fix

Author: gsanchietti

api/routes.go

@@ -28,9 +28,6 @@ func RegisterRoutes(e *echo.Echo, svc *service.MessageService, pushSvc *service.
 	e.POST("/_matrix/push/v1/notify", h.matrixPushNotify)
 	// Matrix Application Service transactions (push events to AS)
 	e.PUT("/_matrix/app/v1/transactions/:txnId", h.matrixAppTransaction)
-
-	// Matrix Media Download Proxy
-	e.GET("/_matrix/media/v3/download/:serverName/:mediaId", h.proxyMediaDownload)
 }
 
 type handler struct {
@@ -232,20 +229,3 @@ func (h handler) matrixAppTransaction(c echo.Context) error {
 	// As per spec, acknowledge with an empty JSON object and 200 OK.
 	return c.JSON(http.StatusOK, map[string]interface{}{})
 }
-
-// proxyMediaDownload handles media download requests by proxying them to the Matrix homeserver.
-func (h handler) proxyMediaDownload(c echo.Context) error {
-	serverName := c.Param("serverName")
-	mediaId := c.Param("mediaId")
-	mxcURL := "mxc://" + serverName + "/" + mediaId
-
-	logger.Debug().Str("endpoint", "proxy_media_download").Str("mxc_url", mxcURL).Msg("proxying media download request")
-
-	data, contentType, err := h.svc.DownloadMedia(c.Request().Context(), mxcURL)
-	if err != nil {
-		logger.Error().Str("endpoint", "proxy_media_download").Str("mxc_url", mxcURL).Err(err).Msg("failed to download media from matrix")
-		return echo.NewHTTPError(http.StatusNotFound, "media not found")
-	}
-
-	return c.Blob(http.StatusOK, contentType, data)
-}

main_test.go

@@ -3,11 +3,15 @@ package main
 import (
 	"bytes"
 	"context"
+	"crypto/aes"
+	"crypto/cipher"
 	"encoding/base64"
+	"encoding/hex"
 	"encoding/json"
 	"fmt"
 	"io"
 	"net/http"
+	"net/http/httptest"
 	"os"
 	"strings"
 	"testing"
@@ -125,6 +129,7 @@ func startTestServer(cfg *testConfig) (*echo.Echo, error) {
 		ExtAuthURL:           "http://localhost:18081",
 		ExtAuthTimeoutS:      5,
 		ExtAuthTimeout:       5 * time.Second,
+		MMMSGURL:             os.Getenv("MMMSG_URL"),
 	}
 
 	// Initialize push token database
@@ -506,6 +511,33 @@ func TestIntegration_SendAndFetchImageMessages(t *testing.T) {
 		t.Skip("Skipping integration tests; set RUN_INTEGRATION_TESTS=1 to run.")
 	}
 
+	// Start mock MMMSG server
+	var uploadedData []byte
+	mmmsgServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		if r.Method == "POST" {
+			t.Logf("Mock MMMSG: received POST request")
+			w.Header().Set("Content-Type", "application/json")
+			json.NewEncoder(w).Encode(map[string]string{
+				"url": "http://" + r.Host + "/upload/123",
+			})
+			return
+		}
+		if r.Method == "PUT" && strings.HasPrefix(r.URL.Path, "/upload/") {
+			t.Logf("Mock MMMSG: received PUT request for %s", r.URL.Path)
+			data, _ := io.ReadAll(r.Body)
+			uploadedData = data
+			w.WriteHeader(http.StatusOK)
+			return
+		}
+		t.Logf("Mock MMMSG: received unexpected %s request for %s", r.Method, r.URL.Path)
+		w.WriteHeader(http.StatusNotFound)
+	}))
+	defer mmmsgServer.Close()
+
+	// Set MMMSG_URL to point to our mock server
+	os.Setenv("MMMSG_URL", mmmsgServer.URL)
+	defer os.Unsetenv("MMMSG_URL")
+
 	server, err := startTestServer(cfg)
 	if err != nil {
 		t.Fatalf("failed to start test server: %v", err)
@@ -703,27 +735,42 @@ func TestIntegration_SendAndFetchImageMessages(t *testing.T) {
 				ft.Attachments[0].Preview != nil)
 		})
 
