Don't fail /submit_token requests on incorrect session ID if request_token_inhibit_3pid_errors is turned on (#7991)

* Don't raise session_id errors on submit_token if request_token_inhibit_3pid_errors is set * Changelog * Also wait some time before responding to /requestToken * Incorporate review * Update synapse/storage/databases/main/registration.py Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> * Incorporate review Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2025-08-07 08:32:11 -04:00 · 2020-08-24 11:33:55 +01:00 · 2020-08-24 11:33:55 +01:00 · 3f49f74610
commit 3f49f74610
parent cbbf9126cb
5 changed files with 68 additions and 6 deletions
--- a/tests/storage/test_registration.py
+++ b/tests/storage/test_registration.py
@ -17,6 +17,7 @@
 from twisted.internet import defer

 from synapse.api.constants import UserTypes
+from synapse.api.errors import ThreepidValidationError

 from tests import unittest
 from tests.utils import setup_test_homeserver
@ -122,3 +123,33 @@ class RegistrationStoreTestCase(unittest.TestCase):
        )
        res = yield self.store.is_support_user(SUPPORT_USER)
        self.assertTrue(res)
+
+    @defer.inlineCallbacks
+    def test_3pid_inhibit_invalid_validation_session_error(self):
+        """Tests that enabling the configuration option to inhibit 3PID errors on
+        /requestToken also inhibits validation errors caused by an unknown session ID.
+        """
+
+        # Check that, with the config setting set to false (the default value), a
+        # validation error is caused by the unknown session ID.
+        try:
+            yield defer.ensureDeferred(
+                self.store.validate_threepid_session(
+                    "fake_sid", "fake_client_secret", "fake_token", 0,
+                )
+            )
+        except ThreepidValidationError as e:
+            self.assertEquals(e.msg, "Unknown session_id", e)
+
+        # Set the config setting to true.
+        self.store._ignore_unknown_session_error = True
+
+        # Check that now the validation error is caused by the token not matching.
+        try:
+            yield defer.ensureDeferred(
+                self.store.validate_threepid_session(
+                    "fake_sid", "fake_client_secret", "fake_token", 0,
+                )
+            )
+        except ThreepidValidationError as e:
+            self.assertEquals(e.msg, "Validation token not found or has expired", e)