forked from mirror/mautrix-discord
Move double puppeting login code to mautrix-go
This commit is contained in:
Tulir Asokan
parent
345391f8b1
commit
185f9a8963
6 changed files with 71 additions and 198 deletions
|
|
@ -67,9 +67,7 @@ type BridgeConfig struct {
|
|||
} `yaml:"args"`
|
||||
} `yaml:"animated_sticker"`
|
||||
|
||||
DoublePuppetServerMap map[string]string `yaml:"double_puppet_server_map"`
|
||||
DoublePuppetAllowDiscovery bool `yaml:"double_puppet_allow_discovery"`
|
||||
LoginSharedSecretMap map[string]string `yaml:"login_shared_secret_map"`
|
||||
DoublePuppetConfig bridgeconfig.DoublePuppetConfig `yaml:",inline"`
|
||||
|
||||
CommandPrefix string `yaml:"command_prefix"`
|
||||
ManagementRoomText bridgeconfig.ManagementRoomTexts `yaml:"management_room_text"`
|
||||
|
|
@ -272,6 +270,10 @@ func (bc *BridgeConfig) UnmarshalYAML(unmarshal func(interface{}) error) error {
|
|||
|
||||
var _ bridgeconfig.BridgeConfig = (*BridgeConfig)(nil)
|
||||
|
||||
func (bc BridgeConfig) GetDoublePuppetConfig() bridgeconfig.DoublePuppetConfig {
|
||||
return bc.DoublePuppetConfig
|
||||
}
|
||||
|
||||
func (bc BridgeConfig) GetEncryptionConfig() bridgeconfig.EncryptionConfig {
|
||||
return bc.Encryption
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ type Config struct {
|
|||
|
||||
func (config *Config) CanAutoDoublePuppet(userID id.UserID) bool {
|
||||
_, homeserver, _ := userID.Parse()
|
||||
_, hasSecret := config.Bridge.LoginSharedSecretMap[homeserver]
|
||||
_, hasSecret := config.Bridge.DoublePuppetConfig.SharedSecretMap[homeserver]
|
||||
|
||||
return hasSecret
|
||||
}
|
||||
|
|
|
|||
210
custompuppet.go
210
custompuppet.go
|
|
@ -1,170 +1,72 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"crypto/hmac"
|
||||
"crypto/sha512"
|
||||
"encoding/hex"
|
||||
"errors"
|
||||
"fmt"
|
||||
|
||||
"maunium.net/go/mautrix"
|
||||
"maunium.net/go/mautrix/appservice"
|
||||
"maunium.net/go/mautrix/id"
|
||||
)
|
||||
|
||||
var (
|
||||
ErrNoCustomMXID = errors.New("no custom mxid set")
|
||||
ErrMismatchingMXID = errors.New("whoami result does not match custom mxid")
|
||||
)
|
||||
|
||||
func (br *DiscordBridge) newDoublePuppetClient(mxid id.UserID, accessToken string) (*mautrix.Client, error) {
|
||||
_, homeserver, err := mxid.Parse()
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
homeserverURL, found := br.Config.Bridge.DoublePuppetServerMap[homeserver]
|
||||
if !found {
|
||||
if homeserver == br.AS.HomeserverDomain {
|
||||
homeserverURL = ""
|
||||
} else if br.Config.Bridge.DoublePuppetAllowDiscovery {
|
||||
resp, err := mautrix.DiscoverClientAPI(homeserver)
|
||||
if err != nil {
|
||||
return nil, fmt.Errorf("failed to find homeserver URL for %s: %v", homeserver, err)
|
||||
}
|
||||
|
||||
homeserverURL = resp.Homeserver.BaseURL
|
||||
br.Log.Debugfln("Discovered URL %s for %s to enable double puppeting for %s", homeserverURL, homeserver, mxid)
|
||||
} else {
|
||||
return nil, fmt.Errorf("double puppeting from %s is not allowed", homeserver)
|
||||
}
|
||||
}
|
||||
|
||||
return br.AS.NewExternalMautrixClient(mxid, accessToken, homeserverURL)
|
||||
}
|
||||
|
||||
func (puppet *Puppet) clearCustomMXID() {
|
||||
puppet.CustomMXID = ""
|
||||
puppet.AccessToken = ""
|
||||
puppet.customIntent = nil
|
||||
puppet.customUser = nil
|
||||
}
|
||||
|
||||
func (puppet *Puppet) newCustomIntent() (*appservice.IntentAPI, error) {
|
||||
if puppet.CustomMXID == "" {
|
||||
return nil, ErrNoCustomMXID
|
||||
}
|
||||
|
||||
