Telodendria/Telodendria
Telodendria
/
Telodendria
3
6
Fork 7
Code Issues 8 Pull Requests 1 Actions Projects 3 Releases 4 Wiki Activity

Set an error message with MatrixErrorCreate whenever applicable (#45) 

Closes #6.

Co-authored-by: Jordan Bancino <jordan@bancino.net>
Reviewed-on: #45
Co-authored-by: lda <lda@freetards.xyz>
Co-committed-by: lda <lda@freetards.xyz>
This commit is contained in:
lda 2023-12-02 10:24:08 -05:00 committed by Jordan Bancino
parent 0a91a0c40b
commit 2c6d5194d2
19 changed files with 161 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/Routes/RouteChangePwd.c
View File

@ -65,6 +65,8 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
char *token;
char *newPassword;
char *msg;
Config *config = ConfigLock(db);
if (!config)
@ -78,8 +80,9 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST)
{
msg = "Route only supports POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish;
}
@ -118,9 +121,10 @@ ROUTE_IMPL(RouteChangePwd, path, argp)
newPassword = JsonValueAsString(HashMapGet(request, "new_password"));
if (!newPassword)
{
msg = "'new_password' is unset or not a string.";
JsonFree(request);
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL);
response = MatrixErrorCreate(M_BAD_JSON, msg);
goto finish;
}

22
src/Routes/RouteConfig.c
View File

@ -33,6 +33,7 @@ ROUTE_IMPL(RouteConfig, path, argp)
RouteArgs *args = argp;
HashMap *response;
char *token;
char *msg;
User *user = NULL;
Config *config = NULL;
@ -59,17 +60,19 @@ ROUTE_IMPL(RouteConfig, path, argp)
if (!(UserGetPrivileges(user) & USER_CONFIG))
{
msg = "User does not have the 'CONFIG' privilege.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish;
}
config = ConfigLock(args->matrixArgs->db);
if (!config)
{
msg = "Internal server error while locking configuration.";
Log(LOG_ERR, "Config endpoint failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish;
}
@ -90,8 +93,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
newConf = ConfigParse(request);
if (!newConf)
{
msg = "Internal server error while parsing config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
break;
}
@ -108,8 +112,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
}
else
{
msg = "Internal server error while writing the config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
}
}
else
@ -137,8 +142,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
if (!newConf)
{
msg = "Internal server error while parsing config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
break;
}
@ -155,8 +161,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
}
else
{
msg = "Internal server error while writing the config.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
}
}
else
@ -170,8 +177,9 @@ ROUTE_IMPL(RouteConfig, path, argp)
JsonFree(newJson);
break;
default:
msg = "Unknown request method.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method.");
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break;
}

3
src/Routes/RouteCreateRoom.c
View File

@ -41,8 +41,9 @@ ROUTE_IMPL(RouteCreateRoom, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST)
{
err = "Unknown request method.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, "Unknown request method.");
response = MatrixErrorCreate(M_UNRECOGNIZED, err);
goto finish;
}

8
src/Routes/RouteDeactivate.c
View File

@ -47,6 +47,8 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
User *user = NULL;
Config *config = ConfigLock(db);
char *msg;
(void) path;
if (!config)
@ -59,8 +61,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST)
{
msg = "Route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish;
}
@ -128,8 +131,9 @@ ROUTE_IMPL(RouteDeactivate, path, argp)
if (!UserDeleteTokens(user, NULL) || !UserDeactivate(user, NULL, NULL))
{
msg = "Internal server error: couldn't remove user properly.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish;
}

