diff --git a/services/comms/atlasbot-configmap.yaml b/services/comms/atlasbot-configmap.yaml index 14eb75c..be9640e 100644 --- a/services/comms/atlasbot-configmap.yaml +++ b/services/comms/atlasbot-configmap.yaml @@ -130,9 +130,10 @@ data: return json.loads(raw.decode()) if raw else {} def login() -> str: + login_user = normalize_user_id(USER) payload = { "type": "m.login.password", - "identifier": {"type": "m.id.user", "user": USER}, + "identifier": {"type": "m.id.user", "user": login_user}, "password": PASSWORD, } res = req("POST", "/_matrix/client/v3/login", body=payload, base=AUTH_BASE) diff --git a/services/comms/atlasbot-deployment.yaml b/services/comms/atlasbot-deployment.yaml index 0d45fe0..4d8bfc7 100644 --- a/services/comms/atlasbot-deployment.yaml +++ b/services/comms/atlasbot-deployment.yaml @@ -16,7 +16,7 @@ spec: labels: app: atlasbot annotations: - checksum/atlasbot-configmap: manual-atlasbot-2 + checksum/atlasbot-configmap: manual-atlasbot-3 spec: serviceAccountName: atlasbot nodeSelector: diff --git a/services/comms/mas-local-users-ensure-job.yaml b/services/comms/mas-local-users-ensure-job.yaml index 111810a..e17043b 100644 --- a/services/comms/mas-local-users-ensure-job.yaml +++ b/services/comms/mas-local-users-ensure-job.yaml @@ -65,6 +65,7 @@ spec: MAS_TOKEN_URL = os.environ["MAS_TOKEN_URL"] MAS_ADMIN_API_BASE = os.environ["MAS_ADMIN_API_BASE"].rstrip("/") AUTH_BASE = "http://matrix-authentication-service:8080" + SERVER_NAME = "live.bstein.dev" def admin_token(): with open(MAS_ADMIN_CLIENT_SECRET_FILE, "r", encoding="utf-8") as f: @@ -140,11 +141,14 @@ spec: if user is None: raise RuntimeError(f"failed to ensure user {username}") update_password(token, user["id"], password) + login_name = username + if not login_name.startswith("@"): + login_name = f"@{login_name}:{SERVER_NAME}" r = requests.post( f"{AUTH_BASE}/_matrix/client/v3/login", json={ "type": "m.login.password", - "identifier": {"type": "m.id.user", "user": username}, + "identifier": {"type": "m.id.user", "user": login_name}, "password": password, }, timeout=30, diff --git a/services/comms/pin-othrys-job.yaml b/services/comms/pin-othrys-job.yaml index c42c815..3639194 100644 --- a/services/comms/pin-othrys-job.yaml +++ b/services/comms/pin-othrys-job.yaml @@ -50,10 +50,19 @@ spec: def auth(token): return {"Authorization": f"Bearer {token}"} + def canon_user(user): + u = (user or "").strip() + if u.startswith("@") and ":" in u: + return u + u = u.lstrip("@") + if ":" in u: + return f"@{u}" + return f"@{u}:live.bstein.dev" + def login(user, password): r = requests.post(f"{AUTH_BASE}/_matrix/client/v3/login", json={ "type": "m.login.password", - "identifier": {"type": "m.id.user", "user": user}, + "identifier": {"type": "m.id.user", "user": canon_user(user)}, "password": password, }) r.raise_for_status() diff --git a/services/comms/reset-othrys-room-job.yaml b/services/comms/reset-othrys-room-job.yaml index 7561313..9657626 100644 --- a/services/comms/reset-othrys-room-job.yaml +++ b/services/comms/reset-othrys-room-job.yaml @@ -78,12 +78,21 @@ spec: def auth(token): return {"Authorization": f"Bearer {token}"} - def login(user, password): - r = requests.post(f"{AUTH_BASE}/_matrix/client/v3/login", json={ - "type": "m.login.password", - "identifier": {"type": "m.id.user", "user": user}, - "password": password, - }) + def canon_user(user): + u = (user or "").strip() + if u.startswith("@") and ":" in u: + return u + u = u.lstrip("@") + if ":" in u: + return f"@{u}" + return f"@{u}:live.bstein.dev" + + def login(user, password): + r = requests.post(f"{AUTH_BASE}/_matrix/client/v3/login", json={ + "type": "m.login.password", + "identifier": {"type": "m.id.user", "user": canon_user(user)}, + "password": password, + }) if r.status_code != 200: raise SystemExit(f"login failed: {r.status_code} {r.text}") return r.json()["access_token"] diff --git a/services/comms/seed-othrys-room.yaml b/services/comms/seed-othrys-room.yaml index 5085aa3..901f14d 100644 --- a/services/comms/seed-othrys-room.yaml +++ b/services/comms/seed-othrys-room.yaml @@ -48,10 +48,19 @@ spec: BASE = os.environ["SYNAPSE_BASE"] AUTH_BASE = os.environ.get("AUTH_BASE", BASE) + def canon_user(user): + u = (user or "").strip() + if u.startswith("@") and ":" in u: + return u + u = u.lstrip("@") + if ":" in u: + return f"@{u}" + return f"@{u}:live.bstein.dev" + def login(user, password): r = requests.post(f"{AUTH_BASE}/_matrix/client/v3/login", json={ "type": "m.login.password", - "identifier": {"type": "m.id.user", "user": user}, + "identifier": {"type": "m.id.user", "user": canon_user(user)}, "password": password, }) if r.status_code != 200: