Skip to content

Commit

Permalink
Advertise the token login type when OpenID Connect is enabled. (matri…
Browse files Browse the repository at this point in the history
  • Loading branch information
clokep authored and phil-flex committed Jun 16, 2020
1 parent 14c0001 commit 71f939f
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 8 deletions.
1 change: 1 addition & 0 deletions changelog.d/7631.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Advertise the `m.login.token` login flow when OpenID Connect is enabled.
11 changes: 3 additions & 8 deletions synapse/rest/client/v1/login.py
Original file line number Diff line number Diff line change
Expand Up @@ -99,25 +99,20 @@ def on_GET(self, request):
flows.append({"type": LoginRestServlet.JWT_TYPE})

if self.cas_enabled:
flows.append({"type": LoginRestServlet.SSO_TYPE})

# we advertise CAS for backwards compat, though MSC1721 renamed it
# to SSO.
flows.append({"type": LoginRestServlet.CAS_TYPE})

if self.cas_enabled or self.saml2_enabled or self.oidc_enabled:
flows.append({"type": LoginRestServlet.SSO_TYPE})
# While its valid for us to advertise this login type generally,
# synapse currently only gives out these tokens as part of the
# CAS login flow.
# SSO login flow.
# Generally we don't want to advertise login flows that clients
# don't know how to implement, since they (currently) will always
# fall back to the fallback API if they don't understand one of the
# login flow types returned.
flows.append({"type": LoginRestServlet.TOKEN_TYPE})
elif self.saml2_enabled:
flows.append({"type": LoginRestServlet.SSO_TYPE})
flows.append({"type": LoginRestServlet.TOKEN_TYPE})
elif self.oidc_enabled:
flows.append({"type": LoginRestServlet.SSO_TYPE})

flows.extend(
({"type": t} for t in self.auth_handler.get_supported_login_types())
Expand Down

0 comments on commit 71f939f

Please sign in to comment.