Files
gogobee/internal/bot/client.go
prosolis 48330be3d5 Migrate Matrix auth to appservice (MAS-durable)
Replace password login + password-UIA cross-signing with appservice
as_token auth and MSC4190 device creation, so the bot survives the
Matrix Authentication Service (MAS) migration that removes m.login.password
and UIA.

- internal/bot/client.go: NewClient uses AS_TOKEN, SetAppServiceUserID,
  whoami validation, cryptohelper MSC4190 device create; drop device.json
  (crypto store persists device id); cross-signing best-effort/soft-fail.
- main.go: Config.Password -> ASToken (reads AS_TOKEN).
- internal/util/auth.go: deleted (password login dead in a MAS world).
- Bump mautrix-go v0.28.0 -> v0.28.1.
- registration.yaml.example + README/.env.example: appservice setup docs.
2026-07-03 15:12:47 -07:00

148 lines
5.8 KiB
Go

package bot
import (
"context"
"fmt"
"log/slog"
"os"
"path/filepath"
"maunium.net/go/mautrix"
"maunium.net/go/mautrix/crypto/cryptohelper"
"maunium.net/go/mautrix/id"
)
// Config holds the bot's startup configuration.
type Config struct {
Homeserver string
UserID string // Bot's full Matrix user ID, e.g. @gogobee:example.com
ASToken string // Appservice as_token from registration.yaml
DataDir string
DisplayName string
}
// NewClient creates and configures a mautrix client authenticated as an
// application service, with E2EE via the cryptohelper.
//
// Why appservice instead of password login:
//
// Under Matrix Authentication Service (MAS), the legacy password login
// (m.login.password) and User-Interactive Auth (UIA) flows are being removed —
// auth moves to OAuth2/OIDC. A bot built on password login + password-UIA
// cross-signing (the old code) breaks in a MAS world: short-lived tokens with
// no refresh, and UIA-gated key uploads that simply fail.
//
// The appservice model sidesteps MAS entirely. The as_token is a Synapse-level
// trust relationship declared in registration.yaml — Synapse validates it
// directly, not via MAS — so it never expires and needs no login flow. Device
// creation uses MSC4190 (PUT /devices), which replaces the UIA-gated device
// dance for appservice users. This is the MAS-durable path.
//
// The cryptohelper still handles everything E2EE:
// - Persistent crypto store in SQLite (device keys, sessions, cross-signing)
// - Megolm session sharing / key exchange, Olm device-to-device sessions
// - The bot trusts all users' devices by default (appropriate for a bot)
// - No interactive emoji/SAS verification needed
func NewClient(cfg Config) (*mautrix.Client, error) {
if err := os.MkdirAll(cfg.DataDir, 0o755); err != nil {
return nil, fmt.Errorf("create data dir: %w", err)
}
if cfg.ASToken == "" {
return nil, fmt.Errorf("AS_TOKEN is required (appservice registration as_token)")
}
if cfg.UserID == "" {
return nil, fmt.Errorf("BOT_USER_ID is required")
}
ctx := context.Background()
userID := id.UserID(cfg.UserID)
// The as_token IS the access token. No login flow, no refresh — Synapse
// trusts it for any user in the registration's namespace.
client, err := mautrix.NewClient(cfg.Homeserver, userID, cfg.ASToken)
if err != nil {
return nil, fmt.Errorf("create client: %w", err)
}
// Assert our own user ID on every request (appservice identity assertion,
// ?user_id=). Required so Synapse knows which namespaced user we're acting
// as — including on /sync and the MSC4190 device creation below.
client.SetAppServiceUserID = true
// Validate the token + homeserver reachability up front with a clear error.
whoami, err := client.Whoami(ctx)
if err != nil {
return nil, fmt.Errorf("appservice token validation failed (whoami): %w", err)
}
if whoami.UserID != userID {
return nil, fmt.Errorf("appservice identity mismatch: token resolves to %s but BOT_USER_ID is %s", whoami.UserID, userID)
}
slog.Info("appservice token valid", "user_id", whoami.UserID)
// Set up E2EE. The cryptohelper persists all crypto state in its own SQLite
// DB (device keys, olm/megolm sessions, cross-signing keys, device trust),
// separate from the main app database. The device ID is persisted there too,
// so restarts reuse the same device — no device.json needed.
cryptoDBPath := filepath.Join(cfg.DataDir, "crypto.db")
ch, err := cryptohelper.NewCryptoHelper(client, []byte("gogobee_pickle_key"), cryptoDBPath)
if err != nil {
return nil, fmt.Errorf("init crypto helper: %w", err)
}
// MSC4190: create/refresh the bot's device via PUT /devices instead of the
// UIA-gated login dance. On first run the crypto store has no device ID, so
// a fresh one is generated and persisted; on restart the stored ID is
// reused (the PUT is idempotent). LoginAs carries only the display name —
// in MSC4190 mode the cryptohelper never calls /login.
ch.MSC4190 = true
ch.LoginAs = &mautrix.ReqLogin{
InitialDeviceDisplayName: cfg.DisplayName,
}
if err := ch.Init(ctx); err != nil {
return nil, fmt.Errorf("crypto helper init (MSC4190 device create): %w", err)
}
client.Crypto = ch
// Best-effort cross-signing bootstrap. This makes the bot's device show as
// "verified" to users who have verified the bot's master key. It is NOT
// required for E2EE to function — the bot already trusts all devices and
// shares keys — so any failure is logged and ignored.
//
// Under MSC3202 (appservice device assertion) Synapse may accept the key
// upload without UIA, in which case the callback below is never invoked. If
// the homeserver still demands UIA, we have no password credential to
// satisfy it (that's the whole point of going MAS-native), so it fails soft.
mach := ch.Machine()
recoveryKey, _, err := mach.GenerateAndUploadCrossSigningKeys(ctx, func(ui *mautrix.RespUserInteractive) interface{} {
slog.Warn("cross-signing: homeserver requested UIA, but appservice auth has no password credential to satisfy it — skipping verified-shield bootstrap")
return map[string]interface{}{"session": ui.Session}
}, "")
if err != nil {
slog.Warn("cross-signing: key upload skipped (may already exist or UIA required)", "err", err)
} else {
slog.Info("cross-signing: keys uploaded", "recovery_key", recoveryKey)
}
if err := mach.SignOwnDevice(ctx, mach.OwnIdentity()); err != nil {
slog.Warn("cross-signing: sign own device failed", "err", err)
} else {
slog.Info("cross-signing: own device signed")
}
if err := mach.SignOwnMasterKey(ctx); err != nil {
slog.Warn("cross-signing: sign master key failed", "err", err)
} else {
slog.Info("cross-signing: master key signed")
}
slog.Info("E2EE initialized",
"user_id", client.UserID,
"device_id", client.DeviceID,
"crypto_store", "sqlite-persistent",
"auth", "appservice+msc4190",
)
return client, nil
}