2019-04-08 18:10:55 +02:00
|
|
|
import datetime
|
2018-07-09 08:09:20 +02:00
|
|
|
import json
|
|
|
|
|
|
2019-02-18 17:49:38 +01:00
|
|
|
from synapse.api.constants import LoginType
|
2019-04-08 18:10:55 +02:00
|
|
|
from synapse.api.errors import Codes
|
2019-02-18 17:49:38 +01:00
|
|
|
from synapse.appservice import ApplicationService
|
2019-04-08 18:10:55 +02:00
|
|
|
from synapse.rest.client.v1 import admin, login
|
|
|
|
|
from synapse.rest.client.v2_alpha import register, sync
|
2018-07-09 08:09:20 +02:00
|
|
|
|
2015-07-28 18:34:12 +02:00
|
|
|
from tests import unittest
|
|
|
|
|
|
|
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
class RegisterRestServletTestCase(unittest.HomeserverTestCase):
|
|
|
|
|
|
2019-04-08 18:10:55 +02:00
|
|
|
servlets = [register.register_servlets]
|
2018-11-06 17:00:00 +01:00
|
|
|
|
|
|
|
|
def make_homeserver(self, reactor, clock):
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
|
self.url = b"/_matrix/client/r0/register"
|
2015-07-28 18:34:12 +02:00
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
self.hs = self.setup_test_homeserver()
|
2016-02-03 15:42:01 +01:00
|
|
|
self.hs.config.enable_registration = True
|
2018-01-19 01:28:08 +01:00
|
|
|
self.hs.config.registrations_require_3pid = []
|
2017-10-17 11:39:50 +02:00
|
|
|
self.hs.config.auto_join_rooms = []
|
2019-02-18 17:49:38 +01:00
|
|
|
self.hs.config.enable_registration_captcha = False
|
2019-03-19 12:01:02 +01:00
|
|
|
self.hs.config.allow_guest_access = True
|
2015-07-28 18:34:12 +02:00
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
return self.hs
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
|
def test_POST_appservice_registration_valid(self):
|
2019-02-18 17:49:38 +01:00
|
|
|
user_id = "@as_user_kermit:test"
|
|
|
|
|
as_token = "i_am_an_app_service"
|
|
|
|
|
|
|
|
|
|
appservice = ApplicationService(
|
2019-03-19 12:01:02 +01:00
|
|
|
as_token, self.hs.config.server_name,
|
2019-02-18 17:49:38 +01:00
|
|
|
id="1234",
|
|
|
|
|
namespaces={
|
|
|
|
|
"users": [{"regex": r"@as_user.*", "exclusive": True}],
|
|
|
|
|
},
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
self.hs.get_datastore().services_cache.append(appservice)
|
|
|
|
|
request_data = json.dumps({"username": "as_user_kermit"})
|
2018-07-17 12:43:18 +02:00
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(
|
2018-07-17 12:43:18 +02:00
|
|
|
b"POST", self.url + b"?access_token=i_am_an_app_service", request_data
|
2016-07-22 15:52:53 +02:00
|
|
|
)
|
2018-11-06 17:00:00 +01:00
|
|
|
self.render(request)
|
2016-07-19 19:46:19 +02:00
|
|
|
|
2018-07-17 12:43:18 +02:00
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2016-03-10 00:08:37 +01:00
|
|
|
det_data = {
|
2016-03-10 10:13:35 +01:00
|
|
|
"user_id": user_id,
|
2018-07-17 12:43:18 +02:00
|
|
|
"home_server": self.hs.hostname,
|
2016-03-10 00:08:37 +01:00
|
|
|
}
|
2018-08-09 04:22:01 +02:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
|
def test_POST_appservice_registration_invalid(self):
|
|
|
|
|
self.appservice = None # no application service exists
|
2018-07-17 12:43:18 +02:00
|
|
|
request_data = json.dumps({"username": "kermit"})
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(
|
2018-07-17 12:43:18 +02:00
|
|
|
b"POST", self.url + b"?access_token=i_am_an_app_service", request_data
|
|
|
|
|
)
|
2018-11-06 17:00:00 +01:00
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"401", channel.result)
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
|
def test_POST_bad_password(self):
|
2018-07-17 12:43:18 +02:00
|
|
|
request_data = json.dumps({"username": "kermit", "password": 666})
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url, request_data)
|
|
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"400", channel.result)
|
2018-08-10 15:54:09 +02:00
|
|
|
self.assertEquals(channel.json_body["error"], "Invalid password")
