2018-07-09 02:09:20 -04:00
|
|
|
import json
|
2018-10-18 15:03:46 -04:00
|
|
|
import six
|
2018-07-09 02:09:20 -04:00
|
|
|
|
|
|
|
|
from mock import Mock
|
|
|
|
|
|
2017-12-04 10:47:27 -05:00
|
|
|
from twisted.python import failure
|
2018-07-17 06:43:18 -04:00
|
|
|
from twisted.test.proto_helpers import MemoryReactorClock
|
2017-12-04 10:47:27 -05:00
|
|
|
|
2018-07-17 06:43:18 -04:00
|
|
|
from synapse.api.errors import InteractiveAuthIncompleteError
|
|
|
|
|
from synapse.http.server import JsonResource
|
|
|
|
|
from synapse.rest.client.v2_alpha.register import register_servlets
|
|
|
|
|
from synapse.util import Clock
|
2018-07-09 02:09:20 -04:00
|
|
|
|
2015-07-28 12:34:12 -04:00
|
|
|
from tests import unittest
|
2018-08-15 09:43:41 -04:00
|
|
|
from tests.server import make_request, render, setup_test_homeserver
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class RegisterRestServletTestCase(unittest.TestCase):
|
|
|
|
|
def setUp(self):
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.clock = MemoryReactorClock()
|
|
|
|
|
self.hs_clock = Clock(self.clock)
|
|
|
|
|
self.url = b"/_matrix/client/r0/register"
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
self.appservice = None
|
2018-07-17 06:43:18 -04:00
|
|
|
self.auth = Mock(
|
|
|
|
|
get_appservice_by_req=Mock(side_effect=lambda x: self.appservice)
|
2015-07-28 12:34:12 -04:00
|
|
|
)
|
|
|
|
|
|
2017-12-04 10:47:27 -05:00
|
|
|
self.auth_result = failure.Failure(InteractiveAuthIncompleteError(None))
|
2015-07-28 12:34:12 -04:00
|
|
|
self.auth_handler = Mock(
|
2016-03-16 10:25:14 -04:00
|
|
|
check_auth=Mock(side_effect=lambda x, y, z: self.auth_result),
|
2018-07-17 06:43:18 -04:00
|
|
|
get_session_data=Mock(return_value=None),
|
2015-07-28 12:34:12 -04:00
|
|
|
)
|
|
|
|
|
self.registration_handler = Mock()
|
|
|
|
|
self.identity_handler = Mock()
|
|
|
|
|
self.login_handler = Mock()
|
2016-07-19 13:38:26 -04:00
|
|
|
self.device_handler = Mock()
|
2018-07-17 06:43:18 -04:00
|
|
|
self.device_handler.check_device_registered = Mock(return_value="FAKE")
|
|
|
|
|
|
|
|
|
|
self.datastore = Mock(return_value=Mock())
|
|
|
|
|
self.datastore.get_current_state_deltas = Mock(return_value=[])
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
# do the dance to hook it up to the hs global
|
|
|
|
|
self.handlers = Mock(
|
|
|
|
|
registration_handler=self.registration_handler,
|
|
|
|
|
identity_handler=self.identity_handler,
|
2018-07-17 06:43:18 -04:00
|
|
|
login_handler=self.login_handler,
|
|
|
|
|
)
|
|
|
|
|
self.hs = setup_test_homeserver(
|
2018-08-13 02:47:46 -04:00
|
|
|
self.addCleanup, http_client=None, clock=self.hs_clock, reactor=self.clock
|
2015-07-28 12:34:12 -04:00
|
|
|
)
|
|
|
|
|
self.hs.get_auth = Mock(return_value=self.auth)
|
|
|
|
|
self.hs.get_handlers = Mock(return_value=self.handlers)
|
2016-06-02 08:31:45 -04:00
|
|
|
self.hs.get_auth_handler = Mock(return_value=self.auth_handler)
|
2016-07-19 13:38:26 -04:00
|
|
|
self.hs.get_device_handler = Mock(return_value=self.device_handler)
|
2018-07-17 06:43:18 -04:00
|
|
|
self.hs.get_datastore = Mock(return_value=self.datastore)
|
2016-02-03 09:42:01 -05:00
|
|
|
self.hs.config.enable_registration = True
|
2018-01-18 19:28:08 -05:00
|
|
|
self.hs.config.registrations_require_3pid = []
|
2017-10-17 05:39:50 -04:00
|
|
|
self.hs.config.auto_join_rooms = []
|
2015-07-28 12:34:12 -04:00
|
|
|
|
2018-07-17 06:43:18 -04:00
|
|
|
self.resource = JsonResource(self.hs)
|
|
|
|
|
register_servlets(self.hs, self.resource)
