summaryrefslogtreecommitdiff
path: root/lib/matrix_app_service_web/auth_plug.ex
diff options
context:
space:
mode:
Diffstat (limited to 'lib/matrix_app_service_web/auth_plug.ex')
-rw-r--r--lib/matrix_app_service_web/auth_plug.ex45
1 files changed, 45 insertions, 0 deletions
diff --git a/lib/matrix_app_service_web/auth_plug.ex b/lib/matrix_app_service_web/auth_plug.ex
new file mode 100644
index 0000000..2d2ae23
--- /dev/null
+++ b/lib/matrix_app_service_web/auth_plug.ex
@@ -0,0 +1,45 @@
+defmodule MatrixAppServiceWeb.AuthPlug do
+ @moduledoc """
+ This Plug implements the Application Service authorization,
+ as described here:
+
+ https://matrix.org/docs/spec/application_service/r0.1.2#authorization
+ """
+
+ @behaviour Plug
+ import Plug.Conn
+ require Logger
+
+ @doc false
+ @impl Plug
+ def init(opts) do
+ opts
+ end
+
+ @doc false
+ @impl Plug
+ def call(%Plug.Conn{params: %{"access_token" => hs_token}} = conn, _opts) do
+ config_hs_token = Application.fetch_env!(:matrix_app_service, :homeserver_token)
+
+ with ^config_hs_token <- hs_token do
+ conn
+ else
+ _ ->
+ Logger.warn("Received invalid homeserver token")
+ respond_error(conn, 403)
+ end
+ end
+
+ def call(conn, _opts) do
+ Logger.warn("No homeserver token provided")
+ respond_error(conn, 401)
+ end
+
+ defp respond_error(conn, error_code) do
+ conn
+ |> put_status(error_code)
+ |> Phoenix.Controller.put_view(MatrixAppServiceWeb.ErrorView)
+ |> Phoenix.Controller.render("#{error_code}.json")
+ |> halt
+ end
+end
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-01 06:15:33 +0000