Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
move configuration into oidc configuartion
Browse files Browse the repository at this point in the history
  • Loading branch information
warrenbailey committed Mar 28, 2023
1 parent d4e11d2 commit 38c10e1
Show file tree
Hide file tree
Showing 3 changed files with 9 additions and 5 deletions.
1 change: 1 addition & 0 deletions synapse/handlers/oidc.py
Original file line number Diff line number Diff line change
Expand Up @@ -1239,6 +1239,7 @@ async def grandfather_existing_users() -> Optional[str]:
grandfather_existing_users,
extra_attributes,
auth_provider_session_id=sid,
registration_enabled=self._config.enable_registration,
)

def _remote_id_from_userinfo(self, userinfo: UserInfo) -> str:
Expand Down
9 changes: 6 additions & 3 deletions synapse/handlers/sso.py
Original file line number Diff line number Diff line change
Expand Up @@ -224,8 +224,6 @@ def __init__(self, hs: "HomeServer"):

self._consent_at_registration = hs.config.consent.user_consent_at_registration

self._registration_enabled = hs.config.odic.enable_registration

def register_identity_provider(self, p: SsoIdentityProvider) -> None:
p_id = p.idp_id
assert p_id not in self._identity_providers
Expand Down Expand Up @@ -385,6 +383,7 @@ async def complete_sso_login_request(
grandfather_existing_users: Callable[[], Awaitable[Optional[str]]],
extra_login_attributes: Optional[JsonDict] = None,
auth_provider_session_id: Optional[str] = None,
registration_enabled: bool = True,
) -> None:
"""
Given an SSO ID, retrieve the user ID for it and possibly register the user.
Expand Down Expand Up @@ -437,6 +436,10 @@ async def complete_sso_login_request(
auth_provider_session_id: An optional session ID from the IdP.
registration_enabled: An optional boolean to enable/disable automatic
registrations of new users. If false and the user does not exist then the
flow is aborted. Defaults to true.
Raises:
MappingException if there was a problem mapping the response to a user.
RedirectException: if the mapping provider needs to redirect the user
Expand Down Expand Up @@ -464,7 +467,7 @@ async def complete_sso_login_request(
auth_provider_id, remote_user_id, user_id
)

if not user_id and not self._registration_enabled:
if not user_id and not registration_enabled:
logger.info(
"User does not exist and registration are disabled for IdP '%s' and remote_user_id '%s'",
auth_provider_id,
Expand Down
4 changes: 2 additions & 2 deletions tests/handlers/test_oidc.py
Original file line number Diff line number Diff line change
Expand Up @@ -922,7 +922,7 @@ def test_extra_attributes(self) -> None:
auth_provider_session_id=None,
)

@override_config({"oidc_config": DEFAULT_CONFIG, "enable_registration": True})
@override_config({"oidc_config": {**DEFAULT_CONFIG, "enable_registration": True}})
def test_map_userinfo_to_user(self) -> None:
"""Ensure that mapping the userinfo returned from a provider to an MXID works properly."""
userinfo: dict = {
Expand Down Expand Up @@ -975,7 +975,7 @@ def test_map_userinfo_to_user(self) -> None:
"Mapping provider does not support de-duplicating Matrix IDs",
)

@override_config({"oidc_config": DEFAULT_CONFIG, "enable_registration": False})
@override_config({"oidc_config": {**DEFAULT_CONFIG, "enable_registration": False}})
def test_map_userinfo_to_user_does_not_register_new_user(self) -> None:
"""Ensures new users are not registered if the enabled registration flag is disabled."""
userinfo: dict = {
Expand Down

0 comments on commit 38c10e1

Please sign in to comment.