From 590fbbef03c21308c8ff038541b7ef6d33f9c5fa Mon Sep 17 00:00:00 2001 From: Erik Johnston Date: Mon, 14 Mar 2016 15:50:40 +0000 Subject: [PATCH] Add config to create guest account on 3pid invite Currently, when a 3pid invite request is sent to an identity server, it includes a provisioned guest access token. This allows the link in the, say, invite email to include the guest access token ensuring that the same account is used each time the link is clicked. This flow has a number of flaws, including when using different servers or servers that have guest access disabled. For now, we keep this implementation but hide it behind a config option until a better flow is implemented. --- synapse/config/registration.py | 4 +++ synapse/handlers/room.py | 57 +++++++++++++++++++--------------- 2 files changed, 36 insertions(+), 25 deletions(-) diff --git a/synapse/config/registration.py b/synapse/config/registration.py index ab062d528c..87e500c97a 100644 --- a/synapse/config/registration.py +++ b/synapse/config/registration.py @@ -37,6 +37,10 @@ class RegistrationConfig(Config): self.trusted_third_party_id_servers = config["trusted_third_party_id_servers"] self.allow_guest_access = config.get("allow_guest_access", False) + self.invite_3pid_guest = ( + self.allow_guest_access and config.get("invite_3pid_guest", False) + ) + def default_config(self, **kwargs): registration_shared_secret = random_string_with_symbols(50) diff --git a/synapse/handlers/room.py b/synapse/handlers/room.py index 57113ae4a5..051468989f 100644 --- a/synapse/handlers/room.py +++ b/synapse/handlers/room.py @@ -877,36 +877,43 @@ class RoomMemberHandler(BaseHandler): user. """ - registration_handler = self.hs.get_handlers().registration_handler - guest_access_token = yield registration_handler.guest_access_token_for( - medium=medium, - address=address, - inviter_user_id=inviter_user_id, - ) - - guest_user_info = yield self.hs.get_auth().get_user_by_access_token( - guest_access_token - ) - is_url = "%s%s/_matrix/identity/api/v1/store-invite" % ( id_server_scheme, id_server, ) + + invite_config = { + "medium": medium, + "address": address, + "room_id": room_id, + "room_alias": room_alias, + "room_avatar_url": room_avatar_url, + "room_join_rules": room_join_rules, + "room_name": room_name, + "sender": inviter_user_id, + "sender_display_name": inviter_display_name, + "sender_avatar_url": inviter_avatar_url, + } + + if self.hs.config.invite_3pid_guest: + registration_handler = self.hs.get_handlers().registration_handler + guest_access_token = yield registration_handler.guest_access_token_for( + medium=medium, + address=address, + inviter_user_id=inviter_user_id, + ) + + guest_user_info = yield self.hs.get_auth().get_user_by_access_token( + guest_access_token + ) + + invite_config.update({ + "guest_access_token": guest_access_token, + "guest_user_id": guest_user_info["user"].to_string(), + }) + data = yield self.hs.get_simple_http_client().post_urlencoded_get_json( is_url, - { - "medium": medium, - "address": address, - "room_id": room_id, - "room_alias": room_alias, - "room_avatar_url": room_avatar_url, - "room_join_rules": room_join_rules, - "room_name": room_name, - "sender": inviter_user_id, - "sender_display_name": inviter_display_name, - "sender_avatar_url": inviter_avatar_url, - "guest_user_id": guest_user_info["user"].to_string(), - "guest_access_token": guest_access_token, - } + invite_config ) # TODO: Check for success token = data["token"]