Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSC3861: MAS support #3493

Open
wants to merge 48 commits into
base: main
Choose a base branch
from
Open

MSC3861: MAS support #3493

Show file tree
Hide file tree
Changes from 39 commits
Commits
Show all changes
48 commits
Select commit Hold shift + click to select a range
ba542fe
mas: added /auth_issuer endpoint
mdnight Dec 21, 2024
2c47959
mas: added username_available endpoint
mdnight Dec 22, 2024
e1dfe62
mas: rename msc2965 to msc3861
mdnight Dec 22, 2024
150be58
mas: added localpart_external_ids table
mdnight Dec 24, 2024
63a199c
mas: first successful attempt of login with via mas
mdnight Dec 29, 2024
9d9841d
mas: added "admin's replacement without uia" endpoint
mdnight Dec 30, 2024
4f406e2
minor goimports fix
mdnight Dec 30, 2024
b950703
mas: return correct http code
mdnight Dec 30, 2024
9ebcebe
another goimports fix
mdnight Dec 30, 2024
be8d490
mas: implemented PUT /admin/v2/users/{userID} endpoint
mdnight Dec 30, 2024
524f65c
mas: add AccountTypeOIDCService
mdnight Dec 30, 2024
ff63e7f
mas: modify PUT /profile/{userID}/displayname endpoint
mdnight Dec 30, 2024
bf310d5
drop primary key constraint from userapi_devices.access_token
mdnight Dec 31, 2024
f4ff426
mas: refactor admin user device handler
mdnight Jan 1, 2025
803cce8
mas: added admin's delete devices endpoint
mdnight Jan 1, 2025
7ffb2c1
mas: minor fixes in cross_signing_keys_table files
mdnight Jan 5, 2025
c06e0aa
refactor logger calls
mdnight Jan 5, 2025
48f3cd3
mas: added /admin/v1/deactivate/{userID} endpoint
mdnight Jan 5, 2025
9b064b1
minor refactoring
mdnight Jan 5, 2025
cc7deb2
mas: added support of msc3861 to /keys/device_signing/upload endpoint
mdnight Jan 5, 2025
5cffc2c
mas: fix displayname handling
mdnight Jan 6, 2025
811a504
mas: handle 3pids from mas
mdnight Jan 6, 2025
17576cc
mas: acced msc3861 config example to the dendrite-sample.yaml
mdnight Jan 7, 2025
e943ba5
mas: fail if conflicts in config occur
mdnight Jan 7, 2025
7eec60e
mas: reorganise endpoints
mdnight Jan 7, 2025
fb15db7
unit tests fix
mdnight Jan 8, 2025
b44a79c
Bump golang version
mdnight Jan 8, 2025
7311d3e
more fixes
mdnight Jan 8, 2025
0990676
linter fixes
mdnight Jan 9, 2025
1afe2b9
fix cross_signing_keys_table
mdnight Jan 9, 2025
244021d
deleted test cases TestDevices/sqlite/dupe_token
mdnight Jan 9, 2025
78457f3
++
mdnight Jan 9, 2025
80ee52e
fix syncapi tests
mdnight Jan 9, 2025
930daa1
mas: move org.matrix.cross_signing_reset const from logintypes.go to …
mdnight Jan 10, 2025
0be9b3c
syncapi_test.go fix
mdnight Jan 10, 2025
4cde3ba
mas: add missing migration for adding x-signing updatable_without_uia…
mdnight Jan 10, 2025
5ea033d
mas: remove enabled field from msc3861 config + remove some incorrect…
mdnight Jan 10, 2025
5fd654f
Add TestMakeServiceAdminAPI
mdnight Jan 10, 2025
5914661
mas: add TestVerifyUserFromRequest
mdnight Jan 15, 2025
90e3de3
mas: TestAdminCheckUsernameAvailable
mdnight Jan 15, 2025
59f73b1
mas: TestAdminUserDeviceRetrieveCreate
mdnight Jan 15, 2025
f1de5aa
mas: TestAdminUserDeviceDelete
mdnight Jan 15, 2025
0db7647
mas: TestAdminUserDevicesDelete
mdnight Jan 15, 2025
4193b7b
mas: TestAdminDeactivateAccount
mdnight Jan 15, 2025
e8902da
mas: TestAdminRetrieveAccount
mdnight Jan 15, 2025
5dd8568
mas: TestAdminCreateOrModifyAccount
mdnight Jan 15, 2025
418c584
mas: TestAdminAllowCrossSigningReplacementWithoutUIA
mdnight Jan 15, 2025
3619a6d
mas: refactoring
mdnight Jan 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
#
# base installs required dependencies and runs go mod download to cache dependencies
#
FROM --platform=${BUILDPLATFORM} docker.io/golang:1.22-alpine AS base
FROM --platform=${BUILDPLATFORM} docker.io/golang:1.23-alpine AS base
RUN apk --update --no-cache add bash build-base curl git

