diff options
| author | Matthew Hodgson <matthew@matrix.org> | 2018-11-03 19:47:16 +0000 |
|---|---|---|
| committer | Matthew Hodgson <matthew@matrix.org> | 2018-11-03 19:47:16 +0000 |
| commit | 35b66c25da4a39dbfcbfc8b6428ba917d6cb8a16 (patch) | |
| tree | 5030f9c1f453c18b76b91e0601bcb91ba574baf8 | |
| parent | send access_tokens correctly (diff) | |
| download | synapse-35b66c25da4a39dbfcbfc8b6428ba917d6cb8a16.tar.xz | |
switch from shadow reg to appservice reg
| -rw-r--r-- | synapse/handlers/register.py | 23 | ||||
| -rw-r--r-- | synapse/rest/client/v2_alpha/register.py | 76 |
2 files changed, 48 insertions, 51 deletions
diff --git a/synapse/handlers/register.py b/synapse/handlers/register.py index 4a9de519f8..d31524ae60 100644 --- a/synapse/handlers/register.py +++ b/synapse/handlers/register.py @@ -274,7 +274,9 @@ class RegistrationHandler(BaseHandler): defer.returnValue((user_id, token)) @defer.inlineCallbacks - def appservice_register(self, user_localpart, as_token): + def appservice_register(self, user_localpart, as_token, password, display_name): + # FIXME: this should be factored out and merged with normal register() + user = UserID(user_localpart, self.hs.hostname) user_id = user.to_string() service = self.store.get_app_service_by_token(as_token) @@ -292,16 +294,26 @@ class RegistrationHandler(BaseHandler): user_id, allowed_appservice=service ) + password_hash = "" + if password: + password_hash = yield self.auth_handler().hash(password) + yield self.store.register( user_id=user_id, - password_hash="", + password_hash=password_hash, appservice_id=service_id, ) yield self.profile_handler.set_displayname( - user, None, user.localpart, by_admin=True, + user, None, display_name or user.localpart, by_admin=True, ) + if self.hs.config.user_directory_search_all_users: + profile = yield self.store.get_profileinfo(user_localpart) + yield self.user_directory_handler.handle_local_profile_change( + user_id, profile + ) + defer.returnValue(user_id) @defer.inlineCallbacks @@ -427,7 +439,7 @@ class RegistrationHandler(BaseHandler): ) @defer.inlineCallbacks - def shadow_register(self, localpart, auth_result, params): + def shadow_register(self, localpart, display_name, auth_result, params): """Invokes the current registration on another server, using shared secret registration, passing in any auth_results from other registration UI auth flows (e.g. validated 3pids) @@ -445,6 +457,9 @@ class RegistrationHandler(BaseHandler): { # XXX: auth_result is an unspecified extension for shadow registration 'auth_result': auth_result, + # XXX: another unspecified extension for shadow registration to ensure + # that the displayname is correctly set by the masters erver + 'display_name': display_name, 'username': localpart, 'password': params.get("password"), 'bind_email': params.get("bind_email"), diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py index f87851544e..fb9441a87a 100644 --- a/synapse/rest/client/v2_alpha/register.py +++ b/synapse/rest/client/v2_alpha/register.py @@ -35,7 +35,6 @@ from synapse.http.servlet import ( parse_json_object_from_request, parse_string, ) -from synapse.api.errors import AuthError from synapse.util.msisdn import phone_number_to_msisdn from synapse.util.ratelimitutils import FederationRateLimiter from synapse.util.threepids import check_3pid_allowed @@ -230,7 +229,7 @@ class RegisterRestServlet(RestServlet): raise SynapseError(400, "Invalid username") desired_username = body['username'] - desired_display_name = None + desired_display_name = body.get('display_name') appservice = None if self.auth.has_access_token(request): @@ -255,7 +254,8 @@ class RegisterRestServlet(RestServlet): if isinstance(desired_username, string_types): result = yield self._do_appservice_registration( - desired_username, access_token, body + desired_username, desired_password, desired_display_name, + access_token, body ) defer.returnValue((200, result)) # we throw for non 200 responses return @@ -279,19 +279,6 @@ class RegisterRestServlet(RestServlet): defer.returnValue((200, result)) # we throw for non 200 responses return - if 'access_token' in body: - requester = yield self.auth.get_user_by_req(request) - if not requester.app_service: - raise AuthError( - 403, "Only appservices can register clients with an access_token" - ) - - result = yield self._do_shadow_registration( - desired_username, desired_password, body - ) - defer.returnValue((200, result)) # we throw for non 200 responses - return - # == Normal User Registration == (everyone else) if not self.hs.config.enable_registration: raise SynapseError(403, "Registration has been disabled") @@ -515,6 +502,7 @@ class RegisterRestServlet(RestServlet): if self.hs.config.shadow_server: yield self.registration_handler.shadow_register( localpart=desired_username, + display_name=desired_display_name, auth_result=auth_result, params=params, ) @@ -552,11 +540,33 @@ class RegisterRestServlet(RestServlet): return 200, {} @defer.inlineCallbacks - def _do_appservice_registration(self, username, as_token, body): + def _do_appservice_registration( + self, username, password, display_name, as_token, body + ): + + # FIXME: appservice_register() is horribly duplicated with register() + # and they should probably just be combined together with a config flag. user_id = yield self.registration_handler.appservice_register( - username, as_token + username, as_token, password, display_name ) - defer.returnValue((yield self._create_registration_details(user_id, body))) + result = yield self._create_registration_details(user_id, body) + + auth_result = body.get('auth_result') + if auth_result and LoginType.EMAIL_IDENTITY in auth_result: + threepid = auth_result[LoginType.EMAIL_IDENTITY] + yield self._register_email_threepid( + user_id, threepid, result["access_token"], + body.get("bind_email") + ) + + if auth_result and LoginType.MSISDN in auth_result: + threepid = auth_result[LoginType.MSISDN] + yield self._register_msisdn_threepid( + user_id, threepid, result["access_token"], + body.get("bind_msisdn") + ) + + defer.returnValue(result) @defer.inlineCallbacks def _do_shared_secret_registration(self, username, password, body): @@ -597,34 +607,6 @@ class RegisterRestServlet(RestServlet): defer.returnValue(result) @defer.inlineCallbacks - def _do_shadow_registration(self, username, password, body): - auth_result = body.get('auth_result') - - (user_id, _) = yield self.registration_handler.register( - localpart=username, password=password, generate_token=False, - ) - - return_dict = yield self._create_registration_details( - user_id, body - ) - - if auth_result and LoginType.EMAIL_IDENTITY in auth_result: - threepid = auth_result[LoginType.EMAIL_IDENTITY] - yield self._register_email_threepid( - user_id, threepid, return_dict["access_token"], - body.get("bind_email") - ) - - if auth_result and LoginType.MSISDN in auth_result: - threepid = auth_result[LoginType.MSISDN] - yield self._register_msisdn_threepid( - user_id, threepid, return_dict["access_token"], - body.get("bind_msisdn") - ) - - defer.returnValue((200, return_dict)) - - @defer.inlineCallbacks def _register_email_threepid(self, user_id, threepid, token, bind_email): """Add an email address as a 3pid identifier |