJson;
|
||||
import io.kamax.mxisd.exception.BadRequestException;
|
||||
import io.kamax.mxisd.key.KeyManager;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
@@ -64,7 +64,7 @@ public class KeyController {
|
||||
|
||||
@RequestMapping(value = "/pubkey/ephemeral/isvalid", method = GET)
|
||||
public String checkEphemeralKeyValidity(HttpServletRequest request) {
|
||||
log.warn("Ephemeral key was request but no ephemeral key are generated, replying not valid");
|
||||
log.warn("Ephemeral key was requested but no ephemeral key are generated, replying not valid");
|
||||
|
||||
return invalidKey;
|
||||
}
|
||||
|
||||
@@ -22,11 +22,14 @@ package io.kamax.mxisd.controller.identity.v1;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.JsonObject;
|
||||
import io.kamax.matrix.crypto.SignatureManager;
|
||||
import io.kamax.matrix.event.EventKey;
|
||||
import io.kamax.matrix.json.MatrixJson;
|
||||
import io.kamax.mxisd.config.MatrixConfig;
|
||||
import io.kamax.mxisd.controller.identity.v1.io.SingeLookupReplyJson;
|
||||
import io.kamax.mxisd.exception.InternalServerError;
|
||||
import io.kamax.mxisd.lookup.*;
|
||||
import io.kamax.mxisd.lookup.strategy.LookupStrategy;
|
||||
import io.kamax.mxisd.signature.SignatureManager;
|
||||
import io.kamax.mxisd.util.GsonParser;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.slf4j.Logger;
|
||||
@@ -57,6 +60,9 @@ public class MappingController {
|
||||
private Gson gson = new Gson();
|
||||
private GsonParser parser = new GsonParser(gson);
|
||||
|
||||
@Autowired
|
||||
private MatrixConfig mxCfg;
|
||||
|
||||
@Autowired
|
||||
private LookupStrategy strategy;
|
||||
|
||||
@@ -92,16 +98,12 @@ public class MappingController {
|
||||
}
|
||||
|
||||
SingleLookupReply lookup = lookupOpt.get();
|
||||
if (lookup.isSigned()) {
|
||||
log.info("Lookup is already signed, sending as-is");
|
||||
return lookup.getBody();
|
||||
} else {
|
||||
log.info("Lookup is not signed, signing");
|
||||
JsonObject obj = gson.toJsonTree(new SingeLookupReplyJson(lookup)).getAsJsonObject();
|
||||
obj.add("signatures", signMgr.signMessageGson(gson.toJson(obj)));
|
||||
|
||||
return gson.toJson(obj);
|
||||
}
|
||||
// FIXME signing should be done in the business model, not in the controller
|
||||
JsonObject obj = gson.toJsonTree(new SingeLookupReplyJson(lookup)).getAsJsonObject();
|
||||
obj.add(EventKey.Signatures.get(), signMgr.signMessageGson(MatrixJson.encodeCanonical(obj)));
|
||||
|
||||
return gson.toJson(obj);
|
||||
}
|
||||
|
||||
@RequestMapping(value = "/bulk_lookup", method = POST)
|
||||
|
||||
@@ -22,8 +22,8 @@ package io.kamax.mxisd.controller.identity.v1;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.JsonObject;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.matrix.ThreePidMedium;
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.mxisd.config.ServerConfig;
|
||||
import io.kamax.mxisd.config.ViewConfig;
|
||||
import io.kamax.mxisd.controller.identity.v1.io.SessionEmailTokenRequestJson;
|
||||
|
||||
@@ -22,9 +22,6 @@ package io.kamax.mxisd.controller.identity.v1.io;
|
||||
|
||||
import io.kamax.mxisd.lookup.SingleLookupReply;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
public class SingeLookupReplyJson {
|
||||
|
||||
private String address;
|
||||
@@ -33,7 +30,6 @@ public class SingeLookupReplyJson {
|
||||
private long not_after;
|
||||
private long not_before;
|
||||
private long ts;
|
||||
private Map<String, Map<String, String>> signatures = new HashMap<>();
|
||||
|
||||
public SingeLookupReplyJson(SingleLookupReply reply) {
|
||||
this.address = reply.getRequest().getThreePid();
|
||||
@@ -68,8 +64,4 @@ public class SingeLookupReplyJson {
|
||||
return ts;
|
||||
}
|
||||
|
||||
public boolean isSigned() {
|
||||
return signatures != null && !signatures.isEmpty();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -0,0 +1,105 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2018 Kamax Sàrl
