Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Add documentation to password_providers config option #7238

Merged
merged 4 commits into from
Apr 7, 2020
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions changelog.d/7238.doc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Add documentation to the `password_providers` config option. Add known password provider implementations to docs.
5 changes: 4 additions & 1 deletion docs/password_auth_providers.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,10 @@ into Synapse, and provides a number of methods by which it can integrate
with the authentication system.

This document serves as a reference for those looking to implement their
own password auth providers.
own password auth providers. Additionally, here is a list of known
password auth provider module implementations:

* [matrix-synapse-ldap3](https://github.com/matrix-org/matrix-synapse-ldap3/)

## Required methods

Expand Down
14 changes: 13 additions & 1 deletion docs/sample_config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1657,7 +1657,19 @@ email:
#template_dir: "res/templates"


#password_providers:
# Password providers allow homeserver administrators to integrate
# their Synapse installation with existing authentication methods
# ex. LDAP, external tokens, etc.
#
# For more information and known implementations, please see
# https://github.com/matrix-org/synapse/blob/master/docs/password_auth_providers.md
#
# Note: instances wishing to use SAML or CAS authentication should
# instead use the `saml2_config` or `cas_config` options,
# respectively.
#
password_providers:
# # Example config for an LDAP auth provider
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this breaks the rule in the docs about a whole dict being commented out:

Where several settings are grouped into a single dict, avoid the convention where the whole block is commented out, resulting in comment lines starting # # ...

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(Granted, this PR doesn't make the situation worse...)

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think by whole block it means the password_providers bit.

An example of a good block:

## Opentracing ##
# These settings enable opentracing, which implements distributed tracing.
# This allows you to observe the causal chains of events across servers
# including requests, key lookups etc., across any server running
# synapse or any other other services which supports opentracing
# (specifically those implemented with Jaeger).
#
opentracing:
# tracing is disabled by default. Uncomment the following line to enable it.
#
#enabled: true
# The list of homeservers we wish to send and receive span contexts and span baggage.
# See docs/opentracing.rst
# This is a list of regexes which are matched against the server_name of the
# homeserver.
#
# By defult, it is empty, so no servers are matched.
#
#homeserver_whitelist:
# - ".*"
# Jaeger can be configured to sample traces at different rates.
# All configuration options provided by Jaeger can be set here.
# Jaeger's configuration mostly related to trace sampling which
# is documented here:
# https://www.jaegertracing.io/docs/1.13/sampling/.
#
#jaeger_config:
# sampler:
# type: const
# param: 1
# Logging whether spans were started and reported
#
# logging:
# false

# - module: "ldap_auth_provider.LdapAuthProvider"
# config:
# enabled: true
Expand Down
16 changes: 14 additions & 2 deletions synapse/config/password_auth_providers.py
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ def read_config(self, config, **kwargs):
if ldap_config.get("enabled", False):
providers.append({"module": LDAP_PROVIDER, "config": ldap_config})

providers.extend(config.get("password_providers", []))
providers.extend(config.get("password_providers") or [])
for provider in providers:
mod_name = provider["module"]

Expand All @@ -52,7 +52,19 @@ def read_config(self, config, **kwargs):

def generate_config_section(self, **kwargs):
return """\
#password_providers:
# Password providers allow homeserver administrators to integrate
# their Synapse installation with existing authentication methods
# ex. LDAP, external tokens, etc.
#
# For more information and known implementations, please see
# https://github.com/matrix-org/synapse/blob/master/docs/password_auth_providers.md
#
# Note: instances wishing to use SAML or CAS authentication should
# instead use the `saml2_config` or `cas_config` options,
# respectively.
#
password_providers:
# # Example config for an LDAP auth provider
# - module: "ldap_auth_provider.LdapAuthProvider"
# config:
# enabled: true
Expand Down