_check_threepid in auth.py incorrect for MSISDN #6103

jryans · 2019-09-24T18:12:25Z

Looking at this snippet:

Lines 446 to 463 in f99a9c9

    
           if self.hs.config.threepid_behaviour_email == ThreepidBehaviour.REMOTE: 
        
               if medium == "email": 
        
                   threepid = yield identity_handler.threepid_from_creds( 
        
                       self.hs.config.account_threepid_delegate_email, threepid_creds 
        
                   ) 
        
               elif medium == "msisdn": 
        
                   threepid = yield identity_handler.threepid_from_creds( 
        
                       self.hs.config.account_threepid_delegate_msisdn, threepid_creds 
        
                   ) 
        
               else: 
        
                   raise SynapseError(400, "Unrecognized threepid medium: %s" % (medium,)) 
        
           elif self.hs.config.threepid_behaviour_email == ThreepidBehaviour.LOCAL: 
        
               row = yield self.store.get_threepid_validation_session( 
        
                   medium, 
        
                   threepid_creds["client_secret"], 
        
                   sid=threepid_creds["sid"], 
        
                   validated=True, 
        
               )

...the MSISDN handling should not depend on the threepid_behaviour_email setting. Instead, we should use the MSISDN delegate if it exists or else fail.

Riot Web hits this block when trying to provide a MSISDN during registration.

The text was updated successfully, but these errors were encountered:

…pid_behaviour_email'. (#6104) Fixes #6103

jryans · 2019-09-25T12:02:01Z

Fixed by #6104

jryans added z-privacy-sprint (Deprecated Label) phase:1 labels Sep 24, 2019

neilisfragile added the release blocker label Sep 24, 2019

neilisfragile mentioned this issue Sep 24, 2019

Threepid validity checks on msisdns should not be dependent on 'threepid_behaviour_email'. #6104

Merged

richvdh pushed a commit that referenced this issue Sep 25, 2019

Threepid validity checks on msisdns should not be dependent on 'three…

77dc709

…pid_behaviour_email'. (#6104) Fixes #6103

jryans closed this as completed Sep 25, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

_check_threepid in auth.py incorrect for MSISDN #6103

_check_threepid in auth.py incorrect for MSISDN #6103

jryans commented Sep 24, 2019

jryans commented Sep 25, 2019

_check_threepid in auth.py incorrect for MSISDN #6103

_check_threepid in auth.py incorrect for MSISDN #6103

Comments

jryans commented Sep 24, 2019

jryans commented Sep 25, 2019