diff options
author | Richard van der Hoff <richard@matrix.org> | 2020-03-27 20:24:52 +0000 |
---|---|---|
committer | Richard van der Hoff <richard@matrix.org> | 2020-03-27 20:24:52 +0000 |
commit | b7da598a61a1bcea3855edf403bdc5ea32cc9e7a (patch) | |
tree | 541e73a57229f1eff436747d419764529d809250 /tests/rest | |
parent | Improve the UX of the login fallback when using SSO (#7152) (diff) | |
download | synapse-b7da598a61a1bcea3855edf403bdc5ea32cc9e7a.tar.xz |
Always whitelist the login fallback for SSO (#7153)
That fallback sets the redirect URL to itself (so it can process the login token then return gracefully to the client). This would make it pointless to ask the user for confirmation, since the URL the confirmation page would be showing wouldn't be the client's.
Diffstat (limited to 'tests/rest')
-rw-r--r-- | tests/rest/client/v1/test_login.py | 9 |
1 files changed, 8 insertions, 1 deletions
diff --git a/tests/rest/client/v1/test_login.py b/tests/rest/client/v1/test_login.py index da2c9bfa1e..aed8853d6e 100644 --- a/tests/rest/client/v1/test_login.py +++ b/tests/rest/client/v1/test_login.py @@ -350,7 +350,14 @@ class CASRedirectConfirmTestCase(unittest.HomeserverTestCase): def test_cas_redirect_whitelisted(self): """Tests that the SSO login flow serves a redirect to a whitelisted url """ - redirect_url = "https://legit-site.com/" + self._test_redirect("https://legit-site.com/") + + @override_config({"public_baseurl": "https://example.com"}) + def test_cas_redirect_login_fallback(self): + self._test_redirect("https://example.com/_matrix/static/client/login") + + def _test_redirect(self, redirect_url): + """Tests that the SSO login flow serves a redirect for the given redirect URL.""" cas_ticket_url = ( "/_matrix/client/r0/login/cas/ticket?redirectUrl=%s&ticket=ticket" % (urllib.parse.quote(redirect_url)) |