2018-07-09 08:09:20 +02:00
|
|
|
import json
|
|
|
|
|
|
|
|
from mock import Mock
|
|
|
|
|
2017-12-04 16:47:27 +01:00
|
|
|
from twisted.python import failure
|
|
|
|
|
2018-07-17 12:43:18 +02:00
|
|
|
from synapse.api.errors import InteractiveAuthIncompleteError
|
|
|
|
from synapse.rest.client.v2_alpha.register import register_servlets
|
2018-07-09 08:09:20 +02:00
|
|
|
|
2015-07-28 18:34:12 +02:00
|
|
|
from tests import unittest
|
|
|
|
|
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
class RegisterRestServletTestCase(unittest.HomeserverTestCase):
|
|
|
|
|
|
|
|
servlets = [register_servlets]
|
|
|
|
|
|
|
|
def make_homeserver(self, reactor, clock):
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
self.url = b"/_matrix/client/r0/register"
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
self.appservice = None
|
2018-07-17 12:43:18 +02:00
|
|
|
self.auth = Mock(
|
|
|
|
get_appservice_by_req=Mock(side_effect=lambda x: self.appservice)
|
2015-07-28 18:34:12 +02:00
|
|
|
)
|
|
|
|
|
2017-12-04 16:47:27 +01:00
|
|
|
self.auth_result = failure.Failure(InteractiveAuthIncompleteError(None))
|
2015-07-28 18:34:12 +02:00
|
|
|
self.auth_handler = Mock(
|
2016-03-16 15:25:14 +01:00
|
|
|
check_auth=Mock(side_effect=lambda x, y, z: self.auth_result),
|
2018-07-17 12:43:18 +02:00
|
|
|
get_session_data=Mock(return_value=None),
|
2015-07-28 18:34:12 +02:00
|
|
|
)
|
|
|
|
self.registration_handler = Mock()
|
|
|
|
self.identity_handler = Mock()
|
|
|
|
self.login_handler = Mock()
|
2016-07-19 19:38:26 +02:00
|
|
|
self.device_handler = Mock()
|
2018-07-17 12:43:18 +02:00
|
|
|
self.device_handler.check_device_registered = Mock(return_value="FAKE")
|
|
|
|
|
|
|
|
self.datastore = Mock(return_value=Mock())
|
|
|
|
self.datastore.get_current_state_deltas = Mock(return_value=[])
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
# do the dance to hook it up to the hs global
|
|
|
|
self.handlers = Mock(
|
|
|
|
registration_handler=self.registration_handler,
|
|
|
|
identity_handler=self.identity_handler,
|
2018-07-17 12:43:18 +02:00
|
|
|
login_handler=self.login_handler,
|
|
|
|
)
|
2018-11-06 17:00:00 +01:00
|
|
|
self.hs = self.setup_test_homeserver()
|
2015-07-28 18:34:12 +02:00
|
|
|
self.hs.get_auth = Mock(return_value=self.auth)
|
|
|
|
self.hs.get_handlers = Mock(return_value=self.handlers)
|
2016-06-02 14:31:45 +02:00
|
|
|
self.hs.get_auth_handler = Mock(return_value=self.auth_handler)
|
2016-07-19 19:38:26 +02:00
|
|
|
self.hs.get_device_handler = Mock(return_value=self.device_handler)
|
2018-07-17 12:43:18 +02:00
|
|
|
self.hs.get_datastore = Mock(return_value=self.datastore)
|
2016-02-03 15:42:01 +01:00
|
|
|
self.hs.config.enable_registration = True
|
2018-01-19 01:28:08 +01:00
|
|
|
self.hs.config.registrations_require_3pid = []
|
2017-10-17 11:39:50 +02:00
|
|
|
self.hs.config.auto_join_rooms = []
|
2015-07-28 18:34:12 +02:00
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
return self.hs
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
def test_POST_appservice_registration_valid(self):
|
|
|
|
user_id = "@kermit:muppet"
|
|
|
|
token = "kermits_access_token"
|
2018-07-17 12:43:18 +02:00
|
|
|
self.appservice = {"id": "1234"}
|
|
|
|
self.registration_handler.appservice_register = Mock(return_value=user_id)
|
|
|
|
self.auth_handler.get_access_token_for_user_id = Mock(return_value=token)
|
|
|
|
request_data = json.dumps({"username": "kermit"})
|
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(
|
2018-07-17 12:43:18 +02:00
|
|
|
b"POST", self.url + b"?access_token=i_am_an_app_service", request_data
|
2016-07-22 15:52:53 +02:00
|
|
|
)
|
2018-11-06 17:00:00 +01:00
|
|
|
self.render(request)
|
2016-07-19 19:46:19 +02:00
|
|
|
|
2018-07-17 12:43:18 +02:00
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2016-03-10 00:08:37 +01:00
|
|
|
det_data = {
|
2016-03-10 10:13:35 +01:00
|
|
|
"user_id": user_id,
|
|
|
|
"access_token": token,
|
2018-07-17 12:43:18 +02:00
|
|
|
"home_server": self.hs.hostname,
|
2016-03-10 00:08:37 +01:00
|
|
|
}
|
2018-08-09 04:22:01 +02:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
def test_POST_appservice_registration_invalid(self):
|
|
|
|
self.appservice = None # no application service exists
|
2018-07-17 12:43:18 +02:00
|
|
|
request_data = json.dumps({"username": "kermit"})
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(
|
2018-07-17 12:43:18 +02:00
|
|
|
b"POST", self.url + b"?access_token=i_am_an_app_service", request_data
|
|
|
|
)
|
2018-11-06 17:00:00 +01:00
