Support "identifier" dicts in UIA (#8848)

The spec requires synapse to support `identifier` dicts for `m.login.password` user-interactive auth, which it did not (instead, it required an undocumented `user` parameter.) To fix this properly, we need to pull the code that interprets `identifier` into `AuthHandler.validate_login` so that it can be called from the UIA code. Fixes #5665.
author: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> 2020-12-01 17:42:26 +0000
committer: GitHub <noreply@github.com> 2020-12-01 17:42:26 +0000
commit: 4d9496559d25ba36eaea45d73e67e79b9d936450 (patch)
tree: 878525aea25fcf3eafb7eaa9e0cda13753bc1fbb /tests/rest/client
parent: Add missing `ordering` to background updates (#8850) (diff)
download: synapse-4d9496559d25ba36eaea45d73e67e79b9d936450.tar.xz
1 files changed, 25 insertions, 8 deletions
diff --git a/tests/rest/client/v2_alpha/test_auth.py b/tests/rest/client/v2_alpha/test_auth.py
index f684c37db5..77246e478f 100644
--- a/tests/rest/client/v2_alpha/test_auth.py
+++ b/tests/rest/client/v2_alpha/test_auth.py
@@ -38,11 +38,6 @@ class DummyRecaptchaChecker(UserInteractiveAuthChecker):
         return succeed(True)
 
 
-class DummyPasswordChecker(UserInteractiveAuthChecker):
-    def check_auth(self, authdict, clientip):
-        return succeed(authdict["identifier"]["user"])
-
-
 class FallbackAuthTests(unittest.HomeserverTestCase):
 
     servlets = [
@@ -162,9 +157,6 @@ class UIAuthTests(unittest.HomeserverTestCase):
     ]
 
     def prepare(self, reactor, clock, hs):
-        auth_handler = hs.get_auth_handler()
-        auth_handler.checkers[LoginType.PASSWORD] = DummyPasswordChecker(hs)
-
         self.user_pass = "pass"
         self.user = self.register_user("test", self.user_pass)
         self.user_tok = self.login("test", self.user_pass)
@@ -234,6 +226,31 @@ class UIAuthTests(unittest.HomeserverTestCase):
             },
         )
 
+    def test_grandfathered_identifier(self):
+        """Check behaviour without "identifier" dict
+
+        Synapse used to require clients to submit a "user" field for m.login.password
+        UIA - check that still works.
+        """
+
+        device_id = self.get_device_ids()[0]
+        channel = self.delete_device(device_id, 401)
+        session = channel.json_body["session"]
+
+        # Make another request providing the UI auth flow.
+        self.delete_device(
+            device_id,
+            200,
+            {
+                "auth": {
+                    "type": "m.login.password",
+                    "user": self.user,
+                    "password": self.user_pass,
+                    "session": session,
+                },
+            },
+        )
+
     def test_can_change_body(self):
         """
         The client dict can be modified during the user interactive authentication session.
author	Richard van der Hoff <1389908+richvdh@users.noreply.github.com>	2020-12-01 17:42:26 +0000
committer	GitHub <noreply@github.com>	2020-12-01 17:42:26 +0000
commit	4d9496559d25ba36eaea45d73e67e79b9d936450 (patch)
tree	878525aea25fcf3eafb7eaa9e0cda13753bc1fbb /tests/rest/client
parent	Add missing `ordering` to background updates (#8850) (diff)
download	synapse-4d9496559d25ba36eaea45d73e67e79b9d936450.tar.xz