skylord123/node-red-contrib-matrix-chat
1
0
Fork 0
mirror of https://github.com/Skylar-Tech/node-red-contrib-matrix-chat.git synced 2026-05-23 07:33:37 -06:00
Code Issues Releases Wiki Activity

Compare commits

base: skylord123/node-red-contrib-matrix-chat:474ba6ea5912797fa64da1c7adc55a50931c4636
Branches Tags
skylord123/node-red-contrib-matrix-chat:master skylord123/node-red-contrib-matrix-chat:dev skylord123/node-red-contrib-matrix-chat:e2ee-wip skylord123/node-red-contrib-matrix-chat:upgrade skylord123/node-red-contrib-matrix-chat:new-nodes skylord123/node-red-contrib-matrix-chat:51-device_id-fix skylord123/node-red-contrib-matrix-chat:e2ee-key-sharing skylord123/node-red-contrib-matrix-chat:12-failed-logins-crash
skylord123/node-red-contrib-matrix-chat:v1.0.0-beta.1 skylord123/node-red-contrib-matrix-chat:v0.9.2 skylord123/node-red-contrib-matrix-chat:v0.9.1 skylord123/node-red-contrib-matrix-chat:v0.9.0 skylord123/node-red-contrib-matrix-chat:v0.8.0 skylord123/node-red-contrib-matrix-chat:0.7.1 skylord123/node-red-contrib-matrix-chat:0.7.0 skylord123/node-red-contrib-matrix-chat:0.6.1 skylord123/node-red-contrib-matrix-chat:0.5.8 skylord123/node-red-contrib-matrix-chat:0.4.6 skylord123/node-red-contrib-matrix-chat:0.4.1 skylord123/node-red-contrib-matrix-chat:0.4.0 skylord123/node-red-contrib-matrix-chat:0.3.0 skylord123/node-red-contrib-matrix-chat:0.2.7 skylord123/node-red-contrib-matrix-chat:0.2.6 skylord123/node-red-contrib-matrix-chat:0.2.4 skylord123/node-red-contrib-matrix-chat:0.2.1 skylord123/node-red-contrib-matrix-chat:0.2.0 skylord123/node-red-contrib-matrix-chat:0.1.8 skylord123/node-red-contrib-matrix-chat:0.1.7
..
compare: skylord123/node-red-contrib-matrix-chat:dev
Branches Tags
skylord123/node-red-contrib-matrix-chat:dev skylord123/node-red-contrib-matrix-chat:master skylord123/node-red-contrib-matrix-chat:e2ee-wip skylord123/node-red-contrib-matrix-chat:upgrade skylord123/node-red-contrib-matrix-chat:new-nodes skylord123/node-red-contrib-matrix-chat:51-device_id-fix skylord123/node-red-contrib-matrix-chat:e2ee-key-sharing skylord123/node-red-contrib-matrix-chat:12-failed-logins-crash
skylord123/node-red-contrib-matrix-chat:v1.0.0-beta.1 skylord123/node-red-contrib-matrix-chat:v0.9.2 skylord123/node-red-contrib-matrix-chat:v0.9.1 skylord123/node-red-contrib-matrix-chat:v0.9.0 skylord123/node-red-contrib-matrix-chat:v0.8.0 skylord123/node-red-contrib-matrix-chat:0.7.1 skylord123/node-red-contrib-matrix-chat:0.7.0 skylord123/node-red-contrib-matrix-chat:0.6.1 skylord123/node-red-contrib-matrix-chat:0.5.8 skylord123/node-red-contrib-matrix-chat:0.4.6 skylord123/node-red-contrib-matrix-chat:0.4.1 skylord123/node-red-contrib-matrix-chat:0.4.0 skylord123/node-red-contrib-matrix-chat:0.3.0 skylord123/node-red-contrib-matrix-chat:0.2.7 skylord123/node-red-contrib-matrix-chat:0.2.6 skylord123/node-red-contrib-matrix-chat:0.2.4 skylord123/node-red-contrib-matrix-chat:0.2.1 skylord123/node-red-contrib-matrix-chat:0.2.0 skylord123/node-red-contrib-matrix-chat:0.1.8 skylord123/node-red-contrib-matrix-chat:0.1.7

37 Commits
474ba6ea59 .. dev

Author SHA1 Message Date
skylord123 9dc4362819 Add native Markdown format option to the Send Message node 2026-05-22 22:36:11 -06:00
skylord123 1801b49fae Set filename on the matrix-upload-file content payload 2026-05-22 19:24:19 -06:00
skylord123 72cc9cfb3b Fix repository URL casing so npm provenance validates 2026-05-22 16:39:30 -06:00
skylord123 b8652a3a9a Merge remote-tracking branch 'origin/master' into dev 2026-05-22 16:35:18 -06:00
skylord123 0362fe81e8 Merge pull request #143 from Skylar-Tech/add-publish-workflow 
Add npm publish workflow
 2026-05-22 16:34:57 -06:00
skylord123 9ccbe4526f Add GitHub Actions workflow to publish to npm on release 2026-05-22 16:32:09 -06:00
skylord123 0c48db92a0 Publish the released commit so pre-releases can be cut from any branch 2026-05-22 16:31:15 -06:00
skylord123 3f69614ed0 Publish pre-release versions under their own npm dist-tag 2026-05-22 16:24:46 -06:00
skylord123 e3a23df6d6 Switch publish workflow to npm Trusted Publishing (OIDC) 2026-05-22 16:10:08 -06:00
skylord123 3e34dc5961 Add GitHub Actions workflow to publish to npm on release 2026-05-22 16:04:03 -06:00
skylord123 7af8891d5b Update E2EE notes: two ways to verify devices, recommend saving the recovery key 2026-05-22 15:56:12 -06:00
skylord123 939fe42b40 Set version to 1.0.0 2026-05-22 15:44:01 -06:00
skylord123 67920840e1 Add session manager and verification list to the server config editor 
Adds two interactive admin tools to the matrix-server-config node so
device verification and session management can be done from the editor
without building a flow. Both open as modal dialogs and are backed by
new flows.write-protected admin endpoints.

Pending verifications
- New "Pending verification requests" button opens a modal listing
  incoming and in-progress verification requests, refreshed every 5
  seconds.
- Each entry shows the type (device or room), who it is from, a live
  age, and a live expiry countdown; the list is capped at the newest 20
  with a hidden-count note.
- Clicking an entry drives the SAS flow (accept, start, show emoji,
  confirm/cancel) within the modal.
- New /matrix-chat/verification endpoint with list, advance, confirm,
  mismatch, and cancel actions.
- trackVerificationRequest now records a seen-at timestamp and keeps
  finished requests for two minutes so their outcome can still be
  reported to the editor.

Sessions
- New "Manage sessions" button opens a modal listing the account's
  sessions, modelled on Element's session manager: the current session
  with a verified / not-verified status box, then other sessions, each
  with a green or red shield, last activity, and IP address.
- Clicking a session shows its details (session ID, last activity, IP),
  a Rename action, and a password-confirmed Remove. Unverified sessions
  offer a Verify action that hands off into the verification modal.
- New /matrix-chat/sessions endpoint with list, rename, remove, and
  verify actions.
 2026-05-22 15:29:43 -06:00
skylord123 ebcb1eab81 Upgrade to matrix-js-sdk 41.5.0; add device verification 
Upgrades matrix-js-sdk from 34.13.0 to 41.5.0. This crosses the v37
removal of the legacy libolm crypto stack, so E2EE is migrated to the
Rust crypto implementation. Also adds device verification, cross-signing
setup, and authenticated media support.

Dependencies
- Bump matrix-js-sdk ^34.13.0 -> ^41.5.0; require Node.js >= 22.
- Drop the `olm` dependency (legacy crypto only); add `fake-indexeddb`.

Rust crypto
- Replace initCrypto() with initRustCrypto(); the legacy crypto stack
  was removed upstream in v37.
- Add src/matrix-crypto-store.js: the Rust crypto store requires
  IndexedDB, absent in Node.js, so it is backed by fake-indexeddb and
  snapshotted to disk (rust-crypto-store.v8) to survive restarts.
- Migrate existing libolm crypto state into the Rust store on first run,
  and discard the stored crypto state when the device ID changes.

Homeserver discovery
- Resolve the homeserver via .well-known, so a delegating domain
  (e.g. example.org) works as the configured server URL.

Cross-signing & secure backup
- Add a secured /matrix-chat/secure-backup admin endpoint and a modal
  dialog on the server config node: check status, unlock an existing
  secure backup with its recovery key, or reset and create a new one.

Device verification (new nodes)
- matrix-verification: event source emitting verification requests and
  phase changes, with on-node filters (phase, initiated by, type,
  self-verification, user allowlist, room).
- matrix-verification-action: request, accept, start SAS, confirm,
  mismatch, or cancel an in-flight verification.

Authenticated media
- matrix-receive and matrix-crypt-file use the authenticated media
  endpoints, send a bearer token via msg.headers, and fall back between
  the v3 and v1 media endpoints on a 404.

Fixes
- Surface connection/auth errors in the log; node.error() calls were
  passed an empty msg object, which routed the error and suppressed
  console logging.
- matrix-get-user: await getProfileInfo()/getPresence().
- matrix-invite-room: pass the reason as the third invite() argument
  (the removed callback parameter was shifting it out).
- Guard the verification handlers so a throwing SDK getter cannot crash
  Node-RED.

Docs
- Add the device-verification example flow; update the READMEs and node
  help, correcting stale claims that device verification, secure backup,
  and encrypted file uploads were unsupported.
 2026-05-22 14:40:00 -06:00
skylord123 68e63e5def Upgrade from matrix-js-sdk v34 to v34.13.0 2026-02-19 22:45:31 -07:00
skylord123 99909a77c3 Merge remote-tracking branch 'origin/master' into dev 2026-02-19 22:07:10 -07:00
skylord123 aadd82d820 Set version to 0.9.2 2026-01-17 15:00:35 -07:00
skylord123 4e6fa50a67 Merge pull request #138 from Skylar-Tech/dev 
Release v0.9.2
 2026-01-17 14:57:45 -07:00
skylord123 58bf2dcb54 Set version to 0.9.2 2026-01-17 14:56:05 -07:00
skylord123 c15893bab5 Merge pull request #135 from fprotopapa/master 
Remove unused TimelineWindow in server-config. Closes #134
 2026-01-17 14:54:45 -07:00
Fabbio Protopapa f0af0e92fe Remove unused TimelineWindow in server-config 2025-12-23 09:45:57 +01:00
skylord123 04de0b4eb3 Merge pull request #132 from Skylar-Tech/dev 
Release v0.9.1
 2025-02-09 22:41:41 -07:00
skylord123 8cb52112c1 Fix module compatibility with Node.js < 22 2025-02-09 22:36:52 -07:00
skylord123 54a9972bbc Merge pull request #121 from Skylar-Tech/dev 
Release v0.9.0
 2025-02-07 20:56:40 -07:00
skylord123 ad34f018ab Merge pull request #127 from koosc/allow-unknown 
Add option for allowing unknown devices in rooms
 2025-02-07 20:52:10 -07:00
skylord123 20345787d2 README.md change 2025-02-07 20:50:25 -07:00
skylord123 99c19923c6 Release v0.9.0 2025-02-07 20:27:36 -07:00
skylord123 093d59893e Fix roomId and eventId inputs not saving field type correctly for get-event node 2025-02-07 20:27:19 -07:00
skylord123 913f5dfcb9 - Upgrade to matrix-js-sdk 34.11.1 to fix CVE-2024-50336 
- Remove request package (no longer needed)
 2025-02-05 11:59:39 -07:00
skylord123 e0947dd3bc Merge pull request #128 from wuast94/master 
Add m.notice to the receive node
 2025-02-03 20:54:40 -07:00
skylord123 8287f3c08a Merge pull request #130 from LokiMidgard/patch-1 
Support default plaintext in msg.format
 2025-02-03 20:51:43 -07:00
Patrick Kranz 2a78524a90 use hasOwn instead of keys 2025-01-09 15:28:28 +01:00
Patrick Kranz d01838ac84 Fix error 2025-01-09 15:14:50 +01:00
Patrick Kranz 2059f8455d Update matrix-send-message.js 2025-01-09 15:12:09 +01:00
skylord123 0cb8ecf8aa Updated README with a link to a guide that explains how to register users via web browser 2025-01-04 12:58:08 -07:00
Marc 77f2c4be46 Add m.notice to the receive node 2025-01-01 05:17:12 +00:00
Chris Koos cf82daf5da Add option for allowing unknown devices 
Allows workaround for sending messages until verification is implemented
 2024-11-10 10:57:43 -08:00
30 changed files with 20252 additions and 6587 deletions
Expand all files Collapse all files
.github/workflows/publish.yml
+81
View File
@@ -0,0 +1,81 @@
name: Publish to npm
# Publishes the package to npm whenever a GitHub Release is published.
# It publishes the exact commit the release tag points to, so a pre-release
# can be cut from any branch (e.g. a beta off `dev`) without that branch
# having to be merged into master first.
#
# The release tag is the source of truth for the version:
# - Stable tag (e.g. v1.2.3) -> published to the "latest"
# dist-tag; the version bump is
# committed back to master.
# - Pre-release tag (e.g. v1.2.3-beta.1) -> published to a matching dist-tag
# ("beta", "rc", ...); does NOT
# become "latest" and is NOT
# committed back to master.
#
# Authentication uses npm Trusted Publishing (OIDC) - no token or secret is
# needed. Configure a trusted publisher for this package on npmjs.com:
# Repository: Skylar-Tech/node-red-contrib-matrix-chat
# Workflow: publish.yml
on:
release:
types: [published]
jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: write # commit the version bump back to master
id-token: write # npm Trusted Publishing (OIDC) + provenance
steps:
- name: Check out the released commit
uses: actions/checkout@v4
- name: Set up Node.js
uses: actions/setup-node@v4
with:
node-version: 22
registry-url: https://registry.npmjs.org
- name: Update npm
# Trusted Publishing requires npm 11.5.1 or newer; Node 22 ships npm 10.
run: npm install -g npm@latest
- name: Determine version and dist-tag
id: ver
run: |
VERSION="${GITHUB_REF_NAME#v}"
if [[ "$VERSION" == *-* ]]; then
# pre-release, e.g. 1.0.0-beta.1 -> dist-tag "beta"
DIST_TAG="${VERSION#*-}"
DIST_TAG="${DIST_TAG%%.*}"
PRERELEASE=true
else
DIST_TAG=latest
PRERELEASE=false
fi
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
echo "dist_tag=$DIST_TAG" >> "$GITHUB_OUTPUT"
echo "prerelease=$PRERELEASE" >> "$GITHUB_OUTPUT"
echo "Publishing $VERSION to npm dist-tag '$DIST_TAG' (prerelease=$PRERELEASE)"
- name: Set version
run: npm version "${{ steps.ver.outputs.version }}" --no-git-tag-version --allow-same-version
- name: Publish to npm
run: npm publish --provenance --access public --tag "${{ steps.ver.outputs.dist_tag }}"
- name: Commit version bump back to master
if: steps.ver.outputs.prerelease == 'false'
run: |
if git diff --quiet; then
echo "package.json already at ${{ steps.ver.outputs.version }}; nothing to commit."
exit 0
fi
git config user.name "github-actions[bot]"
git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
git commit -am "Set version to ${{ steps.ver.outputs.version }}"
git push origin HEAD:master \
|| echo "::warning::Could not push the version bump to master (branch protection?). The package was still published."
README.md
+17 -10
View File
@@ -5,17 +5,19 @@
Join our public Matrix room for help: [#node-red-contrib-matrix-chat:skylar.tech](https://app.element.io/#/room/#node-red-contrib-matrix-chat:skylar.tech)
[![ko-fi](https://ko-fi.com/img/githubbutton_sm.svg)](https://ko-fi.com/B0B51BM7C)
### Features
Supported functionality in this package includes:
- **End-to-end encryption (E2EE)**
- [Work in progress](#end-to-end-encryption-notes)
- Alternative: Use [Pantalaimon](https://github.com/matrix-org/pantalaimon) for E2EE key synchronization across sessions
- **End-to-end encryption (E2EE)** — send and receive encrypted messages (see the [encryption notes](#end-to-end-encryption-notes))
- **Cross-signing & secure backup** — interactive setup from the server config node so the bot's own device shows as verified
- **Device verification** — interactive SAS (emoji) verification, either from the server config node or with the `matrix-verification` flow nodes
- **Receive events** from rooms: Messages, reactions, images, audio, locations, files, encrypted or unencrypted
- **Fetch/modify room state**: Update room settings
- **Paginate room history**
- **Send files** (encryption support for files coming soon)
- **Send files** to rooms, encrypted or unencrypted
- **Send/edit messages** (supports plain text and HTML formats)
- **Send typing notifications**
- **Delete events** (messages, reactions, etc.)
@@ -31,6 +33,8 @@ These features allow you to easily build bots, set up chat relays, or even admin
### Installing
**Requires Node.js 22 or newer** (this is a requirement of the bundled `matrix-js-sdk`).
Install through Node-RED's UI by searching for `node-red-contrib-matrix-chat`, or use the following command inside your Node-RED directory:
```bash
@@ -49,17 +53,20 @@ You're not limited to just the nodes we've created. Enable global access in your
### End-to-End Encryption Notes
- This module doesn't handle encryption key synchronization between devices. Its recommended to use the bot exclusively in Node-RED to prevent issues with E2EE messages.
- **Storage:** Keys for E2EE are saved in a folder called `matrix-client-storage` within your Node-RED directory. Back up this folder regularly! If lost, you wont be able to decrypt messages from E2EE rooms.
- To move your bot to a different installation, migrate this folder and ensure the old and new clients don't run simultaneously.
Interested in helping? Contributions to finalize E2EE support are welcome!
- E2EE uses the Rust crypto stack from `matrix-js-sdk`. The first time a bot starts after upgrading from an older version, any existing (legacy libolm) crypto state is migrated automatically.
- **Storage:** E2EE state is saved in a folder called `matrix-client-storage` within your Node-RED directory — each account's Rust crypto store is persisted there as `rust-crypto-store.v8` (snapshotted on shutdown and every 5 minutes). Setting up secure backup (below) lets you recover the account's keys even if this folder is lost.
- **Cross-signing & secure backup — strongly recommended:** open the server config node and use the **Set up secure backup & cross-signing** button. It lets you unlock an existing secure backup with its recovery key, or create a fresh one; once done, the bot's own device is cross-signed and shows as verified to others. **Save the recovery key somewhere safe** — it is shown only once, and is the only way to restore the account's encryption keys if the crypto store is ever lost.
- **Device verification:** there are two ways to verify devices —
- From the server config node, the **Pending verification requests** button opens a list of incoming requests and lets you complete the SAS (emoji) check interactively, no flow required.
- Or build your own flow: the `matrix-verification` node emits verification requests and phase changes, and `matrix-verification-action` accepts, starts, confirms, or cancels them (e.g. emailing the SAS emoji for a human to confirm). See the [device verification example](https://github.com/Skylar-Tech/node-red-contrib-matrix-chat/tree/master/examples#device-verification).
### Registering a User
This module includes a node to register users using the Synapse secret registration endpoint. It returns both an `access_token` and a `device_id`, perfect for setting up the bot.
[See how to register a user here](https://github.com/Skylar-Tech/node-red-contrib-matrix-chat/tree/master/examples#readme).
[Guide on registering a user via the web browser](https://skylar.tech/matrix-chat-bot-module-for-node-red/)
[Guide on registering using shared secret registration](https://github.com/Skylar-Tech/node-red-contrib-matrix-chat/tree/master/examples#readme) (for server owners)
### Other Packages
examples/README.md
+21
View File
@@ -431,6 +431,27 @@ Downloads received files/images. If the file is encrypted, it will decrypt it fo
</details>
### Device Verification
<details>
<summary>Handle device verification (SAS / emoji)</summary>
[View JSON](device-verification-flow.json)
An end-to-end example of interactive device verification. The `matrix-verification` node emits every verification request and phase change; the flow routes by phase, automatically **accepts** incoming requests and **starts SAS**, then surfaces the SAS emoji so a human can compare it. Inject nodes let you **confirm** or **reject** the match, and there are paths to have the bot **request** verification of a specific user's device, or a user in a room.
Requires end-to-end encryption to be enabled on the server config node. For the bot's own device to be trusted by others, also set up cross-signing via the **Set up secure backup & cross-signing** button on the server config node.
**Instructions:**
1. Import the flow and set the Matrix server config on each matrix node.
2. Replace the `@CHANGE_ME:example.org` / `CHANGE_ME` placeholders in the "Verify a user" inject nodes if you want to use the bot-initiated paths.
3. To verify the bot from another client, start a verification with it, watch the debug sidebar for the `sas` event, compare the emoji, then click the **Confirm SAS match** inject.
![device-verification-flow.png](device-verification-flow.png)
</details>
### Deprecated
<details>
examples/device-verification-flow.json
+548
View File
@@ -0,0 +1,548 @@
[
{
"id": "7158964bd67edc52",
"type": "group",
"z": "vtest",
"name": "Example verification flow",
"style": {
"label": true
},
"nodes": [
"40c105c38054d6db",
"83f785d52a61009a",
"d51bab8cbf5f247c",
"2e543533d49b467c"
],
"x": 88,
"y": 73,
"w": 1044,
"h": 754
},
{
"id": "40c105c38054d6db",
"type": "group",
"z": "vtest",
"g": "7158964bd67edc52",
"name": "Verification request handling",
"style": {
"label": true
},
"nodes": [
"mv_all",
"dbg_events",
"sw_phase",
"act_accept",
"act_start",
"chg_savevid",
"dbg_sas",
"dbg_done",
"dbg_cancelled",
"dbg_err"
],
"x": 114,
"y": 99,
"w": 992,
"h": 342
},
{
"id": "mv_all",
"type": "matrix-verification",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "All verifications",
"server": null,
"phaseRequested": true,
"phaseReady": true,
"phaseStarted": true,
"phaseSas": true,
"phaseDone": true,
"phaseCancelled": true,
"initiatedBy": "any",
"verificationType": "any",
"selfVerification": "any",
"userFilter": "",
"roomFilter": "",
"x": 220,
"y": 180,
"wires": [
[
"dbg_events",
"sw_phase"
]
]
},
{
"id": "dbg_events",
"type": "debug",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "all verification events",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 500,
"y": 140,
"wires": []
},
{
"id": "sw_phase",
"type": "switch",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "route by phase",
"property": "phase",
"propertyType": "msg",
"rules": [
{
"t": "eq",
"v": "requested",
"vt": "str"
},
{
"t": "eq",
"v": "ready",
"vt": "str"
},
{
"t": "eq",
"v": "sas",
"vt": "str"
},
{
"t": "eq",
"v": "done",
"vt": "str"
},
{
"t": "eq",
"v": "cancelled",
"vt": "str"
}
],
"checkall": "true",
"outputs": 5,
"x": 460,
"y": 220,
"wires": [
[
"act_accept"
],
[
"act_start"
],
[
"chg_savevid"
],
[
"dbg_done"
],
[
"dbg_cancelled"
]
]
},
{
"id": "act_accept",
"type": "matrix-verification-action",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "Accept",
"server": null,
"mode": "accept",
"x": 700,
"y": 180,
"wires": [
[],
[
"dbg_err"
]
]
},
{
"id": "act_start",
"type": "matrix-verification-action",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "Start SAS",
"server": null,
"mode": "start",
"x": 700,
"y": 230,
"wires": [
[],
[
"dbg_err"
]
]
},
{
"id": "chg_savevid",
"type": "change",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "save verificationId",
"rules": [
{
"t": "set",
"p": "verificationId",
"pt": "flow",
"to": "verificationId",
"tot": "msg"
}
],
"x": 710,
"y": 290,
"wires": [
[
"dbg_sas"
]
]
},
{
"id": "dbg_sas",
"type": "debug",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "SAS emoji (msg.sas)",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 960,
"y": 290,
"wires": []
},
{
"id": "dbg_done",
"type": "debug",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "verification done",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 710,
"y": 350,
"wires": []
},
{
"id": "dbg_cancelled",
"type": "debug",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "verification cancelled",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 730,
"y": 400,
"wires": []
},
{
"id": "dbg_err",
"type": "debug",
"z": "vtest",
"g": "40c105c38054d6db",
"name": "action errors",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 940,
"y": 200,
"wires": []
},
{
"id": "83f785d52a61009a",
"type": "group",
"z": "vtest",
"g": "7158964bd67edc52",
"name": "Confirm or reject last verification request",
"style": {
"label": true
},
"nodes": [
"inj_confirm",
"chg_vid_c",
"act_confirm",
"inj_reject",
"chg_vid_r",
"act_mismatch",
"dbg_result"
],
"x": 114,
"y": 459,
"w": 982,
"h": 142
},
{
"id": "inj_confirm",
"type": "inject",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "Confirm SAS match",
"props": [],
"repeat": "",
"crontab": "",
"once": false,
"onceDelay": 0.1,
"topic": "",
"x": 250,
"y": 500,
"wires": [
[
"chg_vid_c"
]
]
},
{
"id": "chg_vid_c",
"type": "change",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "verificationId from flow",
"rules": [
{
"t": "set",
"p": "verificationId",
"pt": "msg",
"to": "verificationId",
"tot": "flow"
}
],
"x": 500,
"y": 500,
"wires": [
[
"act_confirm"
]
]
},
{
"id": "act_confirm",
"type": "matrix-verification-action",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "Confirm SAS",
"server": null,
"mode": "confirm",
"x": 750,
"y": 500,
"wires": [
[
"dbg_result"
],
[
"dbg_err"
]
]
},
{
"id": "inj_reject",
"type": "inject",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "Reject SAS (mismatch)",
"props": [],
"repeat": "",
"crontab": "",
"once": false,
"onceDelay": 0.1,
"topic": "",
"x": 260,
"y": 560,
"wires": [
[
"chg_vid_r"
]
]
},
{
"id": "chg_vid_r",
"type": "change",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "verificationId from flow",
"rules": [
{
"t": "set",
"p": "verificationId",
"pt": "msg",
"to": "verificationId",
"tot": "flow"
}
],
"x": 500,
"y": 560,
"wires": [
[
"act_mismatch"
]
]
},
{
"id": "act_mismatch",
"type": "matrix-verification-action",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "Reject (mismatch)",
"server": null,
"mode": "mismatch",
"x": 760,
"y": 560,
"wires": [
[
"dbg_result"
],
[
"dbg_err"
]
]
},
{
"id": "dbg_result",
"type": "debug",
"z": "vtest",
"g": "83f785d52a61009a",
"name": "action result",
"active": true,
"tosidebar": true,
"complete": "true",
"x": 980,
"y": 530,
"wires": []
},
{
"id": "d51bab8cbf5f247c",
"type": "group",
"z": "vtest",
"g": "7158964bd67edc52",
"name": "Request verification with specific user & device",
"style": {
"label": true
},
"nodes": [
"inj_request",
"act_request"
],
"x": 114,
"y": 619,
"w": 512,
"h": 82
},
{
"id": "inj_request",
"type": "inject",
"z": "vtest",
"g": "d51bab8cbf5f247c",
"name": "Verify a user & device",
"props": [
{
"p": "userId",
"v": "@CHANGE_ME:example.org",
"vt": "str"
},
{
"p": "deviceId",
"v": "CHANGE_ME",
"vt": "str"
}
],
"repeat": "",
"crontab": "",
"once": false,
"onceDelay": 0.1,
"topic": "",
"x": 260,
"y": 660,
"wires": [
[
"act_request"
]
]
},
{
"id": "act_request",
"type": "matrix-verification-action",
"z": "vtest",
"g": "d51bab8cbf5f247c",
"name": "Request verification",
"server": null,
"mode": "request",
"x": 510,
"y": 660,
"wires": [
[
"dbg_result"
],
[
"dbg_err"
]
]
},
{
"id": "2e543533d49b467c",
"type": "group",
"z": "vtest",
"g": "7158964bd67edc52",
"name": "Request verification with specific user & room",
"style": {
"label": true
},
"nodes": [
"f7c043d39780b9a4",
"b2807fd5125b56b4"
],
"x": 114,
"y": 719,
"w": 512,
"h": 82
},
{
"id": "f7c043d39780b9a4",
"type": "inject",
"z": "vtest",
"g": "2e543533d49b467c",
"name": "Verify a user & room",
"props": [
{
"p": "userId",
"v": "@CHANGE_ME:example.org",
"vt": "str"
},
{
"p": "topic",
"vt": "str"
}
],
"repeat": "",
"crontab": "",
"once": false,
"onceDelay": 0.1,
"topic": "CHANGE_ME",
"x": 250,
"y": 760,
"wires": [
[
"b2807fd5125b56b4"
]
]
},
{
"id": "b2807fd5125b56b4",
"type": "matrix-verification-action",
"z": "vtest",
"g": "2e543533d49b467c",
"name": "Request verification",
"server": null,
"mode": "request",
"x": 510,
"y": 760,
"wires": [
[
"dbg_result"
],
[
"dbg_err"
]
]
}
]
examples/device-verification-flow.png
BIN
View File
Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 139 KiB

package-lock.json
Generated
+16351 -5446
View File
File diff suppressed because it is too large Load Diff
package.json
+10 -7
View File
@@ -1,20 +1,22 @@
{
"name": "node-red-contrib-matrix-chat",
"version": "0.8.0",
"version": "1.0.0",
"description": "Matrix chat server client for Node-RED",
"dependencies": {
"abort-controller": "^3.0.0",
"commonmark": "^0.31.2",
"fake-indexeddb": "^6.2.5",
"fluent-ffmpeg": "^2.1.2",
"fs-extra": "^11.1.0",
"got": "^12.0.2",
"image-size": "^1.0.2",
"isomorphic-webcrypto": "^2.3.8",
"matrix-js-sdk": "^28.0.0",
"linkifyjs": "^4.3.3",
"lodash.escape": "^4.0.1",
"matrix-js-sdk": "^41.5.0",
"mime": "^3.0.0",
"node-fetch": "^3.3.0",
"node-localstorage": "^2.2.1",
"olm": "https://gitlab.matrix.org/matrix-org/olm/-/package_files/2572/download",
"request": "^2.88.2",
"sharp": "^0.33.4",
"tmp": "^0.2.1",
"utf8": "^3.0.0"
@@ -53,11 +55,12 @@
"matrix-paginate-room": "src/matrix-paginate-room.js",
"matrix-get-event": "src/matrix-get-event.js",
"matrix-event-relations": "src/matrix-event-relations.js",
"matrix-device-verification": "src/matrix-device-verification.js"
"matrix-verification": "src/matrix-verification.js",
"matrix-verification-action": "src/matrix-verification-action.js"
}
},
"engines": {
"node": ">=14.0.0"
"node": ">=22.0.0"
},
"keywords": [
"node-red",
@@ -68,7 +71,7 @@
],
"repository": {
"type": "git",
"url": "https://github.com/skylar-tech/node-red-contrib-matrix-chat"
"url": "git+https://github.com/Skylar-Tech/node-red-contrib-matrix-chat.git"
},
"author": {
"name": "Skylar Sadlier",
src/matrix-crypt-file.html
+10
View File
@@ -43,6 +43,16 @@
<span class="property-type">string | null</span>
</dt>
<dd> the decoded mxc url.</dd>
<dt class="optional">msg.headers
<span class="property-type">object</span>
</dt>
<dd>optional HTTP headers. If provided, they are used when downloading media (for example authenticated media bearer tokens).</dd>
<dt class="optional">msg.access_token
<span class="property-type">string</span>
</dt>
<dd>optional Matrix access token. Used as a bearer token if <code>msg.headers.Authorization</code> is not present.</dd>
</dl>
<h3>Outputs</h3>
src/matrix-crypt-file.js
+53 -4
View File
@@ -32,7 +32,9 @@ module.exports = function(RED) {
}
try{
let buffer = await got(msg.url).buffer();
const requestOptions = getRequestOptions(msg);
let buffer = await downloadBufferWithFallback(got, msg.url, requestOptions);
msg.payload = Buffer.from(await decryptAttachment(buffer, msg.content.file));
// handle thumbnail decryption if necessary
@@ -41,13 +43,14 @@ module.exports = function(RED) {
&& msg.thumbnail_url
&& msg.content.info.thumbnail_file
) {
let thumb_buffer = await got(msg.thumbnail_url).buffer();
let thumb_buffer = await downloadBufferWithFallback(got, msg.thumbnail_url, requestOptions);
msg.thumbnail_payload = Buffer.from(await decryptAttachment(thumb_buffer, msg.content.info.thumbnail_file));
}
} catch(error){
node.error(error);
msg.error = error;
node.send([null, msg]);
return;
}
msg.filename = msg.content.filename || msg.content.body;
@@ -57,12 +60,58 @@ module.exports = function(RED) {
}
RED.nodes.registerType("matrix-decrypt-file", MatrixDecryptFile);
function getRequestOptions(msg) {
const headers = { ...(msg.headers || {}) };
if (!headers.Authorization && msg.access_token) {
headers.Authorization = `Bearer ${msg.access_token}`;
}
return Object.keys(headers).length ? { headers } : {};
}
function getMediaEndpointFallbackUrl(url) {
if (typeof url !== "string") {
return null;
}
if (url.includes("/_matrix/media/v3/download/")) {
return url.replace("/_matrix/media/v3/download/", "/_matrix/client/v1/media/download/");
}
if (url.includes("/_matrix/client/v1/media/download/")) {
return url.replace("/_matrix/client/v1/media/download/", "/_matrix/media/v3/download/");
}
if (url.includes("/_matrix/media/v3/thumbnail/")) {
return url.replace("/_matrix/media/v3/thumbnail/", "/_matrix/client/v1/media/thumbnail/");
}
if (url.includes("/_matrix/client/v1/media/thumbnail/")) {
return url.replace("/_matrix/client/v1/media/thumbnail/", "/_matrix/media/v3/thumbnail/");
}
return null;
}
async function downloadBufferWithFallback(got, url, requestOptions) {
try {
return await got(url, requestOptions).buffer();
} catch (error) {
const fallbackUrl = getMediaEndpointFallbackUrl(url);
if (error?.response?.statusCode === 404 && fallbackUrl && fallbackUrl !== url) {
return await got(fallbackUrl, requestOptions).buffer();
}
throw error;
}
}
function atob(a) {
return new Buffer.from(a, 'base64').toString('binary');
return Buffer.from(a, 'base64').toString('binary');
}
function btoa(b) {
return new Buffer.from(b).toString('base64');
return Buffer.from(b).toString('base64');
}
// the following was taken & modified from https://github.com/matrix-org/browser-encrypt-attachment/blob/master/index.js
src/matrix-crypto-store.js
+175
View File
@@ -0,0 +1,175 @@
/**
* Persistence helpers for the matrix-js-sdk Rust crypto store in Node.js.
*
* matrix-js-sdk v37+ removed the legacy (libolm) crypto stack. The Rust crypto
* replacement persists its state (device identity, Olm/megolm sessions, etc.)
* to IndexedDB, which does not exist in Node.js. We provide an in-memory
* IndexedDB via `fake-indexeddb` and snapshot the databases to/from disk so the
* crypto state survives Node-RED restarts.
*
* The `indexeddbshim` package (which can persist to disk directly) is not used
* because it is incompatible with the Rust crypto store migrations
* (see matrix-org/matrix-sdk-crypto-wasm#195). `fake-indexeddb` is spec
* compliant, so snapshotting it through the public IndexedDB API is reliable.
*/
const fs = require('fs-extra');
const v8 = require('v8');
let shimInstalled = false;
/**
* Install the in-memory IndexedDB shim onto globalThis. Idempotent. Must be
* called before MatrixClient.initRustCrypto().
*/
function ensureIndexedDBShim() {
if (shimInstalled || globalThis.indexedDB) {
shimInstalled = true;
return;
}
// `fake-indexeddb/auto` assigns indexedDB / IDBKeyRange / etc. onto globalThis.
require('fake-indexeddb/auto');
shimInstalled = true;
}
function reqAsync(req) {
return new Promise((resolve, reject) => {
req.onsuccess = () => resolve(req.result);
req.onerror = () => reject(req.error);
});
}
function txDone(tx) {
return new Promise((resolve, reject) => {
tx.oncomplete = () => resolve();
tx.onerror = () => reject(tx.error);
tx.onabort = () => reject(tx.error || new Error('IndexedDB transaction aborted'));
});
}
/**
* Restore previously snapshotted IndexedDB databases from `filePath` into the
* in-memory store. No-op if the snapshot does not exist. Databases that are
* already present in memory (e.g. after a Node-RED redeploy that kept the
* process alive) are left untouched so the live state is not clobbered.
*
* Must be called before MatrixClient.initRustCrypto().
*
* @returns {Promise<boolean>} true if at least one database was restored.
*/
async function restoreCryptoStore(filePath) {
ensureIndexedDBShim();
if (!filePath || !fs.pathExistsSync(filePath)) {
return false;
}
let databases;
try {
databases = v8.deserialize(fs.readFileSync(filePath));
} catch (e) {
// Corrupt/unreadable snapshot - start fresh rather than crash.
return false;
}
if (!Array.isArray(databases) || !databases.length) {
return false;
}
const existing = new Set((await indexedDB.databases()).map((d) => d.name));
let restored = 0;
for (const dbSpec of databases) {
if (existing.has(dbSpec.name)) {
continue; // already live in memory - don't overwrite
}
const openReq = indexedDB.open(dbSpec.name, dbSpec.version);
openReq.onupgradeneeded = () => {
const db = openReq.result;
for (const store of dbSpec.stores) {
if (db.objectStoreNames.contains(store.name)) {
continue;
}
const os = db.createObjectStore(store.name, {
keyPath: store.keyPath || undefined,
autoIncrement: store.autoIncrement,
});
for (const ix of store.indexes) {
os.createIndex(ix.name, ix.keyPath, { unique: ix.unique, multiEntry: ix.multiEntry });
}
}
};
const db = await reqAsync(openReq);
for (const store of dbSpec.stores) {
if (!store.values.length) {
continue;
}
const tx = db.transaction(store.name, 'readwrite');
const os = tx.objectStore(store.name);
for (let i = 0; i < store.values.length; i++) {
if (store.keyPath) {
os.put(store.values[i]);
} else {
os.put(store.values[i], store.keys[i]);
}
}
await txDone(tx);
}
db.close();
restored++;
}
return restored > 0;
}
/**
* Snapshot IndexedDB databases to `filePath`. If `dbNamePrefix` is given only
* databases whose name starts with it are written, so multiple Matrix accounts
* sharing one process do not snapshot each other's data.
*
* The write is atomic (temp file + rename). Values are serialized with the V8
* serializer so typed arrays / Maps inside the crypto store survive intact.
*
* @returns {Promise<boolean>} true if a snapshot file was written.
*/
async function snapshotCryptoStore(filePath, dbNamePrefix) {
if (!filePath || !globalThis.indexedDB || typeof indexedDB.databases !== 'function') {
return false;
}
let dbList = await indexedDB.databases();
if (dbNamePrefix) {
dbList = dbList.filter((d) => typeof d.name === 'string' && d.name.startsWith(dbNamePrefix));
}
const out = [];
for (const { name, version } of dbList) {
const db = await reqAsync(indexedDB.open(name, version));
const stores = [];
for (const storeName of Array.from(db.objectStoreNames)) {
const tx = db.transaction(storeName, 'readonly');
const os = tx.objectStore(storeName);
const indexes = Array.from(os.indexNames).map((n) => {
const ix = os.index(n);
return { name: n, keyPath: ix.keyPath, unique: ix.unique, multiEntry: ix.multiEntry };
});
stores.push({
name: storeName,
keyPath: os.keyPath,
autoIncrement: os.autoIncrement,
indexes,
values: await reqAsync(os.getAll()),
keys: await reqAsync(os.getAllKeys()),
});
}
db.close();
out.push({ name, version, stores });
}
const tmp = `${filePath}.tmp`;
fs.writeFileSync(tmp, v8.serialize(out));
fs.renameSync(tmp, filePath);
return true;
}
module.exports = { ensureIndexedDBShim, restoreCryptoStore, snapshotCryptoStore };
src/matrix-device-verification.html
-240
View File
@@ -1,240 +0,0 @@
<script type="text/javascript">
let computeInputAndOutputCounts = function(node){
switch($("#node-input-mode").val()) {
default:
node.outputs = node.inputs = 0;
break;
case 'receive':
node.outputs = 1;
node.inputs = 0;
break;
case 'request':
case 'start':
case 'accept':
case 'cancel':
node.outputs = 2;
node.inputs = 1;
break;
}
};
RED.nodes.registerType('matrix-device-verification', {
category: 'matrix',
color: '#00b7ca',
icon: "matrix.png",
inputs: 0,
outputs: 0,
outputLabels: ["success", "error"],
defaults: {
name: { value: null },
server: { value: "", type: "matrix-server-config" },
mode: { value: null, type: "text", required: true },
inputs: { value: 0 },
outputs: { value: 0 }
},
oneditprepare: function () {
computeInputAndOutputCounts(this);
},
oneditsave: function () {
computeInputAndOutputCounts(this);
},
label: function() {
if(this.name) {
return this.name;
}
switch(this.mode) {
default:
return 'Device Verification';
case 'receive':
return 'Receive Device Verification';
case 'request':
return 'Request Device Verification';
case 'start':
return 'Start Device Verification';
case 'accept':
return 'Accept Device Verification';
case 'cancel':
return 'Cancel Device Verification';
}
return this.name || "Device Verify Request";
},
paletteLabel: function(){
return "Device Verification";
}
});
</script>
<script type="text/html" data-template-name="matrix-device-verification">
<div class="form-row">
<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
<input type="text" id="node-input-name" placeholder="Name">
</div>
<div class="form-row">
<label for="node-input-server"><i class="fa fa-user"></i> Matrix Server Config</label>
<input type="text" id="node-input-server">
</div>
<div class="form-row">
<label for="node-input-mode"><i class="fa fa-user"></i> Mode</label>
<select id="node-input-mode" style="width:70%;">
<option value="">Unconfigured</option>
<option value="receive">Receive Verification Request</option>
<option value="request">Request Verification</option>
<option value="start">Verification Start</option>
<option value="accept">Verification Accept</option>
<option value="cancel">Verification Cancel</option>
</select>
</div>
</script>
<script type="text/html" data-help-name="matrix-device-verification">
<h3>Details</h3>
<p>
Handle device verification. Check out the <a href="https://github.com/Skylar-Tech/node-red-contrib-matrix-chat/tree/master/examples#readme" target="_blank">examples</a> page for a good understanding of how this works.
<br />
General flow:
<ol>
<li>Request/Receive device verification</li>
<li>Start Verification</li>
<li>Compare Emojis</li>
<li>Accept/Cancel Verification</li>
</ol>
<br />
THIS NODE IS IN BETA. There is a good chance that we will change how this node works later down the road. Make sure to read the release notes before upgrading.
</p>
<a href="https://matrix-org.github.io/synapse/develop/admin_api/room_membership.html#edit-room-membership-api" target="_blank">Synapse API Endpoint Information</a>
<h3>Inputs</h3>
<ul class="node-inputs">
<li><code>mode</code> set to '<strong>Receive Verification Request</strong>'
<div class="form-tips" style="margin-bottom: 12px;">
Doesn't take an input
</div>
</li>
<li><code>mode</code> set to '<strong>Request Verification</strong>'
<dl class="message-properties">
<dt>msg.userId <span class="property-type">string</span></dt>
<dd>
ID of the user to request device verification from
</dd>
</dl>
<dl class="message-properties">
<dt>msg.devices <span class="property-type">array[string]|null</span></dt>
<dd> list of <code>msg.userId</code>'s devices IDs to request verification from. If empty it will request from all known devices.</dd>
</dl>
</li>
<li><code>mode</code> set to '<strong>Verification Start</strong>'
<dl class="message-properties">
<dt>msg.verifyRequestId <span class="property-type">string</span></dt>
<dd>
Internal ID to reference the verification request throughout the flows
</dd>
</dl>
<dl class="message-properties">
<dt>msg.cancel <span class="property-type">bool</span></dt>
<dd>
If set and is true the verification request will be cancelled
</dd>
</dl>
</li>
<li><code>mode</code> set to '<strong>Verification Accept</strong>'
<dl class="message-properties">
<dt>msg.verifyRequestId <span class="property-type">string</span></dt>
<dd>
Internal ID to reference the verification request throughout the flows
</dd>
</dl>
</li>
<li><code>mode</code> set to '<strong>Verification Cancel</strong>'
<dl class="message-properties">
<dt>msg.verifyRequestId <span class="property-type">string</span></dt>
<dd>
Internal ID to reference the verification request throughout the flows
</dd>
</dl>
</li>
</ul>
<h3>Outputs</h3>
<ul class="node-outputs">
<li><code>mode</code> set to '<strong>Receive Verification Request</strong>' or '<strong>Request Verification</strong>'
<dl class="message-properties">
<dt>msg.verifyRequestId <span class="property-type">string</span></dt>
<dd>
Internal ID to reference the verification request throughout the flows
</dd>
</dl>
<dl class="message-properties">
<dt>msg.verifyMethods <span class="property-type">string</span></dt>
<dd>
Common verification methods supported by both sides
</dd>
</dl>
<dl class="message-properties">
<dt>msg.userId <span class="property-type">string</span></dt>
<dd>
ID of the user to request device verification from
</dd>
</dl>
<dl class="message-properties">
<dt>msg.deviceIds <span class="property-type">array[string]</span></dt>
<dd>
List of devices we are verifying
</dd>
</dl>
<dl class="message-properties">
<dt>msg.selfVerification <span class="property-type">bool</span></dt>
<dd>
true if we are verifying one of our own devices
</dd>
</dl>
<dl class="message-properties">
<dt>msg.phase <span class="property-type">string</span></dt>
<dd>
what phase of verification we are in
</dd>
</dl>
</li>
<li><code>mode</code> set to '<strong>Verification Start</strong>'
<dl class="message-properties">
<dt>msg.payload <span class="property-type">string</span></dt>
<dd>
sas verification payload
</dd>
</dl>
<dl class="message-properties">
<dt>msg.emojis <span class="property-type">array[string]</span></dt>
<dd>
array of emojis for verification request
</dd>
</dl>
<dl class="message-properties">
<dt>msg.emojis_text <span class="property-type">array[string]</span></dt>
<dd>
array of emojis in text form for verification request
</dd>
</dl>
</li>
<li><code>mode</code> set to '<strong>Verification Accept</strong>' or '<strong>Verification Cancel</strong>'
<div class="form-tips" style="margin-bottom: 12px;">
Passes input straight to output on success. If an error occurs it goes to the second output.
</div>
</li>
</ul>
</script>
src/matrix-device-verification.js
-267
View File
@@ -1,267 +0,0 @@
const {Phase} = require("matrix-js-sdk/lib/crypto/verification/request/VerificationRequest");
const {CryptoEvent} = require("matrix-js-sdk/lib/crypto");
module.exports = function(RED) {
const verificationRequests = new Map();
function MatrixDeviceVerification(n) {
RED.nodes.createNode(this, n);
var node = this;
this.name = n.name;
this.server = RED.nodes.getNode(n.server);
this.mode = n.mode;
if (!node.server) {
node.warn("No configuration node");
return;
}
if(!node.server.e2ee) {
node.error("End-to-end encryption needs to be enabled to use this.");
}
node.status({ fill: "red", shape: "ring", text: "disconnected" });
node.server.on("disconnected", function(){
node.status({ fill: "red", shape: "ring", text: "disconnected" });
});
node.server.on("connected", function() {
node.status({ fill: "green", shape: "ring", text: "connected" });
});
function getKeyByValue(object, value) {
return Object.keys(object).find(key => object[key] === value);
}
switch(node.mode) {
default:
node.error("Node not configured with a mode");
break;
case 'request':
node.on('input', async function(msg){
if(!msg.userId) {
node.error("msg.userId is required for start verification mode");
}
node.server.matrixClient.requestDeviceVerification(msg.userId, msg.devices || undefined)
.then(function(e) {
node.log("Successfully requested verification", e);
let verifyRequestId = msg.userId + ':' + e.channel.deviceId;
verificationRequests.set(verifyRequestId, e);
node.send({
verifyRequestId: verifyRequestId, // internally used to reference between nodes
verifyMethods: e.methods,
userId: msg.userId,
deviceIds: e.channel.devices,
selfVerification: e.isSelfVerification,
phase: getKeyByValue(Phase, e.phase)
});
})
.catch(function(e){
node.warn("Error requesting device verification: " + e);
msg.error = e;
node.send([null, msg]);
});
});
break;
case 'receive':
/**
* Fires when a key verification is requested.
* @event module:client~MatrixClient#"crypto.verification.request"
* @param {object} data
* @param {MatrixEvent} data.event the original verification request message
* @param {Array} data.methods the verification methods that can be used
* @param {Number} data.timeout the amount of milliseconds that should be waited
* before cancelling the request automatically.
* @param {Function} data.beginKeyVerification a function to call if a key
* verification should be performed. The function takes one argument: the
* name of the key verification method (taken from data.methods) to use.
* @param {Function} data.cancel a function to call if the key verification is
* rejected.
*/
node.server.matrixClient.on(CryptoEvent.VerificationRequestReceived, async function(data){
if(data.phase === Phase.Cancelled || data.phase === Phase.Done) {
return;
}
if(data.requested || true) {
let verifyRequestId = data.targetDevice.userId + ':' + data.targetDevice.deviceId;
verificationRequests.set(verifyRequestId, data);
node.send({
verifyRequestId: verifyRequestId, // internally used to reference between nodes
verifyMethods: data.methods,
userId: data.targetDevice.userId,
deviceId: data.targetDevice.deviceId,
selfVerification: data.isSelfVerification,
phase: getKeyByValue(Phase, data.phase)
});
}
});
node.on('close', function(done) {
// clear verification requests
verificationRequests.clear();
done();
});
break;
case 'start':
node.on('input', async function(msg){
if(!msg.verifyRequestId || !verificationRequests.has(msg.verifyRequestId)) {
node.error("invalid verification request (invalid msg.verifyRequestId): " + (msg.verifyRequestId || null));
}
var data = verificationRequests.get(msg.verifyRequestId);
if(msg.cancel) {
await data.verifier.cancel();
verificationRequests.delete(msg.verifyRequestId);
} else {
try {
data.on('change', async function() {
// VerificationPhase {
// /** Initial state: no event yet exchanged */
// Unsent = 1,
//
// /** An `m.key.verification.request` event has been sent or received */
// Requested = 2,
//
// /** An `m.key.verification.ready` event has been sent or received, indicating the verification request is accepted. */
// Ready = 3,
//
// /** An `m.key.verification.start` event has been sent or received, choosing a verification method */
// Started = 4,
//
// /** An `m.key.verification.cancel` event has been sent or received at any time before the `done` event, cancelling the verification request */
// Cancelled = 5,
//
// /** An `m.key.verification.done` event has been **sent**, completing the verification request. */
// Done = 6,
// }
console.log("[Verification Start] VERIFIER EVENT CHANGE", this.phase);
var that = this;
if(this.phase === Phase.Started) {
console.log("[Verification Start] VERIFIER EVENT PHASE STARTED");
let verifierCancel = function(){
let verifyRequestId = that.targetDevice.userId + ':' + that.targetDevice.deviceId;
if(verificationRequests.has(verifyRequestId)) {
verificationRequests.delete(verifyRequestId);
}
};
data.verifier.on('cancel', function(e){
node.warn("Device verification cancelled " + e);
console.log(JSON.stringify(e.value));
verifierCancel();
});
const sasEventPromise = new Promise(resolve =>
data.verifier.once("show_sas", resolve)
);
console.log("[Verification Start] Starting verification");
data.verifier.verify()
.then(function() {
console.log("[Verification Start] verify() success");
}).catch(function(e) {
console.log("[Verification Start] verify() error", e);
msg.error = e;
node.send([null, msg]);
});
console.log("[Verification Start] WAITING FOR SHOW SAS EVENT");
const sasEvent = await sasEventPromise;
console.log("SHOW SAS", sasEvent);
// e = {
// sas: {
// decimal: [ 8641, 3153, 2357 ],
// emoji: [
// [Array], [Array],
// [Array], [Array],
// [Array], [Array],
// [Array]
// ]
// },
// confirm: [AsyncFunction: confirm],
// cancel: [Function: cancel],
// mismatch: [Function: mismatch]
// }
msg.payload = sasEvent.sas;
msg.emojis = sasEvent.sas.emoji.map(function(emoji, i) {
return emoji[0];
});
msg.emojis_text = sasEvent.sas.emoji.map(function(emoji, i) {
return emoji[1];
});
node.send(msg);
// sasEvent.mismatch();
}
});
console.log("[Verification Start] Starting verification");
try {
console.log("[Verification Start] Accepting..");
await data.accept();
console.log(`[Verification] beginKeyVerification (methods=${data.methods[0]}, targetDevice=${data.targetDevice})`);
await data.beginKeyVerification(
data.methods[0],
data.targetDevice
);
} catch(e) {
console.log("[Verification Start] VERIFICATION ERROR", e);
}
} catch(e) {
console.log("ERROR", e);
}
}
});
break;
case 'cancel':
node.on('input', async function(msg){
if(!msg.verifyRequestId || !verificationRequests.has(msg.verifyRequestId)) {
node.error("Invalid verification request: " + (msg.verifyRequestId || null));
}
var data = verificationRequests.get(msg.verifyRequestId);
if(data) {
data.cancel()
.then(function(e){
node.send([msg, null]);
})
.catch(function(e) {
msg.error = e;
node.send([null, msg]);
});
}
});
break;
case 'accept':
node.on('input', async function(msg){
if(!msg.verifyRequestId || !verificationRequests.has(msg.verifyRequestId)) {
node.error("Invalid verification request: " + (msg.verifyRequestId || null));
}
var data = verificationRequests.get(msg.verifyRequestId);
if(data.verifier && data.verifier.sasEvent) {
try {
await data.verifier.sasEvent.confirm();
node.send([msg, null]);
} catch(e) {
msg.error = e;
node.send([null, msg]);
}
} else {
node.error("Verification must be started");
}
});
break;
}
}
RED.nodes.registerType("matrix-device-verification", MatrixDeviceVerification);
}
src/matrix-event-relations.js
+10 -7
View File
@@ -1,4 +1,4 @@
const {RelationType, EventType, Direction} = require("matrix-js-sdk");
const sdkPromise = import("matrix-js-sdk");
module.exports = function(RED) {
function MatrixFetchRelations(n) {
@@ -49,14 +49,17 @@ module.exports = function(RED) {
}
try {
const sdk = await sdkPromise;
const Direction = sdk.Direction;
function evaluateNodePropertySafe(value, type, node, msg) {
try {
return RED.util.evaluateNodeProperty(value, type, node, msg);
} catch (e) {
if (e instanceof TypeError) {
return undefined; // Handle TypeError and return undefined
return undefined;
}
throw e; // Re-throw other errors to prevent masking issues
throw e;
}
}
@@ -71,16 +74,16 @@ module.exports = function(RED) {
to = evaluateNodePropertySafe(node.toValue, node.toType, node, msg);
let opts = { dir: direction };
if(limit) {
if (limit) {
opts.limit = limit;
}
if(recurse === true || recurse === false) {
if (recurse === true || recurse === false) {
opts.recurse = recurse;
}
if(from) {
if (from) {
opts.from = from;
}
if(to) {
if (to) {
opts.to = to;
}
src/matrix-get-event.html
+10 -18
View File
@@ -19,14 +19,18 @@
},
oneditprepare: function() {
$("#node-input-roomId").typedInput({
type: this.roomIdType,
types:['msg','flow','global','str'],
}).typedInput('value', this.roomIdValue);
types: ['msg','flow','global','str'],
typeField: "#node-input-roomId"
});
$("#node-input-roomId").typedInput("type", this.roomIdType || "msg");
$("#node-input-roomId").typedInput("value", this.roomIdValue || "topic");
$("#node-input-eventId").typedInput({
type: this.eventIdType,
types:['msg','flow','global','str'],
}).typedInput('value', this.eventIdValue);
types: ['msg','flow','global','str'],
typeField: "#node-input-eventId"
});
$("#node-input-eventId").typedInput("type", this.eventIdType || "msg");
$("#node-input-eventId").typedInput("value", this.eventIdValue || "eventId");
},
oneditsave: function() {
this.roomIdType = $("#node-input-roomId").typedInput('type');
@@ -58,18 +62,6 @@
<label for="node-input-eventId"><i class="fa fa-file"></i> Event ID</label>
<input type="text" id="node-input-eventId">
</div>
<script type="text/javascript">
$(function(){
$("#node-input-roomId").on("keyup", function() {
if($(this).val() && !$(this).val().startsWith("!")) {
$("#node-input-roomId-error").html(`Room IDs start with exclamation point "!"<br />Example: !OGEhHVWSdvArJzumhm:matrix.org`).show();
} else {
$("#node-input-roomId-error").hide();
}
}).trigger('keyup');
});
</script>
</script>
<script type="text/html" data-help-name="matrix-get-event">
src/matrix-get-user.js
+4 -4
View File
@@ -106,14 +106,14 @@ module.exports = function(RED) {
let user2 = {};
try {
let profileInfo = node.server.matrixClient.getProfileInfo(userId);
if(Object.keys(profileInfo).length > 0) {
let profileInfo = await node.server.matrixClient.getProfileInfo(userId);
if(profileInfo && Object.keys(profileInfo).length > 0) {
user2.displayName = profileInfo.displayname;
user2.avatarUrl = profileInfo.avatar_url;
}
let presence = node.server.matrixClient.getPresence(userId);
if(Object.keys(presence).length > 0) {
let presence = await node.server.matrixClient.getPresence(userId);
if(presence && Object.keys(presence).length > 0) {
user2.currentlyActive = presence.currently_active;
user2.lastActiveAgo = presence.last_active_ago;
user2.presenceStatusMsg = presence.presence_status_msg;
src/matrix-invite-room.js
+3 -2
View File
@@ -54,9 +54,10 @@ module.exports = function(RED) {
return;
}
// we need the status code, so set onlydata to false for this request
// invite(roomId, userId, opts|reason) - the SDK no longer accepts a
// callback argument, so the reason is passed as the 3rd parameter.
node.server.matrixClient
.invite(msg.topic, msg.userId, undefined, msg.reason || undefined)
.invite(msg.topic, msg.userId, msg.reason || undefined)
.then(function(e){
msg.payload = e;
node.send([msg, null]);
src/matrix-mark-read.js
+11 -12
View File
@@ -1,9 +1,8 @@
const {TimelineWindow, RelationType, Filter} = require("matrix-js-sdk");
const crypto = require('crypto');
module.exports = function(RED) {
function MatrixReceiveMessage(n) {
RED.nodes.createNode(this, n);
module.exports = function(RED) {
function MatrixMarkRead(n) {
RED.nodes.createNode(this, n);
let node = this;
this.name = n.name;
this.server = RED.nodes.getNode(n.server);
@@ -29,7 +28,7 @@ module.exports = function(RED) {
});
node.on("input", async function (msg) {
if (! node.server || ! node.server.matrixClient) {
if (!node.server || !node.server.matrixClient) {
node.error("No matrix server selected", msg);
return;
}
@@ -38,15 +37,15 @@ module.exports = function(RED) {
let value = property;
if (type === "msg") {
value = RED.util.getMessageProperty(msg, property);
} else if ((type === 'flow') || (type === 'global')) {
} else if (type === 'flow' || type === 'global') {
try {
value = RED.util.evaluateNodeProperty(property, type, node, msg);
} catch(e2) {
} catch (e2) {
throw new Error("Invalid value evaluation");
}
} else if(type === "bool") {
} else if (type === "bool") {
value = (property === 'true');
} else if(type === "num") {
} else if (type === "num") {
value = Number(property);
}
return value;
@@ -66,9 +65,9 @@ module.exports = function(RED) {
throw new Error(`Event ${eventId} not found in room ${roomId}.`);
}
await node.server.matrixClient.sendReceipt(event, "m.read")
await node.server.matrixClient.sendReceipt(event, "m.read");
node.send([msg, null]);
} catch(e) {
} catch (e) {
msg.error = `Room pagination error: ${e}`;
node.error(msg.error, msg);
node.send([null, msg]);
@@ -79,5 +78,5 @@ module.exports = function(RED) {
node.server.deregister(node);
});
}
RED.nodes.registerType("matrix-mark-read", MatrixReceiveMessage);
RED.nodes.registerType("matrix-mark-read", MatrixMarkRead);
}
src/matrix-markdown.js
+385
View File
@@ -0,0 +1,385 @@
// Markdown -> HTML converter for matrix messages.
