Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-08-03 23:44:12 -04:00
Code Issues Projects Releases Packages Wiki Activity

Don't offer password login when it is disabled (#8835)

Browse source 
Fix a minor bug where we would offer "m.login.password" login if a custom auth provider supported it, even if password login was disabled.
This commit is contained in:
Richard van der Hoff 2020-12-01 13:04:03 +00:00 committed by GitHub
parent ddc4343683
commit 89f7930730
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 115 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

10
synapse/handlers/auth.py
View file

@ -205,15 +205,23 @@ class AuthHandler(BaseHandler):
# type in the list. (NB that the spec doesn't require us to do so and
# clients which favour types that they don't understand over those that
# they do are technically broken)
# start out by assuming PASSWORD is enabled; we will remove it later if not.
login_types = []
if self._password_enabled:
if hs.config.password_localdb_enabled:
login_types.append(LoginType.PASSWORD)
for provider in self.password_providers:
if hasattr(provider, "get_supported_login_types"):
for t in provider.get_supported_login_types().keys():
if t not in login_types:
login_types.append(t)
if not self._password_enabled:
login_types.remove(LoginType.PASSWORD)
self._supported_login_types = login_types
# Login types and UI Auth types have a heavy overlap, but are not
# necessarily identical. Login types have SSO (and other login types)
# added in the rest layer, see synapse.rest.client.v1.login.LoginRestServerlet.on_GET.