2023-02-19 14:58:56 +00:00
|
|
|
/*
|
2024-01-05 23:57:19 +00:00
|
|
|
* Copyright (C) 2022-2024 Jordan Bancino <@jordan:bancino.net> with
|
|
|
|
|
* other valuable contributors. See CONTRIBUTORS.txt for the full list.
|
2023-02-19 14:58:56 +00:00
|
|
|
*
|
|
|
|
|
* Permission is hereby granted, free of charge, to any person
|
|
|
|
|
* obtaining a copy of this software and associated documentation files
|
|
|
|
|
* (the "Software"), to deal in the Software without restriction,
|
|
|
|
|
* including without limitation the rights to use, copy, modify, merge,
|
|
|
|
|
* publish, distribute, sublicense, and/or sell copies of the Software,
|
|
|
|
|
* and to permit persons to whom the Software is furnished to do so,
|
|
|
|
|
* subject to the following conditions:
|
|
|
|
|
*
|
|
|
|
|
* The above copyright notice and this permission notice shall be
|
|
|
|
|
* included in all copies or portions of the Software.
|
|
|
|
|
*
|
|
|
|
|
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
|
|
|
|
|
* EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|
|
|
|
* MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
|
|
|
|
|
* NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
|
|
|
|
|
* BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
|
|
|
|
|
* ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
|
|
|
|
|
* CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
|
|
|
* SOFTWARE.
|
|
|
|
|
*/
|
|
|
|
|
#include <Uia.h>
|
|
|
|
|
|
|
|
|
|
#include <string.h>
|
|
|
|
|
|
2023-03-14 00:37:24 +00:00
|
|
|
#include <RegToken.h>
|
Use `Makefile`s instead of a custom script (#38)
This pull request also requires the use of the external [Cytoplasm](/Telodendria/Cytoplasm) repository by removing the in-tree copy of Cytoplasm. The increased modularity requires a little more complex build process, but is overall better. Closes #19
The appropriate documentation has been updated. Closes #18
---
Please review the developer certificate of origin:
1. The contribution was created in whole or in part by me, and I have
the right to submit it under the open source licenses of the
Telodendria project; or
1. The contribution is based upon a previous work that, to the best of
my knowledge, is covered under an appropriate open source license and
I have the right under that license to submit that work with
modifications, whether created in whole or in part by me, under the
Telodendria project license; or
1. The contribution was provided directly to me by some other person
who certified (1), (2), or (3), and I have not modified it.
1. I understand and agree that this project and the contribution are
made public and that a record of the contribution—including all
personal information I submit with it—is maintained indefinitely
and may be redistributed consistent with this project or the open
source licenses involved.
- [x] I have read the Telodendria Project development certificate of
origin, and I certify that I have permission to submit this patch
under the conditions specified in it.
