forked from Telodendria/Telodendria
Compare commits
3 commits
master
...
refactor-6
| Author | SHA1 | Date | |
|---|---|---|---|
9899aadcd2
|
|||
|
39fcee12dd
|
|||
|
1e097ff895
|
6 changed files with 158 additions and 134 deletions
14
Schema/AdminDeactivate.json
Normal file
14
Schema/AdminDeactivate.json
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
{
|
||||
"header": "Schema\/AdminDeactivate.h",
|
||||
"types": {
|
||||
"DeactivateRequest": {
|
||||
"fields": {
|
||||
"reason": {
|
||||
"type": "string"
|
||||
}
|
||||
},
|
||||
"type": "struct"
|
||||
}
|
||||
},
|
||||
"guard": "TELODENDRIA_SCHEMA_ADMINDEACTIVATE_H"
|
||||
}
|
||||
17
Schema/Registration.json
Normal file
17
Schema/Registration.json
Normal file
|
|
@ -0,0 +1,17 @@
|
|||
{
|
||||
"header": "Schema\/Registration.h",
|
||||
"types": {
|
||||
"RegistrationRequest": {
|
||||
"fields": {
|
||||
"username": { "type": "string" },
|
||||
"password": { "type": "string" },
|
||||
"device_id": { "type": "string" },
|
||||
"inhibit_login": { "type": "boolean" },
|
||||
"initial_device_display_name": { "type": "string" },
|
||||
"refresh_token": { "type": "boolean" }
|
||||
},
|
||||
"type": "struct"
|
||||
}
|
||||
},
|
||||
"guard": "TELODENDRIA_SCHEMA_REGISTRATION_H"
|
||||
}
|
||||
21
Schema/RequestToken.json
Normal file
21
Schema/RequestToken.json
Normal file
|
|
@ -0,0 +1,21 @@
|
|||
{
|
||||
"header": "Schema\/RequestToken.h",
|
||||
"types": {
|
||||
"RequestToken": {
|
||||
"fields": {
|
||||
"client_secret": { "type": "string" },
|
||||
"send_attempt": { "type": "integer" },
|
||||
"next_link": { "type": "string" },
|
||||
"id_access_token": { "type": "string" },
|
||||
"id_server": { "type": "string" },
|
||||
|
||||
"email": { "type": "string" },
|
||||
|
||||
"country": { "type": "string" },
|
||||
"phone_number": { "type": "string" }
|
||||
},
|
||||
"type": "struct"
|
||||
}
|
||||
},
|
||||
"guard": "TELODENDRIA_SCHEMA_REQUESTTOKEN_H"
|
||||
}
|
||||
|
|
@ -28,7 +28,8 @@
|
|||
#include <Cytoplasm/Str.h>
|
||||
|
||||
#include <User.h>
|
||||
#include <Cytoplasm/Log.h>
|
||||
|
||||
#include <Schema/AdminDeactivate.h>
|
||||
|
||||
ROUTE_IMPL(RouteAdminDeactivate, path, argp)
|
||||
{
|
||||
|
|
@ -38,6 +39,7 @@ ROUTE_IMPL(RouteAdminDeactivate, path, argp)
|
|||
|
||||
JsonValue *val;
|
||||
char *reason = "Deactivated by admin";
|
||||
char *err;
|
||||
char *removedLocalpart = ArrayGet(path, 0);
|
||||
char *token;
|
||||
|
||||
|
|
@ -48,6 +50,8 @@ ROUTE_IMPL(RouteAdminDeactivate, path, argp)
|
|||
|
||||
HttpRequestMethod method = HttpRequestMethodGet(args->context);
|
||||
|
||||
DeactivateRequest deactReq;
|
||||
|
||||
if ((method != HTTP_DELETE) && (method != HTTP_PUT))
|
||||
{
|
||||
char * msg = "Route only supports DELETE and PUT as for now.";
|
||||
|
|
@ -63,10 +67,10 @@ ROUTE_IMPL(RouteAdminDeactivate, path, argp)
|
|||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
return MatrixErrorCreate(M_NOT_JSON, NULL);
|
||||
}
|
||||
val = HashMapGet(request, "reason");
|
||||
if (val && JsonValueType(val) == JSON_STRING)
|
||||
if (!DeactivateRequestFromJson(request, &deactReq, &err))
|
||||
{
|
||||
reason = JsonValueAsString(val);
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
return MatrixErrorCreate(M_BAD_JSON, err);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -100,7 +104,7 @@ ROUTE_IMPL(RouteAdminDeactivate, path, argp)
|
|||
response = HashMapCreate();
|
||||
|
||||
