2016-01-19 16:36:54 +00:00
|
|
|
/*
|
|
|
|
Copyright 2016 OpenMarket Ltd
|
2017-03-16 14:56:26 +00:00
|
|
|
Copyright 2017 Vector Creations Ltd
|
2019-09-19 14:50:18 +00:00
|
|
|
Copyright 2019 The Matrix.org Foundation C.I.C.
|
2016-01-19 16:36:54 +00:00
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
limitations under the License.
|
|
|
|
*/
|
|
|
|
|
2022-03-01 20:42:05 +00:00
|
|
|
import { IRequestMsisdnTokenResponse, IRequestTokenResponse } from "matrix-js-sdk/src/matrix";
|
2021-10-22 22:23:32 +00:00
|
|
|
|
2021-06-29 12:11:58 +00:00
|
|
|
import { MatrixClientPeg } from './MatrixClientPeg';
|
2019-10-08 17:56:13 +00:00
|
|
|
import Modal from './Modal';
|
2017-05-25 10:39:08 +00:00
|
|
|
import { _t } from './languageHandler';
|
2019-07-29 14:34:50 +00:00
|
|
|
import IdentityAuthClient from './IdentityAuthClient';
|
2021-06-29 12:11:58 +00:00
|
|
|
import { SSOAuthEntry } from "./components/views/auth/InteractiveAuthEntryComponents";
|
2021-09-27 07:44:30 +00:00
|
|
|
import InteractiveAuthDialog from "./components/views/dialogs/InteractiveAuthDialog";
|
2016-01-19 16:36:54 +00:00
|
|
|
|
2021-09-27 07:44:30 +00:00
|
|
|
function getIdServerDomain(): string {
|
2019-10-07 15:43:17 +00:00
|
|
|
return MatrixClientPeg.get().idBaseUrl.split("://")[1];
|
|
|
|
}
|
|
|
|
|
2016-01-19 16:36:54 +00:00
|
|
|
/**
|
2019-02-01 00:52:39 +00:00
|
|
|
* Allows a user to add a third party identifier to their homeserver and,
|
2016-01-19 16:36:54 +00:00
|
|
|
* optionally, the identity servers.
|
|
|
|
*
|
|
|
|
* This involves getting an email token from the identity server to "prove" that
|
2017-01-20 14:22:27 +00:00
|
|
|
* the client owns the given email address, which is then passed to the
|
2016-01-19 16:36:54 +00:00
|
|
|
* add threepid API on the homeserver.
|
2019-09-20 10:49:32 +00:00
|
|
|
*
|
|
|
|
* Diagrams of the intended API flows here are available at:
|
|
|
|
*
|
|
|
|
* https://gist.github.com/jryans/839a09bf0c5a70e2f36ed990d50ed928
|
2016-01-19 16:36:54 +00:00
|
|
|
*/
|
2019-01-22 22:18:14 +00:00
|
|
|
export default class AddThreepid {
|
2021-09-27 07:44:30 +00:00
|
|
|
private sessionId: string;
|
|
|
|
private submitUrl: string;
|
|
|
|
private clientSecret: string;
|
|
|
|
private bind: boolean;
|
|
|
|
|
2016-01-19 16:36:54 +00:00
|
|
|
constructor() {
|
|
|
|
this.clientSecret = MatrixClientPeg.get().generateClientSecret();
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
2019-09-19 14:50:18 +00:00
|
|
|
* Attempt to add an email threepid to the homeserver.
|
|
|
|
* This will trigger a side-effect of sending an email to the provided email address.
|
2016-01-19 16:36:54 +00:00
|
|
|
* @param {string} emailAddress The email address to add
|
|
|
|
* @return {Promise} Resolves when the email has been sent. Then call checkEmailLinkClicked().
