mirror of
https://github.com/element-hq/synapse
synced 2024-10-06 22:52:40 +00:00
Move event contents into third_party_layout field
This commit is contained in:
Daniel Wagner-Hall
parent
32a453d7ba
commit
17dffef5ec
7 changed files with 35 additions and 21 deletions
|
|
@ -374,24 +374,24 @@ class Auth(object):
|
||||||
return True
|
return True
|
||||||
|
|
||||||
def _verify_third_party_invite(self, event, auth_events):
|
def _verify_third_party_invite(self, event, auth_events):
|
||||||
for key in ThirdPartyInvites.JOIN_KEYS:
|
if not ThirdPartyInvites.join_has_third_party_invite(event.content):
|
||||||
if key not in event.content:
|
|
||||||
return False
|
return False
|
||||||
token = event.content["token"]
|
join_third_party_invite = event.content["third_party_invite"]
|
||||||
|
token = join_third_party_invite["token"]
|
||||||
invite_event = auth_events.get(
|
invite_event = auth_events.get(
|
||||||
(EventTypes.ThirdPartyInvite, token,)
|
(EventTypes.ThirdPartyInvite, token,)
|
||||||
)
|
)
|
||||||
if not invite_event:
|
if not invite_event:
|
||||||
return False
|
return False
|
||||||
try:
|
try:
|
||||||
public_key = event.content["public_key"]
|
public_key = join_third_party_invite["public_key"]
|
||||||
key_validity_url = event.content["key_validity_url"]
|
key_validity_url = join_third_party_invite["key_validity_url"]
|
||||||
if invite_event.content["public_key"] != public_key:
|
if invite_event.content["public_key"] != public_key:
|
||||||
return False
|
return False
|
||||||
if invite_event.content["key_validity_url"] != key_validity_url:
|
if invite_event.content["key_validity_url"] != key_validity_url:
|
||||||
return False
|
return False
|
||||||
verify_key = nacl.signing.VerifyKey(decode_base64(public_key))
|
verify_key = nacl.signing.VerifyKey(decode_base64(public_key))
|
||||||
encoded_signature = event.content["signature"]
|
encoded_signature = join_third_party_invite["signature"]
|
||||||
signature = decode_base64(encoded_signature)
|
signature = decode_base64(encoded_signature)
|
||||||
verify_key.verify(token, signature)
|
verify_key.verify(token, signature)
|
||||||
return True
|
return True
|
||||||
|
|
@ -677,8 +677,11 @@ class Auth(object):
|
||||||
if e_type == Membership.JOIN:
|
if e_type == Membership.JOIN:
|
||||||
if member_event and not is_public:
|
if member_event and not is_public:
|
||||||
auth_ids.append(member_event.event_id)
|
auth_ids.append(member_event.event_id)
|
||||||
if ThirdPartyInvites.has_join_keys(event.content):
|
if ThirdPartyInvites.join_has_third_party_invite(event.content):
|
||||||
key = (EventTypes.ThirdPartyInvite, event.content["token"])
|
key = (
|
||||||
|
EventTypes.ThirdPartyInvite,
|
||||||
|
event.content["third_party_invite"]["token"]
|
||||||
|
)
|
||||||
invite = current_state.get(key)
|
invite = current_state.get(key)
|
||||||
if invite:
|
if invite:
|
||||||
auth_ids.append(invite.event_id)
|
auth_ids.append(invite.event_id)
|
||||||
|
|
|
||||||
|
|
@ -363,8 +363,8 @@ class FederationClient(FederationBase):
|
||||||
continue
|
continue
|
||||||
|
|
||||||
args = {}
|
args = {}
|
||||||
if ThirdPartyInvites.has_join_keys(content):
|
if ThirdPartyInvites.join_has_third_party_invite(content):
|
||||||
ThirdPartyInvites.copy_join_keys(content, args)
|
ThirdPartyInvites.copy_join_keys(content["third_party_invite"], args)
|
||||||
try:
|
try:
|
||||||
ret = yield self.transport_layer.make_join(
|
ret = yield self.transport_layer.make_join(
|
||||||
destination, room_id, user_id, args
|
destination, room_id, user_id, args
|
||||||
|
|
|
||||||
|
|
@ -127,7 +127,7 @@ class BaseHandler(object):
|
||||||
if (
|
if (
|
||||||
event.type == EventTypes.Member and
|
event.type == EventTypes.Member and
|
||||||
event.content["membership"] == Membership.JOIN and
|
event.content["membership"] == Membership.JOIN and
|
||||||
ThirdPartyInvites.has_join_keys(event.content)
|
ThirdPartyInvites.join_has_third_party_invite(event.content)
|
||||||
):
|
):
|
||||||
yield ThirdPartyInvites.check_key_valid(
|
yield ThirdPartyInvites.check_key_valid(
