Matrix-Mirrors/anonymousland-synapse
1
0
Fork 0
mirror of https://git.anonymousland.org/anonymousland/synapse.git synced 2025-05-06 14:45:01 -04:00
Code Issues Projects Releases Packages Wiki Activity

Always whitelist the login fallback for SSO (#7153)

Browse source 
That fallback sets the redirect URL to itself (so it can process the login
token then return gracefully to the client). This would make it pointless to
ask the user for confirmation, since the URL the confirmation page would be
showing wouldn't be the client's.
This commit is contained in:
Richard van der Hoff 2020-03-27 20:24:52 +00:00
parent 84f7eaed16
commit b7da598a61
4 changed files with 28 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

9
tests/rest/client/v1/test_login.py
View file

@ -350,7 +350,14 @@ class CASRedirectConfirmTestCase(unittest.HomeserverTestCase):
def test_cas_redirect_whitelisted(self):
"""Tests that the SSO login flow serves a redirect to a whitelisted url
"""
redirect_url = "https://legit-site.com/"
self._test_redirect("https://legit-site.com/")
@override_config({"public_baseurl": "https://example.com"})
def test_cas_redirect_login_fallback(self):
self._test_redirect("https://example.com/_matrix/static/client/login")
def _test_redirect(self, redirect_url):
"""Tests that the SSO login flow serves a redirect for the given redirect URL."""
cas_ticket_url = (
"/_matrix/client/r0/login/cas/ticket?redirectUrl=%s&ticket=ticket"
% (urllib.parse.quote(redirect_url))