Merge branch 'full-id-service' into draft-sync

packages/matrix-client-server/src/__testData__/buildUserDB.ts

@@ -75,8 +75,8 @@ const matrixDbQueries = [
   'CREATE TABLE IF NOT EXISTS e2e_device_keys_json ( user_id TEXT NOT NULL, device_id TEXT NOT NULL, ts_added_ms BIGINT NOT NULL, key_json TEXT NOT NULL, CONSTRAINT e2e_device_keys_json_uniqueness UNIQUE (user_id, device_id) )',
   'CREATE TABLE IF NOT EXISTS e2e_one_time_keys_json ( user_id TEXT NOT NULL, device_id TEXT NOT NULL, algorithm TEXT NOT NULL, key_id TEXT NOT NULL, ts_added_ms BIGINT NOT NULL, key_json TEXT NOT NULL, CONSTRAINT e2e_one_time_keys_json_uniqueness UNIQUE (user_id, device_id, algorithm, key_id) )',
   'CREATE TABLE IF NOT EXISTS e2e_fallback_keys_json (user_id TEXT NOT NULL, device_id TEXT NOT NULL, algorithm TEXT NOT NULL,  key_id TEXT NOT NULL, key_json TEXT NOT NULL, used BOOLEAN NOT NULL DEFAULT FALSE, CONSTRAINT e2e_fallback_keys_json_uniqueness UNIQUE (user_id, device_id, algorithm))',
-  'CREATE TABLE dehydrated_devices(user_id TEXT NOT NULL PRIMARY KEY,device_id TEXT NOT NULL,device_data TEXT NOT NULL)',
-  'CREATE TABLE device_inbox ( user_id TEXT NOT NULL, device_id TEXT NOT NULL, stream_id BIGINT NOT NULL, message_json TEXT NOT NULL , instance_name TEXT)'
+  'CREATE TABLE IF NOT EXISTS dehydrated_devices(user_id TEXT NOT NULL PRIMARY KEY,device_id TEXT NOT NULL,device_data TEXT NOT NULL)',
+  'CREATE TABLE IF NOT EXISTS device_inbox ( user_id TEXT NOT NULL, device_id TEXT NOT NULL, stream_id BIGINT NOT NULL, message_json TEXT NOT NULL , instance_name TEXT)'
 ]
 
 // eslint-disable-next-line @typescript-eslint/promise-function-async

packages/matrix-client-server/src/account/deactivate.ts

@@ -398,6 +398,7 @@ const realMethod = async (
   )
   const deleteUserDirectoryPromises = deleteUserDirectory(clientServer, userId)
   const deleteAllPushersPromises = await deleteAllPushers(clientServer, userId)
+  // TODO : Check that this doesn't pose a problem
   // Synapse's implementation first populates the "user_pending_deactivation" table, parts the user from joined rooms then deletes the user from that table
   // Maybe this is because they have many workers and they want to prevent concurrent workers accessing the db at the same time
   // If that's the case then we can just directly deleteAllRooms at the same time as all other operations in Promise.all

packages/matrix-client-server/src/account/password/index.ts

@@ -39,6 +39,7 @@ const schema = {
 }
 
 const allowedFlows: AuthenticationFlowContent = {
+  // TODO : Make sure those are the flows we want
   // Those can be changed. Synapse's implementation only includes m.login.email.identity but
   // I think it's relevant to also include m.login.msisdn and m.login.password
   flows: [

packages/matrix-client-server/src/admin/whois.ts

@@ -1,7 +1,7 @@
 import type MatrixClientServer from '..'
 import { type expressAppHandler, send, errMsg } from '@twake/utils'
 
-interface parameters {
+interface Parameters {
   userId: string
 }
 
@@ -23,15 +23,15 @@ const whois = (clientServer: MatrixClientServer): expressAppHandler => {
   return (req, res) => {
     // eslint-disable-next-line @typescript-eslint/ban-ts-comment
     // @ts-expect-error
-    const prms: parameters = req.query as parameters
-    if (prms.userId?.length != null) {
+    const parameters: Parameters = req.query as Parameters
+    if (parameters.userId?.length != null) {
       clientServer.authenticate(req, res, (data, id) => {
         clientServer.matrixDb
           .get(
             'user_ips',
             ['device_id', 'ip', 'user_agent', 'last_seen', 'access_token'],
             {
-              user_id: prms.userId
+              user_id: parameters.userId
             }
           )
           .then((rows) => {
@@ -64,7 +64,7 @@ const whois = (clientServer: MatrixClientServer): expressAppHandler => {
               res,
               200,
               {
-                user_id: prms.userId,
+                user_id: parameters.userId,
                 devices
               },
               clientServer.logger

packages/matrix-client-server/src/register/index.ts

@@ -445,6 +445,7 @@ const register = (clientServer: MatrixClientServer): expressAppHandler => {
       // We don't handle the threepid_guest_access_tokens table and give the guest an access token like any user.
       // This might be problematic to restrict the endpoints guests have access to as specified in the spec
       // TODO : Review this after implementing endpoints not available to guest accounts. Maybe modify the authenticate function.
+      // Right now we just give the guest an access token like any user, maybe this isn't the best way to handle it
       jsonContent(req, res, clientServer.logger, (obj) => {
         if (parameters.kind !== 'guest') {
           send(

packages/matrix-client-server/src/utils/authenticate.ts

@@ -18,6 +18,10 @@ export type AuthenticationFunction = (
   callback: (data: TokenContent, id: string | null) => void
 ) => void
 
+// TODO : Check for guest access. As is, there is nothing that prevents a guest from accessing the endpoints he is not supposed to access
+// Since register assigns him an access token. Maybe it should assign him a guest token that is differentiated in authenticate
+// To only allow him access to the endpoints he is supposed to access
+// Check this for more information : https://spec.matrix.org/v1.11/client-server-api/#guest-access
 const Authenticate = (
   matrixDb: MatrixDBmodified,
   logger: TwakeLogger,

packages/matrix-client-server/src/utils/utils.ts

@@ -1,5 +1,5 @@
 import type MatrixClientServer from '..'
-import { ClientEvent, type DbGetResult } from '../types'
+import { type DbGetResult } from '../types'
 
 export const isAdmin = async (
   clientServer: MatrixClientServer,