crappyrules
/
conduit
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

Merge pull request 'Uiaa + Close registration + optimizations' (#113) from uiaa into master

ruma
Timo Kösters 6 years ago
parent
88d091fca1 95047272e8
commit
c681f0c494
10 changed files with 422 additions and 150 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 17
      Cargo.lock
  2. 11
      Cargo.toml
  3. 6
      Rocket-example.toml
  4. 302
      src/client_server.rs
  5. 13
      src/database.rs
  6. 24
      src/database/globals.rs
  7. 2
      src/database/rooms.rs
  8. 161
      src/database/uiaa.rs
  9. 34
      src/database/users.rs
  10. 2
      src/pdu.rs

17
Cargo.lock generated
Unescape View File

@ -1263,7 +1263,7 @@ dependencies = [
[[package]] [[package]]
name = "ruma" name = "ruma"
version = "0.1.0" version = "0.1.0"
source = "git+https://github.com/ruma/ruma?rev=f6fb971329a4a5a7faeebf7ea47a86cd19e580f4#f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" source = "git+https://github.com/ruma/ruma?rev=12388c3fbc8ba2a685cbf0fe810c633c827f5b2c#12388c3fbc8ba2a685cbf0fe810c633c827f5b2c"
dependencies = [ dependencies = [
"ruma-api", "ruma-api",
"ruma-client-api", "ruma-client-api",
@ -1277,7 +1277,7 @@ dependencies = [
[[package]] [[package]]
name = "ruma-api" name = "ruma-api"
version = "0.16.1" version = "0.16.1"
source = "git+https://github.com/ruma/ruma?rev=f6fb971329a4a5a7faeebf7ea47a86cd19e580f4#f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" source = "git+https://github.com/ruma/ruma?rev=12388c3fbc8ba2a685cbf0fe810c633c827f5b2c#12388c3fbc8ba2a685cbf0fe810c633c827f5b2c"
dependencies = [ dependencies = [
"http", "http",
"percent-encoding 2.1.0", "percent-encoding 2.1.0",
@ -1292,7 +1292,7 @@ dependencies = [
[[package]] [[package]]
name = "ruma-api-macros" name = "ruma-api-macros"
version = "0.16.1" version = "0.16.1"
source = "git+https://github.com/ruma/ruma?rev=f6fb971329a4a5a7faeebf7ea47a86cd19e580f4#f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" source = "git+https://github.com/ruma/ruma?rev=12388c3fbc8ba2a685cbf0fe810c633c827f5b2c#12388c3fbc8ba2a685cbf0fe810c633c827f5b2c"
dependencies = [ dependencies = [
"proc-macro2 1.0.18", "proc-macro2 1.0.18",
"quote 1.0.6", "quote 1.0.6",
@ -1302,7 +1302,7 @@ dependencies = [
[[package]] [[package]]
name = "ruma-client-api" name = "ruma-client-api"
version = "0.9.0" version = "0.9.0"
source = "git+https://github.com/ruma/ruma?rev=f6fb971329a4a5a7faeebf7ea47a86cd19e580f4#f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" source = "git+https://github.com/ruma/ruma?rev=12388c3fbc8ba2a685cbf0fe810c633c827f5b2c#12388c3fbc8ba2a685cbf0fe810c633c827f5b2c"
dependencies = [ dependencies = [
"http", "http",
"js_int", "js_int",
@ -1319,7 +1319,7 @@ dependencies = [
[[package]] [[package]]
name = "ruma-common" name = "ruma-common"
version = "0.1.3" version = "0.1.3"
source = "git+https://github.com/ruma/ruma?rev=f6fb971329a4a5a7faeebf7ea47a86cd19e580f4#f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" source = "git+https://github.com/ruma/ruma?rev=12388c3fbc8ba2a685cbf0fe810c633c827f5b2c#12388c3fbc8ba2a685cbf0fe810c633c827f5b2c"
dependencies = [ dependencies = [
"matches", "matches",
"ruma-serde", "ruma-serde",
@ -1356,8 +1356,7 @@ dependencies = [
[[package]] [[package]]
name = "ruma-federation-api" name = "ruma-federation-api"
version = "0.0.2" version = "0.0.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "git+https://github.com/ruma/ruma?rev=12388c3fbc8ba2a685cbf0fe810c633c827f5b2c#12388c3fbc8ba2a685cbf0fe810c633c827f5b2c"
checksum = "ff655a4cb7d43b60b18e07a601889836c1c12854bb16f4c083826b664fdc55aa"
dependencies = [ dependencies = [
"js_int", "js_int",
"matches", "matches",
@ -1382,7 +1381,7 @@ dependencies = [
[[package]] [[package]]
name = "ruma-serde" name = "ruma-serde"
version = "0.2.2" version = "0.2.2"
source = "git+https://github.com/ruma/ruma?rev=f6fb971329a4a5a7faeebf7ea47a86cd19e580f4#f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" source = "git+https://github.com/ruma/ruma?rev=12388c3fbc8ba2a685cbf0fe810c633c827f5b2c#12388c3fbc8ba2a685cbf0fe810c633c827f5b2c"
dependencies = [ dependencies = [
"dtoa", "dtoa",
"itoa", "itoa",
@ -1395,7 +1394,7 @@ dependencies = [
[[package]] [[package]]
name = "ruma-signatures" name = "ruma-signatures"
version = "0.6.0-dev.1" version = "0.6.0-dev.1"
source = "git+https://github.com/ruma/ruma?rev=f6fb971329a4a5a7faeebf7ea47a86cd19e580f4#f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" source = "git+https://github.com/ruma/ruma?rev=12388c3fbc8ba2a685cbf0fe810c633c827f5b2c#12388c3fbc8ba2a685cbf0fe810c633c827f5b2c"
dependencies = [ dependencies = [
"base64 0.12.1", "base64 0.12.1",
"ring", "ring",

11
Cargo.toml
Unescape View File

@ -30,12 +30,13 @@ image = { version = "0.23.4", default-features = false, features = ["jpeg", "png
[dependencies.ruma] [dependencies.ruma]
git = "https://github.com/ruma/ruma" git = "https://github.com/ruma/ruma"
rev = "f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" rev = "12388c3fbc8ba2a685cbf0fe810c633c827f5b2c"
#path = "../ruma/ruma"
features = ["rand", "client-api", "federation-api"] features = ["rand", "client-api", "federation-api"]
# These are required only until ruma-events and ruma-federation-api are merged into ruma/ruma # These are required only until ruma-events and ruma-federation-api are merged into ruma/ruma
[patch.crates-io] [patch.crates-io]
ruma-api = { git = "https://github.com/ruma/ruma", rev = "f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" } ruma-common = { git = "https://github.com/ruma/ruma", rev = "12388c3fbc8ba2a685cbf0fe810c633c827f5b2c" }
ruma-common = { git = "https://github.com/ruma/ruma", rev = "f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" } ruma-serde = { git = "https://github.com/ruma/ruma", rev = "12388c3fbc8ba2a685cbf0fe810c633c827f5b2c" }
ruma-events = { git = "https://github.com/ruma/ruma-events", rev = "c1ee72d" } #ruma-common = { path = "../ruma/ruma-common" }
ruma-serde = { git = "https://github.com/ruma/ruma", rev = "f6fb971329a4a5a7faeebf7ea47a86cd19e580f4" } #ruma-serde = { path = "../ruma/ruma-serde" }

6
Rocket-example.toml
Unescape View File

@ -1,11 +1,13 @@
[global] [global]
server_name = "your.server.name" server_name = "your.server.name"
port = 8448 #registration_disabled = true
address = "0.0.0.0"
# Default path is in this user's data # Default path is in this user's data
#database_path = "/home/timo/MyConduitServer" #database_path = "/home/timo/MyConduitServer"
port = 14004
address = "0.0.0.0"
#[global.tls] #[global.tls]
#certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem" #certs = "/etc/letsencrypt/live/your.server.name/fullchain.pem"
#key = "/etc/letsencrypt/live/your.server.name/privkey.pem" #key = "/etc/letsencrypt/live/your.server.name/privkey.pem"

302
src/client_server.rs
Unescape View File

@ -56,15 +56,15 @@ use ruma::{
room::{canonical_alias, guest_access, history_visibility, join_rules, member, redaction}, room::{canonical_alias, guest_access, history_visibility, join_rules, member, redaction},
EventJson, EventType, EventJson, EventType,
}, },
identifiers::{DeviceId, RoomAliasId, RoomId, RoomVersionId, UserId}, identifiers::{RoomAliasId, RoomId, RoomVersionId, UserId},
}; };
use serde_json::{json, value::RawValue}; use serde_json::{json, value::RawValue};
const GUEST_NAME_LENGTH: usize = 10; const GUEST_NAME_LENGTH: usize = 10;
const DEVICE_ID_LENGTH: usize = 10; const DEVICE_ID_LENGTH: usize = 10;
const SESSION_ID_LENGTH: usize = 256;
const TOKEN_LENGTH: usize = 256; const TOKEN_LENGTH: usize = 256;
const MXC_LENGTH: usize = 256; const MXC_LENGTH: usize = 256;
const SESSION_ID_LENGTH: usize = 256;
#[get("/_matrix/client/versions")] #[get("/_matrix/client/versions")]
pub fn get_supported_versions_route() -> MatrixResult<get_supported_versions::Response> { pub fn get_supported_versions_route() -> MatrixResult<get_supported_versions::Response> {
@ -117,15 +117,11 @@ pub fn register_route(
db: State<'_, Database>, db: State<'_, Database>,
body: Ruma<register::Request>, body: Ruma<register::Request>,
) -> MatrixResult<register::Response, UiaaResponse> { ) -> MatrixResult<register::Response, UiaaResponse> {
if body.auth.is_none() { if db.globals.registration_disabled() {
return MatrixResult(Err(UiaaResponse::AuthResponse(UiaaInfo { return MatrixResult(Err(UiaaResponse::MatrixError(Error {
flows: vec![AuthFlow { kind: ErrorKind::Unknown,
stages: vec!["m.login.dummy".to_owned()], message: "Registration has been disabled.".to_owned(),
}], status_code: http::StatusCode::FORBIDDEN,
completed: vec![],
params: RawValue::from_string("{}".to_owned()).unwrap(),
session: Some(utils::random_string(SESSION_ID_LENGTH)),
auth_error: None,
}))); })));
} }
@ -161,6 +157,31 @@ pub fn register_route(
}))); })));
} }
// UIAA
let uiaainfo = UiaaInfo {
flows: vec![AuthFlow {
stages: vec!["m.login.dummy".to_owned()],
}],
completed: Vec::new(),
params: Default::default(),
session: Some(utils::random_string(SESSION_ID_LENGTH)),
auth_error: None,
};
if let Some(auth) = &body.auth {
let (worked, uiaainfo) = db
.uiaa
.try_auth(&user_id, "", auth, &uiaainfo, &db.users, &db.globals)
.unwrap();
if !worked {
return MatrixResult(Err(UiaaResponse::AuthResponse(uiaainfo)));
}
// Success!
} else {
db.uiaa.create(&user_id, "", &uiaainfo).unwrap();
return MatrixResult(Err(UiaaResponse::AuthResponse(uiaainfo)));
}
let password = body.password.clone().unwrap_or_default(); let password = body.password.clone().unwrap_or_default();
if let Ok(hash) = utils::calculate_hash(&password) { if let Ok(hash) = utils::calculate_hash(&password) {
@ -575,7 +596,7 @@ pub fn get_displayname_route(
body: Ruma<get_display_name::Request>, body: Ruma<get_display_name::Request>,
_user_id: String, _user_id: String,
) -> MatrixResult<get_display_name::Response> { ) -> MatrixResult<get_display_name::Response> {
let user_id = (*body).user_id.clone(); let user_id = body.body.user_id.clone();
MatrixResult(Ok(get_display_name::Response { MatrixResult(Ok(get_display_name::Response {
displayname: db.users.displayname(&user_id).unwrap(), displayname: db.users.displayname(&user_id).unwrap(),
})) }))
@ -666,7 +687,7 @@ pub fn get_avatar_url_route(
body: Ruma<get_avatar_url::Request>, body: Ruma<get_avatar_url::Request>,
_user_id: String, _user_id: String,
) -> MatrixResult<get_avatar_url::Response> { ) -> MatrixResult<get_avatar_url::Response> {
let user_id = (*body).user_id.clone(); let user_id = body.body.user_id.clone();
MatrixResult(Ok(get_avatar_url::Response { MatrixResult(Ok(get_avatar_url::Response {
avatar_url: db.users.avatar_url(&user_id).unwrap(), avatar_url: db.users.avatar_url(&user_id).unwrap(),
})) }))
@ -678,7 +699,7 @@ pub fn get_profile_route(
body: Ruma<get_profile::Request>, body: Ruma<get_profile::Request>,
_user_id: String, _user_id: String,
) -> MatrixResult<get_profile::Response> { ) -> MatrixResult<get_profile::Response> {
let user_id = (*body).user_id.clone(); let user_id = body.body.user_id.clone();
let avatar_url = db.users.avatar_url(&user_id).unwrap(); let avatar_url = db.users.avatar_url(&user_id).unwrap();
let displayname = db.users.displayname(&user_id).unwrap(); let displayname = db.users.displayname(&user_id).unwrap();
@ -2316,50 +2337,51 @@ pub fn sync_route(
); );
} }
joined_rooms.insert( let joined_room = sync_events::JoinedRoom {
room_id.clone().try_into().unwrap(), account_data: sync_events::AccountData {
sync_events::JoinedRoom { events: db
account_data: Some(sync_events::AccountData { .account_data
events: db .changes_since(Some(&room_id), &user_id, since)
.account_data .unwrap()
.changes_since(Some(&room_id), &user_id, since) .into_iter()
.unwrap() .map(|(_, v)| v)
.into_iter() .collect(),
.map(|(_, v)| v) },
.collect(), summary: sync_events::RoomSummary {
}), heroes,
summary: sync_events::RoomSummary { joined_member_count: joined_member_count.map(|n| (n as u32).into()),
heroes, invited_member_count: invited_member_count.map(|n| (n as u32).into()),
joined_member_count: joined_member_count.map(|n| (n as u32).into()), },
invited_member_count: invited_member_count.map(|n| (n as u32).into()), unread_notifications: sync_events::UnreadNotificationsCount {
}, highlight_count: None,
unread_notifications: sync_events::UnreadNotificationsCount { notification_count,
highlight_count: None, },
notification_count, timeline: sync_events::Timeline {
}, limited: if limited || joined_since_last_sync {
timeline: sync_events::Timeline { Some(true)
limited: if limited || joined_since_last_sync { } else {
Some(true) None
} else {
None
},
prev_batch,
events: room_events,
}, },
// TODO: state before timeline prev_batch,
state: sync_events::State { events: room_events,
events: if joined_since_last_sync { },
state // TODO: state before timeline
.into_iter() state: sync_events::State {
.map(|(_, pdu)| pdu.to_state_event()) events: if joined_since_last_sync {
.collect() state
} else { .into_iter()
Vec::new() .map(|(_, pdu)| pdu.to_state_event())
}, .collect()
} else {
Vec::new()
}, },
ephemeral: sync_events::Ephemeral { events: edus },
}, },
); ephemeral: sync_events::Ephemeral { events: edus },
};
if !joined_room.is_empty() {
joined_rooms.insert(room_id.clone().try_into().unwrap(), joined_room);
}
} }
let mut left_rooms = BTreeMap::new(); let mut left_rooms = BTreeMap::new();
@ -2368,6 +2390,7 @@ pub fn sync_route(
let pdus = db.rooms.pdus_since(&room_id, since).unwrap(); let pdus = db.rooms.pdus_since(&room_id, since).unwrap();
let room_events = pdus.map(|pdu| pdu.unwrap().to_room_event()).collect(); let room_events = pdus.map(|pdu| pdu.unwrap().to_room_event()).collect();
// TODO: Only until leave point
let mut edus = db let mut edus = db
.rooms .rooms
.edus .edus
@ -2394,38 +2417,40 @@ pub fn sync_route(
); );
} }
left_rooms.insert( let left_room = sync_events::LeftRoom {
room_id.clone().try_into().unwrap(), account_data: sync_events::AccountData { events: Vec::new() },
sync_events::LeftRoom { timeline: sync_events::Timeline {
account_data: Some(sync_events::AccountData { events: Vec::new() }), limited: Some(false),
timeline: sync_events::Timeline { prev_batch: Some(next_batch.clone()),
limited: Some(false), events: room_events,
prev_batch: Some(next_batch.clone()),
events: room_events,
},
state: sync_events::State { events: Vec::new() },
}, },
); state: sync_events::State { events: Vec::new() },
};
if !left_room.is_empty() {
left_rooms.insert(room_id.clone().try_into().unwrap(), left_room);
}
} }
let mut invited_rooms = BTreeMap::new(); let mut invited_rooms = BTreeMap::new();
for room_id in db.rooms.rooms_invited(&user_id) { for room_id in db.rooms.rooms_invited(&user_id) {
let room_id = room_id.unwrap(); let room_id = room_id.unwrap();
invited_rooms.insert( let invited_room = sync_events::InvitedRoom {
room_id.clone(), invite_state: sync_events::InviteState {
sync_events::InvitedRoom { events: db
invite_state: sync_events::InviteState { .rooms
events: db .room_state(&room_id)
.rooms .unwrap()
.room_state(&room_id) .into_iter()
.unwrap() .map(|(_, pdu)| pdu.to_stripped_state_event())
.into_iter() .collect(),
.map(|(_, pdu)| pdu.to_stripped_state_event())
.collect(),
},
}, },
); };
if !invited_room.is_empty() {
invited_rooms.insert(room_id.clone(), invited_room);
}
} }
MatrixResult(Ok(sync_events::Response { MatrixResult(Ok(sync_events::Response {
@ -2460,17 +2485,16 @@ pub fn sync_route(
.map(|(_, v)| v) .map(|(_, v)| v)
.collect(), .collect(),
}, },
device_lists: if since != 0 { device_lists: sync_events::DeviceLists {
Some(sync_events::DeviceLists { changed: if since != 0 {
changed: db db.users
.users
.device_keys_changed(since) .device_keys_changed(since)
.map(|u| u.unwrap()) .map(|u| u.unwrap())
.collect(), .collect()
left: Vec::new(), // TODO } else {
}) Vec::new()
} else { },
None // TODO: left left: Vec::new(), // TODO
}, },
device_one_time_keys_count: Default::default(), // TODO device_one_time_keys_count: Default::default(), // TODO
to_device: sync_events::ToDevice { to_device: sync_events::ToDevice {
@ -2816,14 +2840,18 @@ pub fn get_devices_route(
MatrixResult(Ok(get_devices::Response { devices })) MatrixResult(Ok(get_devices::Response { devices }))
} }
#[get("/_matrix/client/r0/devices/<device_id>", data = "<body>")] #[get("/_matrix/client/r0/devices/<_device_id>", data = "<body>")]
pub fn get_device_route( pub fn get_device_route(
db: State<'_, Database>, db: State<'_, Database>,
