summary refs log tree commit diff
path: root/synapse/rest
diff options
context:
space:
mode:
authorRichard van der Hoff <richard@matrix.org>2016-07-19 15:50:01 +0100
committerRichard van der Hoff <richard@matrix.org>2016-07-19 15:50:01 +0100
commit8f6281ab0cace7a1cbf47533ad87387fc003b190 (patch)
tree4d5e842f7d16056bfc17389059d1e2e99bce203e /synapse/rest
parentrest/client/v2_alpha/register.py: Refactor flow somewhat. (diff)
downloadsynapse-8f6281ab0cace7a1cbf47533ad87387fc003b190.tar.xz
Don't bind email unless threepid contains expected fields
Diffstat (limited to 'synapse/rest')
-rw-r--r--synapse/rest/client/v2_alpha/register.py53
1 files changed, 25 insertions, 28 deletions
diff --git a/synapse/rest/client/v2_alpha/register.py b/synapse/rest/client/v2_alpha/register.py
index 707bde0f34..5db953a1e3 100644
--- a/synapse/rest/client/v2_alpha/register.py
+++ b/synapse/rest/client/v2_alpha/register.py
@@ -232,19 +232,10 @@ class RegisterRestServlet(RestServlet):
 
         if add_email and result and LoginType.EMAIL_IDENTITY in result:
             threepid = result[LoginType.EMAIL_IDENTITY]
-            reqd = ('medium', 'address', 'validated_at')
-            if all(x in threepid for x in reqd):
-                yield self._register_email_threepid(
-                    registered_user_id, threepid, access_token
-                )
-                # XXX why is bind_email not protected by this?
-            else:
-                logger.info("Can't add incomplete 3pid")
-            if params.get("bind_email"):
-                logger.info("bind_email specified: binding")
-                yield self._bind_email(registered_user_id, threepid)
-            else:
-                logger.info("bind_email not specified: not binding email")
+            yield self._register_email_threepid(
+                registered_user_id, threepid, access_token,
+                params.get("bind_email")
+            )
 
         result = yield self._create_registration_details(registered_user_id,
                                                          access_token)
@@ -288,19 +279,28 @@ class RegisterRestServlet(RestServlet):
         defer.returnValue((yield self._create_registration_details(user_id, token)))
 
     @defer.inlineCallbacks
-    def _register_email_threepid(self, user_id, threepid, token):
+    def _register_email_threepid(self, user_id, threepid, token, bind_email):
         """Add an email address as a 3pid identifier
 
         Also adds an email pusher for the email address, if configured in the
         HS config
 
+        Also optionally binds emails to the given user_id on the identity server
+
         Args:
             user_id (str): id of user
             threepid (object): m.login.email.identity auth response
             token (str): access_token for the user
+            bind_email (bool): true if the client requested the email to be
+                bound at the identity server
         Returns:
             defer.Deferred:
         """
+        reqd = ('medium', 'address', 'validated_at')
+        if any(x not in threepid for x in reqd):
+            logger.info("Can't add incomplete 3pid")
+            defer.returnValue()
+
         yield self.auth_handler.add_threepid(
             user_id,
             threepid['medium'],
@@ -334,22 +334,19 @@ class RegisterRestServlet(RestServlet):
                 lang=None,  # We don't know a user's language here
                 data={},
             )
-        defer.returnValue()
 
-    def _bind_email(self, user_id, email_threepid):
-        """Bind emails to the given user_id on the identity server
+        if bind_email:
+            logger.info("bind_email specified: binding")
+            logger.debug("Binding emails %s to %s" % (
+                threepid, user_id
+            ))
+            yield self.identity_handler.bind_threepid(
+                threepid['threepid_creds'], user_id
+            )
+        else:
+            logger.info("bind_email not specified: not binding email")
 
-        Args:
-            user_id (str): user id to bind the emails to
-            email_threepid (object): m.login.email.identity auth response
-        Returns:
-            defer.Deferred:
-        """
-        threepid_creds = email_threepid['threepid_creds']
-        logger.debug("Binding emails %s to %s" % (
-            email_threepid, user_id
-        ))
-        return self.identity_handler.bind_threepid(threepid_creds, user_id)
+        defer.returnValue()
 
     @defer.inlineCallbacks
     def _create_registration_details(self, user_id, token):