20
src/Routes/RouteFilter.c
View File

@ -69,6 +69,8 @@ ROUTE_IMPL(RouteFilter, path, argp)
char *userParam = ArrayGet(path, 0);
char *msg;
if (!userParam)
{
/* Should be impossible */
@ -87,15 +89,17 @@ ROUTE_IMPL(RouteFilter, path, argp)
id = UserIdParse(userParam, serverName);
if (!id)
{
msg = "Invalid user ID.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish;
}
if (!StrEquals(id->server, serverName))
{
msg = "Cannot use /filter for non-local users.";
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
response = MatrixErrorCreate(M_UNAUTHORIZED, NULL);
response = MatrixErrorCreate(M_UNAUTHORIZED, msg);
goto finish;
}
@ -115,8 +119,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
if (!StrEquals(id->localpart, UserGetName(user)))
{
msg = "Unauthorized to use /filter.";
HttpResponseStatus(args->context, HTTP_UNAUTHORIZED);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish;
}
@ -126,8 +131,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
if (!ref)
{
msg = "The filter for this user was not found.";
HttpResponseStatus(args->context, HTTP_NOT_FOUND);
response = MatrixErrorCreate(M_NOT_FOUND, NULL);
response = MatrixErrorCreate(M_NOT_FOUND, msg);
goto finish;
}
@ -161,8 +167,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
filterId = StrRandom(12);
if (!filterId)
{
msg = "Couldn't generate random filter ID; this is unintended.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish;
}
@ -170,8 +177,9 @@ ROUTE_IMPL(RouteFilter, path, argp)
if (!ref)
{
Free(filterId);
msg = "Couldn't write filter to the database, this is unintended.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish;
}

25
src/Routes/RouteLogin.c
View File

@ -107,8 +107,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (loginRequest.type != REQUEST_TYPE_PASSWORD)
{
msg = "Unsupported login type.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break;
}
@ -117,6 +118,7 @@ ROUTE_IMPL(RouteLogin, path, argp)
val = HashMapGet(identifier, "type");
if (!val)
{
msg = "No login identifier type set.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_MISSING_PARAM, NULL);
break;
@ -124,16 +126,18 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (JsonValueType(val) != JSON_STRING)
{
msg = "Invalid login identifier type.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL);
response = MatrixErrorCreate(M_BAD_JSON, msg);
break;
}
type = JsonValueAsString(val);
if (!StrEquals(type, "m.id.user"))
{
msg = "Invalid login identifier type.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break;
}
if (!LoginRequestUserIdentifierFromJson(identifier,
@ -148,16 +152,18 @@ ROUTE_IMPL(RouteLogin, path, argp)
userId = UserIdParse(userIdentifier.user, config->serverName);
if (!userId)
{
msg = "Invalid user ID.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL);
response = MatrixErrorCreate(M_BAD_JSON, msg);
break;
}
if (!StrEquals(userId->server, config->serverName)
|| !UserExists(db, userId->localpart))
{
msg = "Unknown user ID.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
response = MatrixErrorCreate(M_FORBIDDEN, msg);
break;
}
@ -171,8 +177,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (!user)
{
msg = "Couldn't lock user.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
response = MatrixErrorCreate(M_FORBIDDEN, msg);
break;
}
@ -190,10 +197,11 @@ ROUTE_IMPL(RouteLogin, path, argp)
if (!loginInfo)
{
msg = "Invalid creditentials for user.";
UserUnlock(user);
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
response = MatrixErrorCreate(M_FORBIDDEN, msg);
break;
}
@ -229,8 +237,9 @@ ROUTE_IMPL(RouteLogin, path, argp)
break;
default:
msg = "Route only accepts GET and POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
break;
}

8
src/Routes/RouteLogout.c
View File

@ -38,14 +38,17 @@ ROUTE_IMPL(RouteLogout, path, argp)
char *tokenstr;
char *msg;
Db *db = args->matrixArgs->db;
User *user;
if (HttpRequestMethodGet(args->context) != HTTP_POST)
{
msg = "This route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
}
response = MatrixGetAccessToken(args->context, &tokenstr);
@ -84,8 +87,9 @@ ROUTE_IMPL(RouteLogout, path, argp)
{
if (!UserDeleteToken(user, tokenstr))
{
msg = "Internal server error: couldn't delete token.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
goto finish;
}