client, err := puppet.bridge.newDoublePuppetClient(puppet.CustomMXID, puppet.AccessToken)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
ia := puppet.bridge.AS.NewIntentAPI("custom")
|
||||
ia.Client = client
|
||||
ia.Localpart, _, _ = puppet.CustomMXID.Parse()
|
||||
ia.UserID = puppet.CustomMXID
|
||||
ia.IsCustomPuppet = true
|
||||
return ia, nil
|
||||
}
|
||||
|
||||
func (puppet *Puppet) StartCustomMXID(reloginOnFail bool) error {
|
||||
if puppet.CustomMXID == "" {
|
||||
puppet.clearCustomMXID()
|
||||
return nil
|
||||
}
|
||||
|
||||
intent, err := puppet.newCustomIntent()
|
||||
if err != nil {
|
||||
puppet.clearCustomMXID()
|
||||
return err
|
||||
}
|
||||
|
||||
resp, err := intent.Whoami()
|
||||
if err != nil {
|
||||
if !reloginOnFail || (errors.Is(err, mautrix.MUnknownToken) && !puppet.tryRelogin(err, "initializing double puppeting")) {
|
||||
puppet.clearCustomMXID()
|
||||
return err
|
||||
}
|
||||
|
||||
intent.AccessToken = puppet.AccessToken
|
||||
} else if resp.UserID != puppet.CustomMXID {
|
||||
puppet.clearCustomMXID()
|
||||
return ErrMismatchingMXID
|
||||
}
|
||||
|
||||
puppet.customIntent = intent
|
||||
puppet.customUser = puppet.bridge.GetUserByMXID(puppet.CustomMXID)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (puppet *Puppet) tryRelogin(cause error, action string) bool {
|
||||
if !puppet.bridge.Config.CanAutoDoublePuppet(puppet.CustomMXID) {
|
||||
return false
|
||||
}
|
||||
log := puppet.log.With().
|
||||
AnErr("cause_error", cause).
|
||||
Str("while_action", action).
|
||||
Logger()
|
||||
log.Debug().Msg("Trying to relogin")
|
||||
accessToken, err := puppet.loginWithSharedSecret(puppet.CustomMXID)
|
||||
if err != nil {
|
||||
log.Error().Err(err).Msg("Failed to relogin")
|
||||
return false
|
||||
}
|
||||
log.Info().Msg("Successfully relogined")
|
||||
puppet.AccessToken = accessToken
|
||||
puppet.Update()
|
||||
return true
|
||||
}
|
||||
|
||||
func (puppet *Puppet) loginWithSharedSecret(mxid id.UserID) (string, error) {
|
||||
_, homeserver, _ := mxid.Parse()
|
||||
puppet.log.Debug().Str("user_id", mxid.String()).Msg("Logging into double puppet target with shared secret")
|
||||
loginSecret := puppet.bridge.Config.Bridge.LoginSharedSecretMap[homeserver]
|
||||
client, err := puppet.bridge.newDoublePuppetClient(mxid, "")
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("failed to create mautrix client to log in: %v", err)
|
||||
}
|
||||
req := mautrix.ReqLogin{
|
||||
Identifier: mautrix.UserIdentifier{Type: mautrix.IdentifierTypeUser, User: string(mxid)},
|
||||
DeviceID: "Discord Bridge",
|
||||
InitialDeviceDisplayName: "Discord Bridge",
|
||||
}
|
||||
if loginSecret == "appservice" {
|
||||
client.AccessToken = puppet.bridge.AS.Registration.AppToken
|
||||
req.Type = mautrix.AuthTypeAppservice
|
||||
} else {
|
||||
mac := hmac.New(sha512.New, []byte(loginSecret))
|
||||
mac.Write([]byte(mxid))
|
||||
req.Password = hex.EncodeToString(mac.Sum(nil))
|
||||
req.Type = mautrix.AuthTypePassword
|
||||
}
|
||||
resp, err := client.Login(&req)
|
||||
if err != nil {
|
||||
return "", err
|
||||
}
|
||||
return resp.AccessToken, nil
|
||||
}
|
||||
|
||||
func (puppet *Puppet) SwitchCustomMXID(accessToken string, mxid id.UserID) error {
|
||||
prevCustomMXID := puppet.CustomMXID
|
||||
puppet.CustomMXID = mxid
|
||||
puppet.AccessToken = accessToken
|
||||
|
||||
puppet.Update()
|
||||
err := puppet.StartCustomMXID(false)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if prevCustomMXID != "" {
|
||||
delete(puppet.bridge.puppetsByCustomMXID, prevCustomMXID)
|
||||
}
|
||||
if puppet.CustomMXID != "" {
|
||||
puppet.bridge.puppetsByCustomMXID[puppet.CustomMXID] = puppet
|
||||
}
|
||||
puppet.bridge.AS.StateStore.MarkRegistered(puppet.CustomMXID)
|
||||
puppet.Update()
|
||||
// TODO leave rooms with default puppet
|
||||
return nil
|
||||
}
|
||||
|
||||
func (puppet *Puppet) ClearCustomMXID() {
|
||||
save := puppet.CustomMXID != "" || puppet.AccessToken != ""
|
||||
puppet.bridge.puppetsLock.Lock()
|
||||
if puppet.CustomMXID != "" && puppet.bridge.puppetsByCustomMXID[puppet.CustomMXID] == puppet {
|
||||
delete(puppet.bridge.puppetsByCustomMXID, puppet.CustomMXID)
|
||||
}
|
||||
puppet.bridge.puppetsLock.Unlock()
|
||||
puppet.CustomMXID = ""
|
||||
puppet.AccessToken = ""
|
||||
puppet.customIntent = nil
|
||||
puppet.customUser = nil
|
||||
if save {
|
||||
puppet.Update()
|
||||
}
|
||||
}
|
||||
|
||||
func (puppet *Puppet) StartCustomMXID(reloginOnFail bool) error {
|
||||
newIntent, newAccessToken, err := puppet.bridge.DoublePuppet.Setup(puppet.CustomMXID, puppet.AccessToken, reloginOnFail)
|
||||
if err != nil {
|
||||
puppet.ClearCustomMXID()
|
||||
return err
|
||||
}
|
||||
puppet.bridge.puppetsLock.Lock()
|
||||
puppet.bridge.puppetsByCustomMXID[puppet.CustomMXID] = puppet
|
||||
puppet.bridge.puppetsLock.Unlock()
|
||||
if puppet.AccessToken != newAccessToken {
|
||||
puppet.AccessToken = newAccessToken
|
||||
puppet.Update()
|
||||
}
|
||||
puppet.customIntent = newIntent
|
||||
puppet.customUser = puppet.bridge.GetUserByMXID(puppet.CustomMXID)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (user *User) tryAutomaticDoublePuppeting() {
|
||||
if !user.bridge.Config.CanAutoDoublePuppet(user.MXID) {
|
||||
return
|
||||
}
|
||||
user.log.Debug().Msg("Checking if double puppeting needs to be enabled")
|
||||
puppet := user.bridge.GetPuppetByID(user.DiscordID)
|
||||
if len(puppet.CustomMXID) > 0 {
|
||||
user.log.Debug().Msg("User already has double-puppeting enabled")
|
||||
// Custom puppet already enabled
|
||||
return
|
||||
}
|
||||
puppet.CustomMXID = user.MXID
|
||||
err := puppet.StartCustomMXID(true)
|
||||
if err != nil {
|
||||
user.log.Warn().Err(err).Msg("Failed to login with shared secret")
|
||||
} else {
|
||||
// TODO leave rooms with default puppet
|
||||
user.log.Debug().Msg("Successfully automatically enabled custom puppet")
|
||||
}
|
||||
}
|
||||
|
|
|
|||
6
go.mod
6
go.mod
|
|
@ -13,12 +13,12 @@ require (
|
|||
github.com/rs/zerolog v1.30.0
|
||||
github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
|
||||
github.com/stretchr/testify v1.8.4
|
||||
github.com/yuin/goldmark v1.5.5
|
||||
github.com/yuin/goldmark v1.5.6
|
||||
go.mau.fi/util v0.0.0-20230805171708-199bf3eec776
|
||||
golang.org/x/exp v0.0.0-20230811145659-89c5cff77bcb
|
||||
golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63
|
||||
golang.org/x/sync v0.3.0
|
||||
maunium.net/go/maulogger/v2 v2.4.1
|
||||
maunium.net/go/mautrix v0.16.0
|
||||
maunium.net/go/mautrix v0.16.1-0.20230821105106-ac5c2c22102c
|
||||
)
|
||||
|
||||
require (
|
||||
|
|
|
|||
12
go.sum
12
go.sum
|
|
@ -41,16 +41,16 @@ github.com/tidwall/pretty v1.2.0 h1:RWIZEg2iJ8/g6fDDYzMpobmaoGh5OLl4AXtGUGPcqCs=
|
|||
github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
|
||||
github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY=
|
||||
github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28=
|
||||
github.com/yuin/goldmark v1.5.5 h1:IJznPe8wOzfIKETmMkd06F8nXkmlhaHqFRM9l1hAGsU=
|
||||
github.com/yuin/goldmark v1.5.5/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