|
|
|
|
*/
|
2021-09-27 07:44:30 +00:00
|
|
|
public addEmailAddress(emailAddress: string): Promise<IRequestTokenResponse> {
|
2016-07-08 16:53:06 +00:00
|
|
|
return MatrixClientPeg.get().requestAdd3pidEmailToken(emailAddress, this.clientSecret, 1).then((res) => {
|
2016-01-19 16:36:54 +00:00
|
|
|
this.sessionId = res.sid;
|
|
|
|
return res;
|
|
|
|
}, function(err) {
|
2017-07-01 13:21:28 +00:00
|
|
|
if (err.errcode === 'M_THREEPID_IN_USE') {
|
2017-05-23 14:16:31 +00:00
|
|
|
err.message = _t('This email address is already in use');
|
2016-07-08 16:28:04 +00:00
|
|
|
} else if (err.httpStatus) {
|
2016-01-19 16:36:54 +00:00
|
|
|
err.message = err.message + ` (Status ${err.httpStatus})`;
|
|
|
|
}
|
|
|
|
throw err;
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2017-03-16 14:56:26 +00:00
|
|
|
/**
|
2019-09-19 14:50:18 +00:00
|
|
|
* Attempt to bind an email threepid on the identity server via the homeserver.
|
|
|
|
* This will trigger a side-effect of sending an email to the provided email address.
|
|
|
|
* @param {string} emailAddress The email address to add
|
|
|
|
* @return {Promise} Resolves when the email has been sent. Then call checkEmailLinkClicked().
|
|
|
|
*/
|
2021-09-27 07:44:30 +00:00
|
|
|
public async bindEmailAddress(emailAddress: string): Promise<IRequestTokenResponse> {
|
2019-09-19 14:50:18 +00:00
|
|
|
this.bind = true;
|
2019-09-20 10:49:32 +00:00
|
|
|
if (await MatrixClientPeg.get().doesServerSupportSeparateAddAndBind()) {
|
|
|
|
// For separate bind, request a token directly from the IS.
|
|
|
|
const authClient = new IdentityAuthClient();
|
|
|
|
const identityAccessToken = await authClient.getAccessToken();
|
|
|
|
return MatrixClientPeg.get().requestEmailToken(
|
|
|
|
emailAddress, this.clientSecret, 1,
|
2022-10-12 17:59:07 +00:00
|
|
|
undefined, identityAccessToken,
|
2019-09-20 10:49:32 +00:00
|
|
|
).then((res) => {
|
|
|
|
this.sessionId = res.sid;
|
|
|
|
return res;
|
|
|
|
}, function(err) {
|
|
|
|
if (err.errcode === 'M_THREEPID_IN_USE') {
|
|
|
|
err.message = _t('This email address is already in use');
|
|
|
|
} else if (err.httpStatus) {
|
|
|
|
err.message = err.message + ` (Status ${err.httpStatus})`;
|
|
|
|
}
|
|
|
|
throw err;
|
|
|
|
});
|
|
|
|
} else {
|
|
|
|
// For tangled bind, request a token via the HS.
|
|
|
|
return this.addEmailAddress(emailAddress);
|
|
|
|
}
|
2019-09-19 14:50:18 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Attempt to add a MSISDN threepid to the homeserver.
|
|
|
|
* This will trigger a side-effect of sending an SMS to the provided phone number.
|
2017-03-22 12:00:16 +00:00
|
|
|
* @param {string} phoneCountry The ISO 2 letter code of the country to resolve phoneNumber in
|
|
|
|
* @param {string} phoneNumber The national or international formatted phone number to add
|
2017-03-16 14:56:26 +00:00
|
|
|
* @return {Promise} Resolves when the text message has been sent. Then call haveMsisdnToken().
|
|
|
|
*/
|
2021-09-27 07:44:30 +00:00
|
|
|
public addMsisdn(phoneCountry: string, phoneNumber: string): Promise<IRequestMsisdnTokenResponse> {
|
2017-03-16 14:56:26 +00:00
|
|
|
return MatrixClientPeg.get().requestAdd3pidMsisdnToken(
|
|
|
|
phoneCountry, phoneNumber, this.clientSecret, 1,
|
|
|
|
).then((res) => {
|
|
|
|
this.sessionId = res.sid;
|
2019-09-23 11:21:25 +00:00
|
|
|
this.submitUrl = res.submit_url;
|
2017-03-16 14:56:26 +00:00
|
|
|
return res;
|
|
|
|
}, function(err) {
|
2017-07-01 13:21:28 +00:00
|
|
|
if (err.errcode === 'M_THREEPID_IN_USE') {
|
2017-05-23 14:16:31 +00:00
|
|
|
err.message = _t('This phone number is already in use');
|
2017-03-16 14:56:26 +00:00
|
|
|
} else if (err.httpStatus) {
|
|
|
|
err.message = err.message + ` (Status ${err.httpStatus})`;
|
|
|
|
}
|
|
|
|
throw err;
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2019-09-19 14:50:18 +00:00
|
|
|
/**
|
|
|
|
* Attempt to bind a MSISDN threepid on the identity server via the homeserver.
|
|
|
|
* This will trigger a side-effect of sending an SMS to the provided phone number.
|
|
|
|
* @param {string} phoneCountry The ISO 2 letter code of the country to resolve phoneNumber in
|
|
|
|
* @param {string} phoneNumber The national or international formatted phone number to add
|
|
|
|
* @return {Promise} Resolves when the text message has been sent. Then call haveMsisdnToken().
|
|
|
|
*/
|
2021-09-27 07:44:30 +00:00
|
|
|
public async bindMsisdn(phoneCountry: string, phoneNumber: string): Promise<IRequestMsisdnTokenResponse> {
|
2019-09-19 14:50:18 +00:00
|
|
|
this.bind = true;
|
2019-09-20 11:45:22 +00:00
|
|
|
if (await MatrixClientPeg.get().doesServerSupportSeparateAddAndBind()) {
|
|
|
|
// For separate bind, request a token directly from the IS.
|
|
|
|
const authClient = new IdentityAuthClient();
|
|
|
|
const identityAccessToken = await authClient.getAccessToken();
|
|
|
|
return MatrixClientPeg.get().requestMsisdnToken(
|
|
|
|
phoneCountry, phoneNumber, this.clientSecret, 1,
|
2022-10-12 17:59:07 +00:00
|
|
|
undefined, identityAccessToken,
|
2019-09-20 11:45:22 +00:00
|
|
|
).then((res) => {
|
|
|
|
this.sessionId = res.sid;
|
|
|
|
return res;
|
|
|
|
}, function(err) {
|
|
|
|
if (err.errcode === 'M_THREEPID_IN_USE') {
|
|
|
|
err.message = _t('This phone number is already in use');
|
|
|
|
} else if (err.httpStatus) {
|
|
|
|
err.message = err.message + ` (Status ${err.httpStatus})`;
|
|
|
|
}
|
|
|
|
throw err;
|
|
|
|
});
|
|
|
|
} else {
|
|
|
|
// For tangled bind, request a token via the HS.
|
|
|
|
return this.addMsisdn(phoneCountry, phoneNumber);
|
|
|
|
}
|
2019-09-19 14:50:18 +00:00
|
|
|
}
|
|
|
|
|
2016-01-19 16:36:54 +00:00
|
|
|
/**
|
|
|
|
* Checks if the email link has been clicked by attempting to add the threepid
|
2017-03-16 14:56:26 +00:00
|
|
|
* @return {Promise} Resolves if the email address was added. Rejects with an object
|
2016-01-19 16:36:54 +00:00
|
|
|
* with a "message" property which contains a human-readable message detailing why
|
2017-03-16 14:56:26 +00:00
|
|
|
* the request failed.
|
2016-01-19 16:36:54 +00:00
|
|
|
*/
|
2021-09-27 07:44:30 +00:00
|
|
|
public async checkEmailLinkClicked(): Promise<any[]> {
|
2019-09-20 10:49:32 +00:00
|
|
|
try {
|
|
|
|
if (await MatrixClientPeg.get().doesServerSupportSeparateAddAndBind()) {
|
|
|
|
if (this.bind) {
|
|
|
|
const authClient = new IdentityAuthClient();
|
|
|
|
const identityAccessToken = await authClient.getAccessToken();
|
|
|
|
await MatrixClientPeg.get().bindThreePid({
|
|
|
|
sid: this.sessionId,
|
|
|
|
client_secret: this.clientSecret,
|
2019-10-07 15:43:17 +00:00
|
|
|
id_server: getIdServerDomain(),
|
2019-09-20 10:49:32 +00:00
|
|
|
id_access_token: identityAccessToken,
|
|
|
|
});
|
|
|
|
} else {
|
2019-10-08 17:56:13 +00:00
|
|
|
try {
|
2021-09-27 07:44:30 +00:00
|
|
|
await this.makeAddThreepidOnlyRequest();
|
2019-10-08 17:56:13 +00:00
|
|
|
|
|
|
|
// The spec has always required this to use UI auth but synapse briefly
|
|
|
|
// implemented it without, so this may just succeed and that's OK.
|
|
|
|
return;
|
|
|
|
} catch (e) {
|
|
|
|
if (e.httpStatus !== 401 || !e.data || !e.data.flows) {
|
|
|
|
// doesn't look like an interactive-auth failure
|
|
|
|
throw e;
|
|
|
|
}
|
|
|
|
|
2020-03-31 02:18:52 +00:00
|
|
|
const dialogAesthetics = {
|
|
|
|
[SSOAuthEntry.PHASE_PREAUTH]: {
|
|
|
|
title: _t("Use Single Sign On to continue"),
|
2020-03-31 02:24:53 +00:00
|
|
|
body: _t("Confirm adding this email address by using " +
|
|
|
|
"Single Sign On to prove your identity."),
|
2020-03-31 02:18:52 +00:00
|
|
|
continueText: _t("Single Sign On"),
|
|
|
|
continueKind: "primary",
|
|
|
|
},
|
|
|
|
[SSOAuthEntry.PHASE_POSTAUTH]: {
|
|
|
|
title: _t("Confirm adding email"),
|
|
|
|
body: _t("Click the button below to confirm adding this email address."),
|
|
|
|
continueText: _t("Confirm"),
|
|
|
|
continueKind: "primary",
|
|
|
|
},
|
|
|
|
};
|
2022-06-14 16:51:51 +00:00
|
|
|
const { finished } = Modal.createDialog(InteractiveAuthDialog, {
|
2019-10-09 10:28:16 +00:00
|
|
|
title: _t("Add Email Address"),
|
|
|
|
matrixClient: MatrixClientPeg.get(),
|
|
|
|
authData: e.data,
|
2021-09-27 07:44:30 +00:00
|
|
|
makeRequest: this.makeAddThreepidOnlyRequest,
|
2020-03-31 02:18:52 +00:00
|
|
|
aestheticsForStagePhases: {
|
|
|
|
[SSOAuthEntry.LOGIN_TYPE]: dialogAesthetics,
|
|
|
|
[SSOAuthEntry.UNSTABLE_LOGIN_TYPE]: dialogAesthetics,
|
|
|
|
},
|
2019-10-08 17:56:13 +00:00
|
|
|
});
|
2019-10-09 10:30:44 +00:00
|
|
|
return finished;
|
2019-10-08 17:56:13 +00:00
|
|
|
}
|
2019-09-20 10:49:32 +00:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
await MatrixClientPeg.get().addThreePid({
|
|
|
|
sid: this.sessionId,
|
|
|
|
client_secret: this.clientSecret,
|
2019-10-07 15:43:17 +00:00
|
|
|
id_server: getIdServerDomain(),
|
2019-09-20 10:49:32 +00:00
|
|
|
}, this.bind);
|
|
|
|
}
|
|
|
|
} catch (err) {
|
2016-01-19 16:36:54 +00:00
|
|
|
if (err.httpStatus === 401) {
|
2017-05-23 14:16:31 +00:00
|
|
|
err.message = _t('Failed to verify email address: make sure you clicked the link in the email');
|
2017-07-01 13:21:28 +00:00
|
|
|
} else if (err.httpStatus) {
|
2016-01-19 16:36:54 +00:00
|
|
|
err.message += ` (Status ${err.httpStatus})`;
|
|
|
|
}
|
|
|
|
throw err;
|
2019-09-20 10:49:32 +00:00
|
|
|
}
|
2016-01-19 16:36:54 +00:00
|
|
|
}
|