Reviewed-on: https://git.telodendria.io/Telodendria/Telodendria/pulls/38
2023-11-01 16:27:45 +00:00
|
|
|
#include <Cytoplasm/Memory.h>
|
|
|
|
|
#include <Cytoplasm/Array.h>
|
|
|
|
|
#include <Cytoplasm/Json.h>
|
|
|
|
|
#include <Cytoplasm/Str.h>
|
|
|
|
|
#include <Cytoplasm/Util.h>
|
2023-02-19 14:58:56 +00:00
|
|
|
|
|
|
|
|
#include <Matrix.h>
|
2023-02-28 15:17:11 +00:00
|
|
|
#include <User.h>
|
2023-02-19 14:58:56 +00:00
|
|
|
|
|
|
|
|
struct UiaStage
|
|
|
|
|
{
|
|
|
|
|
char *type;
|
|
|
|
|
HashMap *params;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
static HashMap *
|
2023-02-23 15:13:39 +00:00
|
|
|
BuildFlows(Array * flows)
|
2023-02-19 14:58:56 +00:00
|
|
|
{
|
|
|
|
|
HashMap *response;
|
|
|
|
|
Array *responseFlows;
|
|
|
|
|
HashMap *responseParams;
|
|
|
|
|
|
|
|
|
|
size_t i, j;
|
|
|
|
|
|
|
|
|
|
if (!flows)
|
|
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
response = HashMapCreate();
|
|
|
|
|
if (!response)
|
|
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
responseFlows = ArrayCreate();
|
|
|
|
|
if (!responseFlows)
|
|
|
|
|
{
|
|
|
|
|
HashMapFree(response);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
responseParams = HashMapCreate();
|
|
|
|
|
if (!responseParams)
|
|
|
|
|
{
|
|
|
|
|
HashMapFree(response);
|
|
|
|
|
ArrayFree(responseFlows);
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
HashMapSet(response, "flows", JsonValueArray(responseFlows));
|
|
|
|
|
HashMapSet(response, "params", JsonValueObject(responseParams));
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < ArraySize(flows); i++)
|
|
|
|
|
{
|
|
|
|
|
Array *stages = ArrayGet(flows, i);
|
|
|
|
|
HashMap *responseFlow = HashMapCreate();
|
|
|
|
|
Array *responseStages = ArrayCreate();
|
|
|
|
|
|
|
|
|
|
HashMapSet(responseFlow, "stages", JsonValueArray(responseStages));
|
|
|
|
|
ArrayAdd(responseFlows, JsonValueObject(responseFlow));
|
|
|
|
|
|
|
|
|
|
for (j = 0; j < ArraySize(stages); j++)
|
|
|
|
|
{
|
2023-03-12 03:36:40 +00:00
|
|
|
UiaStage *stage = ArrayGet(stages, j);
|
2023-02-19 14:58:56 +00:00
|
|
|
|
2023-02-24 00:17:56 +00:00
|
|
|
ArrayAdd(responseStages, JsonValueString(stage->type));
|
2023-02-19 14:58:56 +00:00
|
|
|
if (stage->params)
|
|
|
|
|
{
|
2023-02-23 23:19:23 +00:00
|
|
|
JsonValueFree(HashMapSet(responseParams, stage->type, JsonValueObject(stage->params)));
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return response;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int
|
2023-02-27 15:39:12 +00:00
|
|
|
BuildResponse(Array * flows, Db * db, HashMap ** response, char *session, DbRef * ref)
|
2023-02-19 14:58:56 +00:00
|
|
|
{
|
|
|
|
|
HashMap *json;
|
|
|
|
|
|
|
|
|
|
*response = BuildFlows(flows);
|
|
|
|
|
|
|
|
|
|
if (!*response)
|
|
|
|
|
{
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!session)
|
|
|
|
|
{
|
|
|
|
|
session = StrRandom(16);
|
|
|
|
|
if (!session)
|
|
|
|
|
{
|
|
|
|
|
JsonFree(*response);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ref = DbCreate(db, 2, "user_interactive", session);