|
||||
*
|
||||
* https://www.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.controller.profile.v1;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.JsonElement;
|
||||
import com.google.gson.JsonObject;
|
||||
import com.google.gson.JsonParser;
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix._ThreePid;
|
||||
import io.kamax.mxisd.controller.ProxyController;
|
||||
import io.kamax.mxisd.dns.ClientDnsOverwrite;
|
||||
import io.kamax.mxisd.profile.ProfileManager;
|
||||
import io.kamax.mxisd.util.GsonUtil;
|
||||
import org.apache.http.client.methods.CloseableHttpResponse;
|
||||
import org.apache.http.client.methods.HttpGet;
|
||||
import org.apache.http.client.utils.URIBuilder;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.util.EntityUtils;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.web.bind.annotation.CrossOrigin;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.net.URI;
|
||||
import java.util.List;
|
||||
import java.util.Objects;
|
||||
import java.util.Optional;
|
||||
|
||||
@RestController
|
||||
@CrossOrigin
|
||||
@RequestMapping(path = "/_matrix/client/r0/profile", produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
|
||||
public class ProfileController extends ProxyController {
|
||||
|
||||
private final Logger log = LoggerFactory.getLogger(ProfileController.class);
|
||||
private final ProfileManager mgr;
|
||||
private final CloseableHttpClient client;
|
||||
private final ClientDnsOverwrite dns;
|
||||
private final JsonParser parser;
|
||||
private final Gson gson;
|
||||
|
||||
@Autowired
|
||||
public ProfileController(ProfileManager mgr, CloseableHttpClient client, ClientDnsOverwrite dns) {
|
||||
this.mgr = mgr;
|
||||
this.client = client;
|
||||
this.dns = dns;
|
||||
this.parser = new JsonParser();
|
||||
this.gson = GsonUtil.build();
|
||||
}
|
||||
|
||||
// FIXME do properly in the SDK (headers, check access token, etc.)
|
||||
private String resolveProxyUrl(HttpServletRequest req) {
|
||||
URI target = URI.create(req.getRequestURL().toString() + (Objects.isNull(req.getQueryString()) ? "" : "?" + req.getQueryString()));
|
||||
URIBuilder builder = dns.transform(target);
|
||||
String urlToLogin = builder.toString();
|
||||
log.info("Proxy resolution: {} to {}", target.toString(), urlToLogin);
|
||||
return urlToLogin;
|
||||
}
|
||||
|
||||
@RequestMapping("/{userId:.+}")
|
||||
public String getProfile(HttpServletRequest req, HttpServletResponse res, @PathVariable String userId) {
|
||||
Optional<String> accessTokenOpt = findAccessToken(req);
|
||||
HttpGet reqOut = new HttpGet(resolveProxyUrl(req));
|
||||
accessTokenOpt.ifPresent(accessToken -> reqOut.addHeader("Authorization", "Bearer " + accessToken));
|
||||
|
||||
try (CloseableHttpResponse hsResponse = client.execute(reqOut)) {
|
||||
res.setStatus(hsResponse.getStatusLine().getStatusCode());
|
||||
JsonElement el = parser.parse(EntityUtils.toString(hsResponse.getEntity()));
|
||||
List<_ThreePid> list = mgr.getThreepids(MatrixID.asAcceptable(userId));
|
||||
if (!list.isEmpty() && el.isJsonObject()) {
|
||||
JsonObject obj = el.getAsJsonObject();
|
||||
obj.add("threepids", GsonUtil.build().toJsonTree(list));
|
||||
}
|
||||
return gson.toJson(el);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
@@ -0,0 +1,58 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2018 Kamax Sarl
|
||||
*
|
||||
* https://www.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.controller.profile.v1;
|
||||
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.matrix.json.GsonUtil;
|
||||
import io.kamax.mxisd.profile.ProfileManager;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.web.bind.annotation.CrossOrigin;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.net.URLDecoder;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
|
||||