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
def test_POST_appservice_registration_valid(self):
|
|
|
|
|
user_id = "@kermit:muppet"
|
|
|
|
|
token = "kermits_access_token"
|
2018-07-17 06:43:18 -04:00
|
|
|
self.appservice = {"id": "1234"}
|
|
|
|
|
self.registration_handler.appservice_register = Mock(return_value=user_id)
|
|
|
|
|
self.auth_handler.get_access_token_for_user_id = Mock(return_value=token)
|
|
|
|
|
request_data = json.dumps({"username": "kermit"})
|
|
|
|
|
|
|
|
|
|
request, channel = make_request(
|
|
|
|
|
b"POST", self.url + b"?access_token=i_am_an_app_service", request_data
|
2016-07-22 09:52:53 -04:00
|
|
|
)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2016-07-19 13:46:19 -04:00
|
|
|
|
2018-07-17 06:43:18 -04:00
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2016-03-09 18:08:37 -05:00
|
|
|
det_data = {
|
2016-03-10 04:13:35 -05:00
|
|
|
"user_id": user_id,
|
|
|
|
|
"access_token": token,
|
2018-07-17 06:43:18 -04:00
|
|
|
"home_server": self.hs.hostname,
|
2016-03-09 18:08:37 -05:00
|
|
|
}
|
2018-08-08 22:22:01 -04:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
def test_POST_appservice_registration_invalid(self):
|
|
|
|
|
self.appservice = None # no application service exists
|
2018-07-17 06:43:18 -04:00
|
|
|
request_data = json.dumps({"username": "kermit"})
|
|
|
|
|
request, channel = make_request(
|
|
|
|
|
b"POST", self.url + b"?access_token=i_am_an_app_service", request_data
|
|
|
|
|
)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"401", channel.result)
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
def test_POST_bad_password(self):
|
2018-07-17 06:43:18 -04:00
|
|
|
request_data = json.dumps({"username": "kermit", "password": 666})
|
|
|
|
|
request, channel = make_request(b"POST", self.url, request_data)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"400", channel.result)
|
2018-08-10 09:54:09 -04:00
|
|
|
self.assertEquals(channel.json_body["error"], "Invalid password")
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
def test_POST_bad_username(self):
|
2018-07-17 06:43:18 -04:00
|
|
|
request_data = json.dumps({"username": 777, "password": "monkey"})
|
|
|
|
|
request, channel = make_request(b"POST", self.url, request_data)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"400", channel.result)
|
2018-08-10 09:54:09 -04:00
|
|
|
self.assertEquals(channel.json_body["error"], "Invalid username")
|
2018-07-17 06:43:18 -04:00
|
|
|
|
2015-07-28 12:34:12 -04:00
|
|
|
def test_POST_user_valid(self):
|
|
|
|
|
user_id = "@kermit:muppet"
|
|
|
|
|
token = "kermits_access_token"
|
2016-07-19 13:38:26 -04:00
|
|
|
device_id = "frogfone"
|
2018-07-17 06:43:18 -04:00
|
|
|
request_data = json.dumps(
|
|
|
|
|
{"username": "kermit", "password": "monkey", "device_id": device_id}
|
|
|
|
|
)
|
2015-07-28 12:34:12 -04:00
|
|
|
self.registration_handler.check_username = Mock(return_value=True)
|
2018-07-17 06:43:18 -04:00
|
|
|
self.auth_result = (None, {"username": "kermit", "password": "monkey"}, None)
|
2016-07-19 08:12:22 -04:00
|
|
|
self.registration_handler.register = Mock(return_value=(user_id, None))
|
2018-07-17 06:43:18 -04:00
|
|
|
self.auth_handler.get_access_token_for_user_id = Mock(return_value=token)
|
|
|
|
|
self.device_handler.check_device_registered = Mock(return_value=device_id)
|
|
|
|
|
|
|
|
|
|
request, channel = make_request(b"POST", self.url, request_data)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2015-07-28 12:34:12 -04:00
|
|
|
|
