Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Merge remote-tracking branch 'origin/develop' into rav/saml_mapping_work
Browse files Browse the repository at this point in the history
  • Loading branch information
richvdh committed Sep 24, 2019
2 parents ed8b92f + 566ac40 commit 9b7c4f4
Show file tree
Hide file tree
Showing 7 changed files with 75 additions and 8 deletions.
1 change: 1 addition & 0 deletions changelog.d/6069.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Fix a bug which caused SAML attribute maps to be overridden by defaults.
1 change: 1 addition & 0 deletions changelog.d/6097.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Add sid to next_link for email validation.
1 change: 1 addition & 0 deletions changelog.d/6099.misc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Remove unused parameter to get_user_id_by_threepid.
48 changes: 42 additions & 6 deletions synapse/config/saml2_config.py
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
# -*- coding: utf-8 -*-
# Copyright 2018 New Vector Ltd
# Copyright 2019 The Matrix.org Foundation C.I.C.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
Expand All @@ -12,17 +13,47 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

import re

from synapse.python_dependencies import DependencyException, check_requirements
from synapse.types import (
map_username_to_mxid_localpart,
mxid_localpart_allowed_characters,
)
from synapse.util.module_loader import load_python_module

from ._base import Config, ConfigError


def _dict_merge(merge_dict, into_dict):
"""Do a deep merge of two dicts
Recursively merges `merge_dict` into `into_dict`:
* For keys where both `merge_dict` and `into_dict` have a dict value, the values
are recursively merged
* For all other keys, the values in `into_dict` (if any) are overwritten with
the value from `merge_dict`.
Args:
merge_dict (dict): dict to merge
into_dict (dict): target dict
"""
for k, v in merge_dict.items():
if k not in into_dict:
into_dict[k] = v
continue

current_val = into_dict[k]

if isinstance(v, dict) and isinstance(current_val, dict):
_dict_merge(v, current_val)
continue

# otherwise we just overwrite
into_dict[k] = v


class SAML2Config(Config):
def read_config(self, config, **kwargs):
self.saml2_enabled = False
Expand Down Expand Up @@ -50,15 +81,20 @@ def read_config(self, config, **kwargs):
"grandfathered_mxid_source_attribute", "uid"
)

import saml2.config

self.saml2_sp_config = saml2.config.SPConfig()
self.saml2_sp_config.load(self._default_saml_config_dict())
self.saml2_sp_config.load(saml2_config.get("sp_config", {}))
saml2_config_dict = self._default_saml_config_dict()
_dict_merge(
merge_dict=saml2_config.get("sp_config", {}), into_dict=saml2_config_dict
)

config_path = saml2_config.get("config_path", None)
if config_path is not None:
self.saml2_sp_config.load_file(config_path)
mod = load_python_module(config_path)
_dict_merge(merge_dict=mod.CONFIG, into_dict=saml2_config_dict)

import saml2.config

self.saml2_sp_config = saml2.config.SPConfig()
self.saml2_sp_config.load(saml2_config_dict)

# session lifetime: in milliseconds
self.saml2_session_lifetime = self.parse_duration(
Expand Down
10 changes: 10 additions & 0 deletions synapse/handlers/identity.py
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@
"""Utilities for interacting with Identity Servers"""

import logging
import urllib

from canonicaljson import json

Expand Down Expand Up @@ -328,6 +329,15 @@ def send_threepid_validation(
# Generate a session id
session_id = random_string(16)

if next_link:
# Manipulate the next_link to add the sid, because the caller won't get
# it until we send a response, by which time we've sent the mail.
if "?" in next_link:
next_link += "&"
else:
next_link += "?"
next_link += "sid=" + urllib.parse.quote(session_id)

# Generate a new validation token
token = random_string(32)

Expand Down
2 changes: 1 addition & 1 deletion synapse/storage/registration.py
Original file line number Diff line number Diff line change
Expand Up @@ -516,7 +516,7 @@ def _find_next_generated_user_id(txn):
)

@defer.inlineCallbacks
def get_user_id_by_threepid(self, medium, address, require_verified=False):
def get_user_id_by_threepid(self, medium, address):
"""Returns user id from threepid
Args:
Expand Down
20 changes: 19 additions & 1 deletion synapse/util/module_loader.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,12 +14,13 @@
# limitations under the License.

import importlib
import importlib.util

from synapse.config._base import ConfigError


def load_module(provider):
""" Loads a module with its config
""" Loads a synapse module with its config
Take a dict with keys 'module' (the module name) and 'config'
(the config dict).
Expand All @@ -38,3 +39,20 @@ def load_module(provider):
raise ConfigError("Failed to parse config for %r: %r" % (provider["module"], e))

return provider_class, provider_config


def load_python_module(location: str):
"""Load a python module, and return a reference to its global namespace
Args:
location (str): path to the module
Returns:
python module object
"""
spec = importlib.util.spec_from_file_location(location, location)
if spec is None:
raise Exception("Unable to load module at %s" % (location,))
mod = importlib.util.module_from_spec(spec)
spec.loader.exec_module(mod)
return mod

0 comments on commit 9b7c4f4

Please sign in to comment.