diff options
author | Quentin Gliech <quenting@element.io> | 2022-10-06 12:22:36 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-10-06 10:22:36 +0000 |
commit | 79c592cec68d66278e3233e2c9472f975942cfec (patch) | |
tree | 94a8e20a8ac35d45219a4b018413d12ed2092557 /synapse/module_api | |
parent | 1.69.0rc2 (diff) | |
download | synapse-79c592cec68d66278e3233e2c9472f975942cfec.tar.xz |
Deprecate the `generate_short_term_login_token` method in favor of an async `create_login_token` method in the Module API. (#13842)
Signed-off-by: Quentin Gliech <quenting@element.io> Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
Diffstat (limited to 'synapse/module_api')
-rw-r--r-- | synapse/module_api/__init__.py | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/synapse/module_api/__init__.py b/synapse/module_api/__init__.py index b7b2d3b8c5..6a6ae208d1 100644 --- a/synapse/module_api/__init__.py +++ b/synapse/module_api/__init__.py @@ -748,6 +748,40 @@ class ModuleApi: ) ) + async def create_login_token( + self, + user_id: str, + duration_in_ms: int = (2 * 60 * 1000), + auth_provider_id: Optional[str] = None, + auth_provider_session_id: Optional[str] = None, + ) -> str: + """Create a login token suitable for m.login.token authentication + + Added in Synapse v1.69.0. + + Args: + user_id: gives the ID of the user that the token is for + + duration_in_ms: the time that the token will be valid for + + auth_provider_id: the ID of the SSO IdP that the user used to authenticate + to get this token, if any. This is encoded in the token so that + /login can report stats on number of successful logins by IdP. + + auth_provider_session_id: The session ID got during login from the SSO IdP, + if any. + """ + # The deprecated `generate_short_term_login_token` method defaulted to an empty + # string for the `auth_provider_id` because of how the underlying macaroon was + # generated. This will change to a proper NULL-able field when the tokens get + # moved to the database. + return self._hs.get_macaroon_generator().generate_short_term_login_token( + user_id, + auth_provider_id or "", + auth_provider_session_id, + duration_in_ms, + ) + def generate_short_term_login_token( self, user_id: str, @@ -759,6 +793,9 @@ class ModuleApi: Added in Synapse v1.9.0. + This was deprecated in Synapse v1.69.0 in favor of create_login_token, and will + be removed in Synapse 1.71.0. + Args: user_id: gives the ID of the user that the token is for @@ -768,6 +805,11 @@ class ModuleApi: to get this token, if any. This is encoded in the token so that /login can report stats on number of successful logins by IdP. """ + logger.warn( + "A module configured on this server uses ModuleApi.generate_short_term_login_token(), " + "which is deprecated in favor of ModuleApi.create_login_token(), and will be removed in " + "Synapse 1.71.0", + ) return self._hs.get_macaroon_generator().generate_short_term_login_token( user_id, auth_provider_id, |