diff options
author | Patrick Cloke <clokep@users.noreply.github.com> | 2020-11-19 14:25:17 -0500 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-11-19 14:25:17 -0500 |
commit | 79bfe966e08a2212cc2fae2b00f5efb2c2185543 (patch) | |
tree | 91ebd35fefb641e1e9fa6398a56d16ed51f92a01 /UPGRADE.rst | |
parent | SAML: Allow specifying the IdP entityid to use. (#8630) (diff) | |
download | synapse-79bfe966e08a2212cc2fae2b00f5efb2c2185543.tar.xz |
Improve error checking for OIDC/SAML mapping providers (#8774)
Checks that the localpart returned by mapping providers for SAML and OIDC are valid before registering new users. Extends the OIDC tests for existing users and invalid data.
Diffstat (limited to 'UPGRADE.rst')
-rw-r--r-- | UPGRADE.rst | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/UPGRADE.rst b/UPGRADE.rst index 7c19cf2a70..4de1bb5841 100644 --- a/UPGRADE.rst +++ b/UPGRADE.rst @@ -75,6 +75,36 @@ for example: wget https://packages.matrix.org/debian/pool/main/m/matrix-synapse-py3/matrix-synapse-py3_1.3.0+stretch1_amd64.deb dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb +Upgrading to v1.24.0 +==================== + +Custom OpenID Connect mapping provider breaking change +------------------------------------------------------ + +This release allows the OpenID Connect mapping provider to perform normalisation +of the localpart of the Matrix ID. This allows for the mapping provider to +specify different algorithms, instead of the [default way](https://matrix.org/docs/spec/appendices#mapping-from-other-character-sets). + +If your Synapse configuration uses a custom mapping provider +(`oidc_config.user_mapping_provider.module` is specified and not equal to +`synapse.handlers.oidc_handler.JinjaOidcMappingProvider`) then you *must* ensure +that `map_user_attributes` of the mapping provider performs some normalisation +of the `localpart` returned. To match previous behaviour you can use the +`map_username_to_mxid_localpart` function provided by Synapse. An example is +shown below: + +.. code-block:: python + + from synapse.types import map_username_to_mxid_localpart + + class MyMappingProvider: + def map_user_attributes(self, userinfo, token): + # ... your custom logic ... + sso_user_id = ... + localpart = map_username_to_mxid_localpart(sso_user_id) + + return {"localpart": localpart} + Upgrading to v1.23.0 ==================== |