mirror of
https://git.anonymousland.org/anonymousland/synapse.git
synced 2025-01-26 03:25:54 -05:00
Merge pull request #2623 from matrix-org/rav/callbacks_for_auth_providers
Allow password_auth_providers to return a callback
This commit is contained in:
commit
1f080a6c97
@ -70,6 +70,11 @@ Password auth provider classes may optionally provide the following methods.
|
|||||||
the canonical ``@localpart:domain`` user id if authentication is successful,
|
the canonical ``@localpart:domain`` user id if authentication is successful,
|
||||||
and ``None`` if not.
|
and ``None`` if not.
|
||||||
|
|
||||||
|
Alternatively, the ``Deferred`` can resolve to a ``(str, func)`` tuple, in
|
||||||
|
which case the second field is a callback which will be called with the
|
||||||
|
result from the ``/login`` call (including ``access_token``, ``device_id``,
|
||||||
|
etc.)
|
||||||
|
|
||||||
``someprovider.check_password``\(*user_id*, *password*)
|
``someprovider.check_password``\(*user_id*, *password*)
|
||||||
|
|
||||||
This method provides a simpler interface than ``get_supported_login_types``
|
This method provides a simpler interface than ``get_supported_login_types``
|
||||||
|
@ -270,6 +270,7 @@ class AuthHandler(BaseHandler):
|
|||||||
sess = self._get_session_info(session_id)
|
sess = self._get_session_info(session_id)
|
||||||
return sess.setdefault('serverdict', {}).get(key, default)
|
return sess.setdefault('serverdict', {}).get(key, default)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
def _check_password_auth(self, authdict, _):
|
def _check_password_auth(self, authdict, _):
|
||||||
if "user" not in authdict or "password" not in authdict:
|
if "user" not in authdict or "password" not in authdict:
|
||||||
raise LoginError(400, "", Codes.MISSING_PARAM)
|
raise LoginError(400, "", Codes.MISSING_PARAM)
|
||||||
@ -277,10 +278,11 @@ class AuthHandler(BaseHandler):
|
|||||||
user_id = authdict["user"]
|
user_id = authdict["user"]
|
||||||
password = authdict["password"]
|
password = authdict["password"]
|
||||||
|
|
||||||
return self.validate_login(user_id, {
|
(canonical_id, callback) = yield self.validate_login(user_id, {
|
||||||
"type": LoginType.PASSWORD,
|
"type": LoginType.PASSWORD,
|
||||||
"password": password,
|
"password": password,
|
||||||
})
|
})
|
||||||
|
defer.returnValue(canonical_id)
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _check_recaptcha(self, authdict, clientip):
|
def _check_recaptcha(self, authdict, clientip):
|
||||||
@ -517,7 +519,8 @@ class AuthHandler(BaseHandler):
|
|||||||
login_submission (dict): the whole of the login submission
|
login_submission (dict): the whole of the login submission
|
||||||
(including 'type' and other relevant fields)
|
(including 'type' and other relevant fields)
|
||||||
Returns:
|
Returns:
|
||||||
Deferred[str]: canonical user id
|
Deferred[str, func]: canonical user id, and optional callback
|
||||||
|
to be called once the access token and device id are issued
|
||||||
Raises:
|
Raises:
|
||||||
StoreError if there was a problem accessing the database
|
StoreError if there was a problem accessing the database
|
||||||
SynapseError if there was a problem with the request
|
SynapseError if there was a problem with the request
|
||||||
@ -581,11 +584,13 @@ class AuthHandler(BaseHandler):
|
|||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
returned_user_id = yield provider.check_auth(
|
result = yield provider.check_auth(
|
||||||
username, login_type, login_dict,
|
username, login_type, login_dict,
|
||||||
)
|
)
|
||||||
if returned_user_id:
|
if result:
|
||||||
defer.returnValue(returned_user_id)
|
if isinstance(result, str):
|
||||||
|
result = (result, None)
|
||||||
|
defer.returnValue(result)
|
||||||
|
|
||||||
if login_type == LoginType.PASSWORD:
|
if login_type == LoginType.PASSWORD:
|
||||||
known_login_type = True
|
known_login_type = True
|
||||||
@ -595,7 +600,7 @@ class AuthHandler(BaseHandler):
|
|||||||
)
|
)
|
||||||
|
|
||||||
if canonical_user_id:
|
if canonical_user_id:
|
||||||
defer.returnValue(canonical_user_id)
|
defer.returnValue((canonical_user_id, None))
|
||||||
|
|
||||||
if not known_login_type:
|
if not known_login_type:
|
||||||
raise SynapseError(400, "Unknown login type %s" % login_type)
|
raise SynapseError(400, "Unknown login type %s" % login_type)
|
||||||
|
@ -219,7 +219,7 @@ class LoginRestServlet(ClientV1RestServlet):
|
|||||||
raise SynapseError(400, "User identifier is missing 'user' key")
|
raise SynapseError(400, "User identifier is missing 'user' key")
|
||||||
|
|
||||||
auth_handler = self.auth_handler
|
auth_handler = self.auth_handler
|
||||||
canonical_user_id = yield auth_handler.validate_login(
|
canonical_user_id, callback = yield auth_handler.validate_login(
|
||||||
identifier["user"],
|
identifier["user"],
|
||||||
login_submission,
|
login_submission,
|
||||||
)
|
)
|
||||||
@ -238,6 +238,9 @@ class LoginRestServlet(ClientV1RestServlet):
|
|||||||
"device_id": device_id,
|
"device_id": device_id,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if callback is not None:
|
||||||
|
yield callback(result)
|
||||||
|
|
||||||
defer.returnValue((200, result))
|
defer.returnValue((200, result))
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
|
Loading…
x
Reference in New Issue
Block a user