JsonSet(response, JsonValueString(removedLocalpart), 1, "user");
|
||||
JsonSet(response, JsonValueString(reason), 1, "reason");
|
||||
JsonSet(response, JsonValueString(deactReq.reason), 1, "reason");
|
||||
JsonSet(response, JsonValueString(UserGetName(user)), 1, "banned_by");
|
||||
}
|
||||
else
|
||||
|
|
@ -112,6 +116,7 @@ ROUTE_IMPL(RouteAdminDeactivate, path, argp)
|
|||
finish:
|
||||
UserUnlock(user);
|
||||
UserUnlock(removed);
|
||||
DeactivateRequestFree(&deactReq);
|
||||
JsonFree(request);
|
||||
return response;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,6 +30,8 @@
|
|||
#include <Cytoplasm/Str.h>
|
||||
#include <Cytoplasm/Memory.h>
|
||||
|
||||
#include <Schema/Registration.h>
|
||||
|
||||
#include <User.h>
|
||||
#include <Uia.h>
|
||||
#include <RegToken.h>
|
||||
|
|
@ -55,22 +57,15 @@ ROUTE_IMPL(RouteRegister, path, argp)
|
|||
HashMap *request = NULL;
|
||||
HashMap *response = NULL;
|
||||
|
||||
JsonValue *val;
|
||||
RegistrationRequest regReq;
|
||||
|
||||
char *kind;
|
||||
|
||||
char *username = NULL;
|
||||
char *password = NULL;
|
||||
char *initialDeviceDisplayName = NULL;
|
||||
int refreshToken = 0;
|
||||
int inhibitLogin = 0;
|
||||
char *deviceId = NULL;
|
||||
char *fullUsername;
|
||||
char *msg;
|
||||
char *username;
|
||||
|
||||
Db *db = args->matrixArgs->db;
|
||||
|
||||
User *user = NULL;
|
||||
|
||||
Array *uiaFlows = NULL;
|
||||
int uiaResult;
|
||||
|
||||
|
|
@ -79,6 +74,16 @@ ROUTE_IMPL(RouteRegister, path, argp)
|
|||
|
||||
Config *config = ConfigLock(db);
|
||||
|
||||
regReq.username = NULL;
|
||||
regReq.password = NULL;
|
||||
regReq.device_id = NULL;
|
||||
regReq.initial_device_display_name = NULL;
|
||||
regReq.refresh_token = 0;
|
||||
regReq.inhibit_login = 0;
|
||||
|
||||
|
||||
|
||||
|
||||
if (!config)
|
||||
{
|
||||
Log(LOG_ERR, "Registration endpoint failed to lock configuration.");
|
||||
|
|
@ -102,26 +107,23 @@ ROUTE_IMPL(RouteRegister, path, argp)
|
|||
response = MatrixErrorCreate(M_NOT_JSON, NULL);
|
||||
goto end;
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "username");
|
||||
if (val)
|
||||
{
|
||||
if (JsonValueType(val) != JSON_STRING)
|
||||
if (!RegistrationRequestFromJson(request, ®Req, &msg))
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
goto finish;
|
||||
response = MatrixErrorCreate(M_NOT_JSON, msg);
|
||||
goto end;
|
||||
}
|
||||
username = StrDuplicate(JsonValueAsString(val));
|
||||
|
||||
if (!UserValidate(username, config->serverName))
|
||||
if (regReq.username)
|
||||
{
|
||||
if (!UserValidate(regReq.username, config->serverName))
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_INVALID_USERNAME, NULL);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
if (UserExists(db, username))
|
||||
if (UserExists(db, regReq.username))
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_USER_IN_USE, NULL);
|
||||
|
|
@ -158,99 +160,44 @@ ROUTE_IMPL(RouteRegister, path, argp)
|
|||
/* We don't support guest accounts yet */
|
||||
if (kind && !StrEquals(kind, "user"))
|
||||
{
|
||||
msg = "Guest accounts are currently not supported";
|
||||
HttpResponseStatus(args->context, HTTP_FORBIDDEN);
|
||||
response = MatrixErrorCreate(M_INVALID_PARAM, NULL);
|
||||
response = MatrixErrorCreate(M_INVALID_PARAM, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "password");
|
||||
if (!val)
|
||||
if (!regReq.password)
|
||||
{
|
||||