#
Expand Down
6 changes: 4 additions & 2 deletions appservice/appservice_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import (
"time"

"github.com/element-hq/dendrite/clientapi"
"github.com/element-hq/dendrite/clientapi/auth"
"github.com/element-hq/dendrite/clientapi/auth/authtypes"
"github.com/element-hq/dendrite/federationapi/statistics"
"github.com/element-hq/dendrite/internal/httputil"
Expand Down Expand Up @@ -446,7 +447,8 @@ func TestOutputAppserviceEvent(t *testing.T) {
}

usrAPI := userapi.NewInternalAPI(processCtx, cfg, cm, natsInstance, rsAPI, nil, caching.DisableMetrics, testIsBlacklistedOrBackingOff)
clientapi.AddPublicRoutes(processCtx, routers, cfg, natsInstance, nil, rsAPI, nil, nil, nil, usrAPI, nil, nil, caching.DisableMetrics)
userVerifier := auth.DefaultUserVerifier{UserAPI: usrAPI}
clientapi.AddPublicRoutes(processCtx, routers, cfg, natsInstance, nil, rsAPI, nil, nil, nil, usrAPI, nil, nil, &userVerifier, caching.DisableMetrics)
createAccessTokens(t, accessTokens, usrAPI, processCtx.Context(), routers)

room := test.NewRoom(t, alice)
Expand Down Expand Up @@ -537,7 +539,7 @@ func TestOutputAppserviceEvent(t *testing.T) {
}

// Start the syncAPI to have `/joined_members` available
syncapi.AddPublicRoutes(processCtx, routers, cfg, cm, natsInstance, usrAPI, rsAPI, caches, caching.DisableMetrics)
syncapi.AddPublicRoutes(processCtx, routers, cfg, cm, natsInstance, usrAPI, rsAPI, caches, &userVerifier, caching.DisableMetrics)

// start the consumer
appservice.NewInternalAPI(processCtx, cfg, natsInstance, usrAPI, rsAPI)
Expand Down
2 changes: 1 addition & 1 deletion build/scripts/Complement.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#syntax=docker/dockerfile:1.2

FROM golang:1.22-bookworm as build
FROM golang:1.23-bookworm as build
RUN apt-get update && apt-get install -y sqlite3
WORKDIR /build

Expand Down
2 changes: 1 addition & 1 deletion build/scripts/ComplementLocal.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
#
# Use these mounts to make use of this dockerfile:
# COMPLEMENT_HOST_MOUNTS='/your/local/dendrite:/dendrite:ro;/your/go/path:/go:ro'
FROM golang:1.22-bookworm
FROM golang:1.23-bookworm
RUN apt-get update && apt-get install -y sqlite3

ENV SERVER_NAME=localhost
Expand Down
2 changes: 1 addition & 1 deletion build/scripts/ComplementPostgres.Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
#syntax=docker/dockerfile:1.2

FROM golang:1.22-bookworm as build
FROM golang:1.23-bookworm as build
RUN apt-get update && apt-get install -y postgresql
WORKDIR /build

