Kill off `HomeServer.get_ip_from_request()` (#9080)
Homeserver.get_ip_from_request() used to be a bit more complicated, but now it is totally redundant. Let's get rid of it.pull/9092/head
							parent
							
								
									2ec8ca5e60
								
							
						
					
					
						commit
						0f8945e166
					
				|  | @ -0,0 +1 @@ | ||||||
|  | Remove redundant `Homeserver.get_ip_from_request` method. | ||||||
|  | @ -187,7 +187,7 @@ class Auth: | ||||||
|             AuthError if access is denied for the user in the access token |             AuthError if access is denied for the user in the access token | ||||||
|         """ |         """ | ||||||
|         try: |         try: | ||||||
|             ip_addr = self.hs.get_ip_from_request(request) |             ip_addr = request.getClientIP() | ||||||
|             user_agent = get_request_user_agent(request) |             user_agent = get_request_user_agent(request) | ||||||
| 
 | 
 | ||||||
|             access_token = self.get_access_token_from_request(request) |             access_token = self.get_access_token_from_request(request) | ||||||
|  | @ -276,7 +276,7 @@ class Auth: | ||||||
|             return None, None |             return None, None | ||||||
| 
 | 
 | ||||||
|         if app_service.ip_range_whitelist: |         if app_service.ip_range_whitelist: | ||||||
|             ip_address = IPAddress(self.hs.get_ip_from_request(request)) |             ip_address = IPAddress(request.getClientIP()) | ||||||
|             if ip_address not in app_service.ip_range_whitelist: |             if ip_address not in app_service.ip_range_whitelist: | ||||||
|                 return None, None |                 return None, None | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -284,7 +284,6 @@ class AuthHandler(BaseHandler): | ||||||
|         requester: Requester, |         requester: Requester, | ||||||
|         request: SynapseRequest, |         request: SynapseRequest, | ||||||
|         request_body: Dict[str, Any], |         request_body: Dict[str, Any], | ||||||
|         clientip: str, |  | ||||||
|         description: str, |         description: str, | ||||||
|     ) -> Tuple[dict, Optional[str]]: |     ) -> Tuple[dict, Optional[str]]: | ||||||
|         """ |         """ | ||||||
|  | @ -301,8 +300,6 @@ class AuthHandler(BaseHandler): | ||||||
| 
 | 
 | ||||||
|             request_body: The body of the request sent by the client |             request_body: The body of the request sent by the client | ||||||
| 
 | 
 | ||||||
|             clientip: The IP address of the client. |  | ||||||
| 
 |  | ||||||
|             description: A human readable string to be displayed to the user that |             description: A human readable string to be displayed to the user that | ||||||
|                          describes the operation happening on their account. |                          describes the operation happening on their account. | ||||||
| 
 | 
 | ||||||
|  | @ -351,7 +348,7 @@ class AuthHandler(BaseHandler): | ||||||
| 
 | 
 | ||||||
|         try: |         try: | ||||||
|             result, params, session_id = await self.check_ui_auth( |             result, params, session_id = await self.check_ui_auth( | ||||||
|                 flows, request, request_body, clientip, description |                 flows, request, request_body, description | ||||||
|             ) |             ) | ||||||
|         except LoginError: |         except LoginError: | ||||||
|             # Update the ratelimiter to say we failed (`can_do_action` doesn't raise). |             # Update the ratelimiter to say we failed (`can_do_action` doesn't raise). | ||||||
|  | @ -426,7 +423,6 @@ class AuthHandler(BaseHandler): | ||||||
|         flows: List[List[str]], |         flows: List[List[str]], | ||||||
|         request: SynapseRequest, |         request: SynapseRequest, | ||||||
|         clientdict: Dict[str, Any], |         clientdict: Dict[str, Any], | ||||||
|         clientip: str, |  | ||||||
|         description: str, |         description: str, | ||||||
|     ) -> Tuple[dict, dict, str]: |     ) -> Tuple[dict, dict, str]: | ||||||
|         """ |         """ | ||||||
|  | @ -448,8 +444,6 @@ class AuthHandler(BaseHandler): | ||||||
|             clientdict: The dictionary from the client root level, not the |             clientdict: The dictionary from the client root level, not the | ||||||
|                         'auth' key: this method prompts for auth if none is sent. |                         'auth' key: this method prompts for auth if none is sent. | ||||||
| 
 | 
 | ||||||
|             clientip: The IP address of the client. |  | ||||||
| 
 |  | ||||||
|             description: A human readable string to be displayed to the user that |             description: A human readable string to be displayed to the user that | ||||||
|                          describes the operation happening on their account. |                          describes the operation happening on their account. | ||||||
| 
 | 
 | ||||||
|  | @ -540,6 +534,7 @@ class AuthHandler(BaseHandler): | ||||||
|             await self.store.set_ui_auth_clientdict(sid, clientdict) |             await self.store.set_ui_auth_clientdict(sid, clientdict) | ||||||
