Fix existing v2 identity server calls (MSC2140) (#6013)

anoadragon453 · anoadragon453 · commit 136caf422183 · 2020-02-25T13:45:26.000Z
diff --git a/changelog.d/6013.misc b/changelog.d/6013.misc
@@ -0,0 +1 @@
+Compatibility with v2 Identity Service APIs other than /lookup.
diff --git a/synapse/handlers/identity.py b/synapse/handlers/identity.py
@@ -86,6 +86,25 @@ def _extract_items_from_creds_dict(self, creds):
         id_access_token = creds.get("id_access_token")
         return client_secret, id_server, id_access_token
 
+    def create_id_access_token_header(self, id_access_token):
+        """Create an Authorization header for passing to SimpleHttpClient as the header value
+        of an HTTP request.
+
+        Args:
+            id_access_token (str): An identity server access token.
+
+        Returns:
+            list[str]: The ascii-encoded bearer token encased in a list.
+        """
+        # Prefix with Bearer
+        bearer_token = "Bearer %s" % id_access_token
+
+        # Encode headers to standard ascii
+        bearer_token.encode("ascii")
+
+        # Return as a list as that's how SimpleHttpClient takes header values
+        return [bearer_token]
+
     @defer.inlineCallbacks
     def threepid_from_creds(self, id_server, creds):
         """
@@ -180,15 +199,20 @@ def bind_threepid(self, creds, mxid, use_v2=True):
             id_server_host = id_server
 
         # Decide which API endpoint URLs to use
+        headers = {}
         bind_data = {"sid": sid, "client_secret": client_secret, "mxid": mxid}
         if use_v2:
             bind_url = "https://%s/_matrix/identity/v2/3pid/bind" % (id_server_host,)
-            bind_data["id_access_token"] = id_access_token
+            headers["Authorization"] = self.create_id_access_token_header(
+                id_access_token
+            )
         else:
             bind_url = "https://%s/_matrix/identity/api/v1/3pid/bind" % (id_server_host,)
 
         try:
-            data = yield self.http_client.post_json_get_json(bind_url, bind_data)
+            data = yield self.http_client.post_json_get_json(
+                bind_url, bind_data, headers=headers
+            )
             logger.debug("bound threepid %r to %s", creds, mxid)
 
             # Remember where we bound the threepid
diff --git a/tests/handlers/test_federation.py b/tests/handlers/test_federation.py
@@ -50,7 +50,6 @@ def test_exchange_revoked_invite(self):
         )
 
         d = self.handler.on_exchange_third_party_invite_request(
-            origin="example.com",
             room_id=room_id,
             event_dict={
                 "type": EventTypes.Member,
diff --git a/tests/handlers/test_identity.py b/tests/handlers/test_identity.py
@@ -91,6 +91,7 @@ def test_rewritten_id_server(self):
                 "client_secret": creds["client_secret"],
                 "mxid": self.user_id,
             },
+            headers={},
         )
 
         # Check that the original server name is saved in the database instead of the

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+Compatibility with v2 Identity Service APIs other than /lookup.`
Original file line number	Diff line number	Diff line change
`@@ -50,7 +50,6 @@ def test_exchange_revoked_invite(self):`
`50`	`50`	`)`
`51`	`51`
`52`	`52`	`d = self.handler.on_exchange_third_party_invite_request(`
`53`		`- origin="example.com",`
`54`	`53`	`room_id=room_id,`
`55`	`54`	`event_dict={`
`56`	`55`	`"type": EventTypes.Member,`
Original file line number	Diff line number	Diff line change
`@@ -91,6 +91,7 @@ def test_rewritten_id_server(self):`
`91`	`91`	`"client_secret": creds["client_secret"],`
`92`	`92`	`"mxid": self.user_id,`
`93`	`93`	`},`
	`94`	`+ headers={},`
`94`	`95`	`)`
`95`	`96`
`96`	`97`	`# Check that the original server name is saved in the database instead of the`