|
||||
github.com/yuin/goldmark v1.5.6 h1:COmQAWTCcGetChm3Ig7G/t8AFAN00t+o8Mt4cf7JpwA=
|
||||
github.com/yuin/goldmark v1.5.6/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
|
||||
go.mau.fi/util v0.0.0-20230805171708-199bf3eec776 h1:VrxDCO/gLFHLQywGUsJzertrvt2mUEMrZPf4hEL/s18=
|
||||
go.mau.fi/util v0.0.0-20230805171708-199bf3eec776/go.mod h1:AxuJUMCxpzgJ5eV9JbPWKRH8aAJJidxetNdUj7qcb84=
|
||||
go.mau.fi/zeroconfig v0.1.2 h1:DKOydWnhPMn65GbXZOafgkPm11BvFashZWLct0dGFto=
|
||||
go.mau.fi/zeroconfig v0.1.2/go.mod h1:NcSJkf180JT+1IId76PcMuLTNa1CzsFFZ0nBygIQM70=
|
||||
golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk=
|
||||
golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw=
|
||||
golang.org/x/exp v0.0.0-20230811145659-89c5cff77bcb h1:mIKbk8weKhSeLH2GmUTrvx8CjkyJmnU1wFmg59CUjFA=
|
||||
golang.org/x/exp v0.0.0-20230811145659-89c5cff77bcb/go.mod h1:FXUEEKJgO7OQYeo8N01OfiKP8RXMtf6e8aTskBGqWdc=
|
||||
golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 h1:m64FZMko/V45gv0bNmrNYoDEq8U5YUhetc9cBWKS1TQ=
|
||||
golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63/go.mod h1:0v4NqG35kSWCMzLaMeX+IQrlSnVE/bqGSyC2cz/9Le8=
|
||||
golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
|
||||
golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
|
||||
golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
|
||||
|
|
@ -69,5 +69,5 @@ maunium.net/go/mauflag v1.0.0 h1:YiaRc0tEI3toYtJMRIfjP+jklH45uDHtT80nUamyD4M=
|
|||
maunium.net/go/mauflag v1.0.0/go.mod h1:nLivPOpTpHnpzEh8jEdSL9UqO9+/KBJFmNRlwKfkPeA=
|
||||
maunium.net/go/maulogger/v2 v2.4.1 h1:N7zSdd0mZkB2m2JtFUsiGTQQAdP0YeFWT7YMc80yAL8=
|
||||
maunium.net/go/maulogger/v2 v2.4.1/go.mod h1:omPuYwYBILeVQobz8uO3XC8DIRuEb5rXYlQSuqrbCho=
|
||||
maunium.net/go/mautrix v0.16.0 h1:iUqCzJE2yqBC1ddAK6eAn159My8rLb4X8g4SFtQh2Dk=
|
||||
maunium.net/go/mautrix v0.16.0/go.mod h1:XAjE9pTSGcr6vXaiNgQGiip7tddJ8FQV1a29u2QdBG4=
|
||||
maunium.net/go/mautrix v0.16.1-0.20230821105106-ac5c2c22102c h1:oRIaFbS4ds9biwJVguT+9Zu7n5zDbKQeuGklXHQxvCU=
|
||||
maunium.net/go/mautrix v0.16.1-0.20230821105106-ac5c2c22102c/go.mod h1:XAjE9pTSGcr6vXaiNgQGiip7tddJ8FQV1a29u2QdBG4=
|
||||
|
|
|
|||
31
user.go
31
user.go
|
|
@ -368,37 +368,6 @@ func (user *User) GetDMSpaceRoom() id.RoomID {
|
|||
return user.getSpaceRoom(&user.DMSpaceRoom, "Direct Messages", "Your Discord direct messages", user.GetSpaceRoom())
|
||||
}
|
||||
|
||||
func (user *User) tryAutomaticDoublePuppeting() {
|
||||
user.Lock()
|
||||
defer user.Unlock()
|
||||
|
||||
if !user.bridge.Config.CanAutoDoublePuppet(user.MXID) {
|
||||
return
|
||||
}
|
||||
|
||||
user.log.Debug().Msg("Checking if double puppeting needs to be enabled")
|
||||
|
||||
puppet := user.bridge.GetPuppetByID(user.DiscordID)
|
||||
if puppet.CustomMXID != "" {
|
||||
user.log.Debug().Msg("User already has double-puppeting enabled")
|
||||
return
|
||||
}
|
||||
|
||||
accessToken, err := puppet.loginWithSharedSecret(user.MXID)
|
||||
if err != nil {
|
||||
user.log.Warn().Err(err).Msg("Failed to login with shared secret")
|
||||
return
|
||||
}
|
||||
|
||||
err = puppet.SwitchCustomMXID(accessToken, user.MXID)
|
||||
if err != nil {
|
||||
puppet.log.Warn().Err(err).Msg("Failed to switch to auto-logined custom puppet")
|
||||
return
|
||||
}
|
||||
|
||||
user.log.Info().Msg("Successfully automatically enabled custom puppet")
|
||||
}
|
||||
|
||||
func (user *User) ViewingChannel(portal *Portal) bool {
|
||||
if portal.GuildID != "" || !user.Session.IsUser {
|
||||
return false
|
||||
|
|
|
|||
Loading…
Reference in a new issue