body: Ruma<get_device::Request>, body: Ruma<get_device::Request>,
device_id: DeviceId, _device_id: String,
) -> MatrixResult<get_device::Response> { ) -> MatrixResult<get_device::Response> {
let user_id = body.user_id.as_ref().expect("user is authenticated"); let user_id = body.user_id.as_ref().expect("user is authenticated");
let device = db.users.get_device_metadata(&user_id, &device_id).unwrap();
let device = db
.users
.get_device_metadata(&user_id, &body.body.device_id)
.unwrap();
match device { match device {
None => MatrixResult(Err(Error { None => MatrixResult(Err(Error {
@ -2835,14 +2863,18 @@ pub fn get_device_route(
} }
} }
#[put("/_matrix/client/r0/devices/<device_id>", data = "<body>")] #[put("/_matrix/client/r0/devices/<_device_id>", data = "<body>")]
pub fn update_device_route( pub fn update_device_route(
db: State<'_, Database>, db: State<'_, Database>,
body: Ruma<update_device::Request>, body: Ruma<update_device::Request>,
device_id: DeviceId, _device_id: String,
) -> MatrixResult<update_device::Response> { ) -> MatrixResult<update_device::Response> {
let user_id = body.user_id.as_ref().expect("user is authenticated"); let user_id = body.user_id.as_ref().expect("user is authenticated");
let device = db.users.get_device_metadata(&user_id, &device_id).unwrap();
let device = db
.users
.get_device_metadata(&user_id, &body.body.device_id)
.unwrap();
match device { match device {
None => MatrixResult(Err(Error { None => MatrixResult(Err(Error {
@ -2854,7 +2886,7 @@ pub fn update_device_route(
device.display_name = body.display_name.clone(); device.display_name = body.display_name.clone();
db.users db.users
.update_device_metadata(&user_id, &device_id, &device) .update_device_metadata(&user_id, &body.body.device_id, &device)
.unwrap(); .unwrap();
MatrixResult(Ok(update_device::Response)) MatrixResult(Ok(update_device::Response))
@ -2862,14 +2894,50 @@ pub fn update_device_route(
} }
} }
#[delete("/_matrix/client/r0/devices/<device_id>", data = "<body>")] #[delete("/_matrix/client/r0/devices/<_device_id>", data = "<body>")]
pub fn delete_device_route( pub fn delete_device_route(
db: State<'_, Database>, db: State<'_, Database>,
body: Ruma<delete_device::Request>, body: Ruma<delete_device::Request>,
device_id: DeviceId, _device_id: String,
) -> MatrixResult<delete_device::Response> { ) -> MatrixResult<delete_device::Response, UiaaResponse> {
let user_id = body.user_id.as_ref().expect("user is authenticated"); let user_id = body.user_id.as_ref().expect("user is authenticated");
db.users.remove_device(&user_id, &device_id).unwrap(); let device_id = body.device_id.as_ref().expect("user is authenticated");
// UIAA
let uiaainfo = UiaaInfo {
flows: vec![AuthFlow {
stages: vec!["m.login.password".to_owned()],
}],
completed: Vec::new(),
params: Default::default(),
session: Some(utils::random_string(SESSION_ID_LENGTH)),
auth_error: None,
};
if let Some(auth) = &body.auth {
let (worked, uiaainfo) = db
.uiaa
.try_auth(
&user_id,
&device_id,
auth,
&uiaainfo,
&db.users,
&db.globals,
)
.unwrap();
if !worked {
return MatrixResult(Err(UiaaResponse::AuthResponse(uiaainfo)));
}
// Success!
} else {
db.uiaa.create(&user_id, &device_id, &uiaainfo).unwrap();
return MatrixResult(Err(UiaaResponse::AuthResponse(uiaainfo)));
}
db.users
.remove_device(&user_id, &body.body.device_id)
.unwrap();
MatrixResult(Ok(delete_device::Response)) MatrixResult(Ok(delete_device::Response))
} }
@ -2878,8 +2946,42 @@ pub fn delete_device_route(
pub fn delete_devices_route( pub fn delete_devices_route(
db: State<'_, Database>, db: State<'_, Database>,
body: Ruma<delete_devices::Request>, body: Ruma<delete_devices::Request>,
) -> MatrixResult<delete_devices::Response> { ) -> MatrixResult<delete_devices::Response, UiaaResponse> {
let user_id = body.user_id.as_ref().expect("user is authenticated"); let user_id = body.user_id.as_ref().expect("user is authenticated");
let device_id = body.device_id.as_ref().expect("user is authenticated");
// UIAA
let uiaainfo = UiaaInfo {
flows: vec![AuthFlow {
stages: vec!["m.login.password".to_owned()],
}],
completed: Vec::new(),
params: Default::default(),
session: Some(utils::random_string(SESSION_ID_LENGTH)),
auth_error: None,
};
if let Some(auth) = &body.auth {
let (worked, uiaainfo) = db
.uiaa
.try_auth(
&user_id,
&device_id,
auth,
&uiaainfo,
&db.users,
&db.globals,
)
.unwrap();
if !worked {
return MatrixResult(Err(UiaaResponse::AuthResponse(uiaainfo)));
}
// Success!
} else {
db.uiaa.create(&user_id, &device_id, &uiaainfo).unwrap();
return MatrixResult(Err(UiaaResponse::AuthResponse(uiaainfo)));
}
for device_id in &body.devices { for device_id in &body.devices {
db.users.remove_device(&user_id, &device_id).unwrap() db.users.remove_device(&user_id, &device_id).unwrap()
} }

13
src/database.rs
Unescape View File

@ -3,9 +3,11 @@ pub(self) mod global_edus;
pub(self) mod globals; pub(self) mod globals;
pub(self) mod media; pub(self) mod media;
pub(self) mod rooms; pub(self) mod rooms;
pub(self) mod uiaa;
pub(self) mod users; pub(self) mod users;
use directories::ProjectDirs; use directories::ProjectDirs;
use log::info;
use std::fs::remove_dir_all; use std::fs::remove_dir_all;
use rocket::Config; use rocket::Config;
@ -13,6 +15,7 @@ use rocket::Config;
pub struct Database { pub struct Database {
pub globals: globals::Globals, pub globals: globals::Globals,
pub users: users::Users, pub users: users::Users,
pub uiaa: uiaa::Uiaa,
pub rooms: rooms::Rooms, pub rooms: rooms::Rooms,
pub account_data: account_data::AccountData, pub account_data: account_data::AccountData,
pub global_edus: global_edus::GlobalEdus, pub global_edus: global_edus::GlobalEdus,
@ -47,13 +50,10 @@ impl Database {
}); });
let db = sled::open(&path).unwrap(); let db = sled::open(&path).unwrap();
log::info!("Opened sled database at {}", path); info!("Opened sled database at {}", path);
Self { Self {
globals: globals::Globals::load( globals: globals::Globals::load(db.open_tree("global").unwrap(), config),
db.open_tree("global").unwrap(),
server_name.to_owned(),
),
users: users::Users { users: users::Users {
userid_password: db.open_tree("userid_password").unwrap(), userid_password: db.open_tree("userid_password").unwrap(),
userid_displayname: db.open_tree("userid_displayname").unwrap(), userid_displayname: db.open_tree("userid_displayname").unwrap(),
@ -66,6 +66,9 @@ impl Database {
devicekeychangeid_userid: db.open_tree("devicekeychangeid_userid").unwrap(), devicekeychangeid_userid: db.open_tree("devicekeychangeid_userid").unwrap(),
todeviceid_events: db.open_tree("todeviceid_events").unwrap(), todeviceid_events: db.open_tree("todeviceid_events").unwrap(),
}, },
uiaa: uiaa::Uiaa {
userdeviceid_uiaainfo: db.open_tree("userdeviceid_uiaainfo").unwrap(),
},
rooms: rooms::Rooms { rooms: rooms::Rooms {
edus: rooms::RoomEdus { edus: rooms::RoomEdus {
roomuserid_lastread: db.open_tree("roomuserid_lastread").unwrap(), // "Private" read receipt roomuserid_lastread: db.open_tree("roomuserid_lastread").unwrap(), // "Private" read receipt

