Merge pull request #4681 from matrix-org/dinsic_anoa/info_split

[DINSIC] Use internal-info for identity server
This commit is contained in:
Andrew Morgan 2019-02-28 11:28:55 +00:00 committed by GitHub
commit 3271742905
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 19 additions and 9 deletions

View file

@ -55,7 +55,7 @@ class EmailPasswordRequestTokenRestServlet(RestServlet):
if not (yield check_3pid_allowed(self.hs, "email", body['email'])):
raise SynapseError(
403,
"Your email domain is not authorized on this server",
"Your email is not authorized on this server",
Codes.THREEPID_DENIED,
)
@ -271,7 +271,7 @@ class EmailThreepidRequestTokenRestServlet(RestServlet):
if not (yield check_3pid_allowed(self.hs, "email", body['email'])):
raise SynapseError(
403,
"Your email domain is not authorized on this server",
"Your email is not authorized on this server",
Codes.THREEPID_DENIED,
)

View file

@ -78,7 +78,7 @@ class EmailRegisterRequestTokenRestServlet(RestServlet):
if not (yield check_3pid_allowed(self.hs, "email", body['email'])):
raise SynapseError(
403,
"Your email domain is not authorized to register on this server",
"Your email is not authorized to register on this server",
Codes.THREEPID_DENIED,
)

View file

@ -23,7 +23,7 @@ logger = logging.getLogger(__name__)
@defer.inlineCallbacks
def check_3pid_allowed(hs, medium, address):
"""Checks whether a given format of 3PID is allowed to be used on this HS
"""Checks whether a given 3PID is allowed to be used on this HS
Args:
hs (synapse.server.HomeServer): server
@ -38,14 +38,24 @@ def check_3pid_allowed(hs, medium, address):
data = yield hs.get_simple_http_client().get_json(
"https://%s%s" % (
hs.config.check_is_for_allowed_local_3pids,
"/_matrix/identity/api/v1/info"
"/_matrix/identity/api/v1/internal-info"
),
{'medium': medium, 'address': address}
)
if hs.config.allow_invited_3pids and data.get('invited'):
# Check for invalid response
if 'hs' not in data and 'shadow_hs' not in data:
defer.returnValue(False)
# Check if this user is intended to register for this homeserver
if data['hs'] != hs.config.server_name and data['shadow_hs'] != hs.config.server_name:
defer.returnValue(False)
if data.get('requires_invite', False) and not data.get('invited', False):
# Requires an invite but hasn't been invited
defer.returnValue(False)
defer.returnValue(True)
else:
defer.returnValue(data['hs'] == hs.config.server_name)
if hs.config.allowed_local_3pids:
for constraint in hs.config.allowed_local_3pids: