From ca1a7a81d6be5fa3c50a12c16526d303010e1808 Mon Sep 17 00:00:00 2001 From: Brendan Abolivier Date: Thu, 6 Feb 2020 17:53:11 +0000 Subject: [PATCH 1/3] Allow configuration for disabling v1 bindings Add the 'enable_v1_associations' configuration flag to determine whether to enable or disable the creation of associations via v1 endpoints. --- sydent/http/httpserver.py | 4 +++- sydent/sydent.py | 5 +++++ 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/sydent/http/httpserver.py b/sydent/http/httpserver.py index 2ce85ffe..8d767971 100644 --- a/sydent/http/httpserver.py +++ b/sydent/http/httpserver.py @@ -87,11 +87,13 @@ def __init__(self, sydent): pubkey.putChild(b'ephemeral', ephemeralPubkey) ephemeralPubkey.putChild(b'isvalid', self.sydent.servlets.ephemeralPubkeyIsValid) - v1.putChild(b'3pid', threepid) threepid.putChild(b'bind', bind) threepid.putChild(b'unbind', unbind) threepid.putChild(b'getValidated3pid', getValidated3pid) + if self.sydent.enable_v1_associations: + v1.putChild(b'3pid', threepid) + email.putChild(b'requestToken', emailReqCode) email.putChild(b'submitToken', emailValCode) diff --git a/sydent/sydent.py b/sydent/sydent.py index f566fef9..cc486d09 100644 --- a/sydent/sydent.py +++ b/sydent/sydent.py @@ -89,6 +89,9 @@ # The following can be added to your local config file to enable sentry support. # 'sentry_dsn': 'https://...' # The DSN has configured in the sentry instance project. + + # Whether clients and homeservers can register an association using v1 endpoints. + 'enable_v1_associations': 'true', }, 'db': { 'db.file': 'sydent.db', @@ -169,6 +172,8 @@ def __init__(self, cfg, reactor=twisted.internet.reactor): addr=self.cfg.get("general", "prometheus_addr"), ) + self.enable_v1_associations = self.cfg.get("general", "enable_v1_associations") + # See if a pepper already exists in the database # Note: This MUST be run before we start serving requests, otherwise lookups for # 3PID hashes may come in before we've completed generating them From 869567371aaffcda1fbf5b15cfcf65b0750a06ef Mon Sep 17 00:00:00 2001 From: Brendan Abolivier Date: Thu, 6 Feb 2020 17:56:54 +0000 Subject: [PATCH 2/3] Fix parsing of boolean config flags --- sydent/sydent.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/sydent/sydent.py b/sydent/sydent.py index cc486d09..5893bd22 100644 --- a/sydent/sydent.py +++ b/sydent/sydent.py @@ -172,7 +172,9 @@ def __init__(self, cfg, reactor=twisted.internet.reactor): addr=self.cfg.get("general", "prometheus_addr"), ) - self.enable_v1_associations = self.cfg.get("general", "enable_v1_associations") + self.enable_v1_associations = parse_cfg_bool( + self.cfg.get("general", "enable_v1_associations") + ) # See if a pepper already exists in the database # Note: This MUST be run before we start serving requests, otherwise lookups for @@ -365,6 +367,10 @@ def get_config_file_path(): return os.environ.get('SYDENT_CONF', "sydent.conf") +def parse_cfg_bool(value): + return value.lower() == "true" + + if __name__ == '__main__': cfg = parse_config_file(get_config_file_path()) setup_logging(cfg) From c7ca58f04a408b38bdd07b02a9977bb86298e3ad Mon Sep 17 00:00:00 2001 From: Brendan Abolivier Date: Thu, 6 Feb 2020 18:16:16 +0000 Subject: [PATCH 3/3] Also don't register token-related endpoints --- sydent/http/httpserver.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/sydent/http/httpserver.py b/sydent/http/httpserver.py index 8d767971..98bb2b18 100644 --- a/sydent/http/httpserver.py +++ b/sydent/http/httpserver.py @@ -74,10 +74,12 @@ def __init__(self, sydent): identity.putChild(b'v2', v2) api.putChild(b'v1', v1) - v1.putChild(b'validate', validate) validate.putChild(b'email', email) validate.putChild(b'msisdn', msisdn) + if self.sydent.enable_v1_associations: + v1.putChild(b'validate', validate) + v1.putChild(b'lookup', lookup) v1.putChild(b'bulk_lookup', bulk_lookup)