MatrixSynapse/tests/rest/client/v2_alpha/test_register.py

231 lines
8.2 KiB
Python
Raw Normal View History

2019-04-08 18:10:55 +02:00
import datetime
2018-07-09 08:09:20 +02:00
import json
2019-02-18 17:49:38 +01:00
from synapse.api.constants import LoginType
2019-04-08 18:10:55 +02:00
from synapse.api.errors import Codes
2019-02-18 17:49:38 +01:00
from synapse.appservice import ApplicationService
2019-04-08 18:10:55 +02:00
from synapse.rest.client.v1 import admin, login
from synapse.rest.client.v2_alpha import register, sync
2018-07-09 08:09:20 +02:00
from tests import unittest
class RegisterRestServletTestCase(unittest.HomeserverTestCase):
2019-04-08 18:10:55 +02:00
servlets = [register.register_servlets]
def make_homeserver(self, reactor, clock):
self.url = b"/_matrix/client/r0/register"
self.hs = self.setup_test_homeserver()
self.hs.config.enable_registration = True
2018-01-19 01:28:08 +01:00
self.hs.config.registrations_require_3pid = []
2017-10-17 11:39:50 +02:00
self.hs.config.auto_join_rooms = []
2019-02-18 17:49:38 +01:00
self.hs.config.enable_registration_captcha = False
self.hs.config.allow_guest_access = True
return self.hs
def test_POST_appservice_registration_valid(self):
2019-02-18 17:49:38 +01:00
user_id = "@as_user_kermit:test"
as_token = "i_am_an_app_service"
appservice = ApplicationService(
as_token, self.hs.config.server_name,
2019-02-18 17:49:38 +01:00
id="1234",
namespaces={
"users": [{"regex": r"@as_user.*", "exclusive": True}],
},
)
self.hs.get_datastore().services_cache.append(appservice)
request_data = json.dumps({"username": "as_user_kermit"})
request, channel = self.make_request(
b"POST", self.url + b"?access_token=i_am_an_app_service", request_data
2016-07-22 15:52:53 +02:00
)
self.render(request)
self.assertEquals(channel.result["code"], b"200", channel.result)
det_data = {
2016-03-10 10:13:35 +01:00
"user_id": user_id,
"home_server": self.hs.hostname,
}
2018-08-09 04:22:01 +02:00
self.assertDictContainsSubset(det_data, channel.json_body)
def test_POST_appservice_registration_invalid(self):
self.appservice = None # no application service exists
request_data = json.dumps({"username": "kermit"})
request, channel = self.make_request(
b"POST", self.url + b"?access_token=i_am_an_app_service", request_data
)
self.render(request)
self.assertEquals(channel.result["code"], b"401", channel.result)
def test_POST_bad_password(self):
request_data = json.dumps({"username": "kermit", "password": 666})
request, channel = self.make_request(b"POST", self.url, request_data)
self.render(request)
self.assertEquals(channel.result["code"], b"400", channel.result)
2018-08-10 15:54:09 +02:00
self.assertEquals(channel.json_body["error"], "Invalid password")
def test_POST_bad_username(self):
request_data = json.dumps({"username": 777, "password": "monkey"})
request, channel = self.make_request(b"POST", self.url, request_data)
self.render(request)
self.assertEquals(channel.result["code"], b"400", channel.result)
2018-08-10 15:54:09 +02:00
self.assertEquals(channel.json_body["error"], "Invalid username")
def test_POST_user_valid(self):
2019-02-18 17:49:38 +01:00
user_id = "@kermit:test"
device_id = "frogfone"
2019-02-18 17:49:38 +01:00
params = {
"username": "kermit",
"password": "monkey",
"device_id": device_id,
"auth": {"type": LoginType.DUMMY},
}
2019-02-18 14:43:16 +01:00
request_data = json.dumps(params)
request, channel = self.make_request(b"POST", self.url, request_data)
self.render(request)
det_data = {
2016-03-10 10:13:35 +01:00
"user_id": user_id,
"home_server": self.hs.hostname,
"device_id": device_id,
}
self.assertEquals(channel.result["code"], b"200", channel.result)
2018-08-09 04:22:01 +02:00
self.assertDictContainsSubset(det_data, channel.json_body)
def test_POST_disabled_registration(self):
self.hs.config.enable_registration = False
