Login with password #10
Conversation
There was a problem hiding this comment.
One big issue with this current code: login is mandatory and/or immutable.
The CS spec doesn't require login for some endpoints, therefore login() should exist and take a _MatrixCredentials (or similar) argument to perform login and assign internal values (token, device ID, etc.) properly.
| @@ -61,6 +64,9 @@ | |||
|
|
|||
| public AMatrixHttpClient(MatrixClientContext context) { | |||
| this.context = context; | |||
| if (!context.getToken().isPresent()) { | |||
There was a problem hiding this comment.
The CS API don't require login everywhere, like fetching media or getting the list of supported protocol version. This cannot be made mandatory.
| @@ -75,14 +81,27 @@ public _MatrixHomeserver getHomeserver() { | |||
|
|
|||
| @Override | |||
| public String getAccessToken() { | |||
| return context.getToken(); | |||
| return context.getToken() | |||
| .orElseThrow(() -> new IllegalStateException("This method can only be used with a valid token.")); | |||
There was a problem hiding this comment.
The CS API don't require login everywhere, like fetching media or getting the list of supported protocol version. This cannot be made mandatory.
| } | ||
|
|
||
| protected URI getClientPath(String action) { | ||
| try { | ||
| return getClientPathBuilder(action).build(); | ||
| return getPathBuilder(getPath("client", "r0", action)).build(); |
There was a problem hiding this comment.
Why change this for the login feature?
| } catch (URISyntaxException e) { | ||
| throw new IllegalArgumentException(e); | ||
| } | ||
| } | ||
|
|
||
| protected URI getMediaPath(String action) { | ||
| try { | ||
| return getMediaPathBuilder(action).build(); | ||
| return getPathBuilder(getPath("media", "v1", action)).build(); |
There was a problem hiding this comment.
Why change this for the login feature?
|
|
||
| private void login() { | ||
| HttpPost request = new HttpPost(getLoginClientPath()); | ||
| _MatrixID user = context.getUser(); |
There was a problem hiding this comment.
Login doesn't require a Matrix ID, only a localpart. This is a signed of flowed implementation.
| @@ -145,7 +136,7 @@ public void invite(_MatrixID mxId) { | |||
|
|
|||
| @Override | |||
| public List<_MatrixID> getJoinedUsers() { | |||
| URI path = getClientPath("/rooms/{roomId}/joined_members"); | |||
| URI path = getClientPath("/rooms/" + roomId + "/joined_members"); | |||
There was a problem hiding this comment.
Why change this for the login feature?
| @@ -33,4 +35,8 @@ | |||
|
|
|||
| _MatrixID getUser(); | |||
|
|
|||
| Optional<String> getDeviceId(); | |||
|
|
|||
| void logout(); | |||
There was a problem hiding this comment.
Not sure this belongs in _MatrixClientRaw... _MatrixClient might be better. I wish I added javadoc! I remember I split for a reason, but not the reason... let's discuss...
| @@ -47,7 +43,7 @@ protected _MatrixID getMatrixId(String localpart) { | |||
|
|
|||
| @Override | |||
| public void setDisplayName(String name) { | |||
| URI path = getClientPath("/profile/{userId}/displayname"); | |||
| URI path = getClientPath("/profile/" + context.getUser().getId() + "/displayname"); | |||
There was a problem hiding this comment.
Why change this for the login feature?
|
|
||
| public interface _MatrixHomeserver { | ||
|
|
||
| String getDomain(); | ||
|
|
||
| URIBuilder getClientEndpoint(); | ||
| URI getClientEndpoint(); |
There was a problem hiding this comment.
Why change this for the login feature?
| return user; | ||
| } | ||
|
|
||
| public String getPassword() { |
There was a problem hiding this comment.
Security issue, should not be able to just get the password.
| @@ -258,6 +272,16 @@ protected URI getClientPath(String action) { | |||
| } | |||
| } | |||
|
|
|||
| protected URI getMediaPathWithAccessToken(String action) { | |||
There was a problem hiding this comment.
- Has nothing to do with the login feature
- No media retrieval requires a token if following the CS spec. While I would definitely add this down the road, it's out of scope here and premature I think
| @@ -59,7 +59,7 @@ private synchronized void load() { | |||
| if (!StringUtils.equalsIgnoreCase("mxc", address.getScheme())) { | |||
| log.debug("{} is not a supported protocol for avatars, ignoring", address.getScheme()); | |||
| } else { | |||
| URI path = getMediaPath("/download/" + address.getHost() + address.getPath()); | |||
| URI path = getMediaPathWithAccessToken("/download/" + address.getHost() + address.getPath()); | |||
There was a problem hiding this comment.
Not related to login feature
| @@ -32,4 +34,10 @@ | |||
|
|
|||
| _MatrixUser getUser(_MatrixID mxId); | |||
There was a problem hiding this comment.
Shouldn't this be optional as well now?
|
|
||
| _MatrixID getUser(); | ||
| String getAccessTokenOrThrow(); |
There was a problem hiding this comment.
Not sure this should be in the interface. While the implementation is useful, seems like bloat for "external" use with a specific exception forced.
| @@ -47,7 +47,7 @@ protected _MatrixID getMatrixId(String localpart) { | |||
|
|
|||
| @Override | |||
| public void setDisplayName(String name) { | |||
| URI path = getClientPath("/profile/{userId}/displayname"); | |||
| URI path = getClientPathWithAccessToken("/profile/" + context.getUser().getId() + "/displayname"); | |||
There was a problem hiding this comment.
{userId} should remain, just like {roomId} remained
| MatrixPasswordLoginCredentials credentials = new MatrixPasswordLoginCredentials(user.getLocalPart(), password); | ||
| client.login(credentials); | ||
|
|
||
| assertEquals(deviceId, client.getDeviceId().get()); |
There was a problem hiding this comment.
See loginWithDeviceId() comment
| client.login(credentials); | ||
|
|
||
| assertEquals(deviceId, client.getDeviceId().get()); | ||
| } |
There was a problem hiding this comment.
What about validating the required fields are not blank (StringUtils.isNotBlank()) as per spec:
- Matrix ID
- Access token
- Device ID
- Homeserver hostname
|
|
||
| stubFor(post(urlEqualTo(logoutUrl))); | ||
| client.logout(); | ||
| } |
There was a problem hiding this comment.
See loginWithDeviceId() comment
| .willReturn(aResponse().withStatus(200) | ||
| .withBody("{\"user_id\": \"" + user.getId() + "\"," + // | ||
| "\"access_token\": \"" + testToken + "\"," + // | ||
| "\"home_server\": \"" + new MatrixHomeserver(domain, baseUrl) + "\"," + // |
There was a problem hiding this comment.
See loginWithDeviceId() comment
| MatrixPasswordLoginCredentials credentials = new MatrixPasswordLoginCredentials(user.getLocalPart(), password); | ||
| client.login(credentials); | ||
|
|
||
| assertEquals(deviceId, client.getDeviceId().get()); |
There was a problem hiding this comment.
See loginWithDeviceId() comment
No description provided.