Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

v2 3PID Invites (part of MSC2140) #5979

Merged
merged 49 commits into from
Sep 17, 2019
Merged
Show file tree
Hide file tree
Changes from 45 commits
Commits
Show all changes
49 commits
Select commit Hold shift + click to select a range
1954438
Use the v2 lookup API
anoadragon453 Aug 21, 2019
24ee3ae
lint
anoadragon453 Aug 21, 2019
902ef39
add changelog
anoadragon453 Aug 21, 2019
3a114fe
linter fight
anoadragon453 Aug 21, 2019
5426e13
Merge branch 'develop' into anoa/v2_lookup
anoadragon453 Aug 21, 2019
73fb6f3
Continue to support v1 lookup
anoadragon453 Aug 21, 2019
2472e2e
lint
anoadragon453 Aug 21, 2019
7bfccad
Address review comments
anoadragon453 Aug 27, 2019
75ef0f8
lint
anoadragon453 Aug 27, 2019
e68d648
small fixes and remove unnecessary Enum
anoadragon453 Aug 28, 2019
38dac27
Warn user when the id_server they chose does not support any of the h…
anoadragon453 Aug 28, 2019
8f1346d
Apply suggestions from code review
anoadragon453 Aug 28, 2019
4dc0849
lint
anoadragon453 Aug 28, 2019
849d8dc
Merge branch 'anoa/v2_lookup' of github.com:matrix-org/synapse into a…
anoadragon453 Aug 28, 2019
d9d156b
Merge branch 'develop' into anoa/v2_lookup
anoadragon453 Sep 3, 2019
42b11bd
use v2 identity service api endpoints for 3pid invites and lookup
anoadragon453 Sep 3, 2019
83021d9
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/v2_…
anoadragon453 Sep 3, 2019
07154ea
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/v2_…
anoadragon453 Sep 3, 2019
f4b7f7f
id_access_token support
anoadragon453 Sep 3, 2019
29c3489
Apply suggestions from code review
anoadragon453 Sep 4, 2019
ff5f6a0
Address review comments
anoadragon453 Sep 4, 2019
a5153af
Merge branch 'anoa/v2_lookup' of github.com:matrix-org/synapse into a…
anoadragon453 Sep 4, 2019
7f647bc
Revert moving lookup stuff to IdentityHandler
anoadragon453 Sep 4, 2019
f8bb859
Fix issues with moving stuff back to RoomMemberHandler
anoadragon453 Sep 4, 2019
1c59243
Factor our v2 invite things
anoadragon453 Sep 4, 2019
4615cf2
v2-ify 3pid invites
anoadragon453 Sep 4, 2019
1103de4
Add changelog
anoadragon453 Sep 4, 2019
1b20928
lint
anoadragon453 Sep 4, 2019
db1d161
whoops
anoadragon453 Sep 4, 2019
9f92c3e
Change lookup_3pid back to a private method
anoadragon453 Sep 4, 2019
07169b1
Apply suggestions from code review
anoadragon453 Sep 5, 2019
5b852c2
Address review comments
anoadragon453 Sep 5, 2019
0d968c0
liiiiiiiiiiiint
anoadragon453 Sep 5, 2019
f18f3f1
address review comments
anoadragon453 Sep 9, 2019
18671b0
lint
anoadragon453 Sep 9, 2019
649dcbe
id_access_token -> access_token in query params
anoadragon453 Sep 10, 2019
58603a8
id_access_token -> access_token
anoadragon453 Sep 10, 2019
b4520ea
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/v2_…
anoadragon453 Sep 11, 2019
79f5c4f
Address review comments.
anoadragon453 Sep 11, 2019
cf8dbea
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/v2_…
anoadragon453 Sep 11, 2019
7008c79
Send id access_token via Authorization headers, not JSON body
anoadragon453 Sep 11, 2019
ffb284e
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/v2_…
anoadragon453 Sep 11, 2019
7633111
Merge branch 'anoa/v2_lookup' into anoa/v2_store_invite
anoadragon453 Sep 11, 2019
7679c82
Switch to using Authorization headers instead of JSON body
anoadragon453 Sep 11, 2019
3bf4f5a
Merge branch 'develop' of github.com:matrix-org/synapse into anoa/v2_…
anoadragon453 Sep 11, 2019
dedbeca
Don't recall the same endpoint if it 404'd already
anoadragon453 Sep 12, 2019
f225501
Remove recursion
anoadragon453 Sep 16, 2019
2331d9d
Add more logging and don't make a call in an except block
anoadragon453 Sep 17, 2019
49b23c0
Move comment out of try block
anoadragon453 Sep 17, 2019
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/5979.feature
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Use the v2 Identity Service API for 3PID invites.
82 changes: 72 additions & 10 deletions synapse/handlers/room_member.py
Original file line number Diff line number Diff line change
Expand Up @@ -684,7 +684,14 @@ def do_3pid_invite(
)
else:
yield self._make_and_store_3pid_invite(
requester, id_server, medium, address, room_id, inviter, txn_id=txn_id
requester,
id_server,
medium,
address,
room_id,
inviter,
txn_id=txn_id,
id_access_token=id_access_token,
)

