diff options
author | Brendan Abolivier <babolivier@matrix.org> | 2020-03-10 18:42:15 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-03-10 18:42:15 +0000 |
commit | 6640460d054e8f4444046a34bdf638921b31c01e (patch) | |
tree | 065818deeadd4d46e0f14ba1023fd68b5aaf7dba /synapse/res | |
parent | Merge pull request #7055 from matrix-org/babolivier/get_time_of_last_push_act... (diff) | |
parent | Rephrase default message (diff) | |
download | synapse-6640460d054e8f4444046a34bdf638921b31c01e.tar.xz |
Merge pull request #7058 from matrix-org/babolivier/saml_error_html
SAML2: render a comprehensible error page if something goes wrong
Diffstat (limited to '')
-rw-r--r-- | synapse/rest/saml2/response_resource.py | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/synapse/rest/saml2/response_resource.py b/synapse/rest/saml2/response_resource.py index 69ecc5e4b4..a545c13db7 100644 --- a/synapse/rest/saml2/response_resource.py +++ b/synapse/rest/saml2/response_resource.py @@ -14,7 +14,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -from synapse.http.server import DirectServeResource, wrap_html_request_handler +from synapse.http.server import ( + DirectServeResource, + finish_request, + wrap_html_request_handler, +) class SAML2ResponseResource(DirectServeResource): @@ -24,8 +28,20 @@ class SAML2ResponseResource(DirectServeResource): def __init__(self, hs): super().__init__() + self._error_html_content = hs.config.saml2_error_html_content self._saml_handler = hs.get_saml_handler() + async def _async_render_GET(self, request): + # We're not expecting any GET request on that resource if everything goes right, + # but some IdPs sometimes end up responding with a 302 redirect on this endpoint. + # In this case, just tell the user that something went wrong and they should + # try to authenticate again. + request.setResponseCode(400) + request.setHeader(b"Content-Type", b"text/html; charset=utf-8") + request.setHeader(b"Content-Length", b"%d" % (len(self._error_html_content),)) + request.write(self._error_html_content.encode("utf8")) + finish_request(request) + @wrap_html_request_handler async def _async_render_POST(self, request): return await self._saml_handler.handle_saml_response(request) |