Expand Down
44 changes: 31 additions & 13 deletions clientapi/admin_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ import (
"github.com/tidwall/gjson"

capi "github.com/element-hq/dendrite/clientapi/api"
"github.com/element-hq/dendrite/clientapi/auth"
"github.com/element-hq/dendrite/test"
"github.com/element-hq/dendrite/test/testrig"
"github.com/element-hq/dendrite/userapi"
Expand All @@ -48,7 +49,8 @@ func TestAdminCreateToken(t *testing.T) {
rsAPI := roomserver.NewInternalAPI(processCtx, cfg, cm, &natsInstance, caches, caching.DisableMetrics)
rsAPI.SetFederationAPI(nil, nil)
userAPI := userapi.NewInternalAPI(processCtx, cfg, cm, &natsInstance, rsAPI, nil, caching.DisableMetrics, testIsBlacklistedOrBackingOff)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)
accessTokens := map[*test.User]userDevice{
aliceAdmin: {},
bob: {},
Expand Down Expand Up @@ -199,7 +201,8 @@ func TestAdminListRegistrationTokens(t *testing.T) {
rsAPI := roomserver.NewInternalAPI(processCtx, cfg, cm, &natsInstance, caches, caching.DisableMetrics)
rsAPI.SetFederationAPI(nil, nil)
userAPI := userapi.NewInternalAPI(processCtx, cfg, cm, &natsInstance, rsAPI, nil, caching.DisableMetrics, testIsBlacklistedOrBackingOff)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)
accessTokens := map[*test.User]userDevice{
aliceAdmin: {},
bob: {},
Expand Down Expand Up @@ -317,7 +320,8 @@ func TestAdminGetRegistrationToken(t *testing.T) {
rsAPI := roomserver.NewInternalAPI(processCtx, cfg, cm, &natsInstance, caches, caching.DisableMetrics)
rsAPI.SetFederationAPI(nil, nil)
userAPI := userapi.NewInternalAPI(processCtx, cfg, cm, &natsInstance, rsAPI, nil, caching.DisableMetrics, testIsBlacklistedOrBackingOff)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)
accessTokens := map[*test.User]userDevice{
aliceAdmin: {},
bob: {},
Expand Down Expand Up @@ -418,7 +422,8 @@ func TestAdminDeleteRegistrationToken(t *testing.T) {
rsAPI := roomserver.NewInternalAPI(processCtx, cfg, cm, &natsInstance, caches, caching.DisableMetrics)
rsAPI.SetFederationAPI(nil, nil)
userAPI := userapi.NewInternalAPI(processCtx, cfg, cm, &natsInstance, rsAPI, nil, caching.DisableMetrics, testIsBlacklistedOrBackingOff)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)
accessTokens := map[*test.User]userDevice{
aliceAdmin: {},
bob: {},
Expand Down Expand Up @@ -512,7 +517,8 @@ func TestAdminUpdateRegistrationToken(t *testing.T) {
rsAPI := roomserver.NewInternalAPI(processCtx, cfg, cm, &natsInstance, caches, caching.DisableMetrics)
rsAPI.SetFederationAPI(nil, nil)
userAPI := userapi.NewInternalAPI(processCtx, cfg, cm, &natsInstance, rsAPI, nil, caching.DisableMetrics, testIsBlacklistedOrBackingOff)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)
accessTokens := map[*test.User]userDevice{
aliceAdmin: {},
bob: {},
Expand Down Expand Up @@ -697,7 +703,8 @@ func TestAdminResetPassword(t *testing.T) {
// Needed for changing the password/login
userAPI := userapi.NewInternalAPI(processCtx, cfg, cm, &natsInstance, rsAPI, nil, caching.DisableMetrics, testIsBlacklistedOrBackingOff)
// We mostly need the userAPI for this test, so nil for other APIs/caches etc.
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)

// Create the users in the userapi and login
accessTokens := map[*test.User]userDevice{
Expand Down Expand Up @@ -794,15 +801,16 @@ func TestPurgeRoom(t *testing.T) {
rsAPI.SetFederationAPI(fsAPI, nil)

userAPI := userapi.NewInternalAPI(processCtx, cfg, cm, &natsInstance, rsAPI, nil, caching.DisableMetrics, testIsBlacklistedOrBackingOff)
syncapi.AddPublicRoutes(processCtx, routers, cfg, cm, &natsInstance, userAPI, rsAPI, caches, caching.DisableMetrics)
userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}
syncapi.AddPublicRoutes(processCtx, routers, cfg, cm, &natsInstance, userAPI, rsAPI, caches, &userVerifier, caching.DisableMetrics)