|
|
|
|
|
if (!ref)
|
|
|
|
|
{
|
|
|
|
|
Free(session);
|
|
|
|
|
JsonFree(*response);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
json = DbJson(ref);
|
|
|
|
|
HashMapSet(json, "completed", JsonValueArray(ArrayCreate()));
|
2024-01-14 01:02:07 +00:00
|
|
|
HashMapSet(json, "last_access", JsonValueInteger(UtilTsMillis()));
|
2023-02-19 14:58:56 +00:00
|
|
|
DbUnlock(db, ref);
|
|
|
|
|
|
|
|
|
|
HashMapSet(*response, "completed", JsonValueArray(ArrayCreate()));
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
Array *completed = ArrayCreate();
|
|
|
|
|
Array *dbCompleted;
|
|
|
|
|
size_t i;
|
|
|
|
|
|
|
|
|
|
if (!completed)
|
|
|
|
|
{
|
|
|
|
|
JsonFree(*response);
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
json = DbJson(ref);
|
|
|
|
|
dbCompleted = JsonValueAsArray(HashMapGet(json, "completed"));
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < ArraySize(dbCompleted); i++)
|
|
|
|
|
{
|
|
|
|
|
char *stage = JsonValueAsString(ArrayGet(dbCompleted, i));
|
2023-02-23 15:13:39 +00:00
|
|
|
|
2023-02-24 00:17:56 +00:00
|
|
|
ArrayAdd(completed, JsonValueString(stage));
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
HashMapSet(*response, "completed", JsonValueArray(completed));
|
|
|
|
|
|
2023-02-27 15:39:12 +00:00
|
|
|
session = StrDuplicate(session);
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
|
|
|
|
|
2023-02-27 15:39:12 +00:00
|
|
|
HashMapSet(*response, "session", JsonValueString(session));
|
|
|
|
|
Free(session);
|
|
|
|
|
|
2023-02-19 14:58:56 +00:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Array *
|
|
|
|
|
UiaDummyFlow(void)
|
|
|
|
|
{
|
|
|
|
|
Array *response = ArrayCreate();
|
2023-02-23 15:13:39 +00:00
|
|
|
|
2023-02-19 14:58:56 +00:00
|
|
|
if (!response)
|
|
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2023-03-07 00:28:52 +00:00
|
|
|
ArrayAdd(response, UiaStageBuild("m.login.dummy", NULL));
|
2023-02-19 14:58:56 +00:00
|
|
|
|
|
|
|
|
return response;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
UiaStage *
|
2023-03-07 00:28:52 +00:00
|
|
|
UiaStageBuild(char *type, HashMap * params)
|
2023-02-19 14:58:56 +00:00
|
|
|
{
|
|
|
|
|
UiaStage *stage = Malloc(sizeof(UiaStage));
|
|
|
|
|
|
|
|
|
|
if (!stage)
|
|
|
|
|
{
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-24 14:40:21 +00:00
|
|
|
stage->type = StrDuplicate(type);
|
2023-02-19 14:58:56 +00:00
|
|
|
stage->params = params;
|
|
|
|
|
|
|
|
|
|
return stage;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
int
|
2023-02-23 15:13:39 +00:00
|
|
|
UiaComplete(Array * flows, HttpServerContext * context, Db * db,
|
2024-01-06 02:00:27 +00:00
|
|
|
HashMap * request, HashMap ** response, Config config)
|
2023-02-19 14:58:56 +00:00
|
|
|
{
|
|
|
|
|
JsonValue *val;
|
|
|
|
|
HashMap *auth;
|
|
|
|
|
char *session;
|
|
|
|
|
char *authType;
|
2023-02-27 15:39:12 +00:00
|
|
|
Array *completed;
|
|
|
|
|
Array *possibleNext;
|
2023-03-06 22:09:57 +00:00
|
|
|
int remaining[16]; /* There should never be more than
