diff --git a/synapse/handlers/ui_auth/checkers.py b/synapse/handlers/ui_auth/checkers.py
index 32dca8c43b..477961d78c 100644
--- a/synapse/handlers/ui_auth/checkers.py
+++ b/synapse/handlers/ui_auth/checkers.py
@@ -157,104 +157,6 @@ class RecaptchaAuthChecker(UserInteractiveAuthChecker):
)
-class _BaseThreepidAuthChecker:
- def __init__(self, hs: "HomeServer"):
- self.hs = hs
- self.store = hs.get_datastores().main
-
- async def _check_threepid(self, medium: str, authdict: dict) -> dict:
- if "threepid_creds" not in authdict:
- raise LoginError(400, "Missing threepid_creds", Codes.MISSING_PARAM)
-
- threepid_creds = authdict["threepid_creds"]
-
- identity_handler = self.hs.get_identity_handler()
-
- logger.info("Getting validated threepid. threepidcreds: %r", (threepid_creds,))
-
- # msisdns are currently always verified via the IS
- if medium == "msisdn":
- if not self.hs.config.registration.account_threepid_delegate_msisdn:
- raise SynapseError(
- 400, "Phone number verification is not enabled on this homeserver"
- )
- threepid = await identity_handler.threepid_from_creds(
- self.hs.config.registration.account_threepid_delegate_msisdn,
- threepid_creds,
- )
- elif medium == "email":
- if self.hs.config.email.can_verify_email:
- threepid = None
- row = await self.store.get_threepid_validation_session(
- medium,
- threepid_creds["client_secret"],
- sid=threepid_creds["sid"],
- validated=True,
- )
-
- if row:
- threepid = {
- "medium": row.medium,
- "address": row.address,
- "validated_at": row.validated_at,
- }
-
- # Valid threepid returned, delete from the db
- await self.store.delete_threepid_session(threepid_creds["sid"])
- else:
- raise SynapseError(
- 400, "Email address verification is not enabled on this homeserver"
- )
- else:
- # this can't happen!
- raise AssertionError("Unrecognized threepid medium: %s" % (medium,))
-
- if not threepid:
- raise LoginError(
- 401, "Unable to get validated threepid", errcode=Codes.UNAUTHORIZED
- )
-
- if threepid["medium"] != medium:
- raise LoginError(
- 401,
- "Expecting threepid of type '%s', got '%s'"
- % (medium, threepid["medium"]),
- errcode=Codes.UNAUTHORIZED,
- )
-
- threepid["threepid_creds"] = authdict["threepid_creds"]
-
- return threepid
-
-
-class EmailIdentityAuthChecker(UserInteractiveAuthChecker, _BaseThreepidAuthChecker):
- AUTH_TYPE = LoginType.EMAIL_IDENTITY
-
- def __init__(self, hs: "HomeServer"):
- UserInteractiveAuthChecker.__init__(self, hs)
- _BaseThreepidAuthChecker.__init__(self, hs)
-
- def is_enabled(self) -> bool:
- return self.hs.config.email.can_verify_email
-
- async def check_auth(self, authdict: dict, clientip: str) -> Any:
- return await self._check_threepid("email", authdict)
-
-
-class MsisdnAuthChecker(UserInteractiveAuthChecker, _BaseThreepidAuthChecker):
- AUTH_TYPE = LoginType.MSISDN
-
- def __init__(self, hs: "HomeServer"):
- UserInteractiveAuthChecker.__init__(self, hs)
- _BaseThreepidAuthChecker.__init__(self, hs)
-
- def is_enabled(self) -> bool:
- return bool(self.hs.config.registration.account_threepid_delegate_msisdn)
-
- async def check_auth(self, authdict: dict, clientip: str) -> Any:
- return await self._check_threepid("msisdn", authdict)
-
-
class RegistrationTokenAuthChecker(UserInteractiveAuthChecker):
AUTH_TYPE = LoginType.REGISTRATION_TOKEN
@@ -263,7 +165,7 @@ class RegistrationTokenAuthChecker(UserInteractiveAuthChecker):
self.hs = hs
self._enabled = bool(
hs.config.registration.registration_requires_token
- ) or bool(hs.config.registration.enable_registration_token_3pid_bypass)
+ )
self.store = hs.get_datastores().main
def is_enabled(self) -> bool:
@@ -325,8 +227,6 @@ INTERACTIVE_AUTH_CHECKERS: Sequence[Type[UserInteractiveAuthChecker]] = [
DummyAuthChecker,
TermsAuthChecker,
RecaptchaAuthChecker,
- EmailIdentityAuthChecker,
- MsisdnAuthChecker,
RegistrationTokenAuthChecker,
]
"""A list of UserInteractiveAuthChecker classes"""
|
