diff options
author | David Baker <dave@matrix.org> | 2015-04-02 17:51:19 +0100 |
---|---|---|
committer | David Baker <dave@matrix.org> | 2015-04-02 17:51:19 +0100 |
commit | 4eb6d66b45356efcc87089cb52ca6f51c98cd798 (patch) | |
tree | 45028c69d9cf1dd183817f48f2790b2fc19946af | |
parent | Throw sensible errors on not-json when allowing empty body (diff) | |
download | synapse-4eb6d66b45356efcc87089cb52ca6f51c98cd798.tar.xz |
Add app service auth back in to v2 register
-rw-r--r-- | synapse/api/constants.py | 4 | ||||
-rw-r--r-- | synapse/rest/client/v2_alpha/register.py | 9 |
2 files changed, 8 insertions, 5 deletions
diff --git a/synapse/api/constants.py b/synapse/api/constants.py index f825c1a58b..d29c2dde01 100644 --- a/synapse/api/constants.py +++ b/synapse/api/constants.py @@ -59,13 +59,11 @@ class LoginType(object): EMAIL_URL = u"m.login.email.url" EMAIL_IDENTITY = u"m.login.email.identity" RECAPTCHA = u"m.login.recaptcha" - APPLICATION_SERVICE = u"m.login.application_service" # Only for C/S API v1 + APPLICATION_SERVICE = u"m.login.application_service" SHARED_SECRET = u"org.matrix.login.shared_secret" - HIDDEN_TYPES = [APPLICATION_SERVICE] - class EventTypes(object): Member = "m.room.member" diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py index a69b45f362..72319a3bb2 100644 --- a/synapse/rest/client/v2_alpha/register.py +++ b/synapse/rest/client/v2_alpha/register.py @@ -59,7 +59,13 @@ class RegisterRestServlet(RestServlet): is_using_shared_secret = False is_application_server = False - if 'mac' in body: + service = None + if 'access_token' in request.args: + service = yield self.auth.get_appservice_by_req(request) + + if service: + is_application_server = True + elif 'mac' in body: # Check registration-specific shared secret auth if 'username' not in body: raise SynapseError(400, "", Codes.MISSING_PARAM) @@ -71,7 +77,6 @@ class RegisterRestServlet(RestServlet): authed, result = yield self.auth_handler.check_auth([ [LoginType.RECAPTCHA], [LoginType.EMAIL_IDENTITY, LoginType.RECAPTCHA], - [LoginType.APPLICATION_SERVICE] ], body, self.hs.get_ip_from_request(request)) if not authed: |