Allow appservices to register without a login type (#529)

* Allow appservices to register without a logintype

Signed-off-by: Andrew Morgan <andrewm@matrix.org>

* Reduce cyclomatic complexity on Register function

* Fix some grammar
main
Andrew Morgan 2018-07-17 08:39:49 -07:00 committed by GitHub
parent d2b349a75a
commit 99005d6a91
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 20 additions and 3 deletions

View File

@ -415,6 +415,22 @@ func validateApplicationService(
return matchedApplicationService.ID, nil return matchedApplicationService.ID, nil
} }
// authTypeIsValid checks the registration authentication type of the request
// and returns true or false depending on whether the auth type is valid
func authTypeIsValid(authType *authtypes.LoginType, req *http.Request) bool {
// If no auth type is specified by the client, send back the list of available flows
if *authType == "" && req.URL.Query().Get("access_token") != "" {
// Assume this is an application service registering a user if an empty login
// type was provided alongside an access token
*authType = authtypes.LoginTypeApplicationService
} else if *authType == "" {
// Not an access token, and no login type. Send back the flows
return false
}
return true
}
// Register processes a /register request. // Register processes a /register request.
// http://matrix.org/speculator/spec/HEAD/client_server/unstable.html#post-matrix-client-unstable-register // http://matrix.org/speculator/spec/HEAD/client_server/unstable.html#post-matrix-client-unstable-register
func Register( func Register(
@ -454,8 +470,9 @@ func Register(
r.Username = strconv.FormatInt(id, 10) r.Username = strconv.FormatInt(id, 10)
} }
// If no auth type is specified by the client, send back the list of available flows // Check r.Auth.Type is correct for the client requesting (handles application
if r.Auth.Type == "" { // services requesting without an auth type)
if !authTypeIsValid(&r.Auth.Type, req) {
return util.JSONResponse{ return util.JSONResponse{
Code: http.StatusUnauthorized, Code: http.StatusUnauthorized,
JSON: newUserInteractiveResponse(sessionID, JSON: newUserInteractiveResponse(sessionID,
@ -475,7 +492,7 @@ func Register(
// Make sure normal user isn't registering under an exclusive application // Make sure normal user isn't registering under an exclusive application
// service namespace. Skip this check if no app services are registered. // service namespace. Skip this check if no app services are registered.
if r.Auth.Type != "m.login.application_service" && if r.Auth.Type != authtypes.LoginTypeApplicationService &&
len(cfg.Derived.ApplicationServices) != 0 && len(cfg.Derived.ApplicationServices) != 0 &&
UsernameMatchesExclusiveNamespaces(cfg, r.Username) { UsernameMatchesExclusiveNamespaces(cfg, r.Username) {
return util.JSONResponse{ return util.JSONResponse{