Merge branch 'fix-tokens-tom-server'

.github/workflows/build-and-test.yml

@@ -34,6 +34,6 @@ jobs:
     - name: Install dependencies 
       run: npm ci
     - name: Install playwright test browsers 
-      run: npx playwright install
+      run: npx playwright install --with-deps
     - name: Run all tests
       run: npm test

packages/federation-server/src/index.ts

@@ -49,17 +49,10 @@ export default class FederationServer extends MatrixIdentityServer {
     this.logger.debug(
       `Trusted servers: ${this.conf.trusted_servers_addresses.join(', ')}`
     )
-    this.rateLimiter = rateLimit({
-      windowMs: this.conf.rate_limiting_window,
-      limit: this.conf.rate_limiting_nb_requests,
-      validate: {
-        trustProxy: this.conf.trust_x_forwarded_for
-      }
-    })
     this.authenticate = Authenticate(
       this.db,
       this.conf.trusted_servers_addresses,
-      this.conf.trust_x_forwarded_for,
+      this.conf.trust_x_forwarded_for as boolean,
       this.logger
     )
     const superReady = this.ready

packages/federation-server/src/types.ts

@@ -34,7 +34,6 @@ export interface ErrorResponseBody {
 export type middlewaresList = Array<expressAppHandler | expressAppHandlerError>
 
 export type Config = MConfig & {
-  trust_x_forwarded_for: boolean
   trusted_servers_addresses: string[]
 }
 

packages/matrix-identity-server/src/config.json

@@ -41,6 +41,7 @@
   "smtp_sender": "",
   "smtp_server": "localhost",
   "smtp_port": 25,
+  "trust_x_forwarded_for": false,
   "update_federation_hashes_cron": "3 3 3 * * *",
   "update_users_cron": "*/10 * * * *",
   "userdb_engine": "sqlite",

packages/matrix-identity-server/src/index.ts

@@ -123,7 +123,10 @@ export default class MatrixIdentityServer {
     this._convertStringtoNumberInConfig()
     this.rateLimiter = rateLimit({
       windowMs: this.conf.rate_limiting_window,
-      limit: this.conf.rate_limiting_nb_requests
+      limit: this.conf.rate_limiting_nb_requests,
+      validate: {
+        trustProxy: this.conf.trust_x_forwarded_for
+      }
     })
     this._logger = logger ?? getLogger(this.conf as unknown as LoggerConfig)
     try {

packages/matrix-identity-server/src/types.ts

@@ -48,6 +48,7 @@ export interface Config {
   smtp_tls?: boolean
   smtp_user?: string
   smtp_verify_certificate?: boolean
+  trust_x_forwarded_for?: boolean
   update_federation_hashes_cron?: string
   update_users_cron?: string
   userdb_engine?: SupportedUserDatabases

packages/matrix-invite/playwright.config.ts

@@ -1,9 +1,13 @@
 import { defineConfig, PlaywrightTestConfig } from '@playwright/test'
 
 const config: PlaywrightTestConfig = defineConfig({
+  use: {
+    baseURL: 'http://127.0.0.1:4173'
+  },
   webServer: {
     command: 'npm run build && npm run preview',
-    port: 4173
+    url: 'http://127.0.0.1:4173',
+    timeout: 120000
   },
   testDir: 'tests'
 })

packages/tom-server/src/config.json

@@ -76,5 +76,6 @@
   "push_ephemeral": true,
   "sms_api_url": "",
   "sms_api_login": "",
-  "sms_api_key": ""
+  "sms_api_key": "",
+  "trust_x_forwarded_for": false
 }

server.mjs

@@ -16,7 +16,7 @@ const appServerConf = {
   push_ephemeral: process.env.PUSH_EPHEMERAL || true
 }
 
-const conf = {
+let conf = {
   ...appServerConf,
   additional_features: process.env.ADDITIONAL_FEATURES || false,
   cron_service: process.env.CRON_SERVICE || true,
@@ -74,14 +74,15 @@ if (process.argv[2] === 'generate') {
   // eslint-disable-next-line no-unused-vars
   const appServer = new AppServer(appServerConf)
 } else {
-  const tomServer = new TomServer(conf)
   const app = express()
   const trustProxy = process.env.TRUSTED_PROXIES
     ? process.env.TRUSTED_PROXIES.split(/\s+/)
     : []
   if (trustProxy.length > 0) {
+    conf.trust_x_forwarded_for = true
     app.set('trust proxy', ...trustProxy)
   }
+  const tomServer = new TomServer(conf)
   const promises = [tomServer.ready]
 
   if (process.env.CROWDSEC_URI) {