mirror of
https://mau.dev/maunium/synapse.git
synced 2024-12-17 22:23:53 +01:00
Add m.login.application_service registration procedure.
This allows known application services to register any user ID under their own user namespace(s).
This commit is contained in:
Kegan Dougal
parent
11e6b3d18b
commit
0227618d3c
3 changed files with 44 additions and 1 deletions
|
|
@ -59,6 +59,7 @@ class LoginType(object):
|
||||||
EMAIL_URL = u"m.login.email.url"
|
EMAIL_URL = u"m.login.email.url"
|
||||||
EMAIL_IDENTITY = u"m.login.email.identity"
|
EMAIL_IDENTITY = u"m.login.email.identity"
|
||||||
RECAPTCHA = u"m.login.recaptcha"
|
RECAPTCHA = u"m.login.recaptcha"
|
||||||
|
APPLICATION_SERVICE = u"m.login.application_service"
|
||||||
|
|
||||||
|
|
||||||
class EventTypes(object):
|
class EventTypes(object):
|
||||||
|
|
|
||||||
|
|
@ -105,6 +105,26 @@ class RegistrationHandler(BaseHandler):
|
||||||
|
|
||||||
defer.returnValue((user_id, token))
|
defer.returnValue((user_id, token))
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def appservice_register(self, user_localpart, as_token):
|
||||||
|
user = UserID(user_localpart, self.hs.hostname)
|
||||||
|
user_id = user.to_string()
|
||||||
|
service = yield self.store.get_app_service_by_token(as_token)
|
||||||
|
if not service:
|
||||||
|
raise SynapseError(403, "Invalid application service token.")
|
||||||
|
if not service.is_interested_in_user(user_id):
|
||||||
|
raise SynapseError(
|
||||||
|
400, "Invalid user localpart for this application service."
|
||||||
|
)
|
||||||
|
token = self._generate_token(user_id)
|
||||||
|
yield self.store.register(
|
||||||
|
user_id=user_id,
|
||||||
|
token=token,
|
||||||
|
password_hash=""
|
||||||
|
)
|
||||||
|
self.distributor.fire("registered_user", user)
|
||||||
|
defer.returnValue((user_id, token))
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def check_recaptcha(self, ip, private_key, challenge, response):
|
def check_recaptcha(self, ip, private_key, challenge, response):
|
||||||
"""Checks a recaptcha is correct."""
|
"""Checks a recaptcha is correct."""
|
||||||
|
|
|
||||||
|
|
@ -110,7 +110,8 @@ class RegisterRestServlet(ClientV1RestServlet):
|
||||||
stages = {
|
stages = {
|
||||||
LoginType.RECAPTCHA: self._do_recaptcha,
|
LoginType.RECAPTCHA: self._do_recaptcha,
|
||||||
LoginType.PASSWORD: self._do_password,
|
LoginType.PASSWORD: self._do_password,
|
||||||
LoginType.EMAIL_IDENTITY: self._do_email_identity
|
LoginType.EMAIL_IDENTITY: self._do_email_identity,
|
||||||
|
LoginType.APPLICATION_SERVICE: self._do_app_service
|
||||||
}
|
}
|
||||||
|
|
||||||
session_info = self._get_session_info(request, session)
|
session_info = self._get_session_info(request, session)
|
||||||
|
|
@ -276,6 +277,27 @@ class RegisterRestServlet(ClientV1RestServlet):
|
||||||
self._remove_session(session)
|
self._remove_session(session)
|
||||||
defer.returnValue(result)
|
defer.returnValue(result)
|
||||||
|
|
||||||
|
@defer.inlineCallbacks
|
||||||
|
def _do_app_service(self, request, register_json, session):
|
||||||
|
if "access_token" not in request.args:
|
||||||
|
raise SynapseError(400, "Expected application service token.")
|
||||||
|
if "user" not in register_json:
|
||||||
|
raise SynapseError(400, "Expected 'user' key.")
|
||||||
|
|
||||||
|
as_token = request.args["access_token"][0]
|
||||||
|
user_localpart = register_json["user"].encode("utf-8")
|
||||||
|
|
||||||
|
handler = self.handlers.registration_handler
|
||||||
|
(user_id, token) = yield handler.appservice_register(
|
||||||
|
user_localpart, as_token
|
||||||
|
)
|
||||||
|
self._remove_session(session)
|
||||||
|
defer.returnValue({
|
||||||
|
"user_id": user_id,
|
||||||
|
"access_token": token,
|
||||||
|
"home_server": self.hs.hostname,
|
||||||
|
})
|
||||||
|
|
||||||
|
|
||||||
def _parse_json(request):
|
def _parse_json(request):
|
||||||
try:
|
try:
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue