Do not allow deactivated users to login with JWT. (#15624)

To improve the organization of this code it moves the JWT login checks to a separate handler and then fixes the bug (and a deprecation warning).
author: Patrick Cloke <clokep@users.noreply.github.com> 2023-05-19 08:06:54 -0400
committer: GitHub <noreply@github.com> 2023-05-19 08:06:54 -0400
commit: 89a23c940672944acd98db58085cdc38191515a8 (patch)
tree: 5b4036752f374f873f3a5474a6d1effb03d6a491 /synapse/server.py
parent: Remove experimental configuration flags & unstable values for faster joins (#... (diff)
download: synapse-89a23c940672944acd98db58085cdc38191515a8.tar.xz
1 files changed, 7 insertions, 0 deletions
diff --git a/synapse/server.py b/synapse/server.py
index b307295789..aa90465047 100644
--- a/synapse/server.py
+++ b/synapse/server.py
@@ -147,6 +147,7 @@ logger = logging.getLogger(__name__)
 if TYPE_CHECKING:
     from txredisapi import ConnectionHandler
 
+    from synapse.handlers.jwt import JwtHandler
     from synapse.handlers.oidc import OidcHandler
     from synapse.handlers.saml import SamlHandler
 
@@ -534,6 +535,12 @@ class HomeServer(metaclass=abc.ABCMeta):
         return SsoHandler(self)
 
     @cache_in_self
+    def get_jwt_handler(self) -> "JwtHandler":
+        from synapse.handlers.jwt import JwtHandler
+
+        return JwtHandler(self)
+
+    @cache_in_self
     def get_sync_handler(self) -> SyncHandler:
         return SyncHandler(self)
author	Patrick Cloke <clokep@users.noreply.github.com>	2023-05-19 08:06:54 -0400
committer	GitHub <noreply@github.com>	2023-05-19 08:06:54 -0400
commit	89a23c940672944acd98db58085cdc38191515a8 (patch)
tree	5b4036752f374f873f3a5474a6d1effb03d6a491 /synapse/server.py
parent	Remove experimental configuration flags & unstable values for faster joins (#... (diff)
download	synapse-89a23c940672944acd98db58085cdc38191515a8.tar.xz