mirror of
https://github.com/turt2live/matrix-dimension.git
synced 2024-07-08 12:01:48 +00:00
Require ?v=1.1 on Scalar /register and /account
For upstream compatibility and security.
This commit is contained in:
parent
0287e472f8
commit
dce6bcde56
|
@ -49,7 +49,11 @@ export class ScalarService {
|
|||
|
||||
@POST
|
||||
@Path("register")
|
||||
public async register(request: RegisterRequest): Promise<ScalarRegisterResponse> {
|
||||
public async register(request: RegisterRequest, @QueryParam("v") apiVersion: string): Promise<ScalarRegisterResponse> {
|
||||
if (apiVersion !== "1.1") {
|
||||
throw new ApiError(401, "Invalid API version.");
|
||||
}
|
||||
|
||||
const mxClient = new MatrixOpenIdClient(<OpenId>request);
|
||||
const mxUserId = await mxClient.getUserId();
|
||||
|
||||
|
@ -95,7 +99,11 @@ export class ScalarService {
|
|||
|
||||
@GET
|
||||
@Path("account")
|
||||
public async getAccount(@QueryParam("scalar_token") scalarToken: string): Promise<ScalarAccountResponse> {
|
||||
public async getAccount(@QueryParam("scalar_token") scalarToken: string, @QueryParam("v") apiVersion: string): Promise<ScalarAccountResponse> {
|
||||
if (apiVersion !== "1.1") {
|
||||
throw new ApiError(401, "Invalid API version.");
|
||||
}
|
||||
|
||||
const userId = await ScalarService.getTokenOwner(scalarToken);
|
||||
return {user_id: userId};
|
||||
}
|
||||
|
|
|
@ -3,6 +3,7 @@ import { ScalarRegisterResponse } from "../models/ScalarResponses";
|
|||
import * as request from "request";
|
||||
import { LogService } from "matrix-js-snippets";
|
||||
import Upstream from "../db/models/Upstream";
|
||||
import { SCALAR_API_VERSION } from "../utils/common-constants";
|
||||
|
||||
export class ScalarClient {
|
||||
constructor(private upstream: Upstream) {
|
||||
|
@ -14,6 +15,7 @@ export class ScalarClient {
|
|||
request({
|
||||
method: "POST",
|
||||
url: this.upstream.scalarUrl + "/register",
|
||||
qs: {v: SCALAR_API_VERSION},
|
||||
json: openId,
|
||||
}, (err, res, _body) => {
|
||||
if (err) {
|
||||
|
|
1
src/utils/common-constants.ts
Normal file
1
src/utils/common-constants.ts
Normal file
|
@ -0,0 +1 @@
|
|||
export const SCALAR_API_VERSION = "1.1";
|
|
@ -6,6 +6,7 @@ import {
|
|||
FE_ScalarRegisterResponse
|
||||
} from "../../models/scalar-server-responses";
|
||||
import { AuthedApi } from "../authed-api";
|
||||
import { SCALAR_API_VERSION } from "../../../../../src/utils/common-constants";
|
||||
|
||||
@Injectable()
|
||||
export class ScalarServerApiService extends AuthedApi {
|
||||
|
@ -14,10 +15,12 @@ export class ScalarServerApiService extends AuthedApi {
|
|||
}
|
||||
|
||||
public getAccount(): Promise<FE_ScalarAccountResponse> {
|
||||
return this.authedGet("/api/v1/scalar/account").map(res => res.json()).toPromise();
|
||||
return this.authedGet("/api/v1/scalar/account", {v: SCALAR_API_VERSION}).map(res => res.json()).toPromise();
|
||||
}
|
||||
|
||||
public register(openId: FE_ScalarOpenIdRequestBody): Promise<FE_ScalarRegisterResponse> {
|
||||
return this.http.post("/api/v1/scalar/register", openId).map(res => res.json()).toPromise();
|
||||
return this.http.post("/api/v1/scalar/register", openId, {
|
||||
params: {v: SCALAR_API_VERSION},
|
||||
}).map(res => res.json()).toPromise();
|
||||
}
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue
Block a user