From 2c6d5194d2a3d66d69e1f92f68321006c75a2e7d Mon Sep 17 00:00:00 2001 From: lda Date: Sat, 2 Dec 2023 10:24:08 -0500 Subject: [PATCH] Set an error message with MatrixErrorCreate whenever applicable (#45) Closes #6. Co-authored-by: Jordan Bancino Reviewed-on: https://git.telodendria.io/Telodendria/Telodendria/pulls/45 Co-authored-by: lda Co-committed-by: lda --- src/Routes/RouteChangePwd.c | 8 +++-- src/Routes/RouteConfig.c | 22 ++++++++----- src/Routes/RouteCreateRoom.c | 3 +- src/Routes/RouteDeactivate.c | 8 +++-- src/Routes/RouteFilter.c | 20 ++++++++---- src/Routes/RouteLogin.c | 25 ++++++++++----- src/Routes/RouteLogout.c | 8 +++-- src/Routes/RoutePrivileges.c | 17 ++++++++--- src/Routes/RouteProcControl.c | 11 ++++--- src/Routes/RouteRefresh.c | 8 +++-- src/Routes/RouteRegister.c | 6 ++-- src/Routes/RouteRequestToken.c | 3 +- src/Routes/RouteStaticResources.c | 4 +-- src/Routes/RouteTokenValid.c | 4 ++- src/Routes/RouteUiaFallback.c | 51 +++++++++++++++++-------------- src/Routes/RouteUserProfile.c | 23 +++++++++----- src/Routes/RouteWellKnown.c | 5 ++- src/Routes/RouteWhoami.c | 4 ++- src/Uia.c | 11 +++++-- 19 files changed, 161 insertions(+), 80 deletions(-) diff --git a/src/Routes/RouteChangePwd.c b/src/Routes/RouteChangePwd.c index daa1538..81c51a0 100644 --- a/src/Routes/RouteChangePwd.c +++ b/src/Routes/RouteChangePwd.c @@ -65,6 +65,8 @@ ROUTE_IMPL(RouteChangePwd, path, argp) char *token; char *newPassword; + char *msg; + Config *config = ConfigLock(db); if (!config) @@ -78,8 +80,9 @@ ROUTE_IMPL(RouteChangePwd, path, argp) if (HttpRequestMethodGet(args->context) != HTTP_POST) { + msg = "Route only supports POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; } @@ -118,9 +121,10 @@ ROUTE_IMPL(RouteChangePwd, path, argp) newPassword = JsonValueAsString(HashMapGet(request, "new_password")); if (!newPassword) { + msg = "'new_password' is unset or not a string."; JsonFree(request); HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } diff --git a/src/Routes/RouteConfig.c b/src/Routes/RouteConfig.c index 5f0c91e..cb3c244 100644 --- a/src/Routes/RouteConfig.c +++ b/src/Routes/RouteConfig.c @@ -33,6 +33,7 @@ ROUTE_IMPL(RouteConfig, path, argp) RouteArgs *args = argp; HashMap *response; char *token; + char *msg; User *user = NULL; Config *config = NULL; @@ -59,17 +60,19 @@ ROUTE_IMPL(RouteConfig, path, argp) if (!(UserGetPrivileges(user) & USER_CONFIG)) { + msg = "User does not have the 'CONFIG' privilege."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); goto finish; } config = ConfigLock(args->matrixArgs->db); if (!config) { + msg = "Internal server error while locking configuration."; Log(LOG_ERR, "Config endpoint failed to lock configuration."); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); goto finish; } @@ -90,8 +93,9 @@ ROUTE_IMPL(RouteConfig, path, argp) newConf = ConfigParse(request); if (!newConf) { + msg = "Internal server error while parsing config."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); break; } @@ -108,8 +112,9 @@ ROUTE_IMPL(RouteConfig, path, argp) } else { + msg = "Internal server error while writing the config."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); } } else @@ -137,8 +142,9 @@ ROUTE_IMPL(RouteConfig, path, argp) if (!newConf) { + msg = "Internal server error while parsing config."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); break; } @@ -155,8 +161,9 @@ ROUTE_IMPL(RouteConfig, path, argp) } else { + msg = "Internal server error while writing the config."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); } } else @@ -170,8 +177,9 @@ ROUTE_IMPL(RouteConfig, path, argp) JsonFree(newJson); break; default: + msg = "Unknown request method."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method."); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); break; } diff --git a/src/Routes/RouteCreateRoom.c b/src/Routes/RouteCreateRoom.c index 171dbcf..9ba1028 100644 --- a/src/Routes/RouteCreateRoom.c +++ b/src/Routes/RouteCreateRoom.c @@ -41,8 +41,9 @@ ROUTE_IMPL(RouteCreateRoom, path, argp) if (HttpRequestMethodGet(args->context) != HTTP_POST) { + err = "Unknown request method."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method."); + response = MatrixErrorCreate(M_UNRECOGNIZED, err); goto finish; } diff --git a/src/Routes/RouteDeactivate.c b/src/Routes/RouteDeactivate.c index ec0a06c..3a1a5d5 100644 --- a/src/Routes/RouteDeactivate.c +++ b/src/Routes/RouteDeactivate.c @@ -47,6 +47,8 @@ ROUTE_IMPL(RouteDeactivate, path, argp) User *user = NULL; Config *config = ConfigLock(db); + char *msg; + (void) path; if (!config) @@ -59,8 +61,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp) if (HttpRequestMethodGet(args->context) != HTTP_POST) { + msg = "Route only accepts POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; } @@ -128,8 +131,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp) if (!UserDeleteTokens(user, NULL) || !UserDeactivate(user, NULL, NULL)) { + msg = "Internal server error: couldn't remove user properly."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); goto finish; } diff --git a/src/Routes/RouteFilter.c b/src/Routes/RouteFilter.c index fb0d9ba..4a8500e 100644 --- a/src/Routes/RouteFilter.c +++ b/src/Routes/RouteFilter.c @@ -69,6 +69,8 @@ ROUTE_IMPL(RouteFilter, path, argp) char *userParam = ArrayGet(path, 0); + char *msg; + if (!userParam) { /* Should be impossible */ @@ -87,15 +89,17 @@ ROUTE_IMPL(RouteFilter, path, argp) id = UserIdParse(userParam, serverName); if (!id) { + msg = "Invalid user ID."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_INVALID_PARAM, NULL); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); goto finish; } if (!StrEquals(id->server, serverName)) { + msg = "Cannot use /filter for non-local users."; HttpResponseStatus(args->context, HTTP_UNAUTHORIZED); - response = MatrixErrorCreate(M_UNAUTHORIZED, NULL); + response = MatrixErrorCreate(M_UNAUTHORIZED, msg); goto finish; } @@ -115,8 +119,9 @@ ROUTE_IMPL(RouteFilter, path, argp) if (!StrEquals(id->localpart, UserGetName(user))) { + msg = "Unauthorized to use /filter."; HttpResponseStatus(args->context, HTTP_UNAUTHORIZED); - response = MatrixErrorCreate(M_INVALID_PARAM, NULL); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); goto finish; } @@ -126,8 +131,9 @@ ROUTE_IMPL(RouteFilter, path, argp) if (!ref) { + msg = "The filter for this user was not found."; HttpResponseStatus(args->context, HTTP_NOT_FOUND); - response = MatrixErrorCreate(M_NOT_FOUND, NULL); + response = MatrixErrorCreate(M_NOT_FOUND, msg); goto finish; } @@ -161,8 +167,9 @@ ROUTE_IMPL(RouteFilter, path, argp) filterId = StrRandom(12); if (!filterId) { + msg = "Couldn't generate random filter ID; this is unintended."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); goto finish; } @@ -170,8 +177,9 @@ ROUTE_IMPL(RouteFilter, path, argp) if (!ref) { Free(filterId); + msg = "Couldn't write filter to the database, this is unintended."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); goto finish; } diff --git a/src/Routes/RouteLogin.c b/src/Routes/RouteLogin.c index f7b1d82..327281d 100644 --- a/src/Routes/RouteLogin.c +++ b/src/Routes/RouteLogin.c @@ -107,8 +107,9 @@ ROUTE_IMPL(RouteLogin, path, argp) if (loginRequest.type != REQUEST_TYPE_PASSWORD) { + msg = "Unsupported login type."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); break; } @@ -117,6 +118,7 @@ ROUTE_IMPL(RouteLogin, path, argp) val = HashMapGet(identifier, "type"); if (!val) { + msg = "No login identifier type set."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); response = MatrixErrorCreate(M_MISSING_PARAM, NULL); break; @@ -124,16 +126,18 @@ ROUTE_IMPL(RouteLogin, path, argp) if (JsonValueType(val) != JSON_STRING) { + msg = "Invalid login identifier type."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); break; } type = JsonValueAsString(val); if (!StrEquals(type, "m.id.user")) { + msg = "Invalid login identifier type."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); break; } if (!LoginRequestUserIdentifierFromJson(identifier, @@ -148,16 +152,18 @@ ROUTE_IMPL(RouteLogin, path, argp) userId = UserIdParse(userIdentifier.user, config->serverName); if (!userId) { + msg = "Invalid user ID."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); break; } if (!StrEquals(userId->server, config->serverName) || !UserExists(db, userId->localpart)) { + msg = "Unknown user ID."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); break; } @@ -171,8 +177,9 @@ ROUTE_IMPL(RouteLogin, path, argp) if (!user) { + msg = "Couldn't lock user."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); break; } @@ -190,10 +197,11 @@ ROUTE_IMPL(RouteLogin, path, argp) if (!loginInfo) { + msg = "Invalid creditentials for user."; UserUnlock(user); HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); break; } @@ -229,8 +237,9 @@ ROUTE_IMPL(RouteLogin, path, argp) break; default: + msg = "Route only accepts GET and POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); break; } diff --git a/src/Routes/RouteLogout.c b/src/Routes/RouteLogout.c index d72dd4b..bca3fe7 100644 --- a/src/Routes/RouteLogout.c +++ b/src/Routes/RouteLogout.c @@ -38,14 +38,17 @@ ROUTE_IMPL(RouteLogout, path, argp) char *tokenstr; + char *msg; + Db *db = args->matrixArgs->db; User *user; if (HttpRequestMethodGet(args->context) != HTTP_POST) { + msg = "This route only accepts POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_UNRECOGNIZED, NULL); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); } response = MatrixGetAccessToken(args->context, &tokenstr); @@ -84,8 +87,9 @@ ROUTE_IMPL(RouteLogout, path, argp) { if (!UserDeleteToken(user, tokenstr)) { + msg = "Internal server error: couldn't delete token."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); goto finish; } diff --git a/src/Routes/RoutePrivileges.c b/src/Routes/RoutePrivileges.c index 4ffa480..1577155 100644 --- a/src/Routes/RoutePrivileges.c +++ b/src/Routes/RoutePrivileges.c @@ -39,6 +39,8 @@ ROUTE_IMPL(RoutePrivileges, path, argp) JsonValue *val; int privileges; + char *msg; + response = MatrixGetAccessToken(args->context, &token); if (response) { @@ -55,8 +57,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp) if (!(UserGetPrivileges(user) & USER_GRANT_PRIVILEGES)) { + msg = "User doesn't have the GRANT_PRIVILEGES privilege"; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); goto finish; } @@ -68,8 +71,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp) user = UserLock(args->matrixArgs->db, ArrayGet(path, 0)); if (!user) { + msg = "Unknown user."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_INVALID_PARAM, NULL); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); goto finish; } } @@ -90,8 +94,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp) val = HashMapGet(request, "privileges"); if (!val || JsonValueType(val) != JSON_ARRAY) { + msg = "'privileges' is unset or not an array."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); break; } @@ -116,8 +121,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp) if (!UserSetPrivileges(user, privileges)) { + msg = "Internal server error: couldn't set privileges."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); break; } @@ -127,8 +133,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp) HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user)))); break; default: + msg = "Route only accepts POST, PUT, DELETE, and GET."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; break; } diff --git a/src/Routes/RouteProcControl.c b/src/Routes/RouteProcControl.c index dc6d864..0142ae9 100644 --- a/src/Routes/RouteProcControl.c +++ b/src/Routes/RouteProcControl.c @@ -37,6 +37,7 @@ ROUTE_IMPL(RouteProcControl, path, argp) char *op = ArrayGet(path, 0); HashMap *response; char *token; + char *msg; User *user = NULL; response = MatrixGetAccessToken(args->context, &token); @@ -55,11 +56,13 @@ ROUTE_IMPL(RouteProcControl, path, argp) if (!(UserGetPrivileges(user) & USER_PROC_CONTROL)) { + msg = "User doesn't have PROC_CONTROL privilege."