2018-07-09 02:09:20 -04:00
|
|
|
import json
|
|
|
|
|
|
|
|
|
|
from mock import Mock
|
|
|
|
|
|
2017-12-04 10:47:27 -05:00
|
|
|
from twisted.python import failure
|
2018-07-17 06:43:18 -04:00
|
|
|
from twisted.test.proto_helpers import MemoryReactorClock
|
2017-12-04 10:47:27 -05:00
|
|
|
|
2018-07-17 06:43:18 -04:00
|
|
|
from synapse.api.errors import InteractiveAuthIncompleteError
|
|
|
|
|
from synapse.http.server import JsonResource
|
|
|
|
|
from synapse.rest.client.v2_alpha.register import register_servlets
|
|
|
|
|
from synapse.util import Clock
|
2018-07-09 02:09:20 -04:00
|
|
|
|
2015-07-28 12:34:12 -04:00
|
|
|
from tests import unittest
|
2018-08-15 09:43:41 -04:00
|
|
|
from tests.server import make_request, render, setup_test_homeserver
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class RegisterRestServletTestCase(unittest.TestCase):
|
|
|
|
|
def setUp(self):
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.clock = MemoryReactorClock()
|
|
|
|
|
self.hs_clock = Clock(self.clock)
|
|
|
|
|
self.url = b"/_matrix/client/r0/register"
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
self.appservice = None
|
2018-07-17 06:43:18 -04:00
|
|
|
self.auth = Mock(
|
|
|
|
|
get_appservice_by_req=Mock(side_effect=lambda x: self.appservice)
|
2015-07-28 12:34:12 -04:00
|
|
|
)
|
|
|
|
|
|
2017-12-04 10:47:27 -05:00
|
|
|
self.auth_result = failure.Failure(InteractiveAuthIncompleteError(None))
|
2015-07-28 12:34:12 -04:00
|
|
|
self.auth_handler = Mock(
|
2016-03-16 10:25:14 -04:00
|
|
|
check_auth=Mock(side_effect=lambda x, y, z: self.auth_result),
|
2018-07-17 06:43:18 -04:00
|
|
|
get_session_data=Mock(return_value=None),
|
2015-07-28 12:34:12 -04:00
|
|
|
)
|
|
|
|
|
self.registration_handler = Mock()
|
|
|
|
|
self.identity_handler = Mock()
|
|
|
|
|
self.login_handler = Mock()
|
2016-07-19 13:38:26 -04:00
|
|
|
self.device_handler = Mock()
|
2018-07-17 06:43:18 -04:00
|
|
|
self.device_handler.check_device_registered = Mock(return_value="FAKE")
|
|
|
|
|
|
|
|
|
|
self.datastore = Mock(return_value=Mock())
|
|
|
|
|
self.datastore.get_current_state_deltas = Mock(return_value=[])
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
# do the dance to hook it up to the hs global
|
|
|
|
|
self.handlers = Mock(
|
|
|
|
|
registration_handler=self.registration_handler,
|
|
|
|
|
identity_handler=self.identity_handler,
|
2018-07-17 06:43:18 -04:00
|
|
|
login_handler=self.login_handler,
|
|
|
|
|
)
|
|
|
|
|
self.hs = setup_test_homeserver(
|
2018-08-13 02:47:46 -04:00
|
|
|
self.addCleanup, http_client=None, clock=self.hs_clock, reactor=self.clock
|
2015-07-28 12:34:12 -04:00
|
|
|
)
|
|
|
|
|
self.hs.get_auth = Mock(return_value=self.auth)
|
|
|
|
|
self.hs.get_handlers = Mock(return_value=self.handlers)
|
2016-06-02 08:31:45 -04:00
|
|
|
self.hs.get_auth_handler = Mock(return_value=self.auth_handler)
|
2016-07-19 13:38:26 -04:00
|
|
|
self.hs.get_device_handler = Mock(return_value=self.device_handler)
|
2018-07-17 06:43:18 -04:00
|
|
|
self.hs.get_datastore = Mock(return_value=self.datastore)
|
2016-02-03 09:42:01 -05:00
|
|
|
self.hs.config.enable_registration = True
|
2018-01-18 19:28:08 -05:00
|
|
|
self.hs.config.registrations_require_3pid = []
|
2017-10-17 05:39:50 -04:00
|
|
|
self.hs.config.auto_join_rooms = []
|
2015-07-28 12:34:12 -04:00
|
|
|
|
2018-07-17 06:43:18 -04:00
|
|
|
self.resource = JsonResource(self.hs)
|
|
|
|
|
register_servlets(self.hs, self.resource)
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
def test_POST_appservice_registration_valid(self):
|
|
|
|
|
user_id = "@kermit:muppet"
|
|
|
|
|
token = "kermits_access_token"
|
2018-07-17 06:43:18 -04:00
|
|
|
self.appservice = {"id": "1234"}
|
|
|
|
|
self.registration_handler.appservice_register = Mock(return_value=user_id)
|
|
|
|
|
self.auth_handler.get_access_token_for_user_id = Mock(return_value=token)
|
|
|
|
|
request_data = json.dumps({"username": "kermit"})
|
|
|
|
|
|
|
|
|
|
request, channel = make_request(
|
|
|
|
|
b"POST", self.url + b"?access_token=i_am_an_app_service", request_data
|
2016-07-22 09:52:53 -04:00
|
|
|
)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2016-07-19 13:46:19 -04:00
|
|
|
|
2018-07-17 06:43:18 -04:00
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2016-03-09 18:08:37 -05:00
|
|
|
det_data = {
|
2016-03-10 04:13:35 -05:00
|
|
|
"user_id": user_id,
|
|
|
|
|
"access_token": token,
|
2018-07-17 06:43:18 -04:00
|
|
|
"home_server": self.hs.hostname,
|
2016-03-09 18:08:37 -05:00
|
|
|
}
|
2018-08-08 22:22:01 -04:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
def test_POST_appservice_registration_invalid(self):
|
|
|
|
|
self.appservice = None # no application service exists
|
2018-07-17 06:43:18 -04:00
|
|
|
request_data = json.dumps({"username": "kermit"})
|
|
|