-		// Step 4: Download the actual image from the proxy URL
-		t.Run("DownloadImageFromProxy", func(t *testing.T) {
-			resp, err := http.Get(attachment.ContentURL)
-			if err != nil {
-				t.Fatalf("failed to download image from proxy: %v", err)
-			}
-			defer resp.Body.Close()
-
-			if resp.StatusCode != http.StatusOK {
-				t.Errorf("expected status 200 OK, got %d", resp.StatusCode)
+		// Step 4: Verify MMMSG upload and encryption
+		t.Run("VerifyMMMSGUpload", func(t *testing.T) {
+			if len(uploadedData) == 0 {
+				t.Fatalf("no data was uploaded to MMMSG")
 			}
+			t.Logf("Data uploaded to MMMSG: %d bytes", len(uploadedData))
 
-			downloadedData, err := io.ReadAll(resp.Body)
-			if err != nil {
-				t.Fatalf("failed to read downloaded image data: %v", err)
+			if !strings.HasPrefix(attachment.ContentURL, mmmsgServer.URL) {
+				t.Errorf("attachment content-url %s does not point to mock MMMSG server %s", attachment.ContentURL, mmmsgServer.URL)
 			}
 
-			if len(downloadedData) == 0 {
-				t.Errorf("downloaded image data is empty")
+			if attachment.EncryptionKey == "" {
+				t.Errorf("encryption key is missing in attachment")
 			} else {
-				t.Logf("Image downloaded successfully from proxy: %d bytes", len(downloadedData))
+				t.Logf("Encryption key found: %s", attachment.EncryptionKey)
+
+				// Verify that uploaded data is different from original (encrypted)
+				if bytes.Equal(uploadedData, imageData) {
+					t.Errorf("uploaded data is not encrypted (matches original)")
+				} else {
+					t.Logf("Uploaded data is encrypted (differs from original)")
+				}
+
+				// Try to decrypt and verify
+				key, _ := hex.DecodeString(attachment.EncryptionKey)
+				block, _ := aes.NewCipher(key)
+				iv := make([]byte, aes.BlockSize)
+				stream := cipher.NewCTR(block, iv)
+				decrypted := make([]byte, len(uploadedData))
+				stream.XORKeyStream(decrypted, uploadedData)
+
+				if !bytes.Equal(decrypted, imageData) {
+					t.Errorf("decrypted data does not match original image data")
+				} else {
+					t.Logf("Decrypted data matches original image data successfully")
+				}
 			}
 		})
 	})

service/config.go

@@ -45,6 +45,9 @@ type Config struct {
 	ExtAuthURL      string
 	ExtAuthTimeoutS int
 	ExtAuthTimeout  time.Duration
+
+	// Acrobits MMMSG configuration
+	MMMSGURL string
 }
 
 // NewConfig loads all configuration from environment variables with validation
@@ -155,6 +158,15 @@ func NewConfig() (*Config, error) {
 	}
 	cfg.ExtAuthTimeout = time.Duration(cfg.ExtAuthTimeoutS) * time.Second
 
+	// Load MMMSG configuration
+	cfg.MMMSGURL = os.Getenv("MMMSG_URL")
+	if cfg.MMMSGURL == "" {
+		cfg.MMMSGURL = "https://mmmsg.acrobits.net"
+		logger.Debug().Str("MMMSG_URL", cfg.MMMSGURL).Msg("using default MMMSG URL")
+	} else {
+		logger.Debug().Str("MMMSG_URL", cfg.MMMSGURL).Msg("MMMSG URL loaded from environment")
+	}
+
 	logger.Debug().Msg("configuration loading completed successfully")
 
 	return cfg, nil
@@ -175,6 +187,7 @@ func NewTestConfig() *Config {
 		CacheTTL:             time.Duration(defaultCacheTTLSeconds) * time.Second,
 		ExtAuthTimeoutS:      defaultExtAuthTimeoutS,
 		ExtAuthTimeout:       time.Duration(defaultExtAuthTimeoutS) * time.Second,
+		MMMSGURL:             "https://mmmsg.acrobits.net",
 	}
 }