|
|
|
|
|
* this many stages in a flow,
|
|
|
|
|
* right? */
|
2023-02-27 15:39:12 +00:00
|
|
|
size_t i;
|
2023-02-19 14:58:56 +00:00
|
|
|
|
|
|
|
|
DbRef *dbRef;
|
|
|
|
|
HashMap *dbJson;
|
2023-02-27 15:39:12 +00:00
|
|
|
int ret;
|
2023-02-19 14:58:56 +00:00
|
|
|
|
2023-12-02 15:24:08 +00:00
|
|
|
char *msg;
|
|
|
|
|
|
2023-02-19 14:58:56 +00:00
|
|
|
if (!flows)
|
|
|
|
|
{
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!context || !db || !request || !response)
|
|
|
|
|
{
|
2023-02-24 14:40:21 +00:00
|
|
|
return -1;
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
val = HashMapGet(request, "auth");
|
|
|
|
|
|
|
|
|
|
if (!val)
|
|
|
|
|
{
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
2023-02-27 15:39:12 +00:00
|
|
|
return BuildResponse(flows, db, response, NULL, NULL);
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (JsonValueType(val) != JSON_OBJECT)
|
|
|
|
|
{
|
2023-12-02 15:24:08 +00:00
|
|
|
msg = "'auth' is not an object.";
|
2023-02-19 14:58:56 +00:00
|
|
|
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
2023-12-02 15:24:08 +00:00
|
|
|
*response = MatrixErrorCreate(M_BAD_JSON, msg);
|
2023-02-24 14:40:21 +00:00
|
|
|
return 0;
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
auth = JsonValueAsObject(val);
|
2023-02-23 15:13:39 +00:00
|
|
|
val = HashMapGet(auth, "session");
|
2023-02-19 14:58:56 +00:00
|
|
|
|
|
|
|
|
if (!val || JsonValueType(val) != JSON_STRING)
|
|
|
|
|
{
|
2023-12-02 15:24:08 +00:00
|
|
|
msg = "'auth->session' is unset or not a string.";
|
2023-02-19 14:58:56 +00:00
|
|
|
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
2023-12-02 15:24:08 +00:00
|
|
|
*response = MatrixErrorCreate(M_BAD_JSON, msg);
|
2023-02-24 14:40:21 +00:00
|
|
|
return 0;
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
session = JsonValueAsString(val);
|
2023-02-27 15:39:12 +00:00
|
|
|
|
|
|
|
|
dbRef = DbLock(db, 2, "user_interactive", session);
|
|
|
|
|
if (!dbRef)
|
|
|
|
|
{
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
|
|
|
|
return BuildResponse(flows, db, response, NULL, NULL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
dbJson = DbJson(dbRef);
|
|
|
|
|
|
|
|
|
|
completed = JsonValueAsArray(HashMapGet(dbJson, "completed"));
|
|
|
|
|
possibleNext = ArrayCreate();
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < ArraySize(flows); i++)
|
|
|
|
|
{
|
|
|
|
|
size_t j;
|
|
|
|
|
|
|
|
|
|
Array *stages = ArrayGet(flows, i);
|
|
|
|
|
|
|
|
|
|
if (ArraySize(stages) > ArraySize(completed))
|
|
|
|
|
{
|
|
|
|
|
UiaStage *stage = ArrayGet(stages, ArraySize(completed));
|
|
|
|
|
|
|
|
|
|
ArrayAdd(possibleNext, stage->type);
|
2023-03-04 01:53:33 +00:00
|
|
|
remaining[ArraySize(possibleNext) - 1] = ArraySize(stages) - ArraySize(completed);
|
2023-02-27 15:39:12 +00:00
|
|
|
}
|
|
|
|
|
else if (ArraySize(stages) == ArraySize(completed))
|
|
|
|
|
{
|
|
|
|
|
for (j = 0; j < ArraySize(stages); j++)
|
|
|
|
|
{
|
|
|
|
|
UiaStage *stage = ArrayGet(stages, j);
|
|
|
|
|
char *flowStage = stage->type;