2017-03-16 14:56:26 +00:00
|
|
|
|
2019-10-08 17:56:13 +00:00
|
|
|
/**
|
2021-09-27 07:44:30 +00:00
|
|
|
* @param {{type: string, session?: string}} auth UI auth object
|
2019-10-08 17:56:13 +00:00
|
|
|
* @return {Promise<Object>} Response from /3pid/add call (in current spec, an empty object)
|
|
|
|
*/
|
2021-09-27 07:44:30 +00:00
|
|
|
private makeAddThreepidOnlyRequest = (auth?: {type: string, session?: string}): Promise<{}> => {
|
2019-10-08 17:56:13 +00:00
|
|
|
return MatrixClientPeg.get().addThreePidOnly({
|
|
|
|
sid: this.sessionId,
|
|
|
|
client_secret: this.clientSecret,
|
|
|
|
auth,
|
|
|
|
});
|
2021-09-27 07:44:30 +00:00
|
|
|
};
|
2019-10-08 17:56:13 +00:00
|
|
|
|
2017-03-16 14:56:26 +00:00
|
|
|
/**
|
|
|
|
* Takes a phone number verification code as entered by the user and validates
|
2021-07-13 14:26:38 +00:00
|
|
|
* it with the identity server, then if successful, adds the phone number.
|
2019-07-29 14:34:50 +00:00
|
|
|
* @param {string} msisdnToken phone number verification code as entered by the user
|
2017-03-22 12:00:16 +00:00
|
|
|
* @return {Promise} Resolves if the phone number was added. Rejects with an object
|
2017-03-16 14:56:26 +00:00
|
|
|
* with a "message" property which contains a human-readable message detailing why
|
|
|
|
* the request failed.
|
|
|
|
*/
|
2021-09-27 07:44:30 +00:00
|
|
|
public async haveMsisdnToken(msisdnToken: string): Promise<any[]> {
|
2019-07-29 14:34:50 +00:00
|
|
|
const authClient = new IdentityAuthClient();
|
2019-10-31 14:50:21 +00:00
|
|
|
const supportsSeparateAddAndBind =
|
|
|
|
await MatrixClientPeg.get().doesServerSupportSeparateAddAndBind();
|
2019-09-23 11:21:25 +00:00
|
|
|
|
|
|
|
let result;
|
|
|
|
if (this.submitUrl) {
|
|
|
|
result = await MatrixClientPeg.get().submitMsisdnTokenOtherUrl(
|
|
|
|
this.submitUrl,
|
|
|
|
this.sessionId,
|
|
|
|
this.clientSecret,
|
|
|
|
msisdnToken,
|
|
|
|
);
|
2019-10-31 14:50:21 +00:00
|
|
|
} else if (this.bind || !supportsSeparateAddAndBind) {
|
2019-09-23 11:21:25 +00:00
|
|
|
result = await MatrixClientPeg.get().submitMsisdnToken(
|
|
|
|
this.sessionId,
|
|
|
|
this.clientSecret,
|
|
|
|
msisdnToken,
|
2019-09-23 11:28:41 +00:00
|
|
|
await authClient.getAccessToken(),
|
2019-09-23 11:21:25 +00:00
|
|
|
);
|
2019-10-31 14:50:21 +00:00
|
|
|
} else {
|
|
|
|
throw new Error("The add / bind with MSISDN flow is misconfigured");
|
2019-09-23 11:21:25 +00:00
|
|
|
}
|
2019-07-29 14:31:21 +00:00
|
|
|
if (result.errcode) {
|
|
|
|
throw result;
|
|
|
|
}
|
|
|
|
|
2019-10-31 14:50:21 +00:00
|
|
|
if (supportsSeparateAddAndBind) {
|
2019-09-20 11:45:22 +00:00
|
|
|
if (this.bind) {
|
|
|
|
await MatrixClientPeg.get().bindThreePid({
|
|
|
|
sid: this.sessionId,
|
|
|
|
client_secret: this.clientSecret,
|
2019-10-08 06:43:40 +00:00
|
|
|
id_server: getIdServerDomain(),
|
2019-09-23 11:28:41 +00:00
|
|
|
id_access_token: await authClient.getAccessToken(),
|
2019-09-20 11:45:22 +00:00
|
|
|
});
|
|
|
|
} else {
|
2019-10-08 18:07:39 +00:00
|
|
|
try {
|
2021-09-27 07:44:30 +00:00
|
|
|
await this.makeAddThreepidOnlyRequest();
|
2019-10-08 18:07:39 +00:00
|
|
|
|
|
|
|
// The spec has always required this to use UI auth but synapse briefly
|
|
|
|
// implemented it without, so this may just succeed and that's OK.