| 
 | 
 | ||||||
|         user_agent = get_request_user_agent(request) |         user_agent = get_request_user_agent(request) | ||||||
|  |         clientip = request.getClientIP() | ||||||
| 
 | 
 | ||||||
|         await self.store.add_user_agent_ip_to_ui_auth_session( |         await self.store.add_user_agent_ip_to_ui_auth_session( | ||||||
|             session.session_id, user_agent, clientip |             session.session_id, user_agent, clientip | ||||||
|  |  | ||||||
|  | @ -189,11 +189,7 @@ class PasswordRestServlet(RestServlet): | ||||||
|             requester = await self.auth.get_user_by_req(request) |             requester = await self.auth.get_user_by_req(request) | ||||||
|             try: |             try: | ||||||
|                 params, session_id = await self.auth_handler.validate_user_via_ui_auth( |                 params, session_id = await self.auth_handler.validate_user_via_ui_auth( | ||||||
|                     requester, |                     requester, request, body, "modify your account password", | ||||||
|                     request, |  | ||||||
|                     body, |  | ||||||
|                     self.hs.get_ip_from_request(request), |  | ||||||
|                     "modify your account password", |  | ||||||
|                 ) |                 ) | ||||||
|             except InteractiveAuthIncompleteError as e: |             except InteractiveAuthIncompleteError as e: | ||||||
|                 # The user needs to provide more steps to complete auth, but |                 # The user needs to provide more steps to complete auth, but | ||||||
|  | @ -215,7 +211,6 @@ class PasswordRestServlet(RestServlet): | ||||||
|                     [[LoginType.EMAIL_IDENTITY]], |                     [[LoginType.EMAIL_IDENTITY]], | ||||||
|                     request, |                     request, | ||||||
|                     body, |                     body, | ||||||
|                     self.hs.get_ip_from_request(request), |  | ||||||
|                     "modify your account password", |                     "modify your account password", | ||||||
|                 ) |                 ) | ||||||
|             except InteractiveAuthIncompleteError as e: |             except InteractiveAuthIncompleteError as e: | ||||||
|  | @ -309,11 +304,7 @@ class DeactivateAccountRestServlet(RestServlet): | ||||||
|             return 200, {} |             return 200, {} | ||||||
| 
 | 
 | ||||||
|         await self.auth_handler.validate_user_via_ui_auth( |         await self.auth_handler.validate_user_via_ui_auth( | ||||||
|             requester, |             requester, request, body, "deactivate your account", | ||||||
|             request, |  | ||||||
|             body, |  | ||||||
|             self.hs.get_ip_from_request(request), |  | ||||||
|             "deactivate your account", |  | ||||||
|         ) |         ) | ||||||
|         result = await self._deactivate_account_handler.deactivate_account( |         result = await self._deactivate_account_handler.deactivate_account( | ||||||
|             requester.user.to_string(), erase, id_server=body.get("id_server") |             requester.user.to_string(), erase, id_server=body.get("id_server") | ||||||
|  | @ -695,11 +686,7 @@ class ThreepidAddRestServlet(RestServlet): | ||||||
|         assert_valid_client_secret(client_secret) |         assert_valid_client_secret(client_secret) | ||||||
| 
 | 
 | ||||||
|         await self.auth_handler.validate_user_via_ui_auth( |         await self.auth_handler.validate_user_via_ui_auth( | ||||||
|             requester, |             requester, request, body, "add a third-party identifier to your account", | ||||||
|             request, |  | ||||||
|             body, |  | ||||||
|             self.hs.get_ip_from_request(request), |  | ||||||
|             "add a third-party identifier to your account", |  | ||||||
|         ) |         ) | ||||||
| 
 | 
 | ||||||
|         validation_session = await self.identity_handler.validate_threepid_session( |         validation_session = await self.identity_handler.validate_threepid_session( | ||||||
|  |  | ||||||
|  | @ -128,7 +128,7 @@ class AuthRestServlet(RestServlet): | ||||||
|             authdict = {"response": response, "session": session} |             authdict = {"response": response, "session": session} | ||||||
| 
 | 
 | ||||||
|             success = await self.auth_handler.add_oob_auth( |             success = await self.auth_handler.add_oob_auth( | ||||||
|                 LoginType.RECAPTCHA, authdict, self.hs.get_ip_from_request(request) |                 LoginType.RECAPTCHA, authdict, request.getClientIP() | ||||||
|             ) |             ) | ||||||
| 
 | 
 | ||||||
|             if success: |             if success: | ||||||
|  | @ -144,7 +144,7 @@ class AuthRestServlet(RestServlet): | ||||||
|             authdict = {"session": session} |             authdict = {"session": session} | ||||||
| 
 | 
 | ||||||
|             success = await self.auth_handler.add_oob_auth( |             success = await self.auth_handler.add_oob_auth( | ||||||
|                 LoginType.TERMS, authdict, self.hs.get_ip_from_request(request) |                 LoginType.TERMS, authdict, request.getClientIP() | ||||||
