From 70c3d011253141d58b3bb33617bc96a30733dbc7 Mon Sep 17 00:00:00 2001
From: Jordan Bancino <jordan@bancino.net>
Date: Sat, 17 Dec 2022 00:08:31 +0000
Subject: [PATCH] Finish route param and request body validation

---
 src/Routes/RouteRegister.c | 74 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 74 insertions(+)

diff --git a/src/Routes/RouteRegister.c b/src/Routes/RouteRegister.c
index 09ad4d7..6d47d82 100644
--- a/src/Routes/RouteRegister.c
+++ b/src/Routes/RouteRegister.c
@@ -39,6 +39,8 @@ ROUTE_IMPL(RouteRegister, args)
 
     JsonValue *val;
 
+    char *kind;
+
     char *username = NULL;
     char *password = NULL;
     char *initialDeviceDisplayName = NULL;
@@ -76,6 +78,16 @@ ROUTE_IMPL(RouteRegister, args)
             goto finish;
         }
 
+        kind = HashMapGet(HttpRequestParams(args->context), "kind");
+
+        /* We don't support guest accounts yet */
+        if (kind && strcmp(kind, "user") != 0)
+        {
+            HttpResponseStatus(args->context, HTTP_FORBIDDEN);
+            response = MatrixErrorCreate(M_INVALID_PARAM);
+            goto finish;
+        }
+
         val = HashMapGet(request, "username");
         if (!val)
         {
@@ -110,8 +122,70 @@ ROUTE_IMPL(RouteRegister, args)
 
         password = JsonValueAsString(val);
 
+        val = HashMapGet(request, "device_id");
+        if (val)
+        {
+            if (JsonValueType(val) != JSON_STRING)
+            {
+                HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+                response = MatrixErrorCreate(M_BAD_JSON);
+                goto finish;
+            }
+
+            deviceId = JsonValueAsString(val);
+        }
+
+        val = HashMapGet(request, "inhibit_login");
+        if (val)
+        {
+            if (JsonValueType(val) != JSON_BOOLEAN)
+            {
+                HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+                response = MatrixErrorCreate(M_BAD_JSON);
+                goto finish;
+            }
+
+            inhibitLogin = JsonValueAsBoolean(val);
+        }
+
+        val = HashMapGet(request, "initial_device_display_name");
+        if (val)
+        {
+            if (JsonValueType(val) != JSON_STRING)
+            {
+                HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+                response = MatrixErrorCreate(M_BAD_JSON);
+                goto finish;
+            }
+
+            initialDeviceDisplayName = JsonValueAsString(val);
+        }
+
+        val = HashMapGet(request, "refresh_token");
+        if (val)
+        {
+            if (JsonValueType(val) != JSON_BOOLEAN)
+            {
+                HttpResponseStatus(args->context, HTTP_BAD_REQUEST);
+                response = MatrixErrorCreate(M_BAD_JSON);
+                goto finish;
+            }
+
+            refreshToken = JsonValueAsBoolean(val);
+        }
+
         /* TODO: Register new user here */
 
+        /* These values are already set */
+        (void) username;
+        (void) password;
+        (void) refreshToken;
+        (void) inhibitLogin;
+
+        /* These may be NULL */
+        (void) deviceId;
+        (void) initialDeviceDisplayName;
+
 finish:
         JsonFree(request);
     }