diff options
Diffstat (limited to 'lib/matrix_app_service_web/auth_plug.ex')
-rw-r--r-- | lib/matrix_app_service_web/auth_plug.ex | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/lib/matrix_app_service_web/auth_plug.ex b/lib/matrix_app_service_web/auth_plug.ex new file mode 100644 index 0000000..2d2ae23 --- /dev/null +++ b/lib/matrix_app_service_web/auth_plug.ex @@ -0,0 +1,45 @@ +defmodule MatrixAppServiceWeb.AuthPlug do + @moduledoc """ + This Plug implements the Application Service authorization, + as described here: + + https://matrix.org/docs/spec/application_service/r0.1.2#authorization + """ + + @behaviour Plug + import Plug.Conn + require Logger + + @doc false + @impl Plug + def init(opts) do + opts + end + + @doc false + @impl Plug + def call(%Plug.Conn{params: %{"access_token" => hs_token}} = conn, _opts) do + config_hs_token = Application.fetch_env!(:matrix_app_service, :homeserver_token) + + with ^config_hs_token <- hs_token do + conn + else + _ -> + Logger.warn("Received invalid homeserver token") + respond_error(conn, 403) + end + end + + def call(conn, _opts) do + Logger.warn("No homeserver token provided") + respond_error(conn, 401) + end + + defp respond_error(conn, error_code) do + conn + |> put_status(error_code) + |> Phoenix.Controller.put_view(MatrixAppServiceWeb.ErrorView) + |> Phoenix.Controller.render("#{error_code}.json") + |> halt + end +end |