|
|
request, channel = make_request(
|
|
|
|
|
b"POST", self.url + b"?access_token=i_am_an_app_service", request_data
|
|
|
|
|
)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"401", channel.result)
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
def test_POST_bad_password(self):
|
2018-07-17 06:43:18 -04:00
|
|
|
request_data = json.dumps({"username": "kermit", "password": 666})
|
|
|
|
|
request, channel = make_request(b"POST", self.url, request_data)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"400", channel.result)
|
2018-08-10 09:54:09 -04:00
|
|
|
self.assertEquals(channel.json_body["error"], "Invalid password")
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
def test_POST_bad_username(self):
|
2018-07-17 06:43:18 -04:00
|
|
|
request_data = json.dumps({"username": 777, "password": "monkey"})
|
|
|
|
|
request, channel = make_request(b"POST", self.url, request_data)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"400", channel.result)
|
2018-08-10 09:54:09 -04:00
|
|
|
self.assertEquals(channel.json_body["error"], "Invalid username")
|
2018-07-17 06:43:18 -04:00
|
|
|
|
2015-07-28 12:34:12 -04:00
|
|
|
def test_POST_user_valid(self):
|
|
|
|
|
user_id = "@kermit:muppet"
|
|
|
|
|
token = "kermits_access_token"
|
2016-07-19 13:38:26 -04:00
|
|
|
device_id = "frogfone"
|
2018-07-17 06:43:18 -04:00
|
|
|
request_data = json.dumps(
|
|
|
|
|
{"username": "kermit", "password": "monkey", "device_id": device_id}
|
|
|
|
|
)
|
2015-07-28 12:34:12 -04:00
|
|
|
self.registration_handler.check_username = Mock(return_value=True)
|
2018-07-17 06:43:18 -04:00
|
|
|
self.auth_result = (None, {"username": "kermit", "password": "monkey"}, None)
|
2016-07-19 08:12:22 -04:00
|
|
|
self.registration_handler.register = Mock(return_value=(user_id, None))
|
2018-07-17 06:43:18 -04:00
|
|
|
self.auth_handler.get_access_token_for_user_id = Mock(return_value=token)
|
|
|
|
|
self.device_handler.check_device_registered = Mock(return_value=device_id)
|
|
|
|
|
|
|
|
|
|
request, channel = make_request(b"POST", self.url, request_data)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2015-07-28 12:34:12 -04:00
|
|
|
|
2016-03-09 18:08:37 -05:00
|
|
|
det_data = {
|
2016-03-10 04:13:35 -05:00
|
|
|
"user_id": user_id,
|
|
|
|
|
"access_token": token,
|
2016-07-19 13:38:26 -04:00
|
|
|
"home_server": self.hs.hostname,
|
|
|
|
|
"device_id": device_id,
|
2016-03-09 18:08:37 -05:00
|
|
|
}
|
2018-07-17 06:43:18 -04:00
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2018-08-08 22:22:01 -04:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2016-07-22 09:52:53 -04:00
|
|
|
self.auth_handler.get_login_tuple_for_user_id(
|
2018-07-17 06:43:18 -04:00
|
|
|
user_id, device_id=device_id, initial_device_display_name=None
|
|
|
|
|
)
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
def test_POST_disabled_registration(self):
|
2016-02-03 09:42:01 -05:00
|
|
|
self.hs.config.enable_registration = False
|
2018-07-17 06:43:18 -04:00
|
|
|
request_data = json.dumps({"username": "kermit", "password": "monkey"})
|
2015-07-28 12:34:12 -04:00
|
|
|
self.registration_handler.check_username = Mock(return_value=True)
|
2018-07-17 06:43:18 -04:00
|
|
|
self.auth_result = (None, {"username": "kermit", "password": "monkey"}, None)
|
2015-07-28 12:34:12 -04:00
|
|
|
self.registration_handler.register = Mock(return_value=("@user:id", "t"))
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
request, channel = make_request(b"POST", self.url, request_data)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"403", channel.result)
|
2018-08-10 09:54:09 -04:00
|
|
|
self.assertEquals(channel.json_body["error"], "Registration has been disabled")
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
def test_POST_guest_registration(self):
|
|
|
|
|
user_id = "a@b"
|
|
|
|
|
self.hs.config.macaroon_secret_key = "test"
|
|
|
|
|
self.hs.config.allow_guest_access = True
|
|
|
|
|
self.registration_handler.register = Mock(return_value=(user_id, None))
|
|
|
|
|
|
|
|
|
|
request, channel = make_request(b"POST", self.url + b"?kind=guest", b"{}")
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
det_data = {
|
|
|
|
|
"user_id": user_id,
|
|
|
|
|
"home_server": self.hs.hostname,
|
|
|
|
|
"device_id": "guest_device",
|
|
|
|
|
}
|
|
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2018-08-08 22:22:01 -04:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
def test_POST_disabled_guest_registration(self):
|
|
|
|
|
self.hs.config.allow_guest_access = False
|
|
|
|
|
|
|
|
|
|
request, channel = make_request(b"POST", self.url + b"?kind=guest", b"{}")
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"403", channel.result)
|
2018-08-10 09:54:09 -04:00
|
|
|
self.assertEquals(channel.json_body["error"], "Guest access is disabled")
|
