mirror of
https://mau.dev/maunium/synapse.git
synced 2024-12-15 12:33:52 +01:00
Threepid validity checks on msisdns should not be dependent on 'threepid_behaviour_email'. (#6104)
Fixes #6103
This commit is contained in:
parent
990928abde
commit
77dc7093a7
2 changed files with 36 additions and 30 deletions
1
changelog.d/6104.bugfix
Normal file
1
changelog.d/6104.bugfix
Normal file
|
@ -0,0 +1 @@
|
||||||
|
Threepid validity checks on msisdns should not be dependent on 'threepid_behaviour_email'.
|
|
@ -148,18 +148,24 @@ class _BaseThreepidAuthChecker:
|
||||||
identity_handler = self.hs.get_handlers().identity_handler
|
identity_handler = self.hs.get_handlers().identity_handler
|
||||||
|
|
||||||
logger.info("Getting validated threepid. threepidcreds: %r", (threepid_creds,))
|
logger.info("Getting validated threepid. threepidcreds: %r", (threepid_creds,))
|
||||||
if self.hs.config.threepid_behaviour_email == ThreepidBehaviour.REMOTE:
|
|
||||||
if medium == "email":
|
# msisdns are currently always ThreepidBehaviour.REMOTE
|
||||||
threepid = yield identity_handler.threepid_from_creds(
|
if medium == "msisdn":
|
||||||
self.hs.config.account_threepid_delegate_email, threepid_creds
|
if not self.hs.config.account_threepid_delegate_msisdn:
|
||||||
|
raise SynapseError(
|
||||||
|
400, "Phone number verification is not enabled on this homeserver"
|
||||||
)
|
)
|
||||||
elif medium == "msisdn":
|
|
||||||
threepid = yield identity_handler.threepid_from_creds(
|
threepid = yield identity_handler.threepid_from_creds(
|
||||||
self.hs.config.account_threepid_delegate_msisdn, threepid_creds
|
self.hs.config.account_threepid_delegate_msisdn, threepid_creds
|
||||||
)
|
)
|
||||||
else:
|
elif medium == "email":
|
||||||
raise SynapseError(400, "Unrecognized threepid medium: %s" % (medium,))
|
if self.hs.config.threepid_behaviour_email == ThreepidBehaviour.REMOTE:
|
||||||
|
assert self.hs.config.account_threepid_delegate_email
|
||||||
|
threepid = yield identity_handler.threepid_from_creds(
|
||||||
|
self.hs.config.account_threepid_delegate_email, threepid_creds
|
||||||
|
)
|
||||||
elif self.hs.config.threepid_behaviour_email == ThreepidBehaviour.LOCAL:
|
elif self.hs.config.threepid_behaviour_email == ThreepidBehaviour.LOCAL:
|
||||||
|
threepid = None
|
||||||
row = yield self.store.get_threepid_validation_session(
|
row = yield self.store.get_threepid_validation_session(
|
||||||
medium,
|
medium,
|
||||||
threepid_creds["client_secret"],
|
threepid_creds["client_secret"],
|
||||||
|
@ -167,23 +173,22 @@ class _BaseThreepidAuthChecker:
|
||||||
validated=True,
|
validated=True,
|
||||||
)
|
)
|
||||||
|
|
||||||
threepid = (
|
if row:
|
||||||
{
|
threepid = {
|
||||||
"medium": row["medium"],
|
"medium": row["medium"],
|
||||||
"address": row["address"],
|
"address": row["address"],
|
||||||
"validated_at": row["validated_at"],
|
"validated_at": row["validated_at"],
|
||||||
}
|
}
|
||||||
if row
|
|
||||||
else None
|
|
||||||
)
|
|
||||||
|
|
||||||
if row:
|
|
||||||
# Valid threepid returned, delete from the db
|
# Valid threepid returned, delete from the db
|
||||||
yield self.store.delete_threepid_session(threepid_creds["sid"])
|
yield self.store.delete_threepid_session(threepid_creds["sid"])
|
||||||
else:
|
else:
|
||||||
raise SynapseError(
|
raise SynapseError(
|
||||||
400, "Password resets are not enabled on this homeserver"
|
400, "Email address verification is not enabled on this homeserver"
|
||||||
)
|
)
|
||||||
|
else:
|
||||||
|
# this can't happen!
|
||||||
|
raise AssertionError("Unrecognized threepid medium: %s" % (medium,))
|
||||||
|
|
||||||
if not threepid:
|
if not threepid:
|
||||||
raise LoginError(401, "", errcode=Codes.UNAUTHORIZED)
|
raise LoginError(401, "", errcode=Codes.UNAUTHORIZED)
|
||||||
|
|
Loading…
Reference in a new issue