import static org.springframework.web.bind.annotation.RequestMethod.GET;
|
||||
|
||||
@RestController
|
||||
@CrossOrigin
|
||||
@RequestMapping(produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
|
||||
public class ProfileInternalController {
|
||||
|
||||
private final ProfileManager mgr;
|
||||
|
||||
public ProfileInternalController(ProfileManager mgr) {
|
||||
this.mgr = mgr;
|
||||
}
|
||||
|
||||
@RequestMapping(method = GET, path = "/_matrix-internal/profile/v1/{userId:.+}")
|
||||
public String getProfile(@PathVariable String userId) throws UnsupportedEncodingException {
|
||||
userId = URLDecoder.decode(userId, StandardCharsets.UTF_8.name());
|
||||
_MatrixID mxId = MatrixID.asAcceptable(userId);
|
||||
|
||||
return GsonUtil.get().toJson(GsonUtil.makeObj("roles", GsonUtil.asArray(mgr.getRoles(mxId))));
|
||||
}
|
||||
|
||||
}
|
||||
@@ -27,8 +27,8 @@ import io.kamax.mxisd.config.DirectoryConfig;
|
||||
import io.kamax.mxisd.controller.directory.v1.io.UserDirectorySearchRequest;
|
||||
import io.kamax.mxisd.controller.directory.v1.io.UserDirectorySearchResult;
|
||||
import io.kamax.mxisd.dns.ClientDnsOverwrite;
|
||||
import io.kamax.mxisd.exception.HttpMatrixException;
|
||||
import io.kamax.mxisd.exception.InternalServerError;
|
||||
import io.kamax.mxisd.exception.MatrixException;
|
||||
import io.kamax.mxisd.util.GsonUtil;
|
||||
import io.kamax.mxisd.util.RestClientUtils;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
@@ -99,7 +99,7 @@ public class DirectoryManager {
|
||||
log.warn("Homeserver does not support Directory feature, skipping");
|
||||
} else {
|
||||
log.error("Homeserver returned an error while performing directory search");
|
||||
throw new MatrixException(status, info.getErrcode(), info.getError());
|
||||
throw new HttpMatrixException(status, info.getErrcode(), info.getError());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -22,6 +22,7 @@ package io.kamax.mxisd.dns;
|
||||
|
||||
import io.kamax.mxisd.config.DnsOverwriteConfig;
|
||||
import io.kamax.mxisd.exception.ConfigurationException;
|
||||
import io.kamax.mxisd.exception.InternalServerError;
|
||||
import org.apache.http.client.utils.URIBuilder;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
@@ -53,7 +54,7 @@ public class ClientDnsOverwrite {
|
||||
URIBuilder builder = new URIBuilder(initial);
|
||||
Entry mapping = mappings.get(initial.getHost());
|
||||
if (mapping == null) {
|
||||
return builder;
|
||||
throw new InternalServerError("No DNS client override for " + initial.getHost());
|
||||
}
|
||||
|
||||
try {
|
||||
|
||||
@@ -0,0 +1,29 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2018 Kamax Sarl
|
||||
*
|
||||
* https://www.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.exception;
|
||||
|
||||
public class AccessTokenNotFoundException extends HttpMatrixException {
|
||||
|
||||
public AccessTokenNotFoundException() {
|
||||
super(401, "M_UNKNOWN_TOKEN", "An access token is required to access this resource");
|
||||
}
|
||||
|
||||
}
|
||||
@@ -22,7 +22,7 @@ package io.kamax.mxisd.exception;
|
||||
|
||||
import org.apache.http.HttpStatus;
|
||||
|
||||
public class FeatureNotAvailable extends MatrixException {
|
||||
public class FeatureNotAvailable extends HttpMatrixException {
|
||||
|
||||
private String internalReason;
|
||||
|
||||
|
||||
@@ -20,28 +20,19 @@
|
||||
|
||||
package io.kamax.mxisd.exception;
|
||||
|
||||
public class MatrixException extends MxisdException {
|
||||
import io.kamax.matrix.MatrixException;
|
||||
|
||||
public class HttpMatrixException extends MatrixException {
|
||||
|
||||
private int status;
|
||||
private String errorCode;
|
||||
private String error;
|
||||
|
||||
public MatrixException(int status, String errorCode, String error) {
|
||||
public HttpMatrixException(int status, String errorCode, String error) {
|
||||
super(errorCode, error);
|
||||
this.status = status;
|
||||
this.errorCode = errorCode;
|
||||
this.error = error;
|
||||
}
|
||||
|
||||
public int getStatus() {
|
||||
return status;
|
||||
}
|
||||
|
||||
public String getErrorCode() {
|
||||
return errorCode;
|
||||
}
|
||||
|
||||
public String getError() {
|
||||
return error;
|
||||
}
|
||||
|
||||
}
|
||||
@@ -24,7 +24,7 @@ import org.apache.http.HttpStatus;
|
||||
|
||||
import java.time.Instant;
|
||||
|
||||
public class InternalServerError extends MatrixException {
|
||||
public class InternalServerError extends HttpMatrixException {
|
||||
|
||||
private String reference = Long.toString(Instant.now().toEpochMilli());
|
||||
private String internalReason;
|
||||
|
||||
@@ -22,7 +22,7 @@ package io.kamax.mxisd.exception;
|
||||
|
||||
import org.apache.http.HttpStatus;
|
||||
|
||||
public class MessageForClientException extends MatrixException {
|
||||
public class MessageForClientException extends HttpMatrixException {
|
||||
|
||||
public MessageForClientException(String error) {
|
||||
super(HttpStatus.SC_OK, "M_MESSAGE_FOR_CLIENT", error);
|
||||
|
||||
@@ -23,7 +23,7 @@ package io.kamax.mxisd.exception;
|
||||
|
||||
import org.apache.http.HttpStatus;
|
||||
|
||||
public class NotAllowedException extends MatrixException {
|
||||
public class NotAllowedException extends HttpMatrixException {
|
||||
|
||||
public NotAllowedException(String s) {
|
||||
super(HttpStatus.SC_FORBIDDEN, "M_FORBIDDEN", s);
|
||||
|
||||
@@ -2,7 +2,7 @@ package io.kamax.mxisd.exception;
|
||||
|
||||
import org.apache.http.HttpStatus;
|
||||
|
||||
public class RemoteHomeServerException extends MatrixException {
|
||||
public class RemoteHomeServerException extends HttpMatrixException {
|
||||
|
||||
public RemoteHomeServerException(String error) {
|
||||
super(HttpStatus.SC_SERVICE_UNAVAILABLE, "M_REMOTE_HS_ERROR", "Error from remote server: " + error);
|
||||
|
||||
@@ -22,7 +22,7 @@ package io.kamax.mxisd.exception;
|
||||
|
||||
import org.apache.http.HttpStatus;
|
||||
|
||||
public class RemoteIdentityServerException extends MatrixException {
|
||||
public class RemoteIdentityServerException extends HttpMatrixException {
|
||||
|
||||
public RemoteIdentityServerException(String error) {
|
||||
super(HttpStatus.SC_SERVICE_UNAVAILABLE, "M_REMOTE_IS_ERROR", "Error from remote server: " + error);
|
||||
|
||||
@@ -23,7 +23,7 @@ package io.kamax.mxisd.exception;
|
||||
|
||||
import com.google.gson.JsonObject;
|
||||
|
||||
public class RemoteLoginException extends MatrixException {
|
||||
public class RemoteLoginException extends HttpMatrixException {
|
||||
|
||||
private JsonObject errorBodyMsgResp;
|
||||
|
||||
|
||||
@@ -22,7 +22,7 @@ package io.kamax.mxisd.exception;
|
||||
|
||||
import org.apache.http.HttpStatus;
|
||||
|
||||
public class SessionNotValidatedException extends MatrixException {
|
||||
public class SessionNotValidatedException extends HttpMatrixException {
|
||||
|
||||
public SessionNotValidatedException() {
|
||||
super(HttpStatus.SC_OK, "M_SESSION_NOT_VALIDATED", "This validation session has not yet been completed");
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
package io.kamax.mxisd.exception;
|
||||
|
||||
public class SessionUnknownException extends MatrixException {
|
||||
public class SessionUnknownException extends HttpMatrixException {
|
||||
|
||||
public SessionUnknownException() {
|
||||
this("No valid session was found matching that sid and client secret");
|
||||
|
||||
@@ -24,6 +24,7 @@ import com.google.gson.Gson;
|
||||
import com.google.gson.JsonArray;
|
||||
import com.google.gson.JsonObject;
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix.crypto.SignatureManager;
|
||||
import io.kamax.mxisd.config.InvitationConfig;
|
||||
import io.kamax.mxisd.dns.FederationDnsOverwrite;
|
||||
import io.kamax.mxisd.exception.BadRequestException;
|
||||
