moved more saml imports behind checks github/azren/port_saml2_mapping_providers azren/port_saml2_mapping_providers

(tried everything with pysaml2 uninstalled so should now work!)

3 files changed, 10 insertions, 3 deletions

diff --git a/synapse/app/_base.py b/synapse/app/_base.py

index d2c1b1fe40..fc2fbf661d 100644
--- a/synapse/app/_base.py
+++ b/synapse/app/_base.py
@@ -40,7 +40,6 @@ from synapse.crypto import context_factory
 from synapse.events.presence_router import load_legacy_presence_router
 from synapse.events.spamcheck import load_legacy_spam_checkers
 from synapse.events.third_party_rules import load_legacy_third_party_event_rules
-from synapse.handlers.saml import load_default_or_legacy_saml2_mapping_provider
 from synapse.logging.context import PreserveLoggingContext
 from synapse.metrics.background_process_metrics import wrap_as_background_process
 from synapse.metrics.jemalloc import setup_jemalloc_stats
@@ -380,6 +379,8 @@ async def start(hs: "HomeServer"):
         hs.config.saml2.saml2_enabled
         and not hs.get_saml2_user_mapping_provider().module_has_registered
     ):
+        from synapse.handlers.saml import load_default_or_legacy_saml2_mapping_provider
+
         load_default_or_legacy_saml2_mapping_provider(hs)
 
     # If we've configured an expiry time for caches, start the background job now.
diff --git a/synapse/module_api/__init__.py b/synapse/module_api/__init__.py

index f337a0f65b..49dfeb78ed 100644
--- a/synapse/module_api/__init__.py
+++ b/synapse/module_api/__init__.py
@@ -117,7 +117,8 @@ class ModuleApi:
         self._account_validity_handler = hs.get_account_validity_handler()
         self._third_party_event_rules = hs.get_third_party_event_rules()
         self._presence_router = hs.get_presence_router()
-        self._saml2_user_mapping_provider = hs.get_saml2_user_mapping_provider()
+        if hs.config.saml2.saml2_enabled:
+            self._saml2_user_mapping_provider = hs.get_saml2_user_mapping_provider()
 
     #################################################################################
     # The following methods should only be called during the module's initialisation.
@@ -145,6 +146,10 @@ class ModuleApi:
     @property
     def register_saml2_user_mapping_provider_callbacks(self):
         """Registers callbacks for presence router capabilities."""
+        if not self._hs.config.saml2.saml2_enabled:
+            raise RuntimeError(
+                "Saml2 is not enabled, so cannot register saml2 usr mapping provider callbacks"
+            )
         return (
             self._saml2_user_mapping_provider.register_saml2_user_mapping_provider_callbacks
         )
diff --git a/tests/handlers/test_saml.py b/tests/handlers/test_saml.py

index 4df6a4d029..eac7f74591 100644
--- a/tests/handlers/test_saml.py
+++ b/tests/handlers/test_saml.py
@@ -18,7 +18,6 @@ from unittest.mock import Mock
 import attr
 
 from synapse.api.errors import RedirectException
-from synapse.handlers.saml import load_default_or_legacy_saml2_mapping_provider
 
 from tests.test_utils import simple_async_mock
 from tests.unittest import HomeserverTestCase, override_config
@@ -28,6 +27,8 @@ try:
     import saml2.config
     from saml2.sigver import SigverError
 
+    from synapse.handlers.saml import load_default_or_legacy_saml2_mapping_provider
+
     has_saml2 = True
 
     # pysaml2 can be installed and imported, but might not be able to find xmlsec1.