Skip to content
This repository has been archived by the owner on Apr 26, 2024. It is now read-only.

Commit

Permalink
Expose MSC3882 only be under an unstable endpoint. (#13868)
Browse files Browse the repository at this point in the history
  • Loading branch information
hughns authored Sep 29, 2022
1 parent 5680169 commit e5fdf16
Show file tree
Hide file tree
Showing 3 changed files with 13 additions and 8 deletions.
1 change: 1 addition & 0 deletions changelog.d/13868.misc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Fix unstable MSC3882 endpoint being incorrectly available on stable API versions.
4 changes: 3 additions & 1 deletion synapse/rest/client/login_token_request.py
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,9 @@ class LoginTokenRequestServlet(RestServlet):
}
"""

PATTERNS = client_patterns("/login/token$")
PATTERNS = client_patterns(
"/org.matrix.msc3882/login/token$", releases=[], v1=False, unstable=True
)

def __init__(self, hs: "HomeServer"):
super().__init__()
Expand Down
16 changes: 9 additions & 7 deletions tests/rest/client/test_login_token_request.py
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,8 @@
from tests import unittest
from tests.unittest import override_config

endpoint = "/_matrix/client/unstable/org.matrix.msc3882/login/token"


class LoginTokenRequestServletTestCase(unittest.HomeserverTestCase):

Expand All @@ -45,26 +47,26 @@ def prepare(self, reactor: MemoryReactor, clock: Clock, hs: HomeServer) -> None:
self.password = "password"

def test_disabled(self) -> None:
channel = self.make_request("POST", "/login/token", {}, access_token=None)
channel = self.make_request("POST", endpoint, {}, access_token=None)
self.assertEqual(channel.code, 400)

self.register_user(self.user, self.password)
token = self.login(self.user, self.password)

channel = self.make_request("POST", "/login/token", {}, access_token=token)
channel = self.make_request("POST", endpoint, {}, access_token=token)
self.assertEqual(channel.code, 400)

@override_config({"experimental_features": {"msc3882_enabled": True}})
def test_require_auth(self) -> None:
channel = self.make_request("POST", "/login/token", {}, access_token=None)
channel = self.make_request("POST", endpoint, {}, access_token=None)
self.assertEqual(channel.code, 401)

@override_config({"experimental_features": {"msc3882_enabled": True}})
def test_uia_on(self) -> None:
user_id = self.register_user(self.user, self.password)
token = self.login(self.user, self.password)

channel = self.make_request("POST", "/login/token", {}, access_token=token)
channel = self.make_request("POST", endpoint, {}, access_token=token)
self.assertEqual(channel.code, 401)
self.assertIn({"stages": ["m.login.password"]}, channel.json_body["flows"])

Expand All @@ -79,7 +81,7 @@ def test_uia_on(self) -> None:
},
}

channel = self.make_request("POST", "/login/token", uia, access_token=token)
channel = self.make_request("POST", endpoint, uia, access_token=token)
self.assertEqual(channel.code, 200)
self.assertEqual(channel.json_body["expires_in"], 300)

Expand All @@ -100,7 +102,7 @@ def test_uia_off(self) -> None:
user_id = self.register_user(self.user, self.password)
token = self.login(self.user, self.password)

channel = self.make_request("POST", "/login/token", {}, access_token=token)
channel = self.make_request("POST", endpoint, {}, access_token=token)
self.assertEqual(channel.code, 200)
self.assertEqual(channel.json_body["expires_in"], 300)

Expand All @@ -127,6 +129,6 @@ def test_expires_in(self) -> None:
self.register_user(self.user, self.password)
token = self.login(self.user, self.password)

channel = self.make_request("POST", "/login/token", {}, access_token=token)
channel = self.make_request("POST", endpoint, {}, access_token=token)
self.assertEqual(channel.code, 200)
self.assertEqual(channel.json_body["expires_in"], 15)

0 comments on commit e5fdf16

Please sign in to comment.