2016-03-09 18:08:37 -05:00
|
|
|
det_data = {
|
2016-03-10 04:13:35 -05:00
|
|
|
"user_id": user_id,
|
|
|
|
|
"access_token": token,
|
2016-07-19 13:38:26 -04:00
|
|
|
"home_server": self.hs.hostname,
|
|
|
|
|
"device_id": device_id,
|
2016-03-09 18:08:37 -05:00
|
|
|
}
|
2018-07-17 06:43:18 -04:00
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2018-08-08 22:22:01 -04:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2016-07-22 09:52:53 -04:00
|
|
|
self.auth_handler.get_login_tuple_for_user_id(
|
2018-07-17 06:43:18 -04:00
|
|
|
user_id, device_id=device_id, initial_device_display_name=None
|
|
|
|
|
)
|
2015-07-28 12:34:12 -04:00
|
|
|
|
|
|
|
|
def test_POST_disabled_registration(self):
|
2016-02-03 09:42:01 -05:00
|
|
|
self.hs.config.enable_registration = False
|
2018-07-17 06:43:18 -04:00
|
|
|
request_data = json.dumps({"username": "kermit", "password": "monkey"})
|
2015-07-28 12:34:12 -04:00
|
|
|
self.registration_handler.check_username = Mock(return_value=True)
|
2018-07-17 06:43:18 -04:00
|
|
|
self.auth_result = (None, {"username": "kermit", "password": "monkey"}, None)
|
2015-07-28 12:34:12 -04:00
|
|
|
self.registration_handler.register = Mock(return_value=("@user:id", "t"))
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
request, channel = make_request(b"POST", self.url, request_data)
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"403", channel.result)
|
2018-08-10 09:54:09 -04:00
|
|
|
self.assertEquals(channel.json_body["error"], "Registration has been disabled")
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
def test_POST_guest_registration(self):
|
|
|
|
|
user_id = "a@b"
|
|
|
|
|
self.hs.config.macaroon_secret_key = "test"
|
|
|
|
|
self.hs.config.allow_guest_access = True
|
|
|
|
|
self.registration_handler.register = Mock(return_value=(user_id, None))
|
|
|
|
|
|
|
|
|
|
request, channel = make_request(b"POST", self.url + b"?kind=guest", b"{}")
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
det_data = {
|
|
|
|
|
"user_id": user_id,
|
|
|
|
|
"home_server": self.hs.hostname,
|
|
|
|
|
"device_id": "guest_device",
|
|
|
|
|
}
|
|
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2018-08-08 22:22:01 -04:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
def test_POST_disabled_guest_registration(self):
|
|
|
|
|
self.hs.config.allow_guest_access = False
|
|
|
|
|
|
|
|
|
|
request, channel = make_request(b"POST", self.url + b"?kind=guest", b"{}")
|
2018-08-15 09:43:41 -04:00
|
|
|
render(request, self.resource, self.clock)
|
2018-07-17 06:43:18 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"403", channel.result)
|
2018-08-10 09:54:09 -04:00
|
|
|
self.assertEquals(channel.json_body["error"], "Guest access is disabled")
|
2018-10-18 14:35:30 -04:00
|
|
|
|
2018-10-18 15:03:46 -04:00
|
|
|
|
|
|
|
|
class TermsTestCase(unittest.HomeserverTestCase):
|
|
|
|
|
servlets = [register_servlets]
|
|
|
|
|
|
|
|
|
|
def prepare(self, reactor, clock, hs):
|
|
|
|
|
self.clock = MemoryReactorClock()
|
|
|
|
|
self.hs_clock = Clock(self.clock)
|
|
|
|
|
self.url = "/_matrix/client/r0/register"
|
|
|
|
|
self.registration_handler = Mock()
|
|
|
|
|
self.auth_handler = Mock()
|
|
|
|
|
self.device_handler = Mock()
|
|
|
|
|
hs.config.enable_registration = True
|
|
|
|
|
hs.config.registrations_require_3pid = []
|
|
|
|
|
hs.config.auto_join_rooms = []
|
|
|
|
|
hs.config.enable_registration_captcha = False
|
|
|
|
|
|
2018-10-18 14:35:30 -04:00
|
|
|
def test_POST_terms_auth(self):
|
|
|
|
|
