mirror of
https://mau.dev/maunium/synapse.git
synced 2024-10-01 01:36:05 -04:00
Update SSO mapping providers documentation about unique IDs. (#9980)
This commit is contained in:
parent
451f25172a
commit
d19bccdbec
1
changelog.d/9980.doc
Normal file
1
changelog.d/9980.doc
Normal file
@ -0,0 +1 @@
|
|||||||
|
Clarify documentation around SSO mapping providers generating unique IDs and localparts.
|
@ -67,8 +67,8 @@ A custom mapping provider must specify the following methods:
|
|||||||
- Arguments:
|
- Arguments:
|
||||||
- `userinfo` - A `authlib.oidc.core.claims.UserInfo` object to extract user
|
- `userinfo` - A `authlib.oidc.core.claims.UserInfo` object to extract user
|
||||||
information from.
|
information from.
|
||||||
- This method must return a string, which is the unique identifier for the
|
- This method must return a string, which is the unique, immutable identifier
|
||||||
user. Commonly the ``sub`` claim of the response.
|
for the user. Commonly the `sub` claim of the response.
|
||||||
* `map_user_attributes(self, userinfo, token, failures)`
|
* `map_user_attributes(self, userinfo, token, failures)`
|
||||||
- This method must be async.
|
- This method must be async.
|
||||||
- Arguments:
|
- Arguments:
|
||||||
@ -87,7 +87,9 @@ A custom mapping provider must specify the following methods:
|
|||||||
`localpart` value, such as `john.doe1`.
|
`localpart` value, such as `john.doe1`.
|
||||||
- Returns a dictionary with two keys:
|
- Returns a dictionary with two keys:
|
||||||
- `localpart`: A string, used to generate the Matrix ID. If this is
|
- `localpart`: A string, used to generate the Matrix ID. If this is
|
||||||
`None`, the user is prompted to pick their own username.
|
`None`, the user is prompted to pick their own username. This is only used
|
||||||
|
during a user's first login. Once a localpart has been associated with a
|
||||||
|
remote user ID (see `get_remote_user_id`) it cannot be updated.
|
||||||
- `displayname`: An optional string, the display name for the user.
|
- `displayname`: An optional string, the display name for the user.
|
||||||
* `get_extra_attributes(self, userinfo, token)`
|
* `get_extra_attributes(self, userinfo, token)`
|
||||||
- This method must be async.
|
- This method must be async.
|
||||||
@ -153,8 +155,8 @@ A custom mapping provider must specify the following methods:
|
|||||||
information from.
|
information from.
|
||||||
- `client_redirect_url` - A string, the URL that the client will be
|
- `client_redirect_url` - A string, the URL that the client will be
|
||||||
redirected to.
|
redirected to.
|
||||||
- This method must return a string, which is the unique identifier for the
|
- This method must return a string, which is the unique, immutable identifier
|
||||||
user. Commonly the ``uid`` claim of the response.
|
for the user. Commonly the `uid` claim of the response.
|
||||||
* `saml_response_to_user_attributes(self, saml_response, failures, client_redirect_url)`
|
* `saml_response_to_user_attributes(self, saml_response, failures, client_redirect_url)`
|
||||||
- Arguments:
|
- Arguments:
|
||||||
- `saml_response` - A `saml2.response.AuthnResponse` object to extract user
|
- `saml_response` - A `saml2.response.AuthnResponse` object to extract user
|
||||||
@ -172,8 +174,10 @@ A custom mapping provider must specify the following methods:
|
|||||||
redirected to.
|
redirected to.
|
||||||
- This method must return a dictionary, which will then be used by Synapse
|
- This method must return a dictionary, which will then be used by Synapse
|
||||||
to build a new user. The following keys are allowed:
|
to build a new user. The following keys are allowed:
|
||||||
* `mxid_localpart` - The mxid localpart of the new user. If this is
|
* `mxid_localpart` - A string, the mxid localpart of the new user. If this is
|
||||||
`None`, the user is prompted to pick their own username.
|
`None`, the user is prompted to pick their own username. This is only used
|
||||||
|
during a user's first login. Once a localpart has been associated with a
|
||||||
|
remote user ID (see `get_remote_user_id`) it cannot be updated.
|
||||||
* `displayname` - The displayname of the new user. If not provided, will default to
|
* `displayname` - The displayname of the new user. If not provided, will default to
|
||||||
the value of `mxid_localpart`.
|
the value of `mxid_localpart`.
|
||||||
* `emails` - A list of emails for the new user. If not provided, will
|
* `emails` - A list of emails for the new user. If not provided, will
|
||||||
|
Loading…
Reference in New Issue
Block a user