mirror of
https://github.com/matrix-org/synapse.git
synced 2025-01-15 12:46:55 +00:00
Don't bind email unless threepid contains expected fields
This commit is contained in:
parent
0da0d0a29d
commit
8f6281ab0c
@ -232,19 +232,10 @@ class RegisterRestServlet(RestServlet):
|
|||||||
|
|
||||||
if add_email and result and LoginType.EMAIL_IDENTITY in result:
|
if add_email and result and LoginType.EMAIL_IDENTITY in result:
|
||||||
threepid = result[LoginType.EMAIL_IDENTITY]
|
threepid = result[LoginType.EMAIL_IDENTITY]
|
||||||
reqd = ('medium', 'address', 'validated_at')
|
yield self._register_email_threepid(
|
||||||
if all(x in threepid for x in reqd):
|
registered_user_id, threepid, access_token,
|
||||||
yield self._register_email_threepid(
|
params.get("bind_email")
|
||||||
registered_user_id, threepid, access_token
|
)
|
||||||
)
|
|
||||||
# XXX why is bind_email not protected by this?
|
|
||||||
else:
|
|
||||||
logger.info("Can't add incomplete 3pid")
|
|
||||||
if params.get("bind_email"):
|
|
||||||
logger.info("bind_email specified: binding")
|
|
||||||
yield self._bind_email(registered_user_id, threepid)
|
|
||||||
else:
|
|
||||||
logger.info("bind_email not specified: not binding email")
|
|
||||||
|
|
||||||
result = yield self._create_registration_details(registered_user_id,
|
result = yield self._create_registration_details(registered_user_id,
|
||||||
access_token)
|
access_token)
|
||||||
@ -288,19 +279,28 @@ class RegisterRestServlet(RestServlet):
|
|||||||
defer.returnValue((yield self._create_registration_details(user_id, token)))
|
defer.returnValue((yield self._create_registration_details(user_id, token)))
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _register_email_threepid(self, user_id, threepid, token):
|
def _register_email_threepid(self, user_id, threepid, token, bind_email):
|
||||||
"""Add an email address as a 3pid identifier
|
"""Add an email address as a 3pid identifier
|
||||||
|
|
||||||
Also adds an email pusher for the email address, if configured in the
|
Also adds an email pusher for the email address, if configured in the
|
||||||
HS config
|
HS config
|
||||||
|
|
||||||
|
Also optionally binds emails to the given user_id on the identity server
|
||||||
|
|
||||||
Args:
|
Args:
|
||||||
user_id (str): id of user
|
user_id (str): id of user
|
||||||
threepid (object): m.login.email.identity auth response
|
threepid (object): m.login.email.identity auth response
|
||||||
token (str): access_token for the user
|
token (str): access_token for the user
|
||||||
|
bind_email (bool): true if the client requested the email to be
|
||||||
|
bound at the identity server
|
||||||
Returns:
|
Returns:
|
||||||
defer.Deferred:
|
defer.Deferred:
|
||||||
"""
|
"""
|
||||||
|
reqd = ('medium', 'address', 'validated_at')
|
||||||
|
if any(x not in threepid for x in reqd):
|
||||||
|
logger.info("Can't add incomplete 3pid")
|
||||||
|
defer.returnValue()
|
||||||
|
|
||||||
yield self.auth_handler.add_threepid(
|
yield self.auth_handler.add_threepid(
|
||||||
user_id,
|
user_id,
|
||||||
threepid['medium'],
|
threepid['medium'],
|
||||||
@ -334,23 +334,20 @@ class RegisterRestServlet(RestServlet):
|
|||||||
lang=None, # We don't know a user's language here
|
lang=None, # We don't know a user's language here
|
||||||
data={},
|
data={},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
if bind_email:
|
||||||
|
logger.info("bind_email specified: binding")
|
||||||
|
logger.debug("Binding emails %s to %s" % (
|
||||||
|
threepid, user_id
|
||||||
|
))
|
||||||
|
yield self.identity_handler.bind_threepid(
|
||||||
|
threepid['threepid_creds'], user_id
|
||||||
|
)
|
||||||
|
else:
|
||||||
|
logger.info("bind_email not specified: not binding email")
|
||||||
|
|
||||||
defer.returnValue()
|
defer.returnValue()
|
||||||
|
|
||||||
def _bind_email(self, user_id, email_threepid):
|
|
||||||
"""Bind emails to the given user_id on the identity server
|
|
||||||
|
|
||||||
Args:
|
|
||||||
user_id (str): user id to bind the emails to
|
|
||||||
email_threepid (object): m.login.email.identity auth response
|
|
||||||
Returns:
|
|
||||||
defer.Deferred:
|
|
||||||
"""
|
|
||||||
threepid_creds = email_threepid['threepid_creds']
|
|
||||||
logger.debug("Binding emails %s to %s" % (
|
|
||||||
email_threepid, user_id
|
|
||||||
))
|
|
||||||
return self.identity_handler.bind_threepid(threepid_creds, user_id)
|
|
||||||
|
|
||||||
@defer.inlineCallbacks
|
@defer.inlineCallbacks
|
||||||
def _create_registration_details(self, user_id, token):
|
def _create_registration_details(self, user_id, token):
|
||||||
refresh_token = yield self.auth_handler.issue_refresh_token(user_id)
|
refresh_token = yield self.auth_handler.issue_refresh_token(user_id)
|
||||||
|
Loading…
Reference in New Issue
Block a user