|
|
|
|
return;
|
|
|
|
} catch (e) {
|
|
|
|
if (e.httpStatus !== 401 || !e.data || !e.data.flows) {
|
|
|
|
// doesn't look like an interactive-auth failure
|
|
|
|
throw e;
|
|
|
|
}
|
|
|
|
|
2020-03-31 02:18:52 +00:00
|
|
|
const dialogAesthetics = {
|
|
|
|
[SSOAuthEntry.PHASE_PREAUTH]: {
|
|
|
|
title: _t("Use Single Sign On to continue"),
|
2020-03-31 02:24:53 +00:00
|
|
|
body: _t("Confirm adding this phone number by using " +
|
|
|
|
"Single Sign On to prove your identity."),
|
2020-03-31 02:18:52 +00:00
|
|
|
continueText: _t("Single Sign On"),
|
|
|
|
continueKind: "primary",
|
|
|
|
},
|
|
|
|
[SSOAuthEntry.PHASE_POSTAUTH]: {
|
|
|
|
title: _t("Confirm adding phone number"),
|
|
|
|
body: _t("Click the button below to confirm adding this phone number."),
|
|
|
|
continueText: _t("Confirm"),
|
|
|
|
continueKind: "primary",
|
|
|
|
},
|
|
|
|
};
|
2022-06-14 16:51:51 +00:00
|
|
|
const { finished } = Modal.createDialog(InteractiveAuthDialog, {
|
2019-10-09 10:28:16 +00:00
|
|
|
title: _t("Add Phone Number"),
|
|
|
|
matrixClient: MatrixClientPeg.get(),
|
|
|
|
authData: e.data,
|
2021-09-27 07:44:30 +00:00
|
|
|
makeRequest: this.makeAddThreepidOnlyRequest,
|
2020-03-31 02:18:52 +00:00
|
|
|
aestheticsForStagePhases: {
|
|
|
|
[SSOAuthEntry.LOGIN_TYPE]: dialogAesthetics,
|
|
|
|
[SSOAuthEntry.UNSTABLE_LOGIN_TYPE]: dialogAesthetics,
|
|
|
|
},
|
2019-10-08 18:07:39 +00:00
|
|
|
});
|
2019-10-09 10:30:44 +00:00
|
|
|
return finished;
|
2019-10-08 18:07:39 +00:00
|
|
|
}
|
2019-09-20 11:45:22 +00:00
|
|
|
}
|
|
|
|
} else {
|
|
|
|
await MatrixClientPeg.get().addThreePid({
|
|
|
|
sid: this.sessionId,
|
|
|
|
client_secret: this.clientSecret,
|
2019-10-08 06:43:40 +00:00
|
|
|
id_server: getIdServerDomain(),
|
2019-09-20 11:45:22 +00:00
|
|
|
}, this.bind);
|
|
|
|
}
|
2017-03-16 14:56:26 +00:00
|
|
|
}
|
2016-01-19 16:36:54 +00:00
|
|
|
}
|