|
|
|
|
|
char *completedStage = JsonValueAsString(ArrayGet(completed, j));
|
|
|
|
|
|
2023-05-06 22:34:36 +00:00
|
|
|
if (!StrEquals(flowStage, completedStage))
|
2023-02-27 15:39:12 +00:00
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (j == ArraySize(stages))
|
|
|
|
|
{
|
|
|
|
|
/* Success: completed matches a stage perfectly */
|
|
|
|
|
ret = 1;
|
|
|
|
|
goto finish;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2023-02-19 14:58:56 +00:00
|
|
|
val = HashMapGet(auth, "type");
|
|
|
|
|
|
|
|
|
|
if (!val || JsonValueType(val) != JSON_STRING)
|
|
|
|
|
{
|
2023-12-02 15:24:08 +00:00
|
|
|
msg = "'auth->type' is unset or not a string.";
|
2023-02-19 14:58:56 +00:00
|
|
|
HttpResponseStatus(context, HTTP_BAD_REQUEST);
|
2023-12-02 15:24:08 +00:00
|
|
|
*response = MatrixErrorCreate(M_BAD_JSON, msg);
|
2023-02-27 15:39:12 +00:00
|
|
|
ret = 0;
|
|
|
|
|
goto finish;
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
authType = JsonValueAsString(val);
|
|
|
|
|
|
2023-02-27 15:39:12 +00:00
|
|
|
for (i = 0; i < ArraySize(possibleNext); i++)
|
|
|
|
|
{
|
|
|
|
|
char *possible = ArrayGet(possibleNext, i);
|
|
|
|
|
|
2023-05-06 22:34:36 +00:00
|
|
|
if (StrEquals(authType, possible))
|
2023-02-27 15:39:12 +00:00
|
|
|
{
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (i == ArraySize(possibleNext))
|
2023-02-19 14:58:56 +00:00
|
|
|
{
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
2023-02-27 15:39:12 +00:00
|
|
|
ret = BuildResponse(flows, db, response, session, dbRef);
|
|
|
|
|
goto finish;
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
|
|
|
|
|
2023-05-06 22:34:36 +00:00
|
|
|
if (StrEquals(authType, "m.login.dummy"))
|
2023-02-27 15:39:12 +00:00
|
|
|
{
|
|
|
|
|
/* Do nothing */
|
|
|
|
|
}
|
2023-05-06 22:34:36 +00:00
|
|
|
else if (StrEquals(authType, "m.login.password"))
|
2023-02-27 15:39:12 +00:00
|
|
|
{
|
2023-02-28 15:17:11 +00:00
|
|
|
char *password = JsonValueAsString(HashMapGet(auth, "password"));
|
|
|
|
|
HashMap *identifier = JsonValueAsObject(HashMapGet(auth, "identifier"));
|
|
|
|
|
char *type;
|
2024-01-12 00:33:50 +00:00
|
|
|
CommonID *userId;
|
2023-02-28 15:17:11 +00:00
|
|
|
User *user;
|
|
|
|
|
|
|
|
|
|
if (!password || !identifier)
|
|
|
|
|
{
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
|
|
|
|
ret = BuildResponse(flows, db, response, session, dbRef);
|
|
|
|
|
goto finish;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type = JsonValueAsString(HashMapGet(identifier, "type"));
|
2023-03-06 22:09:57 +00:00
|
|
|
userId = UserIdParse(JsonValueAsString(HashMapGet(identifier, "user")),
|
2024-01-06 02:00:27 +00:00
|
|
|
config.serverName);
|
2023-02-28 15:17:11 +00:00
|
|
|
|
2023-05-06 22:34:36 +00:00
|
|
|
if (!type || !StrEquals(type, "m.id.user")
|
2024-01-12 00:33:50 +00:00
|
|
|
|| !userId
|
|
|
|
|
|| !ParserServerNameEquals(userId->server, config.serverName))
|
2023-02-28 15:17:11 +00:00
|
|
|
{
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
|
|
|
|
