Reject attempts to send event before privacy consent is given

Returns an M_CONSENT_NOT_GIVEN error (cf https://github.com/matrix-org/matrix-doc/issues/1252) if consent is not yet given.
author: Richard van der Hoff <richard@matrix.org> 2018-05-22 08:56:52 +0100
committer: Richard van der Hoff <richard@matrix.org> 2018-05-22 12:00:47 +0100
commit: a5e2941aad9acdd5033709807bb6ddd40e4435eb (patch)
tree: 7cce87b9e5550e8d041030a518060e0f2f212614 /synapse/api/urls.py
parent: Merge pull request #3236 from matrix-org/rav/consent_notice (diff)
download: synapse-a5e2941aad9acdd5033709807bb6ddd40e4435eb.tar.xz
1 files changed, 50 insertions, 0 deletions
diff --git a/synapse/api/urls.py b/synapse/api/urls.py
index 91a33a3402..bb46b5da8a 100644
--- a/synapse/api/urls.py
+++ b/synapse/api/urls.py
@@ -1,5 +1,6 @@
 # -*- coding: utf-8 -*-
 # Copyright 2014-2016 OpenMarket Ltd
+# Copyright 2018 New Vector Ltd.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -14,6 +15,12 @@
 # limitations under the License.
 
 """Contains the URL paths to prefix various aspects of the server with. """
+from hashlib import sha256
+import hmac
+
+from six.moves.urllib.parse import urlencode
+
+from synapse.config import ConfigError
 
 CLIENT_PREFIX = "/_matrix/client/api/v1"
 CLIENT_V2_ALPHA_PREFIX = "/_matrix/client/v2_alpha"
@@ -25,3 +32,46 @@ SERVER_KEY_PREFIX = "/_matrix/key/v1"
 SERVER_KEY_V2_PREFIX = "/_matrix/key/v2"
 MEDIA_PREFIX = "/_matrix/media/r0"
 LEGACY_MEDIA_PREFIX = "/_matrix/media/v1"
+
+
+class ConsentURIBuilder(object):
+    def __init__(self, hs_config):
+        """
+        Args:
+            hs_config (synapse.config.homeserver.HomeServerConfig):
+        """
+        if hs_config.form_secret is None:
+            raise ConfigError(
+                "form_secret not set in config",
+            )
+        if hs_config.public_baseurl is None:
+            raise ConfigError(
+                "public_baseurl not set in config",
+            )
+
+        self._hmac_secret = hs_config.form_secret.encode("utf-8")
+        self._public_baseurl = hs_config.public_baseurl
+
+    def build_user_consent_uri(self, user_id):
+        """Build a URI which we can give to the user to do their privacy
+        policy consent
+
+        Args:
+            user_id (str): mxid or username of user
+
+        Returns
+            (str) the URI where the user can do consent
+        """
+        mac = hmac.new(
+            key=self._hmac_secret,
+            msg=user_id,
+            digestmod=sha256,
+        ).hexdigest()
+        consent_uri = "%s_matrix/consent?%s" % (
+            self._public_baseurl,
+            urlencode({
+                "u": user_id,
+                "h": mac
+            }),
+        )
+        return consent_uri
author	Richard van der Hoff <richard@matrix.org>	2018-05-22 08:56:52 +0100
committer	Richard van der Hoff <richard@matrix.org>	2018-05-22 12:00:47 +0100
commit	a5e2941aad9acdd5033709807bb6ddd40e4435eb (patch)
tree	7cce87b9e5550e8d041030a518060e0f2f212614 /synapse/api/urls.py
parent	Merge pull request #3236 from matrix-org/rav/consent_notice (diff)
download	synapse-a5e2941aad9acdd5033709807bb6ddd40e4435eb.tar.xz