From c9723a1c1fbae1cc172fc9257fd1f1f259d2a23f Mon Sep 17 00:00:00 2001
From: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com>
Date: Thu, 13 Apr 2023 15:08:00 +0200
Subject: Only load the SSO redirect servlet if SSO is enabled. (#15421)

---
 synapse/rest/client/login.py | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'synapse/rest/client')

diff --git a/synapse/rest/client/login.py b/synapse/rest/client/login.py
index 32c2f5ce0c..a348720131 100644
--- a/synapse/rest/client/login.py
+++ b/synapse/rest/client/login.py
@@ -675,7 +675,12 @@ def register_servlets(hs: "HomeServer", http_server: HttpServer) -> None:
         and hs.config.registration.refreshable_access_token_lifetime is not None
     ):
         RefreshTokenServlet(hs).register(http_server)
-    SsoRedirectServlet(hs).register(http_server)
+    if (
+        hs.config.cas.cas_enabled
+        or hs.config.saml2.saml2_enabled
+        or hs.config.oidc.oidc_enabled
+    ):
+        SsoRedirectServlet(hs).register(http_server)
     if hs.config.cas.cas_enabled:
         CasTicketServlet(hs).register(http_server)
 
-- 
cgit 1.4.1