Merge branch 'release-v1.12.4' of github.com:matrix-org/synapse into anoa/temp_working_cache_config github/anoa/temp_working_cache_config anoa/temp_working_cache_config

* 'release-v1.12.4' of github.com:matrix-org/synapse: (123 commits) 1.12.4 formatting for the changelog 1.12.4rc1 1.12.4rc1 Do not treat display names as globs for push rules. (#7271) Query missing cross-signing keys on local sig upload (#7289) Fix changelog file Support GET account_data requests on a worker (#7311) Revert "Query missing cross-signing keys on local sig upload" Always send the user updates to their own device list (#7160) Query missing cross-signing keys on local sig upload Only register devices edu handler on the master process (#7255) tweak changelog 1.12.3 Fix the debian build in a better way. (#7212) Fix changelog wording 1.12.2 Pin Pillow>=4.3.0,<7.1.0 to fix dep issue 1.12.1 Note where bugs were introduced ...
author: Andrew Morgan <andrew@amorgan.xyz> 2020-04-24 13:36:35 +0100
committer: Andrew Morgan <andrew@amorgan.xyz> 2020-04-24 13:36:35 +0100
commit: 0ddaae83c3f59b9bca7460a493b7e930c10d6b20 (patch)
tree: 2524f1948c0974489d281037b96ff4748d3187ba /synapse/rest/saml2
parent: Merge remote-tracking branch 'origin/develop' into hawkowl/cache-config-witho... (diff)
parent: 1.12.4 (diff)
download: synapse-github/anoa/temp_working_cache_config.tar.xz
1 files changed, 17 insertions, 1 deletions
diff --git a/synapse/rest/saml2/response_resource.py b/synapse/rest/saml2/response_resource.py
index 69ecc5e4b4..a545c13db7 100644
--- a/synapse/rest/saml2/response_resource.py
+++ b/synapse/rest/saml2/response_resource.py
@@ -14,7 +14,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-from synapse.http.server import DirectServeResource, wrap_html_request_handler
+from synapse.http.server import (
+    DirectServeResource,
+    finish_request,
+    wrap_html_request_handler,
+)
 
 
 class SAML2ResponseResource(DirectServeResource):
@@ -24,8 +28,20 @@ class SAML2ResponseResource(DirectServeResource):
 
     def __init__(self, hs):
         super().__init__()
+        self._error_html_content = hs.config.saml2_error_html_content
         self._saml_handler = hs.get_saml_handler()
 
+    async def _async_render_GET(self, request):
+        # We're not expecting any GET request on that resource if everything goes right,
+        # but some IdPs sometimes end up responding with a 302 redirect on this endpoint.
+        # In this case, just tell the user that something went wrong and they should
+        # try to authenticate again.
+        request.setResponseCode(400)
+        request.setHeader(b"Content-Type", b"text/html; charset=utf-8")
+        request.setHeader(b"Content-Length", b"%d" % (len(self._error_html_content),))
+        request.write(self._error_html_content.encode("utf8"))
+        finish_request(request)
+
     @wrap_html_request_handler
     async def _async_render_POST(self, request):
         return await self._saml_handler.handle_saml_response(request)
author	Andrew Morgan <andrew@amorgan.xyz>	2020-04-24 13:36:35 +0100
committer	Andrew Morgan <andrew@amorgan.xyz>	2020-04-24 13:36:35 +0100
commit	0ddaae83c3f59b9bca7460a493b7e930c10d6b20 (patch)
tree	2524f1948c0974489d281037b96ff4748d3187ba /synapse/rest/saml2
parent	Merge remote-tracking branch 'origin/develop' into hawkowl/cache-config-witho... (diff)
parent	1.12.4 (diff)
download	synapse-github/anoa/temp_working_cache_config.tar.xz