diff --git a/appservice/registration.go b/appservice/registration.go index c0b62124..16c87fb9 100644 --- a/appservice/registration.go +++ b/appservice/registration.go @@ -29,6 +29,7 @@ type Registration struct { SoruEphemeralEvents bool `yaml:"de.sorunome.msc2409.push_ephemeral,omitempty" json:"de.sorunome.msc2409.push_ephemeral,omitempty"` EphemeralEvents bool `yaml:"push_ephemeral,omitempty" json:"push_ephemeral,omitempty"` MSC3202 bool `yaml:"org.matrix.msc3202,omitempty" json:"org.matrix.msc3202,omitempty"` + MSC4190 bool `yaml:"io.element.msc4190,omitempty" json:"io.element.msc4190,omitempty"` } // CreateRegistration creates a Registration with random appservice and homeserver tokens. diff --git a/bridgev2/bridgeconfig/appservice.go b/bridgev2/bridgeconfig/appservice.go index 5e482499..89ce5677 100644 --- a/bridgev2/bridgeconfig/appservice.go +++ b/bridgev2/bridgeconfig/appservice.go @@ -34,6 +34,7 @@ type AppserviceConfig struct { EphemeralEvents bool `yaml:"ephemeral_events"` AsyncTransactions bool `yaml:"async_transactions"` + MSC4190 bool `yaml:"msc4190"` UsernameTemplate string `yaml:"username_template"` usernameTemplate *template.Template `yaml:"-"` @@ -77,6 +78,7 @@ func (asc *AppserviceConfig) copyToRegistration(registration *appservice.Registr registration.RateLimited = &falseVal registration.EphemeralEvents = asc.EphemeralEvents registration.SoruEphemeralEvents = asc.EphemeralEvents + registration.MSC4190 = asc.MSC4190 } // GenerateRegistration generates a registration file for the homeserver. diff --git a/bridgev2/bridgeconfig/legacymigrate.go b/bridgev2/bridgeconfig/legacymigrate.go index e8fab743..d267b1ec 100644 --- a/bridgev2/bridgeconfig/legacymigrate.go +++ b/bridgev2/bridgeconfig/legacymigrate.go @@ -63,6 +63,7 @@ func doMigrateLegacy(helper up.Helper, python bool) { } helper.Copy(up.Bool, "appservice", "ephemeral_events") helper.Copy(up.Bool, "appservice", "async_transactions") + helper.Copy(up.Bool, "appservice", "msc4190") helper.Copy(up.Str, "appservice", "as_token") helper.Copy(up.Str, "appservice", "hs_token") diff --git a/bridgev2/bridgeconfig/upgrade.go b/bridgev2/bridgeconfig/upgrade.go index 4122f4d6..18446e13 100644 --- a/bridgev2/bridgeconfig/upgrade.go +++ b/bridgev2/bridgeconfig/upgrade.go @@ -78,6 +78,7 @@ func doUpgrade(helper up.Helper) { helper.Copy(up.Str, "appservice", "bot", "avatar") helper.Copy(up.Bool, "appservice", "ephemeral_events") helper.Copy(up.Bool, "appservice", "async_transactions") + helper.Copy(up.Bool, "appservice", "msc4190") helper.Copy(up.Str, "appservice", "as_token") helper.Copy(up.Str, "appservice", "hs_token") helper.Copy(up.Str, "appservice", "username_template") diff --git a/bridgev2/matrix/crypto.go b/bridgev2/matrix/crypto.go index 04654ff5..62f1829b 100644 --- a/bridgev2/matrix/crypto.go +++ b/bridgev2/matrix/crypto.go @@ -241,23 +241,35 @@ func (helper *CryptoHelper) loginBot(ctx context.Context) (*mautrix.Client, bool // Create a new client instance with the default AS settings (including as_token), // the Login call will then override the access token in the client. client := helper.bridge.AS.NewMautrixClient(helper.bridge.AS.BotMXID()) + + // TODO find proper bridge name + initialDeviceDisplayName := "Megabridge" //fmt.Sprintf("%s bridge", helper.bridge.Bridge.Network.GetName().DisplayName) + if helper.bridge.AS.Registration.MSC4190 { + helper.log.Debug().Msg("Creating bot device with msc4190") + err = client.CreateDeviceMSC4190(ctx, deviceID, initialDeviceDisplayName) + if err != nil { + return nil, deviceID != "", fmt.Errorf("failed to create device for bridge bot: %w", err) + } + helper.store.DeviceID = client.DeviceID + return client, deviceID != "", nil + } + flows, err := client.GetLoginFlows(ctx) if err != nil { return nil, deviceID != "", fmt.Errorf("failed to get supported login flows: %w", err) } else if !flows.HasFlow(mautrix.AuthTypeAppservice) { return nil, deviceID != "", fmt.Errorf("homeserver does not support appservice login") } + resp, err := client.Login(ctx, &mautrix.ReqLogin{ Type: mautrix.AuthTypeAppservice, Identifier: mautrix.UserIdentifier{ Type: mautrix.IdentifierTypeUser, User: string(helper.bridge.AS.BotMXID()), }, - DeviceID: deviceID, - StoreCredentials: true, - - // TODO find proper bridge name - InitialDeviceDisplayName: "Megabridge", // fmt.Sprintf("%s bridge", helper.bridge.ProtocolName), + DeviceID: deviceID, + StoreCredentials: true, + InitialDeviceDisplayName: initialDeviceDisplayName, }) if err != nil { return nil, deviceID != "", fmt.Errorf("failed to log in as bridge bot: %w", err) diff --git a/bridgev2/matrix/mxmain/example-config.yaml b/bridgev2/matrix/mxmain/example-config.yaml index 8b9682ba..44d4c3ba 100644 --- a/bridgev2/matrix/mxmain/example-config.yaml +++ b/bridgev2/matrix/mxmain/example-config.yaml @@ -186,6 +186,10 @@ appservice: # However, messages will not be guaranteed to be bridged in the same order they were sent in. # This value doesn't affect the registration file. async_transactions: false + # Wether to use MSC4190 to create DeviceIDs for ghost users. + # Requires the homeserver to support MSC4190 and the device masquerading parts of MSC3202. + # Required when using encryption on the bridge and OIDC Auth (MSC3861) on the homeserver. + msc4190: false # Authentication tokens for AS <-> HS communication. Autogenerated; do not modify. as_token: "This value is generated when generating the registration" diff --git a/client.go b/client.go index b237612b..5e232cf5 100644 --- a/client.go +++ b/client.go @@ -21,6 +21,7 @@ import ( "github.com/rs/zerolog" "go.mau.fi/util/ptr" + "go.mau.fi/util/random" "go.mau.fi/util/retryafter" "golang.org/x/exp/maps" @@ -897,6 +898,28 @@ func (cli *Client) Login(ctx context.Context, req *ReqLogin) (resp *RespLogin, e return } +// Create a Device for a user of the homeserver using appservice interface defined in MSC4190 +func (cli *Client) CreateDeviceMSC4190(ctx context.Context, deviceID id.DeviceID, initialDispalyName string) (err error) { + if len(deviceID) == 0 { + deviceID = id.DeviceID(random.String(10)) + } + if !cli.SetAppServiceUserID { + return fmt.Errorf("CreateDeviceMSC4190 requires SetAppServiceUserID to be enabled") + } + if cli.AccessToken == "" { + return fmt.Errorf("CreateDeviceMSC4190 requires The AS AccessToken token to be set as the client AccessToken") + } + _, err = cli.MakeRequest(ctx, http.MethodPut, cli.BuildClientURL("v3", "devices", deviceID), ReqPutDevice{ + DisplayName: initialDispalyName, + }, nil) + if err != nil { + return err + } + cli.DeviceID = deviceID + cli.SetAppServiceDeviceID = true + return nil +} + // Logout the current user. See https://spec.matrix.org/v1.2/client-server-api/#post_matrixclientv3logout // This does not clear the credentials from the client instance. See ClearCredentials() instead. func (cli *Client) Logout(ctx context.Context) (resp *RespLogout, err error) { diff --git a/requests.go b/requests.go index a6b0ea8b..78e8a36b 100644 --- a/requests.go +++ b/requests.go @@ -90,6 +90,9 @@ type ReqLogin struct { // Whether or not the returned .well-known data should update the homeserver URL in the Client StoreHomeserverURL bool `json:"-"` } +type ReqPutDevice struct { + DisplayName string `json:"display_name,omitempty"` +} type ReqUIAuthFallback struct { Session string `json:"session"`