diff options
author | Erik Johnston <erik@matrix.org> | 2016-03-14 15:50:40 +0000 |
---|---|---|
committer | Erik Johnston <erik@matrix.org> | 2016-03-14 15:50:40 +0000 |
commit | 590fbbef03c21308c8ff038541b7ef6d33f9c5fa (patch) | |
tree | fba4b3fd65c8a3a133de3611ba024bc0bea682d1 | |
parent | Return list, not generator. (diff) | |
download | synapse-590fbbef03c21308c8ff038541b7ef6d33f9c5fa.tar.xz |
Add config to create guest account on 3pid invite
Currently, when a 3pid invite request is sent to an identity server, it includes a provisioned guest access token. This allows the link in the, say, invite email to include the guest access token ensuring that the same account is used each time the link is clicked. This flow has a number of flaws, including when using different servers or servers that have guest access disabled. For now, we keep this implementation but hide it behind a config option until a better flow is implemented.
Diffstat (limited to '')
-rw-r--r-- | synapse/config/registration.py | 4 | ||||
-rw-r--r-- | synapse/handlers/room.py | 57 |
2 files changed, 36 insertions, 25 deletions
diff --git a/synapse/config/registration.py b/synapse/config/registration.py index ab062d528c..87e500c97a 100644 --- a/synapse/config/registration.py +++ b/synapse/config/registration.py @@ -37,6 +37,10 @@ class RegistrationConfig(Config): self.trusted_third_party_id_servers = config["trusted_third_party_id_servers"] self.allow_guest_access = config.get("allow_guest_access", False) + self.invite_3pid_guest = ( + self.allow_guest_access and config.get("invite_3pid_guest", False) + ) + def default_config(self, **kwargs): registration_shared_secret = random_string_with_symbols(50) diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py index 57113ae4a5..051468989f 100644 --- a/synapse/handlers/room.py +++ b/synapse/handlers/room.py @@ -877,36 +877,43 @@ class RoomMemberHandler(BaseHandler): user. """ - registration_handler = self.hs.get_handlers().registration_handler - guest_access_token = yield registration_handler.guest_access_token_for( - medium=medium, - address=address, - inviter_user_id=inviter_user_id, - ) - - guest_user_info = yield self.hs.get_auth().get_user_by_access_token( - guest_access_token - ) - is_url = "%s%s/_matrix/identity/api/v1/store-invite" % ( id_server_scheme, id_server, ) + + invite_config = { + "medium": medium, + "address": address, + "room_id": room_id, + "room_alias": room_alias, + "room_avatar_url": room_avatar_url, + "room_join_rules": room_join_rules, + "room_name": room_name, + "sender": inviter_user_id, + "sender_display_name": inviter_display_name, + "sender_avatar_url": inviter_avatar_url, + } + + if self.hs.config.invite_3pid_guest: + registration_handler = self.hs.get_handlers().registration_handler + guest_access_token = yield registration_handler.guest_access_token_for( + medium=medium, + address=address, + inviter_user_id=inviter_user_id, + ) + + guest_user_info = yield self.hs.get_auth().get_user_by_access_token( + guest_access_token + ) + + invite_config.update({ + "guest_access_token": guest_access_token, + "guest_user_id": guest_user_info["user"].to_string(), + }) + data = yield self.hs.get_simple_http_client().post_urlencoded_get_json( is_url, - { - "medium": medium, - "address": address, - "room_id": room_id, - "room_alias": room_alias, - "room_avatar_url": room_avatar_url, - "room_join_rules": room_join_rules, - "room_name": room_name, - "sender": inviter_user_id, - "sender_display_name": inviter_display_name, - "sender_avatar_url": inviter_avatar_url, - "guest_user_id": guest_user_info["user"].to_string(), - "guest_access_token": guest_access_token, - } + invite_config ) # TODO: Check for success token = data["token"] |