Move event contents into third_party_layout field

This commit is contained in:
Daniel Wagner-Hall 2015-10-13 15:48:12 +01:00
parent 32a453d7ba
commit 17dffef5ec
7 changed files with 35 additions and 21 deletions

View File

@ -374,24 +374,24 @@ class Auth(object):
return True return True
def _verify_third_party_invite(self, event, auth_events): def _verify_third_party_invite(self, event, auth_events):
for key in ThirdPartyInvites.JOIN_KEYS: if not ThirdPartyInvites.join_has_third_party_invite(event.content):
if key not in event.content:
return False return False
token = event.content["token"] join_third_party_invite = event.content["third_party_invite"]
token = join_third_party_invite["token"]
invite_event = auth_events.get( invite_event = auth_events.get(
(EventTypes.ThirdPartyInvite, token,) (EventTypes.ThirdPartyInvite, token,)
) )
if not invite_event: if not invite_event:
return False return False
try: try:
public_key = event.content["public_key"] public_key = join_third_party_invite["public_key"]
key_validity_url = event.content["key_validity_url"] key_validity_url = join_third_party_invite["key_validity_url"]
if invite_event.content["public_key"] != public_key: if invite_event.content["public_key"] != public_key:
return False return False
if invite_event.content["key_validity_url"] != key_validity_url: if invite_event.content["key_validity_url"] != key_validity_url:
return False return False
verify_key = nacl.signing.VerifyKey(decode_base64(public_key)) verify_key = nacl.signing.VerifyKey(decode_base64(public_key))
encoded_signature = event.content["signature"] encoded_signature = join_third_party_invite["signature"]
signature = decode_base64(encoded_signature) signature = decode_base64(encoded_signature)
verify_key.verify(token, signature) verify_key.verify(token, signature)
return True return True
@ -677,8 +677,11 @@ class Auth(object):
if e_type == Membership.JOIN: if e_type == Membership.JOIN:
if member_event and not is_public: if member_event and not is_public:
auth_ids.append(member_event.event_id) auth_ids.append(member_event.event_id)
if ThirdPartyInvites.has_join_keys(event.content): if ThirdPartyInvites.join_has_third_party_invite(event.content):
key = (EventTypes.ThirdPartyInvite, event.content["token"]) key = (
EventTypes.ThirdPartyInvite,
event.content["third_party_invite"]["token"]
)
invite = current_state.get(key) invite = current_state.get(key)
if invite: if invite:
auth_ids.append(invite.event_id) auth_ids.append(invite.event_id)

View File

@ -363,8 +363,8 @@ class FederationClient(FederationBase):
continue continue
args = {} args = {}
if ThirdPartyInvites.has_join_keys(content): if ThirdPartyInvites.join_has_third_party_invite(content):
ThirdPartyInvites.copy_join_keys(content, args) ThirdPartyInvites.copy_join_keys(content["third_party_invite"], args)
try: try:
ret = yield self.transport_layer.make_join( ret = yield self.transport_layer.make_join(
destination, room_id, user_id, args destination, room_id, user_id, args

View File

@ -127,7 +127,7 @@ class BaseHandler(object):
if ( if (
event.type == EventTypes.Member and event.type == EventTypes.Member and
event.content["membership"] == Membership.JOIN and event.content["membership"] == Membership.JOIN and
ThirdPartyInvites.has_join_keys(event.content) ThirdPartyInvites.join_has_third_party_invite(event.content)
): ):
yield ThirdPartyInvites.check_key_valid( yield ThirdPartyInvites.check_key_valid(
self.hs.get_simple_http_client(), self.hs.get_simple_http_client(),

View File

@ -705,7 +705,8 @@ class FederationHandler(BaseHandler):
""" """
event_content = {"membership": Membership.JOIN} event_content = {"membership": Membership.JOIN}
if ThirdPartyInvites.has_join_keys(query): if ThirdPartyInvites.has_join_keys(query):
ThirdPartyInvites.copy_join_keys(query, event_content) event_content["third_party_invite"] = {}
ThirdPartyInvites.copy_join_keys(query, event_content["third_party_invite"])
builder = self.event_builder_factory.new({ builder = self.event_builder_factory.new({
"type": EventTypes.Member, "type": EventTypes.Member,
@ -721,7 +722,7 @@ class FederationHandler(BaseHandler):
self.auth.check(event, auth_events=context.current_state) self.auth.check(event, auth_events=context.current_state)
if ThirdPartyInvites.has_join_keys(event.content): if ThirdPartyInvites.join_has_third_party_invite(event.content):
ThirdPartyInvites.check_key_valid(self.hs.get_simple_http_client(), event) ThirdPartyInvites.check_key_valid(self.hs.get_simple_http_client(), event)
defer.returnValue(event) defer.returnValue(event)

View File

@ -483,8 +483,11 @@ class RoomMemberHandler(BaseHandler):
should_do_dance = not self.hs.is_mine(inviter) should_do_dance = not self.hs.is_mine(inviter)
room_hosts = [inviter.domain] room_hosts = [inviter.domain]
elif "sender" in event.content: elif "third_party_invite" in event.content:
inviter = UserID.from_string(event.content["sender"]) if "sender" in event.content["third_party_invite"]:
inviter = UserID.from_string(
event.content["third_party_invite"]["sender"]
)
should_do_dance = not self.hs.is_mine(inviter) should_do_dance = not self.hs.is_mine(inviter)
room_hosts = [inviter.domain] room_hosts = [inviter.domain]
else: else:

View File

@ -456,7 +456,8 @@ class RoomMembershipRestServlet(ClientV1RestServlet):
} }
if membership_action == "join" and ThirdPartyInvites.has_join_keys(content): if membership_action == "join" and ThirdPartyInvites.has_join_keys(content):
ThirdPartyInvites.copy_join_keys(content, event_content) event_content["third_party_invite"] = {}
ThirdPartyInvites.copy_join_keys(content, event_content["third_party_invite"])
yield msg_handler.create_and_send_event( yield msg_handler.create_and_send_event(
{ {

View File

@ -42,6 +42,12 @@ class ThirdPartyInvites(object):
return False return False
return True return True
@classmethod
def join_has_third_party_invite(cls, content):
if "third_party_invite" not in content:
return False
return cls.has_join_keys(content["third_party_invite"])
@classmethod @classmethod
def copy_join_keys(cls, src, dst): def copy_join_keys(cls, src, dst):
for key in cls.JOIN_KEYS: for key in cls.JOIN_KEYS:
@ -53,8 +59,8 @@ class ThirdPartyInvites(object):
def check_key_valid(cls, http_client, event): def check_key_valid(cls, http_client, event):
try: try:
response = yield http_client.get_json( response = yield http_client.get_json(
event.content["key_validity_url"], event.content["third_party_invite"]["key_validity_url"],
{"public_key": event.content["public_key"]} {"public_key": event.content["third_party_invite"]["public_key"]}
) )
if not response["valid"]: if not response["valid"]:
raise AuthError(403, "Third party certificate was invalid") raise AuthError(403, "Third party certificate was invalid")