diff --git a/synapse/handlers/identity.py b/synapse/handlers/identity.py
index dfc03f51e7..0b40541570 100644
--- a/synapse/handlers/identity.py
+++ b/synapse/handlers/identity.py
@@ -41,7 +41,6 @@ logger = logging.getLogger(__name__)
class IdentityHandler(BaseHandler):
-
def __init__(self, hs):
super(IdentityHandler, self).__init__(hs)
@@ -71,24 +70,24 @@ class IdentityHandler(BaseHandler):
@defer.inlineCallbacks
def threepid_from_creds(self, creds):
- if 'id_server' in creds:
- id_server = creds['id_server']
- elif 'idServer' in creds:
- id_server = creds['idServer']
+ if "id_server" in creds:
+ id_server = creds["id_server"]
+ elif "idServer" in creds:
+ id_server = creds["idServer"]
else:
raise SynapseError(400, "No id_server in creds")
- if 'client_secret' in creds:
- client_secret = creds['client_secret']
- elif 'clientSecret' in creds:
- client_secret = creds['clientSecret']
+ if "client_secret" in creds:
+ client_secret = creds["client_secret"]
+ elif "clientSecret" in creds:
+ client_secret = creds["clientSecret"]
else:
raise SynapseError(400, "No client_secret in creds")
if not self._should_trust_id_server(id_server):
logger.warn(
- '%s is not a trusted ID server: rejecting 3pid ' +
- 'credentials', id_server
+ "%s is not a trusted ID server: rejecting 3pid " + "credentials",
+ id_server,
)
defer.returnValue(None)
# if we have a rewrite rule set for the identity server,
@@ -97,17 +96,15 @@ class IdentityHandler(BaseHandler):
id_server = self.rewrite_identity_server_urls[id_server]
try:
data = yield self.http_client.get_json(
- "https://%s%s" % (
- id_server,
- "/_matrix/identity/api/v1/3pid/getValidated3pid"
- ),
- {'sid': creds['sid'], 'client_secret': client_secret}
+ "https://%s%s"
+ % (id_server, "/_matrix/identity/api/v1/3pid/getValidated3pid"),
+ {"sid": creds["sid"], "client_secret": client_secret},
)
except HttpResponseException as e:
logger.info("getValidated3pid failed with Matrix error: %r", e)
raise e.to_synapse_error()
- if 'medium' in data:
+ if "medium" in data:
defer.returnValue(data)
defer.returnValue(None)
@@ -116,17 +113,17 @@ class IdentityHandler(BaseHandler):
logger.debug("binding threepid %r to %s", creds, mxid)
data = None
- if 'id_server' in creds:
- id_server = creds['id_server']
- elif 'idServer' in creds:
- id_server = creds['idServer']
+ if "id_server" in creds:
+ id_server = creds["id_server"]
+ elif "idServer" in creds:
+ id_server = creds["idServer"]
else:
raise SynapseError(400, "No id_server in creds")
- if 'client_secret' in creds:
- client_secret = creds['client_secret']
- elif 'clientSecret' in creds:
- client_secret = creds['clientSecret']
+ if "client_secret" in creds:
+ client_secret = creds["client_secret"]
+ elif "clientSecret" in creds:
+ client_secret = creds["clientSecret"]
else:
raise SynapseError(400, "No client_secret in creds")
@@ -140,14 +137,8 @@ class IdentityHandler(BaseHandler):
try:
data = yield self.http_client.post_urlencoded_get_json(
- "https://%s%s" % (
- id_server_host, "/_matrix/identity/api/v1/3pid/bind"
- ),
- {
- 'sid': creds['sid'],
- 'client_secret': client_secret,
- 'mxid': mxid,
- }
+ "https://%s%s" % (id_server_host, "/_matrix/identity/api/v1/3pid/bind"),
+ {"sid": creds["sid"], "client_secret": client_secret, "mxid": mxid},
)
logger.debug("bound threepid %r to %s", creds, mxid)
@@ -183,9 +174,7 @@ class IdentityHandler(BaseHandler):
id_servers = [threepid["id_server"]]
else:
id_servers = yield self.store.get_id_servers_user_bound(
- user_id=mxid,
- medium=threepid["medium"],
- address=threepid["address"],
+ user_id=mxid, medium=threepid["medium"], address=threepid["address"]
)
# We don't know where to unbind, so we don't have a choice but to return
@@ -195,7 +184,7 @@ class IdentityHandler(BaseHandler):
changed = True
for id_server in id_servers:
changed &= yield self.try_unbind_threepid_with_id_server(
- mxid, threepid, id_server,
+ mxid, threepid, id_server
)
defer.returnValue(changed)
@@ -219,10 +208,7 @@ class IdentityHandler(BaseHandler):
url = "https://%s/_matrix/identity/api/v1/3pid/unbind" % (id_server,)
content = {
"mxid": mxid,
- "threepid": {
- "medium": threepid["medium"],
- "address": threepid["address"],
- },
+ "threepid": {"medium": threepid["medium"], "address": threepid["address"]},
}
# we abuse the federation http client to sign the request, but we have to send it
@@ -230,14 +216,12 @@ class IdentityHandler(BaseHandler):
# 'browser-like' HTTPS.
auth_headers = self.federation_http_client.build_auth_headers(
destination=None,
- method='POST',
- url_bytes='/_matrix/identity/api/v1/3pid/unbind'.encode('ascii'),
+ method="POST",
+ url_bytes="/_matrix/identity/api/v1/3pid/unbind".encode("ascii"),
content=content,
destination_is=id_server,
)
- headers = {
- b"Authorization": auth_headers,
- }
+ headers = {b"Authorization": auth_headers}
# if we have a rewrite rule set for the identity server,
# apply it now.
@@ -250,15 +234,11 @@ class IdentityHandler(BaseHandler):
url = "https://%s/_matrix/identity/api/v1/3pid/unbind" % (id_server,)
try:
- yield self.http_client.post_json_get_json(
- url,
- content,
- headers,
- )
+ yield self.http_client.post_json_get_json(url, content, headers)
changed = True
except HttpResponseException as e:
changed = False
- if e.code in (400, 404, 501,):
+ if e.code in (400, 404, 501):
# The remote server probably doesn't support unbinding (yet)
logger.warn("Received %d response while unbinding threepid", e.code)
else:
@@ -276,23 +256,17 @@ class IdentityHandler(BaseHandler):
@defer.inlineCallbacks
def requestEmailToken(
- self,
- id_server,
- email,
- client_secret,
- send_attempt,
- next_link=None,
+ self, id_server, email, client_secret, send_attempt, next_link=None
):
if not self._should_trust_id_server(id_server):
raise SynapseError(
- 400, "Untrusted ID server '%s'" % id_server,
- Codes.SERVER_NOT_TRUSTED
+ 400, "Untrusted ID server '%s'" % id_server, Codes.SERVER_NOT_TRUSTED
)
params = {
- 'email': email,
- 'client_secret': client_secret,
- 'send_attempt': send_attempt,
+ "email": email,
+ "client_secret": client_secret,
+ "send_attempt": send_attempt,
}
# if we have a rewrite rule set for the identity server,
@@ -301,15 +275,13 @@ class IdentityHandler(BaseHandler):
id_server = self.rewrite_identity_server_urls[id_server]
if next_link:
- params.update({'next_link': next_link})
+ params.update({"next_link": next_link})
try:
data = yield self.http_client.post_json_get_json(
- "https://%s%s" % (
- id_server,
- "/_matrix/identity/api/v1/validate/email/requestToken"
- ),
- params
+ "https://%s%s"
+ % (id_server, "/_matrix/identity/api/v1/validate/email/requestToken"),
+ params,
)
defer.returnValue(data)
except HttpResponseException as e:
@@ -318,20 +290,18 @@ class IdentityHandler(BaseHandler):
@defer.inlineCallbacks
def requestMsisdnToken(
- self, id_server, country, phone_number,
- client_secret, send_attempt, **kwargs
+ self, id_server, country, phone_number, client_secret, send_attempt, **kwargs
):
if not self._should_trust_id_server(id_server):
raise SynapseError(
- 400, "Untrusted ID server '%s'" % id_server,
- Codes.SERVER_NOT_TRUSTED
+ 400, "Untrusted ID server '%s'" % id_server, Codes.SERVER_NOT_TRUSTED
)
params = {
- 'country': country,
- 'phone_number': phone_number,
- 'client_secret': client_secret,
- 'send_attempt': send_attempt,
+ "country": country,
+ "phone_number": phone_number,
+ "client_secret": client_secret,
+ "send_attempt": send_attempt,
}
params.update(kwargs)
# if we have a rewrite rule set for the identity server,
@@ -340,11 +310,9 @@ class IdentityHandler(BaseHandler):
id_server = self.rewrite_identity_server_urls[id_server]
try:
data = yield self.http_client.post_json_get_json(
- "https://%s%s" % (
- id_server,
- "/_matrix/identity/api/v1/validate/msisdn/requestToken"
- ),
- params
+ "https://%s%s"
+ % (id_server, "/_matrix/identity/api/v1/validate/msisdn/requestToken"),
+ params,
)
defer.returnValue(data)
except HttpResponseException as e:
@@ -368,13 +336,12 @@ class IdentityHandler(BaseHandler):
"""
if not self._should_trust_id_server(id_server):
raise SynapseError(
- 400, "Untrusted ID server '%s'" % id_server,
- Codes.SERVER_NOT_TRUSTED
+ 400, "Untrusted ID server '%s'" % id_server, Codes.SERVER_NOT_TRUSTED
)
if not self._enable_lookup:
raise AuthError(
- 403, "Looking up third-party identifiers is denied from this server",
+ 403, "Looking up third-party identifiers is denied from this server"
)
target = self.rewrite_identity_server_urls.get(id_server, id_server)
@@ -382,10 +349,7 @@ class IdentityHandler(BaseHandler):
try:
data = yield self.http_client.get_json(
"https://%s/_matrix/identity/api/v1/lookup" % (target,),
- {
- "medium": medium,
- "address": address,
- }
+ {"medium": medium, "address": address},
)
if "mxid" in data:
@@ -419,13 +383,12 @@ class IdentityHandler(BaseHandler):
"""
if not self._should_trust_id_server(id_server):
raise SynapseError(
- 400, "Untrusted ID server '%s'" % id_server,
- Codes.SERVER_NOT_TRUSTED
+ 400, "Untrusted ID server '%s'" % id_server, Codes.SERVER_NOT_TRUSTED
)
if not self._enable_lookup:
raise AuthError(
- 403, "Looking up third-party identifiers is denied from this server",
+ 403, "Looking up third-party identifiers is denied from this server"
)
target = self.rewrite_identity_server_urls.get(id_server, id_server)
@@ -433,9 +396,7 @@ class IdentityHandler(BaseHandler):
try:
data = yield self.http_client.post_json_get_json(
"https://%s/_matrix/identity/api/v1/bulk_lookup" % (target,),
- {
- "threepids": threepids,
- }
+ {"threepids": threepids},
)
except HttpResponseException as e:
@@ -454,20 +415,22 @@ class IdentityHandler(BaseHandler):
for key_name, signature in data["signatures"][server_hostname].items():
target = self.rewrite_identity_server_urls.get(
- server_hostname, server_hostname,
+ server_hostname, server_hostname
)
key_data = yield self.http_client.get_json(
- "https://%s/_matrix/identity/api/v1/pubkey/%s" %
- (target, key_name,),
+ "https://%s/_matrix/identity/api/v1/pubkey/%s" % (target, key_name)
)
if "public_key" not in key_data:
- raise AuthError(401, "No public key named %s from %s" %
- (key_name, server_hostname,))
+ raise AuthError(
+ 401, "No public key named %s from %s" % (key_name, server_hostname)
+ )
verify_signed_json(
data,
server_hostname,
- decode_verify_key_bytes(key_name, decode_base64(key_data["public_key"]))
+ decode_verify_key_bytes(
+ key_name, decode_base64(key_data["public_key"])
+ ),
)
return
|
