Support UI Authentication for OpenID Connect accounts (#7457)

author: Patrick Cloke <clokep@users.noreply.github.com> 2020-05-15 12:26:02 -0400
committer: GitHub <noreply@github.com> 2020-05-15 12:26:02 -0400
commit: a3cf36f76ed41222241393adf608d0e640bb51b8 (patch)
tree: 6ab73758fc073c13e9f4b94d399a49521ebb9477 /synapse/rest/client/v2_alpha
parent: Add a worker store for search insertion. (#7516) (diff)
download: synapse-a3cf36f76ed41222241393adf608d0e640bb51b8.tar.xz
1 files changed, 15 insertions, 4 deletions
diff --git a/synapse/rest/client/v2_alpha/auth.py b/synapse/rest/client/v2_alpha/auth.py
index 24dd3d3e96..7bca1326d5 100644
--- a/synapse/rest/client/v2_alpha/auth.py
+++ b/synapse/rest/client/v2_alpha/auth.py
@@ -131,14 +131,19 @@ class AuthRestServlet(RestServlet):
         self.registration_handler = hs.get_registration_handler()
 
         # SSO configuration.
-        self._saml_enabled = hs.config.saml2_enabled
-        if self._saml_enabled:
-            self._saml_handler = hs.get_saml_handler()
         self._cas_enabled = hs.config.cas_enabled
         if self._cas_enabled:
             self._cas_handler = hs.get_cas_handler()
             self._cas_server_url = hs.config.cas_server_url
             self._cas_service_url = hs.config.cas_service_url
+        self._saml_enabled = hs.config.saml2_enabled
+        if self._saml_enabled:
+            self._saml_handler = hs.get_saml_handler()
+        self._oidc_enabled = hs.config.oidc_enabled
+        if self._oidc_enabled:
+            self._oidc_handler = hs.get_oidc_handler()
+            self._cas_server_url = hs.config.cas_server_url
+            self._cas_service_url = hs.config.cas_service_url
 
     async def on_GET(self, request, stagetype):
         session = parse_string(request, "session")
@@ -172,11 +177,17 @@ class AuthRestServlet(RestServlet):
                 )
 
             elif self._saml_enabled:
-                client_redirect_url = ""
+                client_redirect_url = b""
                 sso_redirect_url = self._saml_handler.handle_redirect_request(
                     client_redirect_url, session
                 )
 
+            elif self._oidc_enabled:
+                client_redirect_url = b""
+                sso_redirect_url = await self._oidc_handler.handle_redirect_request(
+                    request, client_redirect_url, session
+                )
+
             else:
                 raise SynapseError(400, "Homeserver not configured for SSO.")
author	Patrick Cloke <clokep@users.noreply.github.com>	2020-05-15 12:26:02 -0400
committer	GitHub <noreply@github.com>	2020-05-15 12:26:02 -0400
commit	a3cf36f76ed41222241393adf608d0e640bb51b8 (patch)
tree	6ab73758fc073c13e9f4b94d399a49521ebb9477 /synapse/rest/client/v2_alpha
parent	Add a worker store for search insertion. (#7516) (diff)
download	synapse-a3cf36f76ed41222241393adf608d0e640bb51b8.tar.xz