summary refs log tree commit diff
path: root/synapse
diff options
context:
space:
mode:
authorDavid Florness <david@florness.com>2020-12-02 10:01:15 -0500
committerGitHub <noreply@github.com>2020-12-02 10:01:15 -0500
commitc4675e1b24f06a72c323c8131eab4998b4e71af1 (patch)
tree6a559757e73585885a093003f9ac67ada9dc3319 /synapse
parentMinor changes to the CHANGES doc. (diff)
downloadsynapse-c4675e1b24f06a72c323c8131eab4998b4e71af1.tar.xz
Add additional validation for the admin register endpoint. (#8837)
Raise a proper 400 error if the `mac` field is missing.
Diffstat (limited to 'synapse')
-rw-r--r--synapse/rest/admin/users.py3
1 files changed, 3 insertions, 0 deletions
diff --git a/synapse/rest/admin/users.py b/synapse/rest/admin/users.py
index b0ff5e1ead..90940ff185 100644
--- a/synapse/rest/admin/users.py
+++ b/synapse/rest/admin/users.py
@@ -420,6 +420,9 @@ class UserRegisterServlet(RestServlet):
         if user_type is not None and user_type not in UserTypes.ALL_USER_TYPES:
             raise SynapseError(400, "Invalid user type")
 
+        if "mac" not in body:
+            raise SynapseError(400, "mac must be specified", errcode=Codes.BAD_JSON)
+
         got_mac = body["mac"]
 
         want_mac_builder = hmac.new(