test_devices.py 21 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590
  1. # Copyright 2022 The Matrix.org Foundation C.I.C.
  2. #
  3. # Licensed under the Apache License, Version 2.0 (the "License");
  4. # you may not use this file except in compliance with the License.
  5. # You may obtain a copy of the License at
  6. #
  7. # http://www.apache.org/licenses/LICENSE-2.0
  8. #
  9. # Unless required by applicable law or agreed to in writing, software
  10. # distributed under the License is distributed on an "AS IS" BASIS,
  11. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. # See the License for the specific language governing permissions and
  13. # limitations under the License.
  14. from http import HTTPStatus
  15. from twisted.internet.defer import ensureDeferred
  16. from twisted.test.proto_helpers import MemoryReactor
  17. from synapse.api.errors import NotFoundError
  18. from synapse.rest import admin, devices, room, sync
  19. from synapse.rest.client import account, keys, login, register
  20. from synapse.server import HomeServer
  21. from synapse.types import JsonDict, UserID, create_requester
  22. from synapse.util import Clock
  23. from tests import unittest
  24. class DeviceListsTestCase(unittest.HomeserverTestCase):
  25. """Tests regarding device list changes."""
  26. servlets = [
  27. admin.register_servlets_for_client_rest_resource,
  28. login.register_servlets,
  29. register.register_servlets,
  30. account.register_servlets,
  31. room.register_servlets,
  32. sync.register_servlets,
  33. devices.register_servlets,
  34. ]
  35. def test_receiving_local_device_list_changes(self) -> None:
  36. """Tests that a local users that share a room receive each other's device list
  37. changes.
  38. """
  39. # Register two users
  40. test_device_id = "TESTDEVICE"
  41. alice_user_id = self.register_user("alice", "correcthorse")
  42. alice_access_token = self.login(
  43. alice_user_id, "correcthorse", device_id=test_device_id
  44. )
  45. bob_user_id = self.register_user("bob", "ponyponypony")
  46. bob_access_token = self.login(bob_user_id, "ponyponypony")
  47. # Create a room for them to coexist peacefully in
  48. new_room_id = self.helper.create_room_as(
  49. alice_user_id, is_public=True, tok=alice_access_token
  50. )
  51. self.assertIsNotNone(new_room_id)
  52. # Have Bob join the room
  53. self.helper.invite(
  54. new_room_id, alice_user_id, bob_user_id, tok=alice_access_token
  55. )
  56. self.helper.join(new_room_id, bob_user_id, tok=bob_access_token)
  57. # Now have Bob initiate an initial sync (in order to get a since token)
  58. channel = self.make_request(
  59. "GET",
  60. "/sync",
  61. access_token=bob_access_token,
  62. )
  63. self.assertEqual(channel.code, 200, channel.json_body)
  64. next_batch_token = channel.json_body["next_batch"]
  65. # ...and then an incremental sync. This should block until the sync stream is woken up,
  66. # which we hope will happen as a result of Alice updating their device list.
  67. bob_sync_channel = self.make_request(
  68. "GET",
  69. f"/sync?since={next_batch_token}&timeout=30000",
  70. access_token=bob_access_token,
  71. # Start the request, then continue on.
  72. await_result=False,
  73. )
  74. # Have alice update their device list
  75. channel = self.make_request(
  76. "PUT",
  77. f"/devices/{test_device_id}",
  78. {
  79. "display_name": "New Device Name",
  80. },
  81. access_token=alice_access_token,
  82. )
  83. self.assertEqual(channel.code, HTTPStatus.OK, channel.json_body)
  84. # Check that bob's incremental sync contains the updated device list.
  85. # If not, the client would only receive the device list update on the
  86. # *next* sync.
  87. bob_sync_channel.await_result()
  88. self.assertEqual(bob_sync_channel.code, 200, bob_sync_channel.json_body)
  89. changed_device_lists = bob_sync_channel.json_body.get("device_lists", {}).get(
  90. "changed", []
  91. )
  92. self.assertIn(alice_user_id, changed_device_lists, bob_sync_channel.json_body)
  93. def test_not_receiving_local_device_list_changes(self) -> None:
  94. """Tests a local users DO NOT receive device updates from each other if they do not
  95. share a room.
  96. """
  97. # Register two users
  98. test_device_id = "TESTDEVICE"
  99. alice_user_id = self.register_user("alice", "correcthorse")
  100. alice_access_token = self.login(
  101. alice_user_id, "correcthorse", device_id=test_device_id
  102. )
  103. bob_user_id = self.register_user("bob", "ponyponypony")
  104. bob_access_token = self.login(bob_user_id, "ponyponypony")
  105. # These users do not share a room. They are lonely.
  106. # Have Bob initiate an initial sync (in order to get a since token)
  107. channel = self.make_request(
  108. "GET",
  109. "/sync",
  110. access_token=bob_access_token,
  111. )
  112. self.assertEqual(channel.code, HTTPStatus.OK, channel.json_body)
  113. next_batch_token = channel.json_body["next_batch"]
  114. # ...and then an incremental sync. This should block until the sync stream is woken up,
  115. # which we hope will happen as a result of Alice updating their device list.
  116. bob_sync_channel = self.make_request(
  117. "GET",
  118. f"/sync?since={next_batch_token}&timeout=1000",
  119. access_token=bob_access_token,
  120. # Start the request, then continue on.
  121. await_result=False,
  122. )
  123. # Have alice update their device list
  124. channel = self.make_request(
  125. "PUT",
  126. f"/devices/{test_device_id}",
  127. {
  128. "display_name": "New Device Name",
  129. },
  130. access_token=alice_access_token,
  131. )
  132. self.assertEqual(channel.code, HTTPStatus.OK, channel.json_body)
  133. # Check that bob's incremental sync does not contain the updated device list.
  134. bob_sync_channel.await_result()
  135. self.assertEqual(
  136. bob_sync_channel.code, HTTPStatus.OK, bob_sync_channel.json_body
  137. )
  138. changed_device_lists = bob_sync_channel.json_body.get("device_lists", {}).get(
  139. "changed", []
  140. )
  141. self.assertNotIn(
  142. alice_user_id, changed_device_lists, bob_sync_channel.json_body
  143. )
  144. class DevicesTestCase(unittest.HomeserverTestCase):
  145. servlets = [
  146. admin.register_servlets,
  147. login.register_servlets,
  148. sync.register_servlets,
  149. ]
  150. def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None:
  151. self.handler = hs.get_device_handler()
  152. @unittest.override_config({"delete_stale_devices_after": 72000000})
  153. def test_delete_stale_devices(self) -> None:
  154. """Tests that stale devices are automatically removed after a set time of
  155. inactivity.
  156. The configuration is set to delete devices that haven't been used in the past 20h.
  157. """
  158. # Register a user and creates 2 devices for them.
  159. user_id = self.register_user("user", "password")
  160. tok1 = self.login("user", "password", device_id="abc")
  161. tok2 = self.login("user", "password", device_id="def")
  162. # Sync them so they have a last_seen value.
  163. self.make_request("GET", "/sync", access_token=tok1)
  164. self.make_request("GET", "/sync", access_token=tok2)
  165. # Advance half a day and sync again with one of the devices, so that the next
  166. # time the background job runs we don't delete this device (since it will look
  167. # for devices that haven't been used for over an hour).
  168. self.reactor.advance(43200)
  169. self.make_request("GET", "/sync", access_token=tok1)
  170. # Advance another half a day, and check that the device that has synced still
  171. # exists but the one that hasn't has been removed.
  172. self.reactor.advance(43200)
  173. self.get_success(self.handler.get_device(user_id, "abc"))
  174. self.get_failure(self.handler.get_device(user_id, "def"), NotFoundError)
  175. class DehydratedDeviceTestCase(unittest.HomeserverTestCase):
  176. servlets = [
  177. admin.register_servlets_for_client_rest_resource,
  178. login.register_servlets,
  179. register.register_servlets,
  180. devices.register_servlets,
  181. keys.register_servlets,
  182. ]
  183. def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None:
  184. self.registration = hs.get_registration_handler()
  185. self.message_handler = hs.get_device_message_handler()
  186. def test_PUT(self) -> None:
  187. """Sanity-check that we can PUT a dehydrated device.
  188. Detects https://github.com/matrix-org/synapse/issues/14334.
  189. """
  190. alice = self.register_user("alice", "correcthorse")
  191. token = self.login(alice, "correcthorse")
  192. # Have alice update their device list
  193. channel = self.make_request(
  194. "PUT",
  195. "_matrix/client/unstable/org.matrix.msc2697.v2/dehydrated_device",
  196. {
  197. "device_data": {
  198. "algorithm": "org.matrix.msc2697.v1.dehydration.v1.olm",
  199. "account": "dehydrated_device",
  200. },
  201. "device_keys": {
  202. "user_id": "@alice:test",
  203. "device_id": "device1",
  204. "valid_until_ts": "80",
  205. "algorithms": [
  206. "m.olm.curve25519-aes-sha2",
  207. ],
  208. "keys": {
  209. "<algorithm>:<device_id>": "<key_base64>",
  210. },
  211. "signatures": {
  212. "<user_id>": {"<algorithm>:<device_id>": "<signature_base64>"}
  213. },
  214. },
  215. },
  216. access_token=token,
  217. shorthand=False,
  218. )
  219. self.assertEqual(channel.code, HTTPStatus.OK, channel.json_body)
  220. device_id = channel.json_body.get("device_id")
  221. self.assertIsInstance(device_id, str)
  222. @unittest.override_config(
  223. {"experimental_features": {"msc2697_enabled": False, "msc3814_enabled": True}}
  224. )
  225. def test_dehydrate_msc3814(self) -> None:
  226. user = self.register_user("mikey", "pass")
  227. token = self.login(user, "pass", device_id="device1")
  228. content: JsonDict = {
  229. "device_data": {
  230. "algorithm": "m.dehydration.v1.olm",
  231. },
  232. "device_id": "device1",
  233. "initial_device_display_name": "foo bar",
  234. "device_keys": {
  235. "user_id": "@mikey:test",
  236. "device_id": "device1",
  237. "valid_until_ts": "80",
  238. "algorithms": [
  239. "m.olm.curve25519-aes-sha2",
  240. ],
  241. "keys": {
  242. "<algorithm>:<device_id>": "<key_base64>",
  243. },
  244. "signatures": {
  245. "<user_id>": {"<algorithm>:<device_id>": "<signature_base64>"}
  246. },
  247. },
  248. "fallback_keys": {
  249. "alg1:device1": "f4llb4ckk3y",
  250. "signed_<algorithm>:<device_id>": {
  251. "fallback": "true",
  252. "key": "f4llb4ckk3y",
  253. "signatures": {
  254. "<user_id>": {"<algorithm>:<device_id>": "<key_base64>"}
  255. },
  256. },
  257. },
  258. "one_time_keys": {"alg1:k1": "0net1m3k3y"},
  259. }
  260. channel = self.make_request(
  261. "PUT",
  262. "_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device",
  263. content=content,
  264. access_token=token,
  265. shorthand=False,
  266. )
  267. self.assertEqual(channel.code, 200)
  268. device_id = channel.json_body.get("device_id")
  269. assert device_id is not None
  270. self.assertIsInstance(device_id, str)
  271. self.assertEqual("device1", device_id)
  272. # test that we can now GET the dehydrated device info
  273. channel = self.make_request(
  274. "GET",
  275. "_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device",
  276. access_token=token,
  277. shorthand=False,
  278. )
  279. self.assertEqual(channel.code, 200)
  280. returned_device_id = channel.json_body.get("device_id")
  281. self.assertEqual(returned_device_id, device_id)
  282. device_data = channel.json_body.get("device_data")
  283. expected_device_data = {
  284. "algorithm": "m.dehydration.v1.olm",
  285. }
  286. self.assertEqual(device_data, expected_device_data)
  287. # test that the keys are correctly uploaded
  288. channel = self.make_request(
  289. "POST",
  290. "/_matrix/client/r0/keys/query",
  291. {
  292. "device_keys": {
  293. user: ["device1"],
  294. },
  295. },
  296. token,
  297. )
  298. self.assertEqual(channel.code, 200)
  299. self.assertEqual(
  300. channel.json_body["device_keys"][user][device_id]["keys"],
  301. content["device_keys"]["keys"],
  302. )
  303. # first claim should return the onetime key we uploaded
  304. res = self.get_success(
  305. self.hs.get_e2e_keys_handler().claim_one_time_keys(
  306. {user: {device_id: {"alg1": 1}}},
  307. UserID.from_string(user),
  308. timeout=None,
  309. always_include_fallback_keys=False,
  310. )
  311. )
  312. self.assertEqual(
  313. res,
  314. {
  315. "failures": {},
  316. "one_time_keys": {user: {device_id: {"alg1:k1": "0net1m3k3y"}}},
  317. },
  318. )
  319. # second claim should return fallback key
  320. res2 = self.get_success(
  321. self.hs.get_e2e_keys_handler().claim_one_time_keys(
  322. {user: {device_id: {"alg1": 1}}},
  323. UserID.from_string(user),
  324. timeout=None,
  325. always_include_fallback_keys=False,
  326. )
  327. )
  328. self.assertEqual(
  329. res2,
  330. {
  331. "failures": {},
  332. "one_time_keys": {user: {device_id: {"alg1:device1": "f4llb4ckk3y"}}},
  333. },
  334. )
  335. # create another device for the user
  336. (
  337. new_device_id,
  338. _,
  339. _,
  340. _,
  341. ) = self.get_success(
  342. self.registration.register_device(
  343. user_id=user,
  344. device_id=None,
  345. initial_display_name="new device",
  346. )
  347. )
  348. requester = create_requester(user, device_id=new_device_id)
  349. # Send a message to the dehydrated device
  350. ensureDeferred(
  351. self.message_handler.send_device_message(
  352. requester=requester,
  353. message_type="test.message",
  354. messages={user: {device_id: {"body": "test_message"}}},
  355. )
  356. )
  357. self.pump()
  358. # make sure we can fetch the message with our dehydrated device id
  359. channel = self.make_request(
  360. "POST",
  361. f"_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device/{device_id}/events",
  362. content={},
  363. access_token=token,
  364. shorthand=False,
  365. )
  366. self.assertEqual(channel.code, 200)
  367. expected_content = {"body": "test_message"}
  368. self.assertEqual(channel.json_body["events"][0]["content"], expected_content)
  369. # fetch messages again and make sure that the message was not deleted
  370. channel = self.make_request(
  371. "POST",
  372. f"_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device/{device_id}/events",
  373. content={},
  374. access_token=token,
  375. shorthand=False,
  376. )
  377. self.assertEqual(channel.code, 200)
  378. self.assertEqual(channel.json_body["events"][0]["content"], expected_content)
  379. next_batch_token = channel.json_body.get("next_batch")
  380. # make sure fetching messages with next batch token works - there are no unfetched
  381. # messages so we should receive an empty array
  382. content = {"next_batch": next_batch_token}
  383. channel = self.make_request(
  384. "POST",
  385. f"_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device/{device_id}/events",
  386. content=content,
  387. access_token=token,
  388. shorthand=False,
  389. )
  390. self.assertEqual(channel.code, 200)
  391. self.assertEqual(channel.json_body["events"], [])
  392. # make sure we can delete the dehydrated device
  393. channel = self.make_request(
  394. "DELETE",
  395. "_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device",
  396. access_token=token,
  397. shorthand=False,
  398. )
  399. self.assertEqual(channel.code, 200)
  400. # ...and after deleting it is no longer available
  401. channel = self.make_request(
  402. "GET",
  403. "_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device",
  404. access_token=token,
  405. shorthand=False,
  406. )
  407. self.assertEqual(channel.code, 401)
  408. @unittest.override_config(
  409. {"experimental_features": {"msc2697_enabled": False, "msc3814_enabled": True}}
  410. )
  411. def test_msc3814_dehydrated_device_delete_works(self) -> None:
  412. user = self.register_user("mikey", "pass")
  413. token = self.login(user, "pass", device_id="device1")
  414. content: JsonDict = {
  415. "device_data": {
  416. "algorithm": "m.dehydration.v1.olm",
  417. },
  418. "device_id": "device2",
  419. "initial_device_display_name": "foo bar",
  420. "device_keys": {
  421. "user_id": "@mikey:test",
  422. "device_id": "device2",
  423. "valid_until_ts": "80",
  424. "algorithms": [
  425. "m.olm.curve25519-aes-sha2",
  426. ],
  427. "keys": {
  428. "<algorithm>:<device_id>": "<key_base64>",
  429. },
  430. "signatures": {
  431. "<user_id>": {"<algorithm>:<device_id>": "<signature_base64>"}
  432. },
  433. },
  434. }
  435. channel = self.make_request(
  436. "PUT",
  437. "_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device",
  438. content=content,
  439. access_token=token,
  440. shorthand=False,
  441. )
  442. self.assertEqual(channel.code, 200)
  443. device_id = channel.json_body.get("device_id")
  444. assert device_id is not None
  445. self.assertIsInstance(device_id, str)
  446. self.assertEqual("device2", device_id)
  447. # ensure that keys were uploaded and available
  448. channel = self.make_request(
  449. "POST",
  450. "/_matrix/client/r0/keys/query",
  451. {
  452. "device_keys": {
  453. user: ["device2"],
  454. },
  455. },
  456. token,
  457. )
  458. self.assertEqual(
  459. channel.json_body["device_keys"][user]["device2"]["keys"],
  460. {
  461. "<algorithm>:<device_id>": "<key_base64>",
  462. },
  463. )
  464. # delete the dehydrated device
  465. channel = self.make_request(
  466. "DELETE",
  467. "_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device",
  468. access_token=token,
  469. shorthand=False,
  470. )
  471. self.assertEqual(channel.code, 200)
  472. # ensure that keys are no longer available for deleted device
  473. channel = self.make_request(
  474. "POST",
  475. "/_matrix/client/r0/keys/query",
  476. {
  477. "device_keys": {
  478. user: ["device2"],
  479. },
  480. },
  481. token,
  482. )
  483. self.assertEqual(channel.json_body["device_keys"], {"@mikey:test": {}})
  484. # check that an old device is deleted when user PUTs a new device
  485. # First, create a device
  486. content["device_id"] = "device3"
  487. content["device_keys"]["device_id"] = "device3"
  488. channel = self.make_request(
  489. "PUT",
  490. "_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device",
  491. content=content,
  492. access_token=token,
  493. shorthand=False,
  494. )
  495. self.assertEqual(channel.code, 200)
  496. device_id = channel.json_body.get("device_id")
  497. assert device_id is not None
  498. self.assertIsInstance(device_id, str)
  499. self.assertEqual("device3", device_id)
  500. # create a second device without deleting first device
  501. content["device_id"] = "device4"
  502. content["device_keys"]["device_id"] = "device4"
  503. channel = self.make_request(
  504. "PUT",
  505. "_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device",
  506. content=content,
  507. access_token=token,
  508. shorthand=False,
  509. )
  510. self.assertEqual(channel.code, 200)
  511. device_id = channel.json_body.get("device_id")
  512. assert device_id is not None
  513. self.assertIsInstance(device_id, str)
  514. self.assertEqual("device4", device_id)
  515. # check that the second device that was created is what is returned when we GET
  516. channel = self.make_request(
  517. "GET",
  518. "_matrix/client/unstable/org.matrix.msc3814.v1/dehydrated_device",
  519. access_token=token,
  520. shorthand=False,
  521. )
  522. self.assertEqual(channel.code, 200)
  523. returned_device_id = channel.json_body["device_id"]
  524. self.assertEqual(returned_device_id, "device4")
  525. # and that if we query the keys for the first device they are not there
  526. channel = self.make_request(
  527. "POST",
  528. "/_matrix/client/r0/keys/query",
  529. {
  530. "device_keys": {
  531. user: ["device3"],
  532. },
  533. },
  534. token,
  535. )
  536. self.assertEqual(channel.json_body["device_keys"], {"@mikey:test": {}})