Mirror
/
go-neb
mirror of https://github.com/matrix-org/go-neb.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
212 Commits
120 Branches
3 Tags
12 MiB
Tree: e6e859ec48
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e6e859ec48'
${ noResults }
go-neb/src/github.com/matrix-org/go-neb/api.go

376 lines
11 KiB
Raw Normal View History

An extensible Matrix bot written in Go
8 years ago
Add endpoint to GET a Service config
8 years ago
Base64 encode the service ID in the webhook path We don't put any restrictions on the format of the Service ID so we need to base64 it to prevent potentially losing data when it is inserted as a path parameter (e.g. due to weird escaping rules). Also, only remove webhooks if there was an old service to begin with.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Use the service ID in the webhook path instead of the service type This means we can load the Service from the database then invoke OnIncomingWebhook on it, rather than load up a new Service.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Add the pre-commit hooks and development instructions
8 years ago
Move database/types.go to types/types.go in its own 'types' package There is nothing specific to the types to warrant them being under the database package.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Add handler for /services/hooks/{serviceType} Defers through to the given service's OnReceiveWebhook method.
8 years ago
Mutex-guard services with the same ID being modified concurrently Also treat 422 "already exists" errors as success.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Tweak the auth session API to be more transactional - Rename the path from /configureAuthSession to /requestAuthSession - Add a global getter/setter for the `ServiceDB` : this avoids cyclical deps because now the Realm wants access to the database, and due to the factory pattern it would mean `types.go` would need to import `database`, but `database` is already doing so to invoke the factory function in `schema.go`. - Modify how `AuthSession` is loaded/stored in the database. Now it is just a blunt JSON store for Public fields. It is initialised via a new Realm interface function `AuthSession(userID, realmID)` which is there to return the right `struct` so stuff can be unmarshalled into it. - Add a new Realm interface function `RequestAuthSession` which is invoked when `/requestAuthSession` is hit. It is a direct request/response mapping, a JSON blob goes in as a param, and a JSON blob comes out as the return. The Realm is free to create/load/update/delete `AuthSessions` inside the function. This allows better control over when new sessions are made (or whether to return an existing session).
8 years ago
Add concept of AuthSessions Auth sessions are a single auth process between a user and an auth realm. As such, they are keyed off the tuple of `(user_id, realm_id)`. Only the realm which they belong to knows how to construct them, hence all "load" sections require an `AuthRealm` to be extracted first. Currently I pass in a `json.RawMessage` rather than factory initialise and clobber public fields based on the JSON, we can always change that if need be later down the line. Overall, this feels really nice (when starting to add in GH auth, everything I wanted was already there in the right place waiting for me).
8 years ago
Tweak the auth session API to be more transactional - Rename the path from /configureAuthSession to /requestAuthSession - Add a global getter/setter for the `ServiceDB` : this avoids cyclical deps because now the Realm wants access to the database, and due to the factory pattern it would mean `types.go` would need to import `database`, but `database` is already doing so to invoke the factory function in `schema.go`. - Modify how `AuthSession` is loaded/stored in the database. Now it is just a blunt JSON store for Public fields. It is initialised via a new Realm interface function `AuthSession(userID, realmID)` which is there to return the right `struct` so stuff can be unmarshalled into it. - Add a new Realm interface function `RequestAuthSession` which is invoked when `/requestAuthSession` is hit. It is a direct request/response mapping, a JSON blob goes in as a param, and a JSON blob comes out as the return. The Realm is free to create/load/update/delete `AuthSessions` inside the function. This allows better control over when new sessions are made (or whether to return an existing session).
8 years ago
Add concept of AuthSessions Auth sessions are a single auth process between a user and an auth realm. As such, they are keyed off the tuple of `(user_id, realm_id)`. Only the realm which they belong to knows how to construct them, hence all "load" sections require an `AuthRealm` to be extracted first. Currently I pass in a `json.RawMessage` rather than factory initialise and clobber public fields based on the JSON, we can always change that if need be later down the line. Overall, this feels really nice (when starting to add in GH auth, everything I wanted was already there in the right place waiting for me).