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); goto finish; } + msg = "Unknown operation."; switch (HttpRequestMethodGet(args->context)) { case HTTP_POST: @@ -74,7 +77,7 @@ ROUTE_IMPL(RouteProcControl, path, argp) else { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; } break; @@ -106,12 +109,12 @@ ROUTE_IMPL(RouteProcControl, path, argp) else { HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; } default: HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; break; } diff --git a/src/Routes/RouteRefresh.c b/src/Routes/RouteRefresh.c index c7dffc3..0195542 100644 --- a/src/Routes/RouteRefresh.c +++ b/src/Routes/RouteRefresh.c @@ -45,6 +45,8 @@ ROUTE_IMPL(RouteRefresh, path, argp) UserAccessToken *newAccessToken; char *deviceId; + char *msg; + Db *db = args->matrixArgs->db; User *user = NULL; @@ -55,8 +57,9 @@ ROUTE_IMPL(RouteRefresh, path, argp) if (HttpRequestMethodGet(args->context) != HTTP_POST) { + msg = "This route only accepts POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_UNRECOGNIZED, NULL); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); } request = JsonDecode(HttpServerStream(args->context)); @@ -69,8 +72,9 @@ ROUTE_IMPL(RouteRefresh, path, argp) val = HashMapGet(request, "refresh_token"); if (!val || JsonValueType(val) != JSON_STRING) { + msg = "'refresh_token' is unset or not a string."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_BAD_JSON, NULL); + response = MatrixErrorCreate(M_BAD_JSON, msg); goto finish; } diff --git a/src/Routes/RouteRegister.c b/src/Routes/RouteRegister.c index c43883a..923f7f0 100644 --- a/src/Routes/RouteRegister.c +++ b/src/Routes/RouteRegister.c @@ -86,9 +86,10 @@ ROUTE_IMPL(RouteRegister, path, argp) if (!config) { + msg = "Internal server error while locking configuration."; Log(LOG_ERR, "Registration endpoint failed to lock configuration."); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - return MatrixErrorCreate(M_UNKNOWN, NULL); + return MatrixErrorCreate(M_UNKNOWN, msg); } if (ArraySize(path) == 0) @@ -254,8 +255,9 @@ finish: if (!username) { + msg = "'username' path parameter is not set."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_MISSING_PARAM, NULL); + response = MatrixErrorCreate(M_MISSING_PARAM, msg); } else if (!UserValidate(username, config->serverName)) { diff --git a/src/Routes/RouteRequestToken.c b/src/Routes/RouteRequestToken.c index 779b541..6fdb865 100644 --- a/src/Routes/RouteRequestToken.c +++ b/src/Routes/RouteRequestToken.c @@ -54,8 +54,9 @@ ROUTE_IMPL(RouteRequestToken, path, argp) if (HttpRequestMethodGet(args->context) != HTTP_POST) { + msg = "This route only accepts POST."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_UNRECOGNIZED, NULL); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); } request = JsonDecode(HttpServerStream(args->context)); diff --git a/src/Routes/RouteStaticResources.c b/src/Routes/RouteStaticResources.c index 3290fc2..23c8cb4 100644 --- a/src/Routes/RouteStaticResources.c +++ b/src/Routes/RouteStaticResources.c @@ -47,8 +47,8 @@ ROUTE_IMPL(RouteStaticResources, path, argp) "function findGetParameter(parameterName) {" " var result = null;" " var tmp = [];" - " var items = location.search.substr(1).split(\"&\");" - " for (var index = 0; index < items.length; index++) {" + " var items = location.search.substr(1).split(\"&\");" + " for (var index = 0; index < items.length; index++) {" " tmp = items[index].split(\"=\");" " if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);" " }" diff --git a/src/Routes/RouteTokenValid.c b/src/Routes/RouteTokenValid.c index 9ecacca..997d3f9 100644 --- a/src/Routes/RouteTokenValid.c +++ b/src/Routes/RouteTokenValid.c @@ -41,13 +41,15 @@ ROUTE_IMPL(RouteTokenValid, path, argp) RegTokenInfo *info = NULL; char *tokenstr; + char *msg; (void) path; if (HttpRequestMethodGet(args->context) != HTTP_GET) { + msg = "This route only accepts GET."