17
src/Routes/RoutePrivileges.c
View File

@ -39,6 +39,8 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
JsonValue *val;
int privileges;
char *msg;
response = MatrixGetAccessToken(args->context, &token);
if (response)
{
@ -55,8 +57,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
if (!(UserGetPrivileges(user) & USER_GRANT_PRIVILEGES))
{
msg = "User doesn't have the GRANT_PRIVILEGES privilege";
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish;
}
@ -68,8 +71,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
user = UserLock(args->matrixArgs->db, ArrayGet(path, 0));
if (!user)
{
msg = "Unknown user.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish;
}
}
@ -90,8 +94,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
val = HashMapGet(request, "privileges");
if (!val || JsonValueType(val) != JSON_ARRAY)
{
msg = "'privileges' is unset or not an array.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL);
response = MatrixErrorCreate(M_BAD_JSON, msg);
break;
}
@ -116,8 +121,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
if (!UserSetPrivileges(user, privileges))
{
msg = "Internal server error: couldn't set privileges.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
break;
}
@ -127,8 +133,9 @@ ROUTE_IMPL(RoutePrivileges, path, argp)
HashMapSet(response, "privileges", JsonValueArray(UserEncodePrivileges(UserGetPrivileges(user))));
break;
default:
msg = "Route only accepts POST, PUT, DELETE, and GET.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish;
break;
}

11
src/Routes/RouteProcControl.c
View File

@ -37,6 +37,7 @@ ROUTE_IMPL(RouteProcControl, path, argp)
char *op = ArrayGet(path, 0);
HashMap *response;
char *token;
char *msg;
User *user = NULL;
response = MatrixGetAccessToken(args->context, &token);
@ -55,11 +56,13 @@ ROUTE_IMPL(RouteProcControl, path, argp)
if (!(UserGetPrivileges(user) & USER_PROC_CONTROL))
{
msg = "User doesn't have PROC_CONTROL privilege.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish;
}
msg = "Unknown operation.";
switch (HttpRequestMethodGet(args->context))
{
case HTTP_POST:
@ -74,7 +77,7 @@ ROUTE_IMPL(RouteProcControl, path, argp)
else
{
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish;
}
break;
@ -106,12 +109,12 @@ ROUTE_IMPL(RouteProcControl, path, argp)
else
{
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish;
}
default:
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish;
break;
}

8
src/Routes/RouteRefresh.c
View File

@ -45,6 +45,8 @@ ROUTE_IMPL(RouteRefresh, path, argp)
UserAccessToken *newAccessToken;
char *deviceId;
char *msg;
Db *db = args->matrixArgs->db;
User *user = NULL;
@ -55,8 +57,9 @@ ROUTE_IMPL(RouteRefresh, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST)
{
msg = "This route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
}
request = JsonDecode(HttpServerStream(args->context));
@ -69,8 +72,9 @@ ROUTE_IMPL(RouteRefresh, path, argp)
val = HashMapGet(request, "refresh_token");
if (!val || JsonValueType(val) != JSON_STRING)
{
msg = "'refresh_token' is unset or not a string.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_BAD_JSON, NULL);
response = MatrixErrorCreate(M_BAD_JSON, msg);
goto finish;
}

6
src/Routes/RouteRegister.c
View File

@ -86,9 +86,10 @@ ROUTE_IMPL(RouteRegister, path, argp)
if (!config)
{
msg = "Internal server error while locking configuration.";
Log(LOG_ERR, "Registration endpoint failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL);
return MatrixErrorCreate(M_UNKNOWN, msg);
}
if (ArraySize(path) == 0)
@ -254,8 +255,9 @@ finish:
if (!username)
{
msg = "'username' path parameter is not set.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_MISSING_PARAM, NULL);
response = MatrixErrorCreate(M_MISSING_PARAM, msg);
}
else if (!UserValidate(username, config->serverName))
{

3
src/Routes/RouteRequestToken.c
View File

@ -54,8 +54,9 @@ ROUTE_IMPL(RouteRequestToken, path, argp)
if (HttpRequestMethodGet(args->context) != HTTP_POST)
{
msg = "This route only accepts POST.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
}
request = JsonDecode(HttpServerStream(args->context));

4
src/Routes/RouteStaticResources.c
View File

@ -47,8 +47,8 @@ ROUTE_IMPL(RouteStaticResources, path, argp)
"function findGetParameter(parameterName) {"
" var result = null;"
" var tmp = [];"
" var items = location.search.substr(1).split(\"&\");"
" for (var index = 0; index < items.length; index++) {"
" var items = location.search.substr(1).split(\"&\");"
" for (var index = 0; index < items.length; index++) {"
" tmp = items[index].split(\"=\");"
" if (tmp[0] === parameterName) result = decodeURIComponent(tmp[1]);"
" }"

4
src/Routes/RouteTokenValid.c
View File

@ -41,13 +41,15 @@ ROUTE_IMPL(RouteTokenValid, path, argp)
RegTokenInfo *info = NULL;
char *tokenstr;
char *msg;
(void) path;
if (HttpRequestMethodGet(args->context) != HTTP_GET)
{
msg = "This route only accepts GET.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
}
request = JsonDecode(HttpServerStream(args->context));

51
src/Routes/RouteUiaFallback.c
View File

@ -36,6 +36,8 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
char *authType = ArrayGet(path, 0);
char *sessionId;
char *msg;
if (!authType)
{
/* This should never happen */
@ -56,9 +58,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
config = ConfigLock(args->matrixArgs->db);
if (!config)
{
msg = "Internal server error: failed to lock configuration.";
Log(LOG_ERR, "UIA fallback failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL);
return MatrixErrorCreate(M_UNKNOWN, msg);
}
request = JsonDecode(HttpServerStream(args->context));
@ -93,15 +96,17 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
}
else if (HttpRequestMethodGet(args->context) != HTTP_GET)
{
msg = "Route only supports GET.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_UNRECOGNIZED, NULL);
return MatrixErrorCreate(M_UNRECOGNIZED, msg);
}
sessionId = HashMapGet(requestParams, "session");
if (!sessionId)
{
msg = "'session' parameter is unset.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
return MatrixErrorCreate(M_MISSING_PARAM, NULL);
return MatrixErrorCreate(M_MISSING_PARAM, msg);
}
HttpResponseHeader(args->context, "Content-Type", "text/html");
@ -121,25 +126,25 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
HtmlEndForm(stream);
HtmlBeginJs(stream);
StreamPrintf(stream,
"function buildRequest() {"
"function buildRequest() {"
" let user = document.getElementById('user').value;"
" let pass = document.getElementById('password').value;"
" if (!user || !pass) {"
" setFormError('Please specify a username and password.');"
" return false;"
" }"
" return {"
" auth: {"
" type: '%s',"
" identifier: {"
" type: 'm.id.user',"
" user: user"
" },"
" password: pass,"
" session: '%s'"
" }"
" };"
"}", authType, sessionId);
" let pass = document.getElementById('password').value;"
" if (!user || !pass) {"
" setFormError('Please specify a username and password.');"
" return false;"
" }"
" return {"
" auth: {"
" type: '%s',"
" identifier: {"
" type: 'm.id.user',"
" user: user"
" },"
" password: pass,"
" session: '%s'"
" }"
" };"
"}", authType, sessionId);
HtmlEndJs(stream);
}
else if (StrEquals(authType, "m.login.registration_token"))
@ -186,10 +191,10 @@ ROUTE_IMPL(RouteUiaFallback, path, argp)
"function processResponse(xhr) {"
" let r = JSON.parse(xhr.responseText);"
" console.log(r);"
" if (xhr.status == 200 || r.completed.includes('%s')) {"
" if (xhr.status == 200 || r.completed.includes('%s')) {"
" if (window.onAuthDone) {"
" window.onAuthDone();"
" } else if (window.opener && window.opener.postMessage) {"
" } else if (window.opener && window.opener.postMessage) {"
" window.opener.postMessage('authDone', '*');"
" } else {"
" setFormError('Client error.');"

