diff options
author | David Baker <dbkr@users.noreply.github.com> | 2017-11-02 10:55:17 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-11-02 10:55:17 +0000 |
commit | b19d9e2174063906ac89895026e7ca13d3eb5a24 (patch) | |
tree | 9a69b3d44661eb718d6b680780f3683da3527120 /synapse/handlers | |
parent | Merge pull request #2623 from matrix-org/rav/callbacks_for_auth_providers (diff) | |
parent | Notify auth providers on logout (diff) | |
download | synapse-b19d9e2174063906ac89895026e7ca13d3eb5a24.tar.xz |
Merge pull request #2624 from matrix-org/rav/password_provider_notify_logout
Notify auth providers on logout
Diffstat (limited to 'synapse/handlers')
-rw-r--r-- | synapse/handlers/auth.py | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/synapse/handlers/auth.py b/synapse/handlers/auth.py index 34faad4fa6..0337be36c2 100644 --- a/synapse/handlers/auth.py +++ b/synapse/handlers/auth.py @@ -687,6 +687,7 @@ class AuthHandler(BaseHandler): yield self.store.user_delete_threepids(user_id) yield self.store.user_set_password_hash(user_id, None) + @defer.inlineCallbacks def delete_access_token(self, access_token): """Invalidate a single access token @@ -696,8 +697,19 @@ class AuthHandler(BaseHandler): Returns: Deferred """ - return self.store.delete_access_token(access_token) + user_info = yield self.auth.get_user_by_access_token(access_token) + yield self.store.delete_access_token(access_token) + + # see if any of our auth providers want to know about this + for provider in self.password_providers: + if hasattr(provider, "on_logged_out"): + yield provider.on_logged_out( + user_id=str(user_info["user"]), + device_id=user_info["device_id"], + access_token=access_token, + ) + @defer.inlineCallbacks def delete_access_tokens_for_user(self, user_id, except_token_id=None, device_id=None): """Invalidate access tokens belonging to a user @@ -712,10 +724,20 @@ class AuthHandler(BaseHandler): Returns: Deferred """ - return self.store.user_delete_access_tokens( + tokens_and_devices = yield self.store.user_delete_access_tokens( user_id, except_token_id=except_token_id, device_id=device_id, ) + # see if any of our auth providers want to know about this + for provider in self.password_providers: + if hasattr(provider, "on_logged_out"): + for token, device_id in tokens_and_devices: + yield provider.on_logged_out( + user_id=user_id, + device_id=device_id, + access_token=token, + ) + @defer.inlineCallbacks def add_threepid(self, user_id, medium, address, validated_at): # 'Canonicalise' email addresses down to lower case. |