1 | #pragma once |
2 | |
3 | /// @file |
4 | /// @brief Header with types for user interactive authentication |
5 | |
6 | #include <string> |
7 | #include <string_view> |
8 | #include <unordered_map> |
9 | #include <variant> |
10 | #include <vector> |
11 | |
12 | #if __has_include(<nlohmann/json_fwd.hpp>) |
13 | #include <nlohmann/json_fwd.hpp> |
14 | #else |
15 | #include <nlohmann/json.hpp> |
16 | #endif |
17 | |
18 | namespace mtx { |
19 | //! Types and definitions for user interactive authentication. |
20 | namespace user_interactive { |
21 | //! The type of the different auth types. |
22 | using AuthType = std::string; |
23 | //! The different auth types. |
24 | namespace auth_types { |
25 | //! Password based authentication. |
26 | inline constexpr std::string_view password = "m.login.password" ; |
27 | //! Authentication using a ReCaptcha. |
28 | inline constexpr std::string_view recaptcha = "m.login.recaptcha" ; |
29 | //! Authentication using oauth2. |
30 | inline constexpr std::string_view oauth2 = "m.login.oauth2" ; |
31 | //! Authentication via email. |
32 | inline constexpr std::string_view email_identity = "m.login.email.identity" ; |
33 | //! Authentication using SMS? |
34 | inline constexpr std::string_view msisdn = "m.login.msisdn" ; |
35 | //! Token based auth. |
36 | inline constexpr std::string_view token = "m.login.token" ; |
37 | //! Single Sign On. |
38 | inline constexpr std::string_view sso = "m.login.sso" ; // needed for /login at least |
39 | //! Placeholder used in alternative auth flows. |
40 | inline constexpr std::string_view dummy = "m.login.dummy" ; |
41 | //! Authentication by accepting a set of terms like a privacy policy. |
42 | inline constexpr std::string_view terms = "m.login.terms" ; // see MSC1692 |
43 | //! Authentication using a registration token. See MSC3231. |
44 | inline constexpr std::string_view registration_token = "m.login.registration_token" ; |
45 | } |
46 | |
47 | //! A list of auth types |
48 | using Stages = std::vector<AuthType>; |
49 | //! A flow composed of a list of stages |
50 | struct Flow |
51 | { |
52 | //! The stages to complete. |
53 | Stages stages; |
54 | |
55 | friend void from_json(const nlohmann::json &obj, Flow &flow); |
56 | }; |
57 | |
58 | //! Parameters for oauth2. |
59 | struct OAuth2Params |
60 | { |
61 | //! The oauth uri |
62 | std::string uri; |
63 | |
64 | friend void from_json(const nlohmann::json &obj, OAuth2Params ¶ms); |
65 | }; |
66 | |
67 | //! The desciption of one policy in the terms and conditions. |
68 | struct PolicyDescription |
69 | { |
70 | std::string name; //!< language specific name |
71 | std::string url; //!< language specific link |
72 | |
73 | friend void from_json(const nlohmann::json &obj, PolicyDescription &desc); |
74 | }; |
75 | |
76 | //! A policy in the terms and conditions. |
77 | struct Policy |
78 | { |
79 | //! Version of this policy |
80 | std::string version; |
81 | /// @brief 2 letter language code to policy name and link, fallback to "en" |
82 | /// recommended, when language not available. |
83 | std::unordered_map<std::string, PolicyDescription> langToPolicy; |
84 | |
85 | friend void from_json(const nlohmann::json &obj, Policy &policy); |
86 | }; |
87 | |
88 | //! Parameters for the auth stage requiring you to accept terms and conditions. |
89 | struct TermsParams |
90 | { |
91 | //! The different policies by name. |
92 | std::unordered_map<std::string, Policy> policies; |
93 | |
94 | friend void from_json(const nlohmann::json &obj, TermsParams ¶ms); |
95 | }; |
96 | |
97 | //! All the different parameters. |
98 | using Params = std::variant<OAuth2Params, TermsParams, std::string>; |
99 | |
100 | //! The struct returned on requests failing with 401. |
101 | struct Unauthorized |
102 | { |
103 | // completed stages |
104 | Stages completed; |
105 | |
106 | // session key to provide to further auth stages |
107 | std::string session; |
108 | |
109 | // list of flows, which can be used to complete the UI auth |
110 | std::vector<Flow> flows; |
111 | |
112 | // AuthType may be an undocumented string, not defined in auth_types |
113 | std::unordered_map<AuthType, Params> params; |
114 | |
115 | friend void from_json(const nlohmann::json &obj, Unauthorized &unauthorized); |
116 | }; |
117 | |
118 | //! namespace for the request types in the different auth stages. |
119 | namespace auth { |
120 | //! Password stage |
121 | struct Password |
122 | { |
123 | //! The password set by the user. |
124 | std::string password; |
125 | |
126 | //! Types of identifiers. |
127 | enum IdType |
128 | { |
129 | UserId, //!< Use the identifier_user |
130 | ThirdPartyId //!< use identifier_medium and identifier_address |
131 | }; |
132 | //! If a user or third party identifier is used. |
133 | IdType identifier_type; |
134 | |
135 | //! for user |
136 | std::string identifier_user; |
137 | |
138 | //! for third party |
139 | std::string identifier_medium; |
140 | std::string identifier_address; |
141 | }; |
142 | |
143 | //! ReCaptcha stage. |
144 | struct ReCaptcha |
145 | { |
146 | //! The recaptcha response |
147 | std::string response; |
148 | }; |
149 | |
150 | //! Token stage. |
151 | struct Token |
152 | { |
153 | //! the obtained token |
154 | std::string token; |
155 | //! Client generated nonce |
156 | std::string txn_id; |
157 | }; |
158 | |
159 | //! Third party identifier for Email or MSISDN stages |
160 | struct ThreePIDCred |
161 | { |
162 | //! identity server session id |
163 | std::string sid; |
164 | //! identity server client secret |
165 | std::string client_secret; |
166 | //! url of identity server authed with, e.g. 'matrix.org:8090' |
167 | std::string id_server; |
168 | //! access token previously registered with the identity server |
169 | std::string id_access_token; |
170 | }; |
171 | |
172 | //! Email authentication stage. |
173 | struct EmailIdentity |
174 | { |
175 | //! The 3rd party id |
176 | //! See https://github.com/matrix-org/matrix-doc/pull/3471 for context. |
177 | ThreePIDCred threepidCred; |
178 | }; |
179 | |
180 | //! SMS authentication stage. |
181 | struct MSISDN |
182 | { |
183 | //! The 3rd party id |
184 | //! See https://github.com/matrix-org/matrix-doc/pull/3471 for context. |
185 | ThreePIDCred threepidCred; |
186 | }; |
187 | |
188 | //! Registration token authentication stage. |
189 | struct RegistrationToken |
190 | { |
191 | //! The registration token to use |
192 | std::string token; |
193 | }; |
194 | |
195 | //! OAuth2, client retries with the session only, so I'm guessing this is empty? |
196 | struct OAuth2 |
197 | {}; |
198 | //! Empty struct, when parameters are accepted. |
199 | struct Terms |
200 | {}; |
201 | //! Empty struct to complete SSO. |
202 | struct SSO |
203 | {}; |
204 | //! Empty struct to complete dummy auth. |
205 | struct Dummy |
206 | {}; |
207 | //! Fallback auth. |
208 | struct Fallback |
209 | {}; |
210 | } |
211 | |
212 | //! The auth request to complete a stage. |
213 | struct Auth |
214 | { |
215 | //! the session id |
216 | std::string session; |
217 | |
218 | //! the content, depends on type |
219 | std::variant<auth::Password, |
220 | auth::ReCaptcha, |
221 | auth::Token, |
222 | auth::EmailIdentity, |
223 | auth::MSISDN, |
224 | auth::OAuth2, |
225 | auth::Terms, |
226 | auth::SSO, |
227 | auth::Dummy, |
228 | auth::RegistrationToken, |
229 | auth::Fallback> |
230 | content; |
231 | }; |
232 | void |
233 | to_json(nlohmann::json &obj, const Auth &auth); |
234 | } |
235 | } |
236 | |