diff options
author | Erik Johnston <erik@matrix.org> | 2015-11-20 14:16:59 +0000 |
---|---|---|
committer | Erik Johnston <erik@matrix.org> | 2015-11-20 14:16:59 +0000 |
commit | 3f151da314b9a4373683e9a520bf10b2f0fa1bf6 (patch) | |
tree | fb2d3e0b681e7396af6b6f178cee8935f39a096c /synapse/rest | |
parent | Merge pull request #393 from matrix-org/erikj/destination_retry_max (diff) | |
parent | Comment (diff) | |
download | synapse-3f151da314b9a4373683e9a520bf10b2f0fa1bf6.tar.xz |
Merge pull request #391 from matrix-org/erikj/remove_token_from_flow
Remove m.login.token from advertised flows.
Diffstat (limited to 'synapse/rest')
-rw-r--r-- | synapse/rest/client/v1/login.py | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/synapse/rest/client/v1/login.py b/synapse/rest/client/v1/login.py index 0171f6c018..720d6358e7 100644 --- a/synapse/rest/client/v1/login.py +++ b/synapse/rest/client/v1/login.py @@ -58,9 +58,18 @@ class LoginRestServlet(ClientV1RestServlet): flows.append({"type": LoginRestServlet.SAML2_TYPE}) if self.cas_enabled: flows.append({"type": LoginRestServlet.CAS_TYPE}) + + # While its valid for us to advertise this login type generally, + # synapse currently only gives out these tokens as part of the + # CAS login flow. + # Generally we don't want to advertise login flows that clients + # don't know how to implement, since they (currently) will always + # fall back to the fallback API if they don't understand one of the + # login flow types returned. + flows.append({"type": LoginRestServlet.TOKEN_TYPE}) if self.password_enabled: flows.append({"type": LoginRestServlet.PASS_TYPE}) - flows.append({"type": LoginRestServlet.TOKEN_TYPE}) + return (200, {"flows": flows}) def on_OPTIONS(self, request): |