diff --git a/synapse/handlers/account_validity.py b/synapse/handlers/account_validity.py
index 6c2a49a3b9..c66bb6364f 100644
--- a/synapse/handlers/account_validity.py
+++ b/synapse/handlers/account_validity.py
@@ -98,6 +98,22 @@ class AccountValidityHandler:
for callback in self._module_api_callbacks.on_user_registration_callbacks:
await callback(user_id)
+ async def on_user_login(
+ self,
+ user_id: str,
+ auth_provider_type: Optional[str],
+ auth_provider_id: Optional[str],
+ ) -> None:
+ """Tell third-party modules about a user logins.
+
+ Args:
+ user_id: The mxID of the user.
+ auth_provider_type: The type of login.
+ auth_provider_id: The ID of the auth provider.
+ """
+ for callback in self._module_api_callbacks.on_user_login_callbacks:
+ await callback(user_id, auth_provider_type, auth_provider_id)
+
@wrap_as_background_process("send_renewals")
async def _send_renewal_emails(self) -> None:
"""Gets the list of users whose account is expiring in the amount of time
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py
index 2b0c505130..89cbaff864 100644
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@@ -212,6 +212,7 @@ class AuthHandler:
self._password_enabled_for_reauth = hs.config.auth.password_enabled_for_reauth
self._password_localdb_enabled = hs.config.auth.password_localdb_enabled
self._third_party_rules = hs.get_module_api_callbacks().third_party_event_rules
+ self._account_validity_handler = hs.get_account_validity_handler()
# Ratelimiter for failed auth during UIA. Uses same ratelimit config
# as per `rc_login.failed_attempts`.
@@ -1783,6 +1784,13 @@ class AuthHandler:
client_redirect_url, "loginToken", login_token
)
+ # Run post-login module callback handlers
+ await self._account_validity_handler.on_user_login(
+ user_id=registered_user_id,
+ auth_provider_type=LoginType.SSO,
+ auth_provider_id=auth_provider_id,
+ )
+
# if the client is whitelisted, we can redirect straight to it
if client_redirect_url.startswith(self._whitelisted_sso_clients):
request.redirect(redirect_url)
diff --git a/synapse/handlers/message.py b/synapse/handlers/message.py
index 811a41f161..25dd96416a 100644
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -693,13 +693,9 @@ class EventCreationHandler:
if require_consent and not is_exempt:
await self.assert_accepted_privacy_policy(requester)
- # Save the access token ID, the device ID and the transaction ID in the event
- # internal metadata. This is useful to determine if we should echo the
- # transaction_id in events.
+ # Save the the device ID and the transaction ID in the event internal metadata.
+ # This is useful to determine if we should echo the transaction_id in events.
# See `synapse.events.utils.EventClientSerializer.serialize_event`
- if requester.access_token_id is not None:
- builder.internal_metadata.token_id = requester.access_token_id
-
if requester.device_id is not None:
builder.internal_metadata.device_id = requester.device_id
diff --git a/synapse/handlers/profile.py b/synapse/handlers/profile.py
index 1027fbfd28..e043fd5322 100644
--- a/synapse/handlers/profile.py
+++ b/synapse/handlers/profile.py
@@ -129,6 +129,7 @@ class ProfileHandler:
new_displayname: str,
by_admin: bool = False,
deactivation: bool = False,
+ propagate: bool = True,
) -> None:
"""Set the displayname of a user
@@ -138,6 +139,7 @@ class ProfileHandler:
new_displayname: The displayname to give this user.
by_admin: Whether this change was made by an administrator.
deactivation: Whether this change was made while deactivating the user.
+ propagate: Whether this change also applies to the user's membership events.
"""
if not self.hs.is_mine(target_user):
raise SynapseError(400, "User is not hosted on this homeserver")
@@ -188,7 +190,8 @@ class ProfileHandler:
target_user.to_string(), profile, by_admin, deactivation
)
- await self._update_join_states(requester, target_user)
+ if propagate:
+ await self._update_join_states(requester, target_user)
async def get_avatar_url(self, target_user: UserID) -> Optional[str]:
if self.hs.is_mine(target_user):
@@ -221,6 +224,7 @@ class ProfileHandler:
new_avatar_url: str,
by_admin: bool = False,
deactivation: bool = False,
+ propagate: bool = True,
) -> None:
"""Set a new avatar URL for a user.