ret = BuildResponse(flows, db, response, session, dbRef);
|
2023-03-06 22:09:57 +00:00
|
|
|
UserIdFree(userId);
|
2023-02-28 15:17:11 +00:00
|
|
|
goto finish;
|
|
|
|
|
}
|
|
|
|
|
|
2024-01-12 00:33:50 +00:00
|
|
|
user = UserLock(db, userId->local);
|
2023-02-28 15:17:11 +00:00
|
|
|
if (!user)
|
|
|
|
|
{
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
|
|
|
|
ret = BuildResponse(flows, db, response, session, dbRef);
|
2023-03-06 22:09:57 +00:00
|
|
|
UserIdFree(userId);
|
2023-02-28 15:17:11 +00:00
|
|
|
goto finish;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!UserCheckPassword(user, password))
|
|
|
|
|
{
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
|
|
|
|
ret = BuildResponse(flows, db, response, session, dbRef);
|
2023-03-06 22:09:57 +00:00
|
|
|
UserIdFree(userId);
|
2023-02-28 15:17:11 +00:00
|
|
|
UserUnlock(user);
|
|
|
|
|
goto finish;
|
|
|
|
|
}
|
|
|
|
|
|
2023-03-06 22:09:57 +00:00
|
|
|
UserIdFree(userId);
|
2023-02-28 15:17:11 +00:00
|
|
|
UserUnlock(user);
|
2023-02-27 15:39:12 +00:00
|
|
|
}
|
2023-05-06 22:34:36 +00:00
|
|
|
else if (StrEquals(authType, "m.login.registration_token"))
|
2023-02-27 15:39:12 +00:00
|
|
|
{
|
2023-03-14 00:37:24 +00:00
|
|
|
RegTokenInfo *tokenInfo;
|
|
|
|
|
|
|
|
|
|
char *token = JsonValueAsString(HashMapGet(auth, "token"));
|
|
|
|
|
|
|
|
|
|
if (!RegTokenExists(db, token))
|
|
|
|
|
{
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
|
|
|
|
ret = BuildResponse(flows, db, response, session, dbRef);
|
|
|
|
|
goto finish;
|
|
|
|
|
}
|
|
|
|
|
tokenInfo = RegTokenGetInfo(db, token);
|
|
|
|
|
if (!RegTokenValid(tokenInfo))
|
|
|
|
|
{
|
|
|
|
|
RegTokenClose(tokenInfo);
|
|
|
|
|
RegTokenFree(tokenInfo);
|
|
|
|
|
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
|
|
|
|
ret = BuildResponse(flows, db, response, session, dbRef);
|
|
|
|
|
goto finish;
|
|
|
|
|
}
|
|
|
|
|
/* Use the token, and then close it. */
|
|
|
|
|
RegTokenUse(tokenInfo);
|
|
|
|
|
RegTokenClose(tokenInfo);
|
|
|
|
|
RegTokenFree(tokenInfo);
|
2023-04-16 18:32:22 +00:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Drop the registration token into the session storage because
|
|
|
|
|
* the registration endpoint will have to extract the proper
|
|
|
|
|
* privileges to set on the user based on the token.
|
|
|
|
|
*/
|
|
|
|
|
JsonValueFree(HashMapSet(dbJson, "registration_token", JsonValueString(token)));
|
2023-02-27 15:39:12 +00:00
|
|
|
}
|
2023-04-15 02:36:28 +00:00
|
|
|
/* TODO: implement m.login.recaptcha, m.login.sso,
|
|
|
|
|
* m.login.email.identity, m.login.msisdn here */
|
2023-02-27 15:39:12 +00:00
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
|
|
|
|
ret = BuildResponse(flows, db, response, session, dbRef);
|
|
|
|
|
goto finish;
|
|
|
|
|
}
|
2023-02-19 14:58:56 +00:00
|
|
|
|
2023-02-27 15:39:12 +00:00
|
|
|
ArrayAdd(completed, JsonValueString(authType));
|
2023-02-19 14:58:56 +00:00
|
|
|
|
2023-03-04 01:53:33 +00:00
|
|
|
if (remaining[i] - 1 > 0)
|
|
|
|
|
{
|
|
|
|
|
HttpResponseStatus(context, HTTP_UNAUTHORIZED);
