OIDC configuration (#4623)

* Login: more logs.

* Login: map Oidc error to provide more information in the error dialog.

* Oidc: use the application name.

* Oidc: move configuration from OidcConfigurationProvider to OidcConfig and add some comments.

* Oidc: limit to only 1 contact in the configuration.

* Oidc: Move configuration to BuildConfig file.

* Remove unused const.

* Add missing test on Exception mapping

* Remove contacts from OidcConfiguration.

https://github.com/matrix-org/matrix-rust-sdk/pull/4958
This commit is contained in:
Benoit Marty 2025-04-23 11:58:38 +02:00 committed by GitHub
parent 51a9a69ea0
commit 4486d5205c
12 changed files with 110 additions and 20 deletions

View file

@ -9,6 +9,7 @@ package io.element.android.libraries.matrix.impl.auth
import io.element.android.libraries.matrix.api.auth.AuthenticationException
import org.matrix.rustcomponents.sdk.ClientBuildException
import org.matrix.rustcomponents.sdk.OidcException
fun Throwable.mapAuthenticationException(): AuthenticationException {
val message = this.message ?: "Unknown error"
@ -24,6 +25,13 @@ fun Throwable.mapAuthenticationException(): AuthenticationException {
is ClientBuildException.WellKnownLookupFailed -> AuthenticationException.Generic(message)
is ClientBuildException.EventCache -> AuthenticationException.Generic(message)
}
is OidcException -> when (this) {
is OidcException.Generic -> AuthenticationException.Oidc(message)
is OidcException.CallbackUrlInvalid -> AuthenticationException.Oidc(message)
is OidcException.Cancelled -> AuthenticationException.Oidc(message)
is OidcException.MetadataInvalid -> AuthenticationException.Oidc(message)
is OidcException.NotSupported -> AuthenticationException.Oidc(message)
}
else -> AuthenticationException.Generic(message)
}
}

View file

@ -7,24 +7,22 @@
package io.element.android.libraries.matrix.impl.auth
import io.element.android.libraries.core.meta.BuildMeta
import io.element.android.libraries.matrix.api.auth.OidcConfig
import org.matrix.rustcomponents.sdk.OidcConfiguration
import javax.inject.Inject
class OidcConfigurationProvider @Inject constructor() {
class OidcConfigurationProvider @Inject constructor(
private val buildMeta: BuildMeta,
) {
fun get(): OidcConfiguration = OidcConfiguration(
clientName = "Element",
clientName = buildMeta.applicationName,
redirectUri = OidcConfig.REDIRECT_URI,
clientUri = "https://element.io",
logoUri = "https://element.io/mobile-icon.png",
tosUri = "https://element.io/acceptable-use-policy-terms",
policyUri = "https://element.io/privacy",
contacts = listOf(
"support@element.io",
),
// Some homeservers/auth issuers don't support dynamic client registration, and have to be registered manually
staticRegistrations = mapOf(
"https://id.thirdroom.io/realms/thirdroom" to "elementx",
),
clientUri = OidcConfig.CLIENT_URI,
logoUri = OidcConfig.LOGO_URI,
tosUri = OidcConfig.TOS_URI,
policyUri = OidcConfig.POLICY_URI,
contacts = null,
staticRegistrations = OidcConfig.STATIC_REGISTRATIONS,
)
}

View file

@ -137,6 +137,7 @@ class RustMatrixAuthenticationService @Inject constructor(
}.onFailure {
clear()
}.mapFailure { failure ->
Timber.e(failure, "Failed to set homeserver to $homeserver")
failure.mapAuthenticationException()
}
}
@ -162,6 +163,7 @@ class RustMatrixAuthenticationService @Inject constructor(
SessionId(sessionData.userId)
}.mapFailure { failure ->
Timber.e(failure, "Failed to login")
failure.mapAuthenticationException()
}
}
@ -197,6 +199,7 @@ class RustMatrixAuthenticationService @Inject constructor(
pendingOAuthAuthorizationData = oAuthAuthorizationData
OidcDetails(url)
}.mapFailure { failure ->
Timber.e(failure, "Failed to get OIDC URL")
failure.mapAuthenticationException()
}
}
@ -210,6 +213,7 @@ class RustMatrixAuthenticationService @Inject constructor(
}
pendingOAuthAuthorizationData = null
}.mapFailure { failure ->
Timber.e(failure, "Failed to cancel OIDC login")
failure.mapAuthenticationException()
}
}
@ -243,6 +247,7 @@ class RustMatrixAuthenticationService @Inject constructor(
SessionId(sessionData.userId)
}.mapFailure { failure ->
Timber.e(failure, "Failed to login with OIDC")
failure.mapAuthenticationException()
}
}