char
/
dendrite
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
dendrite/internal/config/appservice.go

330 lines
11 KiB
Go
Raw Normal View History

Load Application Service Configuration Files (#377) Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2017-12-19 17:00:44 +00:00
// Copyright 2017 Andrew Morgan <andrew@amorgan.xyz>
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package config
import (
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
"fmt"
Load Application Service Configuration Files (#377) Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2017-12-19 17:00:44 +00:00
"io/ioutil"
"path/filepath"
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
"regexp"
"strings"
Load Application Service Configuration Files (#377) Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2017-12-19 17:00:44 +00:00
Add group_id, rate_limit and protocol AS config options (#478) * Add group_id, rate_limit and protocol AS config options * We currently just record and error check these options. There are not currently implemented. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Clean things up and fix yaml declaration * Warn loudly when app service requests unimplemented options * Fix comments * Remove high cyclomatic complexity of appservice checkErrors * Set default rate limited to true
2018-06-18 09:43:15 +00:00
log "github.com/sirupsen/logrus"
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
yaml "gopkg.in/yaml.v2"
Load Application Service Configuration Files (#377) Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2017-12-19 17:00:44 +00:00
)
// ApplicationServiceNamespace is the namespace that a specific application
// service has management over.
type ApplicationServiceNamespace struct {
// Whether or not the namespace is managed solely by this application service
Exclusive bool `yaml:"exclusive"`
// A regex pattern that represents the namespace
Regex string `yaml:"regex"`
Add group_id, rate_limit and protocol AS config options (#478) * Add group_id, rate_limit and protocol AS config options * We currently just record and error check these options. There are not currently implemented. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Clean things up and fix yaml declaration * Warn loudly when app service requests unimplemented options * Fix comments * Remove high cyclomatic complexity of appservice checkErrors * Set default rate limited to true
2018-06-18 09:43:15 +00:00
// The ID of an existing group that all users of this application service will
// be added to. This field is only relevant to the `users` namespace.
// Note that users who are joined to this group through an application service
// are not to be listed when querying for the group's members, however the
// group should be listed when querying an application service user's groups.
// This is to prevent making spamming all users of an application service
// trivial.
GroupID string `yaml:"group_id"`
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
// Regex object representing our pattern. Saves having to recompile every time
RegexpObject *regexp.Regexp
Load Application Service Configuration Files (#377) Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2017-12-19 17:00:44 +00:00
}
// ApplicationService represents a Matrix application service.
// https://matrix.org/docs/spec/application_service/unstable.html
type ApplicationService struct {
// User-defined, unique, persistent ID of the application service
ID string `yaml:"id"`
// Base URL of the application service
URL string `yaml:"url"`
// Application service token provided in requests to a homeserver
ASToken string `yaml:"as_token"`
// Homeserver token provided in requests to an application service
HSToken string `yaml:"hs_token"`
// Localpart of application service user
SenderLocalpart string `yaml:"sender_localpart"`
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
// Information about an application service's namespaces. Key is either
// "users", "aliases" or "rooms"
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
NamespaceMap map[string][]ApplicationServiceNamespace `yaml:"namespaces"`
Add group_id, rate_limit and protocol AS config options (#478) * Add group_id, rate_limit and protocol AS config options * We currently just record and error check these options. There are not currently implemented. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Clean things up and fix yaml declaration * Warn loudly when app service requests unimplemented options * Fix comments * Remove high cyclomatic complexity of appservice checkErrors * Set default rate limited to true
2018-06-18 09:43:15 +00:00
// Whether rate limiting is applied to each application service user
RateLimited bool `yaml:"rate_limited"`
// Any custom protocols that this application service provides (e.g. IRC)
Protocols []string `yaml:"protocols"`
Load Application Service Configuration Files (#377) Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2017-12-19 17:00:44 +00:00
}
Consolidate AS interest checking (#539) * Methods for checking if an AS is interested in events * Look through rooms namespace for matching room IDs
2018-07-16 12:30:04 +00:00
// IsInterestedInRoomID returns a bool on whether an application service's
// namespace includes the given room ID
func (a *ApplicationService) IsInterestedInRoomID(
roomID string,
) bool {
if namespaceSlice, ok := a.NamespaceMap["rooms"]; ok {
for _, namespace := range namespaceSlice {
if namespace.RegexpObject.MatchString(roomID) {
return true
}
}
}
return false
}
// IsInterestedInUserID returns a bool on whether an application service's
// namespace includes the given user ID
func (a *ApplicationService) IsInterestedInUserID(
userID string,
) bool {
if namespaceSlice, ok := a.NamespaceMap["users"]; ok {
for _, namespace := range namespaceSlice {
if namespace.RegexpObject.MatchString(userID) {
support non-exclusive namespaces for AS (#828) Signed-off-by: MohitKS5 <mohitkumarsingh907@gmail.com> Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com> Co-authored-by: Kegsay <kegan@matrix.org>
2020-04-14 14:31:27 +00:00
return true
}
}
}
return false
}
// OwnsNamespaceCoveringUserId returns a bool on whether an application service's
// namespace is exclusive and includes the given user ID
func (a *ApplicationService) OwnsNamespaceCoveringUserId(
userID string,
) bool {
if namespaceSlice, ok := a.NamespaceMap["users"]; ok {
for _, namespace := range namespaceSlice {
if namespace.Exclusive && namespace.RegexpObject.MatchString(userID) {
Consolidate AS interest checking (#539) * Methods for checking if an AS is interested in events * Look through rooms namespace for matching room IDs
2018-07-16 12:30:04 +00:00
return true
}
}
}
return false
}
// IsInterestedInRoomAlias returns a bool on whether an application service's
// namespace includes the given room alias
func (a *ApplicationService) IsInterestedInRoomAlias(
roomAlias string,
) bool {
if namespaceSlice, ok := a.NamespaceMap["aliases"]; ok {
for _, namespace := range namespaceSlice {
if namespace.RegexpObject.MatchString(roomAlias) {
return true
}
}
}
return false
}
Internal API for Appservices (#541)
2018-07-17 14:36:04 +00:00
// loadAppServices iterates through all application service config files
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
// and loads their data into the config object for later access.
Internal API for Appservices (#541)
2018-07-17 14:36:04 +00:00
func loadAppServices(config *Dendrite) error {
Load Application Service Configuration Files (#377) Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2017-12-19 17:00:44 +00:00
for _, configPath := range config.ApplicationServices.ConfigFiles {
Add group_id, rate_limit and protocol AS config options (#478) * Add group_id, rate_limit and protocol AS config options * We currently just record and error check these options. There are not currently implemented. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Clean things up and fix yaml declaration * Warn loudly when app service requests unimplemented options * Fix comments * Remove high cyclomatic complexity of appservice checkErrors * Set default rate limited to true
2018-06-18 09:43:15 +00:00
// Create a new application service with default options
appservice := ApplicationService{
RateLimited: true,
}
Load Application Service Configuration Files (#377) Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2017-12-19 17:00:44 +00:00
// Create an absolute path from a potentially relative path
absPath, err := filepath.Abs(configPath)
if err != nil {
return err
}
// Read the application service's config file
configData, err := ioutil.ReadFile(absPath)
if err != nil {
return err
}
// Load the config data into our struct
if err = yaml.UnmarshalStrict(configData, &appservice); err != nil {
return err
}
// Append the parsed application service to the global config
config.Derived.ApplicationServices = append(
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
config.Derived.ApplicationServices, appservice,
)
Load Application Service Configuration Files (#377) Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2017-12-19 17:00:44 +00:00
}
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
// Check for any errors in the loaded application services
return checkErrors(config)
}
// setupRegexps will create regex objects for exclusive and non-exclusive
// usernames, aliases and rooms of all application services, so that other
// methods can quickly check if a particular string matches any of them.
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
func setupRegexps(cfg *Dendrite) (err error) {
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
// Combine all exclusive namespaces for later string checking
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
var exclusiveUsernameStrings, exclusiveAliasStrings []string
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
// If an application service's regex is marked as exclusive, add
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
// its contents to the overall exlusive regex string. Room regex
// not necessary as we aren't denying exclusive room ID creation
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
for _, appservice := range cfg.Derived.ApplicationServices {
for key, namespaceSlice := range appservice.NamespaceMap {
switch key {
case "users":
appendExclusiveNamespaceRegexs(&exclusiveUsernameStrings, namespaceSlice)
case "aliases":
appendExclusiveNamespaceRegexs(&exclusiveAliasStrings, namespaceSlice)
}
}
}
// Join the regexes together into one big regex.
// i.e. "app1.*", "app2.*" -> "(app1.*)|(app2.*)"
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
// Later we can check if a username or alias matches any exclusive regex and
// deny access if it isn't from an application service
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
exclusiveUsernames := strings.Join(exclusiveUsernameStrings, "|")
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
exclusiveAliases := strings.Join(exclusiveAliasStrings, "|")
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
// If there are no exclusive regexes, compile string so that it will not match
// any valid usernames/aliases/roomIDs
Prevent AS user check if no AS registered (#392) When a user registered on a homeserver with no application services registered, registration would check if the meta-regexp object matched the proposed user's new username. Apparently "" is a regex that matches everything, so every user was then barred from registering as they were supposedly registering inside an AS' exclusive namespace. This change prevents that check from happening by setting the exclusive regex to ^$ instead, preventing any matches from occurring. We also prevent the check for exclusivity if there are no namespaces registered for performance. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-27 11:42:10 +00:00
if exclusiveUsernames == "" {
exclusiveUsernames = "^$"
}
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
if exclusiveAliases == "" {
exclusiveAliases = "^$"
}
Prevent AS user check if no AS registered (#392) When a user registered on a homeserver with no application services registered, registration would check if the meta-regexp object matched the proposed user's new username. Apparently "" is a regex that matches everything, so every user was then barred from registering as they were supposedly registering inside an AS' exclusive namespace. This change prevents that check from happening by setting the exclusive regex to ^$ instead, preventing any matches from occurring. We also prevent the check for exclusivity if there are no namespaces registered for performance. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-27 11:42:10 +00:00
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
// Store compiled Regex
if cfg.Derived.ExclusiveApplicationServicesUsernameRegexp, err = regexp.Compile(exclusiveUsernames); err != nil {
return err
}
if cfg.Derived.ExclusiveApplicationServicesAliasRegexp, err = regexp.Compile(exclusiveAliases); err != nil {
return err
}
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
return nil
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
}
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
// appendExclusiveNamespaceRegexs takes a slice of strings and a slice of
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
// namespaces and will append the regexes of only the exclusive namespaces
// into the string slice
func appendExclusiveNamespaceRegexs(
exclusiveStrings *[]string, namespaces []ApplicationServiceNamespace,
) {
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
for index, namespace := range namespaces {
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
if namespace.Exclusive {
// We append parenthesis to later separate each regex when we compile
// i.e. "app1.*", "app2.*" -> "(app1.*)|(app2.*)"
*exclusiveStrings = append(*exclusiveStrings, "("+namespace.Regex+")")
}
// Compile this regex into a Regexp object for later use
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
namespaces[index].RegexpObject, _ = regexp.Compile(namespace.Regex)
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
}
}
// checkErrors checks for any configuration errors amongst the loaded
// application services according to the application service spec.
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
func checkErrors(config *Dendrite) (err error) {
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
var idMap = make(map[string]bool)
var tokenMap = make(map[string]bool)
Add group_id, rate_limit and protocol AS config options (#478) * Add group_id, rate_limit and protocol AS config options * We currently just record and error check these options. There are not currently implemented. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Clean things up and fix yaml declaration * Warn loudly when app service requests unimplemented options * Fix comments * Remove high cyclomatic complexity of appservice checkErrors * Set default rate limited to true
2018-06-18 09:43:15 +00:00
// Compile regexp object for checking groupIDs
groupIDRegexp := regexp.MustCompile(`\+.*:.*`)
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
// Check each application service for any config errors
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
for _, appservice := range config.Derived.ApplicationServices {
Add group_id, rate_limit and protocol AS config options (#478) * Add group_id, rate_limit and protocol AS config options * We currently just record and error check these options. There are not currently implemented. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Clean things up and fix yaml declaration * Warn loudly when app service requests unimplemented options * Fix comments * Remove high cyclomatic complexity of appservice checkErrors * Set default rate limited to true
2018-06-18 09:43:15 +00:00
// Namespace-related checks
for key, namespaceSlice := range appservice.NamespaceMap {
for _, namespace := range namespaceSlice {
if err := validateNamespace(&appservice, key, &namespace, groupIDRegexp); err != nil {
return err
}
}
}
Remove trailing slashes from appservice url (#546) * Remove trailing slashes from appservice url * Use TrimRight instead
2018-07-16 15:16:01 +00:00
// Check if the url has trailing /'s. If so, remove them
appservice.URL = strings.TrimRight(appservice.URL, "/")
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
// Check if we've already seen this ID. No two application services
// can have the same ID or token.
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
if idMap[appservice.ID] {
Enable debug logs using a configuration parameter and put all logs in a single file (#379)
2018-04-10 12:21:20 +00:00
return configErrors([]string{fmt.Sprintf(
Send Application Service Events (#477) * Prevent sql scanning into nil value in accounts_table Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Remove uneccessary logging, null checking * Don't forget to set the localpart * Simplify error checking * Store And Send Application Service Events * Modify INSTALL.md and dendrite-config.yaml for the new appservice database * Correct all instances of casing on 'application service' to align with spec * Store incoming events that an app service is interested in in the database to be later read by transaction workers. * Retrieve these events from transaction workers, one per AS. * Minimal transaction ID data is stored as well to recover after server failure. * Send events to AS and exponentially backoff on failure. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Finish my own sentences. * Fix up database interaction * Change to event-based AS sending * Reduce cyclomatic complexity * Appease the errcheck gods * Delete by int ID instead of string. This was causing some events to not be deleted, as < an eventID doesn't really make much sense. * Check if there are more events to send before sleeping * Send same transaction if last send attempt failed * Don't backoff on non-200s, tight send loop, 1 event query * Remove tight send loop. Fix events not being deleted * Additionally order by event id, track main.go * Return the last txnID, which our events are using * Remove old main.go file * Prevent duplicate events from being sent... * Strip event content if it doesn't contain anything Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Update gomatrixserverlib and use Unsigned AS event prop * Fixes * Fix sync server comment * Remove unnecessary printlns * Use logrus Fields * Worker state methods * Remove sillyness * Fix up event filtering * Handle transaction event limit in loop * Switch to using a sequence for transaction IDs * Don't verify self-signed AS certificates * Fix logging * Use gmsl.Event instead of AS-only event in transactions Also clear up the logic on lookupStateEvents a little bit. * Change invalid_txn_id to global (for efficiency) * Use a bool for EventsReady instead of an int
2018-07-05 16:34:59 +00:00
"Application service ID %s must be unique", appservice.ID,
Enable debug logs using a configuration parameter and put all logs in a single file (#379)
2018-04-10 12:21:20 +00:00
)})
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
}
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
// Check if we've already seen this token
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
if tokenMap[appservice.ASToken] {
Enable debug logs using a configuration parameter and put all logs in a single file (#379)
2018-04-10 12:21:20 +00:00
return configErrors([]string{fmt.Sprintf(
Send Application Service Events (#477) * Prevent sql scanning into nil value in accounts_table Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Remove uneccessary logging, null checking * Don't forget to set the localpart * Simplify error checking * Store And Send Application Service Events * Modify INSTALL.md and dendrite-config.yaml for the new appservice database * Correct all instances of casing on 'application service' to align with spec * Store incoming events that an app service is interested in in the database to be later read by transaction workers. * Retrieve these events from transaction workers, one per AS. * Minimal transaction ID data is stored as well to recover after server failure. * Send events to AS and exponentially backoff on failure. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Finish my own sentences. * Fix up database interaction * Change to event-based AS sending * Reduce cyclomatic complexity * Appease the errcheck gods * Delete by int ID instead of string. This was causing some events to not be deleted, as < an eventID doesn't really make much sense. * Check if there are more events to send before sleeping * Send same transaction if last send attempt failed * Don't backoff on non-200s, tight send loop, 1 event query * Remove tight send loop. Fix events not being deleted * Additionally order by event id, track main.go * Return the last txnID, which our events are using * Remove old main.go file * Prevent duplicate events from being sent... * Strip event content if it doesn't contain anything Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Update gomatrixserverlib and use Unsigned AS event prop * Fixes * Fix sync server comment * Remove unnecessary printlns * Use logrus Fields * Worker state methods * Remove sillyness * Fix up event filtering * Handle transaction event limit in loop * Switch to using a sequence for transaction IDs * Don't verify self-signed AS certificates * Fix logging * Use gmsl.Event instead of AS-only event in transactions Also clear up the logic on lookupStateEvents a little bit. * Change invalid_txn_id to global (for efficiency) * Use a bool for EventsReady instead of an int
2018-07-05 16:34:59 +00:00
"Application service Token %s must be unique", appservice.ASToken,
Enable debug logs using a configuration parameter and put all logs in a single file (#379)
2018-04-10 12:21:20 +00:00
)})
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
}
// Add the id/token to their respective maps if we haven't already
// seen them.
idMap[appservice.ID] = true
Fix typo that caused ASTokens to not be uniquely checked Signed-off-by: Andrew Morgan <andrewm@matrix.org>
2018-06-01 15:34:52 +00:00
tokenMap[appservice.ASToken] = true
Filter Roomserver Events Based on Application Service (#467) * Compile room and alias namespace regexs We'll be needing these for event filtering in the appservice component. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * App service filters roomserver events Doing so based on namespace regexes that each app service has defined. To get the aliases for a roomID a new aliasAPI endpoint was defined, GetAliasesFromRoomID, which does exactly what it says on the tin. Next step is to queue events to be sent off to each homeserver. * Additionally filter state events for app services * Fixed context, logging, derps, config handling * Prevented user from creating more than one regex per namespace type Got caught out by realizing I had an extra '-' in the config file. This prevents anyone from making the same mistake :) * Removed exclusive RoomID namespace regex, as we won't need to check upon room creation if the ID is reserved exclusively by an AS (as this is silly and horribly inefficient). * Fixed all else mentioned
2018-05-30 12:43:13 +00:00
Add group_id, rate_limit and protocol AS config options (#478) * Add group_id, rate_limit and protocol AS config options * We currently just record and error check these options. There are not currently implemented. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Clean things up and fix yaml declaration * Warn loudly when app service requests unimplemented options * Fix comments * Remove high cyclomatic complexity of appservice checkErrors * Set default rate limited to true
2018-06-18 09:43:15 +00:00
// TODO: Remove once rate_limited is implemented
if appservice.RateLimited {
log.Warn("WARNING: Application service option rate_limited is currently unimplemented")
}
// TODO: Remove once protocols is implemented
if len(appservice.Protocols) > 0 {
log.Warn("WARNING: Application service option protocols is currently unimplemented")
}
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
}
Add group_id, rate_limit and protocol AS config options (#478) * Add group_id, rate_limit and protocol AS config options * We currently just record and error check these options. There are not currently implemented. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Clean things up and fix yaml declaration * Warn loudly when app service requests unimplemented options * Fix comments * Remove high cyclomatic complexity of appservice checkErrors * Set default rate limited to true
2018-06-18 09:43:15 +00:00
return setupRegexps(config)
}
// validateNamespace returns nil or an error based on whether a given
// application service namespace is valid. A namespace is valid if it has the
// required fields, and its regex is correct.
func validateNamespace(
appservice *ApplicationService,
key string,
namespace *ApplicationServiceNamespace,
groupIDRegexp *regexp.Regexp,
) error {
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
// Check that namespace(s) are valid regex
Add group_id, rate_limit and protocol AS config options (#478) * Add group_id, rate_limit and protocol AS config options * We currently just record and error check these options. There are not currently implemented. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Clean things up and fix yaml declaration * Warn loudly when app service requests unimplemented options * Fix comments * Remove high cyclomatic complexity of appservice checkErrors * Set default rate limited to true
2018-06-18 09:43:15 +00:00
if !IsValidRegex(namespace.Regex) {
return configErrors([]string{fmt.Sprintf(
"Invalid regex string for Application Service %s", appservice.ID,
)})
}
// Check if GroupID for the users namespace is in the correct format
if key == "users" && namespace.GroupID != "" {
// TODO: Remove once group_id is implemented
log.Warn("WARNING: Application service option group_id is currently unimplemented")
correctFormat := groupIDRegexp.MatchString(namespace.GroupID)
if !correctFormat {
return configErrors([]string{fmt.Sprintf(
"Invalid user group_id field for application service %s.",
appservice.ID,
)})
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
}
}
Add group_id, rate_limit and protocol AS config options (#478) * Add group_id, rate_limit and protocol AS config options * We currently just record and error check these options. There are not currently implemented. Signed-off-by: Andrew Morgan <andrewm@matrix.org> * Clean things up and fix yaml declaration * Warn loudly when app service requests unimplemented options * Fix comments * Remove high cyclomatic complexity of appservice checkErrors * Set default rate limited to true
2018-06-18 09:43:15 +00:00
return nil
Load Application Service Configuration Files (#377) Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2017-12-19 17:00:44 +00:00
}
Application Service Registration (#390) * Add ability for App Services to register users AS Tokens are pulled from their respective configs, which are then checked against when an AS tries to register using m.login.application_service. If the token exists and the new username is within their specified namespace, then the user is created as a password-less user. Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz> * Validate loaded Application Services * Ensure no two app services have the same token or ID * Check namespaces are valid regex * Ensure users can't register inside an exclusive app service namespace * Ensure exclusive app service namespaces are exclusive with each other * Precompile application service namespace regexes so we don't need to do so every time a user is registered Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
2018-02-08 11:02:48 +00:00
// IsValidRegex returns true or false based on whether the
// given string is valid regex or not
func IsValidRegex(regexString string) bool {
_, err := regexp.Compile(regexString)
return err == nil
}