mirror of
https://github.com/element-hq/synapse.git
synced 2024-11-29 15:39:00 +03:00
Merge pull request #391 from matrix-org/erikj/remove_token_from_flow
Remove m.login.token from advertised flows.
This commit is contained in:
commit
3f151da314
1 changed files with 10 additions and 1 deletions
|
@ -58,9 +58,18 @@ class LoginRestServlet(ClientV1RestServlet):
|
|||
flows.append({"type": LoginRestServlet.SAML2_TYPE})
|
||||
if self.cas_enabled:
|
||||
flows.append({"type": LoginRestServlet.CAS_TYPE})
|
||||
|
||||
# While its valid for us to advertise this login type generally,
|
||||
# synapse currently only gives out these tokens as part of the
|
||||
# CAS login flow.
|
||||
# Generally we don't want to advertise login flows that clients
|
||||
# don't know how to implement, since they (currently) will always
|
||||
# fall back to the fallback API if they don't understand one of the
|
||||
# login flow types returned.
|
||||
flows.append({"type": LoginRestServlet.TOKEN_TYPE})
|
||||
if self.password_enabled:
|
||||
flows.append({"type": LoginRestServlet.PASS_TYPE})
|
||||
flows.append({"type": LoginRestServlet.TOKEN_TYPE})
|
||||
|
||||
return (200, {"flows": flows})
|
||||
|
||||
def on_OPTIONS(self, request):
|
||||
|
|
Loading…
Reference in a new issue