2022-06-15 20:03:12 +00:00
|
|
|
package server
|
|
|
|
|
|
|
|
import (
|
2022-06-16 00:36:49 +00:00
|
|
|
"bytes"
|
2022-06-15 20:03:12 +00:00
|
|
|
"encoding/json"
|
2022-06-16 00:36:49 +00:00
|
|
|
"fmt"
|
2023-11-17 01:54:58 +00:00
|
|
|
"heckel.io/ntfy/v2/util"
|
2022-06-15 20:03:12 +00:00
|
|
|
"io"
|
|
|
|
"net/http"
|
2022-06-16 00:36:49 +00:00
|
|
|
"strings"
|
2023-03-04 03:22:07 +00:00
|
|
|
"time"
|
2022-06-15 20:03:12 +00:00
|
|
|
)
|
|
|
|
|
2022-06-16 15:40:56 +00:00
|
|
|
// Matrix Push Gateway / UnifiedPush / ntfy integration:
|
|
|
|
//
|
|
|
|
// ntfy implements a Matrix Push Gateway (as defined in https://spec.matrix.org/v1.2/push-gateway-api/),
|
|
|
|
// in combination with UnifiedPush as the Provider Push Protocol (as defined in https://unifiedpush.org/developers/gateway/).
|
|
|
|
//
|
|
|
|
// In the picture below, ntfy is the Push Gateway (mostly in this file), as well as the Push Provider (ntfy's
|
|
|
|
// main functionality). UnifiedPush is the Provider Push Protocol, as implemented by the ntfy server and the
|
|
|
|
// ntfy Android app.
|
|
|
|
//
|
|
|
|
// +--------------------+ +-------------------+
|
|
|
|
// Matrix HTTP | | | |
|
|
|
|
// Notification Protocol | App Developer | | Device Vendor |
|
|
|
|
// | | | |
|
|
|
|
// +-------------------+ | +----------------+ | | +---------------+ |
|
|
|
|
// | | | | | | | | | |
|
|
|
|
// | Matrix homeserver +-----> Push Gateway +------> Push Provider | |
|
|
|
|
// | | | | | | | | | |
|
|
|
|
// +-^-----------------+ | +----------------+ | | +----+----------+ |
|
|
|
|
// | | | | | |
|
|
|
|
// Matrix | | | | | |
|
|
|
|
// Client/Server API + | | | | |
|
|
|
|
// | | +--------------------+ +-------------------+
|
|
|
|
// | +--+-+ |
|
|
|
|
// | | <-------------------------------------------+
|
|
|
|
// +---+ |
|
|
|
|
// | | Provider Push Protocol
|
|
|
|
// +----+
|
|
|
|
//
|
|
|
|
// Mobile Device or Client
|
|
|
|
//
|
2022-06-15 20:03:12 +00:00
|
|
|
|
2022-06-16 00:51:42 +00:00
|
|
|
// matrixRequest represents a Matrix message, as it is sent to a Push Gateway (as per
|
|
|
|
// this spec: https://spec.matrix.org/v1.2/push-gateway-api/).
|
|
|
|
//
|
|
|
|
// From the message, we only require the "pushkey", as it represents our target topic URL.
|
|
|
|
// A message may look like this (excerpt):
|
2022-06-16 15:40:56 +00:00
|
|
|
//
|
2022-09-27 16:37:02 +00:00
|
|
|
// {
|
|
|
|
// "notification": {
|
|
|
|
// "devices": [
|
|
|
|
// {
|
|
|
|
// "pushkey": "https://ntfy.sh/upDAHJKFFDFD?up=1",
|
|
|
|
// ...
|
|
|
|
// }
|
|
|
|
// ]
|
|
|
|
// }
|
|
|
|
// }
|
2022-06-16 00:51:42 +00:00
|
|
|
type matrixRequest struct {
|
|
|
|
Notification *struct {
|
|
|
|
Devices []*struct {
|
|
|
|
PushKey string `json:"pushkey"`
|
|
|
|
} `json:"devices"`
|
|
|
|
} `json:"notification"`
|
2022-06-15 20:03:12 +00:00
|
|
|
}
|
|
|
|
|
2022-06-16 15:40:56 +00:00
|
|
|
// matrixResponse represents the response to a Matrix push gateway message, as defined
|
|
|
|
// in the spec (https://spec.matrix.org/v1.2/push-gateway-api/).
|
2022-06-15 20:03:12 +00:00
|
|
|
type matrixResponse struct {
|
|
|
|
Rejected []string `json:"rejected"`
|
|
|
|
}
|
|
|
|
|
2023-03-04 03:22:07 +00:00
|
|
|
const (
|
|
|
|
// matrixRejectPushKeyForUnifiedPushTopicWithoutRateVisitorAfter is the time after which a Matrix response
|
|
|
|
// will return an HTTP 200 with the push key (i.e. "rejected":["<pushkey>"]}), if no rate visitor has been set on
|
|
|
|
// the topic. Rejecting the push key will instruct the Matrix server to invalidate the pushkey and stop sending
|
2023-03-04 14:32:29 +00:00
|
|
|
// messages to it. This must be longer than topicExpungeAfter. See https://spec.matrix.org/v1.6/push-gateway-api/
|
2023-03-04 03:22:07 +00:00
|
|
|
matrixRejectPushKeyForUnifiedPushTopicWithoutRateVisitorAfter = 12 * time.Hour
|
|
|
|
)
|
|
|
|
|
2023-02-25 20:12:03 +00:00
|
|
|
// errMatrixPushkeyRejected represents an error when handing Matrix gateway messages
|
2023-02-25 03:07:18 +00:00
|
|
|
//
|
2023-02-25 20:12:03 +00:00
|
|
|
// If the push key is set, the app server will remove it and will never send messages using the same
|
2023-02-25 03:07:18 +00:00
|
|
|
// push key again, until the user repairs it.
|
2023-02-25 20:12:03 +00:00
|
|
|
type errMatrixPushkeyRejected struct {
|
|
|
|
rejectedPushKey string
|
|
|
|
configuredBaseURL string
|
2022-06-16 00:36:49 +00:00
|
|
|
}
|
|
|
|
|
2023-02-25 20:12:03 +00:00
|
|
|
func (e errMatrixPushkeyRejected) Error() string {
|
|
|
|
return fmt.Sprintf("push key must be prefixed with base URL, received push key: %s, configured base URL: %s", e.rejectedPushKey, e.configuredBaseURL)
|
2022-06-16 00:36:49 +00:00
|
|
|
}
|
|
|
|
|
2022-06-16 00:51:42 +00:00
|
|
|
// newRequestFromMatrixJSON reads the request body as a Matrix JSON message, parses the "pushkey", and creates a new
|
|
|
|
// HTTP request that looks like a normal ntfy request from it.
|
|
|
|
//
|
|
|
|
// It basically converts a Matrix push gatewqy request:
|
|
|
|
//
|
2022-09-27 16:37:02 +00:00
|
|
|
// POST /_matrix/push/v1/notify HTTP/1.1
|
|
|
|
// { "notification": { "devices": [ { "pushkey": "https://ntfy.sh/upDAHJKFFDFD?up=1", ... } ] } }
|
2022-06-16 00:51:42 +00:00
|
|
|
//
|
|
|
|
// to a ntfy request, looking like this:
|
|
|
|
//
|
2022-09-27 16:37:02 +00:00
|
|
|
// POST /upDAHJKFFDFD?up=1 HTTP/1.1
|
|
|
|
// { "notification": { "devices": [ { "pushkey": "https://ntfy.sh/upDAHJKFFDFD?up=1", ... } ] } }
|
2022-06-16 00:36:49 +00:00
|
|
|
func newRequestFromMatrixJSON(r *http.Request, baseURL string, messageLimit int) (*http.Request, error) {
|
|
|
|
if baseURL == "" {
|
|
|
|
return nil, errHTTPInternalErrorMissingBaseURL
|
|
|
|
}
|
|
|
|
body, err := util.Peek(r.Body, messageLimit)
|
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
defer r.Body.Close()
|
2022-06-16 16:37:02 +00:00
|
|
|
if body.LimitReached {
|
2022-12-29 14:57:42 +00:00
|
|
|
return nil, errHTTPEntityTooLargeMatrixRequest
|
2022-06-16 16:37:02 +00:00
|
|
|
}
|
2022-06-16 00:51:42 +00:00
|
|
|
var m matrixRequest
|
2022-06-16 16:37:02 +00:00
|
|
|
if err := json.Unmarshal(body.PeekedBytes, &m); err != nil {
|
2022-06-16 00:36:49 +00:00
|
|
|
return nil, errHTTPBadRequestMatrixMessageInvalid
|
|
|
|
} else if m.Notification == nil || len(m.Notification.Devices) == 0 || m.Notification.Devices[0].PushKey == "" {
|
|
|
|
return nil, errHTTPBadRequestMatrixMessageInvalid
|
|
|
|
}
|
2022-06-16 15:40:56 +00:00
|
|
|
pushKey := m.Notification.Devices[0].PushKey // We ignore other devices for now, see discussion in #316
|
2022-06-16 00:36:49 +00:00
|
|
|
if !strings.HasPrefix(pushKey, baseURL+"/") {
|
2023-02-25 20:12:03 +00:00
|
|
|
return nil, &errMatrixPushkeyRejected{rejectedPushKey: pushKey, configuredBaseURL: baseURL}
|
2022-06-16 00:36:49 +00:00
|
|
|
}
|
|
|
|
newRequest, err := http.NewRequest(http.MethodPost, pushKey, io.NopCloser(bytes.NewReader(body.PeekedBytes)))
|
|
|
|
if err != nil {
|
2023-02-25 20:12:03 +00:00
|
|
|
return nil, err
|
2022-06-16 00:36:49 +00:00
|
|
|
}
|
2022-06-16 16:48:43 +00:00
|
|
|
newRequest.RemoteAddr = r.RemoteAddr // Not strictly necessary, since visitor was already extracted
|
|
|
|
if r.Header.Get("X-Forwarded-For") != "" {
|
|
|
|
newRequest.Header.Set("X-Forwarded-For", r.Header.Get("X-Forwarded-For"))
|
|
|
|
}
|
2023-03-04 03:22:07 +00:00
|
|
|
newRequest = withContext(newRequest, map[contextKey]any{
|
|
|
|
contextMatrixPushKey: pushKey,
|
|
|
|
})
|
2022-06-16 00:36:49 +00:00
|
|
|
return newRequest, nil
|
|
|
|
}
|
|
|
|
|
2022-06-16 15:40:56 +00:00
|
|
|
// writeMatrixDiscoveryResponse writes the UnifiedPush Matrix Gateway Discovery response to the given http.ResponseWriter,
|
|
|
|
// as per the spec (https://unifiedpush.org/developers/gateway/).
|
|
|
|
func writeMatrixDiscoveryResponse(w http.ResponseWriter) error {
|
2022-06-15 20:03:12 +00:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
|
|
|
_, err := io.WriteString(w, `{"unifiedpush":{"gateway":"matrix"}}`+"\n")
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2022-06-16 15:40:56 +00:00
|
|
|
// writeMatrixSuccess writes a successful matrixResponse (no rejected push key) to the given http.ResponseWriter
|
2022-06-15 20:03:12 +00:00
|
|
|
func writeMatrixSuccess(w http.ResponseWriter) error {
|
2022-06-16 00:36:49 +00:00
|
|
|
return writeMatrixResponse(w, "")
|
|
|
|
}
|
|
|
|
|
2022-06-16 15:40:56 +00:00
|
|
|
// writeMatrixResponse writes a matrixResponse to the given http.ResponseWriter, as defined in
|
|
|
|
// the spec (https://spec.matrix.org/v1.2/push-gateway-api/)
|
2022-06-16 00:36:49 +00:00
|
|
|
func writeMatrixResponse(w http.ResponseWriter, rejectedPushKey string) error {
|
|
|
|
rejected := make([]string, 0)
|
|
|
|
if rejectedPushKey != "" {
|
|
|
|
rejected = append(rejected, rejectedPushKey)
|
|
|
|
}
|
2022-06-15 20:03:12 +00:00
|
|
|
response := &matrixResponse{
|
2022-06-16 00:36:49 +00:00
|
|
|
Rejected: rejected,
|
2022-06-15 20:03:12 +00:00
|
|
|
}
|
2022-06-16 00:36:49 +00:00
|
|
|
w.Header().Set("Content-Type", "application/json")
|
2022-06-15 20:03:12 +00:00
|
|
|
if err := json.NewEncoder(w).Encode(response); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|