Expose MSC3882 only be under an unstable endpoint. (#13868)

This commit is contained in:
Hugh Nimmo-Smith 2022-09-29 12:22:27 +01:00 committed by GitHub
parent 568016929f
commit e5fdf16d46
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 13 additions and 8 deletions

1
changelog.d/13868.misc Normal file
View File

@ -0,0 +1 @@
Fix unstable MSC3882 endpoint being incorrectly available on stable API versions.

View File

@ -47,7 +47,9 @@ class LoginTokenRequestServlet(RestServlet):
}
"""
PATTERNS = client_patterns("/login/token$")
PATTERNS = client_patterns(
"/org.matrix.msc3882/login/token$", releases=[], v1=False, unstable=True
)
def __init__(self, hs: "HomeServer"):
super().__init__()

View File

@ -22,6 +22,8 @@ from synapse.util import Clock
from tests import unittest
from tests.unittest import override_config
endpoint = "/_matrix/client/unstable/org.matrix.msc3882/login/token"
class LoginTokenRequestServletTestCase(unittest.HomeserverTestCase):
@ -45,18 +47,18 @@ class LoginTokenRequestServletTestCase(unittest.HomeserverTestCase):
self.password = "password"
def test_disabled(self) -> None:
channel = self.make_request("POST", "/login/token", {}, access_token=None)
channel = self.make_request("POST", endpoint, {}, access_token=None)
self.assertEqual(channel.code, 400)
self.register_user(self.user, self.password)
token = self.login(self.user, self.password)
channel = self.make_request("POST", "/login/token", {}, access_token=token)
channel = self.make_request("POST", endpoint, {}, access_token=token)
self.assertEqual(channel.code, 400)
@override_config({"experimental_features": {"msc3882_enabled": True}})
def test_require_auth(self) -> None:
channel = self.make_request("POST", "/login/token", {}, access_token=None)
channel = self.make_request("POST", endpoint, {}, access_token=None)
self.assertEqual(channel.code, 401)
@override_config({"experimental_features": {"msc3882_enabled": True}})
@ -64,7 +66,7 @@ class LoginTokenRequestServletTestCase(unittest.HomeserverTestCase):
user_id = self.register_user(self.user, self.password)
token = self.login(self.user, self.password)
channel = self.make_request("POST", "/login/token", {}, access_token=token)
channel = self.make_request("POST", endpoint, {}, access_token=token)
self.assertEqual(channel.code, 401)
self.assertIn({"stages": ["m.login.password"]}, channel.json_body["flows"])
@ -79,7 +81,7 @@ class LoginTokenRequestServletTestCase(unittest.HomeserverTestCase):
},
}
channel = self.make_request("POST", "/login/token", uia, access_token=token)
channel = self.make_request("POST", endpoint, uia, access_token=token)
self.assertEqual(channel.code, 200)
self.assertEqual(channel.json_body["expires_in"], 300)
@ -100,7 +102,7 @@ class LoginTokenRequestServletTestCase(unittest.HomeserverTestCase):
user_id = self.register_user(self.user, self.password)
token = self.login(self.user, self.password)
channel = self.make_request("POST", "/login/token", {}, access_token=token)
channel = self.make_request("POST", endpoint, {}, access_token=token)
self.assertEqual(channel.code, 200)
self.assertEqual(channel.json_body["expires_in"], 300)
@ -127,6 +129,6 @@ class LoginTokenRequestServletTestCase(unittest.HomeserverTestCase):
self.register_user(self.user, self.password)
token = self.login(self.user, self.password)
channel = self.make_request("POST", "/login/token", {}, access_token=token)
channel = self.make_request("POST", endpoint, {}, access_token=token)
self.assertEqual(channel.code, 200)
self.assertEqual(channel.json_body["expires_in"], 15)