Work around email-spamming Riot bug

5d9546f9 introduced a change to synapse behaviour, in that failures in the interactive-auth process would return the flows and params data as well as an error code (as specced in https://github.com/matrix-org/matrix-doc/pull/397). That change exposed a bug in Riot which would make it request a new validation token (and send a new email) each time it got a 401 with a `flows` parameter (see https://github.com/vector-im/vector-web/issues/2447 and the fix at https://github.com/matrix-org/matrix-react-sdk/pull/510). To preserve compatibility with broken versions of Riot, grandfather in the old behaviour for the email validation stage.
2016-10-11 11:34:40 +01:00 · 2016-10-11 11:34:40 +01:00 · fa74fcf512
commit fa74fcf512
parent 8681aff4f1
1 changed files with 14 additions and 3 deletions
--- a/synapse/handlers/auth.py
+++ b/synapse/handlers/auth.py
@ -150,14 +150,25 @@ class AuthHandler(BaseHandler):
        # check auth type currently being presented
        errordict = {}
        if 'type' in authdict:
-            if authdict['type'] not in self.checkers:
+            login_type = authdict['type']
+            if login_type not in self.checkers:
                raise LoginError(400, "", Codes.UNRECOGNIZED)
            try:
-                result = yield self.checkers[authdict['type']](authdict, clientip)
+                result = yield self.checkers[login_type](authdict, clientip)
                if result:
-                    creds[authdict['type']] = result
+                    creds[login_type] = result
                    self._save_session(session)
            except LoginError, e:
+                if login_type == LoginType.EMAIL_IDENTITY:
+                    # riot used to have a bug where it would request a new
+                    # validation token (thus sending a new email) each time it
+                    # got a 401 with a 'flows' field.
+                    # (https://github.com/vector-im/vector-web/issues/2447).
+                    #
+                    # Grandfather in the old behaviour for now to avoid
+                    # breaking old riot deployments.
+                    raise e
+
                # this step failed. Merge the error dict into the response
                # so that the client can have another go.
                errordict = e.error_dict()