@@ -32,7 +33,6 @@ import io.kamax.mxisd.lookup.SingleLookupReply;
|
||||
import io.kamax.mxisd.lookup.ThreePidMapping;
|
||||
import io.kamax.mxisd.lookup.strategy.LookupStrategy;
|
||||
import io.kamax.mxisd.notification.NotificationManager;
|
||||
import io.kamax.mxisd.signature.SignatureManager;
|
||||
import io.kamax.mxisd.storage.IStorage;
|
||||
import io.kamax.mxisd.storage.ormlite.ThreePidInviteIO;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
|
||||
@@ -1,115 +0,0 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2017 Maxime Dor
|
||||
*
|
||||
* https://max.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.key;
|
||||
|
||||
import io.kamax.mxisd.config.KeyConfig;
|
||||
import net.i2p.crypto.eddsa.EdDSAEngine;
|
||||
import net.i2p.crypto.eddsa.EdDSAPrivateKey;
|
||||
import net.i2p.crypto.eddsa.EdDSAPublicKey;
|
||||
import net.i2p.crypto.eddsa.KeyPairGenerator;
|
||||
import net.i2p.crypto.eddsa.spec.EdDSANamedCurveTable;
|
||||
import net.i2p.crypto.eddsa.spec.EdDSAParameterSpec;
|
||||
import net.i2p.crypto.eddsa.spec.EdDSAPrivateKeySpec;
|
||||
import net.i2p.crypto.eddsa.spec.EdDSAPublicKeySpec;
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
import java.security.KeyPair;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.PrivateKey;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Base64;
|
||||
import java.util.List;
|
||||
|
||||
@Component
|
||||
public class KeyManager {
|
||||
|
||||
@Autowired
|
||||
private KeyConfig keyCfg;
|
||||
|
||||
private EdDSAParameterSpec keySpecs;
|
||||
private EdDSAEngine signEngine;
|
||||
private List<KeyPair> keys;
|
||||
|
||||
@PostConstruct
|
||||
public void build() {
|
||||
try {
|
||||
keySpecs = EdDSANamedCurveTable.getByName(EdDSANamedCurveTable.CURVE_ED25519_SHA512);
|
||||
signEngine = new EdDSAEngine(MessageDigest.getInstance(keySpecs.getHashAlgorithm()));
|
||||
keys = new ArrayList<>();
|
||||
|
||||
Path privKey = Paths.get(keyCfg.getPath());
|
||||
|
||||
if (!Files.exists(privKey)) {
|
||||
KeyPair pair = (new KeyPairGenerator()).generateKeyPair();
|
||||
String keyEncoded = Base64.getEncoder().encodeToString(pair.getPrivate().getEncoded());
|
||||
FileUtils.writeStringToFile(privKey.toFile(), keyEncoded, StandardCharsets.ISO_8859_1);
|
||||
keys.add(pair);
|
||||
} else {
|
||||
if (Files.isDirectory(privKey)) {
|
||||
throw new RuntimeException("Invalid path for private key: " + privKey.toString());
|
||||
}
|
||||
|
||||
if (Files.isReadable(privKey)) {
|
||||
byte[] seed = Base64.getDecoder().decode(FileUtils.readFileToString(privKey.toFile(), StandardCharsets.ISO_8859_1));
|
||||
EdDSAPrivateKeySpec privKeySpec = new EdDSAPrivateKeySpec(seed, keySpecs);
|
||||
EdDSAPublicKeySpec pubKeySpec = new EdDSAPublicKeySpec(privKeySpec.getA(), keySpecs);
|
||||
keys.add(new KeyPair(new EdDSAPublicKey(pubKeySpec), new EdDSAPrivateKey(privKeySpec)));
|
||||
}
|
||||
}
|
||||
} catch (NoSuchAlgorithmException | IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
public int getCurrentIndex() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
public KeyPair getKeys(int index) {
|
||||
return keys.get(index);
|
||||
}
|
||||
|
||||
public PrivateKey getPrivateKey(int index) {
|
||||
return getKeys(index).getPrivate();
|
||||
}
|
||||
|
||||
public EdDSAPublicKey getPublicKey(int index) {
|
||||
return (EdDSAPublicKey) getKeys(index).getPublic();
|
||||
}
|
||||
|
||||
public EdDSAParameterSpec getSpecs() {
|
||||
return keySpecs;
|
||||
}
|
||||
|
||||
public String getPublicKeyBase64(int index) {
|
||||
return Base64.getEncoder().encodeToString(getPublicKey(index).getAbyte());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -33,7 +33,6 @@ public class SingleLookupReply {
|
||||
private static Gson gson = new Gson();
|
||||
|
||||
private boolean isRecursive;
|
||||
private boolean isSigned;
|
||||
private String body;
|
||||
private SingleLookupRequest request;
|
||||
private _MatrixID mxid;
|
||||
@@ -53,7 +52,6 @@ public class SingleLookupReply {
|
||||
reply.notAfter = Instant.ofEpochMilli(json.getNot_after());
|
||||
reply.notBefore = Instant.ofEpochMilli(json.getNot_before());
|
||||
reply.timestamp = Instant.ofEpochMilli(json.getTs());
|
||||
reply.isSigned = json.isSigned();
|
||||
} catch (JsonSyntaxException e) {
|
||||
// stub - we only want to try, nothing more
|
||||
}
|
||||
@@ -85,10 +83,6 @@ public class SingleLookupReply {
|
||||
return isRecursive;
|
||||
}
|
||||
|
||||
public boolean isSigned() {
|
||||
return isSigned;
|
||||
}
|
||||
|
||||
public String getBody() {
|
||||
return body;
|
||||
}
|
||||
|
||||
@@ -21,7 +21,7 @@
|
||||
package io.kamax.mxisd.lookup;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
|
||||
public class ThreePidMapping {
|
||||
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
package io.kamax.mxisd.lookup;
|
||||
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
|
||||
import java.time.Instant;
|
||||
|
||||
@@ -29,7 +29,7 @@ public class ThreePidValidation extends ThreePid {
|
||||
private Instant validation;
|
||||
|
||||
public ThreePidValidation(ThreePid tpid, Instant validation) {
|
||||
super(tpid);
|
||||
super(tpid.getMedium(), tpid.getAddress());
|
||||
this.validation = validation;
|
||||
}
|
||||
|
||||
|
||||
58
src/main/java/io/kamax/mxisd/profile/ProfileManager.java
Normal file
58
src/main/java/io/kamax/mxisd/profile/ProfileManager.java
Normal file
@@ -0,0 +1,58 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2018 Kamax Sàrl
|
||||
*
|
||||
* https://www.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.profile;
|
||||
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.matrix._ThreePid;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
import java.util.function.Function;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
@Component
|
||||
public class ProfileManager {
|
||||
|
||||
private List<ProfileProvider> providers;
|
||||
|
||||
public ProfileManager(List<ProfileProvider> providers) {
|
||||
this.providers = providers.stream()
|
||||
.filter(ProfileProvider::isEnabled)
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
public <T> List<T> get(Function<ProfileProvider, List<T>> function) {
|
||||
return providers.stream()
|
||||
.map(function)
|
||||
.flatMap(Collection::stream)
|
||||
.collect(Collectors.toList());
|
||||
}
|
||||
|
||||
public List<_ThreePid> getThreepids(_MatrixID mxid) {
|
||||
return get(p -> p.getThreepids(mxid));
|
||||
}
|
||||
|
||||
public List<String> getRoles(_MatrixID mxid) {
|
||||
return get(p -> p.getRoles(mxid));
|
||||
}
|
||||
|
||||
}
|
||||
36
src/main/java/io/kamax/mxisd/profile/ProfileProvider.java
Normal file
36
src/main/java/io/kamax/mxisd/profile/ProfileProvider.java
Normal file
@@ -0,0 +1,36 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2018 Kamax Sàrl
|
||||
*
|
||||
* https://www.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.profile;
|
||||
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.matrix._ThreePid;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public interface ProfileProvider {
|
||||
|
||||
boolean isEnabled();
|
||||
|
||||
List<_ThreePid> getThreepids(_MatrixID mxid);
|
||||
|
||||
List<String> getRoles(_MatrixID mxid);
|
||||
|
||||
}
|
||||
@@ -25,9 +25,9 @@ import com.google.i18n.phonenumbers.NumberParseException;
|
||||
import com.google.i18n.phonenumbers.PhoneNumberUtil;
|
||||
import com.google.i18n.phonenumbers.Phonenumber;
|
||||
import io.kamax.matrix.MatrixID;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.matrix.ThreePidMedium;
|
||||
import io.kamax.matrix._MatrixID;
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.mxisd.config.MatrixConfig;
|
||||
import io.kamax.mxisd.config.SessionConfig;
|
||||
import io.kamax.mxisd.controller.identity.v1.io.RequestTokenResponse;
|
||||
|
||||
