- Linux
- docker-compose with docker
- Deno
Note: I'm using podman. If you use docker, update the docker socket path on docker-compose.yaml as well as update following commands accordingly.
# Optional. cmd for creating configuration file. One is already generated for you
sudo podman run -v synapse:/data:z -e SYNAPSE_SERVER_NAME=matrix.localhost -e SYNAPSE_REPORT_STATS=yes docker.io/matrixdotorg synapse:latest generate
# start the stack
# note: synapse might fail to initialize data on first run due to postgres taking some time to initialize. Simply restart synapse after few seconds
docker-compose up -d
This is the main api server. It communicates with a oauth2 provider for login Internally, when this server receives a opaque token, it calls the /oauth2/introspect ednpoint of the provider to get user details. Technically, we could implement this endpoint and provide the details about Houzz Pro's and remove the need for login endpoints altogether.
TODO: The get profile endpoint from element web gives error. Which means there should be another endpoint that's failing. However, we won't need to show the chat user profile so that seems to be low priority.
Note: matrix api server sends the introspection request to the public domain
set. As a result, you need to set /etc/hosts
# /etc/hosts
# external ip of your local interface. synapse uses this domain to call introspection url
# also, this needs to be available via browser for login
192.168.18.109 matrix.localdomain auth.matrix.localdomain
This is shallow shell that builds around matrix-react-sdk
and provides the
complete client.
Follow the
getting started guide.
Use element.config.json as config.json
for element-web.
Following things are being verified:
- [-] Theming: We can customize the theme and apply it. We can define a custom
theme that would handle colors. For more changes, we can clone the repo and
update accordingly. The
matrix-react-sdk
is quite easy to follow and the development seems quite good to be honest. - [-] Extension of the platform using bots and apps. See known issues.
- Automatic acceptance of invite. We can simply accept the invite when the user loads it on site. Slight code changes will be necessary.
API to get a room(auth.matrix.localdomain/api/project/[id]
): this endpoint would
create a new matrix room or return preexisting room when a project id is
provided. It would invite members to the room as well. Note: due to the
architechture the members would need to accept the invitation to join. This
should be doable by listening to invite events. ID is an opaque room id. This
endpoint could live anywhere and has no reason to be inside this path.
We implement auth.matrix.localdomain/oauth2/introspect
endpoint. This is just a
proxy that returns early for some case and int other cases, it would just
forward the request to matrix-authentication-service
. This endpoint needs to
live in this path since we are acting as middleman for the standard oauth
endpoint.
- Element web contains many features we don't actually require such as: configuration reload watching, settings watch, jitsi call. I think we can delete half of the stuff and create a lighter weight component by incrementally replacing the components one by one. With enough deletion, we will have only enough components that we need. For changing the whole way element works, we could replace the base elements with houzz components and it would look like houzz.
- Interactive Bots: This one's messy. There are two paths
- Modals: We could show modals, which work fantastically already.
- Inline: We create custom URIs like houzz://quiz/xw4a3fc and then intercept the
LinkPreviewWidget
to show a custom html widget that would interact as it would on a dialog.
For interception, there is a framework based on customizations.md
- exchange jukwaa header to an access token
- verify it works with synapse for normal flow
- combine oidc and companion app on same server
- check if jwt access token can be enabled properly
- Backchannel to generate an accesstoken for the bot account
- Backchannel to generate accesstoken for auto-accepting the invites
- refreshtoken and accesstoken
- How do we identify admin accounts?
Make a call at token endpoint with grant_type token-exchange. The endpoint will extract the jukwaa header and that will be used to authenticate the user. Right now, only userId and locale is set https://github.com/Houzz/jukwaa-packages/blob/bd5a2c52373be727d81096118784b9b5d3c9f5af/packages/request-proxy/src/jukwaaInfoFetcher.ts#L22
We will need to update this to add more user info onto the header. #todo
const exchange = (url: string) => post(url, new URLSearchParams({
client_id: "0000000000000000000SYNAPSE",
grant_type: "urn:ietf:params:oauth:grant-type:jukwaa-token-exchange",
audience: "urn:houzz.com",
resource: "matrix"
}));
For a running example, see lib.ts.