Document why auth providers aren't validated in the admin API. (#12004)

Since it is reasonable to give a future or past auth provider, which might not be in the current configuration.
author: Patrick Cloke <clokep@users.noreply.github.com> 2022-02-18 12:24:25 -0500
committer: GitHub <noreply@github.com> 2022-02-18 17:24:25 +0000
commit: 444b04058b497da15812d7f14858e6270d54abb5 (patch)
tree: ac8282fb3d09775a8276154636046deb23913879 /synapse/storage
parent: Track and deduplicate in-flight requests to `_get_state_for_groups`. (#10870) (diff)
download: synapse-444b04058b497da15812d7f14858e6270d54abb5.tar.xz
1 files changed, 21 insertions, 0 deletions
diff --git a/synapse/storage/databases/main/registration.py b/synapse/storage/databases/main/registration.py
index aac94fa464..17110bb033 100644
--- a/synapse/storage/databases/main/registration.py
+++ b/synapse/storage/databases/main/registration.py
@@ -622,10 +622,13 @@ class RegistrationWorkerStore(CacheInvalidationWorkerStore):
     ) -> None:
         """Record a mapping from an external user id to a mxid
 
+        See notes in _record_user_external_id_txn about what constitutes valid data.
+
         Args:
             auth_provider: identifier for the remote auth provider
             external_id: id on that system
             user_id: complete mxid that it is mapped to
+
         Raises:
             ExternalIDReuseException if the new external_id could not be mapped.
         """
@@ -648,6 +651,21 @@ class RegistrationWorkerStore(CacheInvalidationWorkerStore):
         external_id: str,
         user_id: str,
     ) -> None:
+        """
+        Record a mapping from an external user id to a mxid.
+
+        Note that the auth provider IDs (and the external IDs) are not validated
+        against configured IdPs as Synapse does not know its relationship to
+        external systems. For example, it might be useful to pre-configure users
+        before enabling a new IdP or an IdP might be temporarily offline, but
+        still valid.
+
+        Args:
+            txn: The database transaction.
+            auth_provider: identifier for the remote auth provider
+            external_id: id on that system
+            user_id: complete mxid that it is mapped to
+        """
 
         self.db_pool.simple_insert_txn(
             txn,
@@ -687,10 +705,13 @@ class RegistrationWorkerStore(CacheInvalidationWorkerStore):
         """Replace mappings from external user ids to a mxid in a single transaction.
         All mappings are deleted and the new ones are created.
 
+        See notes in _record_user_external_id_txn about what constitutes valid data.
+
         Args:
             record_external_ids:
                 List with tuple of auth_provider and external_id to record
             user_id: complete mxid that it is mapped to
+
         Raises:
             ExternalIDReuseException if the new external_id could not be mapped.
         """
author	Patrick Cloke <clokep@users.noreply.github.com>	2022-02-18 12:24:25 -0500
committer	GitHub <noreply@github.com>	2022-02-18 17:24:25 +0000
commit	444b04058b497da15812d7f14858e6270d54abb5 (patch)
tree	ac8282fb3d09775a8276154636046deb23913879 /synapse/storage
parent	Track and deduplicate in-flight requests to `_get_state_for_groups`. (#10870) (diff)
download	synapse-444b04058b497da15812d7f14858e6270d54abb5.tar.xz