* Prevent alias registration in AS exclusive namespace
* Fix M_Exclusive errors so they return status 400 instead of 403.
Signed-off-by: Andrew Morgan <andrewm@matrix.org>
* Directly access namespace map instead of searching for key
* Prevent sql scanning into nil value in accounts_table
Signed-off-by: Andrew Morgan <andrewm@matrix.org>
* Remove uneccessary logging, null checking
* Don't forget to set the localpart
* Simplify error checking
* Add group_id, rate_limit and protocol AS config options
* We currently just record and error check these options. There are not
currently implemented.
Signed-off-by: Andrew Morgan <andrewm@matrix.org>
* Clean things up and fix yaml declaration
* Warn loudly when app service requests unimplemented options
* Fix comments
* Remove high cyclomatic complexity of appservice checkErrors
* Set default rate limited to true
* Compile room and alias namespace regexs
We'll be needing these for event filtering in the appservice component.
Signed-off-by: Andrew Morgan <andrewm@matrix.org>
* App service filters roomserver events
Doing so based on namespace regexes that each app service has defined.
To get the aliases for a roomID a new aliasAPI endpoint was defined,
GetAliasesFromRoomID, which does exactly what it says on the tin.
Next step is to queue events to be sent off to each homeserver.
* Additionally filter state events for app services
* Fixed context, logging, derps, config handling
* Prevented user from creating more than one regex per namespace type
Got caught out by realizing I had an extra '-' in the config file. This
prevents anyone from making the same mistake :)
* Removed exclusive RoomID namespace regex, as we won't need to check
upon room creation if the ID is reserved exclusively by an AS (as this
is silly and horribly inefficient).
* Fixed all else mentioned
* Add Application Service component
The component subscribes to the Roomserver kafka stream, filtering
events to be eventually sent off to relevant app services, as well as
handling incoming HTTP traffic from app services on the
`/matrix/app/r0/*` route.
Signed-off-by: Andrew Morgan <andrewm@matrix.org>
* Make linting happy
Signed-off-by: Andrew Morgan <andrewm@matrix.org>
* Fix typo in API Endpoint
Signed-off-by: Andrew Morgan <andrewm@matrix.org>
* Fixed another typo and bug
Use a sql.NullInt64 instead of an Int64 as that allows for values to
sometimes be null when pulling from a postgres table. Can result in
error otherwise.
Signed-off-by: Andrew Morgan <andrewm@matrix.org>
Should return error if we didn't find an Application Service, not the
other way around. Reported by @APWhitehat
Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
`gb test`s output is confusing as it is similar to that of `gb build`.
Rather than building, it's actually running all the tests. If no output
past this shows, then all tests have succeeded.
Updates CONTRIBUTING.md to include a note about this.
When a user registered on a homeserver with no application services
registered, registration would check if the meta-regexp object matched
the proposed user's new username.
Apparently "" is a regex that matches everything, so every user was
then barred from registering as they were supposedly registering inside
an AS' exclusive namespace.
This change prevents that check from happening by setting the exclusive
regex to ^$ instead, preventing any matches from occurring.
We also prevent the check for exclusivity if there are no namespaces
registered for performance.
Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
* Add ability for App Services to register users
AS Tokens are pulled from their respective configs, which are then
checked against when an AS tries to register using
m.login.application_service. If the token exists and the new username is
within their specified namespace, then the user is created as a
password-less user.
Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
* Validate loaded Application Services
* Ensure no two app services have the same token or ID
* Check namespaces are valid regex
* Ensure users can't register inside an exclusive app service namespace
* Ensure exclusive app service namespaces are exclusive with each other
* Precompile application service namespace regexes so we don't need to
do so every time a user is registered
Signed-off-by: Andrew Morgan (https://amorgan.xyz) <andrew@amorgan.xyz>
* Add base component
* Convert clientapi to using base component
* Convert federationapi to using base component
* Convert federationsender to using base component
* Convert mediaapi to using base component
* Convert publicroomsapi to using base component
* Convert roomserver to using base component
* Convert syncapi to using base component
* Convert monolith to using base component
* Split out config parsing and roomserver API creation