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
|
def test_POST_bad_username(self):
|
2018-07-17 12:43:18 +02:00
|
|
|
request_data = json.dumps({"username": 777, "password": "monkey"})
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url, request_data)
|
|
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"400", channel.result)
|
2018-08-10 15:54:09 +02:00
|
|
|
self.assertEquals(channel.json_body["error"], "Invalid username")
|
2018-07-17 12:43:18 +02:00
|
|
|
|
2015-07-28 18:34:12 +02:00
|
|
|
def test_POST_user_valid(self):
|
2019-02-18 17:49:38 +01:00
|
|
|
user_id = "@kermit:test"
|
2016-07-19 19:38:26 +02:00
|
|
|
device_id = "frogfone"
|
2019-02-18 17:49:38 +01:00
|
|
|
params = {
|
|
|
|
|
"username": "kermit",
|
|
|
|
|
"password": "monkey",
|
|
|
|
|
"device_id": device_id,
|
|
|
|
|
"auth": {"type": LoginType.DUMMY},
|
|
|
|
|
}
|
2019-02-18 14:43:16 +01:00
|
|
|
request_data = json.dumps(params)
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url, request_data)
|
|
|
|
|
self.render(request)
|
2015-07-28 18:34:12 +02:00
|
|
|
|
2016-03-10 00:08:37 +01:00
|
|
|
det_data = {
|
2016-03-10 10:13:35 +01:00
|
|
|
"user_id": user_id,
|
2016-07-19 19:38:26 +02:00
|
|
|
"home_server": self.hs.hostname,
|
|
|
|
|
"device_id": device_id,
|
2016-03-10 00:08:37 +01:00
|
|
|
}
|
2018-07-17 12:43:18 +02:00
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2018-08-09 04:22:01 +02:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2015-07-28 18:34:12 +02:00
|
|
|
|
|
|
|
|
def test_POST_disabled_registration(self):
|
2016-02-03 15:42:01 +01:00
|
|
|
self.hs.config.enable_registration = False
|
2018-07-17 12:43:18 +02:00
|
|
|
request_data = json.dumps({"username": "kermit", "password": "monkey"})
|
|
|
|
|
self.auth_result = (None, {"username": "kermit", "password": "monkey"}, None)
|
|
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url, request_data)
|
|
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"403", channel.result)
|
2018-08-10 15:54:09 +02:00
|
|
|
self.assertEquals(channel.json_body["error"], "Registration has been disabled")
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
|
def test_POST_guest_registration(self):
|
|
|
|
|
self.hs.config.macaroon_secret_key = "test"
|
|
|
|
|
self.hs.config.allow_guest_access = True
|
|
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
|
|
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
|
det_data = {
|
|
|
|
|
"home_server": self.hs.hostname,
|
|
|
|
|
"device_id": "guest_device",
|
|
|
|
|
}
|
|
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2018-08-09 04:22:01 +02:00
|
|
|
self.assertDictContainsSubset(det_data, channel.json_body)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
|
def test_POST_disabled_guest_registration(self):
|
|
|
|
|
self.hs.config.allow_guest_access = False
|
|
|
|
|
|
2018-11-06 17:00:00 +01:00
|
|
|
request, channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
|
|
|
|
|
self.render(request)
|
2018-07-17 12:43:18 +02:00
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"403", channel.result)
|
2018-08-10 15:54:09 +02:00
|
|
|
self.assertEquals(channel.json_body["error"], "Guest access is disabled")
|
2019-03-05 15:25:33 +01:00
|
|
|
|
|
|
|
|
def test_POST_ratelimiting_guest(self):
|
2019-03-15 18:46:16 +01:00
|
|
|
self.hs.config.rc_registration.burst_count = 5
|
|
|
|
|
self.hs.config.rc_registration.per_second = 0.17
|
2019-03-05 15:25:33 +01:00
|
|
|
|
|
|
|
|
for i in range(0, 6):
|
|
|
|
|
url = self.url + b"?kind=guest"
|
|
|
|
|
request, channel = self.make_request(b"POST", url, b"{}")
|
|
|
|
|
self.render(request)
|
|
|
|
|
|
|
|
|
|
if i == 5:
|
|
|
|
|
self.assertEquals(channel.result["code"], b"429", channel.result)
|
|
|
|
|
retry_after_ms = int(channel.json_body["retry_after_ms"])
|
|
|
|
|
else:
|
|
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
|
|
|
|
|
|
|
|
|
self.reactor.advance(retry_after_ms / 1000.)
|
|
|
|
|
|
|
|
|
|
request, channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
|
|
|
|
|
self.render(request)
|
|
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
|
|
|
|
|
|
|
|
|
def test_POST_ratelimiting(self):
|
2019-03-15 18:46:16 +01:00
|
|
|
self.hs.config.rc_registration.burst_count = 5
|
|
|
|
|
self.hs.config.rc_registration.per_second = 0.17
|
2019-03-05 15:25:33 +01:00
|
|
|
|
|
|
|
|
for i in range(0, 6):
|
|
|
|
|
params = {
|
|
|
|
|
"username": "kermit" + str(i),
|
|
|
|
|
"password": "monkey",
|
|
|
|
|
"device_id": "frogfone",
|
|
|
|
|
"auth": {"type": LoginType.DUMMY},
|
|
|
|
|
}
|
|
|
|
|
request_data = json.dumps(params)
|
|
|
|
|
request, channel = self.make_request(b"POST", self.url, request_data)
|
|
|
|
|
self.render(request)
|
|
|
|
|
|
|
|
|
|
if i == 5:
|
|
|
|
|
self.assertEquals(channel.result["code"], b"429", channel.result)
|
|
|
|
|
retry_after_ms = int(channel.json_body["retry_after_ms"])
|
|
|
|
|
else:
|
|
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
|
|
|
|
|
|
|
|
|
self.reactor.advance(retry_after_ms / 1000.)
|
|
|
|
|
|
|
|
|
|
request, channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
|
|
|
|
|
self.render(request)
|
|
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
2019-04-08 18:10:55 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
class AccountValidityTestCase(unittest.HomeserverTestCase):
|
|
|
|
|
|
|
|
|
|
servlets = [
|
|
|
|
|
register.register_servlets,
|
|
|
|
|
admin.register_servlets,
|
|
|
|
|
login.register_servlets,
|
|
|
|
|
sync.register_servlets,
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
def make_homeserver(self, reactor, clock):
|
|
|
|
|
config = self.default_config()
|
|
|
|
|
config.enable_registration = True
|
|
|
|
|
config.account_validity.enabled = True
|
|
|
|
|
config.account_validity.period = 604800000 # Time in ms for 1 week
|
|
|
|
|
self.hs = self.setup_test_homeserver(config=config)
|
|
|
|
|
|
|
|
|
|
return self.hs
|
|
|
|
|
|
|
|
|
|
def test_validity_period(self):
|
|
|
|
|
self.register_user("kermit", "monkey")
|
|
|
|
|
tok = self.login("kermit", "monkey")
|
|
|
|
|
|
|
|
|
|
# The specific endpoint doesn't matter, all we need is an authenticated
|
|
|
|
|
# endpoint.
|
|
|
|
|
request, channel = self.make_request(
|
|
|
|
|
b"GET", "/sync", access_token=tok,
|
|
|
|
|
)
|
|
|
|
|
self.render(request)
|
|
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"200", channel.result)
|
|
|
|
|
|
|
|
|
|
self.reactor.advance(datetime.timedelta(weeks=1).total_seconds())
|
|
|
|
|
|
|
|
|
|
request, channel = self.make_request(
|
|
|
|
|
b"GET", "/sync", access_token=tok,
|
|
|
|
|
)
|
|
|
|
|
self.render(request)
|
|
|
|
|
|
|
|
|
|
self.assertEquals(channel.result["code"], b"403", channel.result)
|
|
|
|
|
self.assertEquals(
|
|
|
|
|
channel.json_body["errcode"], Codes.EXPIRED_ACCOUNT, channel.result,
|
|
|
|
|
)
|