@@ -1,79 +0,0 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2017 Maxime Dor
|
||||
*
|
||||
* https://max.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.signature;
|
||||
|
||||
import com.google.gson.JsonObject;
|
||||
import io.kamax.mxisd.config.ServerConfig;
|
||||
import io.kamax.mxisd.exception.InternalServerError;
|
||||
import io.kamax.mxisd.key.KeyManager;
|
||||
import net.i2p.crypto.eddsa.EdDSAEngine;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.MessageDigest;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.security.SignatureException;
|
||||
import java.util.Base64;
|
||||
|
||||
@Component
|
||||
public class SignatureManager {
|
||||
|
||||
@Autowired
|
||||
private KeyManager keyMgr;
|
||||
|
||||
@Autowired
|
||||
private ServerConfig srvCfg;
|
||||
|
||||
private EdDSAEngine signEngine;
|
||||
|
||||
private String sign(String message) {
|
||||
try {
|
||||
byte[] signRaw = signEngine.signOneShot(message.getBytes());
|
||||
return Base64.getEncoder().encodeToString(signRaw);
|
||||
} catch (SignatureException e) {
|
||||
throw new InternalServerError(e);
|
||||
}
|
||||
}
|
||||
|
||||
public JsonObject signMessageGson(String message) {
|
||||
String sign = sign(message);
|
||||
|
||||
JsonObject keySignature = new JsonObject();
|
||||
keySignature.addProperty("ed25519:" + keyMgr.getCurrentIndex(), sign);
|
||||
JsonObject signature = new JsonObject();
|
||||
signature.add(srvCfg.getName(), keySignature);
|
||||
|
||||
return signature;
|
||||
}
|
||||
|
||||
@PostConstruct
|
||||
public void build() {
|
||||
try {
|
||||
signEngine = new EdDSAEngine(MessageDigest.getInstance(keyMgr.getSpecs().getHashAlgorithm()));
|
||||
signEngine.initSign(keyMgr.getPrivateKey(keyMgr.getCurrentIndex()));
|
||||
} catch (NoSuchAlgorithmException | InvalidKeyException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
57
src/main/java/io/kamax/mxisd/spring/CryptoFactory.java
Normal file
57
src/main/java/io/kamax/mxisd/spring/CryptoFactory.java
Normal file
@@ -0,0 +1,57 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2018 Kamax Sarl
|
||||
*
|
||||
* https://www.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.spring;
|
||||
|
||||
import io.kamax.matrix.crypto.KeyFileStore;
|
||||
import io.kamax.matrix.crypto.KeyManager;
|
||||
import io.kamax.matrix.crypto.SignatureManager;
|
||||
import io.kamax.mxisd.config.KeyConfig;
|
||||
import io.kamax.mxisd.config.MatrixConfig;
|
||||
import org.apache.commons.io.FileUtils;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
|
||||
@Configuration
|
||||
public class CryptoFactory {
|
||||
|
||||
@Bean
|
||||
public KeyManager getKeyManager(KeyConfig keyCfg) {
|
||||
File keyStore = new File(keyCfg.getPath());
|
||||
if (!keyStore.exists()) {
|
||||
try {
|
||||
FileUtils.touch(keyStore);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
}
|
||||
|
||||
return new KeyManager(new KeyFileStore(keyCfg.getPath()));
|
||||
}
|
||||
|
||||
@Bean
|
||||
public SignatureManager getSignatureManager(KeyManager keyMgr, MatrixConfig mxCfg) {
|
||||
return new SignatureManager(keyMgr, mxCfg.getDomain());
|
||||
}
|
||||
|
||||
}
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
package io.kamax.mxisd.storage;
|
||||
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.mxisd.invitation.IThreePidInviteReply;
|
||||
import io.kamax.mxisd.storage.dao.IThreePidSessionDao;
|
||||
import io.kamax.mxisd.storage.ormlite.ThreePidInviteIO;
|
||||
|
||||
@@ -26,7 +26,7 @@ import com.j256.ormlite.dao.DaoManager;
|
||||
import com.j256.ormlite.jdbc.JdbcConnectionSource;
|
||||
import com.j256.ormlite.support.ConnectionSource;
|
||||
import com.j256.ormlite.table.TableUtils;
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.mxisd.exception.InternalServerError;
|
||||
import io.kamax.mxisd.invitation.IThreePidInviteReply;
|
||||
import io.kamax.mxisd.storage.IStorage;
