diff --git a/synapse/rest/client/v1/register.py b/synapse/rest/client/v1/register.py
index 32ed1d3ab2..f793542ad6 100644
--- a/synapse/rest/client/v1/register.py
+++ b/synapse/rest/client/v1/register.py
@@ -70,10 +70,24 @@ class RegisterRestServlet(ClientV1RestServlet):
self.handlers = hs.get_handlers()
def on_GET(self, request):
+
+ require_email = False
+ require_msisdn = False
+ for constraint in self.hs.config.registrations_require_3pid:
+ if constraint['medium'] == 'email':
+ require_email = True
+ elif constraint['medium'] == 'msisdn':
+ require_msisdn = True
+ else:
+ logger.warn(
+ "Unrecognised 3PID medium %s in registrations_require_3pid" %
+ constraint['medium']
+ )
+
+ flows = []
if self.hs.config.enable_registration_captcha:
- return (
- 200,
- {"flows": [
+ if require_email or not require_msisdn:
+ flows.extend([
{
"type": LoginType.RECAPTCHA,
"stages": [
@@ -82,27 +96,31 @@ class RegisterRestServlet(ClientV1RestServlet):
LoginType.PASSWORD
]
},
+ ])
+ if not require_email and not require_msisdn:
+ flows.extend([
{
"type": LoginType.RECAPTCHA,
"stages": [LoginType.RECAPTCHA, LoginType.PASSWORD]
}
- ]}
- )
+ ])
else:
- return (
- 200,
- {"flows": [
+ if require_email or not require_msisdn:
+ flows.extend([
{
"type": LoginType.EMAIL_IDENTITY,
"stages": [
LoginType.EMAIL_IDENTITY, LoginType.PASSWORD
]
- },
+ }
+ ])
+ if not require_email and not require_msisdn:
+ flows.extend([
{
"type": LoginType.PASSWORD
}
- ]}
- )
+ ])
+ return (200, {"flows": flows})
@defer.inlineCallbacks
def on_POST(self, request):
diff --git a/synapse/rest/client/v2_alpha/account.py b/synapse/rest/client/v2_alpha/account.py
index 66221e8f00..2977ad439f 100644
--- a/synapse/rest/client/v2_alpha/account.py
+++ b/synapse/rest/client/v2_alpha/account.py
@@ -48,7 +48,9 @@ class EmailPasswordRequestTokenRestServlet(RestServlet):
])
if not check_3pid_allowed(self.hs, "email", body['email']):
- raise SynapseError(403, "3PID denied", Codes.THREEPID_DENIED)
+ raise SynapseError(
+ 403, "Third party identifier is not allowed", Codes.THREEPID_DENIED
+ )
existingUid = yield self.hs.get_datastore().get_user_id_by_threepid(
'email', body['email']
@@ -82,7 +84,9 @@ class MsisdnPasswordRequestTokenRestServlet(RestServlet):
msisdn = phone_number_to_msisdn(body['country'], body['phone_number'])
if not check_3pid_allowed(self.hs, "msisdn", msisdn):
- raise SynapseError(403, "3PID denied", Codes.THREEPID_DENIED)
+ raise SynapseError(
+ 403, "Third party identifier is not allowed", Codes.THREEPID_DENIED
+ )
existingUid = yield self.datastore.get_user_id_by_threepid(
'msisdn', msisdn
@@ -224,7 +228,9 @@ class EmailThreepidRequestTokenRestServlet(RestServlet):
raise SynapseError(400, "Missing params: %r" % absent, Codes.MISSING_PARAM)
if not check_3pid_allowed(self.hs, "email", body['email']):
- raise SynapseError(403, "3PID denied", Codes.THREEPID_DENIED)
+ raise SynapseError(
+ 403, "Third party identifier is not allowed", Codes.THREEPID_DENIED
+ )
existingUid = yield self.datastore.get_user_id_by_threepid(
'email', body['email']
@@ -265,7 +271,9 @@ class MsisdnThreepidRequestTokenRestServlet(RestServlet):
msisdn = phone_number_to_msisdn(body['country'], body['phone_number'])
if not check_3pid_allowed(self.hs, "msisdn", msisdn):
- raise SynapseError(403, "3PID denied", Codes.THREEPID_DENIED)
+ raise SynapseError(
+ 403, "Third party identifier is not allowed", Codes.THREEPID_DENIED
+ )
existingUid = yield self.datastore.get_user_id_by_threepid(
'msisdn', msisdn
diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py
index 762782c1f0..898d8b133a 100644
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@@ -72,7 +72,9 @@ class EmailRegisterRequestTokenRestServlet(RestServlet):
])
if not check_3pid_allowed(self.hs, "email", body['email']):
- raise SynapseError(403, "3PID denied", Codes.THREEPID_DENIED)
+ raise SynapseError(
+ 403, "Third party identifier is not allowed", Codes.THREEPID_DENIED
+ )
existingUid = yield self.hs.get_datastore().get_user_id_by_threepid(
'email', body['email']
@@ -110,7 +112,9 @@ class MsisdnRegisterRequestTokenRestServlet(RestServlet):
msisdn = phone_number_to_msisdn(body['country'], body['phone_number'])
if not check_3pid_allowed(self.hs, "msisdn", msisdn):
- raise SynapseError(403, "3PID denied", Codes.THREEPID_DENIED)
+ raise SynapseError(
+ 403, "Third party identifier is not allowed", Codes.THREEPID_DENIED
+ )
existingUid = yield self.hs.get_datastore().get_user_id_by_threepid(
'msisdn', msisdn
@@ -368,7 +372,9 @@ class RegisterRestServlet(RestServlet):
auth_result[LoginType.EMAIL_IDENTITY].threepid.address
)
):
- raise SynapseError(403, "3PID denied", Codes.THREEPID_DENIED)
+ raise SynapseError(
+ 403, "Third party identifier is not allowed", Codes.THREEPID_DENIED
+ )
elif (
constraint['medium'] == 'msisdn' and
auth_result and LoginType.MSISDN in auth_result and
@@ -377,7 +383,9 @@ class RegisterRestServlet(RestServlet):
auth_result[LoginType.MSISDN].threepid.address
)
):
- raise SynapseError(403, "3PID denied", Codes.THREEPID_DENIED)
+ raise SynapseError(
+ 403, "Third party identifier is not allowed", Codes.THREEPID_DENIED
+ )
if registered_user_id is not None:
logger.info(
|
