Disallow user_consent where experimental MSC3861 is enabled (#16127)

author: Hugh Nimmo-Smith <hughns@users.noreply.github.com> 2023-08-22 12:42:08 +0100
committer: GitHub <noreply@github.com> 2023-08-22 07:42:08 -0400
commit: 7dbac123f98a2d59d09a63efe4543ee850a8d630 (patch)
tree: 465085760bdc53e7d79322d44618c31d207de1a3 /synapse
parent: Add `client_secret_path` as alternative for `client_secret` for OIDC config (... (diff)
download: synapse-7dbac123f98a2d59d09a63efe4543ee850a8d630.tar.xz
1 files changed, 7 insertions, 0 deletions
diff --git a/synapse/config/experimental.py b/synapse/config/experimental.py
index ac9449b18f..d4cf9a0555 100644
--- a/synapse/config/experimental.py
+++ b/synapse/config/experimental.py
@@ -173,6 +173,13 @@ class MSC3861:
                 ("enable_registration",),
             )
 
+        # We only need to test the user consent version, as if it must be set if the user_consent section was present in the config
+        if root.consent.user_consent_version is not None:
+            raise ConfigError(
+                "User consent cannot be enabled when OAuth delegation is enabled",
+                ("user_consent",),
+            )
+
         if (
             root.oidc.oidc_enabled
             or root.saml2.saml2_enabled
author	Hugh Nimmo-Smith <hughns@users.noreply.github.com>	2023-08-22 12:42:08 +0100
committer	GitHub <noreply@github.com>	2023-08-22 07:42:08 -0400
commit	7dbac123f98a2d59d09a63efe4543ee850a8d630 (patch)
tree	465085760bdc53e7d79322d44618c31d207de1a3 /synapse
parent	Add `client_secret_path` as alternative for `client_secret` for OIDC config (... (diff)
download	synapse-7dbac123f98a2d59d09a63efe4543ee850a8d630.tar.xz