Implement rooms V3 through V9

MSCs.md

@@ -0,0 +1,39 @@
+# MSCs
+List of MSCs implemented by Vona.
+
+Merged MSCs:
+
+* [MSC971: Groups](https://github.com/matrix-org/matrix-spec-proposals/issues/971)
+* [MSC1708: .well-known for server name resolution](https://github.com/velikopter/matrix-spec-proposals/blob/edutypes/proposals/1708-well-known-for-federation.md)
+* [MSC1753: C2S Capabilities API](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1753-capabilities.md)
+* [MSC1794: Federation v2 Invite API](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1794-federation-v2-invites.md)
+* [MSC1802: Better format for send_join and send_leave](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1802-standardised-federation-response-format.md)
+* [MSC1812: Federation Make Membership Room Version](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1812-federation-make-membership.md)
+* [MSC1929: Homeserver Admin Contact and Support page](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1929-admin-contact.md)
+* [MSC2320: Versions information for identity servers](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2320-identity-versions.md)
+* [MSC2659: Application service ping endpoint](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2659-appservice-ping.md)
+* [MSC2713: Remove deprecated Identity Service endpoints](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2713-remove-deprecated-identity-endpoints.md)
+* [MSC3266: Room Summary API](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3266-room-summary.md)
+* [MSC3383: Include destination in X-Matrix Auth Header](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3383-fed-auth-destination.md)
+* [MSC4133: Extended User Profile API](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/4133-extended-profiles.md)
+* [MSC4151: Reporting rooms](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/4151-report-room.md)
+* [MSC4260: Reporting users](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/4260-report-user.md)
+
+
+Non-merged MSCs:
+
+* [MSC4358: Out-of-room server discovery](https://github.com/matrix-org/matrix-spec-proposals/pull/4358)
+* [MSC4367: via routes in the published room directory](https://github.com/matrix-org/matrix-spec-proposals/pull/4367)
+* [MSC4370: Federation endpoint for retrieving current extremities](https://github.com/matrix-org/matrix-spec-proposals/pull/4370)
+* [MSC4373: Server opt-out of specific EDU types](https://github.com/matrix-org/matrix-spec-proposals/pull/4373)
+
+
+Room version MSCs:
+* [MSC1759: Room V2](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1759-rooms-v2.md)
+* [MSC1659: Room V3](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/1659-event-id-as-hashes.md)
+* [MSC2002: Room V4](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2002-rooms-v4.md)
+* [MSC2077: Room V5](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2077-rooms-v5.md)
+* [MSC2240: Room V6](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2240-rooms-v6.md)
+* [MSC2998: Room V7](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/2998-rooms-v7.md)
+* [MSC3289: Room V8](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3289-rooms-v8.md)
+* [MSC3375: Room V9](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3375-room-v9.md)

SECURITY.md

@@ -0,0 +1,3 @@
+# Security
+If you believe you have found a vulnerability in Vona, please email vel@riseup.net or DM `@vel:faelix.im` on Matrix.
+Do not disclose the details of the vulnerability until a public fix has been made.

TODO.md

@@ -1 +1,2 @@
-Nothing yet...
+- use `resolvematrix` async instead of sync
+- implement groups over federation

pyproject.toml

@@ -8,6 +8,7 @@ dependencies = [
 	"httpx (>=0.28.1,<0.29.0)",
 	"pynacl (>=1.6.0,<2.0.0)",
 	"flask[async] (>=3.1.2,<4.0.0)",
+	"resolvematrix @ git+https://codeberg.org/timedout/resolvematrix.git",
 ]
 
 authors = [

vona/__init__.py

@@ -1 +0,0 @@
-# read __main__.py

vona/__main__.py

@@ -1,4 +1,3 @@
-from flask import Flask, jsonify, request, redirect
 import vona.globals as globals
 from datetime import datetime
 import vona.config as config
@@ -6,6 +5,14 @@ import threading
 import logging
 import os
 
+from flask import (
+	Flask,
+	jsonify,
+	request,
+	redirect,
+	abort,
+)
+
 from vona.federation import server
 from vona.custom import custom
 from vona.identity import identity
@@ -37,7 +44,7 @@ async def validate_json():
 
 		try:
 			request.get_json(force=True)
-		except Exception as e:
+		except Exception:
 			return jsonify({"error": "Content not JSON.", "errcode": "M_NOT_JSON"}), 400
 
 
@@ -49,7 +56,6 @@ async def handle_logging(response):
 	response.headers["Access-Control-Allow-Methods"] = "GET, HEAD, POST, PUT, DELETE, OPTIONS"
 
 	if request.method == "OPTIONS":
-		# Discard logs for OPTIONS
 		return response
 
 	origin = "unknown"
@@ -57,13 +63,34 @@ async def handle_logging(response):
 	try:
 		if "Authorization" in request.headers:
 			if request.headers["Authorization"].split()[0] == "X-Matrix":
-				origin = request.headers["Authorization"].split('origin="')[1].split('"')[0]
+				origin = (
+					request.headers["Authorization"]
+					.split("origin=")[1]
+					.split(",")[0]
+				)
+
+				while '"' in origin:
+					origin = origin.replace('"', "")
+
+				if origin == config.server_name:
+					return response
+
 			else:
 				origin = "client"
+
 	except:
 		pass
 
-	print(f'[{origin}] [{request.remote_addr}] [{datetime.now().strftime("%d/%b/%Y:%H:%M:%S")}] {request.method} {request.full_path} {response.status_code}')
+	if request.path.startswith("/.well-known/matrix/"):
+		return response
+
+	print(
+		f"[{origin}] " +
+		f'[{datetime.now().strftime("%d/%b/%Y:%H:%M:%S")}] ' + 
+		request.method + " " +
+		request.full_path.rstrip("?") + " " + 
+		str(response.status_code)
+	)
 
 	return response
 
@@ -115,8 +142,15 @@ async def client():
 
 def federation_self_test():
 	try:
-		resp = globals.http_client.get(f"https://{config.server_name}/.well-known/matrix/server")
+		resp = globals.http_client().get(
-		resp.raise_for_status()
+			path="/",
+			destination=config.server_name,
+		)
+
+		if str(resp.status_code).startswith("5") or str(resp.status_code).startswith("4"):
+			print(f"[FATL] Federation self-test failed: status code is not acceptable ({str(resp.status_code)})")
+			os._exit(1)
+
 		print("[INFO] Federation self-test OK")
 	except Exception as e:
 		print(f"[FATL] Federation self-test failed: {e}")

vona/appservice/__init__.py

@@ -1,7 +1,11 @@
-from flask import Blueprint, jsonify
 from vona.config import the_funny_number
 import asyncio
 
+from flask import (
+	Blueprint,
+	jsonify,
+)
+
 apps = Blueprint("appservice", __name__)
 
 # This implements both being a homeserver and
@@ -10,6 +14,7 @@ apps = Blueprint("appservice", __name__)
 # Endpoints invoked by the homeserver are put
 # lower than ones invoked by the appservice.
 
+
 @apps.route("/_matrix/client/v1/appservice/<app>/ping", methods=["POST"])
 async def homeserver_ping(app):
 	# Sleeping here makes it more realistic

vona/client/__init__.py

@@ -1,12 +1,23 @@
-from flask import Blueprint, jsonify, request, send_file
 from vona.federation import send_join
 import vona.globals as globals
 import vona.config as config
+
 import asyncio
 import random
 import os
 
-client = Blueprint("c2s", __name__)
+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+	send_file,
+)
+
+client = Blueprint("client", __name__)
+
+from .groups import groups
+
+client.register_blueprint(groups)
 
 
 @client.route("/_matrix/client/v3/account/password", methods=["POST"])
@@ -22,16 +33,18 @@ client = Blueprint("c2s", __name__)
 @client.route("/_matrix/client/v3/logout", methods=["POST"])
 @client.route("/_matrix/client/r0/logout", methods=["POST"])
 @client.route("/_matrix/client/v3/rooms/<room>/invite", methods=["POST"])
-@client.route("/_matrix/client/v3/rooms/<roomId>/leave", methods=["POST"])
+@client.route("/_matrix/client/v3/rooms/<room>/leave", methods=["POST"])
-@client.route("/_matrix/client/r0/rooms/<roomId>/leave", methods=["POST"])
+@client.route("/_matrix/client/r0/rooms/<room>/leave", methods=["POST"])
-@client.route("/_matrix/client/v3/rooms/<roomId>/read_markers", methods=["POST"])
+@client.route("/_matrix/client/v3/rooms/<room>/read_markers", methods=["POST"])
-@client.route("/_matrix/client/r0/rooms/<roomId>/read_markers", methods=["POST"])
+@client.route("/_matrix/client/r0/rooms/<room>/read_markers", methods=["POST"])
 @client.route("/_matrix/client/v3/rooms/<room>/typing/<user>", methods=["PUT"])
+@client.route("/_matrix/client/api/v1/rooms/<room>/typing/<user>", methods=["PUT"])
 @client.route("/_matrix/client/v3/keys/device_signing/upload", methods=["POST"])
 @client.route("/_matrix/client/v3/rooms/<room>/receipt/<type>/<event>", methods=["POST"])
 @client.route("/_matrix/client/v3/users/<user>/report", methods=["POST"])
 @client.route("/_matrix/client/v3/voip/turnServer")
 @client.route("/_matrix/client/r0/voip/turnServer")
+@client.route("/_matrix/client/api/v1/voip/turnServer")
 @client.route("/_matrix/client/v3/rooms/<r>/report/<e>")
 @client.route("/_matrix/client/v3/rooms/<r>/report")
 @client.route("/_matrix/client/v3/users/<u>/report")
@@ -56,7 +69,7 @@ async def spec_versions():
 @client.route("/_matrix/client/v3/admin/whois/<user>")
 @client.route("/_matrix/client/r0/admin/whois/<user>")
 async def whois(user):
-	if userId.startswith("@"):
+	if user.startswith("@"):
 		return jsonify({
 			"devices": {
 				"": {
@@ -99,9 +112,10 @@ async def lock(user):
 	return jsonify({"locked": True})
 
 
-@client.route("/_matrix/client/v3/rooms/<roomId>/members")
+@client.route("/_matrix/client/api/v1/rooms/<room>/members")
-@client.route("/_matrix/client/r0/rooms/<roomId>/members")
+@client.route("/_matrix/client/v3/rooms/<room>/members")
-async def room_member_count(roomId):
+@client.route("/_matrix/client/r0/rooms/<room>/members")
+async def room_members(room):
 	return jsonify({
 		"chunk": [{
 			"content": {
@@ -109,9 +123,9 @@ async def room_member_count(roomId):
 				"displayname": "Vona",
 				"membership": "join"
 			},
-			"event_id": globals.make_event_id(),
+			"event_id": globals.make_event_id(seed=room),
 			"origin_server_ts": config.the_funny_number,
-			"room_id": roomId,
+			"room_id": room,
 			"sender": f"@vona:{config.server_name}",
 			"state_key": f"@vona:{config.server_name}",
 			"type": "m.room.member",
@@ -128,6 +142,7 @@ async def whoami():
 	})
 
 
+@client.route("/_matrix/client/v2_alpha/register", methods=["POST"])
 @client.route("/_matrix/client/v3/register", methods=["POST"])
 @client.route("/_matrix/client/v1/register", methods=["POST"])
 @client.route("/_matrix/client/r0/register", methods=["POST"])
@@ -161,6 +176,7 @@ async def register():
 
 @client.route("/_matrix/client/r0/login", methods=["GET", "POST"])
 @client.route("/_matrix/client/v3/login", methods=["GET", "POST"])
+@client.route("/_matrix/client/api/v1/login", methods=["POST"])
 async def login():
 	if request.method == "GET":
 		return jsonify({
@@ -231,7 +247,13 @@ async def capabilities():
 					"9": "stable",
 					"10": "stable",
 					"11": "stable",
-					"12": "stable"
+					"12": "stable",
+					"org.matrix.msc3757.10": "stable",
+					"org.matrix.msc3757.11": "stable",
+					"org.matrix.hydra.11": "stable",
+					"org.matrix.msc3667": "stable",
+					"org.matrix.msc3787": "stable",
+					"org.matrix.msc4014": "unstable",
 				},
 				"org.matrix.msc3244.room_capabilities": {
 					"knock": {
@@ -276,6 +298,7 @@ async def filter(**kwargs):
 	return jsonify({"filter_id": "vvvooonnnaaa"})
 
 
+@client.route("/_matrix/client/api/v1/join/<room>", methods=["POST"])
 @client.route("/_matrix/client/v3/join/<room>", methods=["POST"])
 @client.route("/_matrix/client/r0/join/<room>", methods=["POST"])
 @client.route("/_matrix/client/v3/rooms/<room>/join", methods=["POST"])
@@ -284,6 +307,7 @@ async def join(room):
 	return jsonify({"room_id": room})
 
 
+@client.route("/_matrix/client/api/v1/initialSync")
 @client.route("/_matrix/client/v3/initialSync")
 @client.route("/_matrix/client/v3/sync")
 @client.route("/_matrix/client/r0/sync")
@@ -292,39 +316,12 @@ async def sync():
 		def get_json():
 			return {}
 
-	async def remove_keys(l, keys_to_remove) -> dict:
-		if not isinstance(l, list):
-			return l
-
-		new_list = []
-		for d in l:
-			if not isinstance(d, dict):
-				new_list.append(d)
-				continue
-
-			new_dict = {}
-			for k, v in d.items():
-				if k in keys_to_remove:
-					continue
-				new_dict[k] = await remove_keys(v, keys_to_remove)
-			new_list.append(new_dict)
-		return new_list
-
 	room = globals.make_event_id().replace("$", "!")
-	old_room_state = send_join(
+	room_state = globals.strip_state(
-		bullshit,
+		send_join(
-		room
+			bullshit,
-	)["state"]
+			room
-
+		)["state"]
-	room_state = await remove_keys(
-		old_room_state,
-		[
-			"auth_events",
-			"prev_events",
-			"signatures",
-			"hashes",
-			"depth"
-		]
 	)
 
 	room_name = {
@@ -377,6 +374,78 @@ async def sync():
 	})
 
 
+@client.route("/_matrix/client/api/v1/rooms/<room>/initialSync")
+async def room_initsync(room):
+	class bullshit:
+		def get_json():
+			return {}
+
+	room_state = globals.strip_state(
+		send_join(
+			bullshit,
+			room
+		)["state"]
+	)
+
+	for evt in room_state:
+		evt["age"] = config.the_funny_number
+
+	return jsonify({
+		"membership": "join",
+		"room_id": room,
+		"messages": {
+			"chunk": [
+				{
+					"age": config.the_funny_number,
+					"content": {
+						"msgtype": "m.text",
+						"body": "Number 15: Burger King Foot Lettuce.\nThe last thing you'd want in your Burger King burger is someones foot fungus, but as it turns out, that might be what you get. A 4channer uploaded a photo, anonymously to the site showcasing his feet in a plastic bin of lettuce with the statement \"This is the lettuce you eat at Burger King.\". Admittedly, he had shoes on, but thats even worse. The post went live at 11:38 PM on July 16 and a mere 20 minutes later the Burger King in question was alerted to the rogue employee. At least, I hope hes rogue. How did it happen? Well, the BK employee hadn't removed the EXIF data from the uploaded photo, which suggested that the culprit was somewhere in Mayfield Heights, Ohio. This was at 11:47. 3 minutes later, at 11:50, the Burger King branch was posted with wishes of happy unemployment. 5 minutes later, the news station was contacted by another 4channer, and 3 minutes later at 11:58 a link was posted: BK's tell us about us online forum. The foot photo, otherwise known as Exhibit A, was attached. Cleveland Seen Magazine contacted the BK in question and the next day when questioned, the breakfast shift manager said \"Oh, I know who that is, hes getting fired\". Mystery solved, by 4chan. Now we can go back to eating our fast food in peace.",
+						"format": "org.matrix.custom.html",
+						"formatted_body": "Number 15: Burger King Foot Lettuce.<br />The last thing you'd want in your Burger King burger is someones foot fungus, but as it turns out, that might be what you get. A 4channer uploaded a photo, anonymously to the site showcasing his feet in a plastic bin of lettuce with the statement &quot;This is the lettuce you eat at Burger King.&quot;. Admittedly, he had shoes on, but thats even worse. The post went live at 11:38 PM on July 16 and a mere 20 minutes later the Burger King in question was alerted to the rogue employee. At least, I hope hes rogue. How did it happen? Well, the BK employee hadn't removed the EXIF data from the uploaded photo, which suggested that the culprit was somewhere in Mayfield Heights, Ohio. This was at 11:47. 3 minutes later, at 11:50, the Burger King branch was posted with wishes of happy unemployment. 5 minutes later, the news station was contacted by another 4channer, and 3 minutes later at 11:58 a link was posted: BK's tell us about us online forum. The foot photo, otherwise known as Exhibit A, was attached. Cleveland Seen Magazine contacted the BK in question and the next day when questioned, the breakfast shift manager said &quot;Oh, I know who that is, hes getting fired&quot;. Mystery solved, by 4chan. Now we can go back to eating our fast food in peace."
+					},
+					"event_id": globals.make_event_id(),
+					"origin_server_ts": 1432804485886,
+					"room_id": globals.make_event_id(),
+					"type": "m.room.message",
+					"user_id": f"@vona:{config.server_name}"
+				}
+			]
+		},
+		"state": room_state
+	})
+
+
+@client.route("/_matrix/client/api/v1/events")
+async def events():
+	if "timeout" in request.args:
+		try:
+			await asyncio.sleep(int(request.args["timeout"]) / 1000)
+		except:
+			pass
+
+	return jsonify({
+		"start": os.urandom(32).hex(),
+		"end": os.urandom(32).hex(),
+		"chunk": [
+			{
+				"age": config.the_funny_number,
+				"content": {
+					"msgtype": "m.text",
+					"body": "Number 15: Burger King Foot Lettuce.\nThe last thing you'd want in your Burger King burger is someones foot fungus, but as it turns out, that might be what you get. A 4channer uploaded a photo, anonymously to the site showcasing his feet in a plastic bin of lettuce with the statement \"This is the lettuce you eat at Burger King.\". Admittedly, he had shoes on, but thats even worse. The post went live at 11:38 PM on July 16 and a mere 20 minutes later the Burger King in question was alerted to the rogue employee. At least, I hope hes rogue. How did it happen? Well, the BK employee hadn't removed the EXIF data from the uploaded photo, which suggested that the culprit was somewhere in Mayfield Heights, Ohio. This was at 11:47. 3 minutes later, at 11:50, the Burger King branch was posted with wishes of happy unemployment. 5 minutes later, the news station was contacted by another 4channer, and 3 minutes later at 11:58 a link was posted: BK's tell us about us online forum. The foot photo, otherwise known as Exhibit A, was attached. Cleveland Seen Magazine contacted the BK in question and the next day when questioned, the breakfast shift manager said \"Oh, I know who that is, hes getting fired\". Mystery solved, by 4chan. Now we can go back to eating our fast food in peace.",
+					"format": "org.matrix.custom.html",
+					"formatted_body": "Number 15: Burger King Foot Lettuce.<br />The last thing you'd want in your Burger King burger is someones foot fungus, but as it turns out, that might be what you get. A 4channer uploaded a photo, anonymously to the site showcasing his feet in a plastic bin of lettuce with the statement &quot;This is the lettuce you eat at Burger King.&quot;. Admittedly, he had shoes on, but thats even worse. The post went live at 11:38 PM on July 16 and a mere 20 minutes later the Burger King in question was alerted to the rogue employee. At least, I hope hes rogue. How did it happen? Well, the BK employee hadn't removed the EXIF data from the uploaded photo, which suggested that the culprit was somewhere in Mayfield Heights, Ohio. This was at 11:47. 3 minutes later, at 11:50, the Burger King branch was posted with wishes of happy unemployment. 5 minutes later, the news station was contacted by another 4channer, and 3 minutes later at 11:58 a link was posted: BK's tell us about us online forum. The foot photo, otherwise known as Exhibit A, was attached. Cleveland Seen Magazine contacted the BK in question and the next day when questioned, the breakfast shift manager said &quot;Oh, I know who that is, hes getting fired&quot;. Mystery solved, by 4chan. Now we can go back to eating our fast food in peace."
+				},
+				"event_id": globals.make_event_id(),
+				"origin_server_ts": 1432804485886,
+				"room_id": globals.make_event_id(),
+				"type": "m.room.message",
+				"user_id": f"@vona:{config.server_name}"
+			}
+		]
+	})
+
+
+@client.route("/_matrix/client/api/v1/rooms/<room>/send/<eventType>/<txnId>", methods=["POST", "PUT"])
 @client.route("/_matrix/client/v3/rooms/<room>/send/<eventType>/<txnId>", methods=["POST", "PUT"])
 @client.route("/_matrix/client/r0/rooms/<room>/send/<eventType>/<txnId>", methods=["POST", "PUT"])
 async def send_message(room, eventType, txnId):
@@ -431,10 +500,10 @@ async def refresh():
 	})
 
 
-@client.route("/_matrix/client/unstable/im.nheko.summary/rooms/<roomId>/summary")
+@client.route("/_matrix/client/unstable/im.nheko.summary/rooms/<room>/summary")
-@client.route("/_matrix/client/unstable/im.nheko.summary/summary/<roomId>")
+@client.route("/_matrix/client/unstable/im.nheko.summary/summary/<room>")
-@client.route("/_matrix/client/v1/room_summary/<roomId>")
+@client.route("/_matrix/client/v1/room_summary/<room>")
-async def room_summary(roomId):
+async def room_summary(room):
 	return jsonify({
 		"room_id": globals.make_event_id().replace("$", "!"),
 		"avatar_url": f"mxc://{config.server_name}/cat",
@@ -446,7 +515,7 @@ async def room_summary(roomId):
 		"join_rule": "public",
 		"room_type": "m.room",
 		"membership": "join",
-		"room_version": globals.room_version_from_id(roomId)
+		"room_version": globals.room_version_from_id(room)
 	})
 
 
@@ -461,6 +530,7 @@ async def room_query(room):
 
 	return jsonify({})
 
+
 @client.route("/_matrix/client/v3/rooms/<room>/aliases")
 async def room_aliases(room):
 	return jsonify({
@@ -475,6 +545,7 @@ async def room_aliases(room):
 async def room_visibility(room):
 	return jsonify({"visibility": "public"})
 
+
 @client.route("/_matrix/client/v3/search", methods=["POST"])
 async def search():
 	room = globals.make_event_id().replace("$", "!")
@@ -546,13 +617,15 @@ async def url_preview():
 		"og:title": "cool cat"
 	})
 
+
 @client.route("/_matrix/client/v1/media/preview_url")
 async def media_preview():
 	response = send_file(config.cat)
-	response.headers["Content-Disposition"] = f'inline; filename="cat.jpg"'
+	response.headers["Content-Disposition"] = 'inline; filename="cat.jpg"'
 	response.headers["Content-Type"] = "image/jpg"
 	return response
 
+
 @client.route("/_matrix/media/v3/upload", methods=["POST"])
 @client.route("/_matrix/media/r0/upload", methods=["POST"])
 @client.route("/_matrix/media/v1/create", methods=["POST"])
@@ -565,9 +638,10 @@ async def media_config():
 	return jsonify({"m.upload.size": config.the_funny_number * 69420})
 
 
-@client.route("/_matrix/client/v3/profile/<userId>/<key>", methods=["GET", "PUT", "DELETE"])
+@client.route("/_matrix/client/api/v1/profile/<user>/<key>", methods=["GET", "PUT", "DELETE"])
-@client.route("/_matrix/client/r0/profile/<userId>/<key>", methods=["GET", "PUT", "DELETE"])
+@client.route("/_matrix/client/v3/profile/<user>/<key>", methods=["GET", "PUT", "DELETE"])
-async def profile_keys(userId, key):
+@client.route("/_matrix/client/r0/profile/<user>/<key>", methods=["GET", "PUT", "DELETE"])
+async def profile_keys(user, key):
 	if request.method == "GET":
 		if key == "avatar_url":
 			return jsonify({"avatar_url": f"mxc://{config.server_name}/cat"})
@@ -581,18 +655,20 @@ async def profile_keys(userId, key):
 
 	return jsonify({})
 
-@client.route("/_matrix/client/v3/profile/<userId>")
+
-@client.route("/_matrix/client/r0/profile/<userId>")
+@client.route("/_matrix/client/v3/profile/<user>")
-async def user_profile(userId):
+@client.route("/_matrix/client/r0/profile/<user>")
+async def user_profile(user):
 	return jsonify({
 		"avatar_url": f"mxc://{config.server_name}/cat",
 		"displayname": "Vona"
 	})
 
 
-@client.route("/_matrix/client/v3/rooms/<roomId>/messages")
+@client.route("/_matrix/client/api/v1/rooms/<room>/messages")
-@client.route("/_matrix/client/r0/rooms/<roomId>/messages")
+@client.route("/_matrix/client/v3/rooms/<room>/messages")
-async def room_messages(roomId):
+@client.route("/_matrix/client/r0/rooms/<room>/messages")
+async def room_messages(room):
 	return jsonify({
 		"chunk": [{
 			"content": {
@@ -603,7 +679,7 @@ async def room_messages(roomId):
 			},
 			"event_id": globals.make_event_id(),
 			"origin_server_ts": config.the_funny_number,
-			"room_id": roomId,
+			"room_id": room,
 			"sender": f"@vona:{config.server_name}",
 			"type": "m.room.message"
 		}],
@@ -611,6 +687,7 @@ async def room_messages(roomId):
 		"start": f"{os.urandom(16).hex()}"
 	})
 
+
 @client.route("/_matrix/client/v3/keys/query", methods=["POST"])
 @client.route("/_matrix/client/r0/keys/query", methods=["POST"])
 async def query_keys():
@@ -622,6 +699,7 @@ async def query_keys():
 		"user_signing_keys": user
 	})
 
+
 @client.route("/_matrix/client/api/v1/createRoom", methods=["POST"])
 @client.route("/_matrix/client/v3/createRoom", methods=["POST"])
 @client.route("/_matrix/client/r0/createRoom", methods=["POST"])
@@ -639,19 +717,29 @@ async def mutual_rooms():
 	})
 
 
+@client.route("/_matrix/client/api/v1/presence/<user>/status", methods=["GET", "PUT"])
 @client.route("/_matrix/client/r0/presence/<user>/status", methods=["GET", "PUT"])
 async def presence(user):
 	if request.method == "PUT":
 		return jsonify({})
 
-	return jsonify({
+	return jsonify({"presence": "online"})
-		"presence": "online"
-	})
 
 
+@client.route("/_matrix/client/api/v1/publicRooms", methods=["GET", "POST"])
+@client.route("/_matrix/client/v3/publicRooms", methods=["GET", "POST"])
 @client.route("/_matrix/client/r0/publicRooms", methods=["GET", "POST"])
 async def room_directory():
-	return jsonify({
+	return jsonify(globals.room_dir)
-		"chunk": [],
+
-		"total_room_count_estimate": 0
+
-	})
+@client.route("/_matrix/client/api/v1/rooms/<room>/state/<evttype>/<key>", methods=["GET", "PUT"])
+@client.route("/_matrix/client/api/v1/rooms/<room>/state/<evttype>/", methods=["GET", "PUT"])
+async def state(room, evttype, key=None):
+	if request.method == "GET":
+		return jsonify({
+			"errcode": "M_NOT_FOUND",
+			"error": f"Event with type {evttype} and key {key} not found"
+		}), 404
+
+	return jsonify({"event_id": os.urandom(5).hex()})

vona/client/groups.py

@@ -0,0 +1,120 @@
+import vona.globals as globals
+import vona.config as config
+import time
+
+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+)
+
+groups = Blueprint("groups", __name__)
+
+# This implements the C2S API for groups
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/self/update_publicity", methods=["PUT"])
+@groups.route("/_matrix/client/r0/groups/<group>/self/accept_invite", methods=["PUT"])
+@groups.route("/_matrix/client/r0/groups/<group>/self/leave", methods=["PUT"])
+@groups.route("/_matrix/client/r0/groups/<group>/admin/users/remove/<user>", methods=["PUT"])
+@groups.route("/_matrix/client/r0/groups/<group>/admin/rooms/<room>", methods=["PUT", "DELETE"])
+async def empty(**k):
+	return jsonify({})
+
+
+@groups.route("/_matrix/client/r0/publicised_groups/<user>")
+@groups.route("/_matrix/client/r0/joined_groups")
+async def joined_groups(user=None):
+	return jsonify({
+		"groups": [f"+vona:{config.server_name}"]
+	})
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/summary")
+async def summary(group):
+	return jsonify({
+		"profile": {
+			"name": "Vona",
+			"short_description": "",
+			"long_description": "",
+			"avatar_url": "",
+			"is_public": 1,
+			"is_openly_joinable": True
+		},
+		"users_section": {
+			"users": [],
+			"roles": {},
+			"total_user_count_estimate": 0
+		},
+		"rooms_section": {
+			"rooms": [],
+			"categories": {},
+			"total_room_count_estimate": 0
+		},
+		"user": {
+			"membership": "join",
+			"is_public": 1,
+			"is_privileged": 1,
+			"is_publicised": True
+		}
+	})
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/rooms")
+async def rooms(group):
+	return jsonify({
+		"chunk": [],
+		"total_room_count_estimate": 0
+	})
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/invited_users")
+async def invited_users(group):
+	return jsonify({
+		"chunk": [],
+		"total_user_count_estimate": 0
+	})
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/users")
+async def users(group):
+	return jsonify({
+		"chunk": [
+			{
+				"user_id": f"@vona:{config.server_name}",
+				"displayname": "Vona",
+				"avatar_url": None,
+				"is_public": True,
+				"is_privileged": True,
+				"attestation": globals.sign_json({
+					"group_id": group,
+					"user_id": f"@vona:{config.server_name}",
+					"valid_until_ms": int(str(time.time() * 1000).split(".")[0])
+				})
+			}
+		],
+		"total_user_count_estimate": 1
+	})
+
+
+@groups.route("/_matrix/client/r0/groups/<group>/profile", methods=["GET", "POST"])
+async def profile(group):
+	if request.method == "POST":
+		return jsonify({})
+
+	return jsonify({
+		"name": "Vona",
+		"short_description": "",
+		"long_description": "",
+		"avatar_url": "",
+		"is_public": 1,
+		"is_openly_joinable": True
+	})
+
+
+@groups.route("/_matrix/client/r0/create_group", methods=["POST"])
+async def create_group():
+	return jsonify({
+		"group_id": f"+vona:{config.server_name}"
+	})
+

vona/config/__init__.py

@@ -1,6 +1,7 @@
-import os
 from pathlib import Path
 import tomllib
+import os
+
 
 addr: str = "127.0.0.1"
 port: int = 5000

vona/custom/__init__.py

@@ -1,19 +1,24 @@
-from flask import Blueprint
+from flask import (
+	Blueprint,
+)
 
 custom = Blueprint("custom", __name__)
 
-# This implements custom endpoints
+# This implements non-standard
-# used by other homeserver
+# endpoints created by other
-# implementations. They do not start
+# homeserver implementations.
-# with /_matrix/
 
 
+from .hammerhead import hammerhead
 from .conduwuit import conduwuit
 from .dendrite import dendrite
 from .telodendria import telo
 from .synapse import synapse
+from .citadel import citadel
 
+custom.register_blueprint(hammerhead)
 custom.register_blueprint(conduwuit)
 custom.register_blueprint(dendrite)
 custom.register_blueprint(synapse)
+custom.register_blueprint(citadel)
 custom.register_blueprint(telo)

vona/custom/citadel.py

@@ -0,0 +1,67 @@
+import vona.config as config
+
+import base64
+import os
+
+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+)
+
+citadel = Blueprint("citadel", __name__)
+
+# These are endpoints made by Thales Citadel
+
+# TODO: Add more endpoints, this likely
+# isn't all of them
+
+
+@citadel.route("/_matrix/client/r0/citadel/stats/m.news/<event>", methods=["GET", "PUT"])
+async def news_stats(event):
+	if request.method == "PUT":
+		return jsonify({"success": True})
+
+	return jsonify({
+		"total_clicks": config.the_funny_number,
+		"user_readings": config.the_funny_number
+	})
+
+
+@citadel.route("/_matrix/client/r0/citadel/rooms/<room>/closeRoom", methods=["POST"])
+async def close_room(room):
+	store_response = request.json.get("store_response", True)
+
+	operation_id = base64.b64encode(
+		bytes(
+			os.urandom(8).hex(),
+			"utf-8"
+		)
+	).decode("utf-8")[:14]
+
+
+	if store_response:
+		resp = {"operation_id": operation_id}
+	else:
+		resp = {
+			"operation_id": operation_id,
+			"previous_state": {
+				"progress": {
+					"steps": {
+						"step_kick_users": {
+							"status": "complete"
+						},
+						"step_purge_history": {
+							"status": "complete"
+						},
+						"step_purge_media": {
+							"status": "complete"
+						}
+					}
+				},
+				"status": "complete"
+			}
+		}
+
+
+	return jsonify(resp)

vona/custom/conduwuit.py

@@ -1,5 +1,8 @@
-from flask import Blueprint, jsonify
 import vona.globals as globals
+from flask import (
+	Blueprint,
+	jsonify,
+)
 
 conduwuit = Blueprint("conduwuit", __name__)
 

vona/custom/dendrite.py

@@ -1,10 +1,13 @@
-from flask import Blueprint, jsonify
 import vona.globals as globals
 import vona.config as config
+from flask import (
+	Blueprint,
+	jsonify,
+)
 
 dendrite = Blueprint("dendrite", __name__)
 
-# https://element-hq.github.io/dendrite/administration/adminapi
+# This implements the Dendrite admin API
 
 
 @dendrite.route("/_dendrite/admin/purgeRoom/<room>", methods=["POST"])

vona/custom/hammerhead.py

@@ -0,0 +1,92 @@
+from datetime import datetime, timezone
+from vona.federation import send_join
+import vona.globals as globals
+import vona.config as config
+import time
+
+from flask import (
+	Blueprint,
+	jsonify,
+)
+
+hammerhead = Blueprint("hammerhead", __name__)
+
+# Hammerhead endpoints. Not documented, but code is at:
+# https://codeberg.org/timedout/hammerhead/src/branch/dev/hammerhead/router/routes/hammerhead
+
+
+@hammerhead.route("/_hammerhead/uptime")
+async def uptime():
+	return jsonify({"started_at": config.the_funny_number})
+
+
+@hammerhead.route("/_hammerhead/version")
+async def version():
+	return jsonify({"version": globals.version})
+
+@hammerhead.route("/_hammerhead/admin/reload-config")
+async def reload_config():
+	return jsonify({})
+
+
+@hammerhead.route("/_hammerhead/admin/server-info/<server>")
+async def server_info(server):
+	return jsonify({
+		"destination": {
+			"expires": datetime.now(timezone.utc).isoformat(),
+			"host_header": server,
+			"ip_port": [
+				f"{server}:443"
+			],
+			"server_name": server
+		},
+		"keys": globals.sign_json({
+			"old_verify_keys": {},
+			"server_name": server,
+			"valid_until_ts": int(time.time() * 1000 + 604800000),
+			"verify_keys": {
+				f"ed25519:{config.signing_key.split()[1]}": {
+					"key": globals.pubkey()
+				}
+			}
+		}),
+		"software": {
+			"server": {
+				"version": globals.version,
+				"name": "Vona"
+			}
+		}
+	})
+
+
+@hammerhead.route("/_hammerhead/admin/rooms/<room>/state-resolver")
+async def room_state(room):
+	class bullshit:
+		def get_json():
+			return {}
+
+	state = send_join(bullshit, room)["state"]
+	formatted_state = {}
+	event_cache = {}
+
+	for event in state:
+		key = f"({event["type"]},'{event["state_key"]}')"
+		formatted_state[key] = event
+
+		if "event_id" in event:
+			event_id = event["event_id"]
+		else:
+			event_id = globals.make_ref_hash(
+				event,
+				int(globals.room_version_from_id(room))
+			)
+
+		event_cache[event_id] = event
+
+
+	return jsonify({
+		"current_state": formatted_state,
+		"event_cache": event_cache,
+		"room_id": room,
+		"room_version": globals.room_version_from_id(room)
+	})

vona/custom/synapse.py

@@ -1,32 +1,37 @@
-from flask import Blueprint, jsonify, request, Response
+from vona.federation import send_join
 import vona.globals as globals
 import vona.config as config
-import base64
+
-import re
 import os
 
+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+)
+
 synapse = Blueprint("synapse", __name__)
 
 # The absolute giant known as the Synapse admin API.
-# Very messy, needs cleaning
+# TODO: Very messy, needs cleaning
 
 
-@synapse.route("/_synapse/admin/v1/suspend/<user_id>", methods=["PUT"])
+@synapse.route("/_synapse/admin/v1/suspend/<user>", methods=["PUT"])
-@synapse.route("/_synapse/admin/v1/deactivate/<user_id>", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/deactivate/<user>", methods=["POST"])
-@synapse.route("/_synapse/admin/v1/reset_password/<user_id>", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/reset_password/<user>", methods=["POST"])
-@synapse.route("/_synapse/admin/v1/users/<user_id>/admin", methods=["PUT"])
+@synapse.route("/_synapse/admin/v1/users/<user>/admin", methods=["PUT"])
-@synapse.route("/_synapse/admin/v2/users/<user_id>/delete_devices", methods=["POST"])
+@synapse.route("/_synapse/admin/v2/users/<user>/delete_devices", methods=["POST"])
-@synapse.route("/_synapse/admin/v1/users/<user_id>/shadow_ban", methods=["DELETE", "POST"])
+@synapse.route("/_synapse/admin/v1/users/<user>/shadow_ban", methods=["DELETE", "POST"])
-@synapse.route("/_synapse/admin/v1/users/<user_id>/override_ratelimit", methods=["GET", "POST", "DELETE"])
+@synapse.route("/_synapse/admin/v1/users/<user>/override_ratelimit", methods=["GET", "POST", "DELETE"])
 @synapse.route("/_synapse/admin/v1/media/protect/<media_id>", methods=["POST"])
 @synapse.route("/_synapse/admin/v1/media/unprotect/<media_id>", methods=["POST"])
 @synapse.route("/_synapse/admin/v1/media/quarantine/<s>/<media_id>", methods=["POST"])
 @synapse.route("/_synapse/admin/v1/media/unquarantine/<s>/<media_id>", methods=["POST"])
 @synapse.route("/_synapse/admin/v1/federation/destinations/<destination>/reset_connection", methods=["POST"])
 @synapse.route("/_synapse/admin/v1/rooms/<room>")
-@synapse.route("/_synapse/admin/v1/rooms/<room_id>/timestamp_to_event")
+@synapse.route("/_synapse/admin/v1/rooms/<room>/timestamp_to_event")
 @synapse.route("/_synapse/admin/v2/rooms/delete_status/<delete_id>")
-@synapse.route("/_synapse/admin/v1/rooms/<room_id_or_alias>/make_room_admin", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/rooms/<room>/make_room_admin", methods=["POST"])
 async def response(**kwargs):
 	return jsonify({})
 
@@ -56,7 +61,7 @@ async def user_list():
 		"total": 1
 	})
 
-@synapse.route("/_synapse/admin/v2/users/<user_id>", methods=["GET", "PUT"])
+@synapse.route("/_synapse/admin/v2/users/<user>", methods=["GET", "PUT"])
 async def user_info(user_id):
 	if request.method == "GET":
 		return jsonify({
@@ -83,7 +88,7 @@ async def user_info(user_id):
 
 	return jsonify({}), 201
 
-@synapse.route("/_synapse/admin/v1/whois/<user_id>")
+@synapse.route("/_synapse/admin/v1/whois/<user>")
 async def whois(user_id):
 	return jsonify({
 		"user_id": f"@vona:{config.server_name}",
@@ -91,7 +96,7 @@ async def whois(user_id):
 			"": {
 				"sessions": [{
 					"connections": [{
-						"ip":f"127.0.0.1",
+						"ip":"127.0.0.1",
 						"last_seen":config.the_funny_number,
 						"user_agent":f"Vona/{globals.version}"
 					}]
@@ -100,44 +105,59 @@ async def whois(user_id):
 		}
 	})
 
-@synapse.route("/_synapse/admin/v1/users/<user_id>/joined_rooms")
+@synapse.route("/_synapse/admin/v1/users/<user>/joined_rooms")
 async def user_joined_rooms(user_id):
 	return jsonify({
 		"joined_rooms": [globals.make_event_id().replace("$", "!")],
 		"total": 1
 	})
 
-@synapse.route("/_synapse/admin/v1/users/<user_id>/sent_invite_count")
+@synapse.route("/_synapse/admin/v1/users/<user>/sent_invite_count")
 async def invite_count(user_id):
 	return jsonify({"invite_count": config.the_funny_number})
 
-@synapse.route("/_synapse/admin/v1/users/<user_id>/accountdata")
+@synapse.route("/_synapse/admin/v1/users/<user>/accountdata")
 async def account_data(user_id):
 	return jsonify({"account_data":{"global":{}}})
 
-@synapse.route("/_synapse/admin/v1/users/<user_id>/media", methods=["GET", "DELETE"])
+@synapse.route("/_synapse/admin/v1/users/<user>/media", methods=["GET", "DELETE"])
 async def account_media(user_id):
 	if request.method == "GET":
-		return jsonify({"media": [{"created_ts":config.the_funny_number,"last_access_ts":config.the_funny_number,"media_id":"cat","media_length":config.the_funny_number,"media_type":"image/jpeg","quarantined_by":"null","safe_from_quarantine":False,"upload_name":"cat.jpg"}], "total": config.the_funny_number})
+		return jsonify({
+			"media": [{
+				"created_ts": config.the_funny_number,
+				"last_access_ts": config.the_funny_number,
+				"media_id": "cat",
+				"media_length": config.the_funny_number,
+				"media_type": "image/jpeg",
+				"quarantined_by": None,
+				"safe_from_quarantine": False,
+				"upload_name": "cat.jpg"
+			}],
+			"total": config.the_funny_number
+		})
 
-	return jsonify({"deleted_media": ["cat"], "total": config.the_funny_number})
+	return jsonify({
+		"deleted_media": ["cat"],
+		"total": config.the_funny_number
+	})
 
-@synapse.route("/_synapse/admin/v1/users/<user_id>/login", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/users/<user>/login", methods=["POST"])
 async def account_login(user_id):
 	return jsonify({"access_token": "vona"})
 
-@synapse.route("/_synapse/admin/v1/users/<user_id>/_allow_cross_signing_replacement_without_uia", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/users/<user>/_allow_cross_signing_replacement_without_uia", methods=["POST"])
 async def stupid_mas_bullshit(user_id):
 	return jsonify({"updatable_without_uia_before_ms": config.the_funny_number})
 
-@synapse.route("/_synapse/admin/v2/users/<user_id>/devices", methods=["GET", "POST"])
+@synapse.route("/_synapse/admin/v2/users/<user>/devices", methods=["GET", "POST"])
 async def device_list(user_id):
 	if request.method == "GET":
 		return jsonify({
 			"devices": [{
 				"device_id": "VVOONNAA",
 				"display_name": "Vona",
-				"last_seen_ip": "127.0.0.1",
+				"last_seen_ip": config.addr,
 				"last_seen_ts": config.the_funny_number,
 				"last_seen_user_agent": f"Vona/{globals.version}"
 			}],
@@ -146,20 +166,20 @@ async def device_list(user_id):
 
 	return jsonify({})
 
-@synapse.route("/_synapse/admin/v2/users/<user_id>/devices/<device_id>", methods=["GET", "PUT", "DELETE"])
+@synapse.route("/_synapse/admin/v2/users/<user>/devices/<device_id>", methods=["GET", "PUT", "DELETE"])
 async def device_info(user_id, device_id):
 	if request.method == "GET":
 		return jsonify({
 			"device_id": "VVOONNAA",
 			"display_name": "Vona",
-			"last_seen_ip": "127.0.0.1",
+			"last_seen_ip": config.addr,
 			"last_seen_ts": config.the_funny_number,
 			"last_seen_user_agent": f"Vona/{globals.version}"
 		})
 
 	return jsonify({})
 
-@synapse.route("/_synapse/admin/v1/users/<user_id>/pushers")
+@synapse.route("/_synapse/admin/v1/users/<user>/pushers")
 async def pushers(user_id):
 	return jsonify({"pushers": [], "total": config.the_funny_number})
 
@@ -169,18 +189,18 @@ async def username_available():
 
 @synapse.route("/_synapse/admin/v1/threepid/<medium>/users/<addr>")
 @synapse.route("/_synapse/admin/v1/auth_providers/<provider>/users/<ext>")
-async def threepid(p, a):
+async def threepid(**kwargs):
 	return jsonify({"user_id": f"@vona:{config.server_name}"})
 
-@synapse.route("/_synapse/admin/v1/<user_id>/redact")
+@synapse.route("/_synapse/admin/v1/<user>/redact")
-def redact(user_id):
+async def redact(user_id):
 	return jsonify({"redact_id": os.urandom(16).hex()})
 
 @synapse.route("/_synapse/admin/v1/user/redact_status/<redact_id>")
 async def redact_status(redact_id):
 	return jsonify({"status":"active","failed_redactions":[]})
 
-@synapse.route("/_synapse/admin/v1/experimental_features/<user_id>", methods=["GET", "PUT"])
+@synapse.route("/_synapse/admin/v1/experimental_features/<user>", methods=["GET", "PUT"])
 async def experimental_features(user_id):
 	return jsonify({"features": {}})
 
@@ -191,8 +211,8 @@ async def register():
 
 	return jsonify({"access_token": "vona"})
 
-@synapse.route("/_synapse/admin/v1/join/<roomId>", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/join/<room>", methods=["POST"])
-async def membership_manipulation(roomId):
+async def membership_manipulation(room):
 	return jsonify({"room_id": globals.make_event_id().replace("$", "!")})
 
 @synapse.route("/_synapse/admin/v1/account_validity/validity", methods=["POST"])
@@ -204,8 +224,8 @@ async def account_validity():
 async def server_notice(**kwargs):
 	return jsonify({"event_id": globals.make_event_id()})
 
-@synapse.route("/_synapse/admin/v1/purge_history/<room_id>/<event_id>", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/purge_history/<room>/<event_id>", methods=["POST"])
-@synapse.route("/_synapse/admin/v1/purge_history/<room_id>", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/purge_history/<room>", methods=["POST"])
 async def purge_event(**kwargs):
 	return jsonify({"purge_id": os.urandom(16).hex()})
 
@@ -213,12 +233,12 @@ async def purge_event(**kwargs):
 async def purge_status(purge_id):
 	return jsonify({"status":"active"})
 
-@synapse.route("/_synapse/admin/v1/room/<room_id>/media")
+@synapse.route("/_synapse/admin/v1/room/<room>/media")
-async def room_media(room_id):
+async def room_media(room):
 	return jsonify({"local": [f"mxc://{config.server_name}/cat"], "remote": []})
 
-@synapse.route("/_synapse/admin/v1/room/<room_id>/media/quarantine", methods=["POST"])
+@synapse.route("/_synapse/admin/v1/room/<room>/media/quarantine", methods=["POST"])
-async def quarantine_room_media(room_id):
+async def quarantine_room_media(room):
 	return jsonify({"num_quarantined": config.the_funny_number})
 
 @synapse.route("/_synapse/admin/v1/media/<s>/delete", methods=["POST"])
@@ -233,7 +253,15 @@ async def delete_remote_media():
 
 @synapse.route("/_synapse/admin/v1/statistics/users/media")
 async def media_stats():
-	return jsonify({"users":[{"displayname":"Vona","media_count":config.the_funny_number,"media_length":config.the_funny_number,"user_id":f"@vona:{config.server_name}"}],"total":config.the_funny_number})
+	return jsonify({
+		"users": [{
+			"displayname": "Vona",
+			"media_count": config.the_funny_number,
+			"media_length": config.the_funny_number,
+			"user_id": f"@vona:{config.server_name}"
+		}],
+		"total": config.the_funny_number
+	})
 
 @synapse.route("/_synapse/admin/v1/statistics/database/rooms")
 async def room_stats():
@@ -302,7 +330,7 @@ async def interact_with_reported_event(report_id):
 @synapse.route("/_synapse/admin/v1/federation/destinations")
 async def federation_destinations():
 	return jsonify({
-		"destinations": [{}],
+		"destinations": [],
 		"total": 0
 	})
 
@@ -366,7 +394,7 @@ async def rooms():
 		"total_rooms": 0
 	})
 
-@synapse.route("/_synapse/admin/v1/rooms/<room_id>/members")
+@synapse.route("/_synapse/admin/v1/rooms/<room>/members")
 async def room_members(room):
 	return jsonify({
 		"members": [
@@ -375,11 +403,11 @@ async def room_members(room):
 		"total": 1
 	})
 
-@synapse.route("/_synapse/admin/v1/rooms/<room_id>/state")
+@synapse.route("/_synapse/admin/v1/rooms/<room>/state")
 async def room_state(room):
 	return jsonify({"state": []})
 
-@synapse.route("/_synapse/admin/v1/rooms/<room_id>/state")
+@synapse.route("/_synapse/admin/v1/rooms/<room>/state")
 async def room_messages(room):
 	return jsonify({
 		"chunk": [],
@@ -387,11 +415,11 @@ async def room_messages(room):
 		"start": "vona"
 	})
 
-@synapse.route("/_synapse/admin/v1/rooms/<room_id>/block", methods=["GET", "PUT"])
+@synapse.route("/_synapse/admin/v1/rooms/<room>/block", methods=["GET", "PUT"])
 async def block_room(room):
 	return jsonify({"block": False})
 
-@synapse.route("/_synapse/admin/v1/rooms/<room_id>", methods=["DELETE"])
+@synapse.route("/_synapse/admin/v1/rooms/<room>", methods=["DELETE"])
 async def room_delete(room):
 	return jsonify({
 		"kicked_users": [
@@ -399,18 +427,18 @@ async def room_delete(room):
 		],
 		"failed_to_kick_users": [],
 		"local_aliases": [],
-		"new_room_id": f"!vona:{config.server_name}"
+		"new_room_id": globals.make_event_id(seed=room)
 	})
 
-@synapse.route("/_synapse/admin/v2/rooms/<room_id>", methods=["DELETE"])
+@synapse.route("/_synapse/admin/v2/rooms/<room>", methods=["DELETE"])
 async def room_delete_v2(room):
 	return jsonify({"delete_id": "vona"})
 
-@synapse.route("/_synapse/admin/v2/rooms/<room_id>/delete_status")
+@synapse.route("/_synapse/admin/v2/rooms/<room>/delete_status")
 async def room_delete_status(room):
 	return jsonify({"results": []})
 
-@synapse.route("/_synapse/admin/v1/rooms/<room_id_or_alias>/forward_extremities", methods=["GET"])
+@synapse.route("/_synapse/admin/v1/rooms/<room>/forward_extremities", methods=["GET"])
 async def forward_extremities(room):
 	if request.method == "DELETE":
 		return jsonify({"deleted": 0})
@@ -424,3 +452,38 @@ async def forward_extremities(room):
 			"received_ts": config.the_funny_number
 		}]
 	})
+
+@synapse.route("/_synapse/admin/v1/media/<origin>/<media_id>")
+async def media_info(origin, media_id):
+	return jsonify({
+		"media_info": {
+			"media_origin": origin,
+			"user_id": None,
+			"media_id": media_id,
+			"media_type": "img/jpeg",
+			"media_length": 67,
+			"upload_name": "cat.jpg",
+			"created_ts": config.the_funny_number,
+			"filesystem_id": os.urandom(3).hex(),
+			"url_cache": None,
+			"last_access_ts": config.the_funny_number,
+			"quarantined_by": None,
+			"authenticated": False,
+			"safe_from_quarantine": None,
+			"sha256": os.urandom(32).hex()
+		}
+	})
+
+
+@synapse.route("/_synapse/admin/v1/fetch_event/<evt>")
+async def fetch_event(evt):
+	class bs:
+		def get_json():
+			return {}
+
+	return jsonify({
+		"event": send_join(
+			bs,
+			globals.make_event_id(seed=evt).replace("$", "!")
+		)["state"][5]
+	})

vona/custom/telodendria.py

@@ -1,7 +1,12 @@
-from flask import Blueprint, request, jsonify
 from vona.globals import version
 import vona.config as config
 
+from flask import (
+	Blueprint,
+	request,
+	jsonify,
+)
+
 telo = Blueprint("telodendria", __name__)
 
 # The telodendria admin API as specified by
@@ -14,7 +19,6 @@ async def process_management(**kwargs):
 	return jsonify({})
 
 
-
 @telo.route("/_telodendria/admin/v1/privileges/<lp>", methods=["GET", "PUT", "POST", "DELETE"])
 @telo.route("/_telodendria/admin/v1/privileges/", methods=["GET", "POST"])
 async def privileges(lp=None):

vona/federation/__init__.py

@@ -1,218 +1,31 @@
-from flask import jsonify, Response, request, send_file, abort, Blueprint
+import vona.federation.rooms as rooms
 import vona.globals as globals
-from vona.config import *
+import vona.config as config
+
 import json
 import time
-import os
+
+from flask import (
+	jsonify,
+	Response,
+	request,
+	Blueprint,
+)
 
 server = Blueprint("federation", __name__)
+http = globals.http_client()
 
 
-def send_join(request, roomId) -> dict:
+class bullshit:
-	event_chain = []
+	def get_json():
-	event_hashes = []
+		return {}
 
-	event_ids = [
-		globals.make_event_id(seed=f"1_{roomId}"),
-		globals.make_event_id(seed=f"2_{roomId}"),
-		globals.make_event_id(seed=f"3_{roomId}"),
-		globals.make_event_id(seed=f"4_{roomId}"),
-		globals.make_event_id(seed=f"5_{roomId}"),
-		globals.make_event_id(seed=f"6_{roomId}"),
-	]
 
-	create_event = {
+def send_join(request, room) -> dict:
-		"content": {
+	if globals.room_version_from_id(room) in ["1", "2"]:
-			"m.federate": True,
+		return rooms.v1_v2(request, room)
-			"creator": f"@vona:{server_name}",
+	else:
-			"room_version": globals.room_version_from_id(roomId)
+		return rooms.v3(request, room)
-		},
-		"event_id": event_ids[0],
-		"origin_server_ts": 1,
-		"room_id": roomId,
-		"sender": f"@vona:{server_name}",
-		"state_key": "",
-		"depth": 1,
-		"type": "m.room.create",
-		"auth_events": [],
-		"prev_events": []
-	}
-
-	screate_event = globals.hash_and_sign_event(create_event)
-	event_chain.append(screate_event)
-
-	our_join = {
-		"content": {
-			"displayname": "Vona",
-			"avatar_url": f"mxc://{server_name}/cat",
-			"membership": "join"
-		},
-		"origin_server_ts": 2,
-		"sender": f"@vona:{server_name}",
-		"state_key": f"@vona:{server_name}",
-		"type": "m.room.member",
-		"event_id": event_ids[1],
-		"room_id": roomId,
-		"depth": 2,
-		"auth_events": [[
-			screate_event["event_id"],
-			screate_event["hashes"]
-		]],
-		"prev_events": [[
-			screate_event["event_id"],
-			screate_event["hashes"]
-		]]
-	}
-
-	sour_join = globals.hash_and_sign_event(our_join)
-	event_chain.append(sour_join)
-
-	pls = {
-		"content": {
-			"users": {
-				f"@vona:{server_name}": "100"
-			}
-		},
-		"origin_server_ts": 3,
-		"room_id": roomId,
-		"sender": f"@vona:{server_name}",
-		"state_key": "",
-		"type": "m.room.power_levels",
-		"event_id": event_ids[2],
-		"depth": 3,
-		"user_id": f"@vona:{server_name}",
-		"auth_events": [
-			[
-				screate_event["event_id"],
-				screate_event["hashes"]
-			],
-			[
-				sour_join["event_id"],
-				sour_join["hashes"]
-			]
-		],
-		"prev_events": [[
-			sour_join["event_id"],
-			sour_join["hashes"]
-		]]
-	}
-
-	spls = globals.hash_and_sign_event(pls)
-	event_chain.append(spls)
-
-	join_rule = {
-		"content": {
-			"join_rule": "public"
-		},
-		"origin_server_ts": 4,
-		"sender": f"@vona:{server_name}",
-		"state_key": "",
-		"type": "m.room.join_rules",
-		"event_id": event_ids[3],
-		"room_id": roomId,
-		"depth": 4,
-		"auth_events": [
-			[
-				screate_event["event_id"],
-				screate_event["hashes"]
-			],
-			[
-				sour_join["event_id"],
-				sour_join["hashes"]
-			],
-			[
-				spls["event_id"],
-				spls["hashes"]
-			]
-		],
-		"prev_events": [[
-			spls["event_id"],
-			spls["hashes"]
-		]]
-	}
-
-	sjoin_rule = globals.hash_and_sign_event(join_rule)
-	event_chain.append(sjoin_rule)
-
-	guest_access = {
-		"content": {
-			"guest_access": "forbidden"
-		},
-		"origin_server_ts": 5,
-		"depth": 5,
-		"sender": f"@vona:{server_name}",
-		"state_key": "",
-		"type": "m.room.guest_access",
-		"event_id": event_ids[4],
-		"room_id": roomId,
-		"auth_events": [
-			[
-				screate_event["event_id"],
-				screate_event["hashes"]
-			],
-			[
-				sour_join["event_id"],
-				sour_join["hashes"]
-			],
-			[
-				spls["event_id"],
-				spls["hashes"]
-			]
-		],
-		"prev_events": [[
-			sjoin_rule["event_id"],
-			sjoin_rule["hashes"]
-		]]
-	}
-
-	sguest_access = globals.hash_and_sign_event(guest_access)
-	event_chain.append(sguest_access)
-
-	history = {
-		"content": {
-			"history_visibility": "shared"
-		},
-		"type": "m.room.history_visibility",
-		"sender": f"@vona:{server_name}",
-		"state_key": "",
-		"origin_server_ts": 6,
-		"depth": 6,
-		"event_id": event_ids[5],
-		"room_id": roomId,
-		"auth_events": [
-			[
-				screate_event["event_id"],
-				screate_event["hashes"]
-			],
-			[
-				sour_join["event_id"],
-				sour_join["hashes"]
-			],
-			[
-				spls["event_id"],
-				spls["hashes"]
-			]
-		],
-		"prev_events": [[
-			sguest_access["event_id"],
-			sguest_access["hashes"]
-		]]
-	}
-
-	shistory = globals.hash_and_sign_event(history)
-	event_chain.append(shistory)
-
-	remote_join = request.get_json()
-
-	response = {
-		"auth_chain": event_chain,
-		"event": remote_join,
-		"members_omitted": False,
-		"servers_in_room": [server_name],
-		"state": event_chain
-	}
-
-	return response
 
 
 @server.route("/_matrix/federation/v1/version")
@@ -228,10 +41,10 @@ async def version():
 async def keys():
 	return jsonify(globals.sign_json({
 		"old_verify_keys": {},
-		"server_name": server_name,
+		"server_name": config.server_name,
 		"valid_until_ts": int(time.time() * 1000 + 604800000),
 		"verify_keys": {
-			f"ed25519:{signing_key.split()[1]}": {
+			f"ed25519:{config.signing_key.split()[1]}": {
 				"key": globals.pubkey()
 			}
 		}
@@ -241,7 +54,7 @@ async def keys():
 async def room_query():
 	return jsonify({
 		"room_id": globals.make_event_id().replace("$", "!"),
-		"servers": [server_name]
+		"servers": [config.server_name]
 	})
 
 @server.route("/_matrix/federation/v1/media/download/<media_id>")
@@ -250,7 +63,7 @@ async def download_media(media_id):
 	# multipart despite not even using
 	# it for anything. Minor annoyance.
 