|
||||
|
||||
@@ -22,7 +22,7 @@ package io.kamax.mxisd.storage.ormlite.dao;
|
||||
|
||||
import com.j256.ormlite.field.DatabaseField;
|
||||
import com.j256.ormlite.table.DatabaseTable;
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.mxisd.storage.dao.IThreePidSessionDao;
|
||||
|
||||
@DatabaseTable(tableName = "session_3pid")
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
package io.kamax.mxisd.threepid.notification;
|
||||
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.mxisd.config.MatrixConfig;
|
||||
import io.kamax.mxisd.config.ServerConfig;
|
||||
import io.kamax.mxisd.controller.identity.v1.IdentityAPIv1;
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
package io.kamax.mxisd.threepid.notification.email;
|
||||
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.mxisd.config.MatrixConfig;
|
||||
import io.kamax.mxisd.config.ServerConfig;
|
||||
import io.kamax.mxisd.config.threepid.medium.EmailConfig;
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
package io.kamax.mxisd.threepid.session;
|
||||
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
|
||||
import java.time.Instant;
|
||||
import java.util.Optional;
|
||||
|
||||
@@ -20,7 +20,7 @@
|
||||
|
||||
package io.kamax.mxisd.threepid.session;
|
||||
|
||||
import io.kamax.mxisd.ThreePid;
|
||||
import io.kamax.matrix.ThreePid;
|
||||
import io.kamax.mxisd.exception.BadRequestException;
|
||||
import io.kamax.mxisd.exception.InvalidCredentialsException;
|
||||
import io.kamax.mxisd.storage.dao.IThreePidSessionDao;
|
||||
@@ -76,7 +76,7 @@ public class ThreePidSession implements IThreePidSession {
|
||||
public ThreePidSession(String id, String server, ThreePid tPid, String secret, int attempt, String nextLink, String token) {
|
||||
this.id = id;
|
||||
this.server = server;
|
||||
this.tPid = new ThreePid(tPid);
|
||||
this.tPid = new ThreePid(tPid.getMedium(), tPid.getAddress());
|
||||
this.secret = secret;
|
||||
this.attempt = attempt;
|
||||
this.nextLink = nextLink;
|
||||
|
||||
33
src/main/java/io/kamax/mxisd/util/OptionalUtil.java
Normal file
33
src/main/java/io/kamax/mxisd/util/OptionalUtil.java
Normal file
@@ -0,0 +1,33 @@
|
||||
/*
|
||||
* mxisd - Matrix Identity Server Daemon
|
||||
* Copyright (C) 2018 Kamax Sarl
|
||||
*
|
||||
* https://www.kamax.io/
|
||||
*
|
||||
* This program is free software: you can redistribute it and/or modify
|
||||
* it under the terms of the GNU Affero General Public License as
|
||||
* published by the Free Software Foundation, either version 3 of the
|
||||
* License, or (at your option) any later version.
|
||||
*
|
||||
* This program is distributed in the hope that it will be useful,
|
||||
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
* GNU Affero General Public License for more details.
|
||||
*
|
||||
* You should have received a copy of the GNU Affero General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
package io.kamax.mxisd.util;
|
||||
|
||||
import java.util.Optional;
|
||||
import java.util.function.Supplier;
|
||||
import java.util.stream.Stream;
|
||||
|
||||
public class OptionalUtil {
|
||||
|
||||
public static <T> Optional<T> findFirst(Supplier<Optional<T>>... suppliers) {
|
||||
return Stream.of(suppliers).map(Supplier::get).filter(Optional::isPresent).map(Optional::get).findFirst();
|
||||
}
|
||||
|
||||
}
|
||||
@@ -151,10 +151,16 @@ sql:
|
||||
identity:
|
||||
type: 'mxid'
|
||||
query: 'SELECT user_id AS uid FROM user_threepids WHERE medium = ? AND address = ?'
|
||||
profile:
|
||||
threepid:
|
||||
query: 'SELECT medium, address FROM user_threepids WHERE user_id = ?'
|
||||
|
||||
synapseSql:
|
||||
enabled: false
|
||||
type: 'sqlite'
|
||||
profile:
|
||||
threepid:
|
||||
query: 'SELECT medium, address FROM user_threepids WHERE user_id = ?'
|
||||
|
||||
wordpress:
|
||||
enabled: false
|
||||
|
||||
Reference in New Issue
Block a user