// Create the room
if err := api.SendEvents(ctx, rsAPI, api.KindNew, room.Events(), "test", "test", "test", nil, false); err != nil {
t.Fatalf("failed to send events: %v", err)
}

// We mostly need the rsAPI for this test, so nil for other APIs/caches etc.
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)

// Create the users in the userapi and login
accessTokens := map[*test.User]userDevice{
Expand Down Expand Up @@ -872,8 +880,10 @@ func TestAdminEvacuateRoom(t *testing.T) {
t.Fatalf("failed to send events: %v", err)
}

userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}

// We mostly need the rsAPI for this test, so nil for other APIs/caches etc.
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)

// Create the users in the userapi and login
accessTokens := map[*test.User]userDevice{
Expand Down Expand Up @@ -976,8 +986,10 @@ func TestAdminEvacuateUser(t *testing.T) {
t.Fatalf("failed to send events: %v", err)
}

userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}

// We mostly need the rsAPI for this test, so nil for other APIs/caches etc.
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)

// Create the users in the userapi and login
accessTokens := map[*test.User]userDevice{
Expand Down Expand Up @@ -1059,8 +1071,10 @@ func TestAdminMarkAsStale(t *testing.T) {
rsAPI.SetFederationAPI(nil, nil)
userAPI := userapi.NewInternalAPI(processCtx, cfg, cm, &natsInstance, rsAPI, nil, caching.DisableMetrics, testIsBlacklistedOrBackingOff)

userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}

// We mostly need the rsAPI for this test, so nil for other APIs/caches etc.
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)

// Create the users in the userapi and login
accessTokens := map[*test.User]userDevice{
Expand Down Expand Up @@ -1147,8 +1161,10 @@ func TestAdminQueryEventReports(t *testing.T) {
t.Fatalf("failed to send events: %v", err)
}

userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}

// We mostly need the rsAPI for this test, so nil for other APIs/caches etc.
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)

accessTokens := map[*test.User]userDevice{
alice: {},
Expand Down Expand Up @@ -1376,8 +1392,10 @@ func TestEventReportsGetDelete(t *testing.T) {
t.Fatalf("failed to send events: %v", err)
}

userVerifier := auth.DefaultUserVerifier{UserAPI: userAPI}

// We mostly need the rsAPI for this test, so nil for other APIs/caches etc.
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, caching.DisableMetrics)
AddPublicRoutes(processCtx, routers, cfg, &natsInstance, nil, rsAPI, nil, nil, nil, userAPI, nil, nil, &userVerifier, caching.DisableMetrics)

accessTokens := map[*test.User]userDevice{
alice: {},
Expand Down
47 changes: 0 additions & 47 deletions clientapi/auth/auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,6 @@ import (
"strings"

"github.com/element-hq/dendrite/userapi/api"
"github.com/matrix-org/gomatrixserverlib/spec"
"github.com/matrix-org/util"
)

// OWASP recommends at least 128 bits of entropy for tokens: https://www.owasp.org/index.php/Insufficient_Session-ID_Length
Expand All @@ -37,51 +35,6 @@ type AccountDatabase interface {
GetAccountByPassword(ctx context.Context, localpart, password string) (*api.Account, error)
}

// VerifyUserFromRequest authenticates the HTTP request,
// on success returns Device of the requester.
// Finds local user or an application service user.
// Note: For an AS user, AS dummy device is returned.
// On failure returns an JSON error response which can be sent to the client.
func VerifyUserFromRequest(
req *http.Request, userAPI api.QueryAcccessTokenAPI,
) (*api.Device, *util.JSONResponse) {
// Try to find the Application Service user
token, err := ExtractAccessToken(req)
if err != nil {
return nil, &util.JSONResponse{
Code: http.StatusUnauthorized,
JSON: spec.MissingToken(err.Error()),
}
}
var res api.QueryAccessTokenResponse
err = userAPI.QueryAccessToken(req.Context(), &api.QueryAccessTokenRequest{
AccessToken: token,
AppServiceUserID: req.URL.Query().Get("user_id"),
}, &res)
if err != nil {
util.GetLogger(req.Context()).WithError(err).Error("userAPI.QueryAccessToken failed")
return nil, &util.JSONResponse{
Code: http.StatusInternalServerError,
JSON: spec.InternalServerError{},
}
}
if res.Err != "" {
if strings.HasPrefix(strings.ToLower(res.Err), "forbidden:") { // TODO: use actual error and no string comparison
return nil, &util.JSONResponse{
Code: http.StatusForbidden,
JSON: spec.Forbidden(res.Err),
}
}
}
if res.Device == nil {
return nil, &util.JSONResponse{
Code: http.StatusUnauthorized,
JSON: spec.UnknownToken("Unknown token"),
}
}
return res.Device, nil
}

// GenerateAccessToken creates a new access token. Returns an error if failed to generate
// random bytes.
func GenerateAccessToken() (string, error) {
Expand Down
59 changes: 59 additions & 0 deletions clientapi/auth/default_user_verifier.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
package auth

import (
"net/http"
"strings"

"github.com/element-hq/dendrite/userapi/api"
"github.com/matrix-org/gomatrixserverlib/spec"
"github.com/matrix-org/util"
)

// DefaultUserVerifier implements UserVerifier interface
type DefaultUserVerifier struct {
UserAPI api.QueryAcccessTokenAPI
}

// VerifyUserFromRequest authenticates the HTTP request,
// on success returns Device of the requester.
// Finds local user or an application service user.
// Note: For an AS user, AS dummy device is returned.
// On failure returns an JSON error response which can be sent to the client.
func (d *DefaultUserVerifier) VerifyUserFromRequest(req *http.Request) (*api.Device, *util.JSONResponse) {
util.GetLogger(req.Context()).Debug("Default VerifyUserFromRequest")
// Try to find the Application Service user
token, err := ExtractAccessToken(req)
if err != nil {
return nil, &util.JSONResponse{
Code: http.StatusUnauthorized,
JSON: spec.MissingToken(err.Error()),
}
}
var res api.QueryAccessTokenResponse
err = d.UserAPI.QueryAccessToken(req.Context(), &api.QueryAccessTokenRequest{
AccessToken: token,
AppServiceUserID: req.URL.Query().Get("user_id"),
}, &res)
if err != nil {
util.GetLogger(req.Context()).WithError(err).Error("userAPI.QueryAccessToken failed")
return nil, &util.JSONResponse{
Code: http.StatusInternalServerError,
JSON: spec.InternalServerError{},
}
}
if res.Err != "" {
if strings.HasPrefix(strings.ToLower(res.Err), "forbidden:") { // TODO: use actual error and no string comparison
return nil, &util.JSONResponse{
Code: http.StatusForbidden,
JSON: spec.Forbidden(res.Err),
}
}
}
if res.Device == nil {
return nil, &util.JSONResponse{
Code: http.StatusUnauthorized,
JSON: spec.UnknownToken("Unknown token"),
}
}
return res.Device, nil
}
7 changes: 5 additions & 2 deletions clientapi/clientapi.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,9 @@ func AddPublicRoutes(
fsAPI federationAPI.ClientFederationAPI,
userAPI userapi.ClientUserAPI,
userDirectoryProvider userapi.QuerySearchProfilesAPI,
extRoomsProvider api.ExtraPublicRoomsProvider, enableMetrics bool,
extRoomsProvider api.ExtraPublicRoomsProvider,
userVerifier httputil.UserVerifier,
enableMetrics bool,
) {
js, natsClient := natsInstance.Prepare(processContext, &cfg.Global.JetStream)

Expand All @@ -55,6 +57,7 @@ func AddPublicRoutes(
cfg, rsAPI, asAPI,
userAPI, userDirectoryProvider, federation,
syncProducer, transactionsCache, fsAPI,
extRoomsProvider, natsClient, enableMetrics,
extRoomsProvider, natsClient,
userVerifier, enableMetrics,
)
}
Loading