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_UNRECOGNIZED, NULL); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); } request = JsonDecode(HttpServerStream(args->context)); diff --git a/src/Routes/RouteUiaFallback.c b/src/Routes/RouteUiaFallback.c index 41b8878..0d99825 100644 --- a/src/Routes/RouteUiaFallback.c +++ b/src/Routes/RouteUiaFallback.c @@ -36,6 +36,8 @@ ROUTE_IMPL(RouteUiaFallback, path, argp) char *authType = ArrayGet(path, 0); char *sessionId; + char *msg; + if (!authType) { /* This should never happen */ @@ -56,9 +58,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp) config = ConfigLock(args->matrixArgs->db); if (!config) { + msg = "Internal server error: failed to lock configuration."; Log(LOG_ERR, "UIA fallback failed to lock configuration."); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - return MatrixErrorCreate(M_UNKNOWN, NULL); + return MatrixErrorCreate(M_UNKNOWN, msg); } request = JsonDecode(HttpServerStream(args->context)); @@ -93,15 +96,17 @@ ROUTE_IMPL(RouteUiaFallback, path, argp) } else if (HttpRequestMethodGet(args->context) != HTTP_GET) { + msg = "Route only supports GET."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_UNRECOGNIZED, NULL); + return MatrixErrorCreate(M_UNRECOGNIZED, msg); } sessionId = HashMapGet(requestParams, "session"); if (!sessionId) { + msg = "'session' parameter is unset."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - return MatrixErrorCreate(M_MISSING_PARAM, NULL); + return MatrixErrorCreate(M_MISSING_PARAM, msg); } HttpResponseHeader(args->context, "Content-Type", "text/html"); @@ -121,25 +126,25 @@ ROUTE_IMPL(RouteUiaFallback, path, argp) HtmlEndForm(stream); HtmlBeginJs(stream); StreamPrintf(stream, - "function buildRequest() {" + "function buildRequest() {" " let user = document.getElementById('user').value;" - " let pass = document.getElementById('password').value;" - " if (!user || !pass) {" - " setFormError('Please specify a username and password.');" - " return false;" - " }" - " return {" - " auth: {" - " type: '%s'," - " identifier: {" - " type: 'm.id.user'," - " user: user" - " }," - " password: pass," - " session: '%s'" - " }" - " };" - "}", authType, sessionId); + " let pass = document.getElementById('password').value;" + " if (!user || !pass) {" + " setFormError('Please specify a username and password.');" + " return false;" + " }" + " return {" + " auth: {" + " type: '%s'," + " identifier: {" + " type: 'm.id.user'," + " user: user" + " }," + " password: pass," + " session: '%s'" + " }" + " };" + "}", authType, sessionId); HtmlEndJs(stream); } else if (StrEquals(authType, "m.login.registration_token")) @@ -186,10 +191,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp) "function processResponse(xhr) {" " let r = JSON.parse(xhr.responseText);" " console.log(r);" - " if (xhr.status == 200 || r.completed.includes('%s')) {" + " if (xhr.status == 200 || r.completed.includes('%s')) {" " if (window.onAuthDone) {" " window.onAuthDone();" - " } else if (window.opener && window.opener.postMessage) {" + " } else if (window.opener && window.opener.postMessage) {" " window.opener.postMessage('authDone', '*');" " } else {" " setFormError('Client error.');" diff --git a/src/Routes/RouteUserProfile.c b/src/Routes/RouteUserProfile.c index c2a2b6d..e7153f5 100644 --- a/src/Routes/RouteUserProfile.c +++ b/src/Routes/RouteUserProfile.c @@ -48,6 +48,8 @@ ROUTE_IMPL(RouteUserProfile, path, argp) char *token = NULL; char *value = NULL; + char *msg; + Config *config = ConfigLock(db); if (!config) @@ -63,15 +65,18 @@ ROUTE_IMPL(RouteUserProfile, path, argp) userId = UserIdParse(username, serverName); if (!userId) { + msg = "Invalid user ID."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_INVALID_PARAM, NULL); + response = MatrixErrorCreate(M_INVALID_PARAM, msg); goto finish; } if (strcmp(userId->server, serverName)) { /* TODO: Implement lookup over federation. */ + msg = "User profile endpoint currently doesn't support lookup over " + "federation."