summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorAndrew Morgan <andrew@amorgan.xyz>2021-04-22 18:26:17 +0100
committerAndrew Morgan <andrew@amorgan.xyz>2021-04-22 18:26:17 +0100
commitd676da986e7d3d705ad0d6b8b29a6406504dcb16 (patch)
tree6ff2a6690bda220f7d46be2f8faabf7c97ae11ad /synapse
parentMerge commit '0cd2938bc' into anoa/dinsic_release_1_31_0 (diff)
parentInclude upgrade notes. (diff)
downloadsynapse-d676da986e7d3d705ad0d6b8b29a6406504dcb16.tar.xz
Merge commit 'c8e6e0584' into anoa/dinsic_release_1_31_0
Diffstat (limited to '')
-rw-r--r--synapse/config/oidc_config.py12


1 files changed, 9 insertions, 3 deletions
diff --git a/synapse/config/oidc_config.py b/synapse/config/oidc_config.py

index f257fcd412..8cb0c42f36 100644
--- a/synapse/config/oidc_config.py
+++ b/synapse/config/oidc_config.py
@@ -331,17 +331,23 @@ def _parse_oidc_config_dict(
             config_path + ("user_mapping_provider", "module"),
         )
 
-    # MSC2858 will appy certain limits in what can be used as an IdP id, so let's
+    # MSC2858 will apply certain limits in what can be used as an IdP id, so let's
     # enforce those limits now.
+    # TODO: factor out this stuff to a generic function
     idp_id = oidc_config.get("idp_id", "oidc")
-    valid_idp_chars = set(string.ascii_letters + string.digits + "-._~")
+    valid_idp_chars = set(string.ascii_lowercase + string.digits + "-._")
 
     if any(c not in valid_idp_chars for c in idp_id):
         raise ConfigError(
-            'idp_id may only contain A-Z, a-z, 0-9, "-", ".", "_", "~"',
+            'idp_id may only contain a-z, 0-9, "-", ".", "_"',
             config_path + ("idp_id",),
         )
 
+    if idp_id[0] not in string.ascii_lowercase:
+        raise ConfigError(
+            "idp_id must start with a-z", config_path + ("idp_id",),
+        )
+
     # MSC2858 also specifies that the idp_icon must be a valid MXC uri
     idp_icon = oidc_config.get("idp_icon")
     if idp_icon is not None:

 

generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-09-19 06:22:09 +0000