8 years ago
Finish implementing auth in JIRA. Access tokens are now stored. Added redirectURL to the factory function for AuthRealms.
8 years ago
Add concept of AuthSessions Auth sessions are a single auth process between a user and an auth realm. As such, they are keyed off the tuple of `(user_id, realm_id)`. Only the realm which they belong to knows how to construct them, hence all "load" sections require an `AuthRealm` to be extracted first. Currently I pass in a `json.RawMessage` rather than factory initialise and clobber public fields based on the JSON, we can always change that if need be later down the line. Overall, this feels really nice (when starting to add in GH auth, everything I wanted was already there in the right place waiting for me).
8 years ago
Tweak the auth session API to be more transactional - Rename the path from /configureAuthSession to /requestAuthSession - Add a global getter/setter for the `ServiceDB` : this avoids cyclical deps because now the Realm wants access to the database, and due to the factory pattern it would mean `types.go` would need to import `database`, but `database` is already doing so to invoke the factory function in `schema.go`. - Modify how `AuthSession` is loaded/stored in the database. Now it is just a blunt JSON store for Public fields. It is initialised via a new Realm interface function `AuthSession(userID, realmID)` which is there to return the right `struct` so stuff can be unmarshalled into it. - Add a new Realm interface function `RequestAuthSession` which is invoked when `/requestAuthSession` is hit. It is a direct request/response mapping, a JSON blob goes in as a param, and a JSON blob comes out as the return. The Realm is free to create/load/update/delete `AuthSessions` inside the function. This allows better control over when new sessions are made (or whether to return an existing session).
8 years ago
Add concept of AuthSessions Auth sessions are a single auth process between a user and an auth realm. As such, they are keyed off the tuple of `(user_id, realm_id)`. Only the realm which they belong to knows how to construct them, hence all "load" sections require an `AuthRealm` to be extracted first. Currently I pass in a `json.RawMessage` rather than factory initialise and clobber public fields based on the JSON, we can always change that if need be later down the line. Overall, this feels really nice (when starting to add in GH auth, everything I wanted was already there in the right place waiting for me).
8 years ago
Tweak the auth session API to be more transactional - Rename the path from /configureAuthSession to /requestAuthSession - Add a global getter/setter for the `ServiceDB` : this avoids cyclical deps because now the Realm wants access to the database, and due to the factory pattern it would mean `types.go` would need to import `database`, but `database` is already doing so to invoke the factory function in `schema.go`. - Modify how `AuthSession` is loaded/stored in the database. Now it is just a blunt JSON store for Public fields. It is initialised via a new Realm interface function `AuthSession(userID, realmID)` which is there to return the right `struct` so stuff can be unmarshalled into it. - Add a new Realm interface function `RequestAuthSession` which is invoked when `/requestAuthSession` is hit. It is a direct request/response mapping, a JSON blob goes in as a param, and a JSON blob comes out as the return. The Realm is free to create/load/update/delete `AuthSessions` inside the function. This allows better control over when new sessions are made (or whether to return an existing session).
8 years ago
Add concept of AuthSessions Auth sessions are a single auth process between a user and an auth realm. As such, they are keyed off the tuple of `(user_id, realm_id)`. Only the realm which they belong to knows how to construct them, hence all "load" sections require an `AuthRealm` to be extracted first. Currently I pass in a `json.RawMessage` rather than factory initialise and clobber public fields based on the JSON, we can always change that if need be later down the line. Overall, this feels really nice (when starting to add in GH auth, everything I wanted was already there in the right place waiting for me).
8 years ago
Add redirect handler for AuthRealms Add state param generation for githubRealm.
8 years ago
Also apply base64 encoding to realm redirect paths and use URL-safe base64
8 years ago
Add redirect handler for AuthRealms Add state param generation for githubRealm.
8 years ago
Finish implementing auth in JIRA. Access tokens are now stored. Added redirectURL to the factory function for AuthRealms.
8 years ago
Add redirect handler for AuthRealms Add state param generation for githubRealm.
8 years ago
Add concept of AuthRealms - These represent a place where a user can authenticate themselves. - They function in the same way as Services (insert/update based on an HTTP API) - They currently don't *do* a lot other than exist for storing realm-specific information (e.g. the `GithubRealm` stores the `ClientSecret` and `ClientID`)
8 years ago
Add AuthModule concept - Register them like we are with Services. - Add `/configureAuth` endpoint to create/update auth. - Move ThirdPartyAuth out of the database layer since they are passed as params to `/admin/configureAuth`
8 years ago
Add concept of AuthRealms - These represent a place where a user can authenticate themselves. - They function in the same way as Services (insert/update based on an HTTP API) - They currently don't *do* a lot other than exist for storing realm-specific information (e.g. the `GithubRealm` stores the `ClientSecret` and `ClientID`)
8 years ago
Add AuthModule concept - Register them like we are with Services. - Add `/configureAuth` endpoint to create/update auth. - Move ThirdPartyAuth out of the database layer since they are passed as params to `/admin/configureAuth`
8 years ago
Add concept of AuthRealms - These represent a place where a user can authenticate themselves. - They function in the same way as Services (insert/update based on an HTTP API) - They currently don't *do* a lot other than exist for storing realm-specific information (e.g. the `GithubRealm` stores the `ClientSecret` and `ClientID`)
8 years ago
Add AuthModule concept - Register them like we are with Services. - Add `/configureAuth` endpoint to create/update auth. - Move ThirdPartyAuth out of the database layer since they are passed as params to `/admin/configureAuth`
8 years ago
Add concept of AuthRealms - These represent a place where a user can authenticate themselves. - They function in the same way as Services (insert/update based on an HTTP API) - They currently don't *do* a lot other than exist for storing realm-specific information (e.g. the `GithubRealm` stores the `ClientSecret` and `ClientID`)
8 years ago
Create realms with JSON by default
8 years ago
Add concept of AuthRealms - These represent a place where a user can authenticate themselves. - They function in the same way as Services (insert/update based on an HTTP API) - They currently don't *do* a lot other than exist for storing realm-specific information (e.g. the `GithubRealm` stores the `ClientSecret` and `ClientID`)
8 years ago
Add AuthModule concept - Register them like we are with Services. - Add `/configureAuth` endpoint to create/update auth. - Move ThirdPartyAuth out of the database layer since they are passed as params to `/admin/configureAuth`
8 years ago
Create realms with JSON by default
8 years ago
Add JiraRealm type. Add Register() function to AuthRealms Verify that PrivateKeyPEM is indeed a PEM formatted block in Register()
8 years ago
Add concept of AuthRealms - These represent a place where a user can authenticate themselves. - They function in the same way as Services (insert/update based on an HTTP API) - They currently don't *do* a lot other than exist for storing realm-specific information (e.g. the `GithubRealm` stores the `ClientSecret` and `ClientID`)
8 years ago
Add AuthModule concept - Register them like we are with Services. - Add `/configureAuth` endpoint to create/update auth. - Move ThirdPartyAuth out of the database layer since they are passed as params to `/admin/configureAuth`
8 years ago
Add concept of AuthRealms - These represent a place where a user can authenticate themselves. - They function in the same way as Services (insert/update based on an HTTP API) - They currently don't *do* a lot other than exist for storing realm-specific information (e.g. the `GithubRealm` stores the `ClientSecret` and `ClientID`)
8 years ago
Add AuthModule concept - Register them like we are with Services. - Add `/configureAuth` endpoint to create/update auth. - Move ThirdPartyAuth out of the database layer since they are passed as params to `/admin/configureAuth`
8 years ago
Add concept of AuthRealms - These represent a place where a user can authenticate themselves. - They function in the same way as Services (insert/update based on an HTTP API) - They currently don't *do* a lot other than exist for storing realm-specific information (e.g. the `GithubRealm` stores the `ClientSecret` and `ClientID`)
8 years ago
Add AuthModule concept - Register them like we are with Services. - Add `/configureAuth` endpoint to create/update auth. - Move ThirdPartyAuth out of the database layer since they are passed as params to `/admin/configureAuth`
8 years ago
Use the service ID in the webhook path instead of the service type This means we can load the Service from the database then invoke OnIncomingWebhook on it, rather than load up a new Service.
8 years ago
Send webhook notifications to rooms specified in the service config
8 years ago
Use the service ID in the webhook path instead of the service type This means we can load the Service from the database then invoke OnIncomingWebhook on it, rather than load up a new Service.
8 years ago
Log what the clients send us for debugging purposes
8 years ago
Add handler for /services/hooks/{serviceType} Defers through to the given service's OnReceiveWebhook method.
8 years ago
Base64 encode the service ID in the webhook path We don't put any restrictions on the format of the Service ID so we need to base64 it to prevent potentially losing data when it is inserted as a path parameter (e.g. due to weird escaping rules). Also, only remove webhooks if there was an old service to begin with.
8 years ago
Also apply base64 encoding to realm redirect paths and use URL-safe base64
8 years ago
Base64 encode the service ID in the webhook path We don't put any restrictions on the format of the Service ID so we need to base64 it to prevent potentially losing data when it is inserted as a path parameter (e.g. due to weird escaping rules). Also, only remove webhooks if there was an old service to begin with.
8 years ago
Use the service ID in the webhook path instead of the service type This means we can load the Service from the database then invoke OnIncomingWebhook on it, rather than load up a new Service.
8 years ago
Add handler for /services/hooks/{serviceType} Defers through to the given service's OnReceiveWebhook method.
8 years ago
Send webhook notifications to rooms specified in the service config
8 years ago
Handle incoming JIRA webhook requests
8 years ago
More logging
8 years ago
Send webhook notifications to rooms specified in the service config
8 years ago
Add handler for /services/hooks/{serviceType} Defers through to the given service's OnReceiveWebhook method.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Move database/types.go to types/types.go in its own 'types' package There is nothing specific to the types to warrant them being under the database package.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Move database/types.go to types/types.go in its own 'types' package There is nothing specific to the types to warrant them being under the database package.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Mutex-guard services with the same ID being modified concurrently Also treat 422 "already exists" errors as success.
8 years ago
Add TODO explaining why the mutex storage is bad and what a better solution is
8 years ago
Mutex-guard services with the same ID being modified concurrently Also treat 422 "already exists" errors as success.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Create delta webhooks in GithubService.Register() Remove PostRegister() as it isn't used for anything anymore. Add TODO marker for guarding against race conditions.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Split up github service into 2 services One for commands/expansions, the other for webhooks. Call the type 'github-webhook'.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Mutex-guard services with the same ID being modified concurrently Also treat 422 "already exists" errors as success.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Create delta webhooks in GithubService.Register() Remove PostRegister() as it isn't used for anything anymore. Add TODO marker for guarding against race conditions.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Join webhook rooms on Register() Also fix a NPE when there was no old service.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Allow github webhooks to be explicitly removed Removing a repo entirely from a service will now remove the webhook in the `PostRegister()` function. This function is still within the `configureService` critical section to prevent another request for the same service racing with the cleanup process.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Move database/types.go to types/types.go in its own 'types' package There is nothing specific to the types to warrant them being under the database package.
8 years ago
Create delta webhooks in GithubService.Register() Remove PostRegister() as it isn't used for anything anymore. Add TODO marker for guarding against race conditions.
8 years ago
An extensible Matrix bot written in Go
8 years ago
Add endpoint to GET a Service config
8 years ago
s/GET/POST/
8 years ago
Add endpoint to GET a Service config
8 years ago
Add endpoint for GETing AuthSession information for a user/realm tuple Add a new `AuthSession` function `Authenticated()` which returns `true` if the user has completed the auth process. This allows the caller to distinguish between: - Never done any auth (404s) - In the process of doing auth (`Authenticated == false`) - Finished doing auth (`Authenticated == true`)
8 years ago
s/GET/POST/
8 years ago
Add endpoint for GETing AuthSession information for a user/realm tuple Add a new `AuthSession` function `Authenticated()` which returns `true` if the user has completed the auth process. This allows the caller to distinguish between: - Never done any auth (404s) - In the process of doing auth (`Authenticated == false`) - Finished doing auth (`Authenticated == true`)
8 years ago
Return Authenticated:false rather than 404ing on missing sessions - it makes life much easier
8 years ago
Add endpoint for GETing AuthSession information for a user/realm tuple Add a new `AuthSession` function `Authenticated()` which returns `true` if the user has completed the auth process. This allows the caller to distinguish between: - Never done any auth (404s) - In the process of doing auth (`Authenticated == false`) - Finished doing auth (`Authenticated == true`)
8 years ago
Return Authenticated:false rather than 404ing on missing sessions - it makes life much easier
8 years ago
Add endpoint for GETing AuthSession information for a user/realm tuple Add a new `AuthSession` function `Authenticated()` which returns `true` if the user has completed the auth process. This allows the caller to distinguish between: - Never done any auth (404s) - In the process of doing auth (`Authenticated == false`) - Finished doing auth (`Authenticated == true`)
8 years ago
s/Session/Info/ given it isn't an AuthSession object
8 years ago
List possible GH repos on /getSession Add an Info() method to pull out info about an auth session.
8 years ago
Add endpoint for GETing AuthSession information for a user/realm tuple Add a new `AuthSession` function `Authenticated()` which returns `true` if the user has completed the auth process. This allows the caller to distinguish between: - Never done any auth (404s) - In the process of doing auth (`Authenticated == false`) - Finished doing auth (`Authenticated == true`)
8 years ago
  1. package main
  3. import (
  4. "database/sql"
  5. "encoding/base64"
  6. "encoding/json"
  7. log "github.com/Sirupsen/logrus"
  8. "github.com/matrix-org/go-neb/clients"
  9. "github.com/matrix-org/go-neb/database"
  10. "github.com/matrix-org/go-neb/errors"
  11. "github.com/matrix-org/go-neb/types"
  12. "net/http"
  13. "strings"
  14. "sync"
  15. )
  17. type heartbeatHandler struct{}
  19. func (*heartbeatHandler) OnIncomingRequest(req *http.Request) (interface{}, *errors.HTTPError) {
  20. return &struct{}{}, nil
  21. }
  23. type requestAuthSessionHandler struct {
  24. db *database.ServiceDB
  25. }
  27. func (h *requestAuthSessionHandler) OnIncomingRequest(req *http.Request) (interface{}, *errors.HTTPError) {
  28. if req.Method != "POST" {
  29. return nil, &errors.HTTPError{nil, "Unsupported Method", 405}
  30. }
  31. var body struct {
  32. RealmID string
  33. UserID string
  34. Config json.RawMessage
  35. }
  36. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  37. return nil, &errors.HTTPError{err, "Error parsing request JSON", 400}
  38. }
  39. log.WithFields(log.Fields{
  40. "realm_id": body.RealmID,
  41. "user_id": body.UserID,
  42. }).Print("Incoming auth session request")
  44. if body.UserID == "" || body.RealmID == "" || body.Config == nil {
  45. return nil, &errors.HTTPError{nil, `Must supply a "UserID", a "RealmID" and a "Config"`, 400}
  46. }
  48. realm, err := h.db.LoadAuthRealm(body.RealmID)
  49. if err != nil {
  50. return nil, &errors.HTTPError{err, "Unknown RealmID", 400}
  51. }
  53. response := realm.RequestAuthSession(body.UserID, body.Config)
  54. if response == nil {
  55. return nil, &errors.HTTPError{nil, "Failed to request auth session", 500}
  56. }
  58. return response, nil
  59. }
  61. type realmRedirectHandler struct {
  62. db *database.ServiceDB
  63. }
  65. func (rh *realmRedirectHandler) handle(w http.ResponseWriter, req *http.Request) {
  66. segments := strings.Split(req.URL.Path, "/")
  67. // last path segment is the base64d realm ID which we will pass the incoming request to
  68. base64realmID := segments[len(segments)-1]
  69. bytesRealmID, err := base64.RawURLEncoding.DecodeString(base64realmID)
  70. realmID := string(bytesRealmID)
  71. if err != nil {
  72. log.WithError(err).WithField("base64_realm_id", base64realmID).Print(
  73. "Not a b64 encoded string",
  74. )
  75. w.WriteHeader(400)
  76. return
  77. }
  79. realm, err := rh.db.LoadAuthRealm(realmID)
  80. if err != nil {
  81. log.WithError(err).WithField("realm_id", realmID).Print("Failed to load realm")
  82. w.WriteHeader(404)
  83. return
  84. }
  85. log.WithFields(log.Fields{
  86. "realm_id": realmID,
  87. }).Print("Incoming realm redirect request")
  88. realm.OnReceiveRedirect(w, req)
  89. }
  91. type configureAuthRealmHandler struct {
  92. db *database.ServiceDB
  93. }
  95. func (h *configureAuthRealmHandler) OnIncomingRequest(req *http.Request) (interface{}, *errors.HTTPError) {
  96. if req.Method != "POST" {
  97. return nil, &errors.HTTPError{nil, "Unsupported Method", 405}
  98. }
  99. var body struct {
  100. ID string
  101. Type string
  102. Config json.RawMessage
  103. }
  104. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  105. return nil, &errors.HTTPError{err, "Error parsing request JSON", 400}
  106. }
  108. if body.ID == "" || body.Type == "" || body.Config == nil {
  109. return nil, &errors.HTTPError{nil, `Must supply a "ID", a "Type" and a "Config"`, 400}
  110. }
  112. realm, err := types.CreateAuthRealm(body.ID, body.Type, body.Config)
  113. if err != nil {
  114. return nil, &errors.HTTPError{err, "Error parsing config JSON", 400}
  115. }
  117. if err = realm.Register(); err != nil {
  118. return nil, &errors.HTTPError{err, "Error registering auth realm", 400}
  119. }
  121. oldRealm, err := h.db.StoreAuthRealm(realm)
  122. if err != nil {
  123. return nil, &errors.HTTPError{err, "Error storing realm", 500}
  124. }
  126. return &struct {
  127. ID string
  128. Type string
  129. OldConfig types.AuthRealm
  130. NewConfig types.AuthRealm
  131. }{body.ID, body.Type, oldRealm, realm}, nil
  132. }
  134. type webhookHandler struct {
  135. db *database.ServiceDB
  136. clients *clients.Clients
  137. }
  139. func (wh *webhookHandler) handle(w http.ResponseWriter, req *http.Request) {
  140. log.WithField("path", req.URL.Path).Print("Incoming webhook request")
  141. segments := strings.Split(req.URL.Path, "/")
  142. // last path segment is the service ID which we will pass the incoming request to,
  143. // but we've base64d it.
  144. base64srvID := segments[len(segments)-1]
  145. bytesSrvID, err := base64.RawURLEncoding.DecodeString(base64srvID)
  146. srvID := string(bytesSrvID)
  147. if err != nil {
  148. log.WithError(err).WithField("base64_service_id", base64srvID).Print(
  149. "Not a b64 encoded string",
  150. )
  151. w.WriteHeader(400)
  152. return
  153. }
  155. service, err := wh.db.LoadService(srvID)
  156. if err != nil {
  157. log.WithError(err).WithField("service_id", srvID).Print("Failed to load service")
  158. w.WriteHeader(404)
  159. return
  160. }
  161. cli, err := wh.clients.Client(service.ServiceUserID())
  162. if err != nil {
  163. log.WithError(err).WithField("user_id", service.ServiceUserID()).Print(
  164. "Failed to retrieve matrix client instance")
  165. w.WriteHeader(500)
  166. return
  167. }
  168. log.WithFields(log.Fields{
  169. "service_id": service.ServiceID(),
  170. "service_typ": service.ServiceType(),
  171. }).Print("Incoming webhook for service")
  172. service.OnReceiveWebhook(w, req, cli)
  173. }
  175. type configureClientHandler struct {
  176. db *database.ServiceDB
  177. clients *clients.Clients
  178. }
  180. func (s *configureClientHandler) OnIncomingRequest(req *http.Request) (interface{}, *errors.HTTPError) {
  181. if req.Method != "POST" {
  182. return nil, &errors.HTTPError{nil, "Unsupported Method", 405}
  183. }
  185. var body types.ClientConfig
  186. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  187. return nil, &errors.HTTPError{err, "Error parsing request JSON", 400}
  188. }
  190. if err := body.Check(); err != nil {
  191. return nil, &errors.HTTPError{err, "Error parsing client config", 400}
  192. }
  194. oldClient, err := s.clients.Update(body)
  195. if err != nil {
  196. return nil, &errors.HTTPError{err, "Error storing token", 500}
  197. }
  199. return &struct {
  200. OldClient types.ClientConfig
  201. NewClient types.ClientConfig
  202. }{oldClient, body}, nil
  203. }
  205. type configureServiceHandler struct {
  206. db *database.ServiceDB
  207. clients *clients.Clients
  208. mapMutex sync.Mutex
  209. mutexByServiceID map[string]*sync.Mutex
  210. }
  212. func newConfigureServiceHandler(db *database.ServiceDB, clients *clients.Clients) *configureServiceHandler {
  213. return &configureServiceHandler{
  214. db: db,
  215. clients: clients,
  216. mutexByServiceID: make(map[string]*sync.Mutex),
  217. }
  218. }
  220. func (s *configureServiceHandler) getMutexForServiceID(serviceID string) *sync.Mutex {
  221. s.mapMutex.Lock()
  222. defer s.mapMutex.Unlock()
  223. m := s.mutexByServiceID[serviceID]
  224. if m == nil {
  225. // XXX TODO: There's a memory leak here. The amount of mutexes created is unbounded, as there will be 1 per service which are never deleted.
  226. // A better solution would be to have a striped hash map with a bounded pool of mutexes. We can't live with a single global mutex because the Register()
  227. // function this is protecting does many many HTTP requests which can take a long time on bad networks and will head of line block other services.
  228. m = &sync.Mutex{}
  229. s.mutexByServiceID[serviceID] = m
  230. }
  231. return m
  232. }
  234. func (s *configureServiceHandler) OnIncomingRequest(req *http.Request) (interface{}, *errors.HTTPError) {
  235. if req.Method != "POST" {
  236. return nil, &errors.HTTPError{nil, "Unsupported Method", 405}
  237. }
  239. service, httpErr := s.createService(req)
  240. if httpErr != nil {
  241. return nil, httpErr
  242. }
  243. log.WithFields(log.Fields{
  244. "service_id": service.ServiceID(),
  245. "service_type": service.ServiceType(),
  246. "service_user_id": service.ServiceUserID(),
  247. }).Print("Incoming configure service request")
  249. // Have mutexes around each service to queue up multiple requests for the same service ID
  250. mut := s.getMutexForServiceID(service.ServiceID())
  251. mut.Lock()
