gomatrixserverlib/eventV3.go at main · matrix-org/gomatrixserverlib · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
package gomatrixserverlib

import (
	"bytes"
	"encoding/json"
	"fmt"
	"strings"

	"github.com/matrix-org/gomatrixserverlib/spec"
	"github.com/tidwall/gjson"
	"github.com/tidwall/sjson"
)

type eventV3 struct {
	eventV2
}

func (e *eventV3) RoomID() spec.RoomID {
	roomIDStr := e.eventFields.RoomID
	isCreateEvent := e.Type() == spec.MRoomCreate && e.StateKeyEquals("")
	if isCreateEvent {
		roomIDStr = fmt.Sprintf("!%s", e.EventID()[1:])
	}
	roomID, err := spec.NewRoomID(roomIDStr)
	if err != nil {
		panic(fmt.Errorf("RoomID is invalid: %w", err))
	}
	return *roomID
}

func (e *eventV3) AuthEventIDs() []string {
	isCreateEvent := e.Type() == spec.MRoomCreate && e.StateKeyEquals("")
	if isCreateEvent {
		return []string{}
	}
	createEventID := fmt.Sprintf("$%s", e.eventFields.RoomID[1:])
	if len(e.AuthEvents) > 0 {
		// always include the create event
		return append([]string{createEventID}, e.AuthEvents...)
	}
	return []string{createEventID}
}

func newEventFromUntrustedJSONV3(eventJSON []byte, roomVersion IRoomVersion) (PDU, error) {
	if r := gjson.GetBytes(eventJSON, "_*"); r.Exists() {
		return nil, fmt.Errorf("gomatrixserverlib NewEventFromUntrustedJSON: found top-level '_' key, is this a headered event: %v", string(eventJSON))
	}
	if err := roomVersion.CheckCanonicalJSON(eventJSON); err != nil {
		return nil, BadJSONError{err}
	}

	res := &eventV3{}
	var err error
	// Synapse removes these keys from events in case a server accidentally added them.
	// https://github.com/matrix-org/synapse/blob/v0.18.5/synapse/crypto/event_signing.py#L57-L62
	for _, key := range []string{"outlier", "destinations", "age_ts", "unsigned", "event_id"} {
		if eventJSON, err = sjson.DeleteBytes(eventJSON, key); err != nil {
			return nil, err
		}
	}

	if err = json.Unmarshal(eventJSON, &res); err != nil {
		return nil, err
	}

	// v3 events have room IDs as the create event ID.
	// TODO: allow validation to be enhanced/relaxed to help users like Complement.
	if err := checkRoomID(res); err != nil {
		return nil, err
	}

	res.roomVersion = roomVersion.Version()

	// We know the JSON must be valid here.
	eventJSON = CanonicalJSONAssumeValid(eventJSON)
	res.eventJSON = eventJSON

	if err = checkEventContentHash(eventJSON); err != nil {
		res.redacted = true

		// If the content hash doesn't match then we have to discard all non-essential fields
		// because they've been tampered with.
		var redactedJSON []byte
		if redactedJSON, err = roomVersion.RedactEventJSON(eventJSON); err != nil {
			return nil, err
		}

		redactedJSON = CanonicalJSONAssumeValid(redactedJSON)

		// We need to ensure that `result` is the redacted event.
		// If redactedJSON is the same as eventJSON then `result` is already
		// correct. If not then we need to reparse.
		//
		// Yes, this means that for some events we parse twice (which is slow),
		// but means that parsing unredacted events is fast.
		if !bytes.Equal(redactedJSON, eventJSON) {
			result, err := roomVersion.NewEventFromTrustedJSON(redactedJSON, true)
			if err != nil {
				return nil, err
			}
			err = CheckFields(result)
			return result, err
		}
	}

	err = CheckFields(res)

	return res, err
}

func newEventFromTrustedJSONV3(eventJSON []byte, redacted bool, roomVersion IRoomVersion) (PDU, error) {
	res := eventV3{}
	if err := json.Unmarshal(eventJSON, &res); err != nil {
		return nil, err
	}

	// v3 events have room IDs as the create event ID.
	// TODO: allow validation to be enhanced/relaxed to help users like Complement.
	// TODO: feels weird to only have this validation here and not length checks etc :S
	if err := checkRoomID(&res); err != nil {
		return nil, err
	}

	res.roomVersion = roomVersion.Version()
	res.redacted = redacted
	res.eventJSON = eventJSON
	return &res, nil
}

func newEventFromTrustedJSONWithEventIDV3(eventID string, eventJSON []byte, redacted bool, roomVersion IRoomVersion) (PDU, error) {
	res := &eventV3{}
	if err := json.Unmarshal(eventJSON, &res); err != nil {
		return nil, err
	}

	// v3 events have room IDs as the create event ID.
	// TODO: allow validation to be enhanced/relaxed to help users like Complement.
	if err := checkRoomID(res); err != nil {
		return nil, err
	}

	res.roomVersion = roomVersion.Version()
	res.eventJSON = eventJSON
	res.EventIDRaw = eventID
	res.redacted = redacted
	return res, nil
}

func checkRoomID(res *eventV3) error {
	isCreateEvent := res.Type() == spec.MRoomCreate && res.StateKeyEquals("")
	// TODO: We can't do this so long as we support partial Hydra impls in Complement
	// because otherwise if MSC4291=0 and MSC4289=1 then this check fails as the create
	// event will have a room_id.
	//if isCreateEvent && res.eventFields.RoomID != "" {
	//return fmt.Errorf("gomatrixserverlib: room_id must not exist on create event")
	//}
	if !isCreateEvent && !strings.HasPrefix(res.eventFields.RoomID, "!") {
		return fmt.Errorf("gomatrixserverlib: room_id must start with !")
	}
	return nil
}