Validate client_secret parameter (#6767)

* commit '9f7aaf90b': Validate client_secret parameter (#6767)
author: Andrew Morgan <andrew@amorgan.xyz> 2020-03-23 13:25:02 +0000
committer: Andrew Morgan <andrew@amorgan.xyz> 2020-03-23 13:25:02 +0000
commit: 8632f34f90c85dbd1d355d3a4a8e5da777c4e299 (patch)
tree: 23ef9e7d5e66e2672292486ae185cbb47fc8976e /synapse/handlers/identity.py
parent: Make 'event.redacts' never raise. (#6771) (diff)
parent: Validate client_secret parameter (#6767) (diff)
download: synapse-8632f34f90c85dbd1d355d3a4a8e5da777c4e299.tar.xz
1 files changed, 3 insertions, 1 deletions
diff --git a/synapse/handlers/identity.py b/synapse/handlers/identity.py
index 517e045e5b..94b5279aa6 100644
--- a/synapse/handlers/identity.py
+++ b/synapse/handlers/identity.py
@@ -39,7 +39,7 @@ from synapse.api.errors import (
 from synapse.config.emailconfig import ThreepidBehaviour
 from synapse.http.client import SimpleHttpClient
 from synapse.util.hash import sha256_and_url_safe_base64
-from synapse.util.stringutils import random_string
+from synapse.util.stringutils import assert_valid_client_secret, random_string
 
 from ._base import BaseHandler
 
@@ -92,6 +92,8 @@ class IdentityHandler(BaseHandler):
             raise SynapseError(
                 400, "Missing param client_secret in creds", errcode=Codes.MISSING_PARAM
             )
+        assert_valid_client_secret(client_secret)
+
         session_id = creds.get("sid")
         if not session_id:
             raise SynapseError(
author	Andrew Morgan <andrew@amorgan.xyz>	2020-03-23 13:25:02 +0000
committer	Andrew Morgan <andrew@amorgan.xyz>	2020-03-23 13:25:02 +0000
commit	8632f34f90c85dbd1d355d3a4a8e5da777c4e299 (patch)
tree	23ef9e7d5e66e2672292486ae185cbb47fc8976e /synapse/handlers/identity.py
parent	Make 'event.redacts' never raise. (#6771) (diff)
parent	Validate client_secret parameter (#6767) (diff)
download	synapse-8632f34f90c85dbd1d355d3a4a8e5da777c4e299.tar.xz