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); goto finish; } @@ -82,8 +87,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp) user = UserLock(db, userId->localpart); if (!user) { + msg = "Couldn't lock user."; HttpResponseStatus(args->context, HTTP_NOT_FOUND); - response = MatrixErrorCreate(M_NOT_FOUND, NULL); + response = MatrixErrorCreate(M_NOT_FOUND, msg); goto finish; } @@ -138,7 +144,7 @@ ROUTE_IMPL(RouteUserProfile, path, argp) StrEquals(entry, "avatar_url")) { /* Check if user has privilege to do that action. */ - if (strcmp(userId->localpart, UserGetName(user)) == 0) + if (StrEquals(userId->localpart, UserGetName(user))) { value = JsonValueAsString(HashMapGet(request, entry)); /* TODO: Make UserSetProfile notify other @@ -148,14 +154,16 @@ ROUTE_IMPL(RouteUserProfile, path, argp) goto finish; } /* User is not allowed to carry-on the action */ + msg = "Cannot change another user's profile."; HttpResponseStatus(args->context, HTTP_FORBIDDEN); - response = MatrixErrorCreate(M_FORBIDDEN, NULL); + response = MatrixErrorCreate(M_FORBIDDEN, msg); goto finish; } else { + msg = "Invalid property being changed."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNRECOGNIZED, NULL); + response = MatrixErrorCreate(M_UNRECOGNIZED, msg); goto finish; } } @@ -166,8 +174,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp) goto finish; } default: + msg = "Route only accepts GET and PUT."; HttpResponseStatus(args->context, HTTP_BAD_REQUEST); - response = MatrixErrorCreate(M_UNKNOWN, NULL); + response = MatrixErrorCreate(M_UNKNOWN, msg); break; } finish: diff --git a/src/Routes/RouteWellKnown.c b/src/Routes/RouteWellKnown.c index b9c57bc..8d6e159 100644 --- a/src/Routes/RouteWellKnown.c +++ b/src/Routes/RouteWellKnown.c @@ -37,11 +37,14 @@ ROUTE_IMPL(RouteWellKnown, path, argp) Config *config = ConfigLock(args->matrixArgs->db); + char *msg; + if (!config) { Log(LOG_ERR, "Well-known endpoint failed to lock configuration."); + msg = "Internal server error: couldn't lock database."; HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - return MatrixErrorCreate(M_UNKNOWN, NULL); + return MatrixErrorCreate(M_UNKNOWN, msg); } if (StrEquals(ArrayGet(path, 0), "client")) diff --git a/src/Routes/RouteWhoami.c b/src/Routes/RouteWhoami.c index e390357..4f174b7 100644 --- a/src/Routes/RouteWhoami.c +++ b/src/Routes/RouteWhoami.c @@ -42,14 +42,16 @@ ROUTE_IMPL(RouteWhoami, path, argp) char *token; char *userID; char *deviceID; + char *msg; Config *config = ConfigLock(db); if (!config) { + msg = "Internal server error: couldn't lock database."; Log(LOG_ERR, "Who am I endpoint failed to lock configuration."); HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR); - return MatrixErrorCreate(M_UNKNOWN, NULL); + return MatrixErrorCreate(M_UNKNOWN, msg); } (void) path; diff --git a/src/Uia.c b/src/Uia.c index 5f7b784..c0e7e7d 100644 --- a/src/Uia.c +++ b/src/Uia.c @@ -222,6 +222,8 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db, HashMap *dbJson; int ret; + char *msg; + if (!flows) { return -1; @@ -242,8 +244,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db, if (JsonValueType(val) != JSON_OBJECT) { + msg = "'auth' is not an object."; HttpResponseStatus(context, HTTP_BAD_REQUEST); - *response = MatrixErrorCreate(M_BAD_JSON, NULL); + *response = MatrixErrorCreate(M_BAD_JSON, msg); return 0; } @@ -252,8 +255,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db, if (!val || JsonValueType(val) != JSON_STRING) { + msg = "'auth->session' is unset or not a string."; HttpResponseStatus(context, HTTP_BAD_REQUEST); - *response = MatrixErrorCreate(M_BAD_JSON, NULL); + *response = MatrixErrorCreate(M_BAD_JSON, msg); return 0; } @@ -311,8 +315,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db, if (!val || JsonValueType(val) != JSON_STRING) { + msg = "'auth->type' is unset or not a string."; HttpResponseStatus(context, HTTP_BAD_REQUEST); - *response = MatrixErrorCreate(M_BAD_JSON, NULL); + *response = MatrixErrorCreate(M_BAD_JSON, msg); ret = 0; goto finish; }