Dummy login so we can do the first POST request to get login flows without it just succeeding

4 files changed, 24 insertions, 7 deletions

diff --git a/synapse/api/constants.py b/synapse/api/constants.py

index d29c2dde01..d8a18ee87b 100644
--- a/synapse/api/constants.py
+++ b/synapse/api/constants.py
@@ -59,6 +59,7 @@ class LoginType(object):
     EMAIL_URL = u"m.login.email.url"
     EMAIL_IDENTITY = u"m.login.email.identity"
     RECAPTCHA = u"m.login.recaptcha"
+    DUMMY = u"m.login.dummy"
 
     # Only for C/S API v1
     APPLICATION_SERVICE = u"m.login.application_service"
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py

index 2cc54707a2..87866f298d 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -42,6 +42,7 @@ class AuthHandler(BaseHandler):
             LoginType.PASSWORD: self._check_password_auth,
             LoginType.RECAPTCHA: self._check_recaptcha,
             LoginType.EMAIL_IDENTITY: self._check_email_identity,
+            LoginType.DUMMY: self._check_dummy_auth,
         }
         self.sessions = {}
 
@@ -202,6 +203,11 @@ class AuthHandler(BaseHandler):
 
         defer.returnValue(threepid)
 
+    @defer.inlineCallbacks
+    def _check_dummy_auth(self, authdict, _):
+        yield run_on_reactor()
+        defer.returnValue(True)
+
     def _get_params_recaptcha(self):
         return {"public_key": self.hs.config.recaptcha_public_key}
 
diff --git a/synapse/handlers/identity.py b/synapse/handlers/identity.py

index 671d366e40..19896ce90d 100644
--- a/synapse/handlers/identity.py
+++ b/synapse/handlers/identity.py
@@ -42,8 +42,8 @@ class IdentityHandler(BaseHandler):
         # each request
         http_client = SimpleHttpClient(self.hs)
         # XXX: make this configurable!
-        #trustedIdServers = ['matrix.org', 'localhost:8090']
-        trustedIdServers = ['matrix.org']
+        trustedIdServers = ['matrix.org', 'localhost:8090']
+        #trustedIdServers = ['matrix.org']
         if not creds['idServer'] in trustedIdServers:
             logger.warn('%s is not a trusted ID server: rejecting 3pid ' +
                         'credentials', creds['idServer'])
@@ -52,7 +52,7 @@ class IdentityHandler(BaseHandler):
         data = {}
         try:
             data = yield http_client.get_json(
-                "https://%s%s" % (
+                "http://%s%s" % (
                     creds['idServer'],
                     "/_matrix/identity/api/v1/3pid/getValidated3pid"
                 ),
diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py

index d7a20fc964..ee99b74fd6 100644
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@@ -63,6 +63,17 @@ class RegisterRestServlet(RestServlet):
         if 'access_token' in request.args:
             service = yield self.auth.get_appservice_by_req(request)
 
+        if self.hs.config.enable_registration_captcha:
+            flows = [
+                [LoginType.RECAPTCHA],
+                [LoginType.EMAIL_IDENTITY, LoginType.RECAPTCHA]
+            ]
+        else:
+            flows = [
+                [LoginType.DUMMY],
+                [LoginType.EMAIL_IDENTITY]
+            ]
+
         if service:
             is_application_server = True
         elif 'mac' in body:
@@ -74,10 +85,9 @@ class RegisterRestServlet(RestServlet):
             )
             is_using_shared_secret = True
         else:
-            authed, result, params = yield self.auth_handler.check_auth([
-                [LoginType.RECAPTCHA],
-                [LoginType.EMAIL_IDENTITY, LoginType.RECAPTCHA],
-            ], body, self.hs.get_ip_from_request(request))
+            authed, result, params = yield self.auth_handler.check_auth(
+                flows, body, self.hs.get_ip_from_request(request)
+            )
 
             if not authed:
                 defer.returnValue((401, result))