|
|
|
|
|
ret = BuildResponse(flows, db, response, session, dbRef);
|
|
|
|
|
goto finish;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ret = 1;
|
2023-02-27 15:39:12 +00:00
|
|
|
|
|
|
|
|
finish:
|
|
|
|
|
ArrayFree(possibleNext);
|
2024-01-14 01:02:07 +00:00
|
|
|
JsonValueFree(HashMapSet(dbJson, "last_access", JsonValueInteger(UtilTsMillis())));
|
2023-02-27 15:39:12 +00:00
|
|
|
DbUnlock(db, dbRef);
|
|
|
|
|
return ret;
|
2023-02-24 14:40:21 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
2023-02-27 15:39:12 +00:00
|
|
|
UiaFlowsFree(Array * flows)
|
2023-02-24 14:40:21 +00:00
|
|
|
{
|
|
|
|
|
size_t i, j;
|
|
|
|
|
|
|
|
|
|
if (!flows)
|
|
|
|
|
{
|
|
|
|
|
return;
|
|
|
|
|
}
|
2023-02-19 14:58:56 +00:00
|
|
|
|
|
|
|
|
for (i = 0; i < ArraySize(flows); i++)
|
|
|
|
|
{
|
|
|
|
|
Array *stages = ArrayGet(flows, i);
|
2023-02-23 15:13:39 +00:00
|
|
|
|
2023-02-19 14:58:56 +00:00
|
|
|
for (j = 0; j < ArraySize(stages); j++)
|
|
|
|
|
{
|
|
|
|
|
UiaStage *stage = ArrayGet(stages, j);
|
2023-02-23 15:13:39 +00:00
|
|
|
|
2023-02-24 00:17:56 +00:00
|
|
|
Free(stage->type);
|
|
|
|
|
/* stage->params, if not null, is referenced in the
|
|
|
|
|
* response body. */
|
|
|
|
|
Free(stage);
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
|
|
|
|
ArrayFree(stages);
|
|
|
|
|
}
|
|
|
|
|
ArrayFree(flows);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void
|
|
|
|
|
UiaCleanup(MatrixHttpHandlerArgs * args)
|
|
|
|
|
{
|
2023-03-01 19:52:44 +00:00
|
|
|
Array *sessions = DbList(args->db, 1, "user_interactive");
|
|
|
|
|
size_t i;
|
|
|
|
|
|
2023-03-22 14:52:04 +00:00
|
|
|
Log(LOG_DEBUG, "User Interactive Auth sessions: %lu",
|
2023-03-01 19:52:44 +00:00
|
|
|
ArraySize(sessions));
|
|
|
|
|
for (i = 0; i < ArraySize(sessions); i++)
|
2023-02-19 14:58:56 +00:00
|
|
|
{
|
2023-03-01 19:52:44 +00:00
|
|
|
char *session = ArrayGet(sessions, i);
|
|
|
|
|
DbRef *ref = DbLock(args->db, 2, "user_interactive", session);
|
|
|
|
|
|
2024-01-14 01:02:07 +00:00
|
|
|
uint64_t lastAccess;
|
2023-03-01 19:52:44 +00:00
|
|
|
|
|
|
|
|
if (!ref)
|
|
|
|
|
{
|
2023-03-22 14:52:04 +00:00
|
|
|
Log(LOG_ERR, "Unable to lock uia %s for inspection.",
|
2023-03-01 19:52:44 +00:00
|
|
|
session);
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
lastAccess = JsonValueAsInteger(HashMapGet(DbJson(ref), "last_access"));
|
|
|
|
|
|
2023-04-22 13:45:01 +00:00
|
|
|
DbUnlock(args->db, ref);
|
|
|
|
|
|
2023-03-01 19:52:44 +00:00
|
|
|
/* If last access was greater than 15 minutes ago, remove this
|
|
|
|
|
* session */
|
2024-01-14 01:02:07 +00:00
|
|
|
if ((UtilTsMillis() - lastAccess) > (1000 * 60 * 15))
|
2023-03-01 19:52:44 +00:00
|
|
|
{
|
|
|
|
|
DbDelete(args->db, 2, "user_interactive", session);
|
2023-03-22 14:52:04 +00:00
|
|
|
Log(LOG_DEBUG, "Deleted session %s", session);
|
2023-03-01 19:52:44 +00:00
|
|
|
}
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
2023-03-01 19:52:44 +00:00
|
|
|
|
|
|
|
|
DbListFree(sessions);
|
2023-02-19 14:58:56 +00:00
|
|
|
}
|
