mirror of
https://github.com/hoernschen/dendrite.git
synced 2024-12-27 23:48:27 +00:00
Refactor arguments into auth.Data
This commit is contained in:
parent
7e1733dee1
commit
20f4c2e58d
2 changed files with 23 additions and 16 deletions
|
@ -48,17 +48,24 @@ type AccountDatabase interface {
|
|||
GetAccountByLocalpart(ctx context.Context, localpart string) (*authtypes.Account, error)
|
||||
}
|
||||
|
||||
// Data contains information required to authenticate a request.
|
||||
type Data struct {
|
||||
AccountDB AccountDatabase
|
||||
DeviceDB DeviceDatabase
|
||||
// AppServices is the list of all registered AS
|
||||
AppServices []config.ApplicationService
|
||||
}
|
||||
|
||||
// VerifyUserFromRequest authenticates the HTTP request,
|
||||
// on success returns UserID, Device of the requester.
|
||||
// Finds local user or an application service user.
|
||||
// Note: For an AS user, AS dummy device is returned.
|
||||
// On failure returns an JSON error response which can be sent to the client.
|
||||
func VerifyUserFromRequest(
|
||||
req *http.Request, accountDB AccountDatabase, deviceDB DeviceDatabase,
|
||||
applicationServices []config.ApplicationService,
|
||||
req *http.Request, data Data,
|
||||
) (*authtypes.Device, *util.JSONResponse) {
|
||||
// Try to find local user from device database
|
||||
dev, devErr := verifyAccessToken(req, deviceDB)
|
||||
dev, devErr := verifyAccessToken(req, data.DeviceDB)
|
||||
if devErr == nil {
|
||||
return dev, nil
|
||||
}
|
||||
|
@ -74,7 +81,7 @@ func VerifyUserFromRequest(
|
|||
|
||||
// Search for app service with given access_token
|
||||
var appService *config.ApplicationService
|
||||
for _, as := range applicationServices {
|
||||
for _, as := range data.AppServices {
|
||||
if as.ASToken == token {
|
||||
appService = &as
|
||||
break
|
||||
|
@ -92,13 +99,14 @@ func VerifyUserFromRequest(
|
|||
}
|
||||
|
||||
// Verify that the user is registered
|
||||
account, accountErr := accountDB.GetAccountByLocalpart(req.Context(), localpart)
|
||||
account, err := data.AccountDB.GetAccountByLocalpart(req.Context(), localpart)
|
||||
|
||||
// Verify that account exists & appServiceID matches
|
||||
if accountErr == nil && account.AppServiceID == appService.ID {
|
||||
if err == nil && account.AppServiceID == appService.ID {
|
||||
// Create a dummy device for AS user
|
||||
dev := authtypes.Device{
|
||||
// AS_Device signifies a AS dummy device
|
||||
ID: "ASDEVICE",
|
||||
// Use AS dummy device ID
|
||||
ID: "AS_Device",
|
||||
// User the AS is masquerading as.
|
||||
UserID: userID,
|
||||
// AS dummy device has AS's token.
|
||||
|
|
|
@ -6,7 +6,6 @@ import (
|
|||
|
||||
"github.com/matrix-org/dendrite/clientapi/auth"
|
||||
"github.com/matrix-org/dendrite/clientapi/auth/authtypes"
|
||||
"github.com/matrix-org/dendrite/common/config"
|
||||
"github.com/matrix-org/gomatrixserverlib"
|
||||
"github.com/matrix-org/util"
|
||||
opentracing "github.com/opentracing/opentracing-go"
|
||||
|
@ -14,18 +13,18 @@ import (
|
|||
"github.com/prometheus/client_golang/prometheus/promhttp"
|
||||
)
|
||||
|
||||
// MakeAuthAPI turns a util.JSONRequestHandler function into an http.Handler which checks the access token in the request.
|
||||
// MakeAuthAPI turns a util.JSONRequestHandler function into an http.Handler which authenticates the request.
|
||||
func MakeAuthAPI(
|
||||
metricsName string, accountDB auth.AccountDatabase, deviceDB auth.DeviceDatabase,
|
||||
appServices []config.ApplicationService, f func(*http.Request, string, *authtypes.Device) util.JSONResponse) http.Handler {
|
||||
metricsName string, data auth.Data,
|
||||
f func(*http.Request, *authtypes.Device) util.JSONResponse,
|
||||
) http.Handler {
|
||||
h := func(req *http.Request) util.JSONResponse {
|
||||
user, device, err := auth.VerifyUserFromRequest(req, accountDB, deviceDB, appServices)
|
||||
|
||||
device, err := auth.VerifyUserFromRequest(req, data)
|
||||
if err != nil {
|
||||
return *err
|
||||
}
|
||||
// device is nil for AS virtual users, as they do not have a device in database
|
||||
return f(req, user, device)
|
||||
|
||||
return f(req, device)
|
||||
}
|
||||
return MakeExternalAPI(metricsName, h)
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue