* Element-R: pass pickleKey in as raw key for indexeddb encryption
Currently, we pass the `pickleKey` to the rust library for use as a passphrase
for encrypting its crypto store. The Rust libary then passes that passphrase
through 200000 rounds of PBKDF2 to generate an encryption key, which is
(deliberately) slow.
However, the pickleKey is actually 32 bytes of random data (base64-encoded). By
passing the raw key into the rust library, we can therefore save the PBKDF
operation.
Backwards-compatibility with existing sessions is maintained, because if the
rust library discovers that the store was previously encrypted with a key based
on a PBKDF, it will re-base64 and PBKDF the key we provide, thus reconstructing
the right key.
* Update src/Lifecycle.ts
Co-authored-by: Florian Duros <florianduros@element.io>
* Lifecycle-test: clean up test setup
Rely less on the unit under test for setting up the test preconditions -- not
least because we don't really want to fire up matrix clients and the like
during test setup.
* Factor out "encryptPickleKey" method
For a start it makes it easier to grok what's going on, but also I went to use
this in a test
* Improve tests for `Lifecycle.restoreFromLocalStorage`
---------
Co-authored-by: Florian Duros <florianduros@element.io>
* Use new tooltip in `RoomTopic.tsx`
* Use new tooltip in `MLocationBody.tsx`
* Fix room topic
* Update location snapshot
* Use new tooltip in `AppPermission.tsx`
* Remove `TooltipTarget`
* Add tests for `RoomTopic`
* Refactor some logic into common AvatarSetting component
We duplicated some of the logic of setting avatars between profiles &
rooms. This pulls some of that logic into the AvatarSetting component
and hopefully make things a little simpler.
* Unsed import
* Convert JS based hover to CSS
* Remove unnecessary container
* Test avatar-as-file path
* Test file upload
* Unused imports
* Add test for RoomProfileSettings
* Test removing room avatar
* Move upload control CSS too
* Remove commented code
Co-authored-by: Florian Duros <florianduros@element.io>
* Prettier
* Coments & move style to inline as per PR suggestion
* Better test names
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Fix test
Upload input doesn't have that class anymore
---------
Co-authored-by: Florian Duros <florianduros@element.io>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* persist previously-reported event IDs as a bloom filter
* Pin to older `@types/seedrandom`
... to work around https://github.com/Callidon/bloom-filters/issues/72
* Inline `DecryptionFailureTracker.addDecryptionFailure`
* Remove redundant TRACK_INTERVAL
There really doesn't seem to be much point to this batching up of decryption
failure reports. We still call the analytics callback the same number of times.
* Rename `trackedEvents` to `reportedEvents`
* Fix incorrect documentation on `visibleEvents`
This *does* overlap with `failures`.
* Combine `addFailure` and `reportFailure`
* Calculate client properties before starting reporting
* Clear localstorage after each test
... otherwise they interfere
* Remove redundant comment
* Ensure that reports are cleared on a logout/login cycle
* make private const private and const
---------
Co-authored-by: Richard van der Hoff <richard@matrix.org>
* Inline `DecryptionFailureTracker.addDecryptionFailure`
* Remove redundant TRACK_INTERVAL
There really doesn't seem to be much point to this batching up of decryption
failure reports. We still call the analytics callback the same number of times.
* Rename `trackedEvents` to `reportedEvents`
* Fix incorrect documentation on `visibleEvents`
This *does* overlap with `failures`.
* Combine `addFailure` and `reportFailure`
* Calculate client properties before starting reporting
* report time to decrypt an event if it's slow
* add more stats
* fix some tests
* keep original timestamp, and report non-visible decryption failures
* add statistic for whether the user trusts their own device
* revert local playwright docker changes
* apply changes from review
* also remove logout event handler on logout
* apply changes from review
* make eventDecrypted callback private
* Remove legacy `threepidCreds` field
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Remove `user` field legacy UIA fallback
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update imports
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Use `*` for italics as it doesn't break when used mid-word
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix tests
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix `element-desktop-ssoid being` included in OIDC Authorization call
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Split out oidc callback url into its own method
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Allow explicit configuration of OIDC dynamic registration metadata
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix unexpected hash on oidc callback url
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* undefined > []
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix `element-desktop-ssoid being` included in OIDC Authorization call
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Split out oidc callback url into its own method
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix unexpected hash on oidc callback url
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update src/BasePlatform.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Store id_token rather than just id_token_claims
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Pass id_token via `id_token_hint` on `Manage Account` interaction
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix tests
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Convert tabbedview to functional component
The 'Tab' is still a class, so now it's a functional component that
has a supporting class, which is maybe a bit... jarring, but I think
is actually perfectly logical.
* put comment back
* Fix bad tab ID behaviour
* Make TabbedView a controlled component
This does mean the logic of keeping what tab is active is now in each
container component, but for a functional component, this is a single
line. It makes TabbedView simpler and the container components always
know exactly what tab is being displayed rather than having to effectively
keep the state separately themselves if they wanted it.
Based on https://github.com/matrix-org/matrix-react-sdk/pull/12478
* Move the active tab in user settings to the dialog title
Separated by a colon, as per the new design.
* Update snapshots
* Update a playwright test
* Fix more tests / snapshots
* Attempt to test all the cases of titleForTabID
* More tests
* Check native sliding sync support against an unstable feature flag
The `OPTIONS` approach from https://github.com/matrix-org/matrix-react-sdk/pull/12492 doesn't work because Synapse *always* responds with 204 (success) to `OPTIONS` requests, as described here: https://github.com/element-hq/synapse/issues/17153
We further can't use `HEAD` because it's not part of the allowed CORS methods, meaning the browser will mask the exact status code and error message from us, and the proxy hangs on the request anyways: https://github.com/matrix-org/sliding-sync/pull/429
To avoid these problems, we instead search for an unstable feature flag to be exposed by the server. Presence of this flag denotes native support. See https://github.com/matrix-org/matrix-spec-proposals/pull/3575/files#r1588877046 for details.
Implementations which support sliding sync natively will need to update to support this new unstable feature flag usage.
* Appease the linter
* Appease the tests
* Convert tabbedview to functional component
The 'Tab' is still a class, so now it's a functional component that
has a supporting class, which is maybe a bit... jarring, but I think
is actually perfectly logical.
* put comment back
* Fix bad tab ID behaviour
* Make TabbedView a controlled component
This does mean the logic of keeping what tab is active is now in each
container component, but for a functional component, this is a single
line. It makes TabbedView simpler and the container components always
know exactly what tab is being displayed rather than having to effectively
keep the state separately themselves if they wanted it.
Based on https://github.com/matrix-org/matrix-react-sdk/pull/12478
* Fix some types & unused prop
* Remove weird behaviour of using first tab is active isn't valid
* Don't pass initialTabID here now it no longer has the prop
* Fix test
* bleh... id, not icon
* Change to sub-components
and use contitional call syntax
* Comments
* Fix element IDs
* Fix merge
* Test DesktopCapturerSourcePicker
to make sonarcloud the right colour
* Use custom hook for the fllback tab behaviour
* Use OPTIONS for sliding sync detection poke
This avoids unintended consequences, including high resource usage, which would accompany a "full" sync request. Instead, we just grab headers and enough information for CORS to pass, revealing likely support.
Fixes https://github.com/element-hq/element-web/issues/27426
* Appease the linter
* Reset for each test
* Send user credentials to service worker for MSC3916 authentication
* appease linter
* Add initial test
The test fails, seemingly because the service worker isn't being installed or because the network mock can't reach that far.
* Remove unsafe access token code
* Split out base IDB operations to avoid importing `document` in serviceworkers
* Use safe crypto access for service workers
* Fix tests/unsafe access
* Remove backwards compatibility layer & appease linter
* Add docs
* Fix tests
* Appease the linter
* Iterate tests
* Factor out pickle key handling for service workers
* Enable everything we can about service workers
* Appease the linter
* Add docs
* Rename win32 image to linux in hopes of it just working
* Use actual image
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Improve documentation
* Document `??` not working
* Try to appease the tests
* Add some notes
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
...and remove the code that causes them to be retried in CI. Most of
these were just lack of waiting for async things to happen, mostly
lazy loading components, hence whythey worked on the retry: because
the code had been loaded by then.
* Initial commit
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Remove commented code
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Change function to reflect it's proxy not native support
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Re-add check for servers with native support
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Add native support check back in
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Re-add endpoint health check function
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Use inbuilt `getWellKnown` function
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Change the error message to the correct function
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Stop storing the proxyurl in the settings for now
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Make the logger messages more useful
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Start moving the checking logic directly into the controller
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Add missing import
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Get the client rather than passing it in to the functions
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* remove invalid `function` keyword
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Fix imports
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Our new functions are private
We shouldn't(?) have to use these check in future elsewhere
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Change our proxy check function to return a boolean
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Make `nativeSlidingSyncSupport` also return boolean, add in health check
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Disable the sliding sync option if the server doesn't support
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Only enable the setting if it passes (again)
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Update our comments to better match what's going on
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Remove unused dialog
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Add a well-known check on start-up, if sliding sync has been enabled
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Check against the correct endpoint...
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Extract baseUrl as we'll reuse it
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Make the logs differentiate between the types of proxy
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Grab the client well-known directly for use
Can't use the client object at this point, it hasn't read in the well-known
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Add myself to the copyright assignation
I wrote the majority of this file...
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Only return `true` if it's actually there
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Correct the `proxySlidingSyncSupport` function comment to match the code
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Correct the `nativeSlidingSyncSupport`function comment to match the code
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Another comment/functionality paring
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Remove duplicated types from the doc
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Move await to the previous line
Removes brackets, and corrects `wellKnown` from being a `Promise`
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* use `waitForClientWellKnown` to avoid a race condition with the request
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Move getting the client out of the `if`, use `waitForClientWellKnown`
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Remove `beforeChange` override
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Move proxy setup logic into `SlidingSyncManager`
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Swap `configure` to private, we call it from `setup` which handles proxy
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Promises are always `true`
TIL.
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* use `timeoutSignal`
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Change message when there's no server support
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Refactor `slidingSyncHealthCheck`
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Refactor `nativeSlidingSyncSupport` with try/catch
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Change comment to hotlink
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Try and make the toggle disabled when there's no endpoint
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Move the if statement outside the refactored fn to avoid an await
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Revert "Swap `configure` to private, we call it from `setup` which handles proxy"
This reverts commit c80a00b50c261becc9ad58e08d2a893d572d8426.
* Remove unused import
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Further refactor `slidingSyncHealthCheck`
`proxySlidingSyncSupport` already checks the client well-known is there
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Make `proxySlidingSyncSupport` log on success
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Clarify log message for proxy being up
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Move the logic into SlidingSyncManager
All so we can set a static variable because the disabled check isn't asynchronous :)
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Obviously this isn't a return so don't overwrite with false!
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Remove outdated comment
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* No need to pass in the client
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Activating SS should probably be info level logs
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* If we've not enabled sliding sync, push the logs down a bit
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Update i18n error message
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Remove unused i18n strings
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Correct log message
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Prettier
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Remove many of the log messages
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Short out of `checkSupport` if it's `true`
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Add the endpoint back into the log when we're enabling it
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Note in the comment that `feature_sliding_sync_proxy_url` is legacy
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Expand the well-known liveness check log
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* No need to stall the client waiting for sliding sync support
* `AutoDiscovery.findClientConfig` throws if the baseUrl is blank
* Fix `getProxyFromWellKnown` (?)
* Add missing semicolon
Sorry, linter!
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Pass our `MatrixClient` through instead of trying to grab it
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Add missing return in function comment
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Actually pass through our Client, not the Peg object
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Remove SonarCube smell complaint
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Neew to make our other two methods public to test
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* First passing test
Hurrah!
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Two more tests, this time on `checkSupport`
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Reset our `serverSupportsSlidingSync` between tests
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Check the static member is being set
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Move the static assignation down to the relevant tests
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Pull getProxyFromWellKnown mocking up
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Check we /haven't/ shorted out
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Move our spy up so we can reuse it
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Check spidering is being called
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Test the proxy is declared
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Test entered manually
Signed-off-by: Ed Geraghty <ed@geraghty.family>
* Sorry, linter
* I guess these strings are wrong?
* Replace any with string
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Ed Geraghty <ed@geraghty.family>
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* Move LoginWithQRSection to the top of the settings tab
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Refactor LoginWithQRSection to a Functional Component
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Extract LoginWithQR types
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update LoginWithQRFlow styling & copy
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Re-add missing buttons and update snapshots
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Use compound spacings
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update all non-major dependencies
* Update posthog user state access
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* Use different messages for UTDs sent before login
* Playwright test for historical events
* Add some tests
* initial work on pre-join UTDs
* add playwright tests and remove old pre-join UTD logic
* run i18n script
* fix type error
* use different error code in PostHog for pre-join UTD
* don't remove old pre-join UTD logic yet
---------
Co-authored-by: Richard van der Hoff <richard@matrix.org>