msg = "'password' field is unset";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_MISSING_PARAM, NULL);
|
||||
response = MatrixErrorCreate(M_MISSING_PARAM, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
if (JsonValueType(val) != JSON_STRING)
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
goto finish;
|
||||
}
|
||||
/* All of the other fields are optional, we don't have to check
|
||||
* them. */
|
||||
|
||||
password = StrDuplicate(JsonValueAsString(val));
|
||||
|
||||
val = HashMapGet(request, "device_id");
|
||||
if (val)
|
||||
{
|
||||
if (JsonValueType(val) != JSON_STRING)
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
deviceId = StrDuplicate(JsonValueAsString(val));
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "inhibit_login");
|
||||
if (val)
|
||||
{
|
||||
if (JsonValueType(val) != JSON_BOOLEAN)
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
inhibitLogin = JsonValueAsBoolean(val);
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "initial_device_display_name");
|
||||
if (val)
|
||||
{
|
||||
if (JsonValueType(val) != JSON_STRING)
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
initialDeviceDisplayName = StrDuplicate(JsonValueAsString(val));
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "refresh_token");
|
||||
if (val)
|
||||
{
|
||||
if (JsonValueType(val) != JSON_BOOLEAN)
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
refreshToken = JsonValueAsBoolean(val);
|
||||
}
|
||||
|
||||
user = UserCreate(db, username, password);
|
||||
user = UserCreate(db, regReq.username, regReq.password);
|
||||
response = HashMapCreate();
|
||||
|
||||
fullUsername = StrConcat(4, "@", UserGetName(user), ":", config->serverName);
|
||||
fullUsername = StrConcat(4,
|
||||
"@", UserGetName(user), ":", config->serverName);
|
||||
HashMapSet(response, "user_id", JsonValueString(fullUsername));
|
||||
Free(fullUsername);
|
||||
|
||||
HttpResponseStatus(args->context, HTTP_OK);
|
||||
if (!inhibitLogin)
|
||||
if (!regReq.inhibit_login)
|
||||
{
|
||||
UserLoginInfo *loginInfo = UserLogin(user, password, deviceId,
|
||||
initialDeviceDisplayName, refreshToken);
|
||||
UserLoginInfo *loginInfo = UserLogin(user, regReq.password,
|
||||
regReq.device_id, regReq.initial_device_display_name,
|
||||
regReq.refresh_token);
|
||||
|
||||
HashMapSet(response, "access_token",
|
||||
JsonValueString(loginInfo->accessToken->string));
|
||||
HashMapSet(response, "device_id",
|
||||
JsonValueString(loginInfo->accessToken->deviceId));
|
||||
|
||||
if (refreshToken)
|
||||
if (regReq.refresh_token)
|
||||
{
|
||||
HashMapSet(response, "expires_in_ms",
|
||||
JsonValueInteger(loginInfo->accessToken->lifetime));
|
||||
|
|
@ -294,10 +241,7 @@ ROUTE_IMPL(RouteRegister, path, argp)
|
|||
UserUnlock(user);
|
||||
finish:
|
||||
UiaFlowsFree(uiaFlows);
|
||||
Free(username);
|
||||
Free(password);
|
||||
Free(deviceId);
|
||||
Free(initialDeviceDisplayName);
|
||||
RegistrationRequestFree(®Req);
|
||||
JsonFree(request);
|
||||
}
|
||||
else
|
||||
|
|
|
|||
|
|
@ -26,14 +26,31 @@
|
|||
#include <Cytoplasm/Str.h>
|
||||
#include <Cytoplasm/Json.h>
|
||||
|
||||
#include <Schema/RequestToken.h>
|
||||
|
||||
ROUTE_IMPL(RouteRequestToken, path, argp)
|
||||
{
|
||||
RouteArgs *args = argp;
|
||||
char *type = ArrayGet(path, 0);
|
||||
HashMap *request;
|
||||
HashMap *response;
|
||||
JsonValue *val;
|
||||
char *str;
|
||||
|
||||
char *msg;
|
||||
|
||||
RequestToken reqTok;
|
||||
|
||||
Int64 minusOne = Int64Neg(Int64Create(0, 1));
|
||||
|
||||
reqTok.client_secret = NULL;
|
||||
reqTok.next_link = NULL;
|
||||
reqTok.id_access_token = NULL;
|
||||
reqTok.id_server = NULL;
|
||||
|
||||
reqTok.email = NULL;
|
||||
reqTok.country = NULL;
|
||||
reqTok.phone_number = NULL;
|
||||
|
||||
reqTok.send_attempt = minusOne;
|
||||
|
||||
if (HttpRequestMethodGet(args->context) != HTTP_POST)
|
||||
{
|
||||
|
|
@ -48,87 +65,92 @@ ROUTE_IMPL(RouteRequestToken, path, argp)
|
|||
return MatrixErrorCreate(M_NOT_JSON, NULL);
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "client_secret");
|
||||
if (!val || JsonValueType(val) != JSON_STRING)
|
||||
if (!RequestTokenFromJson(request, &reqTok, &msg))
|
||||
{
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
str = JsonValueAsString(val);
|
||||
if (strlen(str) > 255 || StrBlank(str))
|
||||
if (!reqTok.client_secret)
|
||||
{
|
||||
msg = "'client_secret' is not set";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "send_attempt");
|
||||
if (!val || JsonValueType(val) != JSON_INTEGER)
|
||||
if (strlen(reqTok.client_secret) > 255 || StrBlank(reqTok.client_secret))
|
||||
{
|
||||
msg = "'client_secret' is blank or too long";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "next_link");
|
||||
if (val && JsonValueType(val) != JSON_STRING)
|
||||
if (Int64Eq(reqTok.send_attempt, minusOne))
|
||||
{
|
||||
msg = "Invalid or inexistent 'send_attempt'";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "id_access_token");
|
||||
if (val && JsonValueType(val) != JSON_STRING)
|
||||
if (!reqTok.next_link)
|
||||
{
|
||||
msg = "'next_link' is not set";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "id_server");
|
||||
if (val && JsonValueType(val) != JSON_STRING)
|
||||
if (!reqTok.id_access_token)
|
||||
{
|
||||
msg = "'id_access_token' is not set";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
if (!reqTok.id_server)
|
||||
{
|
||||
msg = "'id_server' is not set";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
if (StrEquals(type, "email"))
|
||||
{
|
||||
val = HashMapGet(request, "email");
|
||||
if (val && JsonValueType(val) != JSON_STRING)
|
||||
if (!reqTok.email)
|
||||
{
|
||||
msg = "Type is set to 'email' yet none was set";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
}
|
||||
else if (StrEquals(type, "msisdn"))
|
||||
{
|
||||
val = HashMapGet(request, "country");
|
||||
if (val && JsonValueType(val) != JSON_STRING)
|
||||
if (!reqTok.country)
|
||||
{
|
||||
msg = "Type is set to 'msisdn' yet no country is set";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
str = JsonValueAsString(val);
|
||||
if (strlen(str) != 2)
|
||||
if (strlen(reqTok.country) != 2)
|
||||
{
|
||||
msg = "Invalid country tag, length must be 2";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
|
||||
val = HashMapGet(request, "phone_number");
|
||||
if (val && JsonValueType(val) != JSON_STRING)
|
||||
if (!reqTok.phone_number)
|
||||
{
|
||||
msg = "Type is set to 'msisdn' yet phone_number is unset";
|
||||
HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, NULL);
|
||||
response = MatrixErrorCreate(M_BAD_JSON, msg);
|
||||
goto finish;
|
||||
}
|
||||
}
|
||||
|
|
@ -145,5 +167,6 @@ ROUTE_IMPL(RouteRequestToken, path, argp)
|
|||
|
||||
finish:
|
||||
JsonFree(request);
|
||||
RequestTokenFree(&reqTok);
|
||||
return response;
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue