From 56d004d15745ad34291c85d8b7a6cfb3501e383e Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Fri, 13 Sep 2024 15:39:36 +0200 Subject: [PATCH 1/2] Use MSC4190 to provision devices for E2EE --- src/appservice/Appservice.ts | 8 ++++++++ src/appservice/Intent.ts | 15 ++++++++++++--- 2 files changed, 20 insertions(+), 3 deletions(-) diff --git a/src/appservice/Appservice.ts b/src/appservice/Appservice.ts index 6f2d0ea2..8be8c53c 100644 --- a/src/appservice/Appservice.ts +++ b/src/appservice/Appservice.ts @@ -135,6 +135,14 @@ export interface IAppserviceRegistration { */ "de.sorunome.msc2409.push_ephemeral"?: boolean; + /** + * ** Experimental ** + * + * Should the AS use the new device management APIs. Optional. + * @see https://github.com/matrix-org/matrix-spec-proposals/pull/4190 + */ + "io.element.msc4190"?: boolean; + // not interested in other options } diff --git a/src/appservice/Intent.ts b/src/appservice/Intent.ts index 9d1e719d..f274671c 100644 --- a/src/appservice/Intent.ts +++ b/src/appservice/Intent.ts @@ -13,6 +13,7 @@ import { Appservice, IAppserviceOptions } from "./Appservice"; import { timedIntentFunctionCall } from "../metrics/decorators"; import { UnstableAppserviceApis } from "./UnstableAppserviceApis"; import { MatrixError } from "../models/MatrixError"; +import { randomUUID } from "crypto"; /** * An Intent is an intelligent client that tracks things like the user's membership @@ -162,9 +163,17 @@ export class Intent { } if (!prepared) { - // XXX: We work around servers that don't support device_id impersonation - const accessToken = await Promise.resolve(storage?.readValue("accessToken")); - if (!accessToken) { + let accessToken; + if (this.options.registration["io.element.msc4190"]) { + // Generate a random device ID and create it + deviceId = randomUUID(); + // Make sure the device is registered + await this.client.doRequest("PUT", `/_matrix/client/v3/devices/${deviceId}`, null, {}); + this.makeClient(true); + this.client.impersonateUserId(this.userId, deviceId); + prepared = true; + } else if (!(accessToken = await Promise.resolve(storage?.readValue("accessToken")))) { + // XXX: We work around servers that don't support device_id impersonation const loginBody = { type: "m.login.application_service", identifier: { From a9cdac455c456b416c338967462559d9ae80ae6e Mon Sep 17 00:00:00 2001 From: Quentin Gliech Date: Fri, 13 Sep 2024 15:56:57 +0200 Subject: [PATCH 2/2] Lint --- src/appservice/Intent.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/appservice/Intent.ts b/src/appservice/Intent.ts index f274671c..d9aeb2d9 100644 --- a/src/appservice/Intent.ts +++ b/src/appservice/Intent.ts @@ -1,3 +1,5 @@ +import { randomUUID } from "crypto"; + import { DeviceKeyAlgorithm, extractRequestError, @@ -13,7 +15,6 @@ import { Appservice, IAppserviceOptions } from "./Appservice"; import { timedIntentFunctionCall } from "../metrics/decorators"; import { UnstableAppserviceApis } from "./UnstableAppserviceApis"; import { MatrixError } from "../models/MatrixError"; -import { randomUUID } from "crypto"; /** * An Intent is an intelligent client that tracks things like the user's membership