-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Implement MSC3984 to proxy /keys/query requests to appservices. #15321
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
Experimental support for passing One Time Key requests to application services ([MSC3983](https://github.com/matrix-org/matrix-spec-proposals/pull/3983)). | ||
Experimental support for passing One Time Key and device key requests to application services ([MSC3983](https://github.com/matrix-org/matrix-spec-proposals/pull/3983) and [MSC3984](https://github.com/matrix-org/matrix-spec-proposals/pull/3984)). |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1 @@ | ||
Experimental support for passing One Time Key and device key requests to application services ([MSC3983](https://github.com/matrix-org/matrix-spec-proposals/pull/3983) and [MSC3984](https://github.com/matrix-org/matrix-spec-proposals/pull/3984)). |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -91,6 +91,9 @@ def __init__(self, hs: "HomeServer"): | |
self._query_appservices_for_otks = ( | ||
hs.config.experimental.msc3983_appservice_otk_claims | ||
) | ||
self._query_appservices_for_keys = ( | ||
hs.config.experimental.msc3984_appservice_key_query | ||
) | ||
|
||
@trace | ||
@cancellable | ||
|
@@ -497,6 +500,19 @@ async def query_local_devices( | |
local_query, include_displaynames | ||
) | ||
|
||
# Check if the application services have any additional results. | ||
if self._query_appservices_for_keys: | ||
# Query the appservices for any keys. | ||
appservice_results = await self._appservice_handler.query_keys(query) | ||
|
||
# Merge results, overriding with what the appservice returned. | ||
for user_id, devices in appservice_results.get("device_keys", {}).items(): | ||
clokep marked this conversation as resolved.
Show resolved
Hide resolved
|
||
# Copy the appservice device info over the homeserver device info, but | ||
# don't completely overwrite it. | ||
results.setdefault(user_id, {}).update(devices) | ||
|
||
# TODO Handle cross-signing keys. | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This is a pretty big TODO compared to what the MSC says, but it isn't abundantly clear how to merge the cross-signing info ( There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Also -- that will likely require some refactoring since There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. The MSC now kind of shrugs at this 🤷 , see matrix-org/matrix-spec-proposals#3984 (comment) I think it is probably OK to gloss over this for now. |
||
|
||
# Build the result structure | ||
for user_id, device_keys in results.items(): | ||
for device_id, device_info in device_keys.items(): | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is it really OK to just eat up errors and return
{}
? It's not clear how come this is safe — would benefit from an explanation here/in docstring.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The MSC says:
I can expand the docstring though.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm. The MSC should probably explain why this is safe, then — as it is I'm not convinced? Is this really so unimportant that doing nothing is fine if there's an error?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please leave a comment on the MSC!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Cross-link matrix-org/matrix-spec-proposals#3984 (comment)
Are you OK with closing this for now then? We can update the implementation based on changes to the MSC.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It'd be good to get something into the code because realistically as soon as this thread gets closed it will be forgotten about for the rest of time and we'll be stuck with it.
Unfortunately I think the answer is slowly revealing itself as 'this isn't safe to do but we do it anyway'. This feels like a design problem in an already warty system — I'm not really happy with it and it feels like we should consider whether there are other options here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Well we have the thread in the MSC for tracking. That's usually what we've done for this sort of thing.