|             ) |             ) | ||||||
| 
 | 
 | ||||||
|             if success: |             if success: | ||||||
|  |  | ||||||
|  | @ -83,11 +83,7 @@ class DeleteDevicesRestServlet(RestServlet): | ||||||
|         assert_params_in_dict(body, ["devices"]) |         assert_params_in_dict(body, ["devices"]) | ||||||
| 
 | 
 | ||||||
|         await self.auth_handler.validate_user_via_ui_auth( |         await self.auth_handler.validate_user_via_ui_auth( | ||||||
|             requester, |             requester, request, body, "remove device(s) from your account", | ||||||
|             request, |  | ||||||
|             body, |  | ||||||
|             self.hs.get_ip_from_request(request), |  | ||||||
|             "remove device(s) from your account", |  | ||||||
|         ) |         ) | ||||||
| 
 | 
 | ||||||
|         await self.device_handler.delete_devices( |         await self.device_handler.delete_devices( | ||||||
|  | @ -133,11 +129,7 @@ class DeviceRestServlet(RestServlet): | ||||||
|                 raise |                 raise | ||||||
| 
 | 
 | ||||||
|         await self.auth_handler.validate_user_via_ui_auth( |         await self.auth_handler.validate_user_via_ui_auth( | ||||||
|             requester, |             requester, request, body, "remove a device from your account", | ||||||
|             request, |  | ||||||
|             body, |  | ||||||
|             self.hs.get_ip_from_request(request), |  | ||||||
|             "remove a device from your account", |  | ||||||
|         ) |         ) | ||||||
| 
 | 
 | ||||||
|         await self.device_handler.delete_device(requester.user.to_string(), device_id) |         await self.device_handler.delete_device(requester.user.to_string(), device_id) | ||||||
|  |  | ||||||
|  | @ -271,11 +271,7 @@ class SigningKeyUploadServlet(RestServlet): | ||||||
|         body = parse_json_object_from_request(request) |         body = parse_json_object_from_request(request) | ||||||
| 
 | 
 | ||||||
|         await self.auth_handler.validate_user_via_ui_auth( |         await self.auth_handler.validate_user_via_ui_auth( | ||||||
|             requester, |             requester, request, body, "add a device signing key to your account", | ||||||
|             request, |  | ||||||
|             body, |  | ||||||
|             self.hs.get_ip_from_request(request), |  | ||||||
|             "add a device signing key to your account", |  | ||||||
|         ) |         ) | ||||||
| 
 | 
 | ||||||
|         result = await self.e2e_keys_handler.upload_signing_keys_for_user(user_id, body) |         result = await self.e2e_keys_handler.upload_signing_keys_for_user(user_id, body) | ||||||
|  |  | ||||||
|  | @ -353,7 +353,7 @@ class UsernameAvailabilityRestServlet(RestServlet): | ||||||
|                 403, "Registration has been disabled", errcode=Codes.FORBIDDEN |                 403, "Registration has been disabled", errcode=Codes.FORBIDDEN | ||||||
|             ) |             ) | ||||||
| 
 | 
 | ||||||
|         ip = self.hs.get_ip_from_request(request) |         ip = request.getClientIP() | ||||||
|         with self.ratelimiter.ratelimit(ip) as wait_deferred: |         with self.ratelimiter.ratelimit(ip) as wait_deferred: | ||||||
|             await wait_deferred |             await wait_deferred | ||||||
| 
 | 
 | ||||||
|  | @ -513,11 +513,7 @@ class RegisterRestServlet(RestServlet): | ||||||
|         # not this will raise a user-interactive auth error. |         # not this will raise a user-interactive auth error. | ||||||
|         try: |         try: | ||||||
|             auth_result, params, session_id = await self.auth_handler.check_ui_auth( |             auth_result, params, session_id = await self.auth_handler.check_ui_auth( | ||||||
|                 self._registration_flows, |                 self._registration_flows, request, body, "register a new account", | ||||||
|                 request, |  | ||||||
|                 body, |  | ||||||
|                 self.hs.get_ip_from_request(request), |  | ||||||
|                 "register a new account", |  | ||||||
|             ) |             ) | ||||||
|         except InteractiveAuthIncompleteError as e: |         except InteractiveAuthIncompleteError as e: | ||||||
|             # The user needs to provide more steps to complete auth. |             # The user needs to provide more steps to complete auth. | ||||||
|  |  | ||||||
|  | @ -283,10 +283,6 @@ class HomeServer(metaclass=abc.ABCMeta): | ||||||
|         """ |         """ | ||||||
|         return self._reactor |         return self._reactor | ||||||
| 
 | 
 | ||||||
|     def get_ip_from_request(self, request) -> str: |  | ||||||
|         # X-Forwarded-For is handled by our custom request type. |  | ||||||
|         return request.getClientIP() |  | ||||||
| 
 |  | ||||||
|     def is_mine(self, domain_specific_string: DomainSpecificString) -> bool: |     def is_mine(self, domain_specific_string: DomainSpecificString) -> bool: | ||||||
|         return domain_specific_string.domain == self.hostname |         return domain_specific_string.domain == self.hostname | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	 Richard van der Hoff
						Richard van der Hoff