request_data = json.dumps({"username": "kermit", "password": "monkey"})
self.auth_result = (None, {"username": "kermit", "password": "monkey"}, None)
request, channel = self.make_request(b"POST", self.url, request_data)
self.render(request)
self.assertEquals(channel.result["code"], b"403", channel.result)
2018-08-10 15:54:09 +02:00
self.assertEquals(channel.json_body["error"], "Registration has been disabled")
def test_POST_guest_registration(self):
self.hs.config.macaroon_secret_key = "test"
self.hs.config.allow_guest_access = True
request, channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
self.render(request)
det_data = {
"home_server": self.hs.hostname,
"device_id": "guest_device",
}
self.assertEquals(channel.result["code"], b"200", channel.result)
2018-08-09 04:22:01 +02:00
self.assertDictContainsSubset(det_data, channel.json_body)
def test_POST_disabled_guest_registration(self):
self.hs.config.allow_guest_access = False
request, channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
self.render(request)
self.assertEquals(channel.result["code"], b"403", channel.result)
2018-08-10 15:54:09 +02:00
self.assertEquals(channel.json_body["error"], "Guest access is disabled")
def test_POST_ratelimiting_guest(self):
self.hs.config.rc_registration.burst_count = 5
self.hs.config.rc_registration.per_second = 0.17
for i in range(0, 6):
url = self.url + b"?kind=guest"
request, channel = self.make_request(b"POST", url, b"{}")
self.render(request)
if i == 5:
self.assertEquals(channel.result["code"], b"429", channel.result)
retry_after_ms = int(channel.json_body["retry_after_ms"])
else:
self.assertEquals(channel.result["code"], b"200", channel.result)
self.reactor.advance(retry_after_ms / 1000.)
request, channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
self.render(request)
self.assertEquals(channel.result["code"], b"200", channel.result)
def test_POST_ratelimiting(self):
self.hs.config.rc_registration.burst_count = 5
self.hs.config.rc_registration.per_second = 0.17
for i in range(0, 6):
params = {
"username": "kermit" + str(i),
"password": "monkey",
"device_id": "frogfone",
"auth": {"type": LoginType.DUMMY},
}
request_data = json.dumps(params)
request, channel = self.make_request(b"POST", self.url, request_data)
self.render(request)
if i == 5:
self.assertEquals(channel.result["code"], b"429", channel.result)
retry_after_ms = int(channel.json_body["retry_after_ms"])
else:
self.assertEquals(channel.result["code"], b"200", channel.result)
self.reactor.advance(retry_after_ms / 1000.)
request, channel = self.make_request(b"POST", self.url + b"?kind=guest", b"{}")
self.render(request)
self.assertEquals(channel.result["code"], b"200", channel.result)
2019-04-08 18:10:55 +02:00
class AccountValidityTestCase(unittest.HomeserverTestCase):
servlets = [
register.register_servlets,
admin.register_servlets,
login.register_servlets,
sync.register_servlets,
]
def make_homeserver(self, reactor, clock):
config = self.default_config()
config.enable_registration = True
config.account_validity.enabled = True
config.account_validity.period = 604800000 # Time in ms for 1 week
self.hs = self.setup_test_homeserver(config=config)
return self.hs
def test_validity_period(self):
self.register_user("kermit", "monkey")
tok = self.login("kermit", "monkey")
# The specific endpoint doesn't matter, all we need is an authenticated
# endpoint.
request, channel = self.make_request(
b"GET", "/sync", access_token=tok,
)
self.render(request)
self.assertEquals(channel.result["code"], b"200", channel.result)
self.reactor.advance(datetime.timedelta(weeks=1).total_seconds())
request, channel = self.make_request(
b"GET", "/sync", access_token=tok,
)
self.render(request)
self.assertEquals(channel.result["code"], b"403", channel.result)
self.assertEquals(
channel.json_body["errcode"], Codes.EXPIRED_ACCOUNT, channel.result,
)