diff options
| author | Neil Johnson <neil@fragile.org.uk> | 2019-09-24 22:46:01 +0100 |
|---|---|---|
| committer | Neil Johnson <neil@matrix.org> | 2019-09-25 09:54:19 +0100 |
| commit | 7e0087449f4f7bf9fea4b73dd41afea18e8a498d (patch) | |
| tree | b8d373543c4ec62e4fa0c20927954ed064e9c17c | |
| parent | Add sid to next_link for email validation (#6097) (diff) | |
| download | synapse-7e0087449f4f7bf9fea4b73dd41afea18e8a498d.tar.xz | |
remove email dependency on msisdn validity checks in _check_threepid
| -rw-r--r-- | changelog.d/6104.bugfix | 1 | ||||
| -rw-r--r-- | synapse/handlers/auth.py | 68 |
2 files changed, 39 insertions, 30 deletions
diff --git a/changelog.d/6104.bugfix b/changelog.d/6104.bugfix new file mode 100644 index 0000000000..41114a66ef --- /dev/null +++ b/changelog.d/6104.bugfix @@ -0,0 +1 @@ +Threepid validity checks on msisdns should not be dependent on 'threepid_behaviour_email'. diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 374372b69e..62d7def693 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -435,6 +435,7 @@ class AuthHandler(BaseHandler): @defer.inlineCallbacks def _check_threepid(self, medium, authdict, **kwargs): + print('_check_threepid') if "threepid_creds" not in authdict: raise LoginError(400, "Missing threepid_creds", Codes.MISSING_PARAM) @@ -443,43 +444,50 @@ class AuthHandler(BaseHandler): identity_handler = self.hs.get_handlers().identity_handler logger.info("Getting validated threepid. threepidcreds: %r", (threepid_creds,)) - if self.hs.config.threepid_behaviour_email == ThreepidBehaviour.REMOTE: - if medium == "email": - threepid = yield identity_handler.threepid_from_creds( - self.hs.config.account_threepid_delegate_email, threepid_creds - ) - elif medium == "msisdn": + + # msisdns are currently always ThreepidBehaviour.REMOTE + if medium == "msisdn": + if self.hs.config.account_threepid_delegate_msisdn: threepid = yield identity_handler.threepid_from_creds( self.hs.config.account_threepid_delegate_msisdn, threepid_creds ) else: - raise SynapseError(400, "Unrecognized threepid medium: %s" % (medium,)) - elif self.hs.config.threepid_behaviour_email == ThreepidBehaviour.LOCAL: - row = yield self.store.get_threepid_validation_session( - medium, - threepid_creds["client_secret"], - sid=threepid_creds["sid"], - validated=True, - ) + raise SynapseError( + 400, "SMS delegation is not enabled on this homeserver" + ) + elif medium == "email": + if self.hs.config.threepid_behaviour_email == ThreepidBehaviour.REMOTE: + if medium == "email": + threepid = yield identity_handler.threepid_from_creds( + self.hs.config.account_threepid_delegate_email, threepid_creds + ) + elif self.hs.config.threepid_behaviour_email == ThreepidBehaviour.LOCAL: + row = yield self.store.get_threepid_validation_session( + medium, + threepid_creds["client_secret"], + sid=threepid_creds["sid"], + validated=True, + ) - threepid = ( - { - "medium": row["medium"], - "address": row["address"], - "validated_at": row["validated_at"], - } - if row - else None - ) + threepid = ( + { + "medium": row["medium"], + "address": row["address"], + "validated_at": row["validated_at"], + } + if row + else None + ) - if row: - # Valid threepid returned, delete from the db - yield self.store.delete_threepid_session(threepid_creds["sid"]) + if row: + # Valid threepid returned, delete from the db + yield self.store.delete_threepid_session(threepid_creds["sid"]) + else: + raise SynapseError( + 400, "Email is not enabled on this homeserver" + ) else: - raise SynapseError( - 400, "Password resets are not enabled on this homeserver" - ) - + raise SynapseError(400, "Unrecognized threepid medium: %s" % (medium,)) if not threepid: raise LoginError(401, "", errcode=Codes.UNAUTHORIZED) |