//
// Ported from matrix-react-sdk's `src/Markdown.ts` (now living at
// element-hq/element-web `apps/web/src/Markdown.ts`) so the HTML this module
// generates lines up with what Element produces for the same markdown source.
//
// Keep this in sync with element-web's Markdown.ts when noticeable changes
// land there. Source of truth:
// https://github.com/element-hq/element-web/blob/develop/apps/web/src/Markdown.ts
//
// Copyright 2024 New Vector Ltd.
// Copyright 2021 The Matrix.org Foundation C.I.C.
// Copyright 2016 OpenMarket Ltd
//
// SPDX-License-Identifier: AGPL-3.0-only OR GPL-3.0-only OR LicenseRef-Element-Commercial
const commonmark = require("commonmark");
const escape = require("lodash.escape");
const linkify = require("linkifyjs");
const ALLOWED_HTML_TAGS = ["sub", "sup", "del", "s", "u", "br", "br/"];
// These types of node are definitely text
const TEXT_NODES = ["text", "softbreak", "linebreak", "paragraph", "document"];
function isAllowedHtmlTag(node) {
if (!node.literal) {
return false;
}
if (node.literal.match('^<((div|span) data-mx-maths="[^"]*"|/(div|span))>$') != null) {
return true;
}
// Regex won't work for tags with attrs, but the tags we allow
// shouldn't really have any anyway.
const matches = /^<\/?(.*)>$/.exec(node.literal);
if (matches && matches.length == 2) {
const tag = matches[1];
return ALLOWED_HTML_TAGS.indexOf(tag) > -1;
}
return false;
}
/*
* Returns true if the parse output containing the node
* comprises multiple block level elements (ie. lines),
* or false if it is only a single line.
*/
function isMultiLine(node) {
let par = node;
while (par.parent) {
par = par.parent;
}
return par.firstChild != par.lastChild;
}
function getTextUntilEndOrLinebreak(node) {
let currentNode = node;
let text = "";
while (currentNode && currentNode.type !== "softbreak" && currentNode.type !== "linebreak") {
const { literal, type } = currentNode;
if (type === "text" && literal) {
let n = 0;
let char = literal[n];
while (char !== " " && char !== null && n <= literal.length) {
if (char === " ") {
break;
}
if (char) {
text += char;
}
n += 1;
char = literal[n];
}
if (char === " ") {
break;
}
}
currentNode = currentNode.next;
}
return text;
}
const formattingChangesByNodeType = {
emph: "_",
strong: "__",
};
/**
* Returns the literal of a node and all child nodes.
*/
const innerNodeLiteral = (node) => {
let literal = "";
const walker = node.walker();
let step;
while ((step = walker.next())) {
const currentNode = step.node;
const currentNodeLiteral = currentNode.literal;
if (step.entering && currentNode.type === "text" && currentNodeLiteral) {
literal += currentNodeLiteral;
}
}
return literal;
};
const emptyItemWithNoSiblings = (node) => {
return !node.prev && !node.next && !node.firstChild;
};
/**
* Class that wraps commonmark, adding the ability to see whether
* a given message actually uses any markdown syntax or whether
* it's plain text.
*/
class Markdown {
constructor(input) {
this.input = input;
const parser = new commonmark.Parser();
this.parsed = parser.parse(this.input);
this.parsed = this.repairLinks(this.parsed);
}
/**
* This method is modifying the parsed AST in such a way that links are always
* properly linkified instead of sometimes being wrongly emphasised in case
* if you were to write a link like the example below:
* https://my_weird-link_domain.domain.com
* ^ this link would be parsed to something like this:
* <a href="https://my">https://my</a><b>weird-link</b><a href="https://domain.domain.com">domain.domain.com</a>
* This method makes it so the link gets properly modified to a version where it is
* not emphasised until it actually ends.
* See: https://github.com/vector-im/element-web/issues/4674
*/
repairLinks(parsed) {
const walker = parsed.walker();
let event = null;
let text = "";
let isInPara = false;
let previousNode = null;
let shouldUnlinkFormattingNode = false;
while ((event = walker.next())) {
const { node } = event;
if (node.type === "paragraph") {
isInPara = !!event.entering;
}
if (isInPara) {
// Clear saved string when line ends
if (
node.type === "softbreak" ||
node.type === "linebreak" ||
// Also start calculating the text from the beginning on any spaces
(node.type === "text" && node.literal === " ")
) {
text = "";
continue;
}
// Break up text nodes on spaces, so that we don't shoot past them without resetting
if (node.type === "text" && node.literal) {
const [thisPart, ...nextParts] = node.literal.split(/( )/);
node.literal = thisPart;
text += thisPart;
// Add the remaining parts as siblings
nextParts.reverse().forEach((part) => {
if (part) {
const nextNode = new commonmark.Node("text");
nextNode.literal = part;
node.insertAfter(nextNode);
// Make the iterator aware of the newly inserted node
walker.resumeAt(nextNode, true);
}
});
}
// We should not do this if previous node was not a textnode, as we can't combine it then.
if (
(node.type === "emph" || node.type === "strong") &&
previousNode && previousNode.type === "text"
) {
if (event.entering) {
const foundLinks = linkify.find(text);
for (const { value } of foundLinks) {
if (node && node.firstChild && node.firstChild.literal) {
/**
* NOTE: This technically should unlink the emph node and create LINK nodes instead, adding all the next elements as siblings
* but this solution seems to work well and is hopefully slightly easier to understand too
*/
const format = formattingChangesByNodeType[node.type];
const nonEmphasizedText = `${format}${innerNodeLiteral(node)}${format}`;
const f = getTextUntilEndOrLinebreak(node);
const newText = value + nonEmphasizedText + f;
const newLinks = linkify.find(newText);
// Should always find only one link here, if it finds more it means that the algorithm is broken
if (newLinks.length === 1) {
const emphasisTextNode = new commonmark.Node("text");
emphasisTextNode.literal = nonEmphasizedText;
previousNode.insertAfter(emphasisTextNode);
node.firstChild.literal = "";
event = node.walker().next();
if (event) {
// Remove `em` opening and closing nodes
node.unlink();
previousNode.insertAfter(event.node);
shouldUnlinkFormattingNode = true;
}
} else {
console.warn(
"matrix-chat markdown: link escaping found too many links for text:",
text,
"modified:",
newText,
);
}
}
}
} else {
if (shouldUnlinkFormattingNode) {
node.unlink();
shouldUnlinkFormattingNode = false;
}
}
}
}
previousNode = node;
}
return parsed;
}
isPlainText() {
const walker = this.parsed.walker();
let ev;
while ((ev = walker.next())) {
const node = ev.node;
if (TEXT_NODES.indexOf(node.type) > -1) {
// definitely text
continue;
} else if (node.type == "list" || node.type == "item") {
// Special handling for inputs like `+`, `*`, `-` and `2021.` which
// would otherwise be treated as a list of a single empty item.
// See https://github.com/vector-im/element-web/issues/7631
if (
node.type == "list" &&
node.firstChild &&
emptyItemWithNoSiblings(node.firstChild)
) {
// A list with a single empty item is treated as plain text.
continue;
}
if (node.type == "item" && emptyItemWithNoSiblings(node)) {
// An empty list item with no sibling items is treated as plain text.
continue;
}
// Everything else is actual lists and therefore not plaintext.
return false;
} else if (node.type == "html_inline" || node.type == "html_block") {
// if it's an allowed html tag, we need to render it and therefore
// we will need to use HTML. If it's not allowed, it's not HTML since
// we'll just be treating it as text.
if (isAllowedHtmlTag(node)) {
return false;
}
} else {
return false;
}
}
return true;
}
toHTML({ externalLinks = false } = {}) {
const renderer = new commonmark.HtmlRenderer({
safe: false,
// Set soft breaks to hard HTML breaks: commonmark
// puts softbreaks in for multiple lines in a blockquote,
// so if these are just newline characters then the
// block quote ends up all on one line
// (https://github.com/vector-im/element-web/issues/3154)
softbreak: "<br />",
});
// Trying to strip out the wrapping <p/> causes a lot more complication
// than it's worth, i think. For instance, this code will go and strip
// out any <p/> tag (no matter where it is in the tree) which doesn't
// contain \n's.
// On the flip side, <p/>s are quite opionated and restricted on where
// you can nest them.
//
// Let's try sending with <p/>s anyway for now, though.
const realParagraph = renderer.paragraph;
renderer.paragraph = function (node, entering) {
// If there is only one top level node, just return the
// bare text: it's a single line of text and so should be
// 'inline', rather than unnecessarily wrapped in its own
// p tag. If, however, we have multiple nodes, each gets
// its own p tag to keep them as separate paragraphs.
// However, if it's a blockquote, adds a p tag anyway
// in order to avoid deviation to commonmark and unexpected
// results when parsing the formatted HTML.
if ((node.parent && node.parent.type === "block_quote") || isMultiLine(node)) {
realParagraph.call(this, node, entering);
}
};
renderer.link = function (node, entering) {
const attrs = this.attrs(node);
if (entering && node.destination) {
attrs.push(["href", this.esc(node.destination)]);
if (node.title) {
attrs.push(["title", this.esc(node.title)]);
}
// Modified link behaviour to treat them all as external and
// thus opening in a new tab.
if (externalLinks) {
attrs.push(["target", "_blank"]);
attrs.push(["rel", "noreferrer noopener"]);
}
this.tag("a", attrs);
} else {
this.tag("/a");
}
};
renderer.html_inline = function (node) {
if (node.literal) {
if (isAllowedHtmlTag(node)) {
this.lit(node.literal);
} else {
this.lit(escape(node.literal));
}
}
};
renderer.html_block = function (node) {
renderer.html_inline(node);
};
return renderer.render(this.parsed);
}
/*
* Render the markdown message to plain text. That is, essentially
* just remove any backslashes escaping what would otherwise be
* markdown syntax
* (to fix https://github.com/vector-im/element-web/issues/2870).
*
* N.B. this does **NOT** render arbitrary MD to plain text - only MD
* which has no formatting. Otherwise it emits HTML(!).
*/
toPlaintext() {
const renderer = new commonmark.HtmlRenderer({ safe: false });
renderer.paragraph = function (node, entering) {
// as with toHTML, only append lines to paragraphs if there are
// multiple paragraphs
if (isMultiLine(node)) {
if (!entering && node.next) {
this.lit("\n\n");
}
}
};
renderer.html_block = function (node) {
if (node.literal) this.lit(node.literal);
if (isMultiLine(node) && node.next) this.lit("\n\n");
};
// We inhibit the default escape function as we escape the entire output string to correctly handle backslashes
renderer.esc = (input) => input;
return escape(renderer.render(this.parsed));
}
}
module.exports = { Markdown };
src/matrix-paginate-room.js
+31 -31
View File
@@ -1,7 +1,8 @@
const {TimelineWindow, RelationType, Filter} = require("matrix-js-sdk");
const sdkPromise = import("matrix-js-sdk");
const crypto = require('crypto');
module.exports = function(RED) {
function MatrixReceiveMessage(n) {
function MatrixPaginateRoom(n) {
RED.nodes.createNode(this, n);
let node = this;
@@ -34,7 +35,7 @@ module.exports = function(RED) {
});
node.on("input", async function (msg) {
if (! node.server || ! node.server.matrixClient) {
if (!node.server || !node.server.matrixClient) {
node.error("No matrix server selected", msg);
return;
}
@@ -43,43 +44,47 @@ module.exports = function(RED) {
let value = property;
if (type === "msg") {
value = RED.util.getMessageProperty(msg, property);
} else if ((type === 'flow') || (type === 'global')) {
} else if (type === 'flow' || type === 'global') {
try {
value = RED.util.evaluateNodeProperty(property, type, node, msg);
} catch(e2) {
throw new Error("Invalid value evaluation");
}
} else if(type === "bool") {
} else if (type === "bool") {
value = (property === 'true');
} else if(type === "num") {
} else if (type === "num") {
value = Number(property);
}
return value;
}
function setToValue(value, type, property) {
if(type === 'global' || type === 'flow') {
if (type === 'global' || type === 'flow') {
var contextKey = RED.util.parseContextStore(property);
if (/\[msg/.test(contextKey.key)) {
// The key has a nest msg. reference to evaluate first
contextKey.key = RED.util.normalisePropertyExpression(contextKey.key, msg, true)
// The key has a nested msg. reference that must be evaluated first
contextKey.key = RED.util.normalisePropertyExpression(contextKey.key, msg, true);
}
var target = node.context()[type];
var callback = err => {
target.set(contextKey.key, value, contextKey.store, err => {
if (err) {
node.error(err, msg);
getterErrors[rule.p] = err.message;
}
}
target.set(contextKey.key, value, contextKey.store, callback);
} else if(type === 'msg') {
});
} else if (type === 'msg') {
if (!RED.util.setMessageProperty(msg, property, value)) {
node.warn(RED._("change.errors.no-override",{property:property}));
node.warn(RED._("change.errors.no-override", { property: property }));
}
}
}
try {
// Dynamically load the SDK
const sdk = await sdkPromise;
const TimelineWindow = sdk.TimelineWindow;
const RelationType = sdk.RelationType;
// (Filter was imported originally but is not used, so we omit it.)
let roomId = getToValue(msg, node.roomType, node.roomValue),
paginateBackwards = getToValue(msg, node.paginateBackwardsType, node.paginateBackwardsValue),
pageSize = getToValue(msg, node.pageSizeType, node.pageSizeValue),
@@ -87,42 +92,37 @@ module.exports = function(RED) {
let room = node.server.matrixClient.getRoom(roomId);
if(!room) {
if (!room) {
throw new Error(`Room ${roomId} does not exist`);
}
if(pageSize > node.server.initialSyncLimit) {
if (pageSize > node.server.initialSyncLimit) {
throw new Error(`Page size=${pageSize} cannot exceed initialSyncLimit=${node.server.initialSyncLimit}`);
}
if(!pageKey) {
if (!pageKey) {
pageKey = crypto.randomUUID();
setToValue(pageKey, node.paginateKeyType, node.paginateKeyValue);
}
let timelineWindow = node.timelineWindows.get(pageKey),
moreMessages = true;
if(!timelineWindow) {
if (!timelineWindow) {
let timelineSet = room.getUnfilteredTimelineSet();
// node.debug(JSON.stringify(timelineSet.getFilter()));
// MatrixClient's option initialSyncLimit gets set to the filter we are using
// so override that value with our pageSize
// MatrixClient's option initialSyncLimit gets set to the filter we are using,
// so override that value with our pageSize.
timelineWindow = new TimelineWindow(node.server.matrixClient, timelineSet);
await timelineWindow.load(msg.eventId || null, pageSize);
node.timelineWindows.set(pageKey, timelineWindow);
} else {
moreMessages = await timelineWindow.paginate(paginateBackwards ? 'b' : 'f', pageSize); // b for backwards f for forwards
if(moreMessages) {
moreMessages = await timelineWindow.paginate(paginateBackwards ? 'b' : 'f', pageSize); // 'b' for backwards, 'f' for forwards
if (moreMessages) {
await timelineWindow.unpaginate(pageSize, !paginateBackwards);
}
}
// MatrixEvent objects are massive so this throws an encode error for the string being too long
// since msg objects convert to JSON
// msg.payload = moreMessages ? timelineWindow.getEvents() : false;
// To avoid errors converting massive MatrixEvent objects to JSON, we omit them.
msg.payload = false;
msg.start = timelineWindow.getTimelineIndex('b')?.index;
msg.end = timelineWindow.getTimelineIndex('f')?.index;
if(moreMessages) {
if (moreMessages) {
msg.payload = timelineWindow.getEvents().map(function(event) {
return {
encrypted : event.isEncrypted(),
@@ -152,5 +152,5 @@ module.exports = function(RED) {
node.server.deregister(node);
});
}
RED.nodes.registerType("matrix-paginate-room", MatrixReceiveMessage);
RED.nodes.registerType("matrix-paginate-room", MatrixPaginateRoom);
}
src/matrix-receive.html
+16
View File
@@ -13,6 +13,7 @@
acceptOwnEvents: {"value": false},
acceptText: {"value": true},
acceptEmotes: {"value": true},
acceptNotices: {"value": true},
acceptStickers: {"value": true},
acceptReactions: {"value": true},
acceptFiles: {"value": true},
@@ -66,6 +67,16 @@
Accept text <code style="text-transform: none;">m.text</code>
</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input
type="checkbox"
id="node-input-acceptNotices"
style="width: auto; margin-left: 125px; vertical-align: top"
/>
<label for="node-input-acceptNotices" style="width: auto">
Accept notices <code style="text-transform: none;">m.notice</code>
</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input
type="checkbox"
@@ -216,6 +227,11 @@
<dt>msg.content <span class="property-type">object</span></dt>
<dd>the message's content object</dd>
</dl>
<dl class="message-properties">
<dt>msg.headers <span class="property-type">object | null</span></dt>
<dd>for media events, includes auth headers (for example <code>Authorization: Bearer ...</code>) used by authed media endpoints.</dd>
</dl>
</li>
<li><code>msg.type</code> == '<strong>m.text</strong>'
src/matrix-receive.js
+37 -3
View File
@@ -1,4 +1,3 @@
const {RelationType} = require("matrix-js-sdk");
module.exports = function(RED) {
function MatrixReceiveMessage(n) {
RED.nodes.createNode(this, n);
@@ -10,6 +9,7 @@ module.exports = function(RED) {
this.acceptOwnEvents = n.acceptOwnEvents;
this.acceptText = n.acceptText;
this.acceptEmotes = n.acceptEmotes;
this.acceptNotices = n.acceptNotices;
this.acceptStickers = n.acceptStickers;
this.acceptReactions = n.acceptReactions;
this.acceptFiles = n.acceptFiles;
@@ -47,11 +47,31 @@ module.exports = function(RED) {
return;
}
const setAuthHeaders = () => {
const accessToken = node.server.matrixClient.getAccessToken?.();
if (accessToken) {
msg.headers = {
...(msg.headers || {}),
Authorization: `Bearer ${accessToken}`,
};
}
};
const setUrls = (urlKey, encryptedKey) => {
const url = msg.encrypted ? msg.content[encryptedKey]?.url : msg.content[urlKey];
if (url) {
msg.url = node.server.matrixClient.mxcUrlToHttp(url);
const authenticatedUrl = node.server.matrixClient.mxcUrlToHttp(
url,
undefined,
undefined,
undefined,
false,
true,
true,
);
msg.url = authenticatedUrl || node.server.matrixClient.mxcUrlToHttp(url);
msg.mxc_url = url;
setAuthHeaders();
}
};
@@ -59,8 +79,18 @@ module.exports = function(RED) {
const thumbnailFile = msg.content.info?.[infoKey];
const thumbnailUrl = thumbnailFile?.url;
if (thumbnailUrl) {
msg.thumbnail_url = node.server.matrixClient.mxcUrlToHttp(thumbnailUrl);
const authenticatedThumbnailUrl = node.server.matrixClient.mxcUrlToHttp(
thumbnailUrl,
undefined,
undefined,
undefined,
false,
true,
true,
);
msg.thumbnail_url = authenticatedThumbnailUrl || node.server.matrixClient.mxcUrlToHttp(thumbnailUrl);
msg.thumbnail_mxc_url = thumbnailUrl;
setAuthHeaders();
}
};
@@ -69,6 +99,10 @@ module.exports = function(RED) {
if (!node.acceptEmotes) return;
break;
case 'm.notice':
if (!node.acceptNotices) return;
break;
case 'm.text':
if (!node.acceptText) return;
break;
src/matrix-send-message.html
+31 -2
View File
@@ -99,6 +99,7 @@
</label>
<select id="node-input-messageFormat">
<option value="">Default (plaintext)</option>
<option value="markdown">Markdown</option>
<option value="html">HTML</option>
<option value="msg.format">msg.format input</option>
</select>
@@ -140,7 +141,7 @@
<dt class="optional">msg.formatted_payload
<span class="property-type">string</span>
</dt>
<dd> the formatted HTML message (uses <code>msg.payload</code> if not defined). This only affects HTML messages.</dd>
<dd> the formatted HTML message (uses <code>msg.payload</code> if not defined). This only affects messages sent in <strong>HTML</strong> format &mdash; in Markdown mode the formatted body is generated from the markdown source.</dd>
<dt class="optional">msg.type
<span class="property-type">string | null</span>
@@ -150,7 +151,35 @@
<dt class="optional">msg.format
<span class="property-type">string | null</span>
</dt>
<dd> This is only used and required when configured so on the node. Set to <code>null</code> for plain text and <code>'html'</code> for HTML.</dd>
<dd> This is only used and required when configured so on the node. Set to <code>null</code> for plain text, <code>'markdown'</code> for markdown (converted to HTML the same way Element does), or <code>'html'</code> for HTML.</dd>
</dl>
<h4>Message formats</h4>
<dl class="message-properties">
<dt>Default (plaintext)</dt>
<dd>The payload is sent as-is as the message body.</dd>
<dt>Markdown</dt>
<dd>
The payload is parsed as CommonMark markdown and converted to HTML
the same way Element does (using the same converter ported from
<code>matrix-react-sdk</code>). If the message turns out to contain
no markdown syntax it is sent as plain text; otherwise the original
markdown source becomes the message <code>body</code> and the
rendered HTML is sent as <code>formatted_body</code>, so clients
without HTML rendering still see a readable fallback.
</dd>
<dt>HTML</dt>
<dd>
The payload is sent as HTML. By default the same HTML is used for
both the plain-text and formatted versions; set
<code>msg.formatted_payload</code> if you want the
<code>formatted_body</code> to differ from <code>msg.payload</code>.
</dd>
<dt>msg.format input</dt>
<dd>Set <code>msg.format</code> at runtime to one of the options above (<code>null</code>, <code>'markdown'</code>, or <code>'html'</code>).</dd>
</dl>
<h3>Outputs</h3>
src/matrix-send-message.js
+49 -21
View File
@@ -1,9 +1,9 @@
const {RelationType} = require("matrix-js-sdk");
const sdkPromise = import("matrix-js-sdk");
const { Markdown } = require("./matrix-markdown");
module.exports = function(RED) {
function MatrixSendImage(n) {
RED.nodes.createNode(this, n);
var node = this;
this.name = n.name;
@@ -68,12 +68,17 @@ module.exports = function(RED) {
node.status({ fill: "green", shape: "ring", text: "connected" });
});
node.on("input", function (msg) {
// Make the input handler async so we can await the dynamic import.
node.on("input", async function (msg) {
// Await the SDK import and get the RelationType constant.
const sdk = await sdkPromise;
const RelationType = sdk.RelationType;
function getToValue(msg, type, property) {
let value = property;
if (type === "msg") {
value = RED.util.getMessageProperty(msg, property);
} else if ((type === 'flow') || (type === 'global')) {
} else if (type === 'flow' || type === 'global') {
try {
value = RED.util.evaluateNodeProperty(property, type, node, msg);
} catch(e2) {
@@ -115,19 +120,19 @@ module.exports = function(RED) {
}
let content = null;
if(typeof payload === 'object') {
if (typeof payload === 'object') {
content = payload;
} else {
if(msgType === 'msg.type') {
if(!msg.type) {
node.error("msg.type type is set to be passed in via msg.type but was not defined", msg);
if (msgType === 'msg.type') {
if (!msg.type) {
node.error("msg.type is set to be passed in via msg.type but was not defined", msg);
return;
}
msgType = msg.type;
}
if(msgFormat === 'msg.format') {
if(!msg.format) {
if (msgFormat === 'msg.format') {
if (!Object.hasOwn(msg, 'format')) {
node.error("Message format is set to be passed in via msg.format but was not defined", msg);
return;
}
@@ -139,7 +144,28 @@ module.exports = function(RED) {
body: payload.toString()
};
if(msgFormat === 'html') {
if (msgFormat === 'markdown') {
// Convert the markdown body to HTML using the same logic
// as Element (matrix-react-sdk's `Markdown` class).
//
// If the message contains any markdown syntax, send the
// rendered HTML as `formatted_body` and keep the original
// markdown source as `body` (matrix spec convention for
// formatted messages). If the message turns out to be
// plain text and contains backslash escapes, strip those
// from `body` and send no HTML; otherwise leave `body`
// as the original payload.
const source = payload.toString();
const md = new Markdown(source);
if (md.isPlainText()) {
if (source.indexOf("\\") > -1) {
content.body = md.toPlaintext();
}
} else {
content.format = "org.matrix.custom.html";
content.formatted_body = md.toHTML();
}
} else if (msgFormat === 'html') {
content.format = "org.matrix.custom.html";
content.formatted_body =
(typeof msg.formatted_payload !== 'undefined' && msg.formatted_payload)
@@ -147,15 +173,15 @@ module.exports = function(RED) {
: payload.toString();
}
if((node.replaceMessage || msg.replace) && msg.eventId) {
if ((node.replaceMessage || msg.replace) && msg.eventId) {
content['m.new_content'] = {
msgtype: content.msgtype,
body: content.body
};
if('format' in content) {
if ('format' in content) {
content['m.new_content']['format'] = content['format'];
}
if('formatted_body' in content) {
if ('formatted_body' in content) {
content['m.new_content']['formatted_body'] = content['formatted_body'];
}
@@ -164,17 +190,19 @@ module.exports = function(RED) {
event_id: msg.eventId
};
content['body'] = ' * ' + content['body'];
} else if(threadReply) {
// if incoming message is a reply to a thread we fetch the thread parent from the m.relates_to property
// otherwise fallback to msg.eventId
let threadParent = (msg?.content?.['m.relates_to']?.rel_type === RelationType.Thread ? msg?.content?.['m.relates_to']?.event_id : null) || msg.eventId;
if(threadParent) {
} else if (threadReply) {
// If incoming message is a reply to a thread we fetch the thread parent from m.relates_to,
// otherwise fallback to msg.eventId.
let threadParent = (msg?.content?.['m.relates_to']?.rel_type === RelationType.Thread
? msg?.content?.['m.relates_to']?.event_id
: null) || msg.eventId;
if (threadParent) {
content["m.relates_to"] = {
"rel_type": RelationType.Thread,
"event_id": threadParent,
"is_falling_back": true,
};
if(msg.eventId !== threadParent) {
if (msg.eventId !== threadParent) {
content["m.relates_to"]["m.in_reply_to"] = {
"event_id": msg.eventId
};
@@ -202,4 +230,4 @@ module.exports = function(RED) {
});
}
RED.nodes.registerType("matrix-send-message", MatrixSendImage);
}
};
src/matrix-server-config.html
+820 -69
View File
@@ -31,16 +31,765 @@
accessToken: { type: "password", required: true },
deviceId: { type: "text", required: false },
url: { type: "text", required: true },
password: { type: "password", required: false },
},
defaults: {
name: { value: null },
autoAcceptRoomInvites: { value: true },
enableE2ee: { type: "checkbox", value: true },
global: { type: "checkbox", value: true }
global: { type: "checkbox", value: true },
allowUnknownDevices: { type: "checkbox", value: true }
},
icon: "matrix.png",
label: function() {
return this.name || undefined;
},
oneditprepare: function() {
const nodeId = this.id;
// --- Secure backup / cross-signing setup (modal dialog) ---
// The modal is built once and reused across editor sessions; the
// current node id is stored on the overlay so its handlers target
// whichever server config node is being edited.
if (!document.getElementById("matrix-sb-overlay")) {
$('<style>'
+ '.matrix-sb-overlay{position:fixed;inset:0;z-index:3000;display:none;background:rgba(0,0,0,.45);}'
+ '.matrix-sb-modal{position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);'
+ 'width:540px;max-width:92vw;max-height:88vh;display:flex;flex-direction:column;'
+ 'border-radius:6px;overflow:hidden;box-shadow:0 12px 44px rgba(0,0,0,.45);'
+ 'background:var(--red-ui-primary-background,#fff);color:var(--red-ui-primary-text-color,#2a2a2a);}'
+ '.matrix-sb-head{display:flex;justify-content:space-between;align-items:center;'
+ 'padding:12px 16px;font-size:15px;font-weight:bold;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-bottom:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '.matrix-sb-x{cursor:pointer;font-size:20px;line-height:1;opacity:.55;}'
+ '.matrix-sb-x:hover{opacity:1;}'
+ '.matrix-sb-body{padding:16px;overflow:auto;}'
+ '.matrix-sb-state{display:flex;gap:10px;align-items:flex-start;font-size:14px;line-height:1.5;}'
+ '.matrix-sb-section{margin-top:18px;}'
+ '.matrix-sb-section label{display:block;font-weight:bold;margin-bottom:5px;}'
+ '.matrix-sb-section input{width:100%;box-sizing:border-box;padding:7px 9px;border-radius:4px;'
+ 'border:1px solid var(--red-ui-form-input-border-color,#ccc);'
+ 'background:var(--red-ui-form-input-background,#fff);color:var(--red-ui-primary-text-color,#2a2a2a);}'
+ '.matrix-sb-hint{color:var(--red-ui-secondary-text-color,#888);font-size:12px;margin-top:5px;}'
+ '.matrix-sb-actions{margin-top:12px;text-align:right;}'
+ '.matrix-sb-warn{background:#fdf3e7;border:1px solid #f0c36d;color:#7a5b16;'
+ 'border-radius:4px;padding:9px 11px;font-size:13px;margin-bottom:12px;}'
+ '.matrix-sb-result{margin-top:18px;padding:11px 13px;border-radius:4px;font-size:13px;white-space:pre-wrap;}'
+ '.matrix-sb-result.ok{background:#e7f4ea;border:1px solid #8fcea5;color:#1e6b33;}'
+ '.matrix-sb-result.err{background:#fde7e9;border:1px solid #e8a0a8;color:#8a1f2b;}'
+ '.matrix-sb-key{margin-top:9px;padding:9px;border-radius:4px;font-family:monospace;'
+ 'font-size:13px;word-break:break-all;background:rgba(127,127,127,.16);border:1px dashed #999;}'
+ '.matrix-sb-foot{display:flex;justify-content:flex-end;gap:8px;padding:10px 16px;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-top:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '</style>').appendTo("head");
$('<div id="matrix-sb-overlay" class="matrix-sb-overlay"><div class="matrix-sb-modal">'
+ '<div class="matrix-sb-head"><span><i class="fa fa-shield"></i> Secure Backup &amp; Cross-signing</span>'
+ '<span class="matrix-sb-x" id="matrix-sb-x" title="Close">&times;</span></div>'
+ '<div class="matrix-sb-body">'
+ '<div class="matrix-sb-state" id="matrix-sb-state"></div>'
+ '<div class="matrix-sb-section" id="matrix-sb-unlock" style="display:none;">'
+ '<label>Recovery key or passphrase</label>'
+ '<input type="text" id="matrix-sb-recoverykey" placeholder="EsTx xxxx xxxx xxxx ...">'
+ '<div class="matrix-sb-hint">The recovery key created when secure backup / key storage was first set up on this account.</div>'
+ '<div class="matrix-sb-actions"><button type="button" class="red-ui-button" id="matrix-sb-unlock-btn">Unlock &amp; set up cross-signing</button></div>'
+ '</div>'
+ '<div class="matrix-sb-section" id="matrix-sb-reset" style="display:none;">'
+ '<div class="matrix-sb-warn">Resetting creates new cross-signing keys and a new recovery key, replacing the existing ones. Other sessions that trusted the old identity will need to be re-verified.</div>'
+ '<label>Account password</label>'
+ '<input type="password" id="matrix-sb-password" placeholder="Account password">'
+ '<div class="matrix-sb-actions"><button type="button" class="red-ui-button" id="matrix-sb-reset-btn">Reset cross-signing &amp; secure backup</button></div>'
+ '</div>'
+ '<div class="matrix-sb-result" id="matrix-sb-result" style="display:none;"></div>'
+ '</div>'
+ '<div class="matrix-sb-foot">'
+ '<button type="button" class="red-ui-button" id="matrix-sb-reset-toggle" style="display:none;">Reset instead…</button>'
+ '<button type="button" class="red-ui-button" id="matrix-sb-close">Close</button>'
+ '</div></div></div>').appendTo(document.body);
var sbEsc = function(s) { return $("<div>").text(s == null ? "" : String(s)).html(); };
var sbClose = function() { $("#matrix-sb-overlay").fadeOut(120); };
var sbId = function() { return $("#matrix-sb-overlay").data("matrixNodeId"); };
var sbBtns = function(disabled) { $("#matrix-sb-unlock-btn,#matrix-sb-reset-btn").prop("disabled", disabled); };
var sbCall = function(body) {
return $.ajax({
url: "matrix-chat/secure-backup", type: "POST",
contentType: "application/json", data: JSON.stringify(body),
});
};
var sbState = function(icon, color, html) {
$("#matrix-sb-state").html('<i class="fa ' + icon + '" style="color:' + color + ';font-size:18px;"></i><span>' + html + '</span>');
};
var sbResult = function(ok, text, key) {
var h = sbEsc(text);
if (key) { h += '<div class="matrix-sb-key">' + sbEsc(key) + '</div>'; }
$("#matrix-sb-result").removeClass("ok err").addClass(ok ? "ok" : "err").html(h).show();
};
var sbStatus = function() {
$("#matrix-sb-unlock,#matrix-sb-reset,#matrix-sb-result,#matrix-sb-reset-toggle").hide();
sbState("fa-spinner fa-spin", "#888", "Checking the account…");
sbCall({ id: sbId(), action: "status" }).done(function(data) {
if (data.result !== "ok") {
sbState("fa-exclamation-triangle", "#c9302c", "Could not check the account.");
sbResult(false, data.message || "Unknown error");
return;
}
if (data.crossSigningReady) {
sbState("fa-check-circle", "#3a9a4e", "<b>Cross-signing is set up.</b> The bot's device is cross-signed.");
$("#matrix-sb-reset-toggle").show();
} else if (data.secretStorageExists) {
sbState("fa-lock", "#d18a1b", "This account has an existing secure backup. Enter its recovery key to set up cross-signing for the bot.");
$("#matrix-sb-recoverykey").val("");
$("#matrix-sb-unlock,#matrix-sb-reset-toggle").show();
} else {
sbState("fa-shield", "#888", "No secure backup exists yet. Set one up to enable cross-signing.");
$("#matrix-sb-password").val("");
$("#matrix-sb-reset").show();
}
sbBtns(false);
}).fail(function() {
sbState("fa-exclamation-triangle", "#c9302c", "Request failed — is Node-RED still running?");
});
};
$("#matrix-sb-x,#matrix-sb-close").on("click", sbClose);
$("#matrix-sb-overlay").on("mousedown", function(e) { if (e.target === this) { sbClose(); } });
$(document).on("keydown.matrixsb", function(e) {
if (e.key === "Escape" && $("#matrix-sb-overlay").is(":visible")) { sbClose(); }
});
$("#matrix-sb-reset-toggle").on("click", function() {
$(this).hide();
$("#matrix-sb-password").val("");
$("#matrix-sb-reset").show();
});
$("#matrix-sb-unlock-btn").on("click", function() {
sbBtns(true);
sbState("fa-spinner fa-spin", "#888", "Unlocking secure backup…");
sbCall({ id: sbId(), action: "unlock", recoveryKey: $("#matrix-sb-recoverykey").val() })
.done(function(data) {
if (data.result !== "ok") {
sbState("fa-lock", "#d18a1b", "Enter the recovery key to set up cross-signing.");
sbResult(false, data.message); sbBtns(false); return;
}
$("#matrix-sb-unlock,#matrix-sb-reset,#matrix-sb-reset-toggle").hide();
sbState("fa-check-circle", "#3a9a4e", "<b>Done.</b>");
sbResult(true, data.message);
})
.fail(function() { sbResult(false, "Request failed — is Node-RED still running?"); sbBtns(false); });
});
$("#matrix-sb-reset-btn").on("click", function() {
sbBtns(true);
sbState("fa-spinner fa-spin", "#888", "Resetting cross-signing & secure backup…");
sbCall({ id: sbId(), action: "reset", password: $("#matrix-sb-password").val() })
.done(function(data) {
if (data.result !== "ok") {
sbState("fa-shield", "#d18a1b", "Enter the account password to reset.");
sbResult(false, data.message); sbBtns(false); return;
}
$("#matrix-sb-unlock,#matrix-sb-reset,#matrix-sb-reset-toggle").hide();
sbState("fa-check-circle", "#3a9a4e", "<b>Reset complete.</b>");
sbResult(true, data.message, data.recoveryKey);
})
.fail(function() { sbResult(false, "Request failed — is Node-RED still running?"); sbBtns(false); });
});
// expose the status loader so per-session click handlers can call it
$("#matrix-sb-overlay").data("sbStatusFn", sbStatus);
}
$("#matrix-secure-backup-btn").on("click", function() {
$("#matrix-sb-overlay").data("matrixNodeId", nodeId).fadeIn(120);
$("#matrix-sb-overlay").data("sbStatusFn")();
});
// --- Verification list (modal) ---
// Built once and reused; the node id is stored on the overlay.
if (!document.getElementById("matrix-vl-overlay")) {
$('<style>'
+ '.matrix-vl-overlay{position:fixed;inset:0;z-index:3000;display:none;background:rgba(0,0,0,.45);}'
+ '.matrix-vl-modal{position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);'
+ 'width:560px;max-width:92vw;max-height:88vh;display:flex;flex-direction:column;'
+ 'border-radius:6px;overflow:hidden;box-shadow:0 12px 44px rgba(0,0,0,.45);'
+ 'background:var(--red-ui-primary-background,#fff);color:var(--red-ui-primary-text-color,#2a2a2a);}'
+ '.matrix-vl-head{display:flex;justify-content:space-between;align-items:center;'
+ 'padding:12px 16px;font-size:15px;font-weight:bold;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-bottom:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '.matrix-vl-x{cursor:pointer;font-size:20px;line-height:1;opacity:.55;}'
+ '.matrix-vl-x:hover{opacity:1;}'
+ '.matrix-vl-body{padding:14px 16px;overflow:auto;}'
+ '.matrix-vl-note{font-size:12px;color:var(--red-ui-secondary-text-color,#888);margin-bottom:10px;}'
+ '.matrix-vl-item{display:flex;justify-content:space-between;gap:12px;padding:10px 12px;'
+ 'margin-bottom:8px;border-radius:5px;cursor:pointer;'
+ 'border:1px solid var(--red-ui-secondary-border-color,#ddd);'
+ 'background:var(--red-ui-secondary-background,#f7f7f7);}'
+ '.matrix-vl-item:hover{border-color:var(--red-ui-node-border,#999);}'
+ '.matrix-vl-item-l{flex:1;min-width:0;}'
+ '.matrix-vl-item-title{font-weight:bold;}'
+ '.matrix-vl-item-sub{font-size:12px;color:var(--red-ui-secondary-text-color,#888);'
+ 'margin-top:2px;word-break:break-word;}'
+ '.matrix-vl-item-r{text-align:right;font-size:12px;white-space:nowrap;}'
+ '.matrix-vl-exp{color:#d18a1b;}'
+ '.matrix-vl-empty,.matrix-vl-more{font-size:13px;'
+ 'color:var(--red-ui-secondary-text-color,#888);padding:6px 2px;}'
+ '.matrix-vl-d-state{display:flex;gap:10px;align-items:flex-start;font-size:14px;line-height:1.5;}'
+ '.matrix-vl-d-state .fa{font-size:18px;}'
+ '.matrix-vl-sas{display:flex;flex-wrap:wrap;gap:10px;margin:14px 0;}'
+ '.matrix-vl-emoji{width:88px;text-align:center;padding:8px 4px;border-radius:5px;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '.matrix-vl-emoji .e{font-size:30px;line-height:1.3;}'
+ '.matrix-vl-emoji .n{font-size:11px;color:var(--red-ui-secondary-text-color,#888);text-transform:capitalize;}'
+ '.matrix-vl-result{margin-top:12px;padding:10px 12px;border-radius:4px;font-size:13px;}'
+ '.matrix-vl-foot{display:flex;align-items:center;gap:8px;padding:10px 16px;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-top:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '</style>').appendTo("head");
$('<div id="matrix-vl-overlay" class="matrix-vl-overlay"><div class="matrix-vl-modal">'
+ '<div class="matrix-vl-head"><span><i class="fa fa-check-circle"></i> Device Verification</span>'
+ '<span class="matrix-vl-x" id="matrix-vl-x" title="Close">&times;</span></div>'
+ '<div class="matrix-vl-body">'
+ '<div id="matrix-vl-listview">'
+ '<div class="matrix-vl-note">Pending verification requests &mdash; this list refreshes every 5 seconds. Click a request to verify it.</div>'
+ '<div id="matrix-vl-items"></div>'
+ '<div id="matrix-vl-empty" class="matrix-vl-empty" style="display:none;">No pending verification requests.</div>'
+ '<div id="matrix-vl-more" class="matrix-vl-more" style="display:none;"></div>'
+ '</div>'
+ '<div id="matrix-vl-detailview" style="display:none;">'
+ '<div id="matrix-vl-d-head" class="matrix-vl-item-sub" style="margin-bottom:10px;"></div>'
+ '<div id="matrix-vl-d-state" class="matrix-vl-d-state"></div>'
+ '<div id="matrix-vl-d-sas" class="matrix-vl-sas" style="display:none;"></div>'
+ '<div id="matrix-vl-d-actions" style="display:none;text-align:right;">'
+ '<button type="button" class="red-ui-button" id="matrix-vl-d-mismatch">They don&#39;t match</button> '
+ '<button type="button" class="red-ui-button" id="matrix-vl-d-confirm">They match</button>'
+ '</div>'
+ '<div id="matrix-vl-d-result" class="matrix-vl-result" style="display:none;"></div>'
+ '</div>'
+ '</div>'
+ '<div class="matrix-vl-foot">'
+ '<button type="button" class="red-ui-button" id="matrix-vl-back" style="display:none;">&larr; Back to list</button>'
+ '<span style="flex:1;"></span>'
+ '<button type="button" class="red-ui-button" id="matrix-vl-cancel" style="display:none;">Cancel verification</button>'
+ '<button type="button" class="red-ui-button" id="matrix-vl-close">Close</button>'
+ '</div></div></div>').appendTo(document.body);
var vlListTimer = null, vlTickTimer = null, vlDetailTimer = null;
var vlEsc = function(s) { return $("<div>").text(s == null ? "" : String(s)).html(); };
var vlId = function() { return $("#matrix-vl-overlay").data("matrixNodeId"); };
var vlCurId = function() { return $("#matrix-vl-overlay").data("vlCurrentId"); };
var vlCall = function(body) {
return $.ajax({
url: "matrix-chat/verification", type: "POST",
contentType: "application/json", data: JSON.stringify(body),
});
};
var vlClearTimers = function() {
if(vlListTimer) { clearInterval(vlListTimer); vlListTimer = null; }
if(vlTickTimer) { clearInterval(vlTickTimer); vlTickTimer = null; }
if(vlDetailTimer) { clearInterval(vlDetailTimer); vlDetailTimer = null; }
};
var vlDur = function(ms) {
var s = Math.max(0, Math.round(ms / 1000));
if(s < 60) { return s + "s"; }
var m = Math.floor(s / 60), r = s % 60;
return m + "m " + (r < 10 ? "0" : "") + r + "s";
};
var vlState = function(icon, color, html) {
$("#matrix-vl-d-state").html('<i class="fa ' + icon + '" style="color:' + color + ';"></i><span>' + html + '</span>');
};
var vlTick = function() {
var now = Date.now();
$("#matrix-vl-items .matrix-vl-item").each(function() {
var $it = $(this);
var seen = parseInt($it.attr("data-seen"), 10);
var expires = $it.attr("data-expires");
$it.find(".matrix-vl-age").text(isNaN(seen) ? "" : "age " + vlDur(now - seen));
if(expires) {
var left = parseInt(expires, 10) - now;
$it.find(".matrix-vl-exp").text(left > 0 ? "expires in " + vlDur(left) : "expired");
}
});
};
var vlRenderList = function(data) {
if(data.result !== "ok") {
$("#matrix-vl-items").html('<div class="matrix-vl-empty">' + vlEsc(data.message) + '</div>');
$("#matrix-vl-empty,#matrix-vl-more").hide();
return;
}
var now = Date.now();
var $items = $("#matrix-vl-items").empty();
(data.verifications || []).forEach(function(v) {
var typeLabel = v.type === "room" ? "Room verification" : "Device verification";
var sub = "from " + vlEsc(v.userId || "unknown");
if(v.type === "device" && v.deviceId) { sub += " &middot; device " + vlEsc(v.deviceId); }
else if(v.type === "room" && v.roomId) { sub += " &middot; in room " + vlEsc(v.roomId); }
if(v.isSelfVerification) { sub += " &middot; your own session"; }
$items.append($('<div class="matrix-vl-item">')
.attr("data-vid", v.verificationId)
.attr("data-seen", now - (v.ageMs || 0))
.attr("data-expires", (v.expiresInMs != null) ? (now + v.expiresInMs) : "")
.html('<div class="matrix-vl-item-l"><div class="matrix-vl-item-title">' + vlEsc(typeLabel) + '</div>'
+ '<div class="matrix-vl-item-sub">' + sub + '</div></div>'
+ '<div class="matrix-vl-item-r"><div class="matrix-vl-age"></div>'
+ '<div class="matrix-vl-exp"></div></div>'));
});
$("#matrix-vl-empty").toggle(!(data.verifications || []).length);
if(data.hidden > 0) {
$("#matrix-vl-more").text(data.hidden + " older request" + (data.hidden === 1 ? "" : "s") + " hidden.").show();
} else {
$("#matrix-vl-more").hide();
}
vlTick();
};
var vlLoadList = function() {
vlCall({ id: vlId(), action: "list" })
.done(vlRenderList)
.fail(function() { vlRenderList({ result: "error", message: "Request failed — is Node-RED still running?" }); });
};
var vlShowList = function() {
vlClearTimers();
$("#matrix-vl-overlay").data("vlConfirmed", false);
$("#matrix-vl-detailview").hide();
$("#matrix-vl-listview").show();
$("#matrix-vl-back,#matrix-vl-cancel").hide();
$("#matrix-vl-items").html('<div class="matrix-vl-empty">Loading…</div>');
$("#matrix-vl-empty,#matrix-vl-more").hide();
vlLoadList();
vlListTimer = setInterval(vlLoadList, 5000);
vlTickTimer = setInterval(vlTick, 1000);
};
var vlRenderSas = function(sas) {
var $sas = $("#matrix-vl-d-sas").empty();
if(sas.emoji && sas.emoji.length) {
sas.emoji.forEach(function(pair) {
$sas.append('<div class="matrix-vl-emoji"><div class="e">' + vlEsc(pair[0])
+ '</div><div class="n">' + vlEsc(pair[1]) + '</div></div>');
});
} else if(sas.decimal) {
$sas.append('<div style="font-size:24px;font-family:monospace;">' + vlEsc(sas.decimal.join(" ")) + '</div>');
}
};
var vlRenderDetail = function(v) {
var typeLabel = v.type === "room" ? "Room verification" : "Device verification";
var head = vlEsc(typeLabel);
if(v.userId) { head += " &mdash; " + vlEsc(v.userId); }
if(v.deviceId) { head += " (device " + vlEsc(v.deviceId) + ")"; }
$("#matrix-vl-d-head").html(head);
if(v.phase === "done") {
vlClearTimers();
vlState("fa-check-circle", "#3a9a4e", "<b>Verified.</b> This session is now verified.");
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
$("#matrix-vl-cancel").hide();
return;
}
if(v.phase === "cancelled") {
vlClearTimers();
var why = v.cancellationCode ? (" (" + vlEsc(v.cancellationCode) + ")") : "";
vlState("fa-times-circle", "#c9302c", "Verification was cancelled" + why + ".");
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
$("#matrix-vl-cancel").hide();
return;
}
if(v.phase === "gone") {
vlClearTimers();
vlState("fa-exclamation-triangle", "#888", "This verification is no longer available.");
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
$("#matrix-vl-cancel").hide();
return;
}
if($("#matrix-vl-overlay").data("vlConfirmed")) {
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
vlState("fa-spinner fa-spin", "#888", "Waiting for the other device to confirm…");
return;
}
if(v.sas && (v.sas.emoji || v.sas.decimal)) {
vlState("fa-key", "#d18a1b", "Compare these emoji with the other device, then choose below.");
vlRenderSas(v.sas);
$("#matrix-vl-d-sas,#matrix-vl-d-actions").show();
return;
}
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
vlState("fa-spinner fa-spin", "#888", "Waiting for the verification to start…");
};
var vlPollDetail = function() {
vlCall({ id: vlId(), action: "advance", verificationId: vlCurId() })
.done(function(data) {
if(data.result !== "ok") {
vlState("fa-exclamation-triangle", "#c9302c", vlEsc(data.message));
return;
}
vlRenderDetail(data.verification);
})
.fail(function() { vlState("fa-exclamation-triangle", "#c9302c", "Request failed — is Node-RED still running?"); });
};
var vlShowDetail = function(vid) {
vlClearTimers();
$("#matrix-vl-overlay").data("vlCurrentId", vid).data("vlConfirmed", false);
$("#matrix-vl-listview").hide();
$("#matrix-vl-detailview").show();
$("#matrix-vl-d-sas,#matrix-vl-d-actions,#matrix-vl-d-result").hide();
$("#matrix-vl-d-head").text("");
vlState("fa-spinner fa-spin", "#888", "Starting verification…");
$("#matrix-vl-back,#matrix-vl-cancel").show();
vlPollDetail();
vlDetailTimer = setInterval(vlPollDetail, 1500);
};
var vlClose = function() { vlClearTimers(); $("#matrix-vl-overlay").fadeOut(120); };
$("#matrix-vl-x,#matrix-vl-close").on("click", vlClose);
$("#matrix-vl-overlay").on("mousedown", function(e) { if(e.target === this) { vlClose(); } });
$(document).on("keydown.matrixvl", function(e) {
if(e.key === "Escape" && $("#matrix-vl-overlay").is(":visible")) { vlClose(); }
});
$("#matrix-vl-back").on("click", vlShowList);
$("#matrix-vl-items").on("click", ".matrix-vl-item", function() {
vlShowDetail($(this).attr("data-vid"));
});
$("#matrix-vl-cancel").on("click", function() {
vlCall({ id: vlId(), action: "cancel", verificationId: vlCurId() }).always(vlPollDetail);
});
$("#matrix-vl-d-confirm").on("click", function() {
$("#matrix-vl-overlay").data("vlConfirmed", true);
$("#matrix-vl-d-sas,#matrix-vl-d-actions").hide();
vlState("fa-spinner fa-spin", "#888", "Confirming…");
vlCall({ id: vlId(), action: "confirm", verificationId: vlCurId() })
.done(function(data) {
if(data.result !== "ok") {
$("#matrix-vl-overlay").data("vlConfirmed", false);
vlState("fa-exclamation-triangle", "#c9302c", vlEsc(data.message));
$("#matrix-vl-d-actions").show();
}
});
});
$("#matrix-vl-d-mismatch").on("click", function() {
$("#matrix-vl-d-actions").hide();
vlState("fa-spinner fa-spin", "#888", "Cancelling…");
vlCall({ id: vlId(), action: "mismatch", verificationId: vlCurId() }).always(vlPollDetail);
});
$("#matrix-vl-overlay").data("vlShowListFn", vlShowList);
$("#matrix-vl-overlay").data("vlShowDetailFn", vlShowDetail);
}
$("#matrix-verification-list-btn").on("click", function() {
$("#matrix-vl-overlay").data("matrixNodeId", nodeId).fadeIn(120);
$("#matrix-vl-overlay").data("vlShowListFn")();
});
// --- Sessions (modal) ---
// Built once and reused; the node id is stored on the overlay.
if (!document.getElementById("matrix-ss-overlay")) {
$('<style>'
+ '.matrix-ss-overlay{position:fixed;inset:0;z-index:3000;display:none;background:rgba(0,0,0,.45);}'
+ '.matrix-ss-modal{position:absolute;top:50%;left:50%;transform:translate(-50%,-50%);'
+ 'width:560px;max-width:92vw;max-height:88vh;display:flex;flex-direction:column;'
+ 'border-radius:6px;overflow:hidden;box-shadow:0 12px 44px rgba(0,0,0,.45);'
+ 'background:var(--red-ui-primary-background,#fff);color:var(--red-ui-primary-text-color,#2a2a2a);}'
+ '.matrix-ss-head{display:flex;justify-content:space-between;align-items:center;'
+ 'padding:12px 16px;font-size:15px;font-weight:bold;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-bottom:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '.matrix-ss-x{cursor:pointer;font-size:20px;line-height:1;opacity:.55;}'
+ '.matrix-ss-x:hover{opacity:1;}'
+ '.matrix-ss-body{padding:14px 16px;overflow:auto;}'
+ '.matrix-ss-h{font-weight:bold;font-size:12px;text-transform:uppercase;'
+ 'letter-spacing:.04em;color:var(--red-ui-secondary-text-color,#888);margin:2px 0 8px;}'
+ '.matrix-ss-h.spaced{margin-top:20px;}'
+ '.matrix-ss-item{display:flex;align-items:center;gap:10px;padding:10px 12px;'
+ 'margin-bottom:8px;border-radius:5px;cursor:pointer;'
+ 'border:1px solid var(--red-ui-secondary-border-color,#ddd);'
+ 'background:var(--red-ui-secondary-background,#f7f7f7);}'
+ '.matrix-ss-item:hover{border-color:var(--red-ui-node-border,#999);}'
+ '.matrix-ss-item-l{flex:1;min-width:0;}'
+ '.matrix-ss-item-title{font-weight:bold;word-break:break-word;}'
+ '.matrix-ss-item-sub{font-size:12px;color:var(--red-ui-secondary-text-color,#888);'
+ 'margin-top:2px;word-break:break-word;}'
+ '.matrix-ss-shield{font-size:20px;width:22px;text-align:center;flex-shrink:0;}'
+ '.matrix-ss-box{display:flex;gap:10px;align-items:flex-start;margin:10px 0;'
+ 'padding:10px 12px;border-radius:4px;font-size:13px;line-height:1.45;}'
+ '.matrix-ss-box.ok{background:#e7f4ea;border:1px solid #8fcea5;color:#1e6b33;}'
+ '.matrix-ss-box.err{background:#fde7e9;border:1px solid #e8a0a8;color:#8a1f2b;}'
+ '.matrix-ss-box .fa{font-size:18px;margin-top:1px;}'
+ '.matrix-ss-details div{display:flex;font-size:13px;padding:5px 0;'
+ 'border-bottom:1px solid var(--red-ui-secondary-border-color,#eee);}'
+ '.matrix-ss-details .k{width:130px;flex-shrink:0;color:var(--red-ui-secondary-text-color,#888);}'
+ '.matrix-ss-details .v{word-break:break-all;}'
+ '.matrix-ss-empty,.matrix-ss-more{font-size:13px;'
+ 'color:var(--red-ui-secondary-text-color,#888);padding:6px 2px;}'
+ '.matrix-ss-removelink{color:#c9302c;cursor:pointer;font-weight:bold;}'
+ '.matrix-ss-result{margin-top:12px;padding:10px 12px;border-radius:4px;font-size:13px;}'
+ '.matrix-ss-result.ok{background:#e7f4ea;border:1px solid #8fcea5;color:#1e6b33;}'
+ '.matrix-ss-result.err{background:#fde7e9;border:1px solid #e8a0a8;color:#8a1f2b;}'
+ '.matrix-ss-foot{display:flex;align-items:center;gap:8px;padding:10px 16px;'
+ 'background:var(--red-ui-secondary-background,#f3f3f3);'
+ 'border-top:1px solid var(--red-ui-secondary-border-color,#ddd);}'
+ '</style>').appendTo("head");
$('<div id="matrix-ss-overlay" class="matrix-ss-overlay"><div class="matrix-ss-modal">'
+ '<div class="matrix-ss-head"><span><i class="fa fa-desktop"></i> Sessions</span>'
+ '<span class="matrix-ss-x" id="matrix-ss-x" title="Close">&times;</span></div>'
+ '<div class="matrix-ss-body">'
+ '<div id="matrix-ss-listview">'
+ '<div class="matrix-ss-h">Current session</div>'
+ '<div id="matrix-ss-current"></div>'
+ '<div id="matrix-ss-currentmsg"></div>'
+ '<div class="matrix-ss-h spaced">Other sessions</div>'
+ '<div id="matrix-ss-others"></div>'
+ '<div id="matrix-ss-others-empty" class="matrix-ss-empty" style="display:none;">No other sessions.</div>'
+ '<div id="matrix-ss-more" class="matrix-ss-more" style="display:none;"></div>'
+ '</div>'
+ '<div id="matrix-ss-detailview" style="display:none;">'
+ '<div style="display:flex;justify-content:space-between;align-items:center;gap:10px;">'
+ '<div id="matrix-ss-d-name" style="font-size:15px;font-weight:bold;word-break:break-word;"></div>'
+ '<button type="button" class="red-ui-button" id="matrix-ss-d-rename">Rename</button></div>'
+ '<div id="matrix-ss-d-status"></div>'
+ '<div class="matrix-ss-h spaced">Session details</div>'
+ '<div id="matrix-ss-d-details" class="matrix-ss-details"></div>'
+ '<div id="matrix-ss-d-verifywrap" style="display:none;margin-top:14px;">'
+ '<button type="button" class="red-ui-button" id="matrix-ss-d-verify">Verify this session</button></div>'
+ '<div id="matrix-ss-d-removewrap" style="display:none;margin-top:16px;">'
+ '<span class="matrix-ss-removelink" id="matrix-ss-d-removelink">Remove this session</span>'
+ '<div id="matrix-ss-d-removeconfirm" style="display:none;margin-top:8px;">'
+ '<div style="background:#fdf3e7;border:1px solid #f0c36d;color:#7a5b16;border-radius:4px;'
+ 'padding:8px 10px;font-size:13px;margin-bottom:8px;">Removing a session signs it out. '
+ 'Enter the account password to confirm.</div>'
+ '<input type="password" id="matrix-ss-d-password" placeholder="Account password" '
+ 'style="width:100%;box-sizing:border-box;padding:7px 9px;border-radius:4px;'
+ 'border:1px solid var(--red-ui-form-input-border-color,#ccc);'
+ 'background:var(--red-ui-form-input-background,#fff);color:var(--red-ui-primary-text-color,#2a2a2a);">'
+ '<div style="text-align:right;margin-top:8px;"><button type="button" class="red-ui-button" '
+ 'id="matrix-ss-d-removeconfirmbtn">Confirm removal</button></div>'
+ '</div></div>'
+ '<div id="matrix-ss-d-result" class="matrix-ss-result" style="display:none;"></div>'
+ '</div>'
+ '</div>'
+ '<div class="matrix-ss-foot">'
+ '<button type="button" class="red-ui-button" id="matrix-ss-back" style="display:none;">&larr; Back</button>'
+ '<span style="flex:1;"></span>'
+ '<button type="button" class="red-ui-button" id="matrix-ss-close">Close</button>'
+ '</div></div></div>').appendTo(document.body);
var ssEsc = function(s) { return $("<div>").text(s == null ? "" : String(s)).html(); };
var ssId = function() { return $("#matrix-ss-overlay").data("matrixNodeId"); };
var ssCall = function(body) {
return $.ajax({
url: "matrix-chat/sessions", type: "POST",
contentType: "application/json", data: JSON.stringify(body),
});
};
var ssRelative = function(ts) {
if(!ts) { return "activity unknown"; }
var days = Math.floor((Date.now() - ts) / 86400000);
if(days <= 0) { return "active today"; }
if(days === 1) { return "active yesterday"; }
if(days < 90) { return "active " + days + " days ago"; }
return "inactive for 90+ days";
};
var ssFullDate = function(ts) {
return ts ? new Date(ts).toLocaleString() : "unknown";
};
var ssShield = function(verified) {
return '<i class="fa fa-shield matrix-ss-shield" style="color:'
+ (verified ? '#3a9a4e' : '#c9302c') + ';" title="'
+ (verified ? 'Verified' : 'Not verified') + '"></i>';
};
var ssCard = function(d, isCurrent) {
var sub = (d.verified ? 'Verified' : 'Not verified')
+ ' · ' + ssRelative(d.lastSeenTs)
+ (d.lastSeenIp ? (' · ' + d.lastSeenIp) : '');
return $('<div class="matrix-ss-item">')
.data("device", d).data("isCurrent", isCurrent)
.html(ssShield(d.verified)
+ '<div class="matrix-ss-item-l"><div class="matrix-ss-item-title">'
+ ssEsc(d.displayName || d.deviceId) + '</div>'
+ '<div class="matrix-ss-item-sub">' + ssEsc(sub) + '</div></div>'
+ '<i class="fa fa-angle-right" style="opacity:.5;"></i>');
};
var ssResult = function(ok, text) {
$("#matrix-ss-d-result").removeClass("ok err").addClass(ok ? "ok" : "err").text(text).show();
};
var ssRenderList = function(data) {
if(data.result !== "ok") {
$("#matrix-ss-current").html('<div class="matrix-ss-empty">' + ssEsc(data.message) + '</div>');
$("#matrix-ss-currentmsg,#matrix-ss-others").empty();
$("#matrix-ss-others-empty,#matrix-ss-more").hide();
return;
}
$("#matrix-ss-current").empty().append(ssCard(data.current, true));
$("#matrix-ss-currentmsg").html(data.current.verified
? '<div class="matrix-ss-box ok"><i class="fa fa-shield"></i><div><b>Verified session</b><br>'
+ 'This session is cross-signed and ready for secure messaging.</div></div>'
: '<div class="matrix-ss-box err"><i class="fa fa-shield"></i><div><b>Not verified</b><br>'
+ 'This session is not cross-signed. Use the Set up secure backup &amp; cross-signing '
+ 'button to verify it.</div></div>');
var $others = $("#matrix-ss-others").empty();
(data.others || []).forEach(function(d) { $others.append(ssCard(d, false)); });
$("#matrix-ss-others-empty").toggle(!(data.others || []).length);
if(data.hidden > 0) {
$("#matrix-ss-more").text(data.hidden + " more session" + (data.hidden === 1 ? "" : "s") + " hidden.").show();
} else {
$("#matrix-ss-more").hide();
}
};
var ssShowList = function() {
$("#matrix-ss-detailview").hide();
$("#matrix-ss-listview").show();
$("#matrix-ss-back").hide();
$("#matrix-ss-current").html('<div class="matrix-ss-empty">Loading…</div>');
$("#matrix-ss-currentmsg,#matrix-ss-others").empty();
$("#matrix-ss-others-empty,#matrix-ss-more").hide();
ssCall({ id: ssId(), action: "list" })
.done(ssRenderList)
.fail(function() { ssRenderList({ result: "error", message: "Request failed — is Node-RED still running?" }); });
};
var ssDetailRow = function(k, v) {
return '<div><span class="k">' + ssEsc(k) + '</span><span class="v">' + ssEsc(v) + '</span></div>';
};
var ssShowDetail = function(d, isCurrent) {
$("#matrix-ss-overlay").data("ssDevice", d).data("ssIsCurrent", isCurrent);
$("#matrix-ss-listview").hide();
$("#matrix-ss-detailview").show();
$("#matrix-ss-back").show();
$("#matrix-ss-d-result,#matrix-ss-d-removeconfirm").hide();
$("#matrix-ss-d-name").text(d.displayName || d.deviceId);
$("#matrix-ss-d-status").html(d.verified
? '<div class="matrix-ss-box ok"><i class="fa fa-shield"></i><div><b>Verified session</b><br>'
+ 'This session is ready for secure messaging.</div></div>'
: '<div class="matrix-ss-box err"><i class="fa fa-shield"></i><div><b>Not verified</b><br>'
+ (isCurrent
? 'This session is not cross-signed. Use the Set up secure backup &amp; cross-signing button to verify it.'
: 'Verify this session to confirm it is trusted.')
+ '</div></div>');
$("#matrix-ss-d-details").html(
ssDetailRow("Session ID", d.deviceId)
+ ssDetailRow("Last activity", ssFullDate(d.lastSeenTs))
+ ssDetailRow("IP address", d.lastSeenIp || "unknown"));
$("#matrix-ss-d-verifywrap").toggle(!isCurrent && !d.verified);
$("#matrix-ss-d-removewrap").toggle(!isCurrent);
};
var ssClose = function() { $("#matrix-ss-overlay").fadeOut(120); };
$("#matrix-ss-x,#matrix-ss-close").on("click", ssClose);
$("#matrix-ss-overlay").on("mousedown", function(e) { if(e.target === this) { ssClose(); } });
$(document).on("keydown.matrixss", function(e) {
if(e.key === "Escape" && $("#matrix-ss-overlay").is(":visible")) { ssClose(); }
});
$("#matrix-ss-back").on("click", ssShowList);
$("#matrix-ss-current,#matrix-ss-others").on("click", ".matrix-ss-item", function() {
ssShowDetail($(this).data("device"), $(this).data("isCurrent"));
});
$("#matrix-ss-d-rename").on("click", function() {
var d = $("#matrix-ss-overlay").data("ssDevice");
var name = prompt("Session display name:", d.displayName || "");
if(name === null) { return; }
ssCall({ id: ssId(), action: "rename", deviceId: d.deviceId, displayName: name })
.done(function(r) {
if(r.result !== "ok") { ssResult(false, r.message); return; }
d.displayName = name;
$("#matrix-ss-d-name").text(name || d.deviceId);
ssResult(true, "Session renamed.");
})
.fail(function() { ssResult(false, "Request failed."); });
});
$("#matrix-ss-d-verify").on("click", function() {
var d = $("#matrix-ss-overlay").data("ssDevice");
$("#matrix-ss-d-result").removeClass("ok err").html('<i class="fa fa-spinner fa-spin"></i> Starting verification…').show();
ssCall({ id: ssId(), action: "verify", deviceId: d.deviceId })
.done(function(r) {
if(r.result !== "ok" || !r.verificationId) {
ssResult(false, r.message || "Could not start verification.");
return;
}
// hand off to the verification modal's detail view
$("#matrix-ss-overlay").fadeOut(120);
$("#matrix-vl-overlay").data("matrixNodeId", ssId()).fadeIn(120);
$("#matrix-vl-overlay").data("vlShowDetailFn")(r.verificationId);
})
.fail(function() { ssResult(false, "Request failed."); });
});
$("#matrix-ss-d-removelink").on("click", function() {
$("#matrix-ss-d-password").val("");
$("#matrix-ss-d-removeconfirm").show();
});
$("#matrix-ss-d-removeconfirmbtn").on("click", function() {
var d = $("#matrix-ss-overlay").data("ssDevice");
$("#matrix-ss-d-result").removeClass("ok err").html('<i class="fa fa-spinner fa-spin"></i> Removing session…').show();
ssCall({ id: ssId(), action: "remove", deviceId: d.deviceId, password: $("#matrix-ss-d-password").val() })
.done(function(r) {
if(r.result !== "ok") { ssResult(false, r.message); return; }
ssShowList();
})
.fail(function() { ssResult(false, "Request failed."); });
});
$("#matrix-ss-overlay").data("ssShowListFn", ssShowList);
}
$("#matrix-sessions-btn").on("click", function() {
$("#matrix-ss-overlay").data("matrixNodeId", nodeId).fadeIn(120);
$("#matrix-ss-overlay").data("ssShowListFn")();
});
// --- Login: fetch a fresh access token & device id ---
$("#matrix-login-btn").on("click", function() {
function prettyPrintJson(json) {
try { return typeof json === 'object' ? JSON.stringify(json, null, 2) : json; }
catch (error) { return json; }
}
let userId = $("#node-config-input-userId").val(),
userPassword = $("#node-config-input-password").val(),
serverUrl = $("#node-config-input-url").val();
if (!userId) { alert("User ID is required to fetch access token."); return; }
if (!userPassword) { alert("Password is required to fetch access token."); return; }
if (!serverUrl) { alert("Server URL is required to fetch access token."); return; }
$("#matrix-login-btn, #matrix-chat-login-error, #matrix-chat-login-success").hide();
$("#matrix-access-token-loader").show();
$.ajax({
type: 'POST',
url: 'matrix-chat/login',
dataType: 'json',
data: {
'userId': userId,
'password': userPassword,
'baseUrl': serverUrl,
'displayName': $("#node-config-input-deviceLabel").val(),
}
}).then(
function(data) {
if (data.result && data.result === 'ok') {
$("#matrix-chat-login-error").hide();
$("#matrix-chat-login-success")
.html("Login Successful! Auth Token and Device ID have been set below.")
.show();
$("#node-config-input-accessToken").val(data.token);
$("#node-config-input-deviceId").val(data.device_id);
} else if (data.result && data.result === 'error') {
$("#matrix-chat-login-success").hide();
$("#matrix-chat-login-error")
.html(data.message ? ('Failed to login: <br />' + prettyPrintJson(data.message)) : 'Failed to login')
.show();
}
$("#matrix-login-btn").show();
$("#matrix-access-token-loader").hide();
},
function() {
$("#matrix-chat-login-success").hide();
$("#matrix-chat-login-error")
.html("Failed to login due to server error communicating with Node-RED")
.show();
$("#matrix-login-btn").show();
$("#matrix-access-token-loader").hide();
}
);
});
}
});
</script>
@@ -71,7 +820,10 @@
<input type="password" placeholder="" id="node-config-input-password">
</div>
<div class="form-tips" style="margin-bottom: 12px;">
Password is never saved and is only used to fetch an access token using the button below.
Optional. Used to fetch an access token with the button below, and &mdash; if you
enable cross-signing &mdash; as a fallback when the homeserver requires the account
password to upload signing keys. If set, it is stored (encrypted) with the node's
credentials. Leave blank if you only want to use an access token.
</div>
<pre class="form-tips" id="matrix-chat-login-error" style="color: #721c24;background-color: #f8d7da;border-color: #f5c6cb;margin-bottom: 12px;display:none;"></pre>
<pre class="form-tips" id="matrix-chat-login-success" style="color: #155724;background-color: #d4edda;border-color: #c3e6cb;margin-bottom: 12px;display:none;"></pre>
@@ -130,88 +882,87 @@
<code style="white-space: normal;">let client = global.get("matrixClient['@bot:example.com']");</code>
</div>
</div>
<script type="text/javascript">
$("#matrix-login-btn").on("click", function() {
function prettyPrintJson(json) {
try{
return typeof json === 'object' ? JSON.stringify(json, null, 2) : json;
}
catch (error){
return json;
}
}
let userId = $("#node-config-input-userId").val(),
userPassword = $("#node-config-input-password").val(),
serverUrl = $("#node-config-input-url").val();
<div class="form-row">
<input
type="checkbox"
id="node-config-input-allowUnknownDevices"
style="width: auto; margin-left: 125px; vertical-align: top"
/>
<label for="node-config-input-allowUnknownDevices" style="width: auto">
Allow unverified devices in rooms
</label>
<div class="form-tips" style="margin-bottom: 12px;">
Allow sending messages to a room with unknown devices which have not been verified.
</div>
</div>
if(!userId) {
alert("User ID is required to fetch access token.");
return;
}
if(!userPassword) {
alert("Password is required to fetch access token.");
return;
}
if(!serverUrl) {
alert("Server URL is required to fetch access token.");
return;
}
<div class="form-row">
<label><i class="fa fa-shield"></i> Secure Backup</label>
<button type="button" class="red-ui-button" id="matrix-secure-backup-btn">Set up secure backup &amp; cross-signing</button>
</div>
<div class="form-tips" style="margin-bottom: 12px;">
Sets up cross-signing so the bot's own device shows as verified. The server
configuration must be deployed and connected first.
</div>
$("#matrix-login-btn, #matrix-chat-login-error, #matrix-chat-login-success").hide();
$("#matrix-access-token-loader").show();
$.ajax({
type: 'POST',
url: 'matrix-chat/login',
dataType: 'json',
data: {
'userId': userId,
'password': userPassword,
'baseUrl': serverUrl,
'displayName': $("#node-config-input-deviceLabel").val(),
}
}).then(
function(data) {
if(data.result && data.result === 'ok') {
$("#matrix-chat-login-error").hide();
$("#matrix-chat-login-success")
.html("Login Successful! Auth Token and Device ID have been set below.")
.show();
<div class="form-row">
<label><i class="fa fa-check-circle"></i> Verification</label>
<button type="button" class="red-ui-button" id="matrix-verification-list-btn">Pending verification requests</button>
</div>
<div class="form-tips" style="margin-bottom: 12px;">
Review and complete incoming device verification requests without building a flow.
The server configuration must be deployed and connected first.
</div>
$("#node-config-input-accessToken").val(data.token);
$("#node-config-input-deviceId").val(data.device_id);
} else if(data.result && data.result === 'error') {
$("#matrix-chat-login-success").hide();
$("#matrix-chat-login-error")
.html(data.message ? ('Failed to login: <br />' + prettyPrintJson(data.message)) : 'Failed to login')
.show();
}
$("#matrix-login-btn").show();
$("#matrix-access-token-loader").hide();
}, function() {
$("#matrix-chat-login-success").hide();
$("#matrix-chat-login-error")
.html("Failed to login due to server error communicating with Node-RED")
.show();
$("#matrix-login-btn").show();
$("#matrix-access-token-loader").hide();
}
);
});
</script>
<div class="form-row">
<label><i class="fa fa-desktop"></i> Sessions</label>
<button type="button" class="red-ui-button" id="matrix-sessions-btn">Manage sessions</button>
</div>
<div class="form-tips" style="margin-bottom: 12px;">
View the account's logged-in sessions, verify them, or remove ones you don't recognize.
The server configuration must be deployed and connected first.
</div>
</script>
<script type="text/html" data-help-name="matrix-server-config">
<h3>Details</h3>
<p>Matrix client connection configuration</p>
<h3>Server URL</h3>
<p>
The URL of your homeserver. You can enter either the homeserver URL directly
(e.g. <code>https://matrix.example.org</code>) or the delegating domain
(e.g. <code>https://example.org</code>) &mdash; in the latter case the real
homeserver is resolved automatically via <code>.well-known</code> discovery.
</p>
<h3>Setting up an account</h3>
<div>
<p>
You need an account for your client to use. If you are going to be using End-to-End Encryption you should generate the bot and only use it within Node-RED otherwise if you have other clients connected on the same user it could cause problems with e2ee (key sharing is currently not supported).
You need an account for your client to use. For End-to-End Encryption it is simplest to dedicate the account to the bot and run it only within Node-RED. The account may also be signed in on other clients &mdash; if so, verify those sessions against the bot (see <em>Cross-signing &amp; secure backup</em> below) so they trust each other and share keys.
</p>
<p>If you have access to the server directly you can use Shared Secret Registration as described <a href="https://github.com/Skylar-Tech/node-red-contrib-matrix-chat/tree/master/examples#create-user-with-shared-secret-registration" target="_blank" style="text-decoration: underline;">here</a>.</p>
<p>If this is a server you do not administrate/have access to follow these instructions:</p>
<ol><li>In a private/incognito browser window, open Element.</li><li>Log in to the account you want to get the access token for, such as the bot's account. <strong>Do not setup key storage</strong>.</li><li>Click on the bot's name in the top left corner then "Settings".</li><li>(Optional) Set your bot's display name and avatar.</li><li>Click the "Help &amp; About" tab (left side of the dialog).</li><li>Scroll to the bottom and click the <code>&lt;click to reveal&gt;</code> part of <code>Access Token: &lt;click to reveal&gt;</code>.</li><li>Copy your access token to a safe place, like the bot's configuration file.</li><li><strong>Do not log out.</strong> Instead, just close the window. If you used a private browsing session, you should be able to still use Element for your own account. Logging out deletes the access token from the server, making the bot unable to use it.</li></ol>
<ol><li>In a private/incognito browser window, open Element.</li><li>Log in to the account you want to get the access token for, such as the bot's account.</li><li>Click on the bot's name in the top left corner then "Settings".</li><li>(Optional) Set your bot's display name and avatar.</li><li>Click the "Help &amp; About" tab (left side of the dialog).</li><li>Scroll to the bottom and click the <code>&lt;click to reveal&gt;</code> part of <code>Access Token: &lt;click to reveal&gt;</code>.</li><li>Copy your access token to a safe place, like the bot's configuration file.</li><li><strong>Do not log out.</strong> Instead, just close the window. If you used a private browsing session, you should be able to still use Element for your own account. Logging out deletes the access token from the server, making the bot unable to use it.</li></ol>
</div>
<h3>Cross-signing &amp; secure backup</h3>
<div>
<p>
Use the <strong>Set up secure backup &amp; cross-signing</strong> button to set up
cross-signing so the bot's own device is verified. The server configuration must be
deployed and connected first; the button then checks the account and, interactively:
</p>
<ul>
<li>if the account already has a secure backup, lets you <strong>unlock</strong> it with its recovery key (or passphrase) and set up cross-signing for the bot;</li>
<li>otherwise (or on request) lets you <strong>reset</strong> cross-signing and secure backup, creating a new recovery key &mdash; this needs the account password.</li>
</ul>
<p>
To verify other devices interactively (SAS emoji), use the <code>matrix-verification</code>
node to receive verification requests and <code>matrix-verification-action</code> to
accept, start, confirm or cancel them. This lets you build your own approval flow
(for example emailing the emoji for a human to confirm).
</p>
</div>
</script>
src/matrix-server-config.js
+753 -196
View File
File diff suppressed because it is too large Load Diff
src/matrix-upload-file.js
+2 -1
View File
@@ -293,7 +293,8 @@ module.exports = function(RED) {
msg.payload.url = file.content_uri;
}
msg.payload.msgtype = msgtype;
msg.payload.body = msg.body || msg.filename || "";
msg.payload.body = msg.body || filename || "";
msg.payload.filename = filename;
msg.payload.info = {
"mimetype": contentType,
"size": getFileSize(bufferOrPath),
src/matrix-verification-action.html
+126
View File
@@ -0,0 +1,126 @@
<script type="text/javascript">
RED.nodes.registerType('matrix-verification-action',{
category: 'matrix',
color: '#00b7ca',
icon: "matrix.png",
inputs: 1,
outputs: 2,
outputLabels: ["success", "error"],
align: 'right',
defaults: {
name: { value: null },
server: { type: "matrix-server-config" },
mode: { value: "accept" }
},
label: function() {
const labels = {
request: "Request verification",
accept: "Accept verification",
start: "Start SAS verification",
confirm: "Confirm SAS",
mismatch: "Reject SAS (mismatch)",
cancel: "Cancel verification"
};
return this.name || labels[this.mode] || "Verification Action";
},
paletteLabel: 'Verification Action'
});
</script>
<script type="text/html" data-template-name="matrix-verification-action">
<div class="form-row">
<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
<input type="text" id="node-input-name" placeholder="Name">
</div>
<div class="form-row">
<label for="node-input-server"><i class="fa fa-user"></i> Matrix Server Config</label>
<input type="text" id="node-input-server">
</div>
<div class="form-row">
<label for="node-input-mode"><i class="fa fa-shield"></i> Action</label>
<select id="node-input-mode">
<option value="request">Request verification</option>
<option value="accept">Accept verification</option>
<option value="start">Start SAS verification</option>
<option value="confirm">Confirm SAS</option>
<option value="mismatch">Reject SAS (mismatch)</option>
<option value="cancel">Cancel verification</option>
</select>
</div>
<div class="form-tips" style="margin-bottom: 12px;">
The action can also be overridden per message with <code>msg.mode</code>.
</div>
</script>
<script type="text/html" data-help-name="matrix-verification-action">
<h3>Details</h3>
<p>Acts on a Matrix device verification: request, accept, start, confirm or cancel it.</p>
<p>
This is the action counterpart to the <code>matrix-verification</code> node. The
<b>Action</b> set on the node decides what it does; it can also be overridden per
message with <code>msg.mode</code>. Every action except <b>Request verification</b>
operates on an existing verification identified by <code>msg.verificationId</code>
(as emitted by the <code>matrix-verification</code> node).
</p>
<p>
A typical SAS (emoji) flow: receive a <code>requested</code> event &rarr;
<b>Accept</b> &rarr; <b>Start SAS</b> &rarr; receive the <code>sas</code> event with
the emoji &rarr; have a human confirm &rarr; <b>Confirm SAS</b>.
</p>
<h3>Actions</h3>
<dl class="message-properties">
<dt>Request verification</dt>
<dd>Starts a new verification. With <code>msg.userId</code> + <code>msg.deviceId</code> it verifies a specific device; with <code>msg.userId</code> + <code>msg.topic</code> it verifies a user in that DM room; with neither it verifies the bot's own other devices.</dd>
<dt>Accept verification</dt>
<dd>Accepts an incoming verification request (moves it to the <code>ready</code> phase).</dd>
<dt>Start SAS verification</dt>
<dd>Begins SAS (emoji) verification. The emoji/decimal are delivered through the <code>matrix-verification</code> node as a <code>sas</code> phase event.</dd>
<dt>Confirm SAS</dt>
<dd>Confirms that the SAS emoji/decimal match. Call this once a human has verified the emoji.</dd>
<dt>Reject SAS (mismatch)</dt>
<dd>Declares that the SAS does not match, cancelling the verification.</dd>
<dt>Cancel verification</dt>
<dd>Cancels the verification request.</dd>
</dl>
<h3>Inputs</h3>
<dl class="message-properties">
<dt class="optional">msg.mode <span class="property-type">string</span></dt>
<dd>optional. Overrides the node's configured Action. One of <code>request</code>, <code>accept</code>, <code>start</code>, <code>confirm</code>, <code>mismatch</code>, <code>cancel</code>.</dd>
<dt>msg.verificationId <span class="property-type">string</span></dt>
<dd>required for every action except <code>request</code>. The id of the verification to act on, from the <code>matrix-verification</code> node.</dd>
<dt class="optional">msg.userId <span class="property-type">string</span></dt>
<dd>used by <code>request</code>: the user to verify.</dd>
<dt class="optional">msg.deviceId <span class="property-type">string</span></dt>
<dd>used by <code>request</code>: the specific device to verify (to-device verification).</dd>
<dt class="optional">msg.topic <span class="property-type">string</span></dt>
<dd>used by <code>request</code>: a DM room id, to verify a user in-room.</dd>
</dl>
<h3>Outputs</h3>
<ol class="node-ports">
<li>Success
<dl class="message-properties">
<dt>msg.verificationId <span class="property-type">string</span></dt>
<dd>the id of the verification that was acted on (or created, for <code>request</code>).</dd>
</dl>
</li>
<li>Error
<dl class="message-properties">
<dt>msg.error <span class="property-type">string</span></dt>
<dd>the error that occurred.</dd>
</dl>
</li>
</ol>
</script>
src/matrix-verification-action.js
+139
View File
@@ -0,0 +1,139 @@
module.exports = function(RED) {
function MatrixVerificationAction(n) {
RED.nodes.createNode(this, n);
let node = this;
this.name = n.name;
this.server = RED.nodes.getNode(n.server);
this.mode = n.mode || "accept";
node.status({ fill: "red", shape: "ring", text: "disconnected" });
if (!node.server) {
node.error("No configuration node");
return;
}
node.server.register(node);
node.server.on("disconnected", function() {
node.status({ fill: "red", shape: "ring", text: "disconnected" });
});
node.server.on("connected", function() {
node.status({ fill: "green", shape: "ring", text: "connected" });
});
node.on("input", async function(msg) {
if (!node.server || !node.server.matrixClient) {
msg.error = "No matrix server selected";
node.error(msg.error, msg);
node.send([null, msg]);
return;
}
if (!node.server.isConnected()) {
msg.error = "Matrix server connection is currently closed";
node.error(msg.error, msg);
node.send([null, msg]);
return;
}
const crypto = node.server.matrixClient.getCrypto();
if (!crypto) {
msg.error = "End-to-end encryption is not enabled on the Matrix server config";
node.error(msg.error, msg);
node.send([null, msg]);
return;
}
// msg.mode overrides the node's configured mode if provided
const mode = msg.mode || node.mode;
try {
if (mode === "request") {
// Start a new verification request.
// - msg.userId + msg.deviceId : verify a specific device (to-device)
// - msg.userId + msg.topic : verify a user in a DM room
// - otherwise : verify our own other devices
let request;
if (msg.userId && msg.deviceId) {
request = await crypto.requestDeviceVerification(msg.userId, msg.deviceId);
} else if (msg.userId && msg.topic) {
request = await crypto.requestVerificationDM(msg.userId, msg.topic);
} else {
request = await crypto.requestOwnUserVerification();
}
if (typeof node.server.trackVerificationRequest === "function") {
node.server.trackVerificationRequest(request);
}
msg.verificationId = request.transactionId;
node.send([msg, null]);
return;
}
// Every other mode acts on an existing tracked request.
const request = node.server.verificationRequests.get(msg.verificationId);
if (!request) {
throw new Error(`No active verification found for msg.verificationId '${msg.verificationId}'`);
}
switch (mode) {
case "accept":
await request.accept();
break;
case "start": {
// Begin SAS (emoji) verification. The SAS emoji is delivered
// through the matrix-verification node when it becomes ready.
let verifier = request.verifier;
if (!verifier) {
verifier = await request.startVerification("m.sas.v1");
}
verifier.verify().catch(function(e) {
node.warn("Verification ended: " + e);
});
break;
}
case "confirm": {
const sas = node.server.verificationSas.get(msg.verificationId);
if (!sas) {
throw new Error("This verification has no SAS awaiting confirmation");
}
await sas.confirm();
break;
}
case "mismatch": {
const sas = node.server.verificationSas.get(msg.verificationId);
if (!sas) {
throw new Error("This verification has no SAS awaiting confirmation");
}
sas.mismatch();
break;
}
case "cancel":
await request.cancel();
break;
default:
throw new Error("Unknown verification action mode: " + mode);
}
msg.verificationId = request.transactionId;
node.send([msg, null]);
} catch (e) {
msg.error = String(e && e.message || e);
node.error("Verification action failed: " + msg.error, msg);
node.send([null, msg]);
}
});
node.on("close", function() {
node.server.deregister(node);
});
}
RED.nodes.registerType("matrix-verification-action", MatrixVerificationAction);
}
src/matrix-verification.html
+199
View File
@@ -0,0 +1,199 @@
<script type="text/javascript">
RED.nodes.registerType('matrix-verification',{
category: 'matrix',
color: '#00b7ca',
icon: "matrix.png",
inputs: 0,
outputs: 1,
defaults: {
name: { value: null },
server: { type: "matrix-server-config" },
phaseRequested: { value: true },
phaseReady: { value: true },
phaseStarted: { value: true },
phaseSas: { value: true },
phaseDone: { value: true },
phaseCancelled: { value: true },
initiatedBy: { value: "any" },
verificationType: { value: "any" },
selfVerification: { value: "any" },
userFilter: { value: "" },
roomFilter: { value: "" }
},
label: function() {
return this.name || "Verification";
},
paletteLabel: 'Verification'
});
</script>
<script type="text/html" data-template-name="matrix-verification">
<div class="form-row">
<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
<input type="text" id="node-input-name" placeholder="Name">
</div>
<div class="form-row">
<label for="node-input-server"><i class="fa fa-server"></i> Matrix Server</label>
<input type="text" id="node-input-server">
</div>
<div class="form-row" style="margin-left: 100px;margin-top:10px;font-weight:bold;">
Phase filter
</div>
<div class="form-tips" style="margin-bottom:6px;">Emit only the ticked phases.</div>
<div class="form-row" style="margin-bottom:0;">
<input type="checkbox" id="node-input-phaseRequested" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseRequested" style="width:auto">requested</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input type="checkbox" id="node-input-phaseReady" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseReady" style="width:auto">ready</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input type="checkbox" id="node-input-phaseStarted" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseStarted" style="width:auto">started</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input type="checkbox" id="node-input-phaseSas" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseSas" style="width:auto">sas (emoji ready to confirm)</label>
</div>
<div class="form-row" style="margin-bottom:0;">
<input type="checkbox" id="node-input-phaseDone" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseDone" style="width:auto">done</label>
</div>
<div class="form-row">
<input type="checkbox" id="node-input-phaseCancelled" style="width:auto;margin-left:125px;vertical-align:top" />
<label for="node-input-phaseCancelled" style="width:auto">cancelled</label>
</div>
<div class="form-row">
<label for="node-input-initiatedBy"><i class="fa fa-filter"></i> Initiated by</label>
<select id="node-input-initiatedBy">
<option value="any">Any</option>
<option value="me">Me (the bot started it)</option>
<option value="notme">Not me (the other party)</option>
</select>
</div>
<div class="form-row">
<label for="node-input-verificationType"><i class="fa fa-filter"></i> Type</label>
<select id="node-input-verificationType">
<option value="any">Any</option>
<option value="room">Room (in-room / DM)</option>
<option value="device">Device (to-device)</option>
</select>
</div>
<div class="form-row">
<label for="node-input-selfVerification"><i class="fa fa-filter"></i> Self-verify</label>
<select id="node-input-selfVerification">
<option value="any">Any</option>
<option value="self">Self only (bot's own devices)</option>
<option value="others">Others only (other users)</option>
</select>
</div>
<div class="form-row">
<label for="node-input-userFilter"><i class="fa fa-user"></i> User IDs</label>
<input type="text" id="node-input-userFilter" placeholder="@alice:example.org, @bob:example.org">
</div>
<div class="form-tips" style="margin-bottom:12px;">User ID allowlist - only emit verifications involving these users. Comma separated, or blank for any.</div>
<div class="form-row">
<label for="node-input-roomFilter"><i class="fa fa-comments"></i> Room IDs</label>
<input type="text" id="node-input-roomFilter" placeholder="!room:example.org, !other:example.org">
</div>
<div class="form-tips" style="margin-bottom:12px;">Restrict room verifications to these rooms. Comma separated, or blank for any. Device verifications are not affected.</div>
</script>
<script type="text/html" data-help-name="matrix-verification">
<h3>Details</h3>
<p>Emits a message when a device verification request is received or changes phase.</p>
<p>
This node is the event source for device verification. It outputs a message every
time a verification request is created (either incoming, or started with the
<code>matrix-verification-action</code> node) and again on every phase change. Use
it together with <code>matrix-verification-action</code> to build your own approval
flow &mdash; for example, emailing the SAS emoji to a human for confirmation.
</p>
<p>
Each message carries a <code>msg.verificationId</code> which is the handle you pass
to <code>matrix-verification-action</code> to act on that verification.
</p>
<h3>Filters</h3>
<p>
All filters are applied on the node so you don't need <code>switch</code> nodes
downstream. They AND-combine, and each defaults to passing everything.
</p>
<dl class="message-properties">
<dt>Phase filter</dt>
<dd>Emits only the ticked phases (<code>requested</code>, <code>ready</code>, <code>started</code>, <code>sas</code>, <code>done</code>, <code>cancelled</code>). All ticked = emit every phase.</dd>
<dt>Initiated by</dt>
<dd><code>Any</code>, <code>Me</code> (only verifications the bot started), or <code>Not me</code> (only verifications started by the other party).</dd>
<dt>Type</dt>
<dd><code>Any</code>, <code>Room</code> (in-room / DM verifications), or <code>Device</code> (to-device verifications).</dd>
<dt>Self-verify</dt>
<dd><code>Any</code>, <code>Self only</code> (the other party is another of the bot's own devices), or <code>Others only</code> (a different user).</dd>
<dt>User IDs</dt>
<dd>Allowlist of user IDs (comma separated). When set, only verifications involving one of these users are emitted. Blank = any user.</dd>
<dt>Room IDs</dt>
<dd>Comma separated room IDs. When set, room verifications are restricted to these rooms. Device verifications have no room and are not affected by this filter. Blank = any room.</dd>
</dl>
<h3>Outputs</h3>
<dl class="message-properties">
<dt>msg.verificationId <span class="property-type">string</span></dt>
<dd>unique id of the verification. Pass this as <code>msg.verificationId</code> to the <code>matrix-verification-action</code> node.</dd>
<dt>msg.phase <span class="property-type">string</span></dt>
<dd>
current phase of the verification, one of:
<code>requested</code> (a request was received/sent),
<code>ready</code> (the request was accepted),
<code>started</code> (a method was chosen),
<code>sas</code> (SAS emoji/decimal are ready to confirm &mdash; see <code>msg.sas</code>),
<code>done</code> (verification completed),
<code>cancelled</code> (verification cancelled).
</dd>
<dt>msg.payload <span class="property-type">string</span></dt>
<dd>same value as <code>msg.phase</code>, for convenience.</dd>
<dt>msg.userId <span class="property-type">string</span></dt>
<dd>the user id of the other party in the verification.</dd>
<dt>msg.deviceId <span class="property-type">string | null</span></dt>
<dd>the other party's device id, for to-device verifications. <code>null</code> for in-room verifications.</dd>
<dt>msg.topic <span class="property-type">string | null</span></dt>
<dd>the room id, for in-room (DM) verifications. <code>null</code> for to-device verifications.</dd>
<dt>msg.sas <span class="property-type">object</span></dt>
<dd>
present only when <code>msg.phase</code> is <code>sas</code>. Contains
<code>emoji</code> (an array of <code>[emoji, name]</code> pairs) and
<code>decimal</code> (an array of three numbers). One or both may be
populated depending on what was negotiated.
</dd>
<dt>msg.isSelfVerification <span class="property-type">boolean</span></dt>
<dd><code>true</code> if the other party is another device of the bot's own account.</dd>
<dt>msg.initiatedByMe <span class="property-type">boolean</span></dt>
<dd><code>true</code> if this verification was started by the bot.</dd>
<dt>msg.chosenMethod <span class="property-type">string | null</span></dt>
<dd>the verification method that was chosen (e.g. <code>m.sas.v1</code>), once one has been picked; <code>null</code> before then.</dd>
<dt>msg.cancellationCode <span class="property-type">string | null</span></dt>
<dd>present when <code>msg.phase</code> is <code>cancelled</code>; the reason code (e.g. <code>m.user</code>).</dd>
</dl>
<h3>References</h3>
<ul>
<li><a href="https://spec.matrix.org/latest/client-server-api/#device-verification">Matrix spec</a> - device verification</li>
</ul>
</script>
src/matrix-verification.js
+113
View File
@@ -0,0 +1,113 @@
module.exports = function(RED) {
function MatrixVerification(n) {
RED.nodes.createNode(this, n);
let node = this;
this.name = n.name;
this.server = RED.nodes.getNode(n.server);
// Phase filter - emit only the ticked phases. Undefined (config saved
// before these options existed) is treated as ticked, so old nodes
// keep emitting every phase.
this.phases = {
requested: n.phaseRequested !== false,
ready: n.phaseReady !== false,
started: n.phaseStarted !== false,
sas: n.phaseSas !== false,
done: n.phaseDone !== false,
cancelled: n.phaseCancelled !== false,
};
this.initiatedBy = n.initiatedBy || 'any'; // any | me | notme
this.verificationType = n.verificationType || 'any'; // any | room | device
this.selfVerification = n.selfVerification || 'any'; // any | self | others
this.userFilter = (n.userFilter || '').split(',')
.map(function(s){ return s.trim().toLowerCase(); })
.filter(Boolean);
this.roomFilter = (n.roomFilter || '').split(',')
.map(function(s){ return s.trim(); })
.filter(Boolean);
node.status({ fill: "red", shape: "ring", text: "disconnected" });
if (!node.server) {
node.error("No configuration node");
return;
}
node.server.register(node);
// Returns true if a verification update message passes every configured
// filter. All filters AND-combine; each defaults to "pass everything".
function passesFilters(m) {
// phase
if ((m.phase in node.phases) && !node.phases[m.phase]) {
return false;
}
// initiated by
if (node.initiatedBy === 'me' && !m.initiatedByMe) {
return false;
}
if (node.initiatedBy === 'notme' && m.initiatedByMe) {
return false;
}
// verification type - room verifications carry a roomId (msg.topic),
// to-device verifications do not
if (node.verificationType === 'room' && !m.topic) {
return false;
}
if (node.verificationType === 'device' && m.topic) {
return false;
}
// self-verification (the other party is one of the bot's own devices)
if (node.selfVerification === 'self' && !m.isSelfVerification) {
return false;
}
if (node.selfVerification === 'others' && m.isSelfVerification) {
return false;
}
// user id allowlist
if (node.userFilter.length &&
(!m.userId || node.userFilter.indexOf(m.userId.toLowerCase()) === -1)) {
return false;
}
// room id filter - only constrains room verifications; device
// verifications have no room and are not affected
if (node.roomFilter.length && m.topic &&
node.roomFilter.indexOf(m.topic) === -1) {
return false;
}
return true;
}
const onConnected = function() {
node.status({ fill: "green", shape: "ring", text: "connected" });
};
const onDisconnected = function() {
node.status({ fill: "red", shape: "ring", text: "disconnected" });
};
const onVerificationUpdate = function(verificationMsg) {
if (!passesFilters(verificationMsg)) {
return;
}
node.status({ fill: "blue", shape: "dot", text: verificationMsg.phase });
// clone so multiple verification nodes don't share/mutate one object
node.send(RED.util.cloneMessage(verificationMsg));
};
node.server.on("connected", onConnected);
node.server.on("disconnected", onDisconnected);
node.server.on("Verification.update", onVerificationUpdate);
if (node.server.isConnected && node.server.isConnected()) {
onConnected();
}
node.on("close", function() {
node.server.removeListener("connected", onConnected);
node.server.removeListener("disconnected", onDisconnected);
node.server.removeListener("Verification.update", onVerificationUpdate);
node.server.deregister(node);
});
}
RED.nodes.registerType("matrix-verification", MatrixVerification);
}