Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-06-01 15:54:22 -04:00
Code Issues Projects Releases Packages Wiki Activity

Add config for customizing the claim used for JWT logins. (#11361)

Browse source 
Allows specifying a different claim (from the default "sub") to use
when calculating the localpart of the Matrix ID used during the
JWT login.
This commit is contained in:
Kostas 2021-11-22 19:01:03 +01:00 committed by GitHub
parent 3d893b8cf2
commit 1035663833
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 57 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

3
synapse/rest/client/login.py
View file

@ -72,6 +72,7 @@ class LoginRestServlet(RestServlet):
# JWT configuration variables.
self.jwt_enabled = hs.config.jwt.jwt_enabled
self.jwt_secret = hs.config.jwt.jwt_secret
self.jwt_subject_claim = hs.config.jwt.jwt_subject_claim
self.jwt_algorithm = hs.config.jwt.jwt_algorithm
self.jwt_issuer = hs.config.jwt.jwt_issuer
self.jwt_audiences = hs.config.jwt.jwt_audiences
@ -413,7 +414,7 @@ class LoginRestServlet(RestServlet):
errcode=Codes.FORBIDDEN,
)
user = payload.get("sub", None)
user = payload.get(self.jwt_subject_claim, None)
if user is None:
raise LoginError(403, "Invalid JWT", errcode=Codes.FORBIDDEN)