24
src/database/globals.rs
Unescape View File

@ -4,13 +4,14 @@ pub const COUNTER: &str = "c";
pub struct Globals { pub struct Globals {
pub(super) globals: sled::Tree, pub(super) globals: sled::Tree,
server_name: String,
keypair: ruma::signatures::Ed25519KeyPair, keypair: ruma::signatures::Ed25519KeyPair,
reqwest_client: reqwest::Client, reqwest_client: reqwest::Client,
server_name: String,
registration_disabled: bool,
} }
impl Globals { impl Globals {
pub fn load(globals: sled::Tree, server_name: String) -> Self { pub fn load(globals: sled::Tree, config: &rocket::Config) -> Self {
let keypair = ruma::signatures::Ed25519KeyPair::new( let keypair = ruma::signatures::Ed25519KeyPair::new(
&*globals &*globals
.update_and_fetch("keypair", utils::generate_keypair) .update_and_fetch("keypair", utils::generate_keypair)
@ -22,17 +23,16 @@ impl Globals {
Self { Self {
globals, globals,
server_name,
keypair, keypair,
reqwest_client: reqwest::Client::new(), reqwest_client: reqwest::Client::new(),
server_name: config
.get_str("server_name")
.unwrap_or("localhost")
.to_owned(),
registration_disabled: config.get_bool("registration_disabled").unwrap_or(false),
} }
} }
/// Returns the server_name of the server.
pub fn server_name(&self) -> &str {
&self.server_name
}
/// Returns this server's keypair. /// Returns this server's keypair.
pub fn keypair(&self) -> &ruma::signatures::Ed25519KeyPair { pub fn keypair(&self) -> &ruma::signatures::Ed25519KeyPair {
&self.keypair &self.keypair
@ -58,4 +58,12 @@ impl Globals {
.get(COUNTER)? .get(COUNTER)?
.map_or(0_u64, |bytes| utils::u64_from_bytes(&bytes))) .map_or(0_u64, |bytes| utils::u64_from_bytes(&bytes)))
} }
pub fn server_name(&self) -> &str {
&self.server_name
}
pub fn registration_disabled(&self) -> bool {
self.registration_disabled
}
} }

2
src/database/rooms.rs
Unescape View File

@ -421,7 +421,7 @@ impl Rooms {
auth_events: Vec::new(), auth_events: Vec::new(),
redacts: redacts.clone(), redacts: redacts.clone(),
unsigned, unsigned,
hashes: ruma::api::federation::EventHash { hashes: ruma::api::federation::pdu::EventHash {
sha256: "aaa".to_owned(), sha256: "aaa".to_owned(),
}, },
signatures: HashMap::new(), signatures: HashMap::new(),

161
src/database/uiaa.rs
Unescape View File

@ -0,0 +1,161 @@
use crate::{utils, Error, Result};
use js_int::UInt;
use log::debug;
use ruma::{
api::client::{
error::ErrorKind,
r0::{
device::Device,
keys::{AlgorithmAndDeviceId, DeviceKeys, KeyAlgorithm, OneTimeKey},
uiaa::{AuthData, AuthFlow, UiaaInfo, UiaaResponse},
},
},
events::{to_device::AnyToDeviceEvent, EventJson, EventType},
identifiers::UserId,
};
use serde_json::value::RawValue;
use std::{collections::BTreeMap, convert::TryFrom, time::SystemTime};
pub struct Uiaa {
pub(super) userdeviceid_uiaainfo: sled::Tree, // User-interactive authentication
}
impl Uiaa {
/// Creates a new Uiaa session. Make sure the session token is unique.
pub fn create(&self, user_id: &UserId, device_id: &str, uiaainfo: &UiaaInfo) -> Result<()> {
self.update_uiaa_session(user_id, device_id, Some(uiaainfo))
}
pub fn try_auth(
&self,
user_id: &UserId,
device_id: &str,
auth: &AuthData,
uiaainfo: &UiaaInfo,
users: &super::users::Users,
globals: &super::globals::Globals,
) -> Result<(bool, UiaaInfo)> {
if let AuthData::DirectRequest {
kind,
session,
auth_parameters,
} = &auth
{
let mut uiaainfo = session
.as_ref()
.map(|session| {
Ok::<_, Error>(self.get_uiaa_session(&user_id, &"".to_owned(), session)?)
})
.unwrap_or(Ok(uiaainfo.clone()))?;
// Find out what the user completed
match &**kind {
"m.login.password" => {
if auth_parameters["identifier"]["type"] != "m.id.user" {
panic!("identifier not supported");
}
let user_id = UserId::parse_with_server_name(
auth_parameters["identifier"]["user"].as_str().unwrap(),
globals.server_name(),
)?;
let password = auth_parameters["password"].as_str().unwrap();
// Check if password is correct
if let Some(hash) = users.password_hash(&user_id)? {
let hash_matches =
argon2::verify_encoded(&hash, password.as_bytes()).unwrap_or(false);
if !hash_matches {
debug!("Invalid password.");
uiaainfo.auth_error = Some(ruma::api::client::error::ErrorBody {
kind: ErrorKind::Forbidden,
message: "Invalid username or password.".to_owned(),
});
return Ok((false, uiaainfo));
}
}
// Password was correct! Let's add it to `completed`
uiaainfo.completed.push("m.login.password".to_owned());
}
"m.login.dummy" => {
uiaainfo.completed.push("m.login.dummy".to_owned());
}
k => panic!("type not supported: {}", k),
}
// Check if a flow now succeeds
let mut completed = false;
'flows: for flow in &mut uiaainfo.flows {
for stage in &flow.stages {
if !uiaainfo.completed.contains(stage) {
continue 'flows;
}
}
// We didn't break, so this flow succeeded!
completed = true;
}
if !completed {
self.update_uiaa_session(user_id, device_id, Some(&uiaainfo))?;
return Ok((false, uiaainfo));
}
// UIAA was successful! Remove this session and return true
self.update_uiaa_session(user_id, device_id, None)?;
return Ok((true, uiaainfo));
} else {
panic!("FallbackAcknowledgement is not supported yet");
}
}
fn update_uiaa_session(
&self,
user_id: &UserId,
device_id: &str,
uiaainfo: Option<&UiaaInfo>,
) -> Result<()> {
let mut userdeviceid = user_id.to_string().as_bytes().to_vec();
userdeviceid.push(0xff);
userdeviceid.extend_from_slice(device_id.as_bytes());
if let Some(uiaainfo) = uiaainfo {
self.userdeviceid_uiaainfo
.insert(&userdeviceid, &*serde_json::to_string(&uiaainfo)?)?;
} else {
self.userdeviceid_uiaainfo.remove(&userdeviceid)?;
}
Ok(())
}
fn get_uiaa_session(
&self,
user_id: &UserId,
device_id: &str,
session: &str,
) -> Result<UiaaInfo> {
let mut userdeviceid = user_id.to_string().as_bytes().to_vec();
userdeviceid.push(0xff);
userdeviceid.extend_from_slice(device_id.as_bytes());
let uiaainfo = serde_json::from_slice::<UiaaInfo>(
&self
.userdeviceid_uiaainfo
.get(&userdeviceid)?
.ok_or(Error::BadRequest("session does not exist"))?,
)?;
if uiaainfo
.session
.as_ref()
.filter(|&s| s == session)
.is_none()
{
return Err(Error::BadRequest("wrong session token"));
}
Ok(uiaainfo)
}
}

34
src/database/users.rs
Unescape View File

@ -6,7 +6,7 @@ use ruma::{
keys::{AlgorithmAndDeviceId, DeviceKeys, KeyAlgorithm, OneTimeKey}, keys::{AlgorithmAndDeviceId, DeviceKeys, KeyAlgorithm, OneTimeKey},
}, },
events::{to_device::AnyToDeviceEvent, EventJson, EventType}, events::{to_device::AnyToDeviceEvent, EventJson, EventType},
identifiers::{DeviceId, UserId}, identifiers::UserId,
}; };
use std::{collections::BTreeMap, convert::TryFrom, time::SystemTime}; use std::{collections::BTreeMap, convert::TryFrom, time::SystemTime};
@ -113,7 +113,7 @@ impl Users {
pub fn create_device( pub fn create_device(
&self, &self,
user_id: &UserId, user_id: &UserId,
device_id: &DeviceId, device_id: &str,
token: &str, token: &str,
initial_device_display_name: Option<String>, initial_device_display_name: Option<String>,
) -> Result<()> { ) -> Result<()> {
@ -130,7 +130,7 @@ impl Users {
self.userdeviceid_metadata.insert( self.userdeviceid_metadata.insert(
userdeviceid, userdeviceid,
serde_json::to_string(&Device { serde_json::to_string(&Device {
device_id: device_id.clone(), device_id: device_id.to_owned(),
display_name: initial_device_display_name, display_name: initial_device_display_name,
last_seen_ip: None, // TODO last_seen_ip: None, // TODO
last_seen_ts: Some(SystemTime::now()), last_seen_ts: Some(SystemTime::now()),
@ -144,7 +144,7 @@ impl Users {
} }
/// Removes a device from a user. /// Removes a device from a user.
pub fn remove_device(&self, user_id: &UserId, device_id: &DeviceId) -> Result<()> { pub fn remove_device(&self, user_id: &UserId, device_id: &str) -> Result<()> {
let mut userdeviceid = user_id.to_string().as_bytes().to_vec(); let mut userdeviceid = user_id.to_string().as_bytes().to_vec();
userdeviceid.push(0xff); userdeviceid.push(0xff);
userdeviceid.extend_from_slice(device_id.as_bytes()); userdeviceid.extend_from_slice(device_id.as_bytes());
@ -173,7 +173,7 @@ impl Users {
} }
/// Returns an iterator over all device ids of this user. /// Returns an iterator over all device ids of this user.
pub fn all_device_ids(&self, user_id: &UserId) -> impl Iterator<Item = Result<DeviceId>> { pub fn all_device_ids(&self, user_id: &UserId) -> impl Iterator<Item = Result<String>> {
let mut prefix = user_id.to_string().as_bytes().to_vec(); let mut prefix = user_id.to_string().as_bytes().to_vec();
prefix.push(0xff); prefix.push(0xff);
// All devices have metadata // All devices have metadata
@ -191,7 +191,7 @@ impl Users {
} }
/// Replaces the access token of one device. /// Replaces the access token of one device.
pub fn set_token(&self, user_id: &UserId, device_id: &DeviceId, token: &str) -> Result<()> { pub fn set_token(&self, user_id: &UserId, device_id: &str, token: &str) -> Result<()> {
let mut userdeviceid = user_id.to_string().as_bytes().to_vec(); let mut userdeviceid = user_id.to_string().as_bytes().to_vec();
userdeviceid.push(0xff); userdeviceid.push(0xff);
userdeviceid.extend_from_slice(device_id.as_bytes()); userdeviceid.extend_from_slice(device_id.as_bytes());
@ -219,7 +219,7 @@ impl Users {
pub fn add_one_time_key( pub fn add_one_time_key(
&self, &self,
user_id: &UserId, user_id: &UserId,
device_id: &DeviceId, device_id: &str,
one_time_key_key: &AlgorithmAndDeviceId, one_time_key_key: &AlgorithmAndDeviceId,
one_time_key_value: &OneTimeKey, one_time_key_value: &OneTimeKey,
) -> Result<()> { ) -> Result<()> {
@ -248,7 +248,7 @@ impl Users {
pub fn take_one_time_key( pub fn take_one_time_key(
&self, &self,
user_id: &UserId, user_id: &UserId,
device_id: &DeviceId, device_id: &str,
key_algorithm: &KeyAlgorithm, key_algorithm: &KeyAlgorithm,
) -> Result<Option<(AlgorithmAndDeviceId, OneTimeKey)>> { ) -> Result<Option<(AlgorithmAndDeviceId, OneTimeKey)>> {
let mut prefix = user_id.to_string().as_bytes().to_vec(); let mut prefix = user_id.to_string().as_bytes().to_vec();
@ -282,7 +282,7 @@ impl Users {
pub fn count_one_time_keys( pub fn count_one_time_keys(
&self, &self,
user_id: &UserId, user_id: &UserId,
device_id: &DeviceId, device_id: &str,
) -> Result<BTreeMap<KeyAlgorithm, UInt>> { ) -> Result<BTreeMap<KeyAlgorithm, UInt>> {
let mut userdeviceid = user_id.to_string().as_bytes().to_vec(); let mut userdeviceid = user_id.to_string().as_bytes().to_vec();
userdeviceid.push(0xff); userdeviceid.push(0xff);
@ -315,7 +315,7 @@ impl Users {
pub fn add_device_keys( pub fn add_device_keys(
&self, &self,
user_id: &UserId, user_id: &UserId,
device_id: &DeviceId, device_id: &str,
device_keys: &DeviceKeys, device_keys: &DeviceKeys,
globals: &super::globals::Globals, globals: &super::globals::Globals,
) -> Result<()> { ) -> Result<()> {
@ -335,7 +335,7 @@ impl Users {
pub fn get_device_keys( pub fn get_device_keys(
&self, &self,
user_id: &UserId, user_id: &UserId,
device_id: &DeviceId, device_id: &str,
) -> impl Iterator<Item = Result<DeviceKeys>> { ) -> impl Iterator<Item = Result<DeviceKeys>> {
let mut key = user_id.to_string().as_bytes().to_vec(); let mut key = user_id.to_string().as_bytes().to_vec();
key.push(0xff); key.push(0xff);
@ -376,7 +376,7 @@ impl Users {
&self, &self,
sender: &UserId, sender: &UserId,
target_user_id: &UserId, target_user_id: &UserId,
target_device_id: &DeviceId, target_device_id: &str,
event_type: &EventType, event_type: &EventType,
content: serde_json::Value, content: serde_json::Value,
globals: &super::globals::Globals, globals: &super::globals::Globals,
@ -401,7 +401,7 @@ impl Users {
pub fn take_to_device_events( pub fn take_to_device_events(
&self, &self,
user_id: &UserId, user_id: &UserId,
device_id: &DeviceId, device_id: &str,
max: usize, max: usize,
) -> Result<Vec<EventJson<AnyToDeviceEvent>>> { ) -> Result<Vec<EventJson<AnyToDeviceEvent>>> {
let mut events = Vec::new(); let mut events = Vec::new();
@ -423,7 +423,7 @@ impl Users {
pub fn update_device_metadata( pub fn update_device_metadata(
&self, &self,
user_id: &UserId, user_id: &UserId,
device_id: &DeviceId, device_id: &str,
device: &Device, device: &Device,
) -> Result<()> { ) -> Result<()> {
let mut userdeviceid = user_id.to_string().as_bytes().to_vec(); let mut userdeviceid = user_id.to_string().as_bytes().to_vec();
@ -441,11 +441,7 @@ impl Users {
} }
/// Get device metadata. /// Get device metadata.
pub fn get_device_metadata( pub fn get_device_metadata(&self, user_id: &UserId, device_id: &str) -> Result<Option<Device>> {
&self,
user_id: &UserId,
device_id: &DeviceId,
) -> Result<Option<Device>> {
let mut userdeviceid = user_id.to_string().as_bytes().to_vec(); let mut userdeviceid = user_id.to_string().as_bytes().to_vec();
userdeviceid.push(0xff); userdeviceid.push(0xff);
userdeviceid.extend_from_slice(device_id.as_bytes()); userdeviceid.extend_from_slice(device_id.as_bytes());

2
src/pdu.rs
Unescape View File

@ -1,6 +1,6 @@
use js_int::UInt; use js_int::UInt;
use ruma::{ use ruma::{
api::federation::EventHash, api::federation::pdu::EventHash,
events::{ events::{
collections::all::{RoomEvent, StateEvent}, collections::all::{RoomEvent, StateEvent},
stripped::AnyStrippedStateEvent, stripped::AnyStrippedStateEvent,

Write Preview
Loading…
Cancel
Save