23
src/Routes/RouteUserProfile.c
View File

@ -48,6 +48,8 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
char *token = NULL;
char *value = NULL;
char *msg;
Config *config = ConfigLock(db);
if (!config)
@ -63,15 +65,18 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
userId = UserIdParse(username, serverName);
if (!userId)
{
msg = "Invalid user ID.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
goto finish;
}
if (strcmp(userId->server, serverName))
{
/* TODO: Implement lookup over federation. */
msg = "User profile endpoint currently doesn't support lookup over "
"federation.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish;
}
@ -82,8 +87,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
user = UserLock(db, userId->localpart);
if (!user)
{
msg = "Couldn't lock user.";
HttpResponseStatus(args->context, HTTP_NOT_FOUND);
response = MatrixErrorCreate(M_NOT_FOUND, NULL);
response = MatrixErrorCreate(M_NOT_FOUND, msg);
goto finish;
}
@ -138,7 +144,7 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
StrEquals(entry, "avatar_url"))
{
/* Check if user has privilege to do that action. */
if (strcmp(userId->localpart, UserGetName(user)) == 0)
if (StrEquals(userId->localpart, UserGetName(user)))
{
value = JsonValueAsString(HashMapGet(request, entry));
/* TODO: Make UserSetProfile notify other
@ -148,14 +154,16 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
goto finish;
}
/* User is not allowed to carry-on the action */
msg = "Cannot change another user's profile.";
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
response = MatrixErrorCreate(M_FORBIDDEN, NULL);
response = MatrixErrorCreate(M_FORBIDDEN, msg);
goto finish;
}
else
{
msg = "Invalid property being changed.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNRECOGNIZED, NULL);
response = MatrixErrorCreate(M_UNRECOGNIZED, msg);
goto finish;
}
}
@ -166,8 +174,9 @@ ROUTE_IMPL(RouteUserProfile, path, argp)
goto finish;
}
default:
msg = "Route only accepts GET and PUT.";
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
response = MatrixErrorCreate(M_UNKNOWN, NULL);
response = MatrixErrorCreate(M_UNKNOWN, msg);
break;
}
finish:

5
src/Routes/RouteWellKnown.c
View File

@ -37,11 +37,14 @@ ROUTE_IMPL(RouteWellKnown, path, argp)
Config *config = ConfigLock(args->matrixArgs->db);
char *msg;
if (!config)
{
Log(LOG_ERR, "Well-known endpoint failed to lock configuration.");
msg = "Internal server error: couldn't lock database.";
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL);
return MatrixErrorCreate(M_UNKNOWN, msg);
}
if (StrEquals(ArrayGet(path, 0), "client"))

4
src/Routes/RouteWhoami.c
View File

@ -42,14 +42,16 @@ ROUTE_IMPL(RouteWhoami, path, argp)
char *token;
char *userID;
char *deviceID;
char *msg;
Config *config = ConfigLock(db);
if (!config)
{
msg = "Internal server error: couldn't lock database.";
Log(LOG_ERR, "Who am I endpoint failed to lock configuration.");
HttpResponseStatus(args->context, HTTP_INTERNAL_SERVER_ERROR);
return MatrixErrorCreate(M_UNKNOWN, NULL);
return MatrixErrorCreate(M_UNKNOWN, msg);
}
(void) path;

11
src/Uia.c
View File

@ -222,6 +222,8 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
HashMap *dbJson;
int ret;
char *msg;
if (!flows)
{
return -1;
@ -242,8 +244,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
if (JsonValueType(val) != JSON_OBJECT)
{
msg = "'auth' is not an object.";
HttpResponseStatus(context, HTTP_BAD_REQUEST);
*response = MatrixErrorCreate(M_BAD_JSON, NULL);
*response = MatrixErrorCreate(M_BAD_JSON, msg);
return 0;
}
@ -252,8 +255,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
if (!val || JsonValueType(val) != JSON_STRING)
{
msg = "'auth->session' is unset or not a string.";
HttpResponseStatus(context, HTTP_BAD_REQUEST);
*response = MatrixErrorCreate(M_BAD_JSON, NULL);
*response = MatrixErrorCreate(M_BAD_JSON, msg);
return 0;
}
@ -311,8 +315,9 @@ UiaComplete(Array * flows, HttpServerContext * context, Db * db,
if (!val || JsonValueType(val) != JSON_STRING)
{
msg = "'auth->type' is unset or not a string.";
HttpResponseStatus(context, HTTP_BAD_REQUEST);
*response = MatrixErrorCreate(M_BAD_JSON, NULL);
*response = MatrixErrorCreate(M_BAD_JSON, msg);
ret = 0;
goto finish;
}