|
||||||
self.hs.get_simple_http_client(),
|
self.hs.get_simple_http_client(),
|
||||||
|
|
|
||||||
|
|
@ -705,7 +705,8 @@ class FederationHandler(BaseHandler):
|
||||||
"""
|
"""
|
||||||
event_content = {"membership": Membership.JOIN}
|
event_content = {"membership": Membership.JOIN}
|
||||||
if ThirdPartyInvites.has_join_keys(query):
|
if ThirdPartyInvites.has_join_keys(query):
|
||||||
ThirdPartyInvites.copy_join_keys(query, event_content)
|
event_content["third_party_invite"] = {}
|
||||||
|
ThirdPartyInvites.copy_join_keys(query, event_content["third_party_invite"])
|
||||||
|
|
||||||
builder = self.event_builder_factory.new({
|
builder = self.event_builder_factory.new({
|
||||||
"type": EventTypes.Member,
|
"type": EventTypes.Member,
|
||||||
|
|
@ -721,7 +722,7 @@ class FederationHandler(BaseHandler):
|
||||||
|
|
||||||
self.auth.check(event, auth_events=context.current_state)
|
self.auth.check(event, auth_events=context.current_state)
|
||||||
|
|
||||||
if ThirdPartyInvites.has_join_keys(event.content):
|
if ThirdPartyInvites.join_has_third_party_invite(event.content):
|
||||||
ThirdPartyInvites.check_key_valid(self.hs.get_simple_http_client(), event)
|
ThirdPartyInvites.check_key_valid(self.hs.get_simple_http_client(), event)
|
||||||
|
|
||||||
defer.returnValue(event)
|
defer.returnValue(event)
|
||||||
|
|
|
||||||
|
|
@ -483,8 +483,11 @@ class RoomMemberHandler(BaseHandler):
|
||||||
|
|
||||||
should_do_dance = not self.hs.is_mine(inviter)
|
should_do_dance = not self.hs.is_mine(inviter)
|
||||||
room_hosts = [inviter.domain]
|
room_hosts = [inviter.domain]
|
||||||
elif "sender" in event.content:
|
elif "third_party_invite" in event.content:
|
||||||
inviter = UserID.from_string(event.content["sender"])
|
if "sender" in event.content["third_party_invite"]:
|
||||||
|
inviter = UserID.from_string(
|
||||||
|
event.content["third_party_invite"]["sender"]
|
||||||
|
)
|
||||||
should_do_dance = not self.hs.is_mine(inviter)
|
should_do_dance = not self.hs.is_mine(inviter)
|
||||||
room_hosts = [inviter.domain]
|
room_hosts = [inviter.domain]
|
||||||
else:
|
else:
|
||||||
|
|
|
||||||
|
|
@ -456,7 +456,8 @@ class RoomMembershipRestServlet(ClientV1RestServlet):
|
||||||
}
|
}
|
||||||
|
|
||||||
if membership_action == "join" and ThirdPartyInvites.has_join_keys(content):
|
if membership_action == "join" and ThirdPartyInvites.has_join_keys(content):
|
||||||
ThirdPartyInvites.copy_join_keys(content, event_content)
|
event_content["third_party_invite"] = {}
|
||||||
|
ThirdPartyInvites.copy_join_keys(content, event_content["third_party_invite"])
|
||||||
|
|
||||||
yield msg_handler.create_and_send_event(
|
yield msg_handler.create_and_send_event(
|
||||||
{
|
{
|
||||||
|
|
|
||||||
|
|
@ -42,6 +42,12 @@ class ThirdPartyInvites(object):
|
||||||
return False
|
return False
|
||||||
return True
|
return True
|
||||||
|
|
||||||
|
@classmethod
|
||||||
|
def join_has_third_party_invite(cls, content):
|
||||||
|
if "third_party_invite" not in content:
|
||||||
|
return False
|
||||||
|
return cls.has_join_keys(content["third_party_invite"])
|
||||||
|
|
||||||
@classmethod
|
@classmethod
|
||||||
def copy_join_keys(cls, src, dst):
|
def copy_join_keys(cls, src, dst):
|
||||||
for key in cls.JOIN_KEYS:
|
for key in cls.JOIN_KEYS:
|
||||||
|
|
@ -53,8 +59,8 @@ class ThirdPartyInvites(object):
|
||||||
def check_key_valid(cls, http_client, event):
|
def check_key_valid(cls, http_client, event):
|
||||||
try:
|
try:
|
||||||
response = yield http_client.get_json(
|
response = yield http_client.get_json(
|
||||||
event.content["key_validity_url"],
|
event.content["third_party_invite"]["key_validity_url"],
|
||||||
{"public_key": event.content["public_key"]}
|
{"public_key": event.content["third_party_invite"]["public_key"]}
|
||||||
)
|
)
|
||||||
if not response["valid"]:
|
if not response["valid"]:
|
||||||
raise AuthError(403, "Third party certificate was invalid")
|
raise AuthError(403, "Third party certificate was invalid")
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue