summary refs log tree commit diff
path: root/synapse/config/registration.py
diff options
context:
space:
mode:
authorErik Johnston <erikj@element.io>2024-01-10 17:16:49 +0000
committerGitHub <noreply@github.com>2024-01-10 17:16:49 +0000
commita986f86c827879f26abd574da6c7d12ac9578dd8 (patch)
treee678a8e07f88d0e684c2407987b69b5c13e0f98f /synapse/config/registration.py
parentFaster load recents for sync (#16783) (diff)
downloadsynapse-a986f86c827879f26abd574da6c7d12ac9578dd8.tar.xz
Correctly handle OIDC config with no `client_secret` set (#16806)
In previous versions of authlib using `client_secret_basic` without a
`client_secret` would result in an invalid auth header. Since authlib
1.3 it throws an exception.

The configuration may be accepted in by very lax servers, so we don't
want to deny it outright. Instead, let's default the
`client_auth_method` to `none`, which does the right thing. If the
config specifies `client_auth_method` and no `client_secret` then that
is going to be bogus and we should reject it
Diffstat (limited to 'synapse/config/registration.py')
0 files changed, 0 insertions, 0 deletions