  252. defer mut.Unlock()
  254. old, err := s.db.LoadService(service.ServiceID())
  255. if err != nil && err != sql.ErrNoRows {
  256. return nil, &errors.HTTPError{err, "Error loading old service", 500}
  257. }
  259. client, err := s.clients.Client(service.ServiceUserID())
  260. if err != nil {
  261. return nil, &errors.HTTPError{err, "Unknown matrix client", 400}
  262. }
  264. if err = service.Register(old, client); err != nil {
  265. return nil, &errors.HTTPError{err, "Failed to register service: " + err.Error(), 500}
  266. }
  268. oldService, err := s.db.StoreService(service)
  269. if err != nil {
  270. return nil, &errors.HTTPError{err, "Error storing service", 500}
  271. }
  273. service.PostRegister(old)
  275. return &struct {
  276. ID string
  277. Type string
  278. OldConfig types.Service
  279. NewConfig types.Service
  280. }{service.ServiceID(), service.ServiceType(), oldService, service}, nil
  281. }
  283. func (s *configureServiceHandler) createService(req *http.Request) (types.Service, *errors.HTTPError) {
  284. var body struct {
  285. ID string
  286. Type string
  287. UserID string
  288. Config json.RawMessage
  289. }
  290. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  291. return nil, &errors.HTTPError{err, "Error parsing request JSON", 400}
  292. }
  294. if body.ID == "" || body.Type == "" || body.UserID == "" || body.Config == nil {
  295. return nil, &errors.HTTPError{
  296. nil, `Must supply an "ID", a "Type", a "UserID" and a "Config"`, 400,
  297. }
  298. }
  300. service, err := types.CreateService(body.ID, body.Type, body.UserID, body.Config)
  301. if err != nil {
  302. return nil, &errors.HTTPError{err, "Error parsing config JSON", 400}
  303. }
  304. return service, nil
  305. }
  307. type getServiceHandler struct {
  308. db *database.ServiceDB
  309. }
  311. func (h *getServiceHandler) OnIncomingRequest(req *http.Request) (interface{}, *errors.HTTPError) {
  312. if req.Method != "POST" {
  313. return nil, &errors.HTTPError{nil, "Unsupported Method", 405}
  314. }
  315. var body struct {
  316. ID string
  317. }
  318. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  319. return nil, &errors.HTTPError{err, "Error parsing request JSON", 400}
  320. }
  322. if body.ID == "" {
  323. return nil, &errors.HTTPError{nil, `Must supply a "ID"`, 400}
  324. }
  326. srv, err := h.db.LoadService(body.ID)
  327. if err != nil {
  328. if err == sql.ErrNoRows {
  329. return nil, &errors.HTTPError{err, `Service not found`, 404}
  330. }
  331. return nil, &errors.HTTPError{err, `Failed to load service`, 500}
  332. }
  334. return &struct {
  335. ID string
  336. Type string
  337. Config types.Service
  338. }{srv.ServiceID(), srv.ServiceType(), srv}, nil
  339. }
  341. type getSessionHandler struct {
  342. db *database.ServiceDB
  343. }
  345. func (h *getSessionHandler) OnIncomingRequest(req *http.Request) (interface{}, *errors.HTTPError) {
  346. if req.Method != "POST" {
  347. return nil, &errors.HTTPError{nil, "Unsupported Method", 405}
  348. }
  349. var body struct {
  350. RealmID string
  351. UserID string
  352. }
  353. if err := json.NewDecoder(req.Body).Decode(&body); err != nil {
  354. return nil, &errors.HTTPError{err, "Error parsing request JSON", 400}
  355. }
  357. if body.RealmID == "" || body.UserID == "" {
  358. return nil, &errors.HTTPError{nil, `Must supply a "RealmID" and "UserID"`, 400}
  359. }
  361. session, err := h.db.LoadAuthSessionByUser(body.RealmID, body.UserID)
  362. if err != nil && err != sql.ErrNoRows {
  363. return nil, &errors.HTTPError{err, `Failed to load session`, 500}
  364. }
  365. if err == sql.ErrNoRows {
  366. return &struct {
  367. Authenticated bool
  368. }{false}, nil
  369. }
  371. return &struct {
  372. ID string
  373. Authenticated bool
  374. Info interface{}
  375. }{session.ID(), session.Authenticated(), session.Info()}, nil
  376. }