123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115 |
- # -*- coding: utf-8 -*-
- # Copyright 2014,2017 OpenMarket Ltd
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
- from twisted.web.resource import Resource
- from sydent.db.threepid_associations import GlobalAssociationStore
- import logging
- import json
- import signedjson.sign
- from sydent.http.servlets import get_args, jsonwrap, send_cors
- logger = logging.getLogger(__name__)
- class LookupServlet(Resource):
- isLeaf = True
- def __init__(self, syd):
- self.sydent = syd
- def render_GET(self, request):
- """
- Look up an individual threepid.
- Params: 'medium': the medium of the threepid
- 'address': the address of the threepid
- Returns: A signed association if the threepid has a corresponding mxid, otherwise the empty object.
- """
- send_cors(request)
- err, args = get_args(request, ('medium', 'address'))
- if err:
- return json.dumps(err)
- medium = args['medium']
- address = args['address']
- globalAssocStore = GlobalAssociationStore(self.sydent)
- sgassoc = globalAssocStore.signedAssociationStringForThreepid(medium, address)
- if not sgassoc:
- return json.dumps({})
- sgassoc = json.loads(sgassoc.encode('utf8'))
- if not self.sydent.server_name in sgassoc['signatures']:
- # We have not yet worked out what the proper trust model should be.
- #
- # Maybe clients implicitly trust a server they talk to (and so we
- # should sign every assoc we return as ourselves, so they can
- # verify this).
- #
- # Maybe clients really want to know what server did the original
- # verification, and want to only know exactly who signed the assoc.
- #
- # Until we work out what we should do, sign all assocs we return as
- # ourself. This is vaguely ok because there actually is only one
- # identity server, but it happens to have two names (matrix.org and
- # vector.im), and so we're not really lying too much.
- #
- # We do this when we return assocs, not when we receive them over
- # replication, so that we can undo this decision in the future if
- # we wish, without having destroyed the raw underlying data.
- sgassoc = signedjson.sign.sign_json(
- sgassoc,
- self.sydent.server_name,
- self.sydent.keyring.ed25519
- )
- return json.dumps(sgassoc)
- def render_POST(self, request):
- """
- Bulk-lookup for threepids.
- ** DEPRECATED **
- Use /bulk_lookup which returns the result encapsulated in a dict
- Params: 'threepids': list of threepids, each of which is a list of medium, address
- Returns: List of results where each result is a 3 item list of medium, address, mxid
- Threepids for which no mapping is found are omitted.
- """
- send_cors(request)
- err, args = get_args(request, ('threepids',))
- if err:
- return json.dumps(err)
- threepids = args['threepids']
- if not isinstance(threepids, list):
- request.setResponseCode(400)
- return {'errcode': 'M_INVALID_PARAM', 'error': 'threepids must be a list'}, None
- logger.info("Bulk lookup of %d threepids (deprecated endpoint)", len(threepids))
-
- globalAssocStore = GlobalAssociationStore(self.sydent)
- results = globalAssocStore.getMxids(threepids)
- return json.dumps(results)
-
- @jsonwrap
- def render_OPTIONS(self, request):
- send_cors(request)
- request.setResponseCode(200)
- return {}
|