self.hs.config.block_events_without_consent_error = True
|
|
|
|
|
self.hs.config.public_baseurl = "https://example.org"
|
|
|
|
|
self.hs.config.user_consent_version = "1.0"
|
|
|
|
|
|
|
|
|
|
# Do a UI auth request
|
2018-10-18 15:03:46 -04:00
|
|
|
request, channel = self.make_request(b"POST", self.url, b"{}")
|
|
|
|
|
self.render(request)
|
2018-10-18 14:35:30 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"401", channel.result)
|
|
|
|
|
|
2018-10-18 15:03:46 -04:00
|
|
|
self.assertTrue(channel.json_body is not None)
|
|
|
|
|
self.assertIsInstance(channel.json_body["session"], six.text_type)
|
2018-10-18 14:35:30 -04:00
|
|
|
|
|
|
|
|
self.assertIsInstance(channel.json_body["flows"], list)
|
|
|
|
|
for flow in channel.json_body["flows"]:
|
|
|
|
|
self.assertIsInstance(flow["stages"], list)
|
|
|
|
|
self.assertTrue(len(flow["stages"]) > 0)
|
|
|
|
|
self.assertEquals(flow["stages"][-1], "m.login.terms")
|
|
|
|
|
|
|
|
|
|
expected_params = {
|
|
|
|
|
"m.login.terms": {
|
|
|
|
|
"policies": {
|
|
|
|
|
"privacy_policy": {
|
|
|
|
|
"en": {
|
|
|
|
|
"name": "Privacy Policy",
|
|
|
|
|
"url": "https://example.org/_matrix/consent",
|
|
|
|
|
},
|
|
|
|
|
"version": "1.0"
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
self.assertIsInstance(channel.json_body["params"], dict)
|
|
|
|
|
self.assertDictContainsSubset(channel.json_body["params"], expected_params)
|
|
|
|
|
|
2018-10-18 15:03:46 -04:00
|
|
|
# We have to complete the dummy auth stage before completing the terms stage
|
2018-10-18 14:35:30 -04:00
|
|
|
request_data = json.dumps(
|
|
|
|
|
{
|
|
|
|
|
"username": "kermit",
|
|
|
|
|
"password": "monkey",
|
2018-10-18 14:45:21 -04:00
|
|
|
"auth": {
|
|
|
|
|
"session": channel.json_body["session"],
|
2018-10-18 15:03:46 -04:00
|
|
|
"type": "m.login.dummy",
|
2018-10-18 14:45:21 -04:00
|
|
|
},
|
2018-10-18 14:35:30 -04:00
|
|
|
}
|
|
|
|
|
)
|
2018-10-18 15:03:46 -04:00
|
|
|
|
2018-10-18 14:35:30 -04:00
|
|
|
self.registration_handler.check_username = Mock(return_value=True)
|
|
|
|
|
|
2018-10-18 15:03:46 -04:00
|
|
|
request, channel = make_request(b"POST", self.url, request_data)
|
|
|
|
|
self.render(request)
|
2018-10-18 14:35:30 -04:00
|
|
|
|
2018-10-18 15:03:46 -04:00
|
|
|
# We don't bother checking that the response is correct - we'll leave that to
|
|
|
|
|
# other tests. We just want to make sure we're on the right path.
|
|
|
|
|
self.assertEquals(channel.result["code"], b"401", channel.result)
|
|
|
|
|
|
|
|
|
|
# Finish the UI auth for terms
|
|
|
|
|
request_data = json.dumps(
|
|
|
|
|
{
|
|
|
|
|
"username": "kermit",
|
|
|
|
|
"password": "monkey",
|
|
|
|
|
"auth": {
|
|
|
|
|
"session": channel.json_body["session"],
|
|
|
|
|
"type": "m.login.terms",
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
)
|
2018-10-18 14:35:30 -04:00
|
|
|
request, channel = make_request(b"POST", self.url, request_data)
|
2018-10-18 15:03:46 -04:00
|
|
|
self.render(request)
|
|
|
|
|
|
|
|
|
|
# We're interested in getting a response that looks like a successful registration,
|
|
|
|
|
# not so much that the details are exactly what we want.
|
2018-10-18 14:35:30 -04:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2018-10-18 15:03:46 -04:00
|
|
|
|
|
|
|
|
self.assertTrue(channel.json_body is not None)
|
|
|
|
|
self.assertIsInstance(channel.json_body["user_id"], six.text_type)
|
|
|
|
|
self.assertIsInstance(channel.json_body["access_token"], six.text_type)
|
|
|
|
|
self.assertIsInstance(channel.json_body["device_id"], six.text_type)
|