@defer.inlineCallbacks
Expand Down Expand Up @@ -885,7 +892,15 @@ def _verify_any_signature(self, data, server_hostname):

@defer.inlineCallbacks
def _make_and_store_3pid_invite(
self, requester, id_server, medium, address, room_id, user, txn_id
self,
requester,
id_server,
medium,
address,
room_id,
user,
txn_id,
id_access_token=None,
):
room_state = yield self.state_handler.get_current_state(room_id)

Expand Down Expand Up @@ -934,6 +949,7 @@ def _make_and_store_3pid_invite(
room_name=room_name,
inviter_display_name=inviter_display_name,
inviter_avatar_url=inviter_avatar_url,
id_access_token=id_access_token,
)
)

Expand Down Expand Up @@ -971,6 +987,7 @@ def _ask_id_server_for_third_party_invite(
room_name,
inviter_display_name,
inviter_avatar_url,
id_access_token=None,
):
"""
Asks an identity server for a third party invite.
Expand All @@ -990,6 +1007,8 @@ def _ask_id_server_for_third_party_invite(
inviter_display_name (str): The current display name of the
inviter.
inviter_avatar_url (str): The URL of the inviter's avatar.
id_access_token (str|None): The access token to authenticate to the identity
server with

Returns:
A deferred tuple containing:
Expand All @@ -1000,11 +1019,6 @@ def _ask_id_server_for_third_party_invite(
display_name (str): A user-friendly name to represent the invited
user.
"""
is_url = "%s%s/_matrix/identity/api/v1/store-invite" % (
id_server_scheme,
id_server,
)

invite_config = {
"medium": medium,
"address": address,
Expand All @@ -1017,11 +1031,41 @@ def _ask_id_server_for_third_party_invite(
"sender_display_name": inviter_display_name,
"sender_avatar_url": inviter_avatar_url,
}

# Add the identity service access token to the JSON body and use the v2
# Identity Service endpoints if id_access_token is present
headers = {}
if id_access_token:
headers["Authorization"] = create_id_access_token_header(id_access_token)
is_url = "%s%s/_matrix/identity/v2/store-invite" % (
id_server_scheme,
id_server,
)
key_validity_url = "%s%s/_matrix/identity/v2/pubkey/isvalid" % (
id_server_scheme,
id_server,
)
else:
is_url = "%s%s/_matrix/identity/api/v1/store-invite" % (
id_server_scheme,
id_server,
)
key_validity_url = "%s%s/_matrix/identity/api/v1/pubkey/isvalid" % (
id_server_scheme,
id_server,
)

fallback_to_v1 = False
try:
data = yield self.simple_http_client.post_json_get_json(
is_url, invite_config
is_url, invite_config, headers
)
except HttpResponseException as e:
if id_access_token and e.code == 404:
# This identity server does not support v2 endpoints
# Fallback to v1 endpoints
fallback_to_v1 = True

# Some identity servers may only support application/x-www-form-urlencoded
anoadragon453 marked this conversation as resolved.
Show resolved Hide resolved
# types. This is especially true with old instances of Sydent, see
# https://github.com/matrix-org/sydent/pull/170
Expand All @@ -1034,14 +1078,32 @@ def _ask_id_server_for_third_party_invite(
is_url, invite_config
)

if fallback_to_v1:
return (
yield self._ask_id_server_for_third_party_invite(
requester,
id_server,
medium,
address,
room_id,
inviter_user_id,
room_alias,
room_avatar_url,
room_join_rules,
room_name,
inviter_display_name,
inviter_avatar_url,
id_access_token=None, # force using v1 endpoints
)
)

# TODO: Check for success
token = data["token"]
public_keys = data.get("public_keys", [])
if "public_key" in data:
anoadragon453 marked this conversation as resolved.
Show resolved Hide resolved
fallback_public_key = {
"public_key": data["public_key"],
"key_validity_url": "%s%s/_matrix/identity/api/v1/pubkey/isvalid"
% (id_server_scheme, id_server),
"key_validity_url": key_validity_url,
}
else:
fallback_public_key = public_keys[0]
Expand Down