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"401", channel.result)
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
def test_POST_bad_password(self):
|
2018-07-17 12:43:18 +02:00
|
|
|
request_data = json.dumps({"username": "kermit", "password": 666})
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url, request_data)
|
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"400", channel.result)
|
2018-08-10 15:54:09 +02:00
|
|
|
self.assertEquals(channel.json_body["error"], "Invalid password")
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
def test_POST_bad_username(self):
|
2018-07-17 12:43:18 +02:00
|
|
|
request_data = json.dumps({"username": 777, "password": "monkey"})
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url, request_data)
|
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"400", channel.result)
|
2018-08-10 15:54:09 +02:00
|
|
|
self.assertEquals(channel.json_body["error"], "Invalid username")
|
2018-07-17 12:43:18 +02:00
|
|
|
|
2015-07-28 18:34:12 +02:00
|
|
|
def test_POST_user_valid(self):
|
|
|
|
user_id = "@kermit:muppet"
|
|
|
|
token = "kermits_access_token"
|
2016-07-19 19:38:26 +02:00
|
|
|
device_id = "frogfone"
|
2018-07-17 12:43:18 +02:00
|
|
|
request_data = json.dumps(
|
|
|
|
{"username": "kermit", "password": "monkey", "device_id": device_id}
|
|
|
|
)
|
2015-07-28 18:34:12 +02:00
|
|
|
self.registration_handler.check_username = Mock(return_value=True)
|
2018-07-17 12:43:18 +02:00
|
|
|
self.auth_result = (None, {"username": "kermit", "password": "monkey"}, None)
|
2016-07-19 14:12:22 +02:00
|
|
|
self.registration_handler.register = Mock(return_value=(user_id, None))
|
2018-07-17 12:43:18 +02:00
|
|
|
self.auth_handler.get_access_token_for_user_id = Mock(return_value=token)
|
|
|
|
self.device_handler.check_device_registered = Mock(return_value=device_id)
|
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url, request_data)
|
|
|
|
self.render(request)
|
2015-07-28 18:34:12 +02:00
|
|
|
|
2016-03-10 00:08:37 +01:00
|
|
|
det_data = {
|
2016-03-10 10:13:35 +01:00
|
|
|
"user_id": user_id,
|
|
|
|
"access_token": token,
|
2016-07-19 19:38:26 +02:00
|
|
|
"home_server": self.hs.hostname,
|
|
|
|
"device_id": device_id,
|
2016-03-10 00:08:37 +01:00
|
|
|
}
|
2018-07-17 12:43:18 +02:00
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2018-08-09 04:22:01 +02:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2016-07-22 15:52:53 +02:00
|
|
|
self.auth_handler.get_login_tuple_for_user_id(
|
2018-07-17 12:43:18 +02:00
|
|
|
user_id, device_id=device_id, initial_device_display_name=None
|
|
|
|
)
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
def test_POST_disabled_registration(self):
|
2016-02-03 15:42:01 +01:00
|
|
|
self.hs.config.enable_registration = False
|
2018-07-17 12:43:18 +02:00
|
|
|
request_data = json.dumps({"username": "kermit", "password": "monkey"})
|
2015-07-28 18:34:12 +02:00
|
|
|
self.registration_handler.check_username = Mock(return_value=True)
|
2018-07-17 12:43:18 +02:00
|
|
|
self.auth_result = (None, {"username": "kermit", "password": "monkey"}, None)
|
2015-07-28 18:34:12 +02:00
|
|
|
self.registration_handler.register = Mock(return_value=("@user:id", "t"))
|
2018-07-17 12:43:18 +02:00
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url, request_data)
|
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"403", channel.result)
|
2018-08-10 15:54:09 +02:00
|
|
|
self.assertEquals(channel.json_body["error"], "Registration has been disabled")
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
def test_POST_guest_registration(self):
|
|
|
|
user_id = "a@b"
|
|
|
|
self.hs.config.macaroon_secret_key = "test"
|
|
|
|
self.hs.config.allow_guest_access = True
|
|
|
|
self.registration_handler.register = Mock(return_value=(user_id, None))
|
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
|
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
det_data = {
|
|
|
|
"user_id": user_id,
|
|
|
|
"home_server": self.hs.hostname,
|
|
|
|
"device_id": "guest_device",
|
|
|
|
}
|
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2018-08-09 04:22:01 +02:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
def test_POST_disabled_guest_registration(self):
|
|
|
|
self.hs.config.allow_guest_access = False
|
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
|
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"403", channel.result)
|
2018-08-10 15:54:09 +02:00
|
|
|
self.assertEquals(channel.json_body["error"], "Guest access is disabled")
|