diff options
author | Jason Robinson <jasonr@matrix.org> | 2020-03-26 19:02:35 +0200 |
---|---|---|
committer | Jason Robinson <jasonr@matrix.org> | 2020-03-26 19:02:35 +0200 |
commit | 060e7dce09ae2197f29811769b13db30ed340211 (patch) | |
tree | 1738f17a79b4e43886756ad4fee99e525c031ade | |
parent | Validate that the session is not modified during UI-Auth (#7068) (diff) | |
download | synapse-060e7dce09ae2197f29811769b13db30ed340211.tar.xz |
Allow RedirectResponse in SAML response handler
Allow custom SAML handlers to redirect after processing an auth response. Fixes #7149 Signed-off-by: Jason Robinson <jasonr@matrix.org>
-rw-r--r-- | changelog.d/7151.bugfix | 1 | ||||
-rw-r--r-- | synapse/handlers/saml_handler.py | 4 |
2 files changed, 5 insertions, 0 deletions
diff --git a/changelog.d/7151.bugfix b/changelog.d/7151.bugfix new file mode 100644 index 0000000000..69cde9351d --- /dev/null +++ b/changelog.d/7151.bugfix @@ -0,0 +1 @@ +Allow custom SAML handlers to redirect after processing an auth response. diff --git a/synapse/handlers/saml_handler.py b/synapse/handlers/saml_handler.py index 72c109981b..dc04b53f43 100644 --- a/synapse/handlers/saml_handler.py +++ b/synapse/handlers/saml_handler.py @@ -26,6 +26,7 @@ from synapse.config import ConfigError from synapse.http.server import finish_request from synapse.http.servlet import parse_string from synapse.module_api import ModuleApi +from synapse.module_api.errors import RedirectException from synapse.types import ( UserID, map_username_to_mxid_localpart, @@ -119,6 +120,9 @@ class SamlHandler: try: user_id = await self._map_saml_response_to_user(resp_bytes, relay_state) + except RedirectException: + # Raise the exception as per the wishes of the SAML module response + raise except Exception as e: # If decoding the response or mapping it to a user failed, then log the # error and tell the user that something went wrong. |