summary refs log tree commit diff
path: root/synapse/rest
diff options
context:
space:
mode:
authorErik Johnston <erik@matrix.org>2015-11-20 14:16:59 +0000
committerErik Johnston <erik@matrix.org>2015-11-20 14:16:59 +0000
commit3f151da314b9a4373683e9a520bf10b2f0fa1bf6 (patch)
treefb2d3e0b681e7396af6b6f178cee8935f39a096c /synapse/rest
parentMerge pull request #393 from matrix-org/erikj/destination_retry_max (diff)
parentComment (diff)
downloadsynapse-3f151da314b9a4373683e9a520bf10b2f0fa1bf6.tar.xz
Merge pull request #391 from matrix-org/erikj/remove_token_from_flow
Remove m.login.token from advertised flows.
Diffstat (limited to 'synapse/rest')
-rw-r--r--synapse/rest/client/v1/login.py11
1 files changed, 10 insertions, 1 deletions
diff --git a/synapse/rest/client/v1/login.py b/synapse/rest/client/v1/login.py
index 0171f6c018..720d6358e7 100644
--- a/synapse/rest/client/v1/login.py
+++ b/synapse/rest/client/v1/login.py
@@ -58,9 +58,18 @@ class LoginRestServlet(ClientV1RestServlet):
             flows.append({"type": LoginRestServlet.SAML2_TYPE})
         if self.cas_enabled:
             flows.append({"type": LoginRestServlet.CAS_TYPE})
+
+            # While its valid for us to advertise this login type generally,
+            # synapse currently only gives out these tokens as part of the
+            # CAS login flow.
+            # Generally we don't want to advertise login flows that clients
+            # don't know how to implement, since they (currently) will always
+            # fall back to the fallback API if they don't understand one of the
+            # login flow types returned.
+            flows.append({"type": LoginRestServlet.TOKEN_TYPE})
         if self.password_enabled:
             flows.append({"type": LoginRestServlet.PASS_TYPE})
-        flows.append({"type": LoginRestServlet.TOKEN_TYPE})
+
         return (200, {"flows": flows})
 
     def on_OPTIONS(self, request):