Make ty happy

vona/identity/__init__.py

@@ -1,5 +1,7 @@
-from vona.config import server_name, the_funny_number
+import vona.config as config
+import vona.globals as globals
 import time
+import os
 
 from flask import (
 	Blueprint,
@@ -13,10 +15,8 @@ identity = Blueprint("identity", __name__)
 # I'm pretty sure only Element uses this,
 # but oh well.
 
-# https://spec.matrix.org/latest/identity-service-api/#api-version-check
 @identity.route("/_matrix/identity/versions")
 async def versions():
-	# Stolen from the vector.im identity server
 	return jsonify({
 		"versions": [
 			"r0.1.0",
@@ -32,10 +32,11 @@ async def versions():
 	})
 
 
-# https://spec.matrix.org/latest/identity-service-api/#authentication
 @identity.route("/_matrix/identity/v2/account")
 async def account_info():
-	return jsonify({"user_id": f"@vona:{server_name}"})
+	return jsonify({
+		"user_id": f"@vona:{config.server_name}"
+	})
 
 
 @identity.route("/_matrix/identity/v2/account/logout", methods=["POST"])
@@ -45,98 +46,129 @@ async def logout():
 
 @identity.route("/_matrix/identity/v2/account/register", methods=["POST"])
 async def register():
-	return jsonify({"token":"vona"})
+	return jsonify({"token": "vona"})
 
 
-# https://spec.matrix.org/latest/identity-service-api/#terms-of-service
 @identity.route("/_matrix/identity/v2/terms", methods=["GET", "POST"])
 async def policies():
 	if request.method == "GET":
-		return jsonify({"policies":{}})
-	
+		return jsonify({
+			"policies": {}
+		})
+
 	return jsonify({})
 
+
 @identity.route("/_matrix/identity/v2")
 async def status():
 	return jsonify({})
 
+
 @identity.route("/_matrix/identity/v2/pubkey/ephemeral/isvalid")
 @identity.route("/_matrix/identity/v2/pubkey/isvalid")
 async def pubkey_validity():
 	return jsonify({"valid": True})
 
+
 @identity.route("/_matrix/identity/v2/pubkey/<key>")
 async def get_key(key):
 	return jsonify({
-		"errcode": "M_NOT_FOUND",
-		"error": "The public key was not found"
-	}), 404
+		"public_key": globals.pubkey()
+	})
+
 
 @identity.route("/_matrix/identity/v2/hash_details")
 async def hash_details():
-	return jsonify({"algorithms":["none","sha256"],"lookup_pepper": "vona"})
+	return jsonify({
+		"algorithms": [
+			"none",
+			"sha256",
+		],
+		"lookup_pepper": "vona"
+	})
+
 
 @identity.route("/_matrix/identity/v2/lookup", methods=["POST"])
 async def lookup():
 	req = request.json
 
-	if "addresses" in req:
-		return jsonify({"mappings": {req["addresses"][0]: f"@vona:{server_name}"}})
-	else:
-		return jsonify({"errcode": "M_INVALID_PEPPER","error": "Invalid pepper"})
+	if (
+		isinstance(req, dict)
+		and "addresses" in req
+		and isinstance(req["addresses"], list)
+		and len(req["addresses"]) > 0
+	):
+		return jsonify({
+			"mappings": {
+				req["addresses"][0]: f"@vona:{config.server_name}"
+			}
+		})
+
+	return jsonify({
+		"errcode": "M_INVALID_PEPPER",
+		"error": "Invalid pepper"
+	})
+
 
 @identity.route("/_matrix/identity/v2/validate/email/requestToken", methods=["POST"])
 @identity.route("/_matrix/identity/v2/validate/msisdn/requestToken", methods=["POST"])
 async def request_validation_token():
-	return jsonify({"sid": str(the_funny_number)})
+	return jsonify({
+		"sid": os.urandom(16).hex()
+	})
+
 
 @identity.route("/_matrix/identity/v2/validate/email/submitToken", methods=["GET", "POST"])
 @identity.route("/_matrix/identity/v2/validate/msisdn/submitToken", methods=["GET", "POST"])
 async def submit_validation_token():
 	return jsonify({"success": True})
 
+
 @identity.route("/_matrix/identity/v2/3pid/bind", methods=["POST"])
 async def threepid_bind():
 	if "mxid" in request.get_json():
 		mxid = request.get_json()["mxid"]
 	else:
-		mxid = f"@vona:{server_name}"
+		mxid = f"@vona:{config.server_name}"
+
+	return jsonify(
+		globals.sign_json({
+			"address": "abuse@matrix.org",
+			"medium": "email",
+			"mxid": mxid,
+			"not_after": int(time.time() * 1000 + 604800000),
+			"not_before": int(time.time() * 1000 - 604800000),
+			"ts": int(time.time() * 1000)
+		})
+	)
 
-	return jsonify(globals.sign_json({
-		"address": "abuse@matrix.org",
-		"medium": "email",
-		"mxid": mxid,
-		"not_after": int(time.time() * 1000 + 604800000),
-		"not_before": int(time.time() * 1000 - 604800000),
-		"ts": int(time.time() * 1000)
-	}))
 
 @identity.route("/_matrix/identity/v2/3pid/unbind", methods=["POST"])
 async def threepid_unbind():
 	return jsonify({})
 
+
 @identity.route("/_matrix/identity/v2/3pid/getValidated3pid")
 async def threepid_validated():
 	# Please email abuse@matrix.org
 	return jsonify({
 		"address": "abuse@matrix.org",
 		"medium": "email",
-		"validated_at": the_funny_number
+		"validated_at": config.the_funny_number
 	})
 
 
-# https://spec.matrix.org/latest/identity-service-api/#invitation-storage
 @identity.route("/_matrix/identity/v2/store-invite", methods=["POST"])
 async def invite():
 	return jsonify({
 		"display_name": "Vona",
 		"public_keys": [
 			{
-				"key_validity_url": f"https://{server_name}/_matrix/identity/v2/pubkey/isvalid",
+				"key_validity_url": f"https://{config.server_name}/_matrix/identity/v2/pubkey/isvalid",
 				"public_key": "ohyeah"
 			},
 			{
-				"key_validity_url": f"https://{server_name}/_matrix/identity/v2/pubkey/ephemeral/isvalid",
+				"key_validity_url": f"https://{config.server_name}/_matrix/identity/v2/pubkey/ephemeral/isvalid",
 				"public_key": "burgerkingfootlettuce"
 			}
 		],
@@ -144,7 +176,6 @@ async def invite():
 	})
 
 
-# https://spec.matrix.org/latest/identity-service-api/#ephemeral-invitation-signing
 @identity.route("/_matrix/identity/v2/sign-ed25519", methods=["POST"])
 async def invite_signing():
 	required_keys = {"mxid", "private_key", "token"}