diff options
author | Eric Eastwood <erice@element.io> | 2022-10-20 14:06:35 -0500 |
---|---|---|
committer | Eric Eastwood <erice@element.io> | 2022-10-20 14:06:35 -0500 |
commit | 7d70acd10587e95d4413060bc1f6933f53949c2d (patch) | |
tree | a1a62e71fd714111cc3905dba9e9dd3f63e3d119 /synapse/module_api | |
parent | Merge branch 'develop' into madlittlemods/11850-migrate-to-opentelemetry (diff) | |
parent | Use servlets for /key/ endpoints. (#14229) (diff) | |
download | synapse-7d70acd10587e95d4413060bc1f6933f53949c2d.tar.xz |
Merge branch 'develop' into madlittlemods/11850-migrate-to-opentelemetry
Conflicts: poetry.lock (conflicts not fixed) synapse/handlers/message.py synapse/handlers/relations.py synapse/storage/databases/main/devices.py synapse/storage/schema/__init__.py
Diffstat (limited to 'synapse/module_api')
-rw-r--r-- | synapse/module_api/__init__.py | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/synapse/module_api/__init__.py b/synapse/module_api/__init__.py index b7b2d3b8c5..6a6ae208d1 100644 --- a/synapse/module_api/__init__.py +++ b/synapse/module_api/__init__.py @@ -748,6 +748,40 @@ class ModuleApi: ) ) + async def create_login_token( + self, + user_id: str, + duration_in_ms: int = (2 * 60 * 1000), + auth_provider_id: Optional[str] = None, + auth_provider_session_id: Optional[str] = None, + ) -> str: + """Create a login token suitable for m.login.token authentication + + Added in Synapse v1.69.0. + + Args: + user_id: gives the ID of the user that the token is for + + duration_in_ms: the time that the token will be valid for + + auth_provider_id: the ID of the SSO IdP that the user used to authenticate + to get this token, if any. This is encoded in the token so that + /login can report stats on number of successful logins by IdP. + + auth_provider_session_id: The session ID got during login from the SSO IdP, + if any. + """ + # The deprecated `generate_short_term_login_token` method defaulted to an empty + # string for the `auth_provider_id` because of how the underlying macaroon was + # generated. This will change to a proper NULL-able field when the tokens get + # moved to the database. + return self._hs.get_macaroon_generator().generate_short_term_login_token( + user_id, + auth_provider_id or "", + auth_provider_session_id, + duration_in_ms, + ) + def generate_short_term_login_token( self, user_id: str, @@ -759,6 +793,9 @@ class ModuleApi: Added in Synapse v1.9.0. + This was deprecated in Synapse v1.69.0 in favor of create_login_token, and will + be removed in Synapse 1.71.0. + Args: user_id: gives the ID of the user that the token is for @@ -768,6 +805,11 @@ class ModuleApi: to get this token, if any. This is encoded in the token so that /login can report stats on number of successful logins by IdP. """ + logger.warn( + "A module configured on this server uses ModuleApi.generate_short_term_login_token(), " + "which is deprecated in favor of ModuleApi.create_login_token(), and will be removed in " + "Synapse 1.71.0", + ) return self._hs.get_macaroon_generator().generate_short_term_login_token( user_id, auth_provider_id, |