@@ -230,6 +234,7 @@ class ProfileHandler:
new_avatar_url: The avatar URL to give this user.
by_admin: Whether this change was made by an administrator.
deactivation: Whether this change was made while deactivating the user.
+ propagate: Whether this change also applies to the user's membership events.
"""
if not self.hs.is_mine(target_user):
raise SynapseError(400, "User is not hosted on this homeserver")
@@ -278,7 +283,8 @@ class ProfileHandler:
target_user.to_string(), profile, by_admin, deactivation
)
- await self._update_join_states(requester, target_user)
+ if propagate:
+ await self._update_join_states(requester, target_user)
@cached()
async def check_avatar_size_and_mime_type(self, mxc: str) -> bool:
diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py
index afd8138caf..f865bed1ec 100644
--- a/synapse/handlers/room.py
+++ b/synapse/handlers/room.py
@@ -698,6 +698,7 @@ class RoomCreationHandler:
config: JsonDict,
ratelimit: bool = True,
creator_join_profile: Optional[JsonDict] = None,
+ ignore_forced_encryption: bool = False,
) -> Tuple[str, Optional[RoomAlias], int]:
"""Creates a new room.
@@ -714,6 +715,8 @@ class RoomCreationHandler:
derived from the user's profile. If set, should contain the
values to go in the body of the 'join' event (typically
`avatar_url` and/or `displayname`.
+ ignore_forced_encryption:
+ Ignore encryption forced by `encryption_enabled_by_default_for_room_type` setting.
Returns:
A 3-tuple containing:
@@ -1015,6 +1018,7 @@ class RoomCreationHandler:
room_alias: Optional[RoomAlias] = None,
power_level_content_override: Optional[JsonDict] = None,
creator_join_profile: Optional[JsonDict] = None,
+ ignore_forced_encryption: bool = False,
) -> Tuple[int, str, int]:
"""Sends the initial events into a new room. Sends the room creation, membership,
and power level events into the room sequentially, then creates and batches up the
@@ -1049,6 +1053,8 @@ class RoomCreationHandler:
creator_join_profile:
Set to override the displayname and avatar for the creating
user in this room.
+ ignore_forced_encryption:
+ Ignore encryption forced by `encryption_enabled_by_default_for_room_type` setting.
Returns:
A tuple containing the stream ID, event ID and depth of the last
@@ -1251,7 +1257,7 @@ class RoomCreationHandler:
)
events_to_send.append((event, context))
- if config["encrypted"]:
+ if config["encrypted"] and not ignore_forced_encryption:
encryption_event, encryption_context = await create_event(
EventTypes.RoomEncryption,
{"algorithm": RoomEncryptionAlgorithms.DEFAULT},
diff --git a/synapse/handlers/room_member.py b/synapse/handlers/room_member.py
index eddc2af9ba..00c2dd854d 100644
--- a/synapse/handlers/room_member.py
+++ b/synapse/handlers/room_member.py
@@ -2111,9 +2111,14 @@ class RoomForgetterHandler(StateDeltasHandler):
self.pos = room_max_stream_ordering
if not self._hs.config.room.forget_on_leave:
- # Update the processing position, so that if the server admin turns the
- # feature on at a later date, we don't decide to forget every room that
- # has ever been left in the past.
+ # Update the processing position, so that if the server admin turns
+ # the feature on at a later date, we don't decide to forget every
+ # room that has ever been left in the past.
+ #
+ # We wait for a short time so that we don't "tight" loop just
+ # keeping the table up to date.
+ await self._clock.sleep(0.5)
+
self.pos = self._store.get_room_max_stream_ordering()
await self._store.update_room_forgetter_stream_pos(self.pos)
return
|