-	with open(cat, "rb") as img_file:
+	with open(config.cat, "rb") as img_file:
 		image_data = img_file.read()
 	boundary = "----WebKitFormBoundary7MA4YWxkTrZu0gW"
 	response_body = (
@@ -274,82 +87,102 @@ async def thumbnail_media(media_id):
 		"error": "Cat is too cute to thumbnail"
 	}), 418
 
-@server.route("/_matrix/federation/v1/send_join/<roomId>/<eventId>", methods=["PUT"])
-async def send_join_v1(roomId, eventId):
-	return jsonify([200, send_join(request, roomId)])
 
-@server.route("/_matrix/federation/v2/send_join/<roomId>/<eventId>", methods=["PUT"])
+@server.route("/_matrix/federation/v1/send_join/<room>/<eventId>", methods=["PUT"])
-async def send_join_v2(roomId, eventId):
+async def send_join_v1(room, eventId):
-	return jsonify(send_join(request, roomId))
+	if globals.room_version_from_id(room) not in ["1", "2"]:
+		return jsonify({
+			"errcode": "M_INCOMPATIBLE_ROOM_VERSION",
+			"error": "This room is not v1 or v2."
+		}), 400
 
-@server.route("/_matrix/federation/v1/make_join/<roomId>/<userId>")
+	return jsonify([200, send_join(request, room)])
-async def make_join(roomId, userId):
+
-	def not_invited():
+
+@server.route("/_matrix/federation/v2/send_join/<room>/<eventId>", methods=["PUT"])
+async def send_join_v2(room, eventId):
+	return jsonify(send_join(request, room))
+
+
+@server.route("/_matrix/federation/v1/make_join/<room>/<user>")
+async def make_join(room, user):
+	if ":" in room:
+		if room.split(":")[1] != config.server_name:
+			return jsonify({
+				"errcode": "M_FORBIDDEN",
+				"error": "You are not invited to this room."
+			}), 403
+	else:
 		return jsonify({
 			"errcode": "M_FORBIDDEN",
 			"error": "You are not invited to this room."
 		}), 403
 
-	try:
-		if roomId.split(":")[1] != server_name:
-			return not_invited()
-	except:
-		return not_invited()
 
-	class bullshit:
+	room_ver = globals.room_version_from_id(room)
-		def get_json():
-			return {}
 
 	state = send_join(
 		request=bullshit,
-		roomId=roomId
+		room=room
 	)["state"]
 
 	join = {
 		"content": {
-			"join_authorised_via_users_server": f"@vona:{server_name}",
+			"join_authorised_via_users_server": f"@vona:{config.server_name}",
 			"membership": "join"
 		},
-		"origin": server_name,
+		"origin": config.server_name,
 		"origin_server_ts": 7,
-		"room_id": roomId,
+		"room_id": room,
-		"sender": userId,
+		"sender": user,
-		"state_key": userId,
+		"state_key": user,
 		"type": "m.room.member",
 		"depth": 7
 	}
 
-	join["auth_events"] = [
+	if room_ver in ["1", "2"]:
-		[
+		join["event_id"] = globals.make_event_id(seed=f"{user}+{room}")
-			state[0]["event_id"],
+
-			state[0]["hashes"]
+		join["auth_events"] = [
-		],
+			[
-		[
+				state[0]["event_id"],
-			state[2]["event_id"],
+				state[0]["hashes"]
-			state[2]["hashes"]
+			],
-		],
+			[
-		[
+				state[2]["event_id"],
-			state[3]["event_id"],
+				state[2]["hashes"]
-			state[3]["hashes"]
+			],
-		]
+			[
-	]
+				state[3]["event_id"],
+				state[3]["hashes"]
+			]
+		]
+
+		join["prev_events"] = [[
+			state[5]["event_id"],
+			state[5]["hashes"]
+		]]
+	else:
+		join["auth_events"] = [
+			globals.make_ref_hash(state[0], int(room_ver)),
+			globals.make_ref_hash(state[2], int(room_ver)),
+			globals.make_ref_hash(state[3], int(room_ver)),
+		]
+
+		join["prev_events"] = [
+			globals.make_ref_hash(state[5], int(room_ver)),
+		]
 
-	join["prev_events"] = [[
-		state[5]["event_id"],
-		state[5]["hashes"]
-	]]
 
 	return jsonify({
 		"event": globals.hash_and_sign_event(join),
-		"room_version": globals.room_version_from_id(roomId)
+		"room_version": room_ver
 	})
 
+
 @server.route("/_matrix/federation/v1/publicRooms", methods=["POST", "GET"])
 async def room_directory():
-	return jsonify({
+	return jsonify(globals.room_dir)
-		"chunk": [],
-		"total_room_count_estimate": 0
-	})
 
 
 # https://spec.matrix.org/latest/server-server-api/#transactions
@@ -386,7 +219,7 @@ async def user_profile():
 	field = request.args.get("field")
 	if field:
 		if field == "avatar_url":
-			return jsonify({"avatar_url":f"mxc://{server_name}/cat"})
+			return jsonify({"avatar_url":f"mxc://{config.server_name}/cat"})
 		elif field == "displayname":
 			return jsonify({"displayname":"Vona"})
 
@@ -395,48 +228,29 @@ async def user_profile():
 			"error": "The requested profile key does not exist."
 		}), 404
 
-	return jsonify({"avatar_url": f"mxc://{server_name}/cat","displayname": "Vona"})
+	return jsonify({"avatar_url": f"mxc://{config.server_name}/cat","displayname": "Vona"})
 
 
-# https://spec.matrix.org/latest/server-server-api/#device-management
+@server.route(f"/_matrix/federation/v1/user/devices/@/:{config.server_name}")
-@server.route(f"/_matrix/federation/v1/user/devices/@/:{server_name}")
 @server.route("/_matrix/federation/v1/user/devices/<user>")
 async def user_devices(user):
 	return jsonify({
 		"devices": [],
-		"stream_id": the_funny_number,
+		"stream_id": config.the_funny_number,
-		"user_id": f"@vona:{server_name}"
+		"user_id": f"@vona:{config.server_name}"
 	})
 
 
 @server.route("/_matrix/federation/v1/user/keys/query", methods=["POST"])
 async def user_keys():
-	try:
+	return jsonify({
-		users = request.json["device_keys"]
+		"device_keys": request.json.get("device_keys", {})
-	except:
+	})
-		return jsonify({
-			"errcode": "M_NOT_FOUND",
-			"error": "User does not exist"
-		}), 404
-
-	return jsonify({"device_keys": users})
 
 
 @server.route("/_matrix/federation/v2/invite/<room>/<txnId>", methods=["PUT"])
 async def invite_user_v2(room, txnId):
-	return invite_user(request.data)
+	invite_data = request.json
-
-
-@server.route("/_matrix/federation/v1/invite/<room>/<txnId>", methods=["PUT"])
-async def invite_user_v1(room, txnId):
-	return [200, invite_user(request.data)]
-
-
-def invite_user(data):
-	try:
-		invite_data = json.loads(data)
-	except:
-		return jsonify({"errcode":"M_NOT_JSON","error":"Content not JSON."}), 
 
 	if "event" in invite_data:
 		if "room_version" in invite_data:
@@ -450,17 +264,16 @@ def invite_user(data):
 			event = invite_data.get("event", {})
 			content = event.get("content", {})
 
-			# NOTE to crispycat: I know you loooooove this syntax
 			if (
 				"content" in event
 				and "membership" in content
 				and "state_key" in event
 				and "room_id" in event
 				and content["membership"] == "invite"
-				and event["state_key"] == f"@vona:{server_name}"
+				and event["state_key"] == f"@vona:{config.server_name}"
 			):
 				return jsonify({
-					"event": globals.sign_json_without_discard(invite_data["event"]),
+					"event": globals.sign_json_without_discard(event),
 					"room_version": invite_data["room_version"]
 				})
 
@@ -471,9 +284,152 @@ def invite_user(data):
 	}), 403
 
 
-@server.route("/_matrix/federation/v1/hierarchy/<roomId>")
+@server.route("/_matrix/federation/v1/invite/<room>/<txnId>", methods=["PUT"])
-async def space_hierachy(roomId):
+async def invite_user_v1(room, txnId):
+	event = request.json
+	content = event.get("content", {})
+
+	if (
+		"content" in event
+		and "membership" in content
+		and "state_key" in event
+		and "room_id" in event
+		and content["membership"] == "invite"
+		and event["state_key"] == f"@vona:{config.server_name}"
+		and "event_id" in event
+		and ":" in event["event_id"]
+	):
+		return jsonify({
+			"event": globals.sign_json_without_discard(event)
+		})
+
+	return jsonify({
+		"errcode": "M_FORBIDDEN",
+		"error": "Invalid invitation PDU"
+	}), 403
+
+
+@server.route("/_matrix/federation/v1/hierarchy/<room>")
+async def space_hierachy(room):
 	return jsonify({
 		"errcode": "M_NOT_FOUND",
 		"error": "Room does not exist."
 	}), 404
+
+
+@server.route("/_matrix/federation/v1/org.matrix.msc4358/discover_common_rooms", methods=["POST"])
+@server.route("/_matrix/federation/v1/discover_common_rooms", methods=["POST"])
+async def discover_common_rooms():
+	tags = request.json.get("room_participation_tags", [])
+	return jsonify({"recognised_tags": tags})
+
+
+@server.route("/_matrix/federation/v1/backfill/<room>")
+async def backfill(room):
+	# TODO: burger king foot lettuce
+
+	return jsonify({
+		"origin": config.server_name,
+		"origin_server_ts": int(str(time.time() * 1000).split(".")[0]),
+		"pdus": send_join(bullshit, room)["state"]
+	})
+
+
+@server.route("/_matrix/federation/unstable/org.matrix.msc4370/extremities/<room>")
+@server.route("/_matrix/federation/v1/extremities/<room>")
+async def extremities(room):
+	if ":" in room:
+		if room.split(":")[1] != config.server_name:
+			return jsonify({
+				"errcode": "M_NOT_FOUND",
+				"error": f"Room is unknown to this server"
+			}), 404
+
+	room_ver = globals.room_version_from_id(room)
+
+	if room_ver in ["1", "2"]:
+		event_id = globals.make_event_id(seed=f"6_{room}")
+	else:
+		event_id = globals.make_ref_hash(
+			send_join(bullshit, room)["state"][5],
+			int(room_ver)
+		)
+
+	return jsonify({
+		"prev_events": [event_id]
+	})
+
+
+@server.route("/_matrix/federation/v1/state_ids/<room>")
+async def state_ids(room):
+	if (
+		"event_id" in request.args
+		and request.args["event_id"].strip() != ""
+	):
+		evt = request.args["event_id"]
+		def explode():
+			return jsonify({
+				"errcode": "M_NOT_FOUND",
+				"error": f"Could not find event {evt}"
+			}), 404
+
+
+		if ":" not in evt:
+			return explode()
+		if ":" in room:
+			if room.split(":")[1] != config.server_name:
+				return explode()
+		else:
+			return explode()
+
+		server_name = evt.split(":")[1]
+
+		if server_name == config.server_name:
+			state = send_join(bullshit, room)["state"]
+			event_ids = []
+
+			for event in state:
+				if "event_id" in event:
+					event_ids.append(event["event_id"])
+				else:
+					event_ids.append(
+						globals.make_ref_hash(event)
+					)
+
+			if evt in event_ids:
+				return jsonify({
+					"auth_chain_ids": [event_ids],
+					"pdu_ids": [event_ids]
+				})
+			else:
+				return explode()
+
+		try:
+			resp = http.get(
+				path=request.full_path,
+				destination=server_name,
+			)
+
+			if resp.status_code != 200:
+				raise
+
+			return jsonify(resp.json())
+		except:
+			pass
+
+		return explode()
+
+	return jsonify({
+		"errcode": "M_MISSING_PARAM",
+		"error": "Query parameter 'event_id' was not specified"
+	}), 400
+
+
+@server.route("/_matrix/federation/unstable/io.fsky.vel/edutypes")
+@server.route("/_matrix/federation/v1/edutypes")
+async def edutypes():
+	return jsonify({
+		"m.presence": False,
+		"m.receipt": False,
+		"m.typing": False,
+	})

vona/federation/rooms.py

@@ -0,0 +1,284 @@
+import vona.globals as globals
+import vona.config as config
+
+# This file is responsible for creating Matrix rooms.
+
+# Room V1/V2
+def v1_v2(request, room) -> dict:
+	event_chain = []
+
+	event_ids = [
+		globals.make_event_id(seed=f"1_{room}"),
+		globals.make_event_id(seed=f"2_{room}"),
+		globals.make_event_id(seed=f"3_{room}"),
+		globals.make_event_id(seed=f"4_{room}"),
+		globals.make_event_id(seed=f"5_{room}"),
+		globals.make_event_id(seed=f"6_{room}"),
+	]
+
+	create_event = {
+		"content": {
+			"m.federate": True,
+			"creator": f"@vona:{config.server_name}",
+			"room_version": globals.room_version_from_id(room)
+		},
+		"event_id": event_ids[0],
+		"origin_server_ts": 1,
+		"room_id": room,
+		"sender": f"@vona:{config.server_name}",
+		"state_key": "",
+		"depth": 1,
+		"type": "m.room.create",
+		"auth_events": [],
+		"prev_events": []
+	}
+
+	screate_event = globals.hash_and_sign_event(create_event)
+	event_chain.append(screate_event)
+
+	our_join = {
+		"content": {
+			"displayname": "Vona",
+			"avatar_url": f"mxc://{config.server_name}/cat",
+			"membership": "join"
+		},
+		"origin_server_ts": 2,
+		"sender": f"@vona:{config.server_name}",
+		"state_key": f"@vona:{config.server_name}",
+		"type": "m.room.member",
+		"event_id": event_ids[1],
+		"room_id": room,
+		"depth": 2,
+		"auth_events": [[
+			screate_event["event_id"],
+			screate_event["hashes"]
+		]],
+		"prev_events": [[
+			screate_event["event_id"],
+			screate_event["hashes"]
+		]]
+	}
+
+	sour_join = globals.hash_and_sign_event(our_join)
+	event_chain.append(sour_join)
+
+	pls = {
+		"content": {
+			"users": {
+				f"@vona:{config.server_name}": "100"
+			}
+		},
+		"origin_server_ts": 3,
+		"room_id": room,
+		"sender": f"@vona:{config.server_name}",
+		"state_key": "",
+		"type": "m.room.power_levels",
+		"event_id": event_ids[2],
+		"depth": 3,
+		"user_id": f"@vona:{config.server_name}",
+		"auth_events": [
+			[
+				screate_event["event_id"],
+				screate_event["hashes"]
+			],
+			[
+				sour_join["event_id"],
+				sour_join["hashes"]
+			]
+		],
+		"prev_events": [[
+			sour_join["event_id"],
+			sour_join["hashes"]
+		]]
+	}
+
+	spls = globals.hash_and_sign_event(pls)
+	event_chain.append(spls)
+
+	join_rule = {
+		"content": {
+			"join_rule": "public"
+		},
+		"origin_server_ts": 4,
+		"sender": f"@vona:{config.server_name}",
+		"state_key": "",
+		"type": "m.room.join_rules",
+		"event_id": event_ids[3],
+		"room_id": room,
+		"depth": 4,
+		"auth_events": [
+			[
+				screate_event["event_id"],
+				screate_event["hashes"]
+			],
+			[
+				sour_join["event_id"],
+				sour_join["hashes"]
+			],
+			[
+				spls["event_id"],
+				spls["hashes"]
+			]
+		],
+		"prev_events": [[
+			spls["event_id"],
+			spls["hashes"]
+		]]
+	}
+
+	sjoin_rule = globals.hash_and_sign_event(join_rule)
+	event_chain.append(sjoin_rule)
+
+	guest_access = {
+		"content": {
+			"guest_access": "forbidden"
+		},
+		"origin_server_ts": 5,
+		"depth": 5,
+		"sender": f"@vona:{config.server_name}",
+		"state_key": "",
+		"type": "m.room.guest_access",
+		"event_id": event_ids[4],
+		"room_id": room,
+		"auth_events": [
+			[
+				screate_event["event_id"],
+				screate_event["hashes"]
+			],
+			[
+				sour_join["event_id"],
+				sour_join["hashes"]
+			],
+			[
+				spls["event_id"],
+				spls["hashes"]
+			]
+		],
+		"prev_events": [[
+			sjoin_rule["event_id"],
+			sjoin_rule["hashes"]
+		]]
+	}
+
+	sguest_access = globals.hash_and_sign_event(guest_access)
+	event_chain.append(sguest_access)
+
+	history = {
+		"content": {
+			"history_visibility": "shared"
+		},
+		"type": "m.room.history_visibility",
+		"sender": f"@vona:{config.server_name}",
+		"state_key": "",
+		"origin_server_ts": 6,
+		"depth": 6,
+		"event_id": event_ids[5],
+		"room_id": room,
+		"auth_events": [
+			[
+				screate_event["event_id"],
+				screate_event["hashes"]
+			],
+			[
+				sour_join["event_id"],
+				sour_join["hashes"]
+			],
+			[
+				spls["event_id"],
+				spls["hashes"]
+			]
+		],
+		"prev_events": [[
+			sguest_access["event_id"],
+			sguest_access["hashes"]
+		]]
+	}
+
+	shistory = globals.hash_and_sign_event(history)
+	event_chain.append(shistory)
+
+	remote_join = request.get_json()
+
+	response = {
+		"auth_chain": event_chain,
+		"event": remote_join,
+		"members_omitted": False,
+		"servers_in_room": [config.server_name],
+		"state": event_chain
+	}
+
+	return response
+
+
+# Room V3 to V9
+def v3(request, room) -> dict:
+	initial_response = v1_v2(request, room)
+	state = list(initial_response["state"])
+	ver = int(globals.room_version_from_id(room))
+	events = {}
+	hash_map = {}
+
+	for event in state:
+		events[event["type"]] = event
+		del event["event_id"]
+		del event["hashes"]
+		del event["signatures"]
+
+	# m.room.create doesn't have prev_events or auth_events
+	events["m.room.create"] = globals.hash_and_sign_event(events["m.room.create"])
+	hash_map["m.room.create"] = globals.make_ref_hash(events["m.room.create"], ver)
+
+	events["m.room.member"]["auth_events"] = [hash_map["m.room.create"]]
+	events["m.room.member"]["prev_events"] = [hash_map["m.room.create"]]
+	events["m.room.member"] = globals.hash_and_sign_event(events["m.room.member"])
+	hash_map["m.room.member"] = globals.make_ref_hash(events["m.room.member"], ver)
+
+	events["m.room.power_levels"]["auth_events"] = [
+		hash_map["m.room.create"],
+		hash_map["m.room.member"],
+	]
+	events["m.room.power_levels"]["prev_events"] = [hash_map["m.room.member"]]
+	events["m.room.power_levels"] = globals.hash_and_sign_event(events["m.room.power_levels"])
+	hash_map["m.room.power_levels"] = globals.make_ref_hash(events["m.room.power_levels"], ver)
+
+	events["m.room.join_rules"]["auth_events"] = [
+		hash_map["m.room.create"],
+		hash_map["m.room.member"],
+		hash_map["m.room.power_levels"],
+	]
+	events["m.room.join_rules"]["prev_events"] = [hash_map["m.room.power_levels"]]
+	events["m.room.join_rules"] = globals.hash_and_sign_event(events["m.room.join_rules"])
+	hash_map["m.room.join_rules"] = globals.make_ref_hash(events["m.room.join_rules"], ver)
+
+	events["m.room.guest_access"]["auth_events"] = [
+		hash_map["m.room.create"],
+		hash_map["m.room.member"],
+		hash_map["m.room.power_levels"],
+	]
+	events["m.room.guest_access"]["prev_events"] = [hash_map["m.room.join_rules"]]
+	events["m.room.guest_access"] = globals.hash_and_sign_event(events["m.room.guest_access"])
+	hash_map["m.room.guest_access"] = globals.make_ref_hash(events["m.room.guest_access"], ver)
+
+	events["m.room.history_visibility"]["auth_events"] = [
+		hash_map["m.room.create"],
+		hash_map["m.room.member"],
+		hash_map["m.room.power_levels"],
+	]
+	events["m.room.history_visibility"]["prev_events"] = [hash_map["m.room.guest_access"]]
+	events["m.room.history_visibility"] = globals.hash_and_sign_event(events["m.room.history_visibility"])
+
+	new_state = []
+
+	for event in events:
+		new_state.append(events[event])
+
+
+	resp = {
+		"auth_chain": new_state,
+		"event": initial_response["event"],
+		"members_omitted": False,
+		"servers_in_room": [config.server_name],
+		"state": new_state
+	}
+
+	return resp

vona/globals/__init__.py

@@ -1,3 +1,5 @@
+from resolvematrix import ServerResolver
+from types import SimpleNamespace
 from collections import Counter
 import vona.config as config
 import nacl.signing
@@ -5,12 +7,10 @@ import hashlib
 import base64
 import random
 import httpx
-import copy
 import json
 import re
 
-version = "1.4.3"
+version = "1.5.0"
-http_client = httpx.Client(headers={"User-Agent": f"Vona/{version}"})
 
 
 def canonical_json(value):
@@ -111,7 +111,9 @@ def event_hash(event_object):
 
 	event_json_bytes = canonical_json(event_object)
 
-	return base64.b64encode(hashlib.sha256(event_json_bytes).digest()).decode("utf-8")
+	return base64.b64encode(
+		hashlib.sha256(event_json_bytes).digest()
+	).decode("utf-8").rstrip("=")
 
 
 def pubkey() -> str:
@@ -129,7 +131,12 @@ def pubkey() -> str:
 	)
 
 
-def make_auth_header(destination, method, path, content=None) -> str:
+def make_auth_header(
+	destination: str,
+	method: str,
+	path: str,
+	content = None
+) -> str:
 	request_json = {
 		"method": method,
 		"uri": path,
@@ -161,7 +168,10 @@ def make_auth_header(destination, method, path, content=None) -> str:
 	return authorization_headers[0].decode("utf-8")
 
 
-def redact_event(event):
+def redact_event(
+	event: dict,
+	for_event_id: bool = False,
+):
 	# Returns a redacted event as per
 	# the algorithm for v1/v2 rooms.
 
@@ -173,7 +183,6 @@ def redact_event(event):
 		"state_key",
 		"content",
 		"hashes",
-		"signatures",
 		"depth",
 		"prev_events",
 		"prev_state",
@@ -183,6 +192,9 @@ def redact_event(event):
 		"membership",
 	]
 
+	if not for_event_id:
+		allowed_keys.append("signatures")
+
 	redacted_event = {k: v for k, v in event.items() if k in allowed_keys}
 
 	if "type" in redacted_event and "content" in redacted_event:
@@ -228,27 +240,162 @@ def hash_and_sign_event(event_object):
 	return event_object
 
 
-def room_version_from_id(room_id):
+def make_ref_hash(
-	room_id_no_sigil = room_id.replace("!", "")
+	event: dict,
+	room_ver: int = 3,
+):
+	stripped = redact_event(event, True)
+	evt_bytes = canonical_json(stripped)
 
+	evt_hash = base64.b64encode(
+		hashlib.sha256(evt_bytes).digest()
+	).decode("utf-8").rstrip("=")
+
+	if room_ver > 3:
+		while "+" in evt_hash:
+			evt_hash = evt_hash.replace("+", "-")
+		while "/" in evt_hash:
+			evt_hash = evt_hash.replace("/", "_")
+
+	return "$" + evt_hash
+
+
+def room_version_from_id(room):
+	room_id_no_sigil = (
+		room
+		.replace("!", "")
+		.replace(f":{config.server_name}", "")
+	)
 	hexadecimal_room_id = bytes(room_id_no_sigil, "utf-8").hex()
 
-	if "1" not in hexadecimal_room_id and "2" not in hexadecimal_room_id:
+	versions = [str(i) for i in range(1, 10)]
-		# NOTE: v2 if impossible from room ID alone
+
+	if not any(ver in hexadecimal_room_id for ver in versions):
 		hexadecimal_room_id = "2" + hexadecimal_room_id[1:]
 
 	def remove_chars(s):
-		return re.sub("[^12]", "", s)
+		return re.sub(f"[^{''.join(versions)}]", "", s)
 
 	nums = remove_chars(hexadecimal_room_id)
 
 	def most_common_character(s):
 		s = s.replace(" ", "").lower()
-
 		counts = Counter(s)
-
 		most_common = counts.most_common(1)
+		return most_common[0] if most_common else ("2",)
 
-		return most_common[0] if most_common else None
+	return str(most_common_character(nums)[0])
 
-	return most_common_character(nums)[0]
+
+room_dir = {
+	"chunk": [{
+		"avatar_url": f"mxc://{config.server_name}/cat",
+		"guest_can_join": False,
+		"join_rule": "public",
+		"name": "Vona",
+		"num_joined_members": 1,
+		"room_id": make_event_id().replace("$", "!"),
+		"room_type": "m.room",
+		"topic": "",
+		"world_readable": False,
+		"via": [config.server_name]
+	}],
+	"total_room_count_estimate": 1
+}
+
+
+class http_client:
+	http = httpx.Client(headers={"User-Agent": f"Vona/{version}"})
+	resolver = ServerResolver(client=http)
+
+	def _resolve(self, target) -> SimpleNamespace:
+		r = self.resolver.resolve(target)
+
+		if r.sni:
+			sni = r.sni
+		else:
+			sni = r.host_header
+
+		return SimpleNamespace(
+			base_url=r.base_url,
+			host_header=r.host_header,
+			sni=sni
+		)
+
+	def put(
+		self,
+		path: str,
+		destination: str,
+		headers: dict = {},
+		authorize: bool = True,
+		json: dict = {},
+	):
+		resolved = self._resolve(destination)
+
+		if authorize:
+			headers["Authorization"] = make_auth_header(
+				method="PUT",
+				destination=destination,
+				path=path,
+				content=json,
+			)
+
+		headers["Host"] = resolved.host_header
+
+		return self.http.put(
+			f"{resolved.base_url}{path}",
+			headers=headers,
+			extensions={"sni_hostname": resolved.sni},
+			json=json,
+		)
+
+	def get(
+		self,
+		path: str,
+		destination: str,
+		headers: dict = {},
+		authorize: bool = True,
+	):
+		resolved = self._resolve(destination)
+
+		if authorize:
+			headers["Authorization"] = make_auth_header(
+				method="GET",
+				destination=destination,
+				path=path,
+			)
+
+		headers["Host"] = resolved.host_header
+
+		return self.http.get(
+			f"{resolved.base_url}{path}",
+			headers=headers,
+			extensions={"sni_hostname": resolved.sni},
+		)
+
+
+def strip_state(l) -> list:
+	if not isinstance(l, list):
+		return l
+
+	keys_to_remove = [
+		"auth_events",
+		"prev_events",
+		"signatures",
+		"hashes",
+		"depth"
+	]
+
+	new_list = []
+	for d in l:
+		if not isinstance(d, dict):
+			new_list.append(d)
+			continue
+
+		new_dict = {}
+		for k, v in d.items():
+			if k in keys_to_remove:
+				continue
+			new_dict[k] = strip_state(v)
+		new_list.append(new_dict)
+	return new_list

vona/identity/__init__.py

@@ -1,7 +1,12 @@
-from flask import Blueprint, jsonify, request
 from vona.config import server_name, the_funny_number
 import time
 
+from flask import (
+	Blueprint,
+	jsonify,
+	request,
+)
+
 identity = Blueprint("identity", __name__)
 
 # This implements being an identity server.
@@ -128,11 +133,11 @@ async def invite():
 		"public_keys": [
 			{
 				"key_validity_url": f"https://{server_name}/_matrix/identity/v2/pubkey/isvalid",
-				"public_key":"ohyeah"
+				"public_key": "ohyeah"
 			},
 			{
 				"key_validity_url": f"https://{server_name}/_matrix/identity/v2/pubkey/ephemeral/isvalid",
-				"public_key":"thisssssss"
+				"public_key": "burgerkingfootlettuce"
 			}
 		],
 		"token": "vona"
@@ -143,10 +148,10 @@ async def invite():
 @identity.route("/_matrix/identity/v2/sign-ed25519", methods=["POST"])
 async def invite_signing():
 	required_keys = {"mxid", "private_key", "token"}
-	d = data.get_json()
+	d = request.data.get_json()
 
 	if set(d.keys()) == required_keys:
-		return jsonify(sign_json(d))
+		return jsonify(globals.sign_json(d))
 	else:
 		return jsonify({
 			"errcode": "M_UNRECOGNIZED",

vona/policy/__init__.py

@@ -1,4 +1,8 @@
-from flask import jsonify, Blueprint, request
+from flask import (
+	jsonify,
+	Blueprint,
+	request,
+)
 
 policy = Blueprint("policy", __name__)
 

vona/utils/__main__.py

@@ -1,8 +1,9 @@
 print("Available utils:")
 
 a = [
-	"makekey",
+	"makekey - Generate a signing key",
-	"joinroom"
+	"joinroom - Join a remote room",
+	"roomwithver - Brute-force a room with a specific room version",
 ]
 
 for t in a:

vona/utils/joinroom.py

@@ -1,16 +1,45 @@
 import vona.globals as globals
 import vona.config as config
-import urllib.parse
-import httpx
-import json
-import time
 
-http_client = globals.http_client
+import urllib.parse
+import time
+import json
+import httpx
+
+
+http_client = globals.http_client()
+
+versions = [
+	"1",
+	"2",
+	"3",
+	"4",
+	"5",
+	"6",
+	"7",
+	"8",
+	"9",
+	"10",
+	"11",
+	"12",
+	"org.matrix.msc3757.10",
+	"org.matrix.msc3757.11",
+	"org.matrix.hydra.11",
+	"org.matrix.msc3667",
+	"org.matrix.msc3787",
+	"org.matrix.msc4014",
+]
+
+verparams = "&".join(f"ver={ver}" for ver in versions)
 
 
 def get_user_input(prompt):
 	try:
-		return urllib.parse.quote(input(prompt).replace("\\n", "\n", count=32))
+		answer = input(prompt)
+		while "\\n" in answer:
+			answer = answer.replace("\\n", "\n")
+
+		return urllib.parse.quote(answer)
 	except Exception as e:
 		print(f"Error reading input: {e}")
 		return None
@@ -21,27 +50,17 @@ room_id = get_user_input("Room ID:\n\t")
 
 
 try:
-	unresolved_server_name = input("\nServer name before resolve:\n\t")
+	server_name = input("\nServer name to join via:\n\t")
-	resolved_server_name = input("Server name after resolve:\n\t")
 except Exception as e:
 	print(f"Error reading server names: {e}")
 	exit(1)
 
-
 try:
-	make_join_auth = globals.make_auth_header(
-		unresolved_server_name,
-		"GET",
-		f"/_matrix/federation/v1/make_join/{room_id}/%40{username}%3A{config.server_name}?ver=1&ver=2&ver=3&ver=4&ver=5&ver=6&ver=7&ver=8&ver=9&ver=10&ver=11&ver=12",
-	)
-
 	print("\nSending make_join request..")
 
 	make_join_response = http_client.get(
-		f"https://{resolved_server_name}/_matrix/federation/v1/make_join/{room_id}/%40{username}%3A{config.server_name}?ver=1&ver=2&ver=3&ver=4&ver=5&ver=6&ver=7&ver=8&ver=9&ver=10&ver=11&ver=12",
+		path=f"/_matrix/federation/v1/make_join/{room_id}/%40{username}%3A{config.server_name}?{verparams}",
-		headers={
+		destination=server_name,
-			"Authorization": make_join_auth
-		},
 	)
 
 	make_join_response.raise_for_status()
@@ -51,7 +70,7 @@ except httpx.HTTPStatusError as e:
 	print(f"HTTP error occurred: {e.response.status_code} - {e.response.text}")
 	exit(1)
 except json.JSONDecodeError:
-	print("Failed to decode JSON response.")
+	print("Failed to decode response.")
 	exit(1)
 except Exception as e:
 	print(f"An error occurred: {e}")
@@ -59,10 +78,20 @@ except Exception as e:
 
 
 join_event = make_join.get("event", {})
-if make_join.get("room_version") in ["1", "2"]:
+if make_join.get("room_version", "1") in ["1", "2"]:
 	# NOTE: if we always make it opaque than Synapse will 500 lmao
 	join_event["event_id"] = globals.make_event_id()
 
+elif make_join.get("room_version", "1") == "org.matrix.msc4014":
+	# dendrite dislikes this :p
+	join_event["sender_key"] = globals.pubkey()
+
+	join_event["content"]["mxid_mapping"] = globals.sign_json({
+		"sender_key": globals.pubkey(),
+		"user_id": f"@{username}:{config.server_name}"
+	})
+
+
 timestamp = input("\nTimestamp (leave blank for now):\n\t")
 try:
 	join_event["origin_server_ts"] = int(timestamp)
@@ -72,19 +101,10 @@ except ValueError:
 signed_join = globals.hash_and_sign_event(join_event)
 
 try:
-	send_join_auth = globals.make_auth_header(
-		unresolved_server_name,
-		"PUT",
-		f"/_matrix/federation/v2/send_join/{room_id}/%24doesntmatter?omit_members=true",
-		signed_join,
-	)
-
 	send_join_response = http_client.put(
-		f"https://{resolved_server_name}/_matrix/federation/v2/send_join/{room_id}/%24doesntmatter?omit_members=true",
+		path=f"/_matrix/federation/v2/send_join/{room_id}/%24doesntmatter?omit_members=true",
-		headers={
-			"Authorization": send_join_auth
-		},
 		json=signed_join,
+		destination=server_name,
 	)
 
 	send_join_response.raise_for_status()

vona/utils/makekey.py

@@ -1,25 +1,23 @@
-# Generates a key in the format compatible with Synapse and Vona.
-
 import base64
 import os
 
+# Generates a key in the format compatible with Synapse and Vona.
+
 
 def mkchar() -> str:
 	return os.urandom(4).hex()[:1]
 
 
-key = (
+def random(length):
-	base64.b64encode(os.urandom(32))
+	return (
-	.decode("utf-8")[:43]
+		base64.b64encode(os.urandom(length))
-	.replace("/", mkchar())
+		.decode("utf-8")[:length]
-	.replace("+", mkchar())
+		.replace("/", mkchar())
-)
+		.replace("+", mkchar())
+	)
 
-key_id = (
+
-	base64.b64encode(os.urandom(32))
+key = random(43)
-	.decode("utf-8")[:6]
+key_id = random(6)
-	.replace("/", mkchar())
-	.replace("+", mkchar())
-)
 
 print(f"ed25519 {key_id} {key}")

vona/utils/roomwithver.py

@@ -0,0 +1,21 @@
+import vona.globals as globals
+import vona.config as config
+import os
+
+versions = [str(i) for i in range(1, 10)]
+desired_ver = input("Desired room version:\n\t")
+
+if desired_ver not in versions:
+	os._exit(1)
+
+try:
+	while True:
+		room_id = os.urandom(8).hex()
+		room_ver = globals.room_version_from_id(room_id)
+
+		if room_ver == desired_ver:
+			print(f"!{room_